last executing test programs:

48.010033852s ago: executing program 2 (id=127):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000b40)={0x14, 0x0, &(0x7f0000000a00)=[@clear_death={0x400c630f, 0x3}, @exit_looper], 0xee, 0x0, &(0x7f0000000a40)="6d0a883b16f5c4d4a2aa34c0201b862cdb8388abc43f2b72425ca6d1ee5b45f461a5cfda0bff8362d7a2b6301b5770a1259a713e27519806650859b7229606e7fa5f1c3880384de039e5ca9339ca8ac919bdf0ce76d583bbdec309babbdd225e3a40859ac58982754a24c5db84ff34e4a02224912d0813be59ae0e2b829d09c2af8fbb57cc594ee4a928cb05357af60b7a96cb18243c9e90eda17b8632aaf4f142986860bfcdf1d1cf15045fe5fc31f3605f6d93a86048504f4664eae1e1f92fb20a557e6171773c2a9697ea00b3fff589999fb63a3537d93ac47d0d9c81bf7d999c409f6231d435e17fd2230d04"})
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
r1 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000300)='.pending_reads\x00', 0x420000, 0x20)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000009c0)={0x104, 0x0, &(0x7f00000007c0)=[@transaction_sg={0x40486311, {0x2, 0x0, 0x0, 0x0, 0xc7bbde144d231322, 0x0, 0x0, 0x58, 0x18, &(0x7f0000000240)={@flat=@handle={0x73682a85, 0x1100}, @flat=@weak_binder={0x77622a85, 0xa}, @ptr={0x70742a85, 0x1, &(0x7f0000000180)=""/152, 0x98, 0x0, 0x1a}}, &(0x7f00000002c0)={0x0, 0x18, 0x30}}, 0x40}, @transaction={0x40406300, {0x2, 0x0, 0x0, 0x0, 0x30, 0x0, 0x0, 0x60, 0x18, &(0x7f0000000480)={@ptr={0x70742a85, 0x1, &(0x7f0000000400)=""/101, 0x65, 0x0, 0x1c}, @fd={0x66642a85, 0x0, r1}, @fda={0x66646185, 0x4, 0x1, 0x5}}, &(0x7f0000000500)={0x0, 0x28, 0x40}}}, @request_death={0x400c630e, 0x1}, @enter_looper, @transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x70, 0x18, &(0x7f0000000700)={@ptr={0x70742a85, 0x0, &(0x7f0000000540)=""/142, 0x8e, 0x2, 0x1c}, @fda={0x66646185, 0x2, 0x0, 0x39}, @ptr={0x70742a85, 0x0, &(0x7f0000000600)=""/196, 0xc4, 0x1, 0x3a}}, &(0x7f0000000780)={0x0, 0x28, 0x48}}, 0x1000}, @increfs_done={0x40106308, 0x1}], 0xac, 0x0, &(0x7f0000000900)="9cb1cf965befc068e050375402261ed6b28a77cd4fdc7296bda5bc513af817cb2cb67b3a921b3c3c62d919df4e22daaec9dc5ee46f6d5dacd181709cabddb9ab989a2a9f45659df1267de28aac5ce53172bb357a1b488ccd902c8dc4dcbcf4d8783b4c48e57fb9ea776f56b6636dbf5a771aa889a33b2910d5c96a9fd80d90b1b3def2667d23e21678870040df3b038465b66e3acffe48583068b6aad5ca8ef7fa38ed383a7bd01b5a0d201d"})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1)
ioctl$KVM_X86_SETUP_MCE(r4, 0x4008ae9c, &(0x7f0000000040)={0xa, 0x6})
ioctl$FS_IOC_GETFSUUID(r0, 0x80111500, &(0x7f0000000140))
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000003c0)={0xc, 0x0, &(0x7f0000000100)=[@acquire={0x40046305, 0x1}, @register_looper], 0x50, 0x0, &(0x7f0000000340)="a89aff67520a7335b849b4f88a6db06e45e3f5e648a65b8003975be8a982d5135e161a783d3d01fddcbd838bac308358a7e349f333e620505e4cf1982c991b516a9e26b6bb537c85f5ad467697f0d78b"})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140), 0x0, 0x0, 0x0})
syz_clone3(&(0x7f00000029c0)={0x0, 0x0, 0x0, 0x0, {0x4}, 0x0, 0x0, 0x0, &(0x7f0000002980)=[0x0], 0x1}, 0x58)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000040), 0x12)

47.728239136s ago: executing program 2 (id=132):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'pim6reg1\x00', 0x2})
r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000001640), 0x4000, 0x0)
ioctl$TUNSETTXFILTER(r0, 0x400454d1, &(0x7f00000002c0)={0x0, 0x7, [@remote, @link_local, @broadcast, @remote, @link_local, @random="db6576d74337", @random="bb8021e9da14"]})
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000100)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETTXFILTER(r2, 0x400454ca, &(0x7f0000000100)=ANY=[])
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
r4 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000001080)='/proc/sys/net/ipv4/tcp_rmem\x00', 0x1, 0x0)
write$tcp_mem(r4, 0x0, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x0, 0x0)
r6 = openat$cgroup_ro(r5, &(0x7f0000000180)='pids.current\x00', 0x300, 0x0)
read$FUSE(r6, &(0x7f000001aa80)={0x2020}, 0x2020)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000480)=[@increfs], 0x0, 0x0, 0x0})
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
write$cgroup_subtree(r5, &(0x7f00000000c0)=ANY=[@ANYBLOB='+freejer '], 0x9)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$KVM_X86_SET_MCE(r9, 0x4040ae9e, &(0x7f0000000080)={0x9580000000000000, 0xf002, 0x3, 0x4, 0x14})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000187000/0x2000)=nil, 0x2000, 0x8, 0x13, r7, 0x9ca32000)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000ec0)={'syz0\x00', {0x0, 0x0, 0x0, 0x9}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x1, 0x7, 0x0, 0x0, 0x0, 0x5, 0x1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [0x0, 0x0, 0x8, 0xb16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x2, 0x0, 0x9, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x1000, 0x0, 0xf, 0x0, 0x2, 0x0, 0x0, 0x0, 0xf7fffffe, 0x4, 0x1, 0x0, 0x0, 0x0, 0xfffffffd, 0xaf6f, 0x0, 0xfffffffa, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0xe], [0x7, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x5, 0x0, 0x0, 0xfffffffc, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xe, 0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x4], [0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc045, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x80, 0x0, 0x3, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2000, 0xffffffff, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x5, 0x0, 0x0, 0x0, 0x2, 0x4, 0x4, 0x0, 0x0, 0xfffffffd, 0xfffffffe, 0x2000, 0x0, 0x0, 0x0, 0x5]}, 0x45c)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000040)={0xc, 0x0, &(0x7f0000000000)=[@exit_looper, @release], 0x0, 0x0, 0x0})
ioctl$UI_DEV_CREATE(r1, 0x5501)

47.585133678s ago: executing program 2 (id=135):
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x9250)
mmap(&(0x7f0000fee000/0xf000)=nil, 0xf000, 0x100000e, 0x11, r0, 0x0)
r1 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
ioctl$BLKFINISHZONE(r1, 0x40101288, &(0x7f0000000080)={0x1000, 0xffffffffffffff3b})

47.47242208s ago: executing program 2 (id=137):
r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x44000, 0x0)
read$rfkill(r0, &(0x7f0000000040), 0x8)
ioctl$TIOCL_PASTESEL(r0, 0x541c, &(0x7f0000000080))
r1 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
read$rfkill(r1, &(0x7f0000000100), 0x8)
ioctl$VT_RESIZEX(r1, 0x560a, &(0x7f0000000140)={0x40, 0x8, 0x1, 0xffff, 0xe17, 0x6})
write$rfkill(r1, &(0x7f0000000180)={0x3, 0x5, 0x2, 0x1}, 0x8)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000001c0), 0x400, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_HAS_DEVICE_ATTR(r1, 0x4018aee3, &(0x7f0000000240)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000200)=0x1})
write$tcp_congestion(r0, &(0x7f0000000280)='scalable\x00', 0x9)
ioctl$VT_DISALLOCATE(r2, 0x5608)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xc, 0x20010, r2, 0x130ce000)
write$tcp_congestion(r1, &(0x7f00000002c0)='reno\x00', 0x5)
ioctl$KVM_GET_DEVICE_ATTR(r2, 0x4018aee2, &(0x7f0000000340)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000300)=0xa6})
ioctl$GIO_UNISCRNMAP(r1, 0x4b69, &(0x7f0000000380)=""/143)
r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
mmap$KVM_VCPU(&(0x7f0000ffc000/0x2000)=nil, r4, 0xb, 0x80010, r1, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$TIOCSPTLCK(r2, 0x40045431, &(0x7f0000000440))
openat$uinput(0xffffffffffffff9c, &(0x7f0000000480), 0x2, 0x0)
r5 = openat$fuse(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0)
read$FUSE(r3, &(0x7f0000000500)={0x2020, 0x0, <r6=>0x0}, 0x2020)
write$FUSE_INIT(r5, &(0x7f0000002540)={0x50, 0x0, r6, {0x7, 0x2b, 0x1, 0x54000601, 0x2, 0xfad9, 0x1, 0x401, 0x0, 0x0, 0x4}}, 0x50)
r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000025c0), 0x100, 0x0)
ioctl$TIOCGSID(r7, 0x5429, &(0x7f0000002600))
ioctl$TIOCMIWAIT(r2, 0x545c, 0x0)
ioctl$TIOCGISO7816(r7, 0x80285442, &(0x7f0000002640))
openat$kvm(0xffffffffffffff9c, &(0x7f0000002680), 0x4002, 0x0)
ioctl$BTRFS_IOC_SUBVOL_SETFLAGS(r5, 0x4008941a, &(0x7f00000026c0))

