last executing test programs:

2m1.439972132s ago: executing program 1 (id=190):
mkdirat$binderfs(0xffffffffffffff9c, &(0x7f00000019c0)='./binderfs2\x00', 0x1ff)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = openat$full(0xffffffffffffff9c, &(0x7f00000001c0), 0x200000, 0x0)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000500)={0x0, r1})
openat(r1, &(0x7f0000000000)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, 0x40)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000580)={0x3, &(0x7f0000000680)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}, {0x2c, 0x2, 0x1, 0x3}, {0x6, 0xd5, 0x9, 0x5}]})
mount$binderfs(0x0, &(0x7f0000001dc0)='./binderfs2\x00', &(0x7f0000001e00), 0x0, &(0x7f0000001e40)={[{@stats}]})
openat$binderfs(0xffffffffffffff9c, &(0x7f0000002500)='./binderfs2/binder0\x00', 0x0, 0x0)

2m1.429204092s ago: executing program 1 (id=191):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000200)={0x73622a85, 0x1081, 0x200000000000})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000240)={0x4, 0x0, &(0x7f00000001c0)=[@enter_looper], 0x394, 0x0, &(0x7f0000000580)="de547e22bade76f1a03b79e954ee20bc43f7fe47218a02ff8ba942478a7b69462fc21aff55002ce55e854564e7d309f20d222f9220c8d9b1b0d196137252587ab17948adf2dcbba03d2f3e0e647c2e70b7a440b4187098442946238cdd38a235b264899fa2f8b51f8a660653545ab78b6a47b6462efaa8192061344501fb8d96f8de3b132ee012626f94be7b4a9e572a43167614409ee4aa2a40d2feb04bb54137ca025e367e2eee1e8b4f78b741aac17c55ab77d0fd2b7318207e91fd536b9fb7c994a9ad0769020b45bc05965f6dffb15fd462bb2e49632c788cfeb74472be3d9eaf3284719df7187a354b3915df2661363052a24baf8cc101728d302f75878515b436d1fbdb3fc5fc88e8745c56b1bd79dc2cc7e7b5be814275a3edfc67e923d199c97fd6a8b2d11d2923b688471fe8c1e771545d17bad44fc5f7a91cf43ba91b4627c9554a333b6e8ee1c457b54c30bccbbabdfed6158fed6e548cd54ad7409e0a03fb2f685f8987e98ee687a09a730c2a757d3b1595a1146d57230e178284ef3fed5553bbd1e82bd418a13c03f944421d013d96182302122d01c432e24c43a9dff19658a3680167297367a1ee7f70e0968ce28ca2bc8b8525c41f8d4f9cdcaaa25b2d0fea854626eba2e86ecb31e9be7b8e704287fe45ad3f169d7f67e798b0de3bf70f485f81ba5e9aef1ec5782c4c609ffdc93a3bdfeeb7e7cd05ea7023895be4a3f78f188fdbd83ded6dcdf1d429c12b1b250284110295e3515bfb117119839f13057ea2366d3c4b75b28f60afe17b195d04ff58dd2f3382bb57152f2928f9a91bbcc42057777ba13becb4552419caa2ffc325219a6995f5d1e9a193a1aede859834ef765009d6c242ad918ecf3fe62c8dfe2ff309cbce740950cdd05c8e0b7f75aa21731be678552b2d0024a4b3815fb52f056ba37f3f466afab6b5728def0fdef93655524121927df3a39af0845df7612e9ccdae25f406ac0ad7a0e4f980398597ab2c2291d87a1ed618b9e392f1d055d5290be67b6cec9e7505c41025d2aa6e82a4f693042989b5f4a9abfe0ec51fd9dcb972a054b80ee6a460fd422eaa971e2cb759c72e676e2877c667c6ce002be1ce6ba8380e6dd691590c84ba68d26f3284280dcacd082b42bf5aac71467b3fcd5d68ab1bc26cf48fe770ccff5f14ff8afafb18d3127a6d989b7d77665a7a9bf4cb488621c904acd0b073396ad8509c9ddb02eb1d23510a52289a5f0d7edba66d4ef271b9c6acc3bfa996b55f6808650236b0001132ef85fc5070b69144ff5f"})
r1 = mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f00000005c0)={0x2020}, 0x2020)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000300)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000640)={0x20, 0x0, &(0x7f0000000280)=[@request_death={0x400c630e, 0x0, 0xfc}, @clear_death], 0x0, 0x0, 0x0})
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x48280, 0x104)
ioctl$BINDER_THREAD_EXIT(r3, 0x40046208, 0x0)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f00000003c0)={0xc, 0x0, &(0x7f0000000200)=[@acquire, @enter_looper], 0x53, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000480)={0x20, 0x0, &(0x7f0000000000)=[@request_death, @clear_death], 0x0, 0x0, 0x0})
r5 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$PTP_EXTTS_REQUEST2(r5, 0xc0603d06, 0xfffffffffffffffe)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000100)={0x44, 0x0, &(0x7f0000000500)=[@reply={0x40406301, {0x1, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x60, 0x18, &(0x7f0000000040)={@fda={0x66646185, 0x9, 0x0, 0x21}, @flat=@binder={0x73622a85, 0x1000, 0x2}, @ptr={0x70742a85, 0x0, &(0x7f0000002600)=""/135, 0x87, 0x6, 0x23}}, &(0x7f00000002c0)={0x0, 0x20, 0x38}}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000004c0)={0x24, 0x0, &(0x7f0000000dc0)=[@free_buffer={0x40086303, r1}, @dead_binder_done, @dead_binder_done], 0x0, 0x0, 0x0})

2m0.587338685s ago: executing program 1 (id=203):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder1\x00', 0x2, 0x0) (async)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) (async, rerun: 64)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x301041, 0x0) (rerun: 64)
ioctl$KVM_SET_CPUID2(r3, 0x4008ae90, &(0x7f00000013c0)={0x1, 0x0, [{0x7, 0xdb9, 0x1, 0x6, 0x3, 0xb5, 0x6}]}) (async)
ioctl$BINDER_SET_MAX_THREADS(r0, 0x40046205, &(0x7f0000000040)=0xfffffff7) (async, rerun: 64)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0xc, 0x0, &(0x7f00000000c0)=[@increfs={0x40046304, 0x1}, @exit_looper], 0x4, 0x0, &(0x7f0000000080)="5e0f626a"}) (rerun: 64)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000001d00)={0x0, 0x0, 0x0, 0x4, 0x0, &(0x7f0000000d00)="f249c144"})

2m0.467031667s ago: executing program 1 (id=204):
mount$binderfs(0x0, &(0x7f0000000080)='./binderfs\x00', 0x0, 0x2010860, &(0x7f0000000200)=ANY=[@ANYBLOB="636f6e746578743d7379737465225f75dd47d0b90b893a03ffdf"])
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x1c1900, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a44, 0x1700)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='memory.events\x00', 0x7a05, 0x1700)
ioctl$FS_IOC_RESVSP(r1, 0x40305829, &(0x7f0000000300)={0x0, 0x0, 0x0, 0xf001})
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r4, 0xc008ae88, &(0x7f0000000080)=ANY=[@ANYBLOB="01000000000000007105"])
mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x1, 0x11, r0, 0x5661d000)

2m0.440921118s ago: executing program 1 (id=205):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x51)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000080)={0x8})
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0)
r1 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$ASHMEM_SET_SIZE(r1, 0x40087703, 0x10000003) (async)
ioctl$ASHMEM_SET_SIZE(r1, 0x40087703, 0x10000003)
ioctl$ASHMEM_SET_NAME(r1, 0x41007701, &(0x7f0000000040)='/dev/ashmem\x00')
r2 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x109000, 0x0)
ioctl$KVM_CAP_SYNC_REGS(r2, 0x4068aea3, 0x0)
write$cgroup_subtree(r2, &(0x7f00000000c0)=ANY=[@ANYBLOB="2b63707561636374202d6d656d6f7279202b70556473f2dd2066cb20"], 0x17)
mmap(&(0x7f0000fec000/0x4000)=nil, 0x4000, 0x0, 0x20010, r1, 0x0)
mmap(&(0x7f0000fee000/0xf000)=nil, 0xf000, 0x3000006, 0x11, r1, 0x0) (async)
mmap(&(0x7f0000fee000/0xf000)=nil, 0xf000, 0x3000006, 0x11, r1, 0x0)

2m0.431317858s ago: executing program 1 (id=206):
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x4052, 0xffffffffffffffff, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/bus/input/devices\x00', 0x0, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000080)={'syz1\x00', {0x1, 0x2, 0x9, 0x2}, 0x1b, [0x3, 0x5, 0xfffffff7, 0x6, 0x0, 0x7, 0x4, 0x12, 0x5, 0x8, 0x6, 0x333, 0x7, 0x5, 0x9, 0x6, 0x6, 0x7, 0x9, 0xd, 0x7, 0x4, 0x6000000, 0xfffffff8, 0xc0a7, 0x946, 0xfd, 0x3, 0x1, 0x4, 0x2, 0x6, 0x3ff, 0x3, 0x800, 0x5, 0x8, 0x9, 0x4, 0x6, 0x703b15cb, 0xd921, 0x8, 0xd2, 0xf, 0x1, 0x4, 0x6, 0x1, 0x9, 0x400, 0xff, 0x9, 0x1, 0x2b, 0x7fff, 0x9, 0x4, 0x7, 0x9, 0xffff, 0x7ff, 0xd, 0x2], [0x7, 0x0, 0xfffffffa, 0x3, 0x81, 0x1ff80000, 0x6, 0x5, 0x80000001, 0x5, 0x2, 0x7, 0xffffffff, 0x1, 0x5, 0x4, 0x2, 0xa, 0x9, 0x10000, 0x2, 0x3ff, 0xc916, 0x800, 0x9, 0x4, 0x1, 0x6, 0x10, 0x7f, 0x5, 0x1, 0x8c, 0x5, 0x7fffffff, 0x100, 0x3, 0x984, 0xffffffff, 0x7, 0x6, 0x3, 0x2, 0x3, 0x94, 0x3, 0x10000, 0x0, 0x3, 0x1, 0x8000, 0x5, 0x8716, 0x8, 0x3, 0xfffffdd4, 0x3, 0x8, 0x8, 0x9, 0x1, 0x2, 0x8, 0x6], [0x3, 0x8, 0xa3, 0x17c0, 0x24c4, 0x4, 0x1, 0xffffc8cd, 0x3, 0x16a0, 0x5, 0x8, 0x1, 0x4, 0x7, 0xffff, 0x80000001, 0x405c6633, 0x5, 0x4, 0x0, 0x40000000, 0x0, 0x3, 0x7, 0x8ae, 0x80000000, 0x10000, 0x3, 0x4, 0x7, 0x6, 0x5cf, 0x2000000, 0x3, 0x2, 0x80000000, 0x4, 0xc, 0x8, 0x6, 0x5, 0xf0, 0x6, 0x3, 0x0, 0x8, 0x5, 0x5, 0xb1, 0x10, 0x3, 0x10, 0x40, 0x7fffffff, 0x80, 0x1000, 0x81, 0x4444, 0x2, 0x6, 0x9, 0x2], [0x9, 0x7, 0xfb0d, 0x9, 0x8, 0x6, 0x80, 0x876, 0x81, 0x3, 0xc, 0x80000001, 0x9, 0x9, 0x8, 0xa, 0x80000000, 0x6, 0x4, 0x2, 0x9, 0x1, 0x1, 0xa, 0x7fffffff, 0x1, 0x9, 0x5, 0x7ff, 0x0, 0x7, 0x5, 0x40, 0x9, 0x1, 0x6, 0x52b254d7, 0x7, 0x80000000, 0x101, 0x4, 0x7, 0x401, 0x9, 0x9, 0x0, 0x5, 0x7, 0x1, 0x2, 0x14, 0xb, 0x72e1b3e8, 0x8, 0x8, 0x9, 0x81, 0x6, 0x5, 0xfffff801, 0x4, 0xa, 0x0, 0x7]}, 0x45c)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000002000/0xc00000)=nil, 0xc00000, &(0x7f0000000000)='\xe5\x00')

1m45.360520711s ago: executing program 32 (id=206):
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x4052, 0xffffffffffffffff, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/bus/input/devices\x00', 0x0, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000080)={'syz1\x00', {0x1, 0x2, 0x9, 0x2}, 0x1b, [0x3, 0x5, 0xfffffff7, 0x6, 0x0, 0x7, 0x4, 0x12, 0x5, 0x8, 0x6, 0x333, 0x7, 0x5, 0x9, 0x6, 0x6, 0x7, 0x9, 0xd, 0x7, 0x4, 0x6000000, 0xfffffff8, 0xc0a7, 0x946, 0xfd, 0x3, 0x1, 0x4, 0x2, 0x6, 0x3ff, 0x3, 0x800, 0x5, 0x8, 0x9, 0x4, 0x6, 0x703b15cb, 0xd921, 0x8, 0xd2, 0xf, 0x1, 0x4, 0x6, 0x1, 0x9, 0x400, 0xff, 0x9, 0x1, 0x2b, 0x7fff, 0x9, 0x4, 0x7, 0x9, 0xffff, 0x7ff, 0xd, 0x2], [0x7, 0x0, 0xfffffffa, 0x3, 0x81, 0x1ff80000, 0x6, 0x5, 0x80000001, 0x5, 0x2, 0x7, 0xffffffff, 0x1, 0x5, 0x4, 0x2, 0xa, 0x9, 0x10000, 0x2, 0x3ff, 0xc916, 0x800, 0x9, 0x4, 0x1, 0x6, 0x10, 0x7f, 0x5, 0x1, 0x8c, 0x5, 0x7fffffff, 0x100, 0x3, 0x984, 0xffffffff, 0x7, 0x6, 0x3, 0x2, 0x3, 0x94, 0x3, 0x10000, 0x0, 0x3, 0x1, 0x8000, 0x5, 0x8716, 0x8, 0x3, 0xfffffdd4, 0x3, 0x8, 0x8, 0x9, 0x1, 0x2, 0x8, 0x6], [0x3, 0x8, 0xa3, 0x17c0, 0x24c4, 0x4, 0x1, 0xffffc8cd, 0x3, 0x16a0, 0x5, 0x8, 0x1, 0x4, 0x7, 0xffff, 0x80000001, 0x405c6633, 0x5, 0x4, 0x0, 0x40000000, 0x0, 0x3, 0x7, 0x8ae, 0x80000000, 0x10000, 0x3, 0x4, 0x7, 0x6, 0x5cf, 0x2000000, 0x3, 0x2, 0x80000000, 0x4, 0xc, 0x8, 0x6, 0x5, 0xf0, 0x6, 0x3, 0x0, 0x8, 0x5, 0x5, 0xb1, 0x10, 0x3, 0x10, 0x40, 0x7fffffff, 0x80, 0x1000, 0x81, 0x4444, 0x2, 0x6, 0x9, 0x2], [0x9, 0x7, 0xfb0d, 0x9, 0x8, 0x6, 0x80, 0x876, 0x81, 0x3, 0xc, 0x80000001, 0x9, 0x9, 0x8, 0xa, 0x80000000, 0x6, 0x4, 0x2, 0x9, 0x1, 0x1, 0xa, 0x7fffffff, 0x1, 0x9, 0x5, 0x7ff, 0x0, 0x7, 0x5, 0x40, 0x9, 0x1, 0x6, 0x52b254d7, 0x7, 0x80000000, 0x101, 0x4, 0x7, 0x401, 0x9, 0x9, 0x0, 0x5, 0x7, 0x1, 0x2, 0x14, 0xb, 0x72e1b3e8, 0x8, 0x8, 0x9, 0x81, 0x6, 0x5, 0xfffff801, 0x4, 0xa, 0x0, 0x7]}, 0x45c)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000002000/0xc00000)=nil, 0xc00000, &(0x7f0000000000)='\xe5\x00')

1m3.696592585s ago: executing program 4 (id=1339):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r0, 0x4010ae68, &(0x7f0000000000)={0x3000, 0x1000}) (async, rerun: 32)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000040)={0x10002, 0x1, 0x5000, 0x1000, &(0x7f0000ffc000/0x1000)=nil}) (async, rerun: 32)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r0, 0x4010ae68, &(0x7f0000000080)={0x0, 0x1d000, 0x1}) (async)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0) (async)
ioctl$KVM_GET_ONE_REG(r1, 0x4010aeab, &(0x7f0000000100)=@arm64_fp={0x60400000001000c8, &(0x7f00000000c0)=0x6})
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r0, 0x4010ae68, &(0x7f0000000140)={0x1, 0x10000, 0x1}) (async)
ioctl$KVM_CAP_EXIT_ON_EMULATION_FAILURE(r0, 0x4068aea3, &(0x7f0000000180)) (async, rerun: 32)
ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f0000000200)={[0x2, 0x1, 0xbd1, 0x6, 0x7fffffff, 0x7, 0x7f, 0x2, 0xff, 0xa, 0x3ff, 0x5, 0x7, 0x8, 0x5, 0xc], 0x1000, 0x84042}) (async, rerun: 32)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r0, 0x4010ae68, &(0x7f00000002c0)={0x4, 0x1000, 0x1}) (async)
ioctl$BTRFS_IOC_SEND(r0, 0x40489426, &(0x7f0000000340)={{r0}, 0x7, &(0x7f0000000300)=[0x8, 0x3ff, 0xfffffffffffffffd, 0x7, 0xf, 0xcb86, 0x7fff], 0xa16b, 0x9, 0x1})
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f00000003c0)={0x10002, 0x0, 0x4000, 0x1000, &(0x7f0000ffc000/0x1000)=nil}) (async)
ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f0000000400)={[0x5, 0x2, 0xa, 0x40, 0x55, 0x6, 0x5, 0xffffffffffff4dc6, 0x100000001, 0x401, 0x9, 0x666f, 0x7, 0x8000, 0x7, 0x9], 0xdddd1000, 0x380402}) (async, rerun: 64)
ioctl$KVM_SET_LAPIC(r1, 0x4400ae8f, &(0x7f00000004c0)={"f5271f874f4c06b0f536298f35ebf91b0b216956a863daf852e5200c32359ce5e61f939b4abf6a07bda781794620353016b31697d9c20598c3d0922aca2a69c89abdd90635dcacbb6da9196f6c26cd4d40c0dc91160750239fd37409d7fab3fa7543943917f4bf29c5007d6c2f92f7c964f2b7ad4a03877d0dfda6c45832939575127dae3aa2774837d7ed0012bd783e9cea6f1824f0ed18d0a977bbfececa710e6cde745e58e7766889afae1c026b4ecc1b626ec5c3826b88c55b6c8068256658f5aa39294d015903238804490020218876365a507f97ff00a35d39ad64746a09678f717c4178deb440a7b8d0f3591bfc872e365db51c954bda01fd7a60ecdc444fcb0f92433d70620aba8534236ef64daab92aa6e2b77e2d6bbb4785771c7b76740b32fc459d08a279bee10dbd198f8adef0f5594b362f6cc6692c93514089d6c6511245992cbddd47e49a0d58d66c84b80096307a22dc6626b366baa1b27e5bcdb710d6cfd32d52156686c1ed738e1cd189e405661f84bdeb5885c759195bc628b59c395e9e3e58881f2d54936b3b80388469858def8d2e50d5b8724de1713ba657205cb9bcdb92130e3f1e2702f4356ecc536a9cec0f911e986cfd1379531678f8668507feac451dca1c9ecbe8236ea849edec6b42d49ed4aa425913c388d1ca93c55c730ed07787b7c9a951ee6343c9e4fb7cc789aaacfca6a792d218b2c88854f808792492f69552045612973249e298a1dd131bfaef79558216ce37b0340b5d899225a60fb6c2aacbb88b2930842632f6b5f55cde194a444e43d3eeff56aff82513fc0d783cc9bebae65c13dd8e61da3af8d0bb6a6024adbce2f7c4cc94a3404fe3362a171390b6e951b4bdbda0c4246074b1c82612722198bc5ed35aaeb06cd4a3706edd2c3e649ea5fd89300edcc08e5f3ef6610eebb2e958be5b06f8593fb94531495d3648bf41de3f9b223118376d27acdc5bae061ce53ad2227837caa8e44729c5b20f0f8bc8fff4dcde45ce2643690c850baaebe2224e32615d35eb56838f63b379ab8bd4bc00d152607241e3b8b54a8bdf7aef42b69874c3fccf213d4354643ef2345caac3aafe21e4ce2bf719bb8be5ac575102d26d7b78ef28f41bc1efde6c1f1e787d9f8336efc0266a66ae082925a6b313fc582f2df532981497ae372ed3111ec00314429cefea8685e555da2f9258533dc6381bd238572d5a706d7e35401e751ba9e1e050ee12774dcee6329ab45882ced73b616e2f3331abf620a511ba6a9fd0542e56d6ed5e389ea6c520daa0dba3956bf8efe6865ff65fee05278bfcd3a9f386c0422e2adfbef9f06f33670daf84eaaf7ae391bdf6efe8280e3cfbd92e71158cded3ad613f49c1afad4b67ae839d68955321184fa206fb6a5fa1084bde94ca1937b5b96de196ba54db117ff1e2ca8044470ae1438e"}) (async, rerun: 64)
ioctl$KVM_SET_VAPIC_ADDR(r1, 0x4008ae93, &(0x7f00000008c0)=0x8080000)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r0, 0x4010ae68, &(0x7f0000000900)={0x8000000, 0x8000, 0x1}) (async)
ioctl$F2FS_IOC_PRECACHE_EXTENTS(r0, 0xf50f, 0x0)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r0, 0x4010ae68, &(0x7f0000000940)={0xf000, 0x108000})
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000980)={0x1, 0x0, [{0x368, 0x0, 0xb}]})
ioctl$KVM_RUN(r1, 0xae80, 0x0) (async)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r0, 0x4010ae68, &(0x7f00000009c0)={0xdddd4000, 0x0, 0x1}) (async)
ioctl$KVM_GET_EMULATED_CPUID(r0, 0xc008ae09, &(0x7f0000000a00)=""/175)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000ac0), 0x90000, 0x0)
ioctl$FICLONERANGE(r0, 0x4020940d, &(0x7f0000000b00)={{r2}, 0x7, 0x5, 0x4})
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000b40)={0x1ff, 0x6, 0x100000, 0x1000, &(0x7f0000ffc000/0x1000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
ioctl$KVM_X86_SETUP_MCE(r3, 0x4008ae9c, &(0x7f0000000b80)={0x10, 0x1, 0xfd})
r4 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r4, 0x4010ae68, &(0x7f0000000bc0)={0x3000, 0x4000})

1m3.696184695s ago: executing program 4 (id=1341):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) (async)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000001180)='cpuset.sched_relax_domain_level\x00', 0x2, 0x0)
write$cgroup_int(r1, &(0x7f0000000040)=0x2, 0x12) (async)
write$cgroup_int(r1, &(0x7f0000000040)=0x2, 0x12)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x161100, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
ioctl$KVM_SET_LAPIC(r4, 0x4400ae8f, &(0x7f0000000440)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34cf2645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6424923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff0000f5620000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe656c9c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"}) (async)
ioctl$KVM_SET_LAPIC(r4, 0x4400ae8f, &(0x7f0000000440)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34cf2645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6424923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff0000f5620000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe656c9c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"})
ioctl$KVM_SET_LAPIC(r4, 0x4400ae8f, &(0x7f0000000c40)={"66e4eca4cb78b52038b9849d1a9e18e3cd60d6c0a185c2759c9fcea289b9723696089828e8a4187eae042d35354f3b8d99321f57f2c33007d09be4ee9f82b781a3cd7c0a81458b98019b3bbfa6d1b1058cec720b042c7bbfd0c704f8f498505f81e7bda050fab266fc04b42c700daf8965e191f9b6e956b44e0463ae61077538b26702cafe7b900c8249293ba4a8801828400d98e85b4ef6a5312e83fa912e02752fc0a94ba8e959735e32e18c86e1abbde44fd59f8de871e99856e56db475ea890fd06cb6c725ef9e211327635dab09f36dedd98d3de9bda8bdf3932fa6656b8c70aa48670c114cad49555769741322723dc23bd1a46f4fa916dd9c11f46a7118cb9389c67b8bffa41a7d728c52fc19d01d9f8a1dba26816b27c81ea2b68c3ed449791e3ff803e5ed72fa25f78ab2e559c0dbce322df1010dd26a8ad6a6e249b3708d0af8874c8c2b75c6f44043752c4fead19e5610e283c14fe668f469b0436e7972854cfa82fc6de0af45a1b89bcd43d09f88531e19c8e16b4b6b151e7368ecf54bed441688c2e12ea88780867216376780ed1ee13943a9b9f472e43b8ff0e292bffff3dd5257ab201ece3d00051cbe2da4c5ff51b11629ca6c6b13859a794b2ebc8eee7caf765bb236694875439e86487955d229565f3e505851e11dab15ea0d3ccde519e1f34fbae56a6874be90e2b77af5eb1937cfbeb61dc0b67f3b97ddcc8e43ef9dcd336012bd662aa5f9d54aa26ae3e80a73987c773e23fcaaa66d21efc02872723e7d6ea972e053f38358da275653188fd42eec72b71291ddcd219b94b279c9210f448547fec9dba02e2e9244ecc4c1deb12b1968eaf566243f1a2e50ef9c170b301b3d46ec01060d4d7da44439140a0e701f9b3c8238ff13ee32d6dcf9882d6b9dc8cc0fa080bb51ac0c9b0b4d3eb0741e585ec51c4809370815e3b4710132aa793bdee4799a4495401bb01912678e6087047ccef4c0b2b7ad1bdef6dd78c20eff5bdc2773784531fe7bbe619770beaef606891278d06336d9a8688cfdf96135d456f7a52429341087257d3ee0fb967633bfa261c59ed473aa2ef098a946972bf97b2ca12ed1d70fb7cbb6f72b1b9f8f82e41a0f20aa0ef911b9909ea181a7b499db0fc94d665c2fe63b613da286b95e03c87fc02f30219383154290c287a5ff3f5f5dd0831e3870b85a62e30fbd461246f925cdb3404ddd564596da7647623d1038cedb0c573d8d9c4205648fb7924b22c71d63780d0df45d9196617ac3b2f31b7138a877378d6daa9a379a76269e9a607d289046c5fc0149cedca754cdbd816c60b452c811152d3b8bc44c6d04f4d8af9550daeabfae6b0a03cdf6bbca035ba458a3052113da7a991966490cfcec2bfaf5a6ca6b890007122c2446e11ee3d4e55e867631590aa6df929ddb703889521800"}) (async)
ioctl$KVM_SET_LAPIC(r4, 0x4400ae8f, &(0x7f0000000c40)={"66e4eca4cb78b52038b9849d1a9e18e3cd60d6c0a185c2759c9fcea289b9723696089828e8a4187eae042d35354f3b8d99321f57f2c33007d09be4ee9f82b781a3cd7c0a81458b98019b3bbfa6d1b1058cec720b042c7bbfd0c704f8f498505f81e7bda050fab266fc04b42c700daf8965e191f9b6e956b44e0463ae61077538b26702cafe7b900c8249293ba4a8801828400d98e85b4ef6a5312e83fa912e02752fc0a94ba8e959735e32e18c86e1abbde44fd59f8de871e99856e56db475ea890fd06cb6c725ef9e211327635dab09f36dedd98d3de9bda8bdf3932fa6656b8c70aa48670c114cad49555769741322723dc23bd1a46f4fa916dd9c11f46a7118cb9389c67b8bffa41a7d728c52fc19d01d9f8a1dba26816b27c81ea2b68c3ed449791e3ff803e5ed72fa25f78ab2e559c0dbce322df1010dd26a8ad6a6e249b3708d0af8874c8c2b75c6f44043752c4fead19e5610e283c14fe668f469b0436e7972854cfa82fc6de0af45a1b89bcd43d09f88531e19c8e16b4b6b151e7368ecf54bed441688c2e12ea88780867216376780ed1ee13943a9b9f472e43b8ff0e292bffff3dd5257ab201ece3d00051cbe2da4c5ff51b11629ca6c6b13859a794b2ebc8eee7caf765bb236694875439e86487955d229565f3e505851e11dab15ea0d3ccde519e1f34fbae56a6874be90e2b77af5eb1937cfbeb61dc0b67f3b97ddcc8e43ef9dcd336012bd662aa5f9d54aa26ae3e80a73987c773e23fcaaa66d21efc02872723e7d6ea972e053f38358da275653188fd42eec72b71291ddcd219b94b279c9210f448547fec9dba02e2e9244ecc4c1deb12b1968eaf566243f1a2e50ef9c170b301b3d46ec01060d4d7da44439140a0e701f9b3c8238ff13ee32d6dcf9882d6b9dc8cc0fa080bb51ac0c9b0b4d3eb0741e585ec51c4809370815e3b4710132aa793bdee4799a4495401bb01912678e6087047ccef4c0b2b7ad1bdef6dd78c20eff5bdc2773784531fe7bbe619770beaef606891278d06336d9a8688cfdf96135d456f7a52429341087257d3ee0fb967633bfa261c59ed473aa2ef098a946972bf97b2ca12ed1d70fb7cbb6f72b1b9f8f82e41a0f20aa0ef911b9909ea181a7b499db0fc94d665c2fe63b613da286b95e03c87fc02f30219383154290c287a5ff3f5f5dd0831e3870b85a62e30fbd461246f925cdb3404ddd564596da7647623d1038cedb0c573d8d9c4205648fb7924b22c71d63780d0df45d9196617ac3b2f31b7138a877378d6daa9a379a76269e9a607d289046c5fc0149cedca754cdbd816c60b452c811152d3b8bc44c6d04f4d8af9550daeabfae6b0a03cdf6bbca035ba458a3052113da7a991966490cfcec2bfaf5a6ca6b890007122c2446e11ee3d4e55e867631590aa6df929ddb703889521800"})
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r5, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r5, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000000380)={0x54, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x50, 0x18, &(0x7f00000001c0)={@flat=@binder={0x73622a85, 0x1, 0x3}, @fd={0x66642a85, 0x0, r2}, @fda={0x66646185, 0x0, 0x2, 0x18}}, &(0x7f0000000280)={0x0, 0x18, 0x30}}, 0x10}, @release={0x40046306, 0x3}], 0x5a, 0x0, &(0x7f00000002c0)="1920ff09471b1099c7961fdcc405843a41a786d3ed8ebe8e80e4b4144e1cf51c728b926c80eb2a8e4f6b2dab5b6ac95dd16066dc703442a9132a8dd210e45df98d795a638622681df1cb222612051f612948409bc69ce5464f37"}) (async)
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000000380)={0x54, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x50, 0x18, &(0x7f00000001c0)={@flat=@binder={0x73622a85, 0x1, 0x3}, @fd={0x66642a85, 0x0, r2}, @fda={0x66646185, 0x0, 0x2, 0x18}}, &(0x7f0000000280)={0x0, 0x18, 0x30}}, 0x10}, @release={0x40046306, 0x3}], 0x5a, 0x0, &(0x7f00000002c0)="1920ff09471b1099c7961fdcc405843a41a786d3ed8ebe8e80e4b4144e1cf51c728b926c80eb2a8e4f6b2dab5b6ac95dd16066dc703442a9132a8dd210e45df98d795a638622681df1cb222612051f612948409bc69ce5464f37"})

1m3.643268676s ago: executing program 4 (id=1343):
r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
read$FUSE(r0, 0x0, 0x0)
r1 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000100), 0x44100, 0x0)
ioctl$TCSETAW(r1, 0x5407, &(0x7f00000000c0)={0xfff, 0x0, 0x0, 0xafa, 0x0, "e32401186a9ed9a9"})
r2 = openat$selinux_user(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$PPPIOCATTCHAN(r0, 0x40047438, &(0x7f0000000280)=0x4)
r3 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
ioctl$UI_ABS_SETUP(r3, 0x401c5504, &(0x7f00000002c0)={0x3f})
ioctl$UI_SET_EVBIT(r3, 0x40045564, 0x3)
write$uinput_user_dev(r3, &(0x7f0000001740)={'syz1\x00', {}, 0x0, [0x1]}, 0x45c)
ioctl$F2FS_IOC_COMMIT_ATOMIC_WRITE(r2, 0xf502, 0x0)
ioctl$UI_SET_EVBIT(r3, 0x40045564, 0x14)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000080)=0x4)
ioctl$KVM_SET_DEVICE_ATTR(r0, 0x4018aee1, &(0x7f00000001c0)=@attr_other={0x0, 0xfffffffe, 0x5, &(0x7f0000000180)=0x40})
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000040)=0xd4)
r4 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000240), 0x40001, 0x0)
r5 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000200), 0x20000, 0x0)
ioctl$BLKRRPART(r5, 0x125f, 0x0)
ioctl$BLKFRASET(r4, 0x1264, &(0x7f0000000000)=0x2)

1m3.641311167s ago: executing program 4 (id=1345):
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) (async)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x2) (async)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x2)
ioctl$BTRFS_IOC_START_SYNC(r1, 0x80089418, &(0x7f0000000000)) (async)
ioctl$BTRFS_IOC_START_SYNC(r1, 0x80089418, &(0x7f0000000000)=<r2=>0x0)
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r0, 0xc0c89425, &(0x7f0000000040)={"da24c85314cb02445b714d4514596ed5", 0x0, 0x0, {0x45bd3440, 0x6}, {0x11, 0x9}, 0x744c6317, [0xf, 0xfffffffffffffff9, 0x8, 0x9, 0x2, 0x3, 0x6, 0xffffffffffffffe1, 0x7, 0x42, 0x4, 0x9, 0x47e7, 0x3, 0x24000, 0xb6]}) (async)
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r0, 0xc0c89425, &(0x7f0000000040)={"da24c85314cb02445b714d4514596ed5", 0x0, <r3=>0x0, {0x45bd3440, 0x6}, {0x11, 0x9}, 0x744c6317, [0xf, 0xfffffffffffffff9, 0x8, 0x9, 0x2, 0x3, 0x6, 0xffffffffffffffe1, 0x7, 0x42, 0x4, 0x9, 0x47e7, 0x3, 0x24000, 0xb6]})
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r1, 0xc0c89425, &(0x7f0000000140)={"4a440da67ebe6c911c84680d88b176ff", r2, r3, {0x9, 0x3}, {0x6a9, 0x8000}, 0x8000000000000000, [0xffffffff, 0x6, 0x9, 0x8000000000000001, 0x9, 0x2f8d6682, 0x3, 0x8, 0x7, 0xbad3, 0x3, 0x5, 0x8, 0x7, 0x9, 0x3]})
ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x1) (async)
r4 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x1)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x3000)=nil, 0x0, 0xc, 0x40010, r4, 0x0)
close(r1)
ioctl$BTRFS_IOC_INO_PATHS(r1, 0xc0389423, &(0x7f0000000280)={0xc, 0x20, [0x1, 0x5, 0x80, 0xb], &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0]}) (async)
ioctl$BTRFS_IOC_INO_PATHS(r1, 0xc0389423, &(0x7f0000000280)={0xc, 0x20, [0x1, 0x5, 0x80, 0xb], &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0]})
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f00000002c0)={0x1fe, 0x0, 0x3000, 0x2000, &(0x7f0000ffd000/0x2000)=nil})
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000300), 0x1040, 0x0)
r6 = ioctl$TUNGETDEVNETNS(r5, 0x54e3, 0x0)
ioctl$KVM_SET_SREGS(r1, 0x4138ae84, &(0x7f0000000340)={{0x5000, 0xeeef0000, 0x23, 0x99, 0x9, 0x6, 0x4, 0x8, 0x8, 0x2, 0x20, 0x1}, {0xdddd1000, 0xd000, 0x8, 0x7, 0x1, 0x75, 0x1, 0x3c, 0x88, 0x1, 0x38, 0x9}, {0x80a0000, 0xeeee0000, 0x9, 0x7, 0x4, 0x9, 0x80, 0x7, 0x1, 0x9, 0xff, 0xf9}, {0x8000000, 0xd000, 0x10, 0x6, 0x5, 0x8, 0x55, 0x8, 0x9, 0xfd, 0x5, 0x8}, {0xf000, 0x2, 0x3, 0xc, 0x4, 0x3, 0xa, 0x40, 0x0, 0xa5, 0x0, 0x8}, {0x2, 0x4, 0xb, 0x9, 0x37, 0x9, 0x0, 0x18, 0x1, 0x0, 0x1, 0x4}, {0xdddd0000, 0x4, 0x0, 0x3c, 0x3, 0x7, 0xf6, 0x1, 0x1, 0x4, 0xa4, 0x5}, {0x4, 0x8080000, 0xf, 0x5, 0x61, 0x3, 0x5, 0x2, 0x0, 0xb, 0xb, 0x94}, {0xeeef0000, 0x5d}, {0x10000, 0x7}, 0x40002, 0x0, 0x8080000, 0x20100, 0xc, 0xf000, 0x4, [0x5, 0x87, 0x0, 0x4]})
ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f0000000480)={0x8, 0x0, [{0x972, 0x0, 0x4}, {0xb5f, 0x0, 0x3}, {0x37f, 0x0, 0x5979}, {0x27f, 0x0, 0xce8}, {0xacf, 0x0, 0x4}, {0x312}, {0xbc7, 0x0, 0x1}, {0x928, 0x0, 0x4}]})
ioctl$KVM_REGISTER_COALESCED_MMIO(r0, 0x4010ae67, &(0x7f0000000540)={0x0, 0x8000})
r7 = openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x5e1482, 0x44)
ioctl$BLKGETDISKSEQ(r7, 0x80081280, &(0x7f00000005c0))
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000600), 0xa00, 0x0)
ioctl$SIOCGIFHWADDR(r8, 0x8927, &(0x7f0000000640)={'wlan0\x00'})
ioctl$F2FS_IOC_GET_FEATURES(r0, 0x8004f50c, &(0x7f0000000680))
openat$uhid(0xffffffffffffff9c, &(0x7f00000006c0), 0x2, 0x0) (async)
r9 = openat$uhid(0xffffffffffffff9c, &(0x7f00000006c0), 0x2, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r9, 0x81f8943c, &(0x7f0000000700))
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r4, 0x4018aee3, &(0x7f0000000940)=@attr_set_pmu={0x0, 0x1, 0x1, &(0x7f0000000900)=0x5})
r10 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000980), 0x2, 0x0)
write$UHID_CREATE(r10, &(0x7f0000000ac0)={0x0, {'syz0\x00', 'syz0\x00', 'syz0\x00', &(0x7f00000009c0)=""/218, 0xda, 0x2, 0xf, 0xa7, 0x101, 0x100}}, 0x120)
ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f0000000c00)={[0x4, 0x5, 0x6, 0x200, 0xd32, 0x3, 0xffffffff, 0x3, 0x5, 0x1, 0xc3a, 0xde, 0x401, 0x2, 0xffffffffffff189d, 0x7], 0xd5d51000, 0x80000})
ioctl$KVM_GET_IRQCHIP(r0, 0xc208ae62, &(0x7f0000000cc0)) (async)
ioctl$KVM_GET_IRQCHIP(r0, 0xc208ae62, &(0x7f0000000cc0))
mmap(&(0x7f0000ffb000/0x1000)=nil, 0x1000, 0x3000004, 0x30, r6, 0xd802000) (async)
mmap(&(0x7f0000ffb000/0x1000)=nil, 0x1000, 0x3000004, 0x30, r6, 0xd802000)
ioctl$KVM_GET_ONE_REG(r1, 0x4010aeab, &(0x7f0000000f40)=@arm64_fp_extra={0x60200000001000d5, &(0x7f0000000f00)=0x6}) (async)
ioctl$KVM_GET_ONE_REG(r1, 0x4010aeab, &(0x7f0000000f40)=@arm64_fp_extra={0x60200000001000d5, &(0x7f0000000f00)=0x6})
ioctl$KVM_SIGNAL_MSI(r7, 0x4020aea5, &(0x7f0000000f80)={0x2000, 0x33327001, 0x88, 0x1, 0xc})

1m3.638750867s ago: executing program 4 (id=1346):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
r1 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x20002, 0x0)
close_range(0xffffffffffffffff, r1, 0x2)
r2 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000001140), 0x8080)
write$UHID_INPUT(r2, &(0x7f0000000080)={0x8, {"67be03961f23f40f310c699b06e777716cb7269482097d18def45c924945a3f5bca171ed412212f6a0a35e14c91c30e34c46ac0358f474dba60ba524e21ef181ac4b39fa056ca2a486e89f7e5d751b46e1543bfc1f2e18fc2a7b301a8b4bae5052888c61f2d44ce4aae3e10970d94adbf5c7e1b1d281af265b1e4c6e51181d64ef646d2d679fa06c2feccfb1c1b302a37af025df3423e62f8c12ce13c44fce5fa487f57e22022de63ace1f8e939d8115b424b5aefacbffadbd988c9ddbe0450dff8a36ec702c08c103c2400634ce4324c66c4e9df7f446744e75a1c820d15b6137e9a71f534903d7f7708335e8c48884624a977d043a99ac157331531f630f16acf1579f38c4dace3c7c786bc79fd2727837e485acd877993193881a9d0c837d03bece9917f559a92a276e14d7b3f2c64d58d3e37aa8edc28958f8974af6f79dba54d8864b6d83964eefee5c357431e159b24ced4b88280888e1cdf5a82f480bd59de8e5126d0d6f7d1ecfe2da53fa0592ea5b63f520c62e6c9a049144a578b9b027607c097d11ad9b4a6d3b1514918ca00189715cc13575165f0be692d373008b565837b48a85109433e92774231bcd4e5bf070d13a5a9bc47997d86edd8b8dee4b7e2ebf382976b4c3e9a4cea47fd5bc86e5c1bcd5b7600ca4960a24dc9ec201cf3316b7ee3db728f10e939787e8f5ab9f929f8506a97130ce5f867fb4f70edd1a353f50b9da1e241cd8a696ddc06b9f3dacfa4965ff191a4211f32916d51ee8a09da1eb5b14c32f9bcf72a121ff0c4daf926a4022d77a301e3c3a3daa444ca63356c000a732019ca0f174f68a6ca310e25f256a38763358e12410121e8c999f5c486b1040975915f27cd3dd1fa0b4c2fc316aef8f85ec64dab119277d49b7a603d79c86081767d1cbafcdae7588c5005d2bb8717d58b8b9406e505a07953dd8d9fc8edeff65bb5eb6dd685cad1a5554c6527765cd87b08bc44d747222746d56dbbce3441d1f047ea58308b2b8b98154d0fc50af6f5f849401323bbcec086e3a29b44d605c41e74cdb5557be267f19b326af67399e1ec9caf604d3e365e78c7ca01db4a2b3ede340505df22300caac3392c92f0a506798b6b1bab386dbebbff5d52a1d27512702dc5b4846c26c3b9c8a373e949532d06239d163ef43fd8237f5f5cee5b444facfebb35424fec62fa6973db05bfa99544874cdf411d806a11994688198e94407b3afd04cebafe49104d084e1f44387d9c9ec9d0c1ae0619da473909649604839b013d2ee88cd1944960f79e7524573caa0bfc962fac3a512431ad9e47626f414a7a7a89ca3c58be9efef24c648160707ee9c2bac8598a4b8f0f23cac65e5733c04cf5ba627c86d270757b13eb2030b4c8c9f8337c8ad2a7269a9b54c05cec11dface023c484f4e78a870c39b110e96d2584658c2e82b32260b6f0b5e63f2bfaeb2fdb31e79f6fe3335e76d11efeffc4eb25dd828cbd0af8eb8f8b1c1886833c61c5ca055885705b1a746da96e7f2dfb133a673666c22602f3c6bbe4df682d3eaf8534765fa762bf22ed6879454ec5db62a9d4a39d4d9f6d40cc1cc7c0114d5b879644c748aee997140564163cafee85e21f5c1c4750285027aa56e25cd50574b0964bb0fae3bdf6dea5305fbd66b38c369ce500c2c331166eaca663ae8f977756641b13e58843048232579ff4eae9c276c88ccb8afc25124894b3890d788ae601ce019ff89a538597bec24a69bf46a5fa1de8074cea41125ce0a2f4ec4ba1b721e574e50e53d35f072c6d46ebe832679d63a3d539650e48b50826d5279107451310e24c01f9546877ad1c283c33179703a774b28909b6b6b8911a350550d0f01cd58e1e0da848931e389f40270f8c7b75a1d8edc12746074ebd1fb28f74334c7fe0ffccb2493a17ae3631a258794a09cb5ef581b49605db86fcef33c3707d941f67afb3c5dd5a3a3089f8afc86517b6d6f2a1e00fa66d9586615815e8b1c25eb3b7d3d0886e23d218db1e402bb0020ba84dbc8ab53abbe1662e022ebaf1a6507ae1c23740bf263b8fe287bc134814ebfe93436c2175f2649dd8ba612e993b64fd73cd4b768935455f50d2d2dd35e62774db9ec33dfea42ddcc0c826d07e42e1a7373cd0941e7e8a83548f281933885bb32e8b948148a4f790a4cab4a95b297ce217ed7e0182239d47b7549b569811762ee5dbaaa59c44e367ab77e2868376d7e3f951e73f0fec372c33b4f565460599ba0508fa98e05f6f2da99d6fad03215c1865d5ad72b60ed09e5ae6c0c368d168d0d57d2e4f656b9aceaeec17e184742539a680dd1114793939fdcdfe22c34568b9fcfa2c70d0c635c9bba601364ba1797ca1080a6580017809f41ac68516bce5992aee3a92ae7127a8d4bffda858eea190dcc40c3227e9eecedea7576d70dd08fa5f956f84d01c76f7acaa47cd6093ac72435a9c0b0b1d066a01fef7110d1f1d74599014ab9ee96cefb6333fb7d2ba96bdc09c89b6fbf582d30d20759d83fa797e9c380f93d534ed3729b82da7b0badecfce42712cd44d3729e844bf9f931da0356ed3787a36946c220b305203e17e23442085c4450911dca239e5e191dd3960f5dc009ec170223927cf28a14106fd377f2efa175e6c4f569b9ae07947ef7acebfcc3b0f12710ec3d8b5201e61caadf479b3217f17a3dde347ead7285af91b77ccbe5919e6d7cb31da4432d35ef3b3523e380af7d4b963e47e590bdd10b2b7172b558ec921bb87502529a6aa3ac8532cd688f79073ccc61f5dea871866e262ba00966e789237f370dbae127ac7eb14ec70aa035b3cdf1a5cf0f04c72bce5177aaf24236a3278a09377c227d7b8e35bd2d5482a1872cf7102380df65effc9ee52e46a4b51c462dd6bb0d53beb7733e4756b40d388beca00b4cfbed5db65cc9cb972032a63e71f38eb1fe4596348caf81b2402ba5a01af7bf3cd04de0d97fa08e2fee2f3b3c2f926eead6a60c65fe4bee0a822aca4ad400aa59da6f731d4d952a055fac38b500363d00b564f99c4715c5ce69d4a4c91360e467b2d4086a67340dcda456dc70b6c97458ebfcd5dabc1d0ff711e958829c31ee7759f499819549d7d67473293d83428918e0bb8a8d0420edf8d00f2f17f308c15ab1bea6a031c21240243b73705ef6784be49f2689cdb179c6091637f9d1b713d6e99ac453e0d43cee96ad6843c0314d408a70182be5e6e941ba72e98ea43e0ba878288acee65c8f4fdb382ccb6f3e719e6e7fb9eb7ee7b7f3fb8767d79ae419c3a683ca96c444ceec4f0b05868db3108517a06a33c09690efcdcaf357ef425a2fd0eeb6a7067e87c64b41765f8eb1c5baa003495e04290b6a39b7caaafb87c09fbdddffe4a5a6e2d8ce0224079d22d41cf55d49ef28fa8127e986bf05fad4a9db84005ef3ce22191cbba05b47325a23041bb8f5468149684fd5019a2c02d39397f74a16f2ae532c6cb81bd67084c0c36b69e308aaf169c1cac515e9100179ab42c7e74f0885b00ceabc81015727df464dadb2a5c24b100aae723c2ceead3c2bf7f85624d61a852e45ab9ab4a47685d4b81a16d0b48f15f8206e462bb3d9fe7832d04742245757589f9aa705054719405d43e2cc3754182af8de55406997d1344f46e0062811a987c059e3108b57d2f2d4a5cd2f4847130cd88d85bed2773283208adecc388538408332036d1ae1f979d6514e6945ddc3abdc49edc9a2569fd5459906f245fcea58520fefd311d7d243cef37b947323edfc97e5078e11a8a96fd00a5213a6b8f392a25990c531f98886a8201b35eaa350d459486140763ef197f352fc9174e61079567e113dcabf71be693e03af143d9c5daf978265aa712e199edbdd00553f1c6f2077fdcae9463e7961a7c184971e4a7f75be604a14b70c47f922b51c0df758deaf044eade2b7219417f4cd31e1f42a7d402e041c51d665fc2dacb49866fd67ec6c949884aef6621758ed5bd54745455029afcabef90e0874f21ce983fdfa66594e3352c59e60101c18ef6d69d4d98b6f90d790dce2426aa8db6e69210f1c8401a285f5c87f04c4720e90a30ab21f6f79fbf61c921259eda2f2ffdc1c50a26c13861476b938e1c83d44c552f1712cb4dd53d977c66ef5f196e951bd1259b8f1d94ba2eb8d1bc4b82e86707485d43c49e35f6c4de8b57354b85796d7c23b692a17209bbec0cf2704ab37f69b5a969ef27ab30d49bc39517f117c473de855ba20742cb2bc8903cd454b0efb25cc2950c14358a73603c5beef1afe6206b453b937673a1619a87c6fda1062b117fc9e5660a8b4b19f7bb0b64bb98c610ac0df342197355b0575a11199d16610b55e89cfbe31b2817da98528a2a5df403d645af8512f0caab021e6d8545621a4c1accf0e0515cb8b604073db8b08156e1443845908d01b2b8c3553681622c3f23e1db02514a570e9b0a9a17e7cf74355d3c76209780e14a2fb22d92b9a4ae5d5cc137069cc65f2dc55df500915188324cb7b021ab4753736ea021d40e7c53bb68005596cc4ca67d161be044e48d9b8653dad0a0c7dcc1562da67c9afec2a09a5001d9fff1407600d6461166ffc4a453de9e15781f6448aa2e15a940b944e04f8dcb10b42b6b75a3340cd32ac3c1655600fcb851de3639de96d67fd4e44983b1997f157a38d91af9c5790e76e06cd625f438ce2aed0b726c5ef693a2175b5f78f111efd7c92d02eb7c1afe6cf2b38ac44110b9ea53edfa9af4c67efc4a1034da0c5d482a577c7ee6cf4c5d9f2204e78d7c1cea327ecb41a1a3942f89570a3fce39ff537afd648ff2047dd0bb86544cf778aa41b18128139086d5f9f0496d5e59e2a1a0da859a1bddf61f530e2a08c66ce58c90ed7c21b9844a1f34061262d08f08d9f558e8a444cc813cd4488e8c334a4d79022de6d67505c99e1c2c9c1566a5c6fefcc798679c232f4ecc0b651de2ae6c250bf0c129b1cd7c69d42dfac4010982e5a0e0b5f491e01684f5085a17e9fc10a3569fd1c025a45c05c92eadbc286cae6e307ce0042d0ead123db51069b2e12dcd35a82baad2c6e5c27b8eb1a3dc4feb9da2bd42883c5708228bbba32f1fc357766d91df1be83eb41c57d2c1b3a33d1113b5b5fe89787dfb31225dfdea0665354188dba0db2dd07147034b30382008fd3602503cfa065ba95e9f9444efc0506a37f2a58460ba40495e9efa589cc5584d61474da4ac403b7b1f38741a97515220385125fd7664b6e0048ce8538c131277b27d813ed8ea6f88515cecc693c9c1c3412f95d5ea66fd8fd66355babacb672c288b63683dd5001053b5f3ec104ab3d23d2f844889b1bbe54ce185a0137b3f6f933b98b71047771b617a758f73065db133175c28096800803868f384add3420c763a12ec783d4bb03c5abdac49428c378f1f0859b16a5ab529bd2c77c0f412f307cd26e8a1bba91cf7396b5365f7aaedf115b2119b326a6ca1634500837e9d9e682a990d54bf2c3b87371b942709b429c96593ec38680f547b0606a7719b9fd44acbc1b4cbd4e3498fbde3a8165e1431cb60ef5bbf6665424d00a6ef9458b1625a1fcbc2975c365b47bb91bdd3610678f74b9b2b9f374501ea1b72945f715dbf7862b8926c5d23f33da3aeed3b099f3f61f4fc4c707a8df3b7eaa3e6f65203c126cc1d0a65ec6b7b6091e9aa07a234117dda0c8b7bde5bd60a440f613a6a3d658317a52e6467a7db384b0b9e767060cc0070a7ca609491965f778ce860021f37b68bf0007cd5e93d6480f78fb7e810cb1e9410e9517df6e9cc58f6c312ef098", 0x1000}}, 0x1006)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000000340)={0x73622a85, 0xb, 0x20000})
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x802, 0x0)
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f00000003c0)={0xc, 0x0, &(0x7f0000000200)=[@acquire, @enter_looper], 0x53, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000000480)={0x20, 0x0, &(0x7f0000000000)=[@request_death, @clear_death], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000000380)={0x4c, 0x0, &(0x7f00000002c0)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40}], 0x51, 0x0, &(0x7f0000000580)="ee3fcc6d199cc3ae4da567623035edf30095340fbb8fad1763ddce29a3434535397fb9eabeadceccdc25a601a2cd1e7062b09bb6ea48827be39d2349145944e8856b2483d21e4521e01b2b9881182e3f23"})
ioctl$KVM_SET_MSRS(r3, 0xc008ae88, &(0x7f0000000100)={0x1, 0x0, [{0x488}]})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x51)
ioctl$FS_IOC_FSSETXATTR(r6, 0x401c5820, &(0x7f0000000080)={0x8})
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r7, 0xae03, 0x51)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000380)={0x4c, 0x0, &(0x7f00000003c0)=[@transaction_sg={0x40486311, {0x2, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x60, 0x18, &(0x7f00000010c0)={@fda={0x66646185, 0x5, 0xfffffffffffffffc, 0x43a}, @fd={0x66642a85, 0x0, r7}, @ptr={0x70742a85, 0x2, 0x0, 0x0, 0x3, 0x20000000000031}}, &(0x7f0000000280)={0x0, 0x20, 0x38}}, 0x10}], 0x0, 0x0, 0x0})

1m3.585452367s ago: executing program 4 (id=1348):
r0 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
openat(r0, &(0x7f0000000040)='./cgroup\x00', 0x40000, 0x35)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) (async)
ioctl$AUTOFS_IOC_ASKUMOUNT(r0, 0x80049370, &(0x7f0000000080))
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r1, 0x0) (async)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x0, 0x0) (async)
r3 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000001380), 0x101100, 0x0)
syz_clone3(&(0x7f00000013c0)={0x240040480, 0x0, 0x0, 0x0, {0x25}, 0x0, 0x0, 0x0, 0x0, 0x0, {r3}}, 0x58) (async)
mmap$binder(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x11, r2, 0x0)

49.438677176s ago: executing program 2 (id=1564):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100}) (async)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
syz_clone3(&(0x7f0000001600)={0x218000, &(0x7f0000001340), &(0x7f0000001380), &(0x7f00000013c0), {0x27}, &(0x7f0000001400)=""/177, 0xb1, &(0x7f00000014c0)=""/213, &(0x7f00000015c0)=[0xffffffffffffffff], 0x1}, 0x58) (async)
syz_clone3(&(0x7f0000001600)={0x218000, &(0x7f0000001340), &(0x7f0000001380), &(0x7f00000013c0)=<r2=>0x0, {0x27}, &(0x7f0000001400)=""/177, 0xb1, &(0x7f00000014c0)=""/213, &(0x7f00000015c0)=[0xffffffffffffffff], 0x1}, 0x58)
prctl$PR_GET_TSC(0x19, &(0x7f0000000000)) (async)
prctl$PR_GET_TSC(0x19, &(0x7f0000000000))
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000016c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$TCXONC(r4, 0x540a, 0x2)
ioctl$TCXONC(r4, 0x540a, 0x2)
syz_clone3(&(0x7f0000001700)={0x50240800, &(0x7f0000000000), &(0x7f0000000040), &(0x7f00000002c0), {0x1c}, &(0x7f0000000300)=""/34, 0x22, &(0x7f0000000340)=""/4096, &(0x7f0000001680)=[r2], 0x1, {r3}}, 0x58) (async)
syz_clone3(&(0x7f0000001700)={0x50240800, &(0x7f0000000000), &(0x7f0000000040), &(0x7f00000002c0), {0x1c}, &(0x7f0000000300)=""/34, 0x22, &(0x7f0000000340)=""/4096, &(0x7f0000001680)=[r2], 0x1, {r3}}, 0x58)
openat$null(0xffffffffffffff9c, &(0x7f0000000140), 0xa8041, 0x0) (async)
openat$null(0xffffffffffffff9c, &(0x7f0000000140), 0xa8041, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000100)={0x4}) (async)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000100)={0x4, <r7=>0xffffffffffffffff})
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
prctl$PR_GET_TSC(0x19, &(0x7f0000001780))
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(r10, 0xc008aec1, &(0x7f0000000d00)={"8858bde0d7f6311bf16c671fc9d87024dbe4bbb080be0900000000000016591b7390035985dcaa66a958a8a970391decb4b7d3e52996ff674f707cdf49c7381d2964c301f29e875ce36aa6b1930032da440a2e212da56797dfe5748aaaae9fbc3f7ffd29500ecab817a7350f98900200000000000000383692bf1b90d3c1bab243eb0d17151ba3e65431ac11adc58b77321481fd65569362b3a8bddbed39d885f990908ce1892580ee43159c1db62d59fe2c8208000000000000b8ee30aadea127f169312855440d9ec40deaf8215a2bdcc65fcbbd5e0b83d2f1e3ea96ef1c9946b76ab53dee477b7ade8550d47e5a3eea926f58efb6fb7f33064fb7b6951eae379648695b27505fa731a2454174592ef7a0227f59ac45d0ed37cccabee68ba44346135659abe531ca418b0841f5a8f285605fc1cfe77f0080a47277ed3f9cc1a9f8a7efd669ba9819c2db199a88aa87c399b7ada0ff033039d0d3a8b043b53335d15c275ea6ce63f3c34655761c1182bc26b1a590a8cb8667e764c3f74dc55dd44ca9e7c6a61c6376761acb0fd9fb1941caca01396905eeeead3e189fd11bd19137b214eecefa07116dc4b4b7ea423308ac9183ffc62c8dc69021249027b7b0929660135b3161d08e109a46b6fd1b7fc08a3bc0934ee2648df2b04716aff5342d9897218f91371f6c06666e0082b8a66e973930c219a568f1e0938a6a1681c7268147b1e0505c41da41a55877c32797bbfa11736d046b681bf70f376112a9094c5f23edd5d7d06014e72730b64d9e33412e3d423cf8213370fc4338e6f0d722dde3135706e615085bf76fa752bac824485910a6acc45b6552537fbbf0909a08d9b891ce78d11af59ca07eaf5bba689017f082dce61d3682695c75e6c2d0388412fe7f36823a0e74de0f91d4fc15397a14a831d37dc60d6bd3d455649347f6257d05cbbd9fc145e958955fd219d1ab60dbc021e874f265daed86f86e6356a782b305d5e2f6e1b190479e6376b4e6247c0f020e607e9468f48fa9a16e0770b05f6bcda150dc373437963a045e0ca1272848ae96fd7823f3eac82ae253a7d907b237ff231bbae89a93ac077db04197707ff3de99ca9191ed561e972fd60356654e89242b3ac8b112092d28e10759bb3e85cfab2ae11ce90b6b52f7d2be1fd3e6d9eaabe37a3083749c11f54c17b6402fc1b5353c1cd46565480faa910856106800ba90c26ccefc230296f498c1304abe91a8fb37eb7abda2072c686aae830cc5abd72b47dc87cb4e0105000000dc6ac2bee572bf601e02d9a51851877f1498d6e2ba3b5947d83d90072eaf0cefed3dceb9bf35b36cbca3f1feba2c3d0f16ce04e13237e8b78689b9599d33db4fe890f9e655ba57658bc1671878ab615bc37943f9c9b8e9d5069bf7de6aaa74b0470389f22935cedbb9e22523e400"})
ioctl$KVM_SET_DEVICE_ATTR(r7, 0x4018aee1, &(0x7f00000001c0)=@attr_other={0x0, 0x1, 0x1, &(0x7f0000000180)=0x6})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000240)={0x4c, 0x0, &(0x7f0000000140)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x58, 0x18, &(0x7f00000001c0)={@flat, @fd={0x66642a85, 0x0, r1}, @ptr={0x70742a85, 0x0, 0x0}}, &(0x7f0000000280)={0x0, 0x18, 0x30}}, 0x10}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000100)={0x18, 0x0, &(0x7f0000000180)=[@decrefs, @clear_death], 0x0, 0x0, 0x0})