47.44234289s ago: executing program 2 (id=138):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000083c0)={{0x1}})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f0000000240)={0x0, 0x7, 0x0, 0x0, 0xe})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x1000, 0x0)
ioctl$KVM_CHECK_EXTENSION(r1, 0xae03, 0xd7)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x802, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000200)={'netdevsim0\x00', 0x400})
ioctl$TUNATTACHFILTER(r3, 0x401054d5, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x5, 0x2, 0xc, 0x3}]})
r4 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000580)={0x9c, 0x0, &(0x7f00000004c0)=[@exit_looper, @reply_sg={0x40486312, {0x2, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x58, 0x18, &(0x7f0000000100)={@ptr={0x70742a85, 0x1, &(0x7f0000000080)=""/72, 0x48, 0x2, 0x3a}, @fd={0x66642a85, 0x0, r4}, @flat=@weak_handle={0x77682a85, 0x110a, 0x2}}, &(0x7f00000001c0)={0x0, 0x28, 0x40}}, 0x40}, @transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x21, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000440)={@fd={0x66642a85, 0x0, r2}, @ptr={0x70742a85, 0x0, &(0x7f0000000200)=""/15, 0xf, 0x1, 0x36}, @ptr={0x70742a85, 0x1, &(0x7f0000000240)=""/208, 0xd0, 0x1, 0x22}}, &(0x7f0000000340)={0x0, 0x18, 0x40}}, 0x1400}], 0x1f, 0x0, &(0x7f00000003c0)="4e685aa2a91a8f04fbc05559a2eace4c491fb9cd9f99436cc0a829593c31a6"})
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r5, 0xae03, 0x9f)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r6, 0x40086602, &(0x7f0000000280)=0x10)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101740, 0x179)
ioctl$TUNSETLINK(r4, 0x400454cd, 0x20)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000400)={0x4, 0x0, &(0x7f0000000380)=[@enter_looper], 0x50, 0x0, &(0x7f0000002040)="7797f473010e3c6f412193d01ca46e5d1fd37e1ff088862e47734ac7eb2e436321311317afe07822a299d63328f5c10a5f99166b47868f357ba1edd6b402c7022a1fe37f5f729dd812db18dad930f670"})

47.387493641s ago: executing program 2 (id=139):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000340)={0x73622a85, 0xb, 0x20000})
r1 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x80401, 0x0)
ioctl$BLKRRPART(r1, 0x125f, 0x0)
prctl$PR_MCE_KILL(0x35, 0x0, 0x8)
prctl$PR_MCE_KILL(0x35, 0x0, 0x10)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x802, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0xc, 0x0, &(0x7f0000000200)=[@acquire, @enter_looper], 0x53, 0x0, 0x0})
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_SET_MSRS(r4, 0xc008ae88, &(0x7f0000000000)={0x1, 0x0, [{0x10a, 0x0, 0x100000002}]})
r5 = openat$cgroup_int(r3, &(0x7f0000001180)='cpuset.sched_relax_domain_level\x00', 0x2, 0x0)
write$cgroup_int(r5, &(0x7f0000000040), 0x12)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000480)={0x20, 0x0, &(0x7f0000000000)=[@request_death, @clear_death], 0x0, 0x0, 0x0})

32.296731903s ago: executing program 32 (id=139):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000340)={0x73622a85, 0xb, 0x20000})
r1 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x80401, 0x0)
ioctl$BLKRRPART(r1, 0x125f, 0x0)
prctl$PR_MCE_KILL(0x35, 0x0, 0x8)
prctl$PR_MCE_KILL(0x35, 0x0, 0x10)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x802, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0xc, 0x0, &(0x7f0000000200)=[@acquire, @enter_looper], 0x53, 0x0, 0x0})
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_SET_MSRS(r4, 0xc008ae88, &(0x7f0000000000)={0x1, 0x0, [{0x10a, 0x0, 0x100000002}]})
r5 = openat$cgroup_int(r3, &(0x7f0000001180)='cpuset.sched_relax_domain_level\x00', 0x2, 0x0)
write$cgroup_int(r5, &(0x7f0000000040), 0x12)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000480)={0x20, 0x0, &(0x7f0000000000)=[@request_death, @clear_death], 0x0, 0x0, 0x0})

31.293275719s ago: executing program 0 (id=397):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000380)=ANY=[@ANYBLOB="0600000000000000030100c00000000006000000000000008a040000000000000600000000000000e70b000086809a02aae56c2e00000000ae020000000000000100100000000000940200000000000007bed03d000000000d060000000000000180000000000000cf1a7f2a66db0748d34868a4347829bce2850b1b88955cf7c415660340a3b243ea0c9a7e1197c18a10e87022fed8f51b2c05add52457e609893220cd481ca79fef671d770bfc84783ece9ddc68767a64436aa441ea8d0ee82dbb2c78dfe9416ace59b61b515fd882ca364dc350bf4cc909303f2038c0e86f0000b4152826e2f110fc0cc7672058f1d69f2cf9f0e8fddac81dbb512508ee59f2a83d82994a0ce5a3c9e3e5d58545a740d7"])
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000002c0)={[0x8aba, 0x4, 0x6, 0x8, 0x40, 0xf, 0x120000, 0x5, 0x0, 0x8, 0x8000000000000001, 0x8, 0x800000000, 0xf, 0x3, 0x1], 0x3000, 0x141200})
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5414, &(0x7f0000000080))
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000140)=@arm64={0x10, 0x2, 0xb6, '\x00', 0x2})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r5 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000280), 0x8800, 0x0)
read(r5, &(0x7f0000000080)=""/93, 0xffffff6c)

30.855064276s ago: executing program 0 (id=408):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs2/binder1\x00', 0x800, 0x0)
mmap$binder(&(0x7f00000a0000)=nil, 0x0, 0x1, 0x11, r1, 0x3) (async)
mmap$binder(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1, 0x11, r1, 0x80000001) (async)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x802, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000140)={0x8, 0x0, &(0x7f0000000040)=[@acquire], 0x0, 0x0, 0x0}) (async)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000640)={0x20, 0x0, &(0x7f0000000e00)=[@request_death, @clear_death], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000400)={0x4, 0x0, &(0x7f0000000380)=[@enter_looper], 0x50, 0x0, &(0x7f0000002040)="7797f473010e3c6f412193d01ca46e5d1fd37e1ff088862e47734ac7eb2e436321311317afe07822a299d63328f5c10a5f99166b47868f357ba1edd6b402c7022a1fe37f5f729dd812db18dad930f670"}) (async, rerun: 32)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000a40), 0x40400, 0x0) (rerun: 32)
r4 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x80, 0x0)
prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r4) (async)
r5 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) (async)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/timers\x00', 0x0, 0x0) (async)
close(0x3)
ioctl$KVM_SET_GUEST_DEBUG(r6, 0x4048ae9b, &(0x7f0000000300)={0x70001, 0x0, [0x40000000000, 0xc, 0x6, 0x6, 0xfffffffffffffffc, 0x0, 0x29]}) (async, rerun: 64)
ioctl$KVM_SET_DEBUGREGS(r6, 0x4080aea2, &(0x7f0000000000)={[0xeeef0000, 0xdddd0000, 0xdddd0000, 0x1000], 0xc1}) (async, rerun: 64)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140), 0x0, 0x0, 0x0})

30.769986557s ago: executing program 0 (id=409):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)
ioctl$BLKBSZGET(r0, 0x80081270, &(0x7f0000000000))
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) (async)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000640)='/sys/power/pm_test', 0x42, 0x0)
write$UHID_DESTROY(r2, &(0x7f0000000200), 0x7)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r1, 0x0) (async)
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r1, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffa000/0x2000)=nil, 0x2000, &(0x7f0000000000))
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0)
ioctl$TIOCL_GETMOUSEREPORTING(0xffffffffffffffff, 0x5412, &(0x7f00000000c0)=0x13)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0) (async)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
ioctl$KVM_GET_SUPPORTED_CPUID(r3, 0xc008ae05, &(0x7f00000000c0)=""/125) (async)
ioctl$KVM_GET_SUPPORTED_CPUID(r3, 0xc008ae05, &(0x7f00000000c0)=""/125)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000240)={0x4c, 0x0, &(0x7f0000000140)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x60, 0x18, &(0x7f0000000580)={@ptr={0x70742a85, 0x0, &(0x7f00000001c0)=""/75, 0x4b, 0x0, 0x32}, @fda={0x66646185, 0x0, 0x0, 0x16}, @flat=@binder={0x73622a85, 0xa, 0x1}}, &(0x7f00000004c0)={0x0, 0x28, 0x48}}, 0x1000}], 0x0, 0x0, 0x0})