49.1656929s ago: executing program 2 (id=1566):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000083c0)={{0x1}})
read(r0, &(0x7f00000013c0)=""/4089, 0xff9)
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2)
mmap(&(0x7f0000b7e000/0x2000)=nil, 0x2000, 0x3000008, 0x50, r0, 0x8f233000)
read(r0, &(0x7f0000000280)=""/4096, 0x1000)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_GET_NODE_INFO_FOR_REF(r1, 0xc018620c, &(0x7f0000000000)={0x1})

48.386733402s ago: executing program 33 (id=1348):
r0 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
openat(r0, &(0x7f0000000040)='./cgroup\x00', 0x40000, 0x35)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) (async)
ioctl$AUTOFS_IOC_ASKUMOUNT(r0, 0x80049370, &(0x7f0000000080))
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r1, 0x0) (async)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x0, 0x0) (async)
r3 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000001380), 0x101100, 0x0)
syz_clone3(&(0x7f00000013c0)={0x240040480, 0x0, 0x0, 0x0, {0x25}, 0x0, 0x0, 0x0, 0x0, 0x0, {r3}}, 0x58) (async)
mmap$binder(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x11, r2, 0x0)

48.266749954s ago: executing program 2 (id=1574):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x781000, 0x0)
r1 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000200)={0x2, 0x0, [{0x40000000, 0x8, 0x4, 0x7, 0x8, 0x1ff, 0x2}, {0x8000000e, 0x0, 0x5, 0x8, 0x5, 0x5, 0x1}]})
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mount$binderfs(0x0, &(0x7f0000000280)='./binderfs\x00', 0x0, 0x2000063, &(0x7f0000000400)=ANY=[@ANYBLOB="73e22c7c03e9f9c600"])
mount$binderfs(&(0x7f0000000000), &(0x7f0000000040)='./binderfs2\x00', &(0x7f0000000080), 0x20, &(0x7f00000000c0)={[{@stats}, {@stats}, {@max={'max', 0x3d, 0xb}}, {@max={'max', 0x3d, 0xffffffffffffffda}}], [{@fsname={'fsname', 0x3d, 'dirsync'}}, {@obj_role={'obj_role', 0x3d, '!'}}, {@obj_role={'obj_role', 0x3d, './binderfs\x00'}}, {@context={'context', 0x3d, 'system_u'}}, {@smackfshat={'smackfshat', 0x3d, '!'}}, {@smackfsdef={'smackfsdef', 0x3d, 'dirsync'}}]})

48.166937585s ago: executing program 2 (id=1575):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r1, &(0x7f0000000000), 0x2002)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
mmap$binder(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x1, 0x11, r0, 0x4)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f0000000080)=ANY=[@ANYBLOB="01000000000000008702"])
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffe000/0x1000)=nil, 0x1000, &(0x7f0000000040)='\x00\x00\x00\x00\x02')
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, &(0x7f0000000000)='\x00\x02\x00\x00\x00')
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs2/binder0\x00', 0x800, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r5, 0x4018620d, &(0x7f0000000240))
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000140)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x70, 0x18, &(0x7f0000000580)={@ptr={0x70742a85, 0x0, &(0x7f00000001c0)=""/75, 0x4b, 0x0, 0x32}, @fda={0x66646185, 0x7, 0x0, 0x16}, @ptr={0x70742a85, 0xfffffffc, 0x0, 0x0, 0x1}}, &(0x7f00000004c0)={0x0, 0x28, 0x48}}, 0x1000}], 0x0, 0x0, 0x0})
openat(0xffffffffffffff9c, &(0x7f0000000000)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, 0x40)
mmap$binder(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x1, 0x11, r0, 0xf7)

48.018149688s ago: executing program 2 (id=1579):
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000140)='/sys/power/image_size', 0x208680, 0x128)
syz_clone3(&(0x7f0000000040)={0x206361100, &(0x7f00000002c0), 0x0, 0x0, {0x13}, 0x0, 0x0, 0x0, 0x0, 0x0, {r1}}, 0x58)
ioctl$KVM_SET_MSRS(r1, 0x4008ae89, &(0x7f0000000080)={0x4, 0x0, [{0xad4, 0x0, 0x1a00000000000}, {0x8d5, 0x0, 0xfffffffffffffffd}, {0xb94, 0x0, 0x9}, {0x9d4, 0x0, 0x100000001}]})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000280)=0x10)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101740, 0x179)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0xc1)
mmap(&(0x7f0000196000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
r3 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
mmap(&(0x7f0000fee000/0xf000)=nil, 0xf000, 0x0, 0x11, r3, 0x0)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x300000c, 0x13, r3, 0x293f000)

47.965297939s ago: executing program 2 (id=1580):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_CAP_HYPERV_SYNIC2(r3, 0x4068aea3, &(0x7f0000000140))
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f00000011c0)=ANY=[@ANYBLOB="0100000000000000910000400eca368072"])
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000001, 0x22052, r0, 0x2000)
r4 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
ioctl$UI_SET_EVBIT(r4, 0x40045564, 0x3)
ioctl$UI_SET_ABSBIT(r4, 0x40045567, 0x0)
ioctl$F2FS_IOC_RESERVE_COMPRESS_BLOCKS(r0, 0x8008f513, &(0x7f0000000080))
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x3, &(0x7f0000000000)=[{0x4, 0x6}, {0x64}, {0x6}]})
mount$binderfs(0x0, &(0x7f0000001600)='./binderfs\x00', 0x0, 0x40000, 0x0)
write$uinput_user_dev(r4, &(0x7f0000000ec0)={'syz0\x00', {}, 0x0, [0x0, 0xe74, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0xfffffffc], [0x0, 0x0, 0x0, 0xb16, 0x0, 0xfffffffd, 0x8000000, 0x6, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xfffffffe, 0x0, 0xfffffffc, 0x4, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x5], [0xffffffff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x2, 0x100e, 0x0, 0x0, 0x0, 0xfff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0xbcd5, 0x2, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x4], [0x0, 0x0, 0x0, 0xc63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xfffffffd, 0x1000, 0x0, 0x0, 0x80000003, 0x0, 0x5]}, 0x45c)
mount$binderfs(&(0x7f0000000000), &(0x7f0000002200)='./binderfs\x00', 0x0, 0x2002004, 0x0)
ioctl$UI_DEV_CREATE(r4, 0x5501)
mount$binderfs(0x0, &(0x7f0000000080)='./binderfs\x00', 0x0, 0x2010860, &(0x7f0000000040)=ANY=[@ANYBLOB="636f79424c0d56a72269358edd1994c3f9d26e746578743d73797374656d5f752c"])
write$uinput_user_dev(r4, &(0x7f0000000a40)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x401, 0x0, 0x4, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x0, 0x7], [0x0, 0x3, 0x6, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6189fbd8, 0x0, 0x400000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x9e2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40002, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xfd5], [0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x3, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x3, 0x8000000, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf152, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x7ff, 0x0, 0x0, 0x1, 0x0, 0x6, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x4]}, 0x45c)
ioctl$BLKGETSIZE64(r0, 0x80081272, &(0x7f0000000000))
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0)
mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x13, r5, 0x0)
openat$cgroup_int(r5, &(0x7f00000000c0)='cpuset.cpus\x00', 0x2, 0x0)

32.932067741s ago: executing program 34 (id=1580):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_CAP_HYPERV_SYNIC2(r3, 0x4068aea3, &(0x7f0000000140))
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f00000011c0)=ANY=[@ANYBLOB="0100000000000000910000400eca368072"])
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000001, 0x22052, r0, 0x2000)
r4 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
ioctl$UI_SET_EVBIT(r4, 0x40045564, 0x3)
ioctl$UI_SET_ABSBIT(r4, 0x40045567, 0x0)
ioctl$F2FS_IOC_RESERVE_COMPRESS_BLOCKS(r0, 0x8008f513, &(0x7f0000000080))
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x3, &(0x7f0000000000)=[{0x4, 0x6}, {0x64}, {0x6}]})
mount$binderfs(0x0, &(0x7f0000001600)='./binderfs\x00', 0x0, 0x40000, 0x0)
write$uinput_user_dev(r4, &(0x7f0000000ec0)={'syz0\x00', {}, 0x0, [0x0, 0xe74, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0xfffffffc], [0x0, 0x0, 0x0, 0xb16, 0x0, 0xfffffffd, 0x8000000, 0x6, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xfffffffe, 0x0, 0xfffffffc, 0x4, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x5], [0xffffffff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x2, 0x100e, 0x0, 0x0, 0x0, 0xfff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0xbcd5, 0x2, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x4], [0x0, 0x0, 0x0, 0xc63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xfffffffd, 0x1000, 0x0, 0x0, 0x80000003, 0x0, 0x5]}, 0x45c)
mount$binderfs(&(0x7f0000000000), &(0x7f0000002200)='./binderfs\x00', 0x0, 0x2002004, 0x0)
ioctl$UI_DEV_CREATE(r4, 0x5501)
mount$binderfs(0x0, &(0x7f0000000080)='./binderfs\x00', 0x0, 0x2010860, &(0x7f0000000040)=ANY=[@ANYBLOB="636f79424c0d56a72269358edd1994c3f9d26e746578743d73797374656d5f752c"])
write$uinput_user_dev(r4, &(0x7f0000000a40)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x401, 0x0, 0x4, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x0, 0x7], [0x0, 0x3, 0x6, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6189fbd8, 0x0, 0x400000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x9e2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40002, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xfd5], [0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x3, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x3, 0x8000000, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf152, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x7ff, 0x0, 0x0, 0x1, 0x0, 0x6, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x4]}, 0x45c)
ioctl$BLKGETSIZE64(r0, 0x80081272, &(0x7f0000000000))
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0)
mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x13, r5, 0x0)
openat$cgroup_int(r5, &(0x7f00000000c0)='cpuset.cpus\x00', 0x2, 0x0)

8.322790702s ago: executing program 5 (id=2104):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_RESET_DIRTY_RINGS(r2, 0xaec7)
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x0, 0x0)
r4 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000001380), 0x101100, 0x0)
syz_clone3(&(0x7f00000013c0)={0x240040480, 0x0, 0x0, 0x0, {0x25}, 0x0, 0x0, 0x0, 0x0, 0x0, {r4}}, 0x58)
mmap$binder(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x11, r3, 0x0)
read$FUSE(r4, &(0x7f0000001440)={0x2020, 0x0, <r5=>0x0}, 0x2020)
r6 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CAP_EXCEPTION_PAYLOAD(r6, 0x4068aea3, &(0x7f00000003c0)={0xa4, 0x0, 0x1})
read$FUSE(r4, &(0x7f0000003480)={0x2020, 0x0, 0x0, <r7=>0x0}, 0x2020)
read$FUSE(r4, &(0x7f00000054c0)={0x2020, 0x0, 0x0, 0x0, <r8=>0x0}, 0x2020)
read$FUSE(0xffffffffffffffff, &(0x7f0000007500)={0x2020, 0x0, 0x0, 0x0, <r9=>0x0}, 0x2020)
r10 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000880), 0x40, 0x0)
ioctl$int_in(r10, 0x5452, &(0x7f00000008c0)=0xa6)
read$FUSE(r4, &(0x7f0000009540)={0x2020, 0x0, 0x0, 0x0, <r11=>0x0}, 0x2020)
read$FUSE(r4, &(0x7f000000b580)={0x2020, 0x0, 0x0, <r12=>0x0}, 0x2020)
read$FUSE(r4, &(0x7f000000d5c0)={0x2020, 0x0, 0x0, 0x0, <r13=>0x0}, 0x2020)
write$FUSE_DIRENTPLUS(r1, &(0x7f0000000100)={0x2b0, 0x0, r5, [{{0x1, 0x1, 0x6, 0x5, 0x101, 0x1, {0x6, 0x1, 0x5, 0x3, 0x5, 0x5, 0x401, 0xac6f, 0x1000, 0xc000, 0x0, r7, r8, 0x7ff, 0x8}}, {0x4, 0xef9, 0x1, 0x2, '\xa9'}}, {{0x5, 0x2, 0x1e21, 0xa3, 0x4, 0x98, {0x1, 0x3, 0x100000001, 0x8000, 0xffffffffffffffff, 0x5, 0x92, 0x5, 0x0, 0x1000, 0x4, 0xffffffffffffffff, r9, 0x2, 0x8}}, {0x5, 0x1000, 0x13, 0x7, './binderfs/binder0\x00'}}, {{0x3, 0x0, 0x8, 0xffffffffffffffff, 0x7, 0x4, {0x2, 0xe000, 0x32b, 0x1, 0x3ff, 0x9, 0x401, 0x8, 0xa7, 0xc000, 0xb, 0xee01, r11, 0xf279, 0x1000}}, {0x2, 0x9, 0x11, 0x9, '/selinux/enforce\x00'}}, {{0x6, 0x3, 0x8e, 0xa00000, 0x100, 0x4, {0x7, 0x2, 0x7fffffff, 0x7, 0x6, 0x3, 0x5, 0x1, 0x2, 0x4000, 0x101, r12, r13, 0x4, 0x54}}, {0x1, 0x4, 0x3, 0x0, '{\\]'}}]}, 0x2b0)

7.857179819s ago: executing program 5 (id=2109):
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000196000/0x1000)=nil, 0x1000, 0x0, 0x840000000000a132, 0xffffffffffffffff, 0x0)
r0 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x8000000000000000)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0xc0042, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x0, 0x81, 0x100000, 0x0, 0x2004c8, 0x8000000, 0xfffffffffffffffe, 0x1, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x2], 0xeeee8000, 0x42240})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000640)={[0x202a4, 0x7, 0x8000, 0x800000000005, 0x2, 0x5, 0xefffffffffffffff, 0xb, 0x0, 0x7fffffffffffffff, 0x0, 0x9, 0x3, 0x1, 0x8000000000000000, 0xff], 0x0, 0x41845})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$BTRFS_IOC_SNAP_DESTROY(r0, 0x5000940f, &(0x7f0000000040)={{r3}, "2a1630764a52aaa16f524c58a03b495b54eb517715bc36371b6ae3d70778f968309a80ab3665d5f948adf120fb0da4bc7b03d6155b446faef3325dca9d799671adb38504f5a5d05d278563b65a5f4c9c723874566782908b994517ef16b9fe5b72c7b4110e75e6cd83df4ecc6a34fa76424797966d4d4a0061ee259a3e645b24a6aa6c1bec1a8c279bea34b62173c87436417e8387dca5a45cabbc1098ee7f758ae625cb466dfae5e09d9cd0a3702e3c452bdea884bd796c5c8bc930b823575c85cc730d118b613a136e67bff04091710d2052181ebb5355b168839f19e4e9c655fdd9adb1e1916766c25a6b1c91236d8a8612d8831977ea2a4ba3c9cfa019995318b3061aafc125b506d6fa50402d86ea459145a123d73c491ab3ff847ceeb4229027e21a6943bc3cbb77e63340baa90eb898a7f0bc7ec2734797a637c73a03393280ba9273ba0f43e441b38799981f675c1c076ae682e67e4930f491ac0fbdab404e4a8db93347039f5cf7ff35f919df903273680f8a1f6c774c24761ad840e4b6319ebe5feb399082e05bbc6967cf02f8de09d69e49bdc55da5218fcb910cacf06370ca67cc9851fc90bd72c15c267a8d89fe3c3001ccfd25fa55ea5f30bb006b89e759ef8dea5c2c3f9ad376cb1d5cc6a78556fb8e666ced75f0fd689fde3055f6e636b4b5f73b1246632358b84a61f983426b5ecf4aa314b8775b78d027edf875f865d7542ff82485c68924c13c0e125e9e85adf3dc6a0ed6755e75288d888014689f079545d52b86fab0ed4881a2c1b00658f96aca0673efb1d4642020c920e7f074ea4d14820cfa49f6a1aeab220617945b6f1eeb489f7109ad6e63c33597d267591588f239caa2d02fdb0763a8fdb86307c4f14fb2e677636ff99d2ab35f3c68d93e09d2cd5e9748321bd65444bacc8de32e0dde6bee4d7ed553da158387fdd3aea6fb714228140081dc6803452147caf35af266dd69eba676711ccfed2f9f977423fe85ac4bf16589e4d573029801f734a3efefd882c77dfe2e9a72c7c9e2949fe2232950a1a39763c5ddd51faed97ec2db5912a3f822df52a3cd433087c4cab06543b0e73fe55ce88ab41653cba0f9b6de43b0bbc2553de9e180470882206f2ae7e8074bd1cdc6b6f0e636addb993324f25c46ad58caa0df9ab49d7f7b6e62e8e960d08c60de0c43f7d1aaa6dcf86a09ebd5775f25d5c9ea0f3a01c3d50d32441d95d3f21f9ac249dbf54d09c6dd748b3151d10cecca264d1e902af4cfe0d2cd4b802d0a29cdaaa429a3ace24b072c2558007d1a6404ce106d1e1086c4745f009e3e51c2aca2d5176e724171a08e67b9308d7aba721da5ac90991344946cd58426a2f5053a60ebdc708afb5f20a207a7fe426bfcf96f687f6125ba2a3437c05620dc8072b8dd84e766fe9c6aa5d2b932e9a0e887f6c33363f5d289c6831fa3e58f74ab0e33b595a0afca48d0ba8501fab23240d5e295cfbb1845b581dcb3f9e844c9a0ddfa5d28b3b5fedd0db007776bb84d55f4c1c1cb2e55ce178ba4c1d0e8daea9858f4bceef898e4159703bedac0b73403e444d83985141fbfa21bd55e425e1bcd9ce4ec5feeab4c4914217493df38faffe1c895f93772687ece1d2f7c7b207626fd93e77b1496a032eba5d538cc371586a0fadba10ec4496ccdc93b7b16736c828914aefb70be1841179d59d0cf1f8987f134b650437b32a8d84407e87d4222c7445d434d80b4f44110fcf77399767554dc7c9ed0e57a9a3e5b9b897c45b1d110c99441a28356b66974f7c11aef64fe476fbf36b3d7c17b81236879805f2e5be3119bf6440fcbf818ab0e4e12fdd8f55114f9da2c06bd7eb8777052f924f937de8bc6471eb4918c474d83d3e89cd834a122a5785b574e27c5a6f044a75a8ee29df6975825900b2beec5642284ab41ec8d907bd40e91c5db149d5bcd6e3f03671b43caa1c0c3392a728b43158c3d860fd690f122d5406ff354cb34919e7ac83f45d0af8f4be91ea816596850536ed867247fc733c615c83420ae5a07be222c07a1e77e071f98e06ff049c6344567ecebcca85fde980aaac0db1724cf9eee64f27ca68bf6ff2c39c83b6fb5b9931ace132fb30e84916c11dee810f1cec4be19a3807ea92742fa88277d8962c8aed4462eeb74ce63510fa2663d2ee956c2b82db5c1f411944e214a03ed21b2d033b1eda816562f41a3d5a8df3cac17e3d339a0cefb8b75e5b69c91b9ddd81a78f9f8676433d8fb2ec680d94bb67c84442a087858a65a00295fc255eb926b78a97791fa776994bacabb1a6395f172e407071320ecfac1461074bd5c0eaccf235dc82072443dfed9995cd908efac4e3f3cfdd00626ecd1ed1ad68a3e4c0005d3acfc57c71d3406927abea0b83533ba1a38382e5970c0183bb62c5efadecb246d34c8755730ece6bfb88d34b7a0120c1e2476a382ba87b194becc4457f3d5fd8bb7afd7e864d4453b842d7195b797589e3235b491f511c39b8a98270d43c98ee6299afcd3a0447b5a4a360744f5f447c5dddf2241c9b80023c9d31028e37ddb88ba26e142b5a6f5aa61d8c954f2db31299b4d75d4b4ed73997cc257cae9f038a38a7c49aff5aa772945ca3037cf14796196bdabc9772ec8199db21d3743c0ad3d9f338e06c0c76590b400213dd60ffae5f809a5ecdd89058bffda86127b40ffc0f705df097101f49c7217323b14851c211d82c15851d00345f84ded66503d302227d9d504a749924a497124b204f2f1497b068b396514cc5eb70bcacca6fb98dc9ee47a1ae7013bec4a48f23a0f7b27f1dc74cbdd7273b687807bc75f2a2b5521aa62fcb2594a79d369fe3b37acbf0a8f2a3278172e3483d4876e4c1aab1000a9f2a00d1bb575d8f7629f605b2df22395a44cc7037588c3837ae31676343ebb7b0a45cb0d0d7117debbd47dd103fba2ab27a98ad4be5b32ebaa8e12928f6191eabcb51c890468fcf72ae8d336b3fae107684896ed3073539f6c3f5257b5597641106b04d9b5ecfd2b6bad54847472aa0400576144c7b5d9fadfd64a242af8c1cb18aaf74e0333b8472ed482664f2757e39330a6ad04fd77d9530fa9eb19ec9f941a15e9268b29cb320c7827381cccc1744d2f512eaa0149bbaa0bc71044706a9bc00c0003a3f9ce9719d16f5fbe18e0a0e3b2046615a8484c6107a400e6de9e84b9fde6101a714c50e35a84b60b796a911f7b68239f2b3893aaf43d8838b193b68c81f9964b34c7fe922826814d652b38e220f97edbceb08f23c19a3f265160585d1aa3f7ef5b477b10ae9bb688405de0f2aec88594bf05d6abff2b71a60187595afe91eea80497b6191c23c92ae800c3207047119ac703869051f517ff41e00ba2641c3731acce9ed57383474cfc1e542132accd92b50fc6ff7bd538014ffa642ae29916eabd603ad3a82a3d005c215c188e7eab3b76cd3509869f6b5688cbe160dddf9b577c27bca4834779ff934e3652c5df6054544269e529b06af8ca0a61a8db3612f51092febbcb489e1f3e5563a466f9de8ca985cd71a0e4eb9fbdd9d7a5c3bb76680945bb649343b98603ffbb067a5537e01eb6449ed1c0d5f33c9c926af480106c31768105cea7427a29fb0ebc17bb5fab17937e0a5cf4cc7ce541c91d5c3be18017bafad716fbaaba4e433ccc29f7166ba6e3c8f7d70dc5e2dd620842ef6122d00d936fd5e736d731b091b18bd315c0232bd81f246536ceda2a91f3642d8bfc8673bf6626f1ac230a23d685576a6891bff42f4881eceab88608772999ec3fba3eaa94ca9a7d4cd934a3fa220db5b658721ca80bc9e53aba9e9247dd1234188214376ef81ddcbc52663790342af7ca100fab1c94fcf6dbfcd275d55fa1569f944d527fad163aad24dda3ce0bb8091ffec8ce0b71d406f07396e00a6e0e9cb4fc1244f0b3a2f3063412f7a16c084c71c074dfe398cb0d7f5da525981ad1f0a1e060ac51c3bdc509dca1b5b0e9c1bc232b12b6ed208cccdfebb2e5c4bc1abd1a5e597aaead4f79bcb2e55d86257c21c35089c8631c027c16e28859d3fc39b2391287b7f6c7227b8e193e4d6f8184ab12014d08a13d64136f6e89c4661d33856960f4ea2a6b474ae78433056373145eac67cb3702e327c030d3756a7b349ffb6157ed077040f71ca373f9e3e86ad76272d47a43803fcac6eef3dbbbfd55209fa35e5d0ad3c227ecae64a29f56674e5946b24a17bdfe4913f4bc9346433399462efbbcde49f108803e28f8f0caf6924e2431495c187f29ec73af74d807f8ed521f0abb2809de19fe43f0cfb73d22fc8c47ef73df79f93a415f5dbcded9014ae8e8c93d9b9c881c12867ef0f45beae0b051f635a31536ed6e3002a7ac1659c5f8cf183ca4b4a8ecd56afe2a07496922149ba707de471f4e34645c70be342be938982b5ace83c8af46359de68814da778ee91a313efc9598e2508255dadfd97604bb7f33c48aa60c0b55ea9884d22335eee51478886934c83c17646a75cf80d04f3f2c7e8532daf9236aeb21b8a6475d9712ccfed0cf671804e185505bec2b59398443e20db35627019e20a36c6d8928365fc78a3629f8285eba898e3493ba95da56cd260a7ee3eff637fedf6acb9a9d01d8edf0ec26caddf239c430701a63e2d20863dcde27b3fc75c5a7536ffa15ada3ab92266433d2c354b8e28216955057140f5b27e1d897d6f794c5954d1303f814f8f774592f997ef80f59f4c554fd417f449e48b4512c719b930ea576b7cf62e5f697e7471688afdc4800df34765705d711adecf792ea1355687753112b3c785af90c0a3d674fd52fa3dbc27ea2e5ca186f4ac68201ba5ba1bff23706c3a196992fcd3520e41672ebf608d05d40ede04f4c3e8f2635b9ae84eefdc1f09b4ca293a0c9f5e2a234571005f344f4b5dff997a99984f497f2e3a61e20d3c0dc70d66b3ad24b834a1769977028e40a89a00f929754b2b4a1704310e2ee8ff2a8a8194141210529eda5a41fcaad685b9e6b96fe59c5f4602c1de7816532a819daf1c655a683a75d1ef17aeb68a16251c41ab55102089cfa265bbf71b95a82d87de3aa9ec75a73e5df22abcab3280bd880ac4a260fb4d6be4b3719bd200849bebce64b65b18efa60337a19e44a07e6ad6ea52282efb1c0f1253087f2cd18b81c5772e44dc7848d66f1cd2c72b225552d137524602436a7a6c683615cad94d01e6982951b0ea4eddbb9ef288ca4679f4e5f899965b26b72eac9d1ecdde920101ac763027bf7541dd64684ed12e15fbbf61c85843abefa9879aa527b8cadec7b59ce2c6ee3b1dbd8818930d5342874fab299527491ea6d96d6295722bf8108acb72dbf8ff5a70fdd1be96aad5a744d645e7278f8596ebfa73703e7c80f0aec660fa2fc02a8cb5796c3c84422c806b68d9444342a4a9888905ab345f2180b0c0dd0daed5115198c3ec5f24eb979fb478f159312bd006bed64f1c9cf19e3c99392d7731eae221400a0fc88292a5382517964229fb854c98e6c211430f0df8b9e76e0c31c48ce141615f3c4e8853fd44f2e4d6dae87f4a9ee6565fdc7c4c137477269300c891c589890d73f447b71b5a15a241baa02dab956593e082a8abb9a49dd571ec26e8ffd99b2897378ae35dec8558672cd3a1329e34cafc159d9558a3571e73394df7d46c938ffc880811e68706a1e3f9945dd2d785eda3ce4d29527607bbe5430eba45f208d7bec9c4218c75266eda50e0edb33363612d497ee9b58363dffab150b982364a2496c5bf7ce024fe11cef9c94ab42504c2e"})
r4 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
mmap(&(0x7f0000fec000/0x4000)=nil, 0x4000, 0x0, 0x13, r4, 0x0)
mmap(&(0x7f0000fee000/0xf000)=nil, 0xf000, 0x0, 0x11, r4, 0x0)

7.546745314s ago: executing program 5 (id=2113):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x68800, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000005080000024d564b"])
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x82000, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x200)
ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r3, 0x4068aea3, &(0x7f0000000080)={0xbe, 0x0, 0x1})
r4 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000100), 0x101000, 0x0)
ioctl$BLKSECTGET(r4, 0x1267, &(0x7f0000000140))
ioctl$KVM_GET_MSRS(r3, 0xc008ae88, &(0x7f0000000040))
r5 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='blkio.bfq.io_service_time_recursive\x00', 0x275a, 0x0)
ioctl$FS_IOC_RESVSP(r7, 0x4030582b, &(0x7f0000000300)={0x1100, 0x2, 0x0, 0x6})
r8 = openat$cgroup_procs(r6, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
r9 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r9, 0xc018620c, &(0x7f0000000640)={0x0, 0x0, &(0x7f00000004c0), 0x0, 0x0, 0x0})
write$cgroup_pid(r8, &(0x7f00000001c0), 0x12)
r10 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
openat$cgroup_freezer_state(r6, &(0x7f0000000200), 0x2, 0x0)
ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r10, 0x4068aea3, &(0x7f0000000140)={0xbe, 0x0, 0x1})
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
ioctl$BLKRRPART(r0, 0x125f, 0x0)

7.379148466s ago: executing program 5 (id=2116):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_ro(r1, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
write$cgroup_int(r2, &(0x7f0000000200)=0x1, 0x12)
mkdirat$cgroup(r1, &(0x7f00000000c0)='syz1\x00', 0x1ff)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='freezer.parent_freezing\x00', 0x275a, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000340)={0xdc, 0x0, 0x4})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0xc0042, 0x0)
ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(0xffffffffffffffff, 0x4068aea3, &(0x7f00000001c0)={0xbe, 0x0, 0x1})
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000080)=ANY=[@ANYBLOB="01000000000000002a00004000e0ffff03000083"])
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000001600)=""/78, 0x0})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x0, 0x81, 0x100000, 0x0, 0x2004c8, 0x8000000, 0xfffffffffffffffe, 0x1, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x2], 0xeeee8000, 0x42240})
openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000640)={[0x202a4, 0x7, 0x8000, 0x800000000005, 0x2, 0x5, 0xefffffffffffffff, 0xb, 0x0, 0x7fffffffffffffff, 0x0, 0x9, 0x3, 0x1, 0x8000000000000000, 0xff], 0x0, 0x41845})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
write$cgroup_pid(r2, &(0x7f0000000080), 0x12)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000380)={0x78, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x18, &(0x7f00000001c0)={@flat=@binder={0x73622a85, 0x1, 0x2}, @fd={0x66642a85, 0x0, r0}, @flat=@weak_binder={0x77622a85, 0x100}}, &(0x7f0000000280)={0x0, 0x18, 0x30}}, 0x10}, @release={0x40046306, 0x3}, @clear_death={0x400c630f, 0x1}, @increfs_done={0x40106308, 0x1}], 0x5a, 0x0, &(0x7f0000000000)="1920ff09471b1099c7961fdcc405843a41a786d3ed8ebe8e80e4b4144e1cf51c728b926c80eb2a8e4f6b2dab5b6ac25dd16066dc703442a9132a8dd210e45df98d795a638622681df1cb222612051f612948409bc69ce5464f37"})

7.046711041s ago: executing program 5 (id=2117):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r3, 0x40086602, &(0x7f0000000280)=0x10)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60)
ioctl$KVM_CREATE_PIT2(r5, 0x4040ae77, &(0x7f0000000180)) (async)
ioctl$KVM_CREATE_PIT2(r5, 0x4040ae77, &(0x7f0000000180))
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) (async)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000000)={0x1, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000000)={0x1, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_PIT(r5, 0x8048ae66, &(0x7f0000000080)={[{0x8001, 0x7, 0x0, 0x1c, 0x5, 0x2, 0xd, 0x2, 0xf9, 0x2, 0x80, 0x9, 0x1}, {0x6, 0x80, 0x8, 0xc4, 0x8, 0x7, 0x8, 0x9, 0x7, 0xff, 0x0, 0x81}, {0xe2a5, 0xd, 0x1, 0x9, 0x2, 0x6, 0x9, 0x8, 0x7f, 0x6, 0x56, 0x7, 0x100}], 0x4})
ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f00000003c0)={[0x0, 0x0, 0x8000, 0x40, 0x0, 0x0, 0x2004cb, 0x0, 0xfffffffffffffffe, 0x3, 0x0, 0x4, 0x0, 0x0, 0x0, 0x7fffffff], 0x80a0000})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.swap.events\x00', 0x275a, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101740, 0x179)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) (async)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r9, 0x4188aea7, &(0x7f00000001c0)=ANY=[@ANYBLOB="0200000000000000070000000000008fbd67153b15a2d2b30000000000000000000000b422011c00"])
mount$binderfs(0x0, &(0x7f0000000100)='./binderfs\x00', &(0x7f0000000140), 0x4800, &(0x7f0000000000)=ANY=[@ANYBLOB='fscontext?}'])

6.570768729s ago: executing program 5 (id=2121):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x181040, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) (async)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_SET_GSI_ROUTING(0xffffffffffffffff, 0x4008ae6a, &(0x7f0000000100)={0x2, 0x0, [{0x9, 0x1, 0x0, 0x0, @adapter={0x1, 0x3, 0x4, 0xd7, 0xf055}}, {0xc, 0x1, 0x0, 0x0, @adapter={0x1, 0x8c, 0x1170, 0x4, 0x8}}]}) (async)
ioctl$KVM_SET_GSI_ROUTING(0xffffffffffffffff, 0x4008ae6a, &(0x7f0000000100)={0x2, 0x0, [{0x9, 0x1, 0x0, 0x0, @adapter={0x1, 0x3, 0x4, 0xd7, 0xf055}}, {0xc, 0x1, 0x0, 0x0, @adapter={0x1, 0x8c, 0x1170, 0x4, 0x8}}]})
r2 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000080), 0x2e2002, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000180)={0x5, 0x0, [{0x840, 0x0, 0x800}, {0x8f8, 0x0, 0x78}, {0x1a0, 0x0, 0x5}, {0x19af, 0x0, 0x5}, {0xa99, 0x0, 0x4}]})
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000040)=@arm64={0x3, 0x3, 0x28, '\x00', 0x4}) (async)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000040)=@arm64={0x3, 0x3, 0x28, '\x00', 0x4})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x20400, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) (async)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r6, 0x40345410, &(0x7f0000000400)={{0x1}})
ioctl$SNDRV_TIMER_IOCTL_START(r6, 0x54a0)
ioctl$SNDRV_TIMER_IOCTL_PAUSE(r6, 0x54a3)
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r6, 0x5422)
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r6, 0x54a2) (async)
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r6, 0x54a2)
r7 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r7, 0x4008ae90, &(0x7f0000000240)=ANY=[@ANYBLOB="010000000000000001000000000000000000000000000000001b0300ff"])
ioctl$KVM_SET_MSRS(r7, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="01000000000000008e04"])
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f00000004c0)={0x1, 0x0, [{0x40000070, 0x0, 0x6}]})
r8 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r8, 0xaf01, 0x0) (async)
ioctl$VHOST_SET_VRING_BASE(r8, 0xaf01, 0x0)
syz_clone(0xa61a2100, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
syz_clone(0xa61a2100, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_BALANCE_PROGRESS(r3, 0x4008af10, &(0x7f0000000500)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}})
r9 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x1e1243, 0x0)
ioctl$BLKRRPART(r9, 0x125f, 0x0) (async)
ioctl$BLKRRPART(r9, 0x125f, 0x0)

3.706323653s ago: executing program 3 (id=2153):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x141342, 0x0) (async)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1) (async)
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
mmap(&(0x7f0000797000/0x2000)=nil, 0x2000, 0x3000001, 0x22052, r0, 0x2000)

3.649409304s ago: executing program 3 (id=2156):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x68800, 0x0)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = openat$cgroup_procs(r2, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r3, &(0x7f00000001c0), 0x12)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r4, 0x4068aea3, &(0x7f0000000140)={0xbe, 0x0, 0x1})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$BLKRRPART(r0, 0x125f, 0x0)
r5 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CAP_STEAL_TIME(r5, 0x4068aea3, &(0x7f00000000c0))

3.493648236s ago: executing program 3 (id=2159):
r0 = openat$binfmt_format(0xffffff9c, &(0x7f0000000040)='/proc/sys/fs/binfmt_misc/syz0\x00', 0x2, 0x0)
write$binfmt_format(r0, &(0x7f0000000100)='0\x00', 0xfffffed8) (async)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x181040, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r3, 0x4008ae90, &(0x7f00000008c0)={0x1, 0x0, [{0x1, 0x58e, 0x6, 0x5, 0x2, 0xa7e, 0x3}]})
ioctl$KVM_GET_NESTED_STATE(r3, 0xc080aebe, &(0x7f0000000940)={{0x0, 0x0, 0x80}}) (async)
mount$binderfs(0x0, &(0x7f0000000040)='./binderfs\x00', &(0x7f0000000140), 0x4800, &(0x7f0000000000)={[], [{@seclabel}]})
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup/syz1\x00', 0x200002, 0x0)

3.330148079s ago: executing program 3 (id=2161):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0x3)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CAP_VM_COPY_ENC_CONTEXT_FROM(r2, 0x4068aea3, &(0x7f0000000240))
ioctl$TCSETSW2(r0, 0x5433, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000003c0)={0xc, 0x0, &(0x7f0000000100)=[@acquire={0x40046305, 0x1}, @register_looper], 0x51, 0x0, &(0x7f0000000340)="a89aff67520a7335b849b4f88a6db06e45e3f5e648a65b8003975be8a982d5135e161a783d3d01fddcbd838bac308358a7e349f333e620505e4cf1982c991b516a9e26b6bb537c85f5ad467697f0d78b9a"})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000240)={0x4c, 0x0, &(0x7f0000000140)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x60, 0x18, &(0x7f0000000000)={@fda={0x66646185, 0x8, 0x1, 0x238}, @fd={0x66642a85, 0x0, r3}, @ptr={0x70742a85, 0x0, 0x0, 0x0, 0x0, 0x3}}, &(0x7f0000000280)={0x0, 0x20, 0x38}}, 0x10}], 0x0, 0x0, 0x0})

2.349728654s ago: executing program 3 (id=2169):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000038c0), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000001440)={'\x00', 0x2})
ioctl$TUNSETOFFLOAD(r1, 0x400454c9, 0x9)
ioctl$TUNSETLINK(r1, 0x401054d6, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_PRE_FAULT_MEMORY(r3, 0xc040aed5, &(0x7f0000000200)={0x10000, 0x100000})
ioctl$KVM_PRE_FAULT_MEMORY(r3, 0xc040aed5, &(0x7f0000000080)={0x10000, 0xb000})
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0x6001, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1800001, 0x13, r4, 0x0)

2.236665036s ago: executing program 6 (id=2170):
mount$binderfs(0x0, &(0x7f0000000100)='./binderfs\x00', &(0x7f0000000140), 0x2100000, &(0x7f0000000180)=ANY=[@ANYRES64])
mount$binderfs(0x0, &(0x7f0000000100)='./binderfs\x00', &(0x7f0000000140), 0x2100000, &(0x7f0000000180)=ANY=[@ANYRES64]) (async)

2.186173536s ago: executing program 6 (id=2171):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x2, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000100), 0x200000, 0x0)
r2 = openat(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$FS_IOC_RESVSP(r1, 0x40305828, &(0x7f0000000240)={0x0, 0x2, 0x1ff, 0x4})
openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup/cgroup.procs\x00', 0x40, 0x4)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_PROT_MASK(r2, 0x40087705, &(0x7f0000000000)={0x4, 0x7})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000380)={0x54, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x58, 0x18, &(0x7f00000001c0)={@flat=@binder={0x73622a85, 0x1, 0x2}, @fd={0x66642a85, 0x0, r3}, @ptr={0x70742a85, 0x2, &(0x7f0000000240)=""/13, 0xffffffffffffffe1, 0x0, 0x31}}, &(0x7f0000000280)={0x0, 0x18, 0x30}}, 0x10}, @release={0x40046306, 0x3}], 0x5a, 0x0, &(0x7f00000002c0)="1920ff09471b1099c7961fdcc405843a41a786d3ed8ebe8e80e4b4144e1cf51c728b926c80eb2a8e4f6b2dab5b6ac95dd16066dc703442a9132a8dd210e45df98d795a638622681df1cb222612051f612948409bc69ce5464f37"})

2.118297348s ago: executing program 3 (id=2173):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f00000021c0)='/proc/partitions\x00', 0x0, 0x0)
read$FUSE(r0, &(0x7f0000000180)={0x2020}, 0x2020)
ioctl$KVM_SET_CPUID(r0, 0x4008ae8a, &(0x7f0000000000)={0x1, 0x0, [{0xc0000000, 0x7, 0x2ad, 0x6, 0x8}]})
r1 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r1, 0x40087703, 0x100000002000c)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r2, 0x400455c8, 0x0)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000300)=0x2)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000180))
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000040)=0x2)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000240))
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000080)=0x1)
mmap(&(0x7f0000701000/0x1000)=nil, 0x1000, 0x0, 0x12, r1, 0x0)
mount$binderfs(0x0, &(0x7f0000000100)='./binderfs\x00', &(0x7f0000000140), 0x4800, &(0x7f0000000180)=ANY=[])
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r4, 0x4020aeb2, &(0x7f0000000740)={0x0, 0x12c, @ioapic={0x1000, 0x8, 0x6, 0x3, 0x0, [{0x1, 0x3, 0x3, '\x00', 0x2}, {0x0, 0x5, 0x1, '\x00', 0x8}, {0x7, 0x2b, 0xf3, '\x00', 0x2}, {0x7, 0x2, 0x1c, '\x00', 0x7}, {0x0, 0x3, 0x4, '\x00', 0x58}, {0x80, 0x2, 0xb, '\x00', 0x9}, {0x2, 0x7, 0x5, '\x00', 0x2}, {0x0, 0x81, 0x4, '\x00', 0x22}, {0x9, 0x9, 0x6, '\x00', 0x7}, {0x3, 0x58, 0x81, '\x00', 0x1}, {0x9, 0x8, 0x1, '\x00', 0xfa}, {0x1, 0x7f, 0x2, '\x00', 0x81}, {0x2, 0x4, 0xff, '\x00', 0xa}, {0x7b, 0x1, 0x2, '\x00', 0x5}, {0x7f, 0x4, 0x6, '\x00', 0x6}, {0x1, 0x0, 0x9}, {0xa, 0x1, 0x0, '\x00', 0x7}, {0x80, 0x2, 0x4, '\x00', 0x1}, {0x82, 0x5, 0x6, '\x00', 0x2f}, {0x2, 0x8, 0x0, '\x00', 0xb}, {0x8, 0x41, 0xfe, '\x00', 0x6}, {0x1, 0x4, 0x8, '\x00', 0x8}, {0x0, 0x5, 0x2, '\x00', 0x3}, {0x1, 0x9, 0x6, '\x00', 0xc}]}})
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000080)=0x3)
ioctl$TIOCGLCKTRMIOS(r5, 0x5435, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000001240)={0x2, &(0x7f0000001200)=[{0x81}, {0x6}]})
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r6, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r6, 0x0)
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x60, 0x18, &(0x7f00000001c0)={@fda={0x66646185, 0xfffffffffffffffd, 0x2, 0x36}, @ptr={0x70742a85, 0x0, 0x0, 0x0, 0x0, 0x34}, @flat=@handle={0x73682a85, 0xa}}, &(0x7f0000000280)={0x0, 0x20, 0x48}}, 0x10}], 0x0, 0x0, 0x0})

2.005297669s ago: executing program 6 (id=2174):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000200)={0x73622a85, 0x1081, 0x200000000000})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000240)={0x4, 0x0, &(0x7f00000001c0)=[@enter_looper], 0x52, 0x0, &(0x7f0000000580)="de547e22bade76f1a03b79e954ee20bc43f7fe47218a02ff8ba942478a7b69462fc21aff55002ce55e854564e7d309f20d222f9220c8d9b1b0d196137252587ab17948adf2dcbba03d2f3e0e647c2e70b7a4"})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454da, &(0x7f0000000080)={'batadv0\x00'})
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'dvmrp1\x00', 0x1})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x103442, 0x0)
ioctl$TUNSETIFF(r2, 0x400454da, &(0x7f0000000140)={'batadv0\x00'})
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000100)={'pimreg0\x00', 0x1})
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000180)={'\x00', 0x52d35ce30131f272})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x10}], 0x0, 0x0, 0x0})
r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x200, 0x140)
ioctl$VT_SETMODE(r4, 0x5602, &(0x7f00000000c0)={0x10, 0xa8, 0x8, 0x4, 0x4})
mount$binderfs(0x0, &(0x7f0000000580)='./binderfs\x00', 0x0, 0x4008024, &(0x7f0000000040)={[{@stats}], [{@flag='nolazytime'}, {@seclabel}, {@smackfshat={'smackfshat', 0x3d, 'pAAOS\x06\xb0\xeb\x00\x00\x00\xda'}}]})

1.005389215s ago: executing program 6 (id=2184):
r0 = openat$ttynull(0xffffffffffffff9c, &(0x7f00000001c0), 0x200, 0x0)
ioctl$TIOCSSOFTCAR(r0, 0x541a, &(0x7f0000000200)=0xfbfe)
r1 = openat$selinux_access(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
ioctl$TUNATTACHFILTER(r2, 0x401054d5, &(0x7f0000000480)={0x5, &(0x7f00000004c0)=[{0x0, 0x0, 0x0, 0x4}, {0x20, 0x22}, {0xfffc}, {}, {0x6, 0x0, 0xff}]})
write$selinux_access(r1, 0x0, 0x0)
read(r1, 0x0, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_GET_MSR_INDEX_LIST(r3, 0xc004ae02, 0x0)
r4 = openat$selinux_relabel(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
write$selinux_access(r4, &(0x7f00000004c0)=ANY=[@ANYBLOB="73797374656d5f753a6f626a6563745f723a7570647077645f657865635f742073797374656d5f753a73797374656d5f723afaffffffffffffff3a73302030"], 0x56)
mount$binderfs(0x0, &(0x7f0000000080)='./binderfs\x00', 0x0, 0x2010860, &(0x7f0000000280)=ANY=[@ANYRESDEC=r2])
read(r1, &(0x7f00000000c0)=""/207, 0xcf)

994.397435ms ago: executing program 0 (id=2185):
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000000)={0x10003, 0x0, 0x100000, 0x1000, &(0x7f0000ffc000/0x1000)=nil})
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x553342, 0x0)
r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x481, 0x0)
ioctl$SNAPSHOT_FREE(r1, 0x3314) (async, rerun: 64)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x3000001, 0x22052, r0, 0x2000) (rerun: 64)
openat$ashmem(0xffffffffffffff9c, &(0x7f0000000040), 0x511001, 0x0)
r2 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TCSETSF2(r2, 0x402c542d, &(0x7f0000000000)={0x4, 0x3, 0xffff, 0x10001, 0x9, "04000000cf13ef3024c7160000000000000093", 0xda4, 0x8}) (async)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000040)=0x13)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f0000000080)=ANY=[]) (async, rerun: 32)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0) (async, rerun: 32)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) (async)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x501800, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000500)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async, rerun: 64)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0xffff1000, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async, rerun: 64)
r9 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x2)
ioctl$KVM_RUN(r9, 0xae80, 0x0) (async)
unlinkat(r5, &(0x7f0000000400)='.\x00', 0x200) (async)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
r10 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async)
r11 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000280), 0x8800, 0x0)
read(r11, &(0x7f00000004c0)=""/92, 0x1001) (async, rerun: 32)
close(r11) (async, rerun: 32)
ioctl$TUNSETIFF(r10, 0x400454ca, &(0x7f0000000180)={'pimreg0\x00', 0x1}) (async)
ioctl$TUNSETOFFLOAD(r10, 0x400454ce, 0xa)

901.417916ms ago: executing program 0 (id=2186):
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000196000/0x1000)=nil, 0x1000, 0x0, 0x840000000000a132, 0xffffffffffffffff, 0x0)
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.2MB.rsvd.usage_in_bytes\x00', 0x275a, 0x0)
mmap(&(0x7f0000215000/0x1000)=nil, 0x1000, 0x0, 0x6011, r1, 0x0)
mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r1, 0xd1383000)
mmap(&(0x7f00003b3000/0x4000)=nil, 0x4000, 0x1000007, 0x13, r0, 0x0)
read$FUSE(r1, &(0x7f0000000100)={0x2020, 0x0, 0x0, <r2=>0x0}, 0x2020)
mount$binderfs(&(0x7f0000000040), &(0x7f0000000080)='./binderfs\x00', &(0x7f00000000c0), 0x49, &(0x7f0000002140)={[{@stats}, {@max={'max', 0x3d, 0xfffffffffffffffb}}, {@stats}, {@max={'max', 0x3d, 0x80000001}}, {@stats}], [{@mask={'mask', 0x3d, 'MAY_WRITE'}}, {@uid_gt={'uid>', r2}}]})
openat$ashmem(0xffffffffffffff9c, 0x0, 0x280, 0x0)
mmap(&(0x7f0000fee000/0xf000)=nil, 0xf000, 0x0, 0x11, r0, 0x0)

850.736767ms ago: executing program 6 (id=2187):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x102, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)=ANY=[@ANYBLOB="01000000000000000f478ef8edbd"])
r3 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x6, 0xfffffffffffffffd, 0x0, 0x10000, 0x0, 0x4002004c4, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x8d], 0xeeee8000, 0x2011c0})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
r9 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000022c0), 0x2, 0x0)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r9, 0x4008af60, &(0x7f0000002300)={@local})
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
ioctl$KVM_SET_MSRS(r8, 0x4008ae89, &(0x7f0000000100)=ANY=[@ANYRESOCT=r1, @ANYRES8=0x0, @ANYBLOB="c44ec4caf4d3da74e28cf3a666fabb5752ea8ffde0c6dea17dbe54277a7abddbf5f98b69c1b2c35c0ed6b9ee1c20d265bc981f7ed3937169", @ANYBLOB="80a3b0782b4c39728a7cee71b889b4e36ac2263a4826c39779b6de551bbc2b0003c9aa733e9f7aaa4affa0a98fb97dda646d7d7db18805a61974e4325ad8958f1b2a4e9c00bd5e7f19e0bf04dbce2c6f8eeaac66e7845e9c0156506b559d04b7f8421592c77ead103221d4287a9b74801d80389c33415c8e74536a79ba96c60de67f88e81af2e3a95ccb9790350eab403c9fcad2477e485ec25799cb439ed326692ee3a6f9acc34cbfc2b63b9179ec55a0968be9a5c8bcb79ab893dd1403666e2eb7d3babae6fbc0177927c2a2", @ANYRES8=r7, @ANYRES8=r2, @ANYBLOB="6958d23761d91802f045552c02d926f8", @ANYRES8=0x0])
openat$snapshot(0xffffffffffffff9c, &(0x7f00000002c0), 0x40000, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0)
openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000000), 0x22201, 0x0)
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
r12 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000280), 0x8800, 0x0)
read(r12, &(0x7f0000000080)=""/93, 0xffffff6c)

830.392967ms ago: executing program 0 (id=2188):
ioctl$BINDER_SET_MAX_THREADS(0xffffffffffffffff, 0x40046205, 0x0)
r0 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
openat$pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) (async)
r1 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r2 = openat(r1, &(0x7f0000000040)='./cgroup\x00', 0x40000, 0x35)
read$FUSE(r2, &(0x7f0000002a40)={0x2020}, 0x2020) (async)
read$FUSE(r2, &(0x7f0000002a40)={0x2020}, 0x2020)
ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)

757.814319ms ago: executing program 0 (id=2189):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TIOCGDEV(r0, 0x80045432, &(0x7f0000000240))
r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r2 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r2, 0x0)
write$selinux_load(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="8cff7cf90800000053451e4c696e757879a413031fc007619cc2a25c749126cb43a1c463a36aeb7126c9c9435aa2b32268b091608e103fa1a5d738496954d6f9b102a1c57c86ffc9679d816c"], 0x81)
r3 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$UHID_CREATE2(r3, &(0x7f0000000100)={0xb, {'syz0\x00', 'syz0\x00', 'syz1\x00', 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, "4119202532aeecfcdbb73887feb3f14db126c935954a335f6469a793a06c79d6"}}, 0x138)
write$UHID_DESTROY(r3, &(0x7f0000000340), 0x4)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CAP_X86_GUEST_MODE(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000240))
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000001c0)=@arm64={0x2, 0x8, 0x2, '\x00', 0x8005})
ioctl$KVM_CREATE_IRQCHIP(r6, 0xae60)
ioctl$KVM_CREATE_PIT2(r6, 0x4040ae77, &(0x7f0000000040))
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r7, 0x4008ae89, &(0x7f0000000080)={0x5, 0x0, [{0x391, 0x0, 0x6}, {0xb7b, 0x0, 0x7}, {0xa8e, 0x0, 0xff}, {0x840, 0x0, 0x3}, {0xa3d, 0x0, 0x9}]})
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r7, 0x4090ae82, &(0x7f00000003c0)={[0x60000000000, 0x1000000000, 0x0, 0x43, 0xda1, 0x8, 0x2004cb, 0x0, 0x100001000000, 0xfffffffffffffffe, 0x1, 0x8000, 0x3], 0x3000, 0x202})
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
r8 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x1)
ioctl$KVM_SET_MSRS(r9, 0x4008ae89, &(0x7f0000000080)=ANY=[@ANYBLOB="01000000000000008102"])
prctl$PR_SET_SECUREBITS(0x1c, 0x2)

426.696304ms ago: executing program 0 (id=2190):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = openat$kvm(0xffffff9c, &(0x7f0000000140), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000200)={0x1, 0x0, [{0x11e, 0x0, 0xa1a9}]})
r4 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000380), 0x2, 0x0)
r5 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x12, r5, 0x0)
write$selinux_load(r4, &(0x7f0000000000)={0xf97cff8c, 0x8, 'SE Linux', "a5199fcdafdf3bb7cc4c8bc74a5ec2b0d07a2123b1ffffc2b5877ed2f506d04eb3c4c94cca1ae1060238c6ebf2a309079606000000000000167eaa250489cd9e7c133beb717a0e137489ab04"}, 0x5c)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000040)={0x0, 0x100, 0x0, &(0x7f0000000180)=""/69, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f00000002c0))
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_GET_EXTENDED_ERROR(r6, 0xc0046209, &(0x7f0000001340))

310.328536ms ago: executing program 0 (id=2191):
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/crypto\x00', 0x0, 0x0)
mmap(&(0x7f0000701000/0x1000)=nil, 0x1000, 0x0, 0x12, r0, 0x0)
mkdirat$binderfs(0xffffffffffffff9c, &(0x7f00000019c0)='./binderfs2\x00', 0x1ff)
mount$binderfs(0x0, &(0x7f0000001dc0)='./binderfs2\x00', &(0x7f0000001e00), 0x0, &(0x7f0000001e40)={[{@stats}]})
openat$binderfs(0xffffffffffffff9c, &(0x7f0000002500)='./binderfs2/binder0\x00', 0x0, 0x0)
r1 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000180), 0x240840, 0x0)
read(r1, &(0x7f00000004c0)=""/92, 0x1001)
close(r1)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x800, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$BTRFS_IOC_BALANCE_PROGRESS(r4, 0x84009422, &(0x7f0000000400)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}})
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000840), 0xca800, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r6, 0xae60)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r7, 0x4004ae99, &(0x7f00000001c0)=0x3)
ioctl$KVM_SET_LAPIC(r7, 0x4400ae8f, &(0x7f0000000880)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde9809c8814618e976832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34cf2645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6424923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff0000f5620000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada133b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631def9f126c25ba4f37caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d3130180613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe656c9c46bffbe9dd03970800000000000000d372bdd60200c1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"})
ioctl$BLKBSZGET(0xffffffffffffffff, 0x80081270, &(0x7f0000000d40))
openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0x28001, 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_CHECK_EXTENSION(0xffffffffffffffff, 0xae03, 0x24)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
mount$binderfs(0x0, &(0x7f0000000280)='./binderfs\x00', 0x0, 0x2000063, &(0x7f0000000040)=ANY=[@ANYBLOB="64697273793d0056045459150d95885822fc7c25254d2e77326e3904d5e06c11b0aa78a17e3a240b0bd4a995253e97c218b3cd17f619a7f65410ed45bd1cb83ba9eabceedde59793abd474a4ed51e1fab3004cc25d5cc3723e450b0e4b0e42e0f9dd85807d961db1320307a444d8fcc715201f7e2c0f2c6b356d0c9659055eb382d84a51f0ca71e11b70a4cfd33a2b4f84f233fdc2d81a9084b41723ce1caf64b51447aeab295c2b6916342e96dbb4d6938fca6ff101aee78b252ac29858a4dbbacc970f1a963d41a7a21a8c5fad43db6846c61725b08eff5fece2a20f84874c09265fb4c9ac2a56b9997f1349706090a0574d047aefcac989f10bd2fe025fffa9"])