30.689391178s ago: executing program 0 (id=411):
ioctl$KVM_CLEAR_DIRTY_LOG(0xffffffffffffffff, 0xc018aec0, &(0x7f0000000140)={0x0, 0x2c0, 0x0, &(0x7f0000000180)=[0x6bd1a312, 0xec66, 0xff, 0x8, 0x98bd, 0x800000000000009, 0x0, 0x100000000000004, 0x10000, 0x100, 0x9004, 0x0, 0x3, 0x5, 0x5, 0x49, 0x3ff, 0x7, 0x0, 0xfffffffffffffff8, 0x8, 0x7, 0x1c1, 0x1000000003, 0x2, 0x2, 0x6, 0x7, 0x4, 0xffffffff, 0xffffffff00000000, 0x0, 0x4, 0x7, 0x23b, 0x3, 0x2, 0x888f, 0x4, 0x8, 0x6, 0x6, 0x3, 0xa3de, 0x20000020006, 0x8, 0x5c3e, 0x400, 0x800000000000003, 0xfffffffffffffff7, 0xfffffffffffffffa, 0x2, 0xe, 0x7, 0x4, 0xe6, 0x200000000000101, 0x5, 0x9, 0x66, 0x6, 0x7, 0x40000005, 0xfffffffeffffffff, 0xc, 0xd, 0x9, 0xe8, 0x80000003, 0xfffffffffff7fc00, 0x2, 0x4, 0x2, 0xcdc, 0x7, 0x2, 0x3, 0x2, 0x5, 0xfff, 0x6, 0x4, 0x6, 0xab6, 0x0, 0x4, 0xfff, 0xffffffffffffff81, 0x9, 0xff, 0x6, 0x28000000, 0x5, 0x400000000008061d, 0xffffffffffffffff, 0x8, 0xf6, 0x4, 0x6, 0x200, 0x7, 0xe53e, 0x2c, 0x8, 0x2293332f, 0x92a, 0x5, 0x0, 0xd, 0x2, 0x5, 0x2, 0x2, 0x7, 0xdfd4, 0xfffd, 0x10, 0x8, 0x8, 0x1, 0x53e0f0fa, 0xeb4, 0x3, 0xfffffffffffffffe, 0xb692, 0x400, 0x7, 0x3]})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_clone(0x0, 0x0, 0xfffffe11, 0x0, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
read$FUSE(r2, &(0x7f00000021c0)={0x2020}, 0x2020)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4138ae84, &(0x7f0000000c40)=@arm64={0x9, 0x40, 0x3, '\x00', 0x7})
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000140)=@x86={0x0, 0xff, 0x1, 0x0, 0x2, 0xff, 0x8, 0x99, 0x0, 0x0, 0xd, 0x10, 0x0, 0x20006, 0xf0, 0x0, 0x1, 0x4, 0xfe, '\x00', 0x0, 0x3})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)

30.410778143s ago: executing program 0 (id=420):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x200002, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x161283, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r4, 0xc008ae88, &(0x7f00000000c0)=ANY=[@ANYBLOB="020000000000e3ff000100c0"])
mkdirat$cgroup(r1, 0x0, 0x1ff)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x51)
ioctl$FS_IOC_FSSETXATTR(r5, 0x401c5820, &(0x7f0000000080)={0x8})
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000000), 0x2, 0x0)
r6 = openat$cgroup_freezer_state(r1, &(0x7f00000003c0), 0x2, 0x0)
read(r6, &(0x7f0000000080)=""/265, 0x109)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000003c0)={0xc, 0x0, &(0x7f0000000100)=[@acquire={0x40046305, 0x1}, @register_looper], 0x50, 0x0, &(0x7f0000000340)="a89aff67520a7335b849b4f88a6db06e45e3f5e648a65b8003975be8a982d5135e161a783d3d01fddcbd838bac308358a7e349f333e620505e4cf1982c991b516a9e26b6bb537c85f5ad467697f0d78b"})
r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TCFLSH(r7, 0x40045431, 0xfffffffffffffffd)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000240)={0x4c, 0x0, &(0x7f0000000140)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x58, 0x18, &(0x7f00000001c0)={@fd={0x66642a85, 0x0, r0}, @fd={0x66642a85, 0x0, r0}, @ptr={0x70742a85, 0x0, 0x0}}, &(0x7f0000000280)={0x0, 0x18, 0x30}}, 0x10}], 0x0, 0x0, 0x0})
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r10, 0x4008ae89, &(0x7f0000000000)={0x1, 0x0, [{0x4b564d01, 0x0, 0xfffffffffffffff7}]})
syz_clone3(&(0x7f00000029c0)={0x0, 0x0, 0x0, 0x0, {0x4}, 0x0, 0x0, 0x0, &(0x7f0000002980)=[0x0], 0x1}, 0x58)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000006c0)={0x90, 0x0, &(0x7f0000000500)=[@clear_death, @increfs={0x40046304, 0x1}, @transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x58, 0x18, &(0x7f00000002c0)={@flat=@handle={0x73682a85, 0x100, 0x3}, @ptr={0x70742a85, 0x1, &(0x7f0000000400)=""/198, 0xc6, 0x0, 0x9}, @flat=@weak_binder={0x77622a85, 0xb}}, &(0x7f0000000000)={0x0, 0x18, 0x40}}, 0x1000}, @increfs_done={0x40106308, 0x3}, @clear_death, @increfs={0x40046304, 0x1}], 0xd7, 0x0, &(0x7f00000005c0)="e0bc18cdd1fb48eac60684f1577ecb384200acf76e25d4566d80ed0f920f3ef45b8ae5a350595d8fd6dec96df394c0182f93e6632444483b04e7857cf805cc9d0163477127046b08c211cfbdd92118f657459d828455a0df16206f19f4f69cd6291b231b6df81be719db0b6be22b5d716fca76a160dbc62a929ef8f468128a38aa883f206b118b0d800606eec1d4bd2e35b516bc982a61efc20e45cda062efca3aad60a6748a25fff2d76671349c6f926f29912db8a29991cfa47e0b2f2889b030417c3840def9c2bd7eca0b43fcb408ecbc2572a73a24"})
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000040), 0x12)

30.092347877s ago: executing program 0 (id=422):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0)
ioctl$BINDER_GET_EXTENDED_ERROR(r1, 0xc00c6211, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x1c1900, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
ioctl$KVM_SET_MSRS(r6, 0x4008ae89, &(0x7f0000000100)={0x1, 0x0, [{0xc0011029}]})
prctl$PR_GET_PDEATHSIG(0x2, &(0x7f0000000000))
ioctl$KVM_SET_MSRS(r3, 0xc008ae88, &(0x7f0000000080)=ANY=[@ANYBLOB="0100000000000000b10000400000fc54e45bf99b4bc4f14300005e00000000000000"])
r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r7, 0x4018620d, &(0x7f0000000200)={0x73622a85, 0x1081, 0x200000000000})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r7, 0x0)
ioctl$BINDER_WRITE_READ(r7, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60, 0x18, &(0x7f0000000000)={@flat=@weak_binder={0x77622a85, 0x90e, 0x2}, @ptr={0x70742a85, 0x0, 0x0, 0x0, 0x0, 0x33}, @fda={0x66646185, 0x8, 0x2, 0x40}}, &(0x7f0000000280)={0x0, 0x18, 0x40}}, 0x10}], 0x0, 0x0, 0x0})

17.172317386s ago: executing program 3 (id=625):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000100)={0x4, <r2=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000000)=@attr_other={0x0, 0x1, 0xfffffffffffffeff, 0x0})
r3 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r3, 0x40087703, 0xfffffffa)
mmap(&(0x7f0000701000/0x1000)=nil, 0x1000, 0x0, 0x12, r3, 0x0)
syz_clone3(&(0x7f0000000240)={0x10002000, 0x0, 0x0, 0x0, {0x1c}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r6, 0xc008ae88, &(0x7f0000000000)={0x1, 0x0, [{0x29e, 0x0, 0xe}]})
r7 = openat$full(0xffffffffffffff9c, &(0x7f0000000800), 0x2800, 0x0)
read$FUSE(r7, &(0x7f0000000880)={0x2020}, 0x2020)
prctl$PR_SET_THP_DISABLE(0x41, 0x3)
prctl$PR_SET_THP_DISABLE(0x42, 0x0)
read(r6, 0x0, 0x40)

16.998564989s ago: executing program 3 (id=627):
openat$rtc(0xffffffffffffff9c, &(0x7f00000000c0), 0x402, 0x0)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
read(r0, &(0x7f0000000280)=""/4096, 0x1000)
r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000), 0x200000, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r5, 0x4008ae90, &(0x7f0000000000)={0x1, 0x0, [{0xd, 0x0, 0x7, 0x1d9, 0x8004, 0x1, 0x1}]})
openat$cgroup_netprio_ifpriomap(r2, &(0x7f0000000040), 0x2, 0x0)
close_range(r1, 0xffffffffffffffff, 0x2)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/bus/input/devices\x00', 0x0, 0x0)
r7 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r7, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r7, 0x4028af11, &(0x7f0000000540)={0x0, 0x0, 0x0, &(0x7f00000004c0)=""/120, 0x0, 0x80a0000})
ioctl$VHOST_SET_VRING_ADDR(r7, 0x4028af11, &(0x7f0000000280)={0x1, 0x0, 0x0, &(0x7f00000000c0)=""/87, 0x0, 0x5000})
ioctl$VHOST_SET_MEM_TABLE(r7, 0x4008af03, &(0x7f0000000380))
ioctl$VHOST_VSOCK_SET_RUNNING(r6, 0x4004af61, &(0x7f0000000000)=0x101fffe)
ioctl$VHOST_GET_VRING_ENDIAN(r7, 0x4028af11, &(0x7f00000001c0))
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0)
r8 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000001, 0x22052, r8, 0x2000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r8, 0x664a9000)

16.776129892s ago: executing program 3 (id=629):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x200500, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="010000000000000018010040"]) (async)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f0000000300)={0x0, 0x0, @pic={0x4, 0x8, 0x1e, 0x7f, 0x4, 0x2f, 0x9e, 0xf3, 0x1, 0xd4, 0x9, 0x3, 0xd, 0x6, 0x14}}) (async)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000003c0)={[0x60000000004, 0x1000000000, 0x5, 0x41, 0x2000000, 0x0, 0x2004cb, 0x0, 0xa1d, 0x68ff, 0x5, 0x0, 0x3, 0x2], 0x10000, 0x202}) (async)
ioctl$KVM_RUN(r2, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r2, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r2, 0xae80, 0x0) (async)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x80, 0x0) (async)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder1\x00', 0x0, 0x0) (async)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) (async)
r4 = openat$binfmt_format(0xffffff9c, &(0x7f0000000040)='/proc/sys/fs/binfmt_misc/syz1\x00', 0x2, 0x0)
write(r4, 0x0, 0x0) (async)
close(r3) (async)
r5 = openat$selinux_status(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000701000/0x1000)=nil, 0x1000, 0x0, 0x12, r5, 0x0) (async)
ioctl$PPPIOCSCOMPRESS(r5, 0x4010744d)