0s ago: executing program 6 (id=2192):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/custom1\x00', 0x3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'rose0\x00', 0x112})
ioctl$TUNATTACHFILTER(r2, 0x401054d5, &(0x7f0000000040)={0x2, &(0x7f00000002c0)=[{0x7c}, {0x6}]})
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TCSETAW(r3, 0x5407, &(0x7f00000000c0)={0x0, 0x0, 0xfffd, 0x0, 0x0, "e872185081e6c67e"})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000300)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
r4 = syz_clone(0x1022000, 0x0, 0xfffffffffffffc76, 0x0, 0x0, 0x0)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r6 = openat$cgroup_procs(r5, &(0x7f0000000180)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r6, &(0x7f0000000080)=r4, 0x12)
syz_clone(0x0, &(0x7f0000000240)="60e92ed33a4eb0f9153dd0a0354b535ad14fb7a77353e5a0bdc3936dce89d51215dd6197901d690b00e5f8da331e14", 0x2f, &(0x7f00000002c0), &(0x7f0000000380), &(0x7f00000003c0)="23e80c075e524ab192e13f49b0c049596a1feb46ee0f0352e68eed46f82e57d876aaa7afe33f2ce9f1be98b10c71d806e30a6e46834d83e7ee47710c52a236e26774a5192414e5b209574d2b98c68f8ebc64cf66d3014e7abafb7d23b65296c2d89fecaba4a7a06b9a41be02b98d8b2ae0ff4c88d701e3307ab80b8996e8e4232a6ca55f219c56489b8a6196e94c9236dae1759fc7e985e533bdc7df719d334fe95cb5")
r7 = getpid()
r8 = syz_clone(0x58100000, &(0x7f0000001940)="2ef100005822d4453d923f218abf31a7a997d4938ba1721d701c078b205b20d68ff2647406e6c6b84e00477c5c578380163152273d82e17d8345457eb1055e393d38f01038b9b26a01a31a57ad68a77be024d6e203e7889051841b97db1a147be651cd91673fd3050452346ca6556916", 0x70, 0x0, 0x0, 0x0)
prctl$PR_SET_CHILD_SUBREAPER(0x24, 0x1)
r9 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r10 = openat$cgroup_procs(r9, &(0x7f00000009c0)='tasks\x00', 0x2, 0x0)
write$cgroup_pid(r10, &(0x7f0000000380)=r8, 0x12)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000018c0), 0x200000)
syz_clone3(&(0x7f00000016c0)={0x180001080, &(0x7f0000000480), &(0x7f00000004c0), &(0x7f0000000500)=<r11=>0x0, {0x3c}, &(0x7f0000000540)=""/212, 0xd4, &(0x7f0000000680)=""/4096, &(0x7f0000001680)=[0xffffffffffffffff, 0x0, 0x0], 0x3}, 0x58)
r12 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_clone3(&(0x7f0000000600)={0x22000000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000000580)=[r12], 0x1}, 0x58)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000001740)={'\x00', 0x200, 0x0, 0xba, 0x5, 0xffffffff, <r13=>0x0})
r14 = openat$cgroup(0xffffffffffffffff, &(0x7f0000001800)='syz1\x00', 0x200002, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000019c0)={'\x00', 0x0, 0x892, 0xaf4, 0xfde, 0x2, <r15=>r12})
syz_clone3(&(0x7f0000001840)={0x10000, &(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000080), {0x2a}, &(0x7f0000000140)=""/6, 0x6, &(0x7f00000001c0)=""/102, &(0x7f00000017c0)=[r4, r15, r7, r8, r11, r12, r13], 0x7, {r14}}, 0x58)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000640)={0x20, 0x0, &(0x7f0000000280)=[@request_death={0x400c630e, 0x0, 0xfc}, @clear_death], 0x0, 0x0, 0x0})

kernel console output (not intermixed with test programs):

it+0x16/0x60
[   90.549898][ T4205]  exc_page_fault+0x66/0xc0
[   90.549911][ T4205]  asm_exc_page_fault+0x2b/0x30
[   90.549930][ T4205] RIP: 0033:0xa8d53cdb9
[   90.549945][ T4205] Code: Unable to access opcode bytes at 0xa8d53cd8f.
[   90.549953][ T4205] RSP: 002b:00002000000003d8 EFLAGS: 00010217
[   90.549968][ T4205] RAX: 0000000000000000 RBX: 00007f63431b6080 RCX: 00007f6342f8e929
[   90.549979][ T4205] RDX: 00002000000002c0 RSI: 00002000000003d0 RDI: 0000000000002000
[   90.549988][ T4205] RBP: 00007f6343010b39 R08: 0000200000000480 R09: 0000200000000480
[   90.549999][ T4205] R10: 0000200000000440 R11: 0000000000000206 R12: 0000000000000000
[   90.550010][ T4205] R13: 0000000000000000 R14: 00007f63431b6080 R15: 00007ffc1b352fe8
[   90.550024][ T4205]  </TASK>
[   91.031632][ T4205] memory: usage 303976kB, limit 307200kB, failcnt 27260
[   91.038767][ T4205] memory+swap: usage 428800kB, limit 9007199254740988kB, failcnt 0
[   91.046962][ T4205] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[   91.054103][ T4205] Memory cgroup stats for /syz3:
[   91.054242][ T4205] cache 313032704
[   91.063234][ T4205] rss 167936
[   91.094480][ T4205] rss_huge 0
[   91.097786][ T4205] shmem 313032704
[   91.120580][ T4205] mapped_file 0
[   91.124146][ T4205] dirty 0
[   91.127083][ T4205] writeback 12288
[   91.130796][ T4205] workingset_refault_anon 32
[   91.135506][ T4205] workingset_refault_file 6308
[   91.140485][ T4205] swap 127819776
[   91.144135][ T4205] swapcached 159744
[   91.149664][ T4205] pgpgin 318703
[   91.153511][ T4205] pgpgout 242201
[   91.157148][ T4205] pgfault 80154
[   91.160661][ T4205] pgmajfault 7073
[   91.164443][ T4205] inactive_anon 174600192
[   91.168807][ T4205] active_anon 138735616
[   91.173335][ T4205] inactive_file 0
[   91.177123][ T4205] active_file 0
[   91.180695][ T4205] unevictable 0
[   91.184340][ T4205] hierarchical_memory_limit 314572800
[   91.199351][ T4205] hierarchical_memsw_limit 9223372036854771712
[   91.220331][ T4205] total_cache 313032704
[   91.224595][ T4205] total_rss 167936
[   91.228357][ T4205] total_rss_huge 0
[   91.233490][ T4205] total_shmem 313032704
[   91.237928][ T4205] total_mapped_file 0
[   91.242540][ T4205] total_dirty 0
[   91.246102][ T4205] total_writeback 12288
[   91.252060][ T4205] total_workingset_refault_anon 32
[   91.257268][ T4205] total_workingset_refault_file 6308
[   91.262812][ T4205] total_swap 127819776
[   91.266929][ T4205] total_swapcached 159744
[   91.271611][ T4205] total_pgpgin 318703
[   91.275688][ T4205] total_pgpgout 242201
[   91.293720][ T4205] total_pgfault 80154
[   91.298016][ T4205] total_pgmajfault 7073
[   91.302622][ T4205] total_inactive_anon 174600192
[   91.307870][ T4205] total_active_anon 138735616
[   91.314786][ T4205] total_inactive_file 0
[   91.319319][ T4205] total_active_file 0
[   91.323771][ T4205] total_unevictable 0
[   91.328018][ T4205] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.1207,pid=4207,uid=0
[   91.386595][ T4205] Memory cgroup out of memory: Killed process 4207 (syz.3.1207) total-vm:90092kB, anon-rss:944kB, file-rss:22852kB, shmem-rss:0kB, UID:0 pgtables:184kB oom_score_adj:1000
[   91.561307][ T4201] syz.3.1207 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[   91.590799][ T4201] CPU: 0 UID: 0 PID: 4201 Comm: syz.3.1207 Not tainted 6.12.23-syzkaller-gf9fbc66f8444 #0 b8de21ba31122219d6c6778e419c74a11adc861d
[   91.590830][ T4201] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   91.590840][ T4201] Call Trace:
[   91.590846][ T4201]  <TASK>
[   91.590854][ T4201]  __dump_stack+0x21/0x30
[   91.590879][ T4201]  dump_stack_lvl+0x10c/0x190
[   91.590898][ T4201]  ? __cfi_dump_stack_lvl+0x10/0x10
[   91.590916][ T4201]  ? ___ratelimit+0x3f7/0x5a0
[   91.590938][ T4201]  dump_stack+0x19/0x20
[   91.590956][ T4201]  dump_header+0xd7/0x490
[   91.590977][ T4201]  ? __cfi_mem_cgroup_get_max+0x10/0x10
[   91.590994][ T4201]  oom_kill_process+0x4c0/0x7e0
[   91.591017][ T4201]  ? sched_clock_cpu+0x75/0x400
[   91.591035][ T4201]  out_of_memory+0x7ee/0xbd0
[   91.591063][ T4201]  ? __cfi_out_of_memory+0x10/0x10
[   91.591088][ T4201]  ? mutex_lock_killable+0x92/0x1c0
[   91.591105][ T4201]  ? __cfi_mutex_lock_killable+0x10/0x10
[   91.591123][ T4201]  mem_cgroup_out_of_memory+0x279/0x350
[   91.591143][ T4201]  ? drain_obj_stock+0xed0/0xed0
[   91.591163][ T4201]  ? memcg1_oom_prepare+0x2c6/0x3a0
[   91.591183][ T4201]  try_charge_memcg+0x8f7/0xde0
[   91.591201][ T4201]  ? __cfi_try_charge_memcg+0x10/0x10
[   91.591217][ T4201]  ? __alloc_pages_noprof+0x30d/0x6c0
[   91.591234][ T4201]  ? __cfi___alloc_pages_noprof+0x10/0x10
[   91.591250][ T4201]  ? __folio_batch_add_and_move+0x2ab/0x370
[   91.591273][ T4201]  __mem_cgroup_charge+0xf6/0x410
[   91.591291][ T4201]  ? __kasan_check_write+0x18/0x20
[   91.591309][ T4201]  ? _raw_spin_lock+0x8c/0x120
[   91.591328][ T4201]  ? __cfi___mem_cgroup_charge+0x10/0x10
[   91.591347][ T4201]  shmem_alloc_and_add_folio+0x86d/0x1050
[   91.591371][ T4201]  ? put_swap_device+0x130/0x130
[   91.591393][ T4201]  ? shmem_huge_global_enabled+0x2da/0x360
[   91.591414][ T4201]  ? shmem_allowable_huge_orders+0x1f7/0x430
[   91.591434][ T4201]  ? __kasan_check_write+0x18/0x20
[   91.591452][ T4201]  ? _raw_spin_lock+0x8c/0x120
[   91.591471][ T4201]  shmem_get_folio_gfp+0x5f0/0x1380
[   91.591494][ T4201]  ? shmem_get_folio+0xc0/0xc0
[   91.591512][ T4201]  ? follow_page_pte+0xa5c/0xb90
[   91.591528][ T4201]  ? inode_to_bdi+0x6d/0x100
[   91.591545][ T4201]  shmem_write_begin+0xf4/0x270
[   91.591567][ T4201]  generic_perform_write+0x32d/0x960
[   91.591587][ T4201]  ? __cfi_generic_perform_write+0x10/0x10
[   91.591604][ T4201]  ? down_write+0xe9/0x2a0
[   91.591621][ T4201]  ? file_update_time+0xa3/0x220
[   91.591638][ T4201]  shmem_file_write_iter+0x105/0x130
[   91.591655][ T4201]  ? __cfi_shmem_file_write_iter+0x10/0x10
[   91.591671][ T4201]  __kernel_write_iter+0x392/0x830
[   91.591690][ T4201]  ? __cfi_shmem_file_write_iter+0x10/0x10
[   91.591707][ T4201]  ? __cfi___kernel_write_iter+0x10/0x10
[   91.591725][ T4201]  ? get_dump_page+0x160/0x220
[   91.591747][ T4201]  ? __asan_memset+0x39/0x50
[   91.591786][ T4201]  ? iov_iter_bvec+0xc0/0x180
[   91.591808][ T4201]  dump_user_range+0xb06/0xdf0
[   91.591828][ T4201]  ? __cfi_dump_emit+0x10/0x10
[   91.591845][ T4201]  ? __cfi_dump_user_range+0x10/0x10
[   91.591863][ T4201]  ? elf_coredump_extra_notes_write+0x42f/0x4c0
[   91.591884][ T4201]  ? __cfi_elf_coredump_extra_notes_write+0x10/0x10
[   91.591905][ T4201]  elf_core_dump+0x2cd9/0x3810
[   91.591929][ T4201]  ? __cfi_elf_core_dump+0x10/0x10
[   91.591955][ T4201]  ? dump_interrupted+0xf0/0xf0
[   91.591973][ T4201]  ? filp_open+0x182/0x1d0
[   91.591988][ T4201]  ? 0xffffffffff600000
[   91.592000][ T4201]  ? freezing_slow_path+0x113/0x160
[   91.592019][ T4201]  do_coredump+0x1bf7/0x2bd0
[   91.592039][ T4201]  ? __cfi_do_coredump+0x10/0x10
[   91.592061][ T4201]  ? asm_exc_page_fault+0x2b/0x30
[   91.592088][ T4201]  ? __kasan_slab_free+0x6a/0x80
[   91.592109][ T4201]  ? kmem_cache_free+0x1c1/0x4c0
[   91.592128][ T4201]  get_signal+0x11fd/0x14f0
[   91.592147][ T4201]  arch_do_signal_or_restart+0x96/0x720
[   91.592168][ T4201]  ? __cfi_arch_do_signal_or_restart+0x10/0x10
[   91.592190][ T4201]  irqentry_exit_to_user_mode+0x4e/0xb0
[   91.592209][ T4201]  irqentry_exit+0x16/0x60
[   91.592225][ T4201]  exc_page_fault+0x66/0xc0
[   91.592242][ T4201]  asm_exc_page_fault+0x2b/0x30
[   91.592262][ T4201] RIP: 0033:0xa8d53cdb9
[   91.592280][ T4201] Code: Unable to access opcode bytes at 0xa8d53cd8f.
[   91.592288][ T4201] RSP: 002b:00002000000003d8 EFLAGS: 00010217
[   91.592305][ T4201] RAX: 0000000000000000 RBX: 00007f63431b6080 RCX: 00007f6342f8e929
[   91.592318][ T4201] RDX: 00002000000002c0 RSI: 00002000000003d0 RDI: 0000000000002000
[   91.592330][ T4201] RBP: 00007f6343010b39 R08: 0000200000000480 R09: 0000200000000480
[   91.592343][ T4201] R10: 0000200000000440 R11: 0000000000000206 R12: 0000000000000000
[   91.592355][ T4201] R13: 0000000000000000 R14: 00007f63431b6080 R15: 00007ffc1b352fe8
[   91.592369][ T4201]  </TASK>
[   91.594353][ T4201] memory: usage 304388kB, limit 307200kB, failcnt 27874
[   92.069410][ T4201] memory+swap: usage 402116kB, limit 9007199254740988kB, failcnt 0
[   92.077370][ T4201] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[   92.148439][ T4201] Memory cgroup stats for /syz3:
[   92.148694][ T4201] cache 285323264
[   92.211426][ T4201] rss 143360
[   92.235645][ T4201] rss_huge 0
[   92.280838][ T4201] shmem 285323264
[   92.284690][ T4201] mapped_file 0
[   92.288292][ T4201] dirty 0
[   92.301072][ T4201] writeback 0
[   92.305272][ T4201] workingset_refault_anon 32
[   92.327075][ T4201] workingset_refault_file 6308
[   92.353275][ T4923] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   92.355500][ T4201] swap 120377344
[   92.389319][ T4201] swapcached 65536
[   92.401585][ T4201] pgpgin 321549
[   92.416312][ T4201] pgpgout 251840
[   92.425176][ T4201] pgfault 80287
[   92.428662][ T4201] pgmajfault 7073
[   92.456617][ T4928] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1126
[   92.458404][ T4201] inactive_anon 173563904
[   92.509434][ T4201] active_anon 111960064
[   92.518084][ T4930] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[   92.518113][ T4930] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:1050
[   92.532648][ T4201] inactive_file 0
[   92.563895][ T4930] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[   92.563919][ T4930] rust_binder: Read failure Err(EFAULT) in pid:1050
[   92.575951][ T4201] active_file 0
[   92.601191][ T4201] unevictable 0
[   92.607954][ T4201] hierarchical_memory_limit 314572800
[   92.620515][ T4201] hierarchical_memsw_limit 9223372036854771712
[   92.639100][ T4201] total_cache 285323264
[   92.648974][ T4201] total_rss 143360
[   92.657933][ T4201] total_rss_huge 0
[   92.670621][ T4201] total_shmem 285323264
[   92.681819][ T4201] total_mapped_file 0
[   92.691471][ T4201] total_dirty 0
[   92.707965][ T4201] total_writeback 0
[   92.717742][ T4201] total_workingset_refault_anon 32
[   92.729693][ T4201] total_workingset_refault_file 6308
[   92.741004][ T4201] total_swap 120377344
[   92.748418][ T4201] total_swapcached 65536
[   92.757304][ T4201] total_pgpgin 321549
[   92.765804][ T4201] total_pgpgout 251840
[   92.773820][ T4201] total_pgfault 80287
[   92.825523][ T4201] total_pgmajfault 7073
[   92.846298][ T4201] total_inactive_anon 173563904
[   92.865922][ T4201] total_active_anon 111960064
[   92.889828][ T4201] total_inactive_file 0
[   92.899624][ T4201] total_active_file 0
[   92.909834][ T4201] total_unevictable 0
[   92.913895][ T4201] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.1207,pid=4201,uid=0
[   92.969853][ T4201] Memory cgroup out of memory: Killed process 4201 (syz.3.1207) total-vm:90092kB, anon-rss:1072kB, file-rss:22688kB, shmem-rss:0kB, UID:0 pgtables:184kB oom_score_adj:1000
[   93.176740][ T4939] binder: Bad value for 'stats'
[   93.183258][ T4939] binder: Unknown parameter 'fsname'
[   93.310312][ T4941] rust_binder: Write failure EFAULT in pid:1061
[   93.358463][ T4941] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[   93.416815][ T4943] rust_binder: Write failure EFAULT in pid:557
[   93.472213][ T4945] rust_binder: Error while translating object.
[   93.509940][ T4945] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   93.516221][ T4945] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1061
[   93.722867][ T4949] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:559
[   94.051254][ T4955] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   94.084232][ T4955] rust_binder: Error in use_page_slow: ESRCH
[   94.099799][ T4955] rust_binder: use_range failure ESRCH
[   94.118007][ T4955] rust_binder: Failed to allocate buffer. len:4216, is_oneway:false
[   94.132847][ T4955] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[   94.150541][ T4955] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:564
[   94.310142][ T4959] KVM: debugfs: duplicate directory 4959-6
[   94.391045][ T4959] rust_binder: Error in use_page_slow: ESRCH
[   94.391076][ T4959] rust_binder: use_range failure ESRCH
[   94.415898][ T4959] rust_binder: Failed to allocate buffer. len:40, is_oneway:false
[   94.428059][ T4959] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[   94.442948][ T4962] SELinux: security_context_str_to_sid (sytem_u�Gй�:��) failed with errno=-22
[   94.469836][ T4959] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:1065
[   94.730057][ T4968] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[   94.740163][ T4969] binder: Unknown parameter '3tatQ'
[   94.755269][ T4968] rust_binder: Read failure Err(EFAULT) in pid:1068
[   94.964243][ T4979] rust_binder: Failed copying remainder into alloc: EFAULT
[   94.989818][ T4979] rust_binder: Failure in apply_sg: BR_FAILED_REPLY { source: EFAULT }
[   94.997105][ T4979] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[   95.029806][ T4979] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:1072
[   95.140226][   T36] kauditd_printk_skb: 26506 callbacks suppressed
[   95.140243][   T36] audit: type=1400 audit(1750390575.770:22780): avc:  denied  { setattr } for  pid=1840 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   95.191801][ T4984] audit: audit_backlog=65 > audit_backlog_limit=64
[   95.196903][ T1840] audit: audit_backlog=65 > audit_backlog_limit=64
[   95.198321][ T4984] audit: audit_lost=5849 audit_rate_limit=0 audit_backlog_limit=64
[   95.214996][ T1840] audit: audit_lost=5850 audit_rate_limit=0 audit_backlog_limit=64
[   95.223426][ T4984] audit: backlog limit exceeded
[   95.225095][ T1840] audit: backlog limit exceeded
[   95.228492][   T36] audit: type=1400 audit(1750390575.770:22781): avc:  denied  { setattr } for  pid=1840 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   95.245297][ T1840] audit: audit_backlog=65 > audit_backlog_limit=64
[   95.262882][   T36] audit: type=1400 audit(1750390575.770:22782): avc:  denied  { setattr } for  pid=1840 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   95.270505][ T4984] rust_binder: Write failure EFAULT in pid:1074
[   95.304630][ T4991] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   95.990552][ T5005] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   96.043323][ T5005] rust_binder: Error in use_page_slow: ESRCH
[   96.062041][ T5005] rust_binder: use_range failure ESRCH
[   96.068063][ T5005] rust_binder: Failed to allocate buffer. len:4232, is_oneway:false
[   96.104630][ T5005] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[   96.141542][ T5005] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:1137
[   96.195833][ T5009] binder: Bad value for 'stats'
[   96.238929][ T5009] binder: Bad value for 'stats'
[   96.315156][ T5014] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1085
[   96.428152][ T5026] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:1087
[   96.458122][ T5028] __vm_enough_memory: pid: 5028, comm: syz.3.1502, bytes: 281474976845824 not enough memory for the allocation
[   96.608807][ T5033] rust_binder: Write failure EFAULT in pid:1092
[   96.877006][ T5045] kvm: user requested TSC rate below hardware speed
[   96.905607][ T5047] rust_binder: Write failure EFAULT in pid:1098
[   97.191290][ T5063] rust_binder: Write failure EFAULT in pid:1152
[   97.390595][ T5073] rust_binder: Failed to allocate buffer. len:8, is_oneway:true
[   97.396897][ T5073] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[   97.411281][ T5075] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1156
[   97.468029][ T5073] rust_binder: Read failure Err(EFAULT) in pid:1108
[   97.490298][ T5081] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1158
[   97.598941][ T5086] __vm_enough_memory: pid: 5086, comm: syz.0.1523, bytes: 281474976845824 not enough memory for the allocation
[   97.648993][ T5085] __vm_enough_memory: pid: 5085, comm: syz.0.1523, bytes: 281474976845824 not enough memory for the allocation
[   97.669578][ T5088] SELinux: security_context_str_to_sid () failed with errno=-22
[   97.689729][ T5088] SELinux: security_context_str_to_sid () failed with errno=-22
[   98.240095][ T5123] rust_binder: Write failure EFAULT in pid:1119
[   98.636236][ T5133] binder: Bad value for 'max'
[   98.849558][ T5138] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   98.850057][ T5138] rust_binder: Write failure EFAULT in pid:1184
[   99.011657][ T5145] input: syz0 as /devices/virtual/input/input54
[   99.049093][ T5145] input: failed to attach handler leds to device input54, error: -6
[   99.216977][ T5155] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   99.320229][ T5152] rust_binder: Write failure EFAULT in pid:1122
[   99.412929][ T5161] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   99.452752][ T5162] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   99.467973][ T5163] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   99.513052][ T5161] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[   99.534579][ T5161] rust_binder: Read failure Err(EFAULT) in pid:648
[   99.562512][ T5161] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  100.025892][ T5181] rust_binder: BC_FREEZE_NOTIFICATION_DONE 0000000000000000 not found
[  100.067494][ T5181] rust_binder: Write failure EINVAL in pid:662
[  100.159780][   T36] kauditd_printk_skb: 4332 callbacks suppressed
[  100.159798][   T36] audit: type=1400 audit(1750390580.780:27095): avc:  denied  { setattr } for  pid=1840 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  100.217584][ T1840] audit: audit_backlog=65 > audit_backlog_limit=64
[  100.224846][ T5186] audit: audit_backlog=65 > audit_backlog_limit=64
[  100.227688][ T5185] audit: audit_backlog=65 > audit_backlog_limit=64
[  100.238046][ T5185] audit: audit_lost=5858 audit_rate_limit=0 audit_backlog_limit=64
[  100.246016][   T36] audit: type=1400 audit(1750390580.780:27096): avc:  denied  { setattr } for  pid=1840 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  100.254505][ T5186] audit: audit_lost=5859 audit_rate_limit=0 audit_backlog_limit=64
[  100.269336][ T1840] audit: audit_lost=5860 audit_rate_limit=0 audit_backlog_limit=64
[  100.269356][ T1840] audit: backlog limit exceeded
[  100.270974][ T1840] audit: audit_backlog=65 > audit_backlog_limit=64
[  100.277712][ T5185] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[  100.380835][ T5188] binder: Unknown parameter 'sta���loral'
[  100.397876][ T5190] binder: Unknown parameter 'sta���loral'
[  100.486002][ T5193] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:667
[  100.977712][ T5206] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  100.999435][ T5208] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  101.007633][ T5206] rust_binder: Error in use_page_slow: ESRCH
[  101.014125][ T5206] rust_binder: use_range failure ESRCH
[  101.020220][ T5206] rust_binder: Failed to allocate buffer. len:4232, is_oneway:false
[  101.026346][ T5206] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  101.035117][ T5206] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:678
[  101.097377][ T5208] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  101.116240][ T5208] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1135
[  101.145167][ T5211] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  101.146966][ T5208] binder: Unknown parameter '0x0000000000000007'
[  101.176672][ T5210] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  101.224630][ T5210] rust_binder: Write failure EINVAL in pid:680
[  101.343678][ T5213] kvm: kvm [5212]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010004) = 0x3
[  101.372598][ T5213] input: syz0 as /devices/virtual/input/input55
[  101.597558][ T5223] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  101.765791][ T5217] rust_binder: Read failure Err(EFAULT) in pid:1197
[  102.322792][   T12] bridge_slave_1: left allmulticast mode
[  102.336447][   T12] bridge_slave_1: left promiscuous mode
[  102.343383][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  102.347242][ T5238] binder: Unknown parameter 's�'
[  102.355976][   T12] bridge_slave_0: left allmulticast mode
[  102.363968][   T12] bridge_slave_0: left promiscuous mode
[  102.369649][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  102.385160][ T5241] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  102.391808][ T5241] rust_binder: Error in use_page_slow: ESRCH
[  102.398290][ T5241] rust_binder: use_range failure ESRCH
[  102.404340][ T5241] rust_binder: Failed to allocate buffer. len:4232, is_oneway:false
[  102.409883][ T5241] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  102.417959][ T5241] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:689
[  102.488790][   T12] veth1_macvtap: left promiscuous mode
[  102.492987][ T5245] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  102.498009][   T12] veth0_vlan: left promiscuous mode
[  102.703355][ T5236] bridge0: port 1(bridge_slave_0) entered blocking state
[  102.724299][ T5236] bridge0: port 1(bridge_slave_0) entered disabled state
[  102.738700][ T5236] bridge_slave_0: entered allmulticast mode
[  102.757922][ T5236] bridge_slave_0: entered promiscuous mode
[  102.780553][ T5236] bridge0: port 2(bridge_slave_1) entered blocking state
[  102.804116][ T5236] bridge0: port 2(bridge_slave_1) entered disabled state
[  102.819259][ T5236] bridge_slave_1: entered allmulticast mode
[  102.831646][ T5236] bridge_slave_1: entered promiscuous mode
[  102.864418][ T5262] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  102.864437][ T5263] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  102.944137][ T5263] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:1152
[  103.069413][ T5236] bridge0: port 2(bridge_slave_1) entered blocking state
[  103.076518][ T5236] bridge0: port 2(bridge_slave_1) entered forwarding state
[  103.083814][ T5236] bridge0: port 1(bridge_slave_0) entered blocking state
[  103.090857][ T5236] bridge0: port 1(bridge_slave_0) entered forwarding state
[  103.156426][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  103.163839][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  103.192152][  T304] bridge0: port 1(bridge_slave_0) entered blocking state
[  103.199206][  T304] bridge0: port 1(bridge_slave_0) entered forwarding state
[  103.230782][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  103.237916][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  103.306057][ T5266] rust_binder: Write failure EINVAL in pid:1214
[  103.362925][ T5236] veth0_vlan: entered promiscuous mode
[  103.412184][ T5236] veth1_macvtap: entered promiscuous mode
[  104.186456][ T5297] rust_binder: Write failure EINVAL in pid:16
[  104.192203][ T5297] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOMEM }
[  104.204841][ T5297] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOMEM } my_pid:16
[  104.514103][ T5301] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[  105.177353][   T36] kauditd_printk_skb: 4761 callbacks suppressed
[  105.177370][   T36] audit: type=1400 audit(1750390585.800:31818): avc:  denied  { map } for  pid=5326 comm="syz.5.1600" path="/dev/binderfs/binder0" dev="binder" ino=48 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  105.264523][   T36] audit: type=1400 audit(1750390585.800:31819): avc:  denied  { read } for  pid=5326 comm="syz.5.1600" path="/dev/binderfs/binder0" dev="binder" ino=48 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  105.291878][ T3378] audit: audit_backlog=65 > audit_backlog_limit=64
[  105.298389][ T3378] audit: audit_lost=5874 audit_rate_limit=0 audit_backlog_limit=64
[  105.307722][ T5333] audit: audit_backlog=65 > audit_backlog_limit=64
[  105.313095][ T3378] audit: backlog limit exceeded
[  105.322534][ T5334] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  105.327021][ T5333] audit: audit_lost=5875 audit_rate_limit=0 audit_backlog_limit=64
[  105.334592][ T5330] audit: audit_backlog=65 > audit_backlog_limit=64
[  105.345697][   T36] audit: type=1400 audit(1750390585.800:31820): avc:  denied  { setattr } for  pid=3378 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  105.357293][ T5333] audit: backlog limit exceeded
[  105.394121][ T5330] rust_binder: Write failure EINVAL in pid:1164
[  105.522642][ T5341] rust_binder: Error while translating object.
[  105.528953][ T5341] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  105.535233][ T5341] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:38
[  105.599003][ T5343] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  105.632503][ T5343] rust_binder: Read failure Err(EAGAIN) in pid:1240
[  105.686488][ T5345] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  105.715147][ T5345] rust_binder: Error in use_page_slow: ESRCH
[  105.715169][ T5345] rust_binder: use_range failure ESRCH
[  105.725826][ T5343] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1240
[  105.736784][ T5345] rust_binder: Failed to allocate buffer. len:4224, is_oneway:false
[  105.750342][ T5345] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  105.758460][ T5345] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:1168
[  106.039548][ T5359] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  106.060477][ T5359] rust_binder: BC_CLEAR_FREEZE_NOTIFICATION freeze notification not active
[  106.115362][ T5359] rust_binder: Write failure EINVAL in pid:1171
[  106.180760][ T5365] SELinux: security_context_str_to_sid () failed with errno=-22
[  106.228056][ T5365] SELinux: security_context_str_to_sid () failed with errno=-22
[  106.270141][ T5365] SELinux: security_context_str_to_sid () failed with errno=-22
[  106.297972][ T5369] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1174
[  106.304428][ T5365] SELinux: security_context_str_to_sid () failed with errno=-22
[  106.351624][ T5365] SELinux: security_context_str_to_sid () failed with errno=-22
[  106.364662][ T5365] SELinux: security_context_str_to_sid () failed with errno=-22
[  106.379612][ T5371] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  106.381691][ T5371] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  106.388180][ T5371] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1251
[  106.402255][ T5373] rust_binder: Read failure Err(EAGAIN) in pid:1176
[  106.411835][ T5365] SELinux: security_context_str_to_sid () failed with errno=-22
[  106.442468][ T5365] SELinux: security_context_str_to_sid () failed with errno=-22
[  106.451813][ T5365] SELinux: security_context_str_to_sid () failed with errno=-22
[  106.461080][ T5365] SELinux: security_context_str_to_sid () failed with errno=-22
[  106.470444][ T5365] SELinux: security_context_str_to_sid () failed with errno=-22
[  106.479726][ T5365] SELinux: security_context_str_to_sid () failed with errno=-22
[  106.493678][ T5365] SELinux: security_context_str_to_sid () failed with errno=-22
[  106.507878][ T5376] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  106.509176][ T5365] SELinux: security_context_str_to_sid () failed with errno=-22
[  106.525298][ T5365] SELinux: security_context_str_to_sid () failed with errno=-22
[  106.534511][ T5365] SELinux: security_context_str_to_sid () failed with errno=-22
[  106.543721][ T5365] SELinux: security_context_str_to_sid () failed with errno=-22
[  106.557425][ T5365] SELinux: security_context_str_to_sid () failed with errno=-22
[  106.568366][ T5365] SELinux: security_context_str_to_sid () failed with errno=-22
[  106.578643][ T5365] SELinux: security_context_str_to_sid () failed with errno=-22
[  106.588448][ T5365] SELinux: security_context_str_to_sid () failed with errno=-22
[  106.597352][ T5379] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1253
[  106.598665][ T5365] SELinux: security_context_str_to_sid () failed with errno=-22
[  106.617866][ T5365] SELinux: security_context_str_to_sid () failed with errno=-22
[  106.627357][ T5365] SELinux: security_context_str_to_sid () failed with errno=-22
[  106.636542][ T5365] SELinux: security_context_str_to_sid () failed with errno=-22
[  106.645979][ T5365] SELinux: security_context_str_to_sid () failed with errno=-22
[  106.655297][ T5365] SELinux: security_context_str_to_sid () failed with errno=-22
[  106.666090][ T5365] SELinux: security_context_str_to_sid () failed with errno=-22
[  106.675349][ T5365] SELinux: security_context_str_to_sid () failed with errno=-22
[  106.684618][ T5365] SELinux: security_context_str_to_sid () failed with errno=-22
[  106.693833][ T5365] SELinux: security_context_str_to_sid () failed with errno=-22
[  106.715981][ T5365] SELinux: security_context_str_to_sid () failed with errno=-22
[  106.730840][ T5365] SELinux: security_context_str_to_sid () failed with errno=-22
[  106.907158][ T5383] rust_binder: Failed to allocate buffer. len:4192, is_oneway:false
[  106.968571][ T5387] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  106.976679][ T5386] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  107.304406][ T5390] binder: Unknown parameter 'defcontext01777777777777777777777'
[  107.440889][ T5396] binder: Bad value for 'stats'
[  107.568086][ T5398] rust_binder: Write failure EINVAL in pid:1258
[  107.603854][ T5401] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  107.793801][ T5404] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  107.803395][ T5405] rust_binder: Error while translating object.
[  107.803442][ T5405] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  107.819568][ T5405] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1193
[  108.146481][ T5423] input: syz1 as /devices/virtual/input/input56
[  108.667653][ T5433] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  109.109800][ T5445] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  109.128002][ T5445] rust_binder: Error while translating object.
[  109.137064][ T5445] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  109.143945][ T5445] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1213
[  109.256367][ T5451] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  109.284128][ T5451] rust_binder: Failed to allocate buffer. len:16, is_oneway:false
[  109.430158][ T5461] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  109.449118][ T5463] rust_binder: Write failure EFAULT in pid:1222
[  109.480624][ T5461] SELinux: failed to load policy
[  109.507287][ T5466] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[  109.545585][ T5466] SELinux: failed to load policy
[  109.565535][ T5468] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  109.673799][ T5470] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  109.700733][ T5472] rust_binder: Error in use_page_slow: ESRCH
[  109.718287][ T5470] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  109.734125][ T5472] rust_binder: use_range failure ESRCH
[  109.748984][ T5470] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  109.767076][ T5472] rust_binder: Failed to allocate buffer. len:4216, is_oneway:false
[  109.801424][ T5470] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  109.809837][ T5472] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  109.831053][ T5470] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  109.841821][ T5472] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:1226
[  109.862966][ T5470] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  109.916156][ T5470] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  109.942326][ T5470] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  109.980058][ T5470] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  110.004042][ T5470] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  110.030898][ T5470] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  110.037616][ T5470] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  110.050081][ T5480] rust_binder: Write failure EFAULT in pid:1284
[  110.062313][ T5470] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  110.068826][ T5470] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  110.091299][ T5470] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  110.098017][ T5470] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  110.140004][ T5470] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  110.146713][ T5470] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  110.170572][ T5470] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  110.177266][ T5470] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  110.184537][   T36] kauditd_printk_skb: 4882 callbacks suppressed
[  110.184554][   T36] audit: type=1400 audit(1750390590.810:36677): avc:  denied  { setattr } for  pid=3378 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  110.200046][ T5470] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  110.224374][   T36] audit: type=1400 audit(1750390590.810:36678): avc:  denied  { setattr } for  pid=3378 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  110.259295][ T5486] rust_binder: Write failure EFAULT in pid:1286
[  110.264367][   T36] audit: type=1400 audit(1750390590.810:36679): avc:  denied  { setattr } for  pid=3378 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  110.297961][   T36] audit: type=1400 audit(1750390590.810:36680): avc:  denied  { setattr } for  pid=3378 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  110.300066][ T5470] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  110.321981][   T36] audit: type=1400 audit(1750390590.810:36681): avc:  denied  { setattr } for  pid=3378 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  110.345207][ T3378] audit: audit_backlog=65 > audit_backlog_limit=64
[  110.358569][ T5470] audit: audit_backlog=65 > audit_backlog_limit=64
[  110.365151][ T3378] audit: audit_lost=5885 audit_rate_limit=0 audit_backlog_limit=64
[  110.370121][   T36] audit: type=1400 audit(1750390590.810:36682): avc:  denied  { setattr } for  pid=3378 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  110.373984][ T5489] audit: audit_backlog=65 > audit_backlog_limit=64
[  110.397226][ T5470] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  110.403077][ T5470] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  110.414726][ T5470] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  110.460075][ T5470] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  110.475632][ T5470] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  110.632335][ T5497] rust_binder: Write failure EFAULT in pid:1291
[  110.724654][ T5502] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  110.741084][ T5501] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  110.891685][ T5511] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  110.910418][ T5512] rust_binder: Error in use_page_slow: ESRCH
[  110.925785][ T5511] rust_binder: Failed to allocate buffer. len:4224, is_oneway:false
[  110.943698][ T5512] rust_binder: use_range failure ESRCH
[  110.944946][ T5514] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  110.968011][ T5511] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOSPC }
[  110.993159][ T5512] rust_binder: Failed to allocate buffer. len:4224, is_oneway:false
[  111.008089][ T5511] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOSPC } my_pid:1232
[  111.016472][ T5512] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  111.027371][ T5520] rust_binder: Error while translating object.
[  111.054007][ T5520] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  111.069807][ T5520] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1298
[  111.069832][ T5512] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:1232
[  111.119323][ T5514] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  111.147888][ T5526] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  111.201481][ T5530] Bluetooth: hci0: Frame reassembly failed (-84)
[  111.225370][  T304] Bluetooth: hci0: Frame reassembly failed (-84)
[  111.257897][ T5530] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  111.331907][ T5532] rust_binder: Failed to allocate buffer. len:88, is_oneway:false
[  111.410602][ T5534] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  111.431489][ T5534] rust_binder: Error in use_page_slow: ESRCH
[  111.460897][ T5534] rust_binder: use_range failure ESRCH
[  111.489181][ T5534] rust_binder: Failed to allocate buffer. len:4240, is_oneway:false
[  111.508270][ T5534] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  111.535529][ T5534] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:1305
[  111.544423][ T5542] binder: Bad value for 'max'
[  111.771389][ T5544] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1308
[  111.900059][ T5548] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  112.111342][ T5558] binder: Unknown parameter 'obj_role'
[  112.169528][ T5560] binder: Unknown parameter 'context'
[  112.191507][ T5560] binder: Bad value for 'max'
[  112.211489][ T5560] binder: Bad value for 'max'
[  112.314998][ T5564] rust_binder: Failed to allocate buffer. len:152, is_oneway:true
[  112.337263][ T5566] binder: Unknown parameter 'dont_hash'
[  112.370935][ T5566] input: syz0 as /devices/virtual/input/input62
[  112.542265][ T5569] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  112.661889][ T5569] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  112.767482][ T5569] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  112.799797][ T5569] rust_binder: Read failure Err(EFAULT) in pid:114
[  112.812382][ T5571] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  112.819552][ T5573] rust_binder: Failed to allocate buffer. len:16, is_oneway:false
[  112.834384][ T5569] rust_binder: Write failure EFAULT in pid:114
[  112.910863][ T5572] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1322
[  113.229767][   T53] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  113.229777][  T865] Bluetooth: hci0: command 0x1003 tx timeout
[  113.518279][ T5588] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  113.524637][ T5588] rust_binder: Error in use_page_slow: ESRCH
[  113.552207][ T5588] rust_binder: use_range failure ESRCH
[  113.561513][ T5588] rust_binder: Failed to allocate buffer. len:4240, is_oneway:false
[  113.571693][ T5588] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  113.579768][ T5588] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:1240
[  113.661063][ T5594] binder: Binderfs stats mode cannot be changed during a remount
[  113.701231][ T5592] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  113.727796][ T5591] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  113.774413][ T5598] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  113.823335][ T5591] rust_binder: Failed to allocate buffer. len:112, is_oneway:false
[  114.116807][ T5614] rust_binder: Write failure EINVAL in pid:1335
[  114.139300][ T5614] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  114.167483][ T5614] rust_binder: Read failure Err(EFAULT) in pid:1335
[  114.203387][ T5616] rust_binder: Failed to allocate buffer. len:128, is_oneway:false
[  114.215671][ T5616] rust_binder: Error while translating object.
[  114.249802][ T5616] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  114.283085][ T5619] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[  114.302435][ T5616] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:130
[  114.340612][ T5621] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  114.370480][ T5622] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  114.387294][ T5622] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1252
[  114.576235][ T5635] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=io+mem:owns=io+mem
[  114.632837][ T5631] SELinux: security_context_str_to_sid (sytem_u�Gй) failed with errno=-22
[  114.638661][ T5635] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem
[  114.667533][ T5631] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  114.668425][ T5635] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  114.685617][ T5635] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  114.693657][ T5635] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1343
[  114.828968][ T5648] binder: Unknown parameter 's'
[  114.978765][ T5654] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:141
[  115.190215][   T36] kauditd_printk_skb: 4455 callbacks suppressed
[  115.190232][   T36] audit: type=1400 audit(1750390595.820:40989): avc:  denied  { setattr } for  pid=3378 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  115.237057][  T291] audit: audit_backlog=65 > audit_backlog_limit=64
[  115.237102][ T3378] audit: audit_backlog=65 > audit_backlog_limit=64
[  115.243743][  T291] audit: audit_lost=5936 audit_rate_limit=0 audit_backlog_limit=64
[  115.259135][ T3378] audit: audit_lost=5937 audit_rate_limit=0 audit_backlog_limit=64
[  115.259490][  T291] audit: backlog limit exceeded
[  115.267093][   T36] audit: type=1400 audit(1750390595.820:40990): avc:  denied  { setattr } for  pid=3378 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  115.267118][   T36] audit: type=1400 audit(1750390595.820:40991): avc:  denied  { setattr } for  pid=3378 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  115.289982][ T5661] audit: audit_backlog=65 > audit_backlog_limit=64
[  115.309834][ T3378] audit: backlog limit exceeded
[  115.330664][ T5661] rust_binder: Write failure EFAULT in pid:1351
[  115.637547][ T5673] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  115.648469][ T5674] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  115.649534][ T5673] rust_binder: Error in use_page_slow: ESRCH
[  115.663096][ T5673] rust_binder: use_range failure ESRCH
[  115.669195][ T5673] rust_binder: Failed to allocate buffer. len:4224, is_oneway:false
[  115.685233][ T5673] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  115.694009][ T5673] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:1263
[  115.725372][ T5675] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1358
[  115.752467][ T5677] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  115.788644][ T5677] rust_binder: Error while translating object.
[  115.795224][ T5677] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOENT }
[  115.801530][ T5677] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:1265