16.623720264s ago: executing program 3 (id=632):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040))
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000080)={[{0x4b413150, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x9, 0x2}, {0x0, 0x100, 0x4, 0x0, 0xfc, 0x0, 0x1}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x3, 0xff, 0x0, 0xbd}]})
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000040)={0x8, 0x0, &(0x7f0000000000)=[@acquire={0x40046305, 0x2}], 0x0, 0x0, 0x0})

16.522081466s ago: executing program 3 (id=634):
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000500), 0x400500, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000000040))
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x51)
ioctl$FS_IOC_FSSETXATTR(r4, 0x401c5820, &(0x7f0000000080)={0x8})
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000003c0)={[0x60000000000, 0x1000000000, 0x2, 0x49, 0xda1, 0x8, 0x2004cb, 0x0, 0x100001000000, 0xfffffffffffffffe, 0x19b, 0x8000, 0x3], 0x3000, 0x204})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r5 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r5, 0x40087703, 0xfffffffe)
mmap(&(0x7f0000701000/0x1000)=nil, 0x1000, 0x0, 0x12, r5, 0x0)
ioctl$ASHMEM_SET_NAME(r5, 0x41007701, &(0x7f0000000000)='/dev/ashmem\x00')
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x100000002000c)
mmap(&(0x7f0000701000/0x1000)=nil, 0x1000, 0x0, 0x12, r0, 0x0)

16.384029808s ago: executing program 3 (id=637):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f00000000c0), 0x141080, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_int(r1, &(0x7f0000000100)='cpuset.cpus\x00', 0x2, 0x0)
write$cgroup_subtree(r2, &(0x7f0000000800)=ANY=[@ANYBLOB='U-'], 0x31)
ioctl$BLKRRPART(r0, 0x125f, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f00000005c0)={0x2020}, 0x2020)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000300)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000640)={0x20, 0x0, &(0x7f0000000280)=[@request_death={0x400c630e, 0x0, 0xfc}, @clear_death], 0x0, 0x0, 0x0})
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f00000003c0)={0xc, 0x0, &(0x7f0000000200)=[@acquire, @enter_looper], 0x53, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000480)={0x20, 0x0, &(0x7f0000000000)=[@request_death, @clear_death], 0x0, 0x0, 0x0})
openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0)

15.113460177s ago: executing program 33 (id=422):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0)
ioctl$BINDER_GET_EXTENDED_ERROR(r1, 0xc00c6211, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x1c1900, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
ioctl$KVM_SET_MSRS(r6, 0x4008ae89, &(0x7f0000000100)={0x1, 0x0, [{0xc0011029}]})
prctl$PR_GET_PDEATHSIG(0x2, &(0x7f0000000000))
ioctl$KVM_SET_MSRS(r3, 0xc008ae88, &(0x7f0000000080)=ANY=[@ANYBLOB="0100000000000000b10000400000fc54e45bf99b4bc4f14300005e00000000000000"])
r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r7, 0x4018620d, &(0x7f0000000200)={0x73622a85, 0x1081, 0x200000000000})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r7, 0x0)
ioctl$BINDER_WRITE_READ(r7, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60, 0x18, &(0x7f0000000000)={@flat=@weak_binder={0x77622a85, 0x90e, 0x2}, @ptr={0x70742a85, 0x0, 0x0, 0x0, 0x0, 0x33}, @fda={0x66646185, 0x8, 0x2, 0x40}}, &(0x7f0000000280)={0x0, 0x18, 0x40}}, 0x10}], 0x0, 0x0, 0x0})

3.648616114s ago: executing program 1 (id=829):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder1\x00', 0x2, 0x0)
ioctl$BINDER_SET_MAX_THREADS(r0, 0x40046205, &(0x7f0000000040)=0xfffffff7)
r1 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000080), 0x381440, 0x0)
ioctl$ASHMEM_SET_NAME(r1, 0x40087708, &(0x7f0000000d40)='\x00\x00\x03\x06\x00\x00\x00\x05\x00x\x92\x12\xac\x06^\xbewV\xf3\"\xc4\x04\xbb\x0642\x9c\x1a\xd1\xcb{\xb0\xd6\x1e\x00gQ\xca\x0eU\xf7\'\x8c\xc1\xc6\xbb\xc5\x1c\xf7\xaf\x95\x83=\t7\x96\x1a\xad\xd0\xd0\xee\x9c\x962\bu\xba\xfc\xae\xc2\x19\xeb\x91\xc9\t\xbc\xc1\xcb\xba\xe3\x8e\xf6\x89\xc2\'\xdfn(Q=v-<\r\xd1?\xd0\xf5\xd5\x80\xc0\xb4a \x15\x9a\x9f\xf0:\xfd$\xad\xbb\x9a|c\xfc\"\xee\xc4\x93Q\x82\x16\xbf\xe3c\x8d \x0f\xb1\xe9\xf2o \x00\x00\x00\x00\x00\x00\x00H\xaf\t\x18\xc8\x1b\x1e\xbe\xd8>\xec\x9f~\xa7\xf7\xafdd\xf1\xdbjE\x01\xd1sD\x89\x94&\\U\f\x18\x99]\xaba\xe93\x01\xa23\xc9hP1\xdc-\'\xd0\x9e}\x89\x04\x00\x00\x00\x84\x19\x9f_D\xbdt/\'\xf6\xc3\x8c\xb8\vS\x80\xad\xf8\xbf\xa2\xa0\x99\xc2\x16=\xcc\xb0\x1b7\xe3-\'\x02\x16\xf5\xe6\x93\x02E\n\xe8\x00\x00\x8c\xed\x11\xf7\xf2J\xf6\x90A@\x01\x13\xc7`g\xcb\xd7\xdb\x1e\xb2\xc9\xfd\xf7\xa9\x96\xf8/0Xd\xcf\xb9\xa2\x1d\x13\x8fC\xd2&\xd8\x9d\x8b\xe0E\xd2\xc6\x1a\xf3\xa8\x0e\xba\xecOv$\xc8\"\a\xd7T\xfb\xfc\xfauT\xf8\x9e\x86\xef.\xf6<\xbfB\xe7\x80\x1a\a\t+x_B=\xe7\xa5\x89\xfb\xa2\xc6\x97\xeb\xdecY{\x0e\xc2\x00\x00\x00\x00\x00\x00\x00\a\xf4\x88\x06\xe3\xcb\xc8\xe0\xcc\vE\x18\"\x87\xa0\xa9:\xceY\xf0\xa2\xe0\x9d\x8c\x8e\x11\xb7\x98\xa5\xda$\x94D\xb4\xf2>\x01\x00+\xfa\xa9 \xe1\x13Y\x86\xd8\xbfH\xc6\x9c\x8cs4\r\xcd\xd1\x83JT\xf9\xa2\x83?\xb3\x0f\xc6&\x1d\xa3\xc4\xc3\xd2\xfd\xad\xa35o\xe8\xcd^/\xd8\xf4[n\x9fJ\xf4\n\x92c\xaa\xddT&L<+\x19R\a\xfc\xf2\x17\xb8$\xa9]\xc2\\\xda<\xc8Q.w\x9c\xaf4\xbb\xe8Co\xb3\xd8\x82\x92\xba+\x99PXB\xdc\xbay\xa0s<\x92k\vJTRW\xc26\x06\x10\x92\xc7\xa55\x9fZ\xff*ir\x1e\xe8\a\x00\x00\x00\x00\x00\x00\x00\x88\x19\xf7\xdd\xa8\xef\xa0\x98\xcd\x81\x10>\xc7{\x84\xb9\xc0B\xe1\t\x00\xbaQj\x81\xc8\xf8\x146%Z\x83H\xabF\x18<\x86h\x01=\x03i\xc4\t\x8e/\x12\a\xdf\xe7zU\x1d\x15\x0e\xc1?\xeau\xb4\x84x\x00\x00X\xf4\xe9\x1f\xcd\x05\x0fz_\x8d,^\xde\xfd\xd1\xbed\xed\xa1\xf5\xc6(p\xb4;\x0e\x18\xf7/A\xfd\x92\xd0}ur\xaag\xdb&e$\f\rrT\xd8\x88~\x13\xc22t\xf6\xf4Fs\xc1\x05\xfa\x99\x15\x87\x14\x13$\t\xa8?\xee\x94W\x8e\xe1\xcc\xc3U\x84\xc6]:\x9a|W\xec\x84\x18\bb\x82\x8f\xc0\xab\xe3a\x99\x17\x85\x9a\x05\xb1\x12K\\\xf2\xd5\b^[D~~\x84\\\xe4\x00=\xd8\x96\xec\x15\x10J\xc66\x1dn\x8b8(\'9?$\xffr\xdd\rI\xd5\xb8\xc7\xaew]\x84\xe6N\x96]:w$\x8b\xf3U.\xbc\xbc.\xfaZ\x90\xe8\xf2\xde\xd6\x832\xaa7=Q\xac\xaaj\xd4\x1c')
r2 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000280), 0x8800, 0x0)
read(r2, 0x0, 0x0)
r3 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$FS_IOC_FIEMAP(r0, 0xc020660b, &(0x7f00000003c0)={0x3b700000, 0xace8, 0x7, 0xe03, 0x2, 0x0, [{0xfffffffffffffffb, 0x8}, {0x8001, 0x4b7c, 0x5, '\x00', 0x7}]})
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000080)={0x1, 0x3, 0x0, 0x2000, &(0x7f000000f000/0x2000)=nil})
ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(r8, 0x4068aea3, &(0x7f0000000140)={0xa8, 0x0, 0x1})
ioctl$KVM_GET_DIRTY_LOG(r8, 0x4010ae42, &(0x7f00000000c0)={0x0, 0x0, &(0x7f000000f000/0x2000)=nil})
ioctl$KVM_SET_MSRS(r6, 0x4008ae89, &(0x7f0000000140)=ANY=[@ANYBLOB="0100000000000000152001c000000000c208000000000000"])
ioctl$VHOST_SET_VRING_BASE(r3, 0xaf01, 0x0)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r11, 0xae60)
ioctl$KVM_SET_IRQCHIP(r11, 0x8208ae63, &(0x7f0000000840)={0x0, 0x0, @pic={0x6, 0xc, 0x7, 0x7, 0x6, 0x7b, 0x7, 0x9, 0x7, 0xbe, 0x1, 0x8, 0x9, 0x97, 0x9, 0x5}})
ioctl$KVM_SET_IRQCHIP(r11, 0x8208ae63, &(0x7f0000000600)={0x1, 0x0, @pic={0x0, 0xfe, 0x0, 0x8}})
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r9, 0x0)
mount$binderfs(&(0x7f00000000c0), 0x0, 0x0, 0x105840, 0x0)
write$snapshot(r9, &(0x7f0000000340)="8e6b4ea3808ac0b02b1ddb228e07cefdde5283c0ff4be2afa0f2c43634989472b4f85a3c0218c542d20b7a944c67322aad74c2102ab1538f61364384e8d36771d9bc0b1d4d9989ffe8f9bc1fd10470258887c8", 0x53)
ioctl$VHOST_VSOCK_SET_RUNNING(r3, 0x4004af61, &(0x7f0000000000)=0x1)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000001d00)={0x0, 0x0, 0x0, 0x4, 0x0, &(0x7f0000000d00)="f249c144"})
ioctl$VHOST_VSOCK_SET_RUNNING(r3, 0x4004af61, &(0x7f00000000c0)=0x1)

3.327289589s ago: executing program 1 (id=833):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x141800, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r2, 0x4068aea3, &(0x7f0000000040)={0x79, 0x0, 0x5})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000480)={"b2d0154aed3b04cbcd01519f1d4dff66c22c7dfb2e92d07c525b3d148f1411a9cd646324ee78851f9ac19a63af963acae6f4f05afd33a80f2927132eff73afdf6abbcccb8884a179e6a3212efa115d51e9bce4b1acb5937169fc876b67e945c0bf1ac71d81e0ba7c26e65d9ecae673a54d71bd5cf919e04ebd7638f20921f2021f9b3d694f8256127bef079b941afc03870b2bc3101402b700a0dbe2f122c615d5f9df24f1ae694cdb4b59c9aa17fb4b6e1ed380ef110f95bb21eb86cee7af52f0cc97f0f9cd42c16fe2870ff41a18a134a83edcad294c47839500bf31f05839cbd5252a4033e2ff4ddcb061a12362e4a9d6e4b62839d41e083106f23e9a10909cc4d9801443383a103fcb5929692ce940ab201e01a663a437c4408da6036e5720c9b50fb44c7864252a5fec3b743241f14855890bf5dc95dcd044bece5b027073deaadf5817e8bac72c3b002c3ab2e3244661bf7d2f780983ced43f9d16729284eced0ae077a77cad74503ec95ced7256474a4a1b2cf759cbcc6738576c32bbf5fa39fe6f562a28a216582fe2e3ecd4a0371900ea627df02220d58c92d6b3cf1d269eb232171b7af4a488ac33cef8d5aafc07965a2e726de067f5cf634212af872b5564e7c5b894c026474e59e4e6a244d6f48feaee74893ed4533c3c78572948d908383a742e4b65450e02a17fb40de651396a436b5b18001229be3c3cf456429a63dfeffcd45f6e8027d3921a9816079b5a2a78abe6e08af88da16b16104454ce4f46c5f21f3aa793b805e890b769ec314dc724f6788012aa560c4083bc392a9377dd244f10f6c3b1ce27499d98a8d3d0b2630ca81be53d04bdc9a0e6d364b43a914ffa81fb450ad46df28d9c7d34be01e81b9cb1f4f9d7ea88df52db06bad6ba6c39c2a04b911a652f17cf923618b0e65436321866544fb64558a291c2568f6d03a2858bdb6393434ed09eef289c8b02d74a67c58884767c10ef95798fb8f07219887614ab99533d05bfb6d6e85f2044874f7dc713760bf81951704ce7053e813f43114101f079466fe857387bde34739d184c3d2c2eec4027002468948907c6762a19adb8376359dcd4d538886375161a53f0fe928f805a07f6bb426d88e39f8b54f7ba6d56c2110782bc84b845ec93aafc701139a2d0a853eaf640ca833f125b8efa06f6c65cc20bf730a367660f0f49a017f96d1828caa40dc2592e346cac51c6a644e32b24095ee633cdcf1410d45992f55d2632094b6114f5fbf39dfe74119c671515192437d7c454851cf7032c43772e9f3628625f23fd72d102aaf75bc6ac4e1ad22d808bb671925575e79df12c81d2fd955e326783ebe61081ad89790cb8c20f4135f8c6bad94c83ebe6ff3abc35b46e6d7665ba765d2ce892de5a5a42f6a6a8f0b58d6328fb345c20873d588229a68e3123104fd202bf0a0899"})
ioctl$KVM_SET_GSI_ROUTING(r2, 0x4008ae6a, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000000000000000000000200000001000000000000000b000000070000b29ba2"])
ioctl$KVM_RUN(r3, 0xae80, 0x0)
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
ioctl$KVM_SMI(r3, 0xaeb7)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0xfffffffc, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000000)={@flat=@weak_binder={0x77622a85, 0x90e, 0x6}, @ptr={0x70742a85, 0x0, &(0x7f0000000140)=""/255, 0xff, 0x0, 0x33}, @ptr={0x70742a85, 0x0, 0x0, 0x0, 0x0, 0x2d}}, &(0x7f0000000280)={0x0, 0x18, 0x40}}, 0x10}], 0x52, 0x0, &(0x7f0000000380)="1920ff09471b1099c7961fdcc405843a41a786d3ed8ebe8e80e4b4144e1cf51c728b926c80eb2a8e4f6b2dab5b6ac95dd16066dc703442a9132a8dd210e45df98d795a638622681df1cb222612051f612948"})
r4 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0, 0x20)
mkdirat(r5, &(0x7f0000000040)='./file1\x00', 0x40)
r6 = openat$dir(0xffffffffffffff9c, &(0x7f0000000240)='./file1\x00', 0x4c4080, 0x8f)
openat$dir(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x458002, 0x55)
unlinkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x200)
prctl$PR_SET_DUMPABLE(0x4, 0x0)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000003340), 0x40040, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x800, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000300)=ANY=[@ANYRESOCT=r6])
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="010000000000000018010040"])
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)

3.155899442s ago: executing program 1 (id=835):
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f00000000c0)={0x1fd, 0x2, 0x4000, 0x1000, &(0x7f0000ec4000/0x1000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000040)={0x1, 0x0, 0x6000, 0x2000, &(0x7f0000fa2000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000040)={0x1, 0x0, 0x5000, 0x2000, &(0x7f0000fa2000/0x2000)=nil})
ioctl$KVM_CAP_MAX_VCPU_ID(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000340)={0x80, 0x0, 0x303})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x400042, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f00000001c0)={0x100000000000015d})
r4 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000040), 0x43c0, 0x0)
ioctl$ASHMEM_SET_SIZE(r4, 0x40087703, 0x8000)
ioctl$ASHMEM_SET_PROT_MASK(r4, 0x40087705, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1, 0x8010, r4, 0x927cf000)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x800, 0x0)
r6 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r6, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r6, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000002c0)=""/100, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r6, 0x4008af03, &(0x7f0000000700)={0x2, 0x0, [{0xdddd1000, 0x58, &(0x7f0000000900)=""/88}, {0x2000, 0x8a, &(0x7f0000000840)=""/138}]})
ioctl$VHOST_SET_VRING_ADDR(r6, 0x4028af11, &(0x7f0000000080)={0x0, 0x1, 0x0, &(0x7f00000009c0)=""/251, 0x0, 0x4000})
ioctl$VHOST_VSOCK_SET_RUNNING(r6, 0x4004af61, &(0x7f0000000000)=0x1)
ioctl$VHOST_SET_LOG_BASE(r6, 0x4008af04, &(0x7f0000000200)=0x0)
r7 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r8 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r8, 0x0)
write$selinux_load(r7, &(0x7f00000003c0)=ANY=[@ANYRESOCT, @ANYRES64=r2, @ANYRES64=r5, @ANYRESHEX=r3, @ANYRESHEX=r4, @ANYRES8=r2], 0xffffff05)
r9 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$UI_ABS_SETUP(r9, 0x401c5504, &(0x7f0000000000)={0x0, {0x0, 0x3}})
ioctl$ASHMEM_SET_NAME(r4, 0x41007701, &(0x7f0000000000)='/dev/ashmem\x00')
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x300000c, 0x12, r4, 0x4d75c000)
ioctl$ASHMEM_GET_NAME(r4, 0x81007702, &(0x7f0000000080)=""/155)

2.314937314s ago: executing program 4 (id=851):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'dvmrp1\x00', 0x1})
ioctl$TUNSETIFF(r1, 0x400454da, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000001, 0x22052, r0, 0x2000)

1.851134572s ago: executing program 4 (id=854):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder1\x00', 0x0, 0x0)
mmap$binder(&(0x7f00000c0000)=nil, 0x0, 0x1, 0x11, r0, 0x6)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000d80), 0x20000)
ioctl$SNDRV_TIMER_IOCTL_TREAD64(r1, 0x400454a4, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000200)={0x73622a85, 0x1081, 0x200000000000})
mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x4ada6000)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000240)={0x4, 0x0, &(0x7f00000001c0)=[@enter_looper], 0x394, 0x0, &(0x7f0000000580)="de547e22bade76f1a03b79e954ee20bc43f7fe47218a02ff8ba942478a7b69462fc21aff55002ce55e854564e7d309f20d222f9220c8d9b1b0d196137252587ab17948adf2dcbba03d2f3e0e647c2e70b7a440b4187098442946238cdd38a235b264899fa2f8b51f8a660653545ab78b6a47b6462efaa8192061344501fb8d96f8de3b132ee012626f94be7b4a9e572a43167614409ee4aa2a40d2feb04bb54137ca025e367e2eee1e8b4f78b741aac17c55ab77d0fd2b7318207e91fd536b9fb7c994a9ad0769020b45bc05965f6dffb15fd462bb2e49632c788cfeb74472be3d9eaf3284719df7187a354b3915df2661363052a24baf8cc101728d302f75878515b436d1fbdb3fc5fc88e8745c56b1bd79dc2cc7e7b5be814275a3edfc67e923d199c97fd6a8b2d11d2923b688471fe8c1e771545d17bad44fc5f7a91cf43ba91b4627c9554a333b6e8ee1c457b54c30bccbbabdfed6158fed6e548cd54ad7409e0a03fb2f685f8987e98ee687a09a730c2a757d3b1595a1146d57230e178284ef3fed5553bbd1e82bd418a13c03f944421d013d96182302122d01c432e24c43a9dff19658a3680167297367a1ee7f70e0968ce28ca2bc8b8525c41f8d4f9cdcaaa25b2d0fea854626eba2e86ecb31e9be7b8e704287fe45ad3f169d7f67e798b0de3bf70f485f81ba5e9aef1ec5782c4c609ffdc93a3bdfeeb7e7cd05ea7023895be4a3f78f188fdbd83ded6dcdf1d429c12b1b250284110295e3515bfb117119839f13057ea2366d3c4b75b28f60afe17b195d04ff58dd2f3382bb57152f2928f9a91bbcc42057777ba13becb4552419caa2ffc325219a6995f5d1e9a193a1aede859834ef765009d6c242ad918ecf3fe62c8dfe2ff309cbce740950cdd05c8e0b7f75aa21731be678552b2d0024a4b3815fb52f056ba37f3f466afab6b5728def0fdef93655524121927df3a39af0845df7612e9ccdae25f406ac0ad7a0e4f980398597ab2c2291d87a1ed618b9e392f1d055d5290be67b6cec9e7505c41025d2aa6e82a4f693042989b5f4a9abfe0ec51fd9dcb972a054b80ee6a460fd422eaa971e2cb759c72e676e2877c667c6ce002be1ce6ba8380e6dd691590c84ba68d26f3284280dcacd082b42bf5aac71467b3fcd5d68ab1bc26cf48fe770ccff5f14ff8afafb18d3127a6d989b7d77665a7a9bf4cb488621c904acd0b073396ad8509c9ddb02eb1d23510a52289a5f0d7edba66d4ef271b9c6acc3bfa996b55f6808650236b0001132ef85fc5070b69144ff5f"})
r3 = mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r2, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000100)={0xfffffffffffffffa, 0x0, &(0x7f0000000500), 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000004c0)={0x24, 0x0, &(0x7f0000000dc0)=[@free_buffer={0x40086303, r3}, @dead_binder_done, @dead_binder_done], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000240)={0xa8, 0x0, &(0x7f0000000a00)=[@acquire={0x40046305, 0x3}, @acquire={0x40046305, 0x3}, @register_looper, @transaction_sg={0x40486311, {0x2, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x50, 0x18, &(0x7f00000002c0)={@fda={0x66646185, 0x0, 0x1, 0x3}, @fd={0x66642a85, 0x0, r0}, @flat=@binder={0x73622a85, 0x0, 0x1}}, &(0x7f0000000340)={0x0, 0x20, 0x38}}, 0x40}, @increfs_done={0x40106308, 0x2}, @acquire_done={0x40106309, 0x1}, @free_buffer, @register_looper, @request_death], 0x53, 0x0, &(0x7f00000003c0)="30b1cbea68c12ea8e069eeaace6d962b5e9e1ddc99d8de59abe27482e99b9706724cf2d47a0ef23e4e89ef5302a9d197cd9df0f57a535bba8b147e81c769efcc498afdbdc87c1c4229f5b205f1a5c47d8d98a3"})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x101080, 0x0)
r5 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r8, 0x4008ae89, &(0x7f0000000440)=ANY=[@ANYRESOCT, @ANYRESDEC=0x0, @ANYRESHEX=0x0, @ANYRESHEX=r7])
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000001140)={0x13c, 0x0, &(0x7f0000000f40)=[@transaction={0x40406300, {0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000500)={@fd={0x66642a85, 0x0, r8}, @flat=@handle={0x73682a85, 0x1000, 0x1}, @flat=@weak_handle={0x77682a85, 0x100, 0x2}}, &(0x7f0000000380)={0x0, 0x18, 0x30}}}, @acquire_done, @reply={0x40406301, {0x1, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x60, 0x18, &(0x7f0000000b40)={@fda={0x66646185, 0x2, 0x0, 0x1}, @ptr={0x70742a85, 0x0, &(0x7f0000000ac0)=""/71, 0x47, 0x1, 0xe}, @fd={0x66642a85, 0x0, r1}}, &(0x7f0000000bc0)={0x0, 0x20, 0x48}}}, @release={0x40046306, 0x2}, @transaction_sg={0x40486311, {0x3, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x70, 0x18, &(0x7f0000000e00)={@ptr={0x70742a85, 0x1, &(0x7f0000000c00)=""/79, 0x4f, 0x1, 0x3a}, @fda={0x66646185, 0x9, 0x1, 0xa}, @ptr={0x70742a85, 0x0, &(0x7f0000000c80)=""/150, 0x96, 0x1, 0x23}}, &(0x7f0000000d40)={0x0, 0x28, 0x48}}}, @reply_sg={0x40486312, {0x1, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x50, 0x18, &(0x7f0000000e80)={@flat=@weak_handle={0x77682a85, 0xb, 0x2}, @fda={0x66646185, 0x0, 0x2, 0x27}, @flat=@binder={0x73622a85, 0xa, 0x3}}, &(0x7f0000000f00)={0x0, 0x18, 0x38}}}], 0xa5, 0x0, &(0x7f0000001080)="e16016a0d48ebfde975a060d963e0bff0aa824258297e2c5b03e160523565680e29d49dee6fa10d7665a81344ad2e118fef9fd29941abe21cd76e3553aac86bcb5ef948ce97eeb6c88f5cfc2e29991036d667ec8cf101c2d21266ddf29cab1d5bda10656685f876efb7d6649116dad0c1e5dfe0e1a0e0affd383e71040fefcb988f388a851516169d5f55ee8071dde19552a3c27b8ce0c29e898b68cb59be3cd842f23dce9"})
r9 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r9, 0xc008ae88, &(0x7f0000000940)=ANY=[@ANYBLOB="0100000000070000170000000000000000000300000000000bbef6935494d8a17a2d3a50cdd4db1dbeba1a19f24ae222ab8eaca8bcdbe4a94bd936d67ea669903794db5f7ff6d802594e5a403fb114e5ed61e9bf4b31b754d04ff1062050a025b3e1dc76cc0a8d840bc91566f03b429406b6cfa911ea2a7e170489c01cf5036315969bb66620196629ef2984d1139587fea29bf905cb846e55"])
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
mmap$binder(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x11, r0, 0x0)
openat$null(0xffffffffffffff9c, &(0x7f0000000140), 0xa8041, 0x0)
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r11, 0xc00caee0, &(0x7f0000000100)={0x4, <r12=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r12, 0x4018aee1, &(0x7f00000001c0)=@attr_other={0x0, 0x60000, 0x1, &(0x7f0000000180)=0x7})
syz_clone(0xae003400, 0x0, 0xffffff39, 0xfffffffffffffffd, 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x3, 0x8032, 0xffffffffffffffff, 0x0)

1.31212042s ago: executing program 1 (id=855):
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
unlinkat(r0, &(0x7f0000000040)='.\x00', 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
mount$binderfs(&(0x7f00000000c0), &(0x7f0000000100)='./binderfs\x00', 0x0, 0x105840, 0x0)
ioctl$KVM_PRE_FAULT_MEMORY(r2, 0xc040aed5, &(0x7f0000000000)={0xf000, 0x8000})
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f00000002c0)={0x73622a85, 0xa, 0x2})
mmap$binder(&(0x7f00000c0000)=nil, 0x2000, 0x1, 0x11, r1, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000140)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffc9a, 0x18, 0x0, &(0x7f0000000240)={0x30, 0x30, 0xfffffffffffffce6}}, 0x10}], 0x0, 0x0, 0x0})

1.29922274s ago: executing program 34 (id=637):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f00000000c0), 0x141080, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_int(r1, &(0x7f0000000100)='cpuset.cpus\x00', 0x2, 0x0)
write$cgroup_subtree(r2, &(0x7f0000000800)=ANY=[@ANYBLOB='U-'], 0x31)
ioctl$BLKRRPART(r0, 0x125f, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f00000005c0)={0x2020}, 0x2020)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000300)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000640)={0x20, 0x0, &(0x7f0000000280)=[@request_death={0x400c630e, 0x0, 0xfc}, @clear_death], 0x0, 0x0, 0x0})
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f00000003c0)={0xc, 0x0, &(0x7f0000000200)=[@acquire, @enter_looper], 0x53, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000480)={0x20, 0x0, &(0x7f0000000000)=[@request_death, @clear_death], 0x0, 0x0, 0x0})
openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0)

1.199190521s ago: executing program 1 (id=857):
write$UHID_CREATE2(0xffffffffffffffff, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000073797a300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a31000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d3000900ed880000070000000700000001000000e5872f2f5e1685e40abb3f621e8691b192cfe21e59eae55b096db12fca8ff5f88ff14203a7ba93c633bac348f8ca6930283de5c71b7e32b976b68d6fcc497796b9a75f7ff7823042002bc2ce4f8c95f93a2d4b9a4d6429a27912cace3034d33ee4e6f2b8bfef35b433810fa673bfa915683e40df033a90a9a014299d7064544a13b8daece2f5ad3fcf9c6eefe1aebb0fa13332ac5fffe165f98107313a5933391c1c370c8c5ad0af0b0b42be010930947dda27f84edd6daa90a13eb88975f28138468d25785ea3b1e3781f6988c6677a86c923"], 0x1eb)
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})
openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000380)={0x1, 0x0, 0x1})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x4052, r4, 0xffffd000)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x1000, 0x0)
ioctl$KVM_CHECK_EXTENSION(r6, 0xae03, 0xd7)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x110800, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_SET_MSRS(r7, 0x4008ae89, &(0x7f00000001c0)=ANY=[@ANYBLOB="04000000000000004503"])
r8 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000500), 0x6a0282, 0x0)
ioctl$ASHMEM_SET_SIZE(r8, 0x40087703, 0xfffffffe)
ioctl$ASHMEM_SET_NAME(r8, 0x41007701, &(0x7f0000000540)=')}%!:\xb9+\xe4\x1f2\xba\xc3\x0ed\x93Z\xbf\xa6`\xa6\x84\xef\x18\x8d\x90@\x1bb\xff\x01\x8a%\xf6vl\x15GPFo\rAmW\xd7*F\xe6\az\x852\x92\x0e\xd9\x9a\x11\xd3\xa8\x96\xad\xcc\xf9\xb0\xcb\x8f\x1ao\xfd9\xa8\x03\xe0j\x81lM}\xf0\x1e\xfb\xd2\x84\xa0\xb1\xc0\x97\xc16\xf7@l%j\xc9\x11ll|\xc6x\xcdD\xd7\x94\xe2\x1c\x96\xa3\x88a\xd8?M\x8dA5q\x11Ou\xa0 LS\xff\x92Y\xee3\x8a0\b%\xe8:}\f\x14\x03\xc2S\x8a@\xf8w\xe1Z\xb7\xf5\x9c\xbbj\xb7g\xd1\x9dH\x18\x9a\x11\xc0f\xbd0\x9cD}\xf8\xff\x9d\x8b\xb2\xb2&\xbb(\xba\xe8f\xd6Qg\x9dT\xfa\xd01\xec\x12\xf4\xfb\xd4\xf1|/\xf3]\x03-\xe0\x93=O\xb3\xdcf:R\x11\t\x15\xc2\xfaV\x17\xc9b\x9b\x95\xd4@\xdb\xf0\xb5\x02\x8a\x91\xb0?\xc6g\x88\x1b\xd7\xd4!\x99\x02\x8b\xad \x90\xbciz\x99R\xa4\xca{H&\xa9\xd4C\xfd<,pAz\xf4_\x9d\xf8\x98\x8e\xd9M \xf4\x0f)O\xbf\x8d\xf9:$\f\xc7\xeb\x96Vpg\xb0\xea@q\x03\x87LZ\'\x93\x1e\xecY\xd3Lc\xfe\xbf\xafm_\aO\x96\x00\x89\xca\xb2\x0e9\x98\x8b\xbb\x84\xe0\xd8\xb2\xa1N\xd8o\xc0K\x85\x8f)\x00Lr\x00N!A\x86\xd4\xb2\x98\x86)Cr\x0e\xe4\x86\x970f\x9e\xba\xe9\xba\xd7\xb8W\xa5\xe9\xe3\xaf\x9fj0\n|\x8e\xbd\x9f\xef\xc7iq+\x0f\xcf\xd3\xb2>[2\x98\x7f\x14\x9c\x13\x83\x80\xf3xv\xd6\xd0]\xdb\x82S@\x92\xbb\x97\x8a\x850\x84\xd9~1l\x98\x90\xfb;\xde4\xba\xdc\x8a\xb7\x1f\x8f\x19Uz\x9c\xcc\a\x1e\x85=\xb3\x18s\xe2\xcf\x92\xc4\x05\xb6V\t\x06\x96\xfe\'x\x02ryX\xe6%U\x80;g\x0f\xa11\x12\xfb\xdf\x14\xff-b\x0f;\xb6\xf1R\xea\xfc\x97\x87\xbejB`\xa1\xe6,\xaa\xc4k\x02\xd5\xcc\x1bu\x96\x80\x81?\x87{\x06\xad:\x15\x93C\xab9\xb1\xaf\xd1\xcb\x8a\xeb\xdf\x9f+^\x7f\x06C\xe8\xc3\xbew6\x8f\xe7\xf0\x05x\xb7&p\xe0d\xea\x92DQm\t\xb9\xa8\xa5\x00\x00\x00\x00\x00\x00\x00\x00\x00$\xe4l\xb2\xc1.\xecu5f\xe1\xa4\xe1\xcf/\x00\xdfx\xa5\xc0\x83\xab\x1b\r\xc4\xd2\xb5\xd9\xbbs\x9a\xd8DG\xd1*t\x03\xaa\x1c\xa0Q\xd6a\xe7\xb64\r\xd9BH/\xa1\xfa/\xaa)\xe0\xdf1D\xd1\xb2\xd2\xabR\x9c\xdcrU\xf4M\xca^')
mmap(&(0x7f0000701000/0x1000)=nil, 0x1000, 0x0, 0x12, r8, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000000)={0x73622a85, 0x100, 0x1})
ioctl$KVM_REGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae67, &(0x7f0000000140)={0xdddd1000, 0xc000})
r9 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000001c0), 0x4b301, 0x0)
write(r9, &(0x7f0000000040)="9035d1a1facb75526d6b945626cb323969646b3b7fb576bd24722caa3253a2de0742df98bc2bd761a5c0c1075dbf00c808ccfc2dd61ca065bc47048658ffb80f03dc7758cacafcc22ddfd7963bd0c5e63085ae4c18071e298262090a0d377b8de28339830b955ae18d346babd288571ec8c5c53f287a703be84eac0a4f3011e2b2ee6ac5e56ce93b6c70971ca9203c34159559be", 0xfffffdbc)

1.054210154s ago: executing program 5 (id=859):
mount$binderfs(&(0x7f0000000040), &(0x7f0000000080)='./binderfs\x00', &(0x7f0000002240), 0x0, 0x0)
syz_clone3(&(0x7f00000012c0)={0x46140400, &(0x7f00000000c0)=<r0=>0xffffffffffffffff, &(0x7f0000000100), &(0x7f0000000140), {0x17}, &(0x7f0000000180)=""/200, 0xc8, &(0x7f0000000280)=""/4096, &(0x7f0000001280)=[0xffffffffffffffff, 0xffffffffffffffff], 0x2}, 0x58)
ioctl$F2FS_IOC_DEFRAGMENT(r0, 0xc010f508, &(0x7f0000001340)={0x800000, 0x3})
r1 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)

832.390617ms ago: executing program 1 (id=860):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x80401, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r6, 0x4048ae9b, &(0x7f0000000040)={0xa0003, 0x0, [0x0, 0x0, 0x800, 0x100000001, 0xffffffffffffffff, 0x4, 0x3302e1e0, 0x5]})
ioctl$KVM_SET_VCPU_EVENTS(r6, 0x4040aea0, &(0x7f0000000000)=@x86={0x5, 0x5, 0x17, 0x0, 0x3, 0xf9, 0x2, 0x79, 0xff, 0x8, 0x1, 0x1, 0x0, 0x2, 0x5, 0x4, 0x72, 0x7, 0xfa, '\x00', 0x3})
ioctl$KVM_RUN(r6, 0xae80, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f00000000c0)={[{0x2d, 'rlimit'}]}, 0x8)
ioctl$KVM_SET_CPUID(r3, 0x4188aea7, 0x0)
ioctl$BLKRRPART(r0, 0x125f, 0x0)

660.323309ms ago: executing program 5 (id=861):
prctl$PR_SET_TIMERSLACK(0x1d, 0x401)
r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000002a40), 0x200, 0x0)
ioctl$BLKROSET(r1, 0x125d, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
r3 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000000), 0x20002, 0x0)
ioctl$BLKRAGET(r3, 0x1263, &(0x7f0000000080))
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
prctl$PR_MCE_KILL_GET(0x22)
r5 = openat$cgroup_type(r4, &(0x7f00000001c0), 0x2, 0x0)
write$cgroup_type(r5, &(0x7f0000000280), 0x9)
r6 = openat$cgroup_procs(r4, &(0x7f00000002c0)='cgroup.threads\x00', 0x2, 0x0)
write$cgroup_pid(r6, &(0x7f0000000c40), 0x12)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r8 = openat$cgroup_ro(r7, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
write$cgroup_int(r8, &(0x7f0000000200)=0x1, 0x12)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r9 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r10 = openat$cgroup_procs(r9, &(0x7f0000000840)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r10, &(0x7f0000000380), 0x12)
ioctl$TUNATTACHFILTER(r2, 0x401054d5, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0x3d}, {0x6}]})
ioctl$PTP_PIN_SETFUNC2(r0, 0x40603d10, &(0x7f0000000140))
r11 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000004, 0x10, r11, 0x1000)

659.88256ms ago: executing program 4 (id=862):
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x100000001)
mmap(&(0x7f0000701000/0x4000)=nil, 0x4000, 0x200000a, 0x12, r0, 0x2546c000)
ioctl$ASHMEM_SET_NAME(r0, 0x40087708, &(0x7f0000000fc0)='\x00\x00\x03\x06\x00\x00\x00\x05\x00x\x92\x12\xac\x06^\xbewV\xf3\"\xc4\x04\xbb\x0642\x9c\x1a\xd1\xcb{\xb0\xd6\x1e\x00gQ\xca\x0eU\xf7\'\x8c\xc1\xc6\xbb\xc5\x1c\xf7\xaf\x95\x83=\t7\x96\x1a\xad\xd0\xd0\xee\x9c\x962\bu\xba\xfc\xae\xc2\x19\xeb\x91\xc9\t\xbc\xc1\xcb\xba\xe3\x8e\xf6\x89\xc2\'\xdfn(Q=v-<\r\xd1?$\x8b\x17Bn\x17h\x1b\xac\xfc\x82\x1c\xf4\xd0\xf5\xd5\x80\xc0\xb4a \x15\x9a\x9a|c\xfc\"\xee\xc4\x93Q\x82\x16\xbf\xe3c\x8d \x0f\xb1\xe9\xf2o \x00\x00\x00\x00\x00\x00\x00H\xaf\t\x18\xc8\x1b\x1e\xbe\xd8>\xec\x9f~\xa7\xf7\xafdd\xf1\xdbjE\x01\xd1sD\x89\x94&\\U\f\x18\x99]\xaba\xe93\x01\xa23\xc9hP1\xdc-\'\xd0\x9e}\x89\xff\x8c\xec^\x84\x19\x9f_D\xbdt/\'\xf6\xc3\x8c\xb8\vS\xcc\xb0\x1b7\xe3-\'\x02\x16\xf5\xe6\x93\x02E\n\xe8\x00\x00\x8c\xed\x11\xf7\xf2J\xf6\x90A@\x01\x13\xc7`g\xcb\xd7\xdb\x1e\xb2\xc9\xfd\xf7xqg\xa9\x96\xf8/0Xd\xcf\xb9\xa2\x1d\x13\x8fC\xd2&\xd8\x9d\x8b\xe0E\xd2\xc6\x1a\xf3\xa8\x0e\xba\xecOv$\xc8\"\a\xd7T\xfb\xfc\xfauT\xf8\x9e\x86\xef.\xf6<\xbfB\xe7\x80\x1a\a\t+x_B=\xe7\xa5\x89\xfb\xa2\xc6\x97\xeb\xdecY{\x0e\xc2\x00\x00\x00\x00\x00\x00\x00\a\xf4\x88\x06\xe3\xcb\xc8\xe0\xcc\vE\x18\"\x87\xa0\xa9:\xceY\xf0\xa2\xe0\x9d\x8c\x8e\x11\xb7\x98\xa5\xda$\x94D\xb4\xf25\x01\x00+\xfa\xa9 \xe1\x13Y\x86\xd8\xbfH\xc6\x9c\x8cs4\r\xcd\xd1\x83JT\xf9\xa2\x83?\xb3\x0f\xc6&\x1d\xa3\xc4\xc3\xd2\xfd\xad\xa35o\xe8\xcd^/\xd8\xf4[n\x9fJ\xf4\n\x92c\xaa\xddT&L<+\x19R\a\xfc\xf2\x17\xb8$\xa9]\xc2\\\xda<\xc8d.w\x9c\xaf4\xbb\xe8Co\xb3\xd8\x82\x92\xba+\x99PXB\xdc\xbay\xa0s<\x92k\vJTRW\xc26\x06\x10\x92\xc7\xa55\x00\x00\x00\x00\x00\x00\x88\x19\xf7\xdd\xa8\xef\xa0\x98\xcd\x81\x10>\xc7{\x84\xb9\xc0B\xe1\t\x00\xbaQj\x81\xc8\xf8\x146%Z\x83H\xabF\x18<\x86h\x01=\x03i\xc4\t\x8e/\x12\a\xdf\xe7zU\x1d\x15\x0e\xc1?\xeau\xb4\x84x\x00\x00X\xf4\xe9\x1f\xcd\x05\x0fz_\x8d,^\xde\xfd\xd1\xbed\xed\xa1\xf5\xc6(p\xb4;\x0e\x18\xf7/A\xfd\x92\xd0}ur\xaag\xdb&e$\f\rrT\xd8\x88~\x13\xc22t\xf6\xf4Fs\xc1\x05\xfa\x99\x15\x87\x14\x13$\t\xa8?\xee\xd4W\x8e\xe1\xcc\xc3U\x84\xc6]:\x9a|W\xec\x84\x18\bb\x82\x8f\xc0\xab\xe3\xc2\t\x1f\x9b\x1a\xff\xbb\x88\xce7\x15\x90\xf2\xd0la\x9d\x82\xb4\xad\\\x8d\a\x99\x17\x85\x9a\x05\xb1\x00'/712)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
ioctl$ASHMEM_SET_NAME(r1, 0x41007701, &(0x7f0000000000)='\x00')
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12, r1, 0x0)
r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000800), 0x2800, 0x0)
read$FUSE(r2, &(0x7f0000000880)={0x2020}, 0x2020)
ioctl$ASHMEM_PURGE_ALL_CACHES(r0, 0x770a, 0x0)
ioctl$ASHMEM_SET_NAME(r0, 0x40087708, &(0x7f0000000300)='\x00\x00\x00\v\x00\x00\x00\x01\x00x\x92\x12\xbc\x00\x00\xbb\x0642\x9c\x1a\xd1\xcbx\xb0\xd6\x1e\x10gQ\xca\x0e;\xf7\'\x8c\x95\x83=\t7\x96\x1a\xad\xd0\xd0\xee\x9c\x962\bu\xba\xfc\xae\xc2\x19\xeb\x91\xc9\t\xbc\xc1\xcb\xba\xe3\x8e\xf6\x89\xc2\'\xdfn\x05\x00\x00\x00-<\r\xd1?$\x8b\x17Bn\x17h\x1b\xac\xfc\x82\x1c\xf4\xd0\xf5\xd5\x80\xc0\xb4a \xac\xc4K\x03\xfa\x13Vz\xbf\xe3c\x8d \x0f\xb1\xe9\xf2oci(\xcb\x82\x05\xfe[H\xaf\x01\x18\xc8\x1b\x1e\xbe\xd8>\xec\x9f~\xa7\xf7\xafd%\xf1\xdbjE\x01\xd1sD5hP1\xdc-\'\xd0\x9e}\x89\xff\x8c\x851Y9OB\xdeB\xe1\x02-&\"1hS\x92\xe4$-\x02\x00\xe4\x8e\"\x85\xc9x\xef\x81E.r\x89\xe5\x00\x9e\x97\x96\xb8j\x81\xf0\xdca\xfb\xa6\xff\xff\xff\xff\x00\x00\x00\x00d\xf0\xf1j\x11\x12\xc0\xbb\xfdq~#\xf7\xa8\"$,\xf4\x84|\x89o\x00<\xa6-\xb0\xd3\x80\xbe\xcf\a\x00\xfc\xa6\xb1\x05\x94\x84l\xbfA\xeb\xd8\t\x00\x00\x00CvNhx461\x04N<\xedV\xcet\xaa~\xf3j\x94\xec\x92\x86uY\xf6\xb5\t?,~\xa67\\\xb9\xc9K\xf8\x9d\x96\xc0\xb5\xc7wF\x99\x12\x97T\x90.\x9c\xe3\x9a\xf1\xb9\x9c\x13\xbc\x19\xde/\xaahB\t\x97\a03\xcd\xb3\xc8\xd5l\x14!\xf9Xg2\x1d\xeeB\xccT\x0e\xd8\xef\xc8\xe9\xb4\xf3l\xc3\xf2\x998\xc8\xc2|2\xee\xb4W\x99f.\xeb\xe9\x05\xcbkz3+\xdd\xe1*8\x95@0t0\xad\xe3#\xd7\x19\xe7Q\xdfmI\xe5\x1e\xe4\x87\xc9\x8f\xa7\xe0\xd9v\xf6\x01\x9d\x8f`,\x1a8\x81I\x86l\x8f2\r:\xc1\x02\xd6Z%\xa7Ks\x8bUolS\x05\xbe\x97\x1fGe\x94\xa6\xa3\xab\xdb\r\x17\xff[\xb1\x00\xff\x7f\x00\x00\x00\x00')

626.09337ms ago: executing program 4 (id=863):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x100})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000700)={0x10, 0x0, &(0x7f0000000540)=[@clear_death={0x400c630f, 0x3}], 0x0, 0x0, 0x0})
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$EXT4_IOC_GET_ES_CACHE(r2, 0xc020662a, &(0x7f0000000000)={0x8, 0x3, 0x7, 0x1, 0x1, 0x0, [{0x50c8a43c, 0x1, 0x3, '\x00', 0x8}]})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0), 0x2, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
ioctl$KVM_CREATE_PIT2(r4, 0x4040ae77, &(0x7f0000000040))
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x20000000, 0x440, 