[  115.873017][ T5679] binder: Unknown parameter 'sta+�'
[  116.050692][ T5684] SELinux: syz.0.1716 (5684) set checkreqprot to 1. This is no longer supported.
[  116.130745][ T5690] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  116.130771][ T5690] rust_binder: Read failure Err(EFAULT) in pid:1277
[  116.134064][ T5692] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  116.149883][ T5692] rust_binder: Read failure Err(EFAULT) in pid:1277
[  116.179285][ T5689] rust_binder: Error in use_page_slow: ESRCH
[  116.189836][ T5689] rust_binder: use_range failure ESRCH
[  116.209788][ T5689] rust_binder: Failed to allocate buffer. len:112, is_oneway:true
[  116.215279][ T5689] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  116.270466][ T5694] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  116.270704][ T5689] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:1277
[  116.291650][ T5694] rust_binder: Got transaction with invalid offset.
[  116.323175][ T5694] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  116.339787][ T5694] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:154
[  116.404818][ T5696] binder: Unknown parameter 'fscontext?}'
[  116.679011][ T5707] geneve1: tun_chr_ioctl cmd 1074025672
[  116.698801][ T5707] geneve1: ignored: set checksum enabled
[  116.736171][ T5707] SELinux: security_context_str_to_sid () failed with errno=-22
[  116.769424][ T5708] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1282
[  116.772591][ T5708] rust_binder: Error in use_page_slow: ESRCH
[  116.791650][ T5708] rust_binder: use_range failure ESRCH
[  116.797671][ T5708] rust_binder: Failed to allocate buffer. len:128, is_oneway:false
[  116.808684][ T5708] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  116.816891][ T5708] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:1282
[  117.097714][ T5719] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  117.118635][ T5719] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1365
[  117.170884][ T5721] rust_binder: Error while translating object.
[  117.211520][ T5721] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBADF }
[  117.217775][ T5721] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EBADF } my_pid:167
[  117.351333][ T5730] rust_binder: BC_FREEZE_NOTIFICATION_DONE 0000000000000000 not found
[  117.382272][ T5730] rust_binder: Write failure EINVAL in pid:1291
[  117.462182][ T5737] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 4200, limit: 4216, size: 89)
[  117.468458][ T5737] rust_binder: Error while translating object.
[  117.499797][ T5737] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  117.510670][ T5737] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:174
[  117.520691][ T5740] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:1293
[  117.552008][ T5742] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  117.657401][ T5743] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1374
[  117.762476][ T5751] rust_binder: Write failure EFAULT in pid:1295
[  118.012856][  T304] Bluetooth: hci0: Frame reassembly failed (-84)
[  118.042681][   T12] bridge_slave_1: left allmulticast mode
[  118.056277][   T12] bridge_slave_1: left promiscuous mode
[  118.064471][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  118.073602][   T12] bridge_slave_0: left allmulticast mode
[  118.083986][   T12] bridge_slave_0: left promiscuous mode
[  118.097032][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  118.125408][ T5771] rust_binder: Write failure EFAULT in pid:188
[  118.125646][ T5771] rust_binder: Write failure EFAULT in pid:188
[  118.141967][ T5771] rust_binder: Write failure EFAULT in pid:188
[  118.155284][ T5771] rust_binder: Write failure EFAULT in pid:188
[  118.161797][ T5771] rust_binder: Write failure EFAULT in pid:188
[  118.168156][ T5771] rust_binder: Write failure EFAULT in pid:188
[  118.175205][ T5771] rust_binder: Write failure EFAULT in pid:188
[  118.181583][ T5771] rust_binder: Write failure EFAULT in pid:188
[  118.188005][ T5771] rust_binder: Write failure EFAULT in pid:188
[  118.194374][ T5771] rust_binder: Write failure EFAULT in pid:188
[  118.200767][ T5771] rust_binder: Write failure EFAULT in pid:188
[  118.207074][ T5771] rust_binder: Write failure EFAULT in pid:188
[  118.213481][ T5771] rust_binder: Write failure EFAULT in pid:188
[  118.219848][ T5771] rust_binder: Write failure EFAULT in pid:188
[  118.226190][ T5771] rust_binder: Write failure EFAULT in pid:188
[  118.232596][ T5771] rust_binder: Write failure EFAULT in pid:188
[  118.238907][ T5771] rust_binder: Write failure EFAULT in pid:188
[  118.245433][ T5771] rust_binder: Write failure EFAULT in pid:188
[  118.251794][ T5771] rust_binder: Write failure EFAULT in pid:188
[  118.258136][ T5771] rust_binder: Write failure EFAULT in pid:188
[  118.264553][ T5771] rust_binder: Write failure EFAULT in pid:188
[  118.270908][ T5771] rust_binder: Write failure EFAULT in pid:188
[  118.277259][ T5771] rust_binder: Write failure EFAULT in pid:188
[  118.283671][ T5771] rust_binder: Write failure EFAULT in pid:188
[  118.290034][ T5771] rust_binder: Write failure EFAULT in pid:188
[  118.296347][ T5771] rust_binder: Write failure EFAULT in pid:188
[  118.304195][ T5771] rust_binder: Write failure EFAULT in pid:188
[  118.310676][ T5771] rust_binder: Write failure EFAULT in pid:188
[  118.317082][ T5771] rust_binder: Write failure EFAULT in pid:188
[  118.323561][ T5771] rust_binder: Write failure EFAULT in pid:188
[  118.329999][ T5771] rust_binder: Write failure EFAULT in pid:188
[  118.336441][ T5771] rust_binder: Write failure EFAULT in pid:188
[  118.342862][ T5771] rust_binder: Write failure EFAULT in pid:188
[  118.349399][ T5771] rust_binder: Write failure EFAULT in pid:188
[  118.358253][ T5771] rust_binder: Write failure EFAULT in pid:188
[  118.364729][ T5771] rust_binder: Write failure EFAULT in pid:188
[  118.371078][   T12] veth1_macvtap: left promiscuous mode
[  118.371478][ T5771] rust_binder: Write failure EFAULT in pid:188
[  118.378578][   T12] veth0_vlan: left promiscuous mode
[  118.382958][ T5771] rust_binder: Write failure EFAULT in pid:188
[  118.394546][ T5771] rust_binder: Write failure EFAULT in pid:188
[  118.401667][ T5771] rust_binder: Write failure EFAULT in pid:188
[  118.408244][ T5771] rust_binder: Write failure EFAULT in pid:188
[  118.420653][ T5771] rust_binder: Write failure EFAULT in pid:188
[  118.432124][ T5771] rust_binder: Write failure EFAULT in pid:188
[  118.449116][ T5771] rust_binder: Write failure EFAULT in pid:188
[  118.461639][ T5771] rust_binder: Write failure EFAULT in pid:188
[  118.475207][ T5771] rust_binder: Write failure EFAULT in pid:188
[  118.485731][ T5771] rust_binder: Write failure EFAULT in pid:188
[  118.500797][ T5771] rust_binder: Write failure EFAULT in pid:188
[  118.507358][ T5771] rust_binder: Write failure EFAULT in pid:188
[  118.515509][ T5771] rust_binder: Write failure EFAULT in pid:188
[  118.522205][ T5771] rust_binder: Write failure EFAULT in pid:188
[  118.528882][ T5771] rust_binder: Write failure EFAULT in pid:188
[  118.535935][ T5771] rust_binder: Write failure EFAULT in pid:188
[  118.550164][ T5771] rust_binder: Write failure EFAULT in pid:188
[  118.556582][ T5771] rust_binder: Write failure EFAULT in pid:188
[  118.569967][ T5771] rust_binder: Write failure EFAULT in pid:188
[  118.576409][ T5771] rust_binder: Write failure EFAULT in pid:188
[  118.583504][ T5771] rust_binder: Write failure EFAULT in pid:188
[  118.590153][ T5771] rust_binder: Write failure EFAULT in pid:188
[  118.596669][ T5771] rust_binder: Write failure EFAULT in pid:188
[  118.603175][ T5771] rust_binder: Write failure EFAULT in pid:188
[  118.609641][ T5771] rust_binder: Write failure EFAULT in pid:188
[  118.610831][ T5755] bridge0: port 1(bridge_slave_0) entered blocking state
[  118.616153][ T5771] rust_binder: Write failure EFAULT in pid:188
[  118.623005][ T5755] bridge0: port 1(bridge_slave_0) entered disabled state
[  118.629479][ T5771] rust_binder: Write failure EFAULT in pid:188
[  118.636059][ T5755] bridge_slave_0: entered allmulticast mode
[  118.642479][ T5771] rust_binder: Write failure EFAULT in pid:188
[  118.649598][ T5755] bridge_slave_0: entered promiscuous mode
[  118.668105][ T5755] bridge0: port 2(bridge_slave_1) entered blocking state
[  118.675243][ T5755] bridge0: port 2(bridge_slave_1) entered disabled state
[  118.682378][ T5755] bridge_slave_1: entered allmulticast mode
[  118.688601][ T5755] bridge_slave_1: entered promiscuous mode
[  118.766787][ T5786] rust_binder: Read failure Err(EAGAIN) in pid:194
[  118.874881][ T5755] bridge0: port 2(bridge_slave_1) entered blocking state
[  118.888458][ T5755] bridge0: port 2(bridge_slave_1) entered forwarding state
[  118.895765][ T5755] bridge0: port 1(bridge_slave_0) entered blocking state
[  118.902832][ T5755] bridge0: port 1(bridge_slave_0) entered forwarding state
[  118.982335][  T304] bridge0: port 1(bridge_slave_0) entered disabled state
[  118.989599][  T304] bridge0: port 2(bridge_slave_1) entered disabled state
[  119.003096][  T305] bridge0: port 1(bridge_slave_0) entered blocking state
[  119.010193][  T305] bridge0: port 1(bridge_slave_0) entered forwarding state
[  119.020911][  T304] bridge0: port 2(bridge_slave_1) entered blocking state
[  119.027978][  T304] bridge0: port 2(bridge_slave_1) entered forwarding state
[  119.114145][ T5795] rust_binder: Write failure EFAULT in pid:1388
[  119.121800][ T5755] veth0_vlan: entered promiscuous mode
[  119.203651][ T5755] veth1_macvtap: entered promiscuous mode
[  119.311889][ T5805] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:203
[  119.362976][ T5811] rust_binder: Write failure EINVAL in pid:205
[  119.372516][ T5811] rust_binder: Write failure EINVAL in pid:205
[  119.379025][ T5811] rust_binder: Write failure EINVAL in pid:205
[  119.385608][ T5811] rust_binder: Write failure EINVAL in pid:205
[  119.393575][ T5811] rust_binder: Write failure EINVAL in pid:205
[  119.400333][ T5811] rust_binder: Write failure EINVAL in pid:205
[  119.406866][ T5811] rust_binder: Write failure EINVAL in pid:205
[  119.417898][ T5811] rust_binder: Write failure EINVAL in pid:205
[  119.425136][ T5811] rust_binder: Write failure EINVAL in pid:205
[  119.432289][ T5811] rust_binder: Write failure EINVAL in pid:205
[  119.438786][ T5811] rust_binder: Write failure EINVAL in pid:205
[  119.459040][ T5811] rust_binder: Write failure EINVAL in pid:205
[  119.466580][ T5811] rust_binder: Write failure EINVAL in pid:205
[  119.490409][ T5811] rust_binder: Write failure EINVAL in pid:205
[  119.510494][ T5811] rust_binder: Write failure EINVAL in pid:205
[  119.526187][ T5811] rust_binder: Write failure EINVAL in pid:205
[  119.536314][ T5811] rust_binder: Write failure EINVAL in pid:205
[  119.550789][ T5811] rust_binder: Write failure EINVAL in pid:205
[  119.557366][ T5816] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  119.564157][ T5811] rust_binder: Write failure EINVAL in pid:205
[  119.570999][ T5811] rust_binder: Write failure EINVAL in pid:205
[  119.577473][ T5811] rust_binder: Write failure EINVAL in pid:205
[  119.584859][ T5811] rust_binder: Write failure EINVAL in pid:205
[  119.592236][ T5811] rust_binder: Write failure EINVAL in pid:205
[  119.598665][ T5811] rust_binder: Write failure EINVAL in pid:205
[  119.605219][ T5811] rust_binder: Write failure EINVAL in pid:205
[  119.612473][ T5811] rust_binder: Write failure EINVAL in pid:205
[  119.618946][ T5811] rust_binder: Write failure EINVAL in pid:205
[  119.624770][ T5817] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  119.625569][ T5811] rust_binder: Write failure EINVAL in pid:205
[  119.632297][ T5817] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1395
[  119.641477][ T5811] rust_binder: Write failure EINVAL in pid:205
[  119.656276][ T5811] rust_binder: Write failure EINVAL in pid:205
[  119.662741][ T5811] rust_binder: Write failure EINVAL in pid:205
[  119.669090][ T5811] rust_binder: Write failure EINVAL in pid:205
[  119.675538][ T5811] rust_binder: Write failure EINVAL in pid:205
[  119.989216][ T5828] rust_binder: Failed to allocate buffer. len:136, is_oneway:false
[  120.029831][   T53] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  120.029852][  T865] Bluetooth: hci0: command 0x1003 tx timeout
[  120.154487][ T5835] tap0: tun_chr_ioctl cmd 2148553947
[  120.212360][   T36] kauditd_printk_skb: 2842 callbacks suppressed
[  120.212390][   T36] audit: type=1400 audit(1750390600.840:43763): avc:  denied  { write } for  pid=5836 comm="syz.6.1762" name="kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  120.276875][   T36] audit: type=1400 audit(1750390600.840:43764): avc:  denied  { write open } for  pid=5836 comm="syz.6.1762" path="/dev/kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  120.317497][   T36] audit: type=1400 audit(1750390600.840:43765): avc:  denied  { ioctl } for  pid=5836 comm="syz.6.1762" path="/dev/kvm" dev="devtmpfs" ino=13 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  120.369182][   T36] audit: type=1400 audit(1750390600.870:43766): avc:  denied  { read write } for  pid=5836 comm="syz.6.1762" name="rnullb0" dev="devtmpfs" ino=31 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  120.449953][   T36] audit: type=1400 audit(1750390600.870:43767): avc:  denied  { read open } for  pid=5836 comm="syz.6.1762" path="/dev/rnullb0" dev="devtmpfs" ino=31 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  120.493085][ T5845] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  120.511188][   T36] audit: type=1400 audit(1750390600.890:43768): avc:  denied  { read } for  pid=5838 comm="syz.5.1763" name="ashmem" dev="devtmpfs" ino=201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  120.545410][ T5845] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  120.548446][ T5853] audit: audit_backlog=65 > audit_backlog_limit=64
[  120.579653][ T5851] audit: audit_backlog=65 > audit_backlog_limit=64
[  120.586351][   T36] audit: type=1400 audit(1750390600.890:43769): avc:  denied  { read open } for  pid=5838 comm="syz.5.1763" path="/dev/ashmem" dev="devtmpfs" ino=201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  120.599227][ T5853] audit: audit_lost=5962 audit_rate_limit=0 audit_backlog_limit=64
[  120.757492][ T5861] rust_binder: Write failure EFAULT in pid:218
[  120.766243][ T5859] rust_binder: Write failure EINVAL in pid:1402
[  120.815811][ T5866] rust_binder: BC_CLEAR_FREEZE_NOTIFICATION invalid ref 1
[  120.847281][ T5866] rust_binder: Write failure EINVAL in pid:22
[  120.887391][ T5871] rust_binder: Write failure EINVAL in pid:1404
[  121.437693][ T5906] binder: Binderfs stats mode cannot be changed during a remount
[  121.520873][ T5911] input: syz0 as /devices/virtual/input/input66
[  121.559805][ T5913] rust_binder: Write failure EFAULT in pid:1327
[  121.579613][ T5913] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1327
[  121.819419][ T5921] rust_binder: BC_REQUEST_FREEZE_NOTIFICATION already set
[  121.850895][ T5921] rust_binder: Write failure EINVAL in pid:1334
[  121.876830][ T5925] SELinux: security_context_str_to_sid (sytem_u�Gй) failed with errno=-22
[  121.976133][ T5929] binder: Bad value for 'max'
[  121.998601][ T5931] rust_binder: Write failure EINVAL in pid:1338
[  122.031926][ T5936] rust_binder: BC_REQUEST_FREEZE_NOTIFICATION already set
[  122.045342][ T5936] rust_binder: Write failure EINVAL in pid:238
[  122.226435][ T5949] rust_binder: Failed to allocate buffer. len:16, is_oneway:false
[  122.269017][ T5950] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  122.443322][ T5957] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:37
[  122.741518][ T5981] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1358
[  122.804556][ T5987] rust_binder: Write failure EINVAL in pid:1358
[  122.940304][ T5994] binder: Unknown parameter 'dont_hash'
[  123.162983][ T5998] rust_binder: Failed to allocate buffer. len:128, is_oneway:false
[  123.414920][ T6002] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  123.429974][ T6002] rust_binder: Error in use_page_slow: ESRCH
[  123.437277][ T6002] rust_binder: use_range failure ESRCH
[  123.443417][ T6002] rust_binder: Failed to allocate buffer. len:4224, is_oneway:false
[  123.448924][ T6002] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  123.457067][ T6002] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:1427
[  123.495650][ T6004] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  123.515333][ T6011] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1432
[  123.594304][ T6014] binder: Unknown parameter 'fscontext?}'
[  123.723966][ T6020] random: crng reseeded on system resumption
[  123.748019][ T6020] rust_binder: Write failure EINVAL in pid:48
[  123.784885][ T6022] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  123.802836][ T6025] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  123.938595][ T6034] SELinux: security_context_str_to_sid () failed with errno=-22
[  124.011924][ T6038] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  124.013783][ T6040] binder: Bad value for 'stats'
[  124.027431][ T6038] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  124.028186][ T6038] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  124.039803][ T6038] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1443
[  124.245996][ T6058] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  124.281240][ T6059] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  124.321394][ T6058] rust_binder: Error while translating object.
[  124.327891][ T6058] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  124.346912][ T6058] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1451
[  124.402192][ T6066] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1375
[  124.442761][ T6068] SELinux: security_context_str_to_sid (syste_u�Gй�:��) failed with errno=-22
[  124.483762][ T6069] rust_binder: Write failure EINVAL in pid:1375
[  124.512924][ T6072] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  124.580216][ T6076] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  124.597083][ T6071] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1454
[  124.657575][ T6079] binder: Unknown parameter 'smackfstransmute'
[  124.809430][ T6089] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  124.812377][ T6089] rust_binder: Write failure EINVAL in pid:1464
[  124.911596][ T6093] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  125.061929][ T6101] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  125.072924][ T6102] binder: Unknown parameter 'se�'_���B�ͭ�T��)1���G>X->�W�JqPy�(�	C�*���v'�/(J��i(���&�2N�]����?tv�4c-���"����@��82��6˕6�@�;"����"qQ�J7u�
�3�'
[  125.097006][ T6101] rust_binder: BC_REQUEST_FREEZE_NOTIFICATION invalid ref 3
[  125.105081][ T6101] rust_binder: Write failure EINVAL in pid:1470
[  125.180542][ T6107] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  125.208189][ T6107] kvm: kvm [6106]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0x4000002a) = 0xe7000004
[  125.231002][   T36] kauditd_printk_skb: 1166 callbacks suppressed
[  125.231016][   T36] audit: type=1400 audit(1750390605.860:44909): avc:  denied  { read write } for  pid=1160 comm="syz-executor" name="loop0" dev="devtmpfs" ino=447 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  125.308041][   T36] audit: type=1400 audit(1750390605.860:44910): avc:  denied  { read write open } for  pid=1160 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=447 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  125.333379][   T36] audit: type=1400 audit(1750390605.860:44911): avc:  denied  { ioctl } for  pid=1160 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=447 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  125.359216][   T36] audit: type=1400 audit(1750390605.890:44912): avc:  denied  { read write } for  pid=5755 comm="syz-executor" name="loop6" dev="devtmpfs" ino=55 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  125.395149][   T36] audit: type=1400 audit(1750390605.890:44913): avc:  denied  { read write open } for  pid=5755 comm="syz-executor" path="/dev/loop6" dev="devtmpfs" ino=55 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  125.421179][   T36] audit: type=1400 audit(1750390605.890:44914): avc:  denied  { ioctl } for  pid=5755 comm="syz-executor" path="/dev/loop6" dev="devtmpfs" ino=55 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  125.447281][   T36] audit: type=1400 audit(1750390605.900:44915): avc:  denied  { read } for  pid=6110 comm="syz.0.1855" name="rnullb0" dev="devtmpfs" ino=31 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  125.472552][   T36] audit: type=1400 audit(1750390605.900:44916): avc:  denied  { read open } for  pid=6110 comm="syz.0.1855" path="/dev/rnullb0" dev="devtmpfs" ino=31 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  125.478078][ T6118] input: syz1 as /devices/virtual/input/input67
[  125.496214][   T36] audit: type=1400 audit(1750390605.900:44917): avc:  denied  { read } for  pid=6110 comm="syz.0.1855" name="kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  125.562100][   T36] audit: type=1400 audit(1750390605.900:44918): avc:  denied  { read open } for  pid=6110 comm="syz.0.1855" path="/dev/kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  125.580324][ T6118] rust_binder: Write failure EFAULT in pid:1380
[  125.699328][ T4927] udevd[4927]: setting mode of /dev/input/event3 to 020660 failed: No such file or directory
[  125.716382][ T4927] udevd[4927]: setting owner of /dev/input/event3 to uid=0, gid=104 failed: No such file or directory
[  125.768843][ T6131] SELinux: security_context_str_to_sid (syte) failed with errno=-22
[  125.885068][ T6141] rust_binder: BC_REQUEST_FREEZE_NOTIFICATION invalid ref 1
[  125.893478][ T6141] rust_binder: Write failure EINVAL in pid:80
[  125.945862][ T6143] rust_binder: Failed to allocate buffer. len:160, is_oneway:false
[  126.052971][ T6145] rust_binder: Failed to allocate buffer. len:4120, is_oneway:false
[  126.238562][ T6159] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:295
[  126.329387][  T307] hid-generic 0000:0000:0000.0009: unknown main item tag 0x4
[  126.366090][  T307] hid-generic 0000:0000:0000.0009: unknown main item tag 0x2
[  126.382030][  T307] hid-generic 0000:0000:0000.0009: unknown main item tag 0x3
[  126.391792][  T307] hid-generic 0000:0000:0000.0009: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  126.522294][ T6167] fido_id[6167]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  126.667506][ T6175] binder: Bad value for 'max'
[  126.673727][ T6173] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:88
[  126.730472][ T6175] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:1394
[  126.738624][ T6177] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:298
[  126.749553][ T6177] rust_binder: Write failure EINVAL in pid:298
[  126.936826][ T6182] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  127.352563][ T6207] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:1488
[  127.368645][ T6207] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  127.433475][ T6212] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:316
[  127.635309][ T6223] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  127.672486][ T6223] rust_binder: ENOSPC from range_alloc.reserve_new - size: 18446744073709551608
[  127.689430][ T6223] rust_binder: Failed to allocate buffer. len:18446744073709551608, is_oneway:false
[  127.713767][ T6223] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOSPC }
[  127.748462][ T6223] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOSPC } my_pid:1492
[  127.817652][ T6227] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:1404
[  127.892774][ T6235] can0: slcan on ttyS3.
[  127.967594][ T6240] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  128.080218][ T6234] can0 (unregistered): slcan off ttyS3.
[  128.234849][ T6248] SELinux: security_context_str_to_sid (�Nt��{��ئ!'�.������
&cY
1J ��I������8R�[�0/l�ְ�[���8) failed with errno=-22
[  128.277873][ T6256] random: crng reseeded on system resumption
[  128.368054][ T6260] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[  128.368086][ T6260] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:330
[  128.377594][ T6260] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  128.386769][ T6260] rust_binder: Read failure Err(EFAULT) in pid:330
[  128.487746][ T6268] rust_binder: Error while translating object.
[  128.498087][ T6268] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EPERM }
[  128.504460][ T6268] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EPERM } my_pid:332
[  128.518404][ T6269] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:112
[  128.889491][ T6279] kvm: vcpu 512: requested lapic timer restore with starting count register 0x390=1531215282 (3062430564 ns) > initial count (1473793136 ns). Using initial count to start timer.
[  129.133350][ T6286] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  129.136903][ T6286] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 112, limit: 128, size: 18446744073709551585)
[  129.143453][ T6286] rust_binder: Error while translating object.
[  129.164869][ T6286] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  129.171134][ T6286] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1504
[  129.361148][ T6295] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1506
[  129.393327][ T6297] rust_binder: Error while translating object.
[  129.420965][ T6297] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  129.431861][ T6299] rust_binder: Write failure EFAULT in pid:120
[  129.450415][ T6297] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1415
[  129.547031][ T6304] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  129.599821][ T6310] binder: Bad value for 'stats'
[  129.699173][ T6313] rust_binder: Error while translating object.
[  129.699214][ T6313] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  129.720466][ T6313] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1508
[  129.805561][ T5574] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  129.854700][ T5574] hid-generic 0000:0000:0000.000A: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  129.948231][ T6330] SELinux: security_context_str_to_sid (syte) failed with errno=-22
[  130.138694][ T6335] rust_binder: BC_CLEAR_FREEZE_NOTIFICATION invalid ref 1
[  130.167700][ T6335] rust_binder: Write failure EINVAL in pid:131
[  130.243000][ T6344] SELinux: failed to load policy
[  130.254355][   T36] kauditd_printk_skb: 1090 callbacks suppressed
[  130.254373][   T36] audit: type=1400 audit(1750390610.870:46009): avc:  denied  { read open } for  pid=6341 comm="syz.0.1933" path="/dev/binderfs/binder0" dev="binder" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  130.267735][ T6343] ptm ptm29: ldisc open failed (-12), clearing slot 29
[  130.290401][ T6344] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  130.305089][   T36] audit: type=1400 audit(1750390610.910:46010): avc:  denied  { ioctl } for  pid=6340 comm="syz.5.1932" path="/dev/vhost-vsock" dev="devtmpfs" ino=200 ioctlcmd=0xaf01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  130.337036][ T6344] cgroup: fork rejected by pids controller in /syz5
[  130.349507][  T304] Bluetooth: hci0: Frame reassembly failed (-84)
[  130.359664][   T36] audit: type=1400 audit(1750390610.910:46011): avc:  denied  { ioctl } for  pid=6340 comm="syz.5.1932" path="/dev/vhost-vsock" dev="devtmpfs" ino=200 ioctlcmd=0xaf03 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  130.385537][   T36] audit: type=1400 audit(1750390610.910:46012): avc:  denied  { ioctl } for  pid=6340 comm="syz.5.1932" path="/dev/vhost-vsock" dev="devtmpfs" ino=200 ioctlcmd=0xaf61 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  130.411227][   T36] audit: type=1400 audit(1750390610.930:46013): avc:  denied  { read write } for  pid=1160 comm="syz-executor" name="loop0" dev="devtmpfs" ino=447 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  130.430830][ T6353] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  130.435617][ T6353] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1432
[  130.435727][   T36] audit: type=1400 audit(1750390610.930:46014): avc:  denied  { read write open } for  pid=1160 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=447 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  130.458347][ T6353] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  130.479684][   T36] audit: type=1400 audit(1750390610.930:46015): avc:  denied  { ioctl } for  pid=1160 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=447 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  130.511854][   T36] audit: type=1400 audit(1750390610.960:46016): avc:  denied  { read write } for  pid=6340 comm="syz.5.1932" name="vhost-vsock" dev="devtmpfs" ino=200 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  130.536172][   T36] audit: type=1400 audit(1750390610.960:46017): avc:  denied  { read write open } for  pid=6340 comm="syz.5.1932" path="/dev/vhost-vsock" dev="devtmpfs" ino=200 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  130.561303][   T36] audit: type=1400 audit(1750390610.960:46018): avc:  denied  { ioctl } for  pid=6340 comm="syz.5.1932" path="/dev/vhost-vsock" dev="devtmpfs" ino=200 ioctlcmd=0xaf01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  130.756642][ T6367] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1437
[  130.756805][ T6366] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  130.829613][ T6368] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  130.836181][ T6368] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1515
[  131.800384][ T6387] input: syz1 as /devices/virtual/input/input74
[  131.836500][ T6388] input: syz0 as /devices/virtual/input/input75
[  131.946983][ T6392] binder: Unknown parameter ''
[  132.010113][ T6394] binder: Bad value for 'stats'
[  132.015876][ T6394] binder: Bad value for 'stats'
[  132.037848][ T6394] binder: Bad value for 'stats'
[  132.049703][ T6394] binder: Bad value for 'stats'
[  132.058242][ T6394] binder: Bad value for 'stats'
[  132.070060][ T6398] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  132.070293][ T6398] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  132.076956][ T6398] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  132.083817][ T6394] binder: Bad value for 'stats'
[  132.096574][ T6397] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  132.096841][ T6397] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  132.117140][ T6397] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  132.124671][ T6394] binder: Bad value for 'stats'
[  132.144406][ T6397] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  132.144654][ T6397] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  132.153925][ T6398] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  132.161343][ T6398] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  132.168810][ T6394] binder: Bad value for 'stats'
[  132.180504][ T6397] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  132.180728][ T6397] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  132.190169][ T6397] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  132.197630][ T6394] binder: Bad value for 'stats'
[  132.205169][ T6398] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  132.209234][ T6398] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  132.215993][ T6397] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  132.224298][ T6394] binder: Bad value for 'stats'
[  132.236018][ T6398] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  132.236298][ T6397] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  132.238228][ T6394] binder: Bad value for 'stats'
[  132.242808][ T6398] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  132.254363][ T6397] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  132.261072][ T6398] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  132.263717][ T6394] binder: Bad value for 'stats'
[  132.267809][ T6397] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  132.275949][ T6394] binder: Bad value for 'stats'
[  132.279042][ T6398] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  132.287515][ T6394] binder: Bad value for 'stats'
[  132.290353][ T6397] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  132.300710][ T6394] binder: Bad value for 'stats'
[  132.301671][ T6398] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  132.308891][ T6394] binder: Bad value for 'stats'
[  132.312856][ T6397] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  132.321291][ T6394] binder: Bad value for 'stats'
[  132.324165][ T6398] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  132.333639][ T6394] binder: Bad value for 'stats'
[  132.341305][ T6397] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  132.343450][ T6394] binder: Bad value for 'stats'
[  132.349783][  T865] Bluetooth: hci0: command 0x1003 tx timeout
[  132.354760][ T6394] binder: Bad value for 'stats'
[  132.357633][   T53] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  132.365465][ T6394] binder: Bad value for 'stats'
[  132.380919][ T6394] binder: Bad value for 'stats'
[  132.386744][ T6398] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  132.386767][ T6394] binder: Bad value for 'stats'
[  132.386999][ T6398] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  132.398352][ T6398] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  132.404805][ T6397] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  132.409218][ T6394] binder: Bad value for 'stats'
[  132.428852][ T6394] binder: Bad value for 'stats'
[  132.434715][ T6394] binder: Bad value for 'stats'
[  132.440579][ T6394] binder: Bad value for 'stats'
[  132.446382][ T6394] binder: Bad value for 'stats'
[  132.452222][ T6394] binder: Bad value for 'stats'
[  132.458053][ T6394] binder: Bad value for 'stats'
[  132.463817][ T6394] binder: Bad value for 'stats'
[  132.469867][ T6394] binder: Bad value for 'stats'
[  132.470711][ T6398] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  132.476128][ T6394] binder: Bad value for 'stats'
[  132.488025][ T6397] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  132.488261][ T6397] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  132.495049][ T6397] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  132.501789][ T6397] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  132.508471][ T6397] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  132.515178][ T6397] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  132.521859][ T6397] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  132.528548][ T6397] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  132.535274][ T6397] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  132.541803][ T6398] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  132.548598][ T6397] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  132.559146][ T6397] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  132.582734][ T6397] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  132.593219][ T6398] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  132.599978][ T6398] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  132.630047][ T6397] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  132.636777][ T6397] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  132.667840][ T6398] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  132.675746][ T6397] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  132.684256][ T6398] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  132.692147][ T6398] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  132.698658][ T6397] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  132.708463][ T6398] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  132.713375][ T6409] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 120, limit: 136, size: 89)
[  132.723226][ T6397] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  132.737613][ T6409] rust_binder: Error while translating object.
[  132.744352][ T6409] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  132.748800][ T6398] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  132.750585][ T6409] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1528
[  132.767144][ T6398] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  132.779805][ T6397] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  132.786495][ T6397] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  132.798874][ T6398] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  132.806080][ T6397] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  132.828574][ T6398] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  132.840981][  T304] bridge_slave_1: left allmulticast mode
[  132.858506][  T304] bridge_slave_1: left promiscuous mode
[  132.860779][ T6397] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  132.865355][ T6398] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  132.872804][ T6397] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  132.875217][  T304] bridge0: port 2(bridge_slave_1) entered disabled state
[  132.929125][  T304] bridge_slave_0: left allmulticast mode
[  132.935552][  T304] bridge_slave_0: left promiscuous mode
[  132.944909][  T304] bridge0: port 1(bridge_slave_0) entered disabled state
[  132.960083][ T6416] rust_binder: Error while translating object.
[  132.960122][ T6416] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  132.967192][ T6416] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:154
[  133.146023][ T6413] bridge0: port 1(bridge_slave_0) entered blocking state
[  133.171984][ T6413] bridge0: port 1(bridge_slave_0) entered disabled state
[  133.179331][ T6413] bridge_slave_0: entered allmulticast mode
[  133.200749][ T6413] bridge_slave_0: entered promiscuous mode
[  133.220987][  T304] veth1_macvtap: left promiscuous mode
[  133.226570][  T304] veth0_vlan: left promiscuous mode
[  133.292107][ T6413] bridge0: port 2(bridge_slave_1) entered blocking state
[  133.299861][ T6413] bridge0: port 2(bridge_slave_1) entered disabled state
[  133.311637][ T6413] bridge_slave_1: entered allmulticast mode
[  133.320169][ T6413] bridge_slave_1: entered promiscuous mode
[  133.423949][ T6413] bridge0: port 2(bridge_slave_1) entered blocking state
[  133.431018][ T6413] bridge0: port 2(bridge_slave_1) entered forwarding state
[  133.438263][ T6413] bridge0: port 1(bridge_slave_0) entered blocking state
[  133.445296][ T6413] bridge0: port 1(bridge_slave_0) entered forwarding state
[  133.484133][  T305] bridge0: port 1(bridge_slave_0) entered disabled state
[  133.495744][  T305] bridge0: port 2(bridge_slave_1) entered disabled state
[  133.511852][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  133.518900][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  133.528657][  T305] bridge0: port 2(bridge_slave_1) entered blocking state
[  133.535710][  T305] bridge0: port 2(bridge_slave_1) entered forwarding state
[  133.641716][ T6413] veth0_vlan: entered promiscuous mode
[  133.668747][ T6436] rust_binder: Write failure EINVAL in pid:1534
[  133.741039][ T6413] veth1_macvtap: entered promiscuous mode
[  133.802914][ T6446] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  133.804362][ T6446] rust_binder: Failed to allocate buffer. len:136, is_oneway:false
[  133.898459][ T6444] rust_binder: Write failure EFAULT in pid:169
[  134.164971][ T6472] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1469
[  134.179165][ T6472] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  134.189790][ T6472] rust_binder: Read failure Err(EFAULT) in pid:1469
[  134.238994][ T6475] kvm: Disabled LAPIC found during irq injection
[  134.378072][ T6486] rust_binder: Write failure EINVAL in pid:179
[  134.438568][ T6492] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:13
[  134.508324][ T6495] rust_binder: Write failure EFAULT in pid:181
[  134.642506][ T6505] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  134.669454][ T6505] rust_binder: Error in use_page_slow: ESRCH
[  134.698086][ T6505] rust_binder: use_range failure ESRCH
[  134.703137][ T6504] rust_binder: Write failure EINVAL in pid:1477
[  134.704870][ T6505] rust_binder: Failed to allocate buffer. len:4232, is_oneway:false
[  134.716598][ T6505] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  134.726719][ T6505] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:1546
[  134.793656][ T6514] rust_binder: Error while translating object.
[  134.809872][ T6514] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  134.816245][ T6514] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:20
[  134.882799][ T6525] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  134.901738][ T6522] rust_binder: Error in use_page_slow: ESRCH
[  134.937850][ T6522] rust_binder: use_range failure ESRCH
[  134.947753][ T6519] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  134.971682][ T6522] rust_binder: Failed to allocate buffer. len:4240, is_oneway:false
[  134.978132][ T6522] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  134.987438][ T6519] rust_binder: Error while translating object.
[  135.001788][ T6532] binder: Unknown parameter '��'
[  135.013033][ T6519] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOENT }
[  135.013062][ T6519] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:1549
[  135.037709][ T6522] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:192
[  135.184066][ T6544] rust_binder: Error while translating object.
[  135.194710][ T6542] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:1553
[  135.205936][ T6544] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOENT }
[  135.224075][ T6544] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:1486
[  135.261586][   T36] kauditd_printk_skb: 1040 callbacks suppressed
[  135.261603][   T36] audit: type=1400 audit(1750390615.890:47059): avc:  denied  { read write } for  pid=6413 comm="syz-executor" name="loop5" dev="devtmpfs" ino=54 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  135.328443][   T36] audit: type=1400 audit(1750390615.930:47060): avc:  denied  { read write open } for  pid=6413 comm="syz-executor" path="/dev/loop5" dev="devtmpfs" ino=54 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  135.370200][   T36] audit: type=1400 audit(1750390615.930:47061): avc:  denied  { ioctl } for  pid=6413 comm="syz-executor" path="/dev/loop5" dev="devtmpfs" ino=54 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  135.425366][   T36] audit: type=1400 audit(1750390615.950:47062): avc:  denied  { read write } for  pid=5755 comm="syz-executor" name="loop6" dev="devtmpfs" ino=55 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  135.461065][   T36] audit: type=1400 audit(1750390615.950:47063): avc:  denied  { read write open } for  pid=5755 comm="syz-executor" path="/dev/loop6" dev="devtmpfs" ino=55 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  135.463981][ T6558] rust_binder: Write failure EINVAL in pid:201
[  135.505967][   T36] audit: type=1400 audit(1750390615.950:47064): avc:  denied  { ioctl } for  pid=5755 comm="syz-executor" path="/dev/loop6" dev="devtmpfs" ino=55 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  135.546237][   T36] audit: type=1400 audit(1750390615.990:47065): avc:  denied  { read write } for  pid=291 comm="syz-executor" name="loop3" dev="devtmpfs" ino=52 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  135.571298][   T36] audit: type=1400 audit(1750390616.000:47066): avc:  denied  { read write open } for  pid=291 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=52 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  135.641475][ T6558] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  135.641751][ T6558] audit: audit_backlog=65 > audit_backlog_limit=64
[  135.643319][ T1160] audit: audit_backlog=65 > audit_backlog_limit=64
[  135.666829][ T6558] rust_binder: Write failure EINVAL in pid:201
[  135.722252][ T6570] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  135.760387][ T6575] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  135.770545][ T6572] binder: Unknown parameter 'non'
[  135.830808][ T6579] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  135.841411][ T6572] serio: Serial port ttyS3
[  135.894092][ T6585] binder: Bad value for 'max'
[  135.932774][ T6584] SELinux: failed to load policy
[  135.976795][ T6568] rust_binder: Read failure Err(EFAULT) in pid:32
[  136.001809][ T6590] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  136.012121][ T6590] rust_binder: Error while translating object.
[  136.018746][ T6590] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBADF }
[  136.025013][ T6590] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EBADF } my_pid:214
[  136.075400][ T6594] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  136.152933][ T6599] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  136.306653][ T6603] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:41
[  136.383709][ T6610] input: syz1 as /devices/virtual/input/input77
[  136.424984][ T6610] rust_binder: Error while translating object.
[  136.425029][ T6610] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBADF }
[  136.431245][ T6610] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EBADF } my_pid:48
[  136.480950][ T6614] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  136.544725][ T6615] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:222
[  136.763540][ T6621] SELinux: security_context_str_to_sid () failed with errno=-22
[  136.796520][ T6624] binder: Binderfs stats mode cannot be changed during a remount
[  136.802703][ T6626] rust_binder: Write failure EINVAL in pid:57
[  136.980455][ T6631] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:62
[  137.029011][ T6634] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  137.044796][ T6634] rust_binder: Failed to allocate buffer. len:16, is_oneway:false
[  137.055357][ T6635] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  137.063829][ T6634] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1495
[  137.075115][ T6635] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:1573
[  137.420052][ T6657] binder: Unknown parameter 'defcontext01777777777777777777777'
[  137.554425][ T6665] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  137.765684][ T6683] rust_binder: Error in use_page_slow: ESRCH
[  137.793860][ T6683] rust_binder: use_range failure ESRCH
[  137.815465][ T6683] rust_binder: Failed to allocate buffer. len:4232, is_oneway:false
[  137.821596][ T6683] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  137.839827][ T6683] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:1585
[  137.870690][ T6686] SELinux: security_context_str_to_sid () failed with errno=-22
[  138.063405][ T6696] binder: Unknown parameter '�'
[  138.072479][  T314] hid-generic 0000:0000:0000.000B: unknown main item tag 0x4
[  138.084287][  T314] hid-generic 0000:0000:0000.000B: unknown main item tag 0x2
[  138.099906][  T314] hid-generic 0000:0000:0000.000B: unknown main item tag 0x3
[  138.109090][  T314] hid-generic 0000:0000:0000.000B: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  138.233434][ T6700] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  138.271877][ T6699] fido_id[6699]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  138.406060][ T6708] rust_binder: Write failure EFAULT in pid:1593
[  138.504343][ T6716] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  138.525065][ T6714] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  138.552314][ T6716] rust_binder: Write failure EINVAL in pid:1595
[  138.558857][ T6714] rust_binder: Write failure EINVAL in pid:1595
[  138.714148][ T6724] rust_binder: Write failure EFAULT in pid:83
[  139.016567][ T6743] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:256
[  139.027400][ T6748] SELinux: failed to load policy
[  139.079322][ T6743] kvm: vcpu 1: requested lapic timer restore with starting count register 0x390=1728 (3456 ns) > initial count (160 ns). Using initial count to start timer.
[  139.213624][ T6755] binder: Unknown parameter 'maxl'
[  139.354072][ T6763] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  139.414870][ T6764] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  139.421478][ T6764] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:258
[  139.618827][ T6766] rust_binder: Error while translating object.
[  139.628086][ T6766] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBADF }
[  139.634580][ T6766] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EBADF } my_pid:1528
[  139.777534][ T6770] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  139.790074][ T6770] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1607
[  139.818085][ T6770] rust_binder: Error while translating object.
[  139.831056][ T6770] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  139.837258][ T6770] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1607
[  139.886989][ T6772] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  139.896326][ T6772] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1532
[  140.018262][ T6781] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  140.069655][ T6781] rust_binder: Error in use_page_slow: ESRCH
[  140.087405][ T6781] rust_binder: use_range failure ESRCH
[  140.103684][ T6781] rust_binder: Failed to allocate buffer. len:4232, is_oneway:false
[  140.106566][ T6780] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=4281480200 (17125920800 ns) > initial count (3816096000 ns). Using initial count to start timer.
[  140.109190][ T6781] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  140.109233][ T6781] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:1609
[  140.276952][   T36] kauditd_printk_skb: 1159 callbacks suppressed
[  140.276970][   T36] audit: type=1400 audit(1750390620.900:48186): avc:  denied  { read write } for  pid=6790 comm="syz.5.2071" name="rnullb0" dev="devtmpfs" ino=31 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  140.365417][ T6796] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  140.370047][   T36] audit: type=1400 audit(1750390620.900:48187): avc:  denied  { read open } for  pid=6790 comm="syz.5.2071" path="/dev/rnullb0" dev="devtmpfs" ino=31 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  140.410388][ T6796] rust_binder: BC_REQUEST_FREEZE_NOTIFICATION already set
[  140.421149][ T6796] rust_binder: Write failure EINVAL in pid:261
[  140.424860][ T6800] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  140.457022][ T6794] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  140.469308][   T36] audit: type=1400 audit(1750390620.900:48188): avc:  denied  { read } for  pid=6790 comm="syz.5.2071" name="kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  140.511023][ T6798] rust_binder: Error while translating object.
[  140.511066][ T6798] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBADF }
[  140.523247][   T36] audit: type=1400 audit(1750390620.900:48189): avc:  denied  { read open } for  pid=6790 comm="syz.5.2071" path="/dev/kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  140.527104][ T6798] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EBADF } my_pid:1539
[  140.535499][   T36] audit: type=1400 audit(1750390620.900:48190): avc:  denied  { ioctl } for  pid=6790 comm="syz.5.2071" path="/dev/kvm" dev="devtmpfs" ino=13 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  140.593015][   T36] audit: type=1400 audit(1750390620.900:48191): avc:  denied  { read write } for  pid=291 comm="syz-executor" name="loop3" dev="devtmpfs" ino=52 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  140.639817][ T6806] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  140.643424][   T36] audit: type=1400 audit(1750390620.910:48192): avc:  denied  { read write open } for  pid=291 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=52 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  140.649609][ T6806] audit: audit_backlog=65 > audit_backlog_limit=64
[  140.651829][   T36] audit: type=1400 audit(1750390620.910:48193): avc:  denied  { read write } for  pid=6790 comm="syz.5.2071" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  140.691717][ T6806] audit: audit_lost=5986 audit_rate_limit=0 audit_backlog_limit=64
[  140.754759][ T6806] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  140.772620][ T6811] SELinux: failed to load policy
[  140.876213][ T6813] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 112, limit: 128, size: 18446744073709551585)
[  140.876238][ T6813] rust_binder: Error while translating object.
[  140.895397][ T6813] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  140.905244][ T6813] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:105
[  140.920954][ T6816] rust_binder: Write failure EINVAL in pid:1544
[  141.176359][ T6836] rust_binder: Write failure EFAULT in pid:111
[  141.312782][ T6840] kvm: kvm [6839]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0x11e) = 0xa1a9
[  141.332539][ T6844] rust_binder: Write failure EINVAL in pid:113
[  141.438203][ T6854] rust_binder: Error while translating object.
[  141.459774][ T6854] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  141.483029][ T6854] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:115
[  141.660409][ T6863] rust_binder: Write failure EFAULT in pid:280
[  141.734576][ T6866] rust_binder: Write failure EFAULT in pid:118
[  141.933864][ T6878] can0: slcan on ptm0.
[  142.008006][ T6885] rust_binder: Failed to allocate buffer. len:136, is_oneway:true
[  142.010006][ T6881] rust_binder: Write failure EFAULT in pid:1625
[  142.154090][ T6877] can0 (unregistered): slcan off ptm0.
[  142.290368][ T6893] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:1574
[  143.155043][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  143.193187][ T6935] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  143.234924][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  143.268400][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  143.287580][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  143.321587][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  143.330064][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  143.358168][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  143.375321][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  143.393051][ T6949] rust_binder: Write failure EINVAL in pid:132
[  143.415854][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  143.467633][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  143.500623][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  143.508405][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  143.533588][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  143.553800][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  143.564353][ T6961] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  143.564638][ T6961] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  143.588571][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  143.612432][ T6961] rust_binder: Error in use_page_slow: ESRCH
[  143.612453][ T6961] rust_binder: use_range failure ESRCH
[  143.629344][ T6964] rust_binder: Failed to allocate buffer. len:4224, is_oneway:false
[  143.641756][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  143.651427][ T6961] rust_binder: Failed to allocate buffer. len:4224, is_oneway:false
[  143.657512][ T6961] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  143.667624][ T6964] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOSPC }
[  143.677644][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  143.731898][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  143.739771][ T6958] binder: Unknown parameter 'fscontext?}'
[  143.759793][ T6964] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOSPC } my_pid:291
[  143.759853][ T6961] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:291
[  143.776419][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  143.806081][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  143.819843][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  143.837377][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  143.859807][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  143.887842][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  143.917030][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  143.936371][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  143.976513][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  143.996942][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  144.029795][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  144.038035][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  144.057824][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  144.069780][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  144.094589][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  144.106875][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  144.139777][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  144.148189][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  144.156908][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  144.165340][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  144.204144][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  144.217580][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  144.229793][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  144.240370][ T6979] rust_binder: Write failure EFAULT in pid:296
[  144.248964][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  144.288526][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  144.302496][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  144.323212][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  144.338535][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  144.356705][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  144.369787][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  144.387754][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  144.418385][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  144.437049][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  144.447111][ T6984] binder: Unknown parameter 'suats'
[  144.459119][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  144.481545][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  144.504846][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  144.527317][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  144.551615][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  144.570576][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  144.578400][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  144.590724][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  144.598531][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  144.608576][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  144.622135][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  144.630559][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  144.638365][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  144.647772][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  144.667982][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  144.676385][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  144.701376][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  144.709193][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  144.726599][ T6993] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  144.728697][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  144.735436][ T6993] rust_binder: Write failure EINVAL in pid:305
[  144.745494][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  144.764662][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  144.773173][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  144.823124][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  144.842104][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  144.852193][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  144.860710][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  144.873814][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  144.886239][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  144.896980][ T6995] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:1602
[  144.905571][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  144.923660][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  144.932049][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  144.940505][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  144.948623][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  144.957655][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  144.966072][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  144.987710][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  145.012950][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  145.029795][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  145.047518][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  145.055907][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  145.064345][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  145.072857][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  145.113768][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  145.128671][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  145.138148][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  145.140036][ T7004] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:1604
[  145.148695][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  145.167364][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  145.175804][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  145.184251][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  145.192679][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  145.201087][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  145.213995][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  145.222485][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  145.223080][ T7006] binder: Bad value for 'stats'
[  145.230433][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  145.243164][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  145.255672][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  145.263501][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  145.275883][ T6999] rust_binder: Read failure Err(EFAULT) in pid:309
[  145.275888][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  145.290216][   T36] kauditd_printk_skb: 1909 callbacks suppressed
[  145.290230][   T36] audit: type=1400 audit(1750390625.900:50102): avc:  denied  { setattr } for  pid=6413 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  145.321004][   T36] audit: type=1400 audit(1750390625.900:50103): avc:  denied  { setattr } for  pid=6413 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  145.344639][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  145.359349][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  145.369682][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  145.379738][ T7011] audit: audit_backlog=65 > audit_backlog_limit=64
[  145.380603][ T6413] audit: audit_backlog=65 > audit_backlog_limit=64
[  145.386247][ T7011] audit: audit_lost=5987 audit_rate_limit=0 audit_backlog_limit=64
[  145.386263][ T7011] audit: backlog limit exceeded
[  145.386484][ T7011] audit: audit_backlog=65 > audit_backlog_limit=64
[  145.394216][ T6413] audit: audit_lost=5988 audit_rate_limit=0 audit_backlog_limit=64
[  145.400766][   T36] audit: type=1400 audit(1750390625.900:50104): avc:  denied  { setattr } for  pid=6413 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  145.413249][ T5755] audit: audit_backlog=65 > audit_backlog_limit=64
[  145.419970][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  145.488433][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  145.504070][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  145.518277][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  145.526133][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  145.543927][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  145.558473][ T7015] SELinux: security_context_str_to_sid (sytem_u�Gй�:�߾x%��!dLI�)��KdX���?���_�өe”l	��67��/�����M����[ y<���o�3�.S3k���Dj�Z̕rx�s�BZ�����Wr�
Oӷwq) failed with errno=-22
[  145.589809][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  145.597588][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  145.609447][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  145.623669][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  145.646559][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  145.655060][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  145.665689][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  145.673524][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  145.681392][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  145.715644][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  145.724900][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  145.733281][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  145.741640][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  145.749477][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  145.767497][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  145.775389][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  145.790755][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  145.798591][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  145.806474][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  145.816000][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  145.825331][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  145.833898][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  145.851997][ T7023] rust_binder: BC_REQUEST_FREEZE_NOTIFICATION invalid ref 3
[  145.868794][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  145.876701][ T7023] rust_binder: Write failure EINVAL in pid:1618
[  145.889401][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  145.915749][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  145.936964][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  145.957194][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  145.965123][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  145.972953][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  145.980799][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  145.988647][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  145.996444][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  146.004308][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  146.012116][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  146.022041][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  146.029939][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  146.037777][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  146.045766][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  146.069328][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  146.077249][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  146.100785][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  146.108633][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  146.117586][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  146.127654][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  146.140342][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  146.150262][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  146.159253][ T7034] SELinux: security_context_str_to_sid () failed with errno=-22
[  146.167777][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  146.176058][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  146.184353][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  146.193293][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  146.207656][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: unknown main item tag 0x0
[  146.228093][ T6115] hid-generic 0008:0000:FFFFFBFF.000C: hidraw0: <UNKNOWN> HID v9.86 Device [syz0] on syz1
[  146.456525][ T7039] fido_id[7039]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  146.503003][ T7046] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:1627
[  146.670226][  T307] hid-generic 0000:0002:0000.000D: item fetching failed at offset 2/3
[  146.714018][  T307] hid-generic 0000:0002:0000.000D: probe with driver hid-generic failed with error -22
[  146.737207][ T7059] rust_binder: Error while translating object.
[  146.737241][ T7059] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBADF }
[  146.750162][ T7059] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EBADF } my_pid:1643
[  146.771917][ T7062] rust_binder: Write failure EINVAL in pid:330
[  146.806562][ T7062] rust_binder: Write failure EINVAL in pid:330
[  146.822381][ T7061] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[  146.841654][ T7061] rust_binder: Read failure Err(EFAULT) in pid:330
[  147.072100][ T7084] binder: Unknown parameter 'non'
[  147.092784][ T7080] kvm: kvm [7078]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0xc2) = 0xffffffffffff6253
[  147.255240][ T7089] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  147.265872][ T7089] rust_binder: Error in use_page_slow: ESRCH
[  147.285045][ T7089] rust_binder: use_range failure ESRCH
[  147.297397][ T7089] rust_binder: Failed to allocate buffer. len:4240, is_oneway:false
[  147.312003][ T7089] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[  147.335387][ T7089] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:342
[  147.402828][ T7094] rust_binder: Error while translating object.
[  147.418429][ T7094] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  147.449799][ T7094] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1654
[  147.461846][ T7093] rust_binder: Write failure EFAULT in pid:344
[  147.491724][ T7096] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1643
[  147.500721][ T7096] rust_binder: Error while translating object.
[  147.510080][ T7096] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  147.516296][ T7096] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1643
[  147.755090][ T7105] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  148.253013][ T7115] tap0: tun_chr_ioctl cmd 1074812118
[  148.318896][ T7115] random: crng reseeded on system resumption
[  148.441387][ T7122] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  148.462063][ T7122] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 112, limit: 128, size: 18446744073709551585)
[  148.483822][ T7122] rust_binder: Error while translating object.
[  148.513901][ T7122] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  148.519811][   T13] Bluetooth: hci0: Frame reassembly failed (-84)
[  148.542315][ T7122] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:365
[  148.573193][ T7127] __vm_enough_memory: pid: 7127, comm: syz.3.2173, bytes: 281474976845824 not enough memory for the allocation
[  148.629574][ T7131] rust_binder: BINDER_SET_CONTEXT_MGR already set
[  148.696988][ T7134] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  148.700802][ T7132] binder: Unknown parameter 'smackfshat'
[  148.703513][ T7134] SELinux: failed to load policy
[  148.864064][ T7141] rust_binder: Read failure Err(EAGAIN) in pid:1659
[  148.918255][ T7144] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1662
[  148.973901][ T7146] rust_binder: Write failure EFAULT in pid:1664
[  149.101039][ T7149] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  149.108236][ T7150] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[  149.117825][ T7149] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1667
[  149.128781][ T7150] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:1667
[  149.192203][ T7152] rust_binder: Write failure EINVAL in pid:1670
[  149.325439][ T7154] tap0: tun_chr_ioctl cmd 1074025677
[  149.349887][ T7154] tap0: linktype set to 774
[  149.544612][ T7157] rust_binder: BC_REQUEST_FREEZE_NOTIFICATION invalid ref 3
[  149.559622][ T7157] rust_binder: Write failure EINVAL in pid:1675
[  149.612812][ T7160] binder: Unknown parameter '00000000000000000005'
[  149.631403][ T7161] random: crng reseeded on system resumption
[  149.843106][ T7175] SELinux: failed to load policy
[  149.850462][   T10] hid-generic 0000:0000:0000.000E: unknown main item tag 0x4
[  149.857874][   T10] hid-generic 0000:0000:0000.000E: unknown main item tag 0x2
[  149.872640][   T10] hid-generic 0000:0000:0000.000E: unknown main item tag 0x3
[  149.889919][   T10] hid-generic 0000:0000:0000.000E: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  150.044167][ T7178] fido_id[7178]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  150.134380][ T7181] kvm: kvm [7180]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0x11e) = 0xa1a9
[  150.162820][ T7181] SELinux: failed to load policy
[  150.300438][   T36] kauditd_printk_skb: 4921 callbacks suppressed
[  150.300455][   T36] audit: type=1400 audit(1750390630.930:54952): avc:  denied  { setattr } for  pid=6413 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  150.359351][ T7184] random: crng reseeded on system resumption
[  150.365470][   T36] audit: type=1400 audit(1750390630.930:54953): avc:  denied  { setattr } for  pid=6413 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  150.368587][ T6413] audit: audit_backlog=65 > audit_backlog_limit=64
[  150.406561][   T36] audit: type=1400 audit(1750390630.930:54954): avc:  denied  { setattr } for  pid=6413 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  150.419635][ T6413] audit: audit_lost=6014 audit_rate_limit=0 audit_backlog_limit=64
[  150.436147][ T7184] binder: Unknown parameter 'dirsy'
[  150.450460][   T36] audit: type=1400 audit(1750390630.930:54955): avc:  denied  { setattr } for  pid=6413 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  150.459767][ T6413] audit: backlog limit exceeded
[  150.474493][   T36] audit: type=1400 audit(1750390630.930:54956): avc:  denied  { setattr } for  pid=6413 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  150.483820][ T6413] audit: audit_backlog=65 > audit_backlog_limit=64
[  150.508213][ T6413] audit: audit_lost=6015 audit_rate_limit=0 audit_backlog_limit=64
[  150.589971][  T865] Bluetooth: hci0: command 0x1003 tx timeout
[  150.596002][   T53] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  150.612760][   T10] ==================================================================
[  150.620855][   T10] BUG: KASAN: null-ptr-deref in down_write+0x83/0x2a0
[  150.627712][   T10] Write of size 8 at addr 0000000000000098 by task kworker/0:1/10
[  150.635517][   T10] 
[  150.637844][   T10] CPU: 0 UID: 0 PID: 10 Comm: kworker/0:1 Not tainted 6.12.23-syzkaller-gf9fbc66f8444 #0 b8de21ba31122219d6c6778e419c74a11adc861d
[  150.637872][   T10] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  150.637884][   T10] Workqueue: events _RNvXs6_NtCs43vyB533jt3_6kernel9workqueueINtNtNtB7_4sync3arc3ArcNtNtCshgDM7dBCdno_11rust_binder7process7ProcessEINtB5_15WorkItemPointerKy0_E3runB13_
[  150.637929][   T10] Call Trace:
[  150.637935][   T10]  <TASK>
[  150.637944][   T10]  __dump_stack+0x21/0x30
[  150.637965][   T10]  dump_stack_lvl+0x10c/0x190
[  150.637984][   T10]  ? __cfi_dump_stack_lvl+0x10/0x10
[  150.638005][   T10]  print_report+0x3d/0x70
[  150.638022][   T10]  kasan_report+0x163/0x1a0
[  150.638045][   T10]  ? down_write+0x83/0x2a0
[  150.638064][   T10]  ? down_write+0x83/0x2a0
[  150.638081][   T10]  kasan_check_range+0x299/0x2a0
[  150.638104][   T10]  __kasan_check_write+0x18/0x20
[  150.638123][   T10]  down_write+0x83/0x2a0
[  150.638140][   T10]  ? __cfi_down_write+0x10/0x10
[  150.638157][   T10]  ? _raw_spin_lock+0x8c/0x120
[  150.638177][   T10]  ? __cfi__raw_spin_lock+0x10/0x10
[  150.638197][   T10]  ? mutex_unlock+0x8b/0x240
[  150.638213][   T10]  ? __cfi_mutex_unlock+0x10/0x10
[  150.638230][   T10]  rust_binderfs_remove_file+0x6c/0x110
[  150.638248][   T10]  _RNvXs2_NtCshgDM7dBCdno_11rust_binder7processNtB5_7ProcessNtNtCs43vyB533jt3_6kernel9workqueue8WorkItem3run+0x9d4/0x2860
[  150.638286][   T10]  ? update_curr_dl_se+0x10c/0xb20
[  150.638307][   T10]  ? __cfi___update_load_avg_cfs_rq+0x10/0x10
[  150.638326][   T10]  ? update_curr+0x60d/0xc60
[  150.638347][   T10]  ? __cfi__RNvXs2_NtCshgDM7dBCdno_11rust_binder7processNtB5_7ProcessNtNtCs43vyB533jt3_6kernel9workqueue8WorkItem3run+0x10/0x10
[  150.638374][   T10]  ? update_load_avg+0x506/0x19a0
[  150.638390][   T10]  ? detach_entity_load_avg+0x7b0/0x7b0
[  150.638412][   T10]  ? __kasan_check_write+0x18/0x20
[  150.638430][   T10]  ? _raw_spin_trylock+0xaf/0x130
[  150.638450][   T10]  ? __cfi__raw_spin_trylock+0x10/0x10
[  150.638472][   T10]  ? _raw_spin_unlock+0x45/0x60
[  150.638492][   T10]  ? call_rcu_nocb+0x6bd/0xc10
[  150.638511][   T10]  ? swake_up_one_online_ipi+0x30/0x30
[  150.638526][   T10]  ? kvm_sched_clock_read+0x15/0x30
[  150.638544][   T10]  ? sched_clock_noinstr+0xd/0x30
[  150.638561][   T10]  ? __virt_addr_valid+0xc5/0x380
[  150.638584][   T10]  ? __cfi_thread_stack_free_rcu+0x10/0x10
[  150.638604][   T10]  ? __call_rcu_common+0x40b/0x6f0
[  150.638627][   T10]  ? call_rcu_hurry+0x30/0x30
[  150.638646][   T10]  ? task_dead_fair+0x110/0x190
[  150.638666][   T10]  ? __cfi_task_dead_fair+0x10/0x10
[  150.638696][   T10]  ? __kasan_check_write+0x18/0x20
[  150.638715][   T10]  ? put_task_struct_rcu_user+0x7f/0xb0
[  150.638733][   T10]  ? __switch_to_asm+0x3d/0x70
[  150.638754][   T10]  ? __schedule+0x1463/0x1f10
[  150.638777][   T10]  ? kick_pool+0xad/0x550
[  150.638801][   T10]  process_scheduled_works+0x7d2/0x1020
[  150.638826][   T10]  worker_thread+0xc58/0x1250
[  150.638849][   T10]  kthread+0x2c7/0x370
[  150.638871][   T10]  ? __cfi_worker_thread+0x10/0x10
[  150.638892][   T10]  ? __cfi_kthread+0x10/0x10
[  150.638914][   T10]  ret_from_fork+0x64/0xa0
[  150.638933][   T10]  ? __cfi_kthread+0x10/0x10
[  150.638954][   T10]  ret_from_fork_asm+0x1a/0x30
[  150.638977][   T10]  </TASK>
[  150.638985][   T10] ==================================================================
[  150.957628][   T10] Disabling lock debugging due to kernel taint
[  150.964001][   T10] BUG: kernel NULL pointer dereference, address: 0000000000000098
[  150.971808][   T10] #PF: supervisor write access in kernel mode
[  150.977874][   T10] #PF: error_code(0x0002) - not-present page
[  150.983854][   T10] PGD 8000000128041067 P4D 8000000128041067 PUD 0 
[  150.990372][   T10] Oops: Oops: 0002 [#1] PREEMPT SMP KASAN PTI
[  150.996445][   T10] CPU: 0 UID: 0 PID: 10 Comm: kworker/0:1 Tainted: G    B              6.12.23-syzkaller-gf9fbc66f8444 #0 b8de21ba31122219d6c6778e419c74a11adc861d
[  151.011305][   T10] Tainted: [B]=BAD_PAGE
[  151.015458][   T10] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  151.025518][   T10] Workqueue: events _RNvXs6_NtCs43vyB533jt3_6kernel9workqueueINtNtNtB7_4sync3arc3ArcNtNtCshgDM7dBCdno_11rust_binder7process7ProcessEINtB5_15WorkItemPointerKy0_E3runB13_
[  151.042300][   T10] RIP: 0010:down_write+0x9a/0x2a0
[  151.047334][   T10] Code: 48 c7 44 24 20 00 00 00 00 be 08 00 00 00 e8 2d 34 55 fc 4c 89 f7 be 08 00 00 00 e8 20 34 55 fc 48 8b 44 24 20 b9 01 00 00 00 <f0> 48 0f b1 0b 0f 85 a0 00 00 00 48 c7 c0 c0 b9 20 87 48 c1 e8 03
[  151.066947][   T10] RSP: 0018:ffffc900000a7500 EFLAGS: 00010256
[  151.073006][   T10] RAX: 0000000000000000 RBX: 0000000000000098 RCX: 0000000000000001
[  151.080962][   T10] RDX: 0000000000000001 RSI: 0000000000000008 RDI: ffffc900000a7520
[  151.088917][   T10] RBP: ffffc900000a7598 R08: ffffc900000a7527 R09: 1ffff92000014ea4
[  151.096869][   T10] R10: dffffc0000000000 R11: fffff52000014ea5 R12: dffffc0000000000
[  151.104823][   T10] R13: 1ffff92000014ea0 R14: ffffc900000a7520 R15: 0000000000000000
[  151.112787][   T10] FS:  0000000000000000(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[  151.121715][   T10] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  151.128307][   T10] CR2: 0000000000000098 CR3: 000000012bd68000 CR4: 00000000003526b0
[  151.136278][   T10] DR0: 0000000000000000 DR1: 0000000000010000 DR2: 0000000000000000
[  151.144245][   T10] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  151.152205][   T10] Call Trace:
[  151.155470][   T10]  <TASK>
[  151.158385][   T10]  ? __cfi_down_write+0x10/0x10
[  151.163238][   T10]  ? _raw_spin_lock+0x8c/0x120
[  151.167989][   T10]  ? __cfi__raw_spin_lock+0x10/0x10
[  151.173175][   T10]  ? mutex_unlock+0x8b/0x240
[  151.177749][   T10]  ? __cfi_mutex_unlock+0x10/0x10
[  151.182756][   T10]  rust_binderfs_remove_file+0x6c/0x110
[  151.188285][   T10]  _RNvXs2_NtCshgDM7dBCdno_11rust_binder7processNtB5_7ProcessNtNtCs43vyB533jt3_6kernel9workqueue8WorkItem3run+0x9d4/0x2860
[  151.201031][   T10]  ? update_curr_dl_se+0x10c/0xb20
[  151.206131][   T10]  ? __cfi___update_load_avg_cfs_rq+0x10/0x10
[  151.212181][   T10]  ? update_curr+0x60d/0xc60
[  151.216759][   T10]  ? __cfi__RNvXs2_NtCshgDM7dBCdno_11rust_binder7processNtB5_7ProcessNtNtCs43vyB533jt3_6kernel9workqueue8WorkItem3run+0x10/0x10
[  151.229938][   T10]  ? update_load_avg+0x506/0x19a0
[  151.234962][   T10]  ? detach_entity_load_avg+0x7b0/0x7b0
[  151.240495][   T10]  ? __kasan_check_write+0x18/0x20
[  151.245589][   T10]  ? _raw_spin_trylock+0xaf/0x130
[  151.250599][   T10]  ? __cfi__raw_spin_trylock+0x10/0x10
[  151.256044][   T10]  ? _raw_spin_unlock+0x45/0x60
[  151.260878][   T10]  ? call_rcu_nocb+0x6bd/0xc10
[  151.265629][   T10]  ? swake_up_one_online_ipi+0x30/0x30
[  151.271071][   T10]  ? kvm_sched_clock_read+0x15/0x30
[  151.276256][   T10]  ? sched_clock_noinstr+0xd/0x30
[  151.281266][   T10]  ? __virt_addr_valid+0xc5/0x380
[  151.286372][   T10]  ? __cfi_thread_stack_free_rcu+0x10/0x10
[  151.292162][   T10]  ? __call_rcu_common+0x40b/0x6f0
[  151.297261][   T10]  ? call_rcu_hurry+0x30/0x30
[  151.301926][   T10]  ? task_dead_fair+0x110/0x190
[  151.306767][   T10]  ? __cfi_task_dead_fair+0x10/0x10
[  151.311948][   T10]  ? __kasan_check_write+0x18/0x20
[  151.317041][   T10]  ? put_task_struct_rcu_user+0x7f/0xb0
[  151.322571][   T10]  ? __switch_to_asm+0x3d/0x70
[  151.327319][   T10]  ? __schedule+0x1463/0x1f10
[  151.331980][   T10]  ? kick_pool+0xad/0x550
[  151.336294][   T10]  process_scheduled_works+0x7d2/0x1020
[  151.341826][   T10]  worker_thread+0xc58/0x1250
[  151.346491][   T10]  kthread+0x2c7/0x370
[  151.350559][   T10]  ? __cfi_worker_thread+0x10/0x10
[  151.355704][   T10]  ? __cfi_kthread+0x10/0x10
[  151.360284][   T10]  ret_from_fork+0x64/0xa0
[  151.364689][   T10]  ? __cfi_kthread+0x10/0x10
[  151.369266][   T10]  ret_from_fork_asm+0x1a/0x30
[  151.374020][   T10]  </TASK>
[  151.377019][   T10] Modules linked in:
[  151.380893][   T10] CR2: 0000000000000098
[  151.385036][   T10] ---[ end trace 0000000000000000 ]---
[  151.390470][   T10] RIP: 0010:down_write+0x9a/0x2a0
[  151.395483][   T10] Code: 48 c7 44 24 20 00 00 00 00 be 08 00 00 00 e8 2d 34 55 fc 4c 89 f7 be 08 00 00 00 e8 20 34 55 fc 48 8b 44 24 20 b9 01 00 00 00 <f0> 48 0f b1 0b 0f 85 a0 00 00 00 48 c7 c0 c0 b9 20 87 48 c1 e8 03
[  151.415078][   T10] RSP: 0018:ffffc900000a7500 EFLAGS: 00010256
[  151.421130][   T10] RAX: 0000000000000000 RBX: 0000000000000098 RCX: 0000000000000001
[  151.429087][   T10] RDX: 0000000000000001 RSI: 0000000000000008 RDI: ffffc900000a7520
[  151.437040][   T10] RBP: ffffc900000a7598 R08: ffffc900000a7527 R09: 1ffff92000014ea4
[  151.444994][   T10] R10: dffffc0000000000 R11: fffff52000014ea5 R12: dffffc0000000000
[  151.452957][   T10] R13: 1ffff92000014ea0 R14: ffffc900000a7520 R15: 0000000000000000
[  151.460910][   T10] FS:  0000000000000000(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[  151.469821][   T10] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  151.476386][   T10] CR2: 0000000000000098 CR3: 000000012bd68000 CR4: 00000000003526b0
[  151.484341][   T10] DR0: 0000000000000000 DR1: 0000000000010000 DR2: 0000000000000000
[  151.492297][   T10] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  151.500251][   T10] Kernel panic - not syncing: Fatal exception
[  151.506577][   T10] Kernel Offset: disabled
[  151.510908][   T10] Rebooting in 86400 seconds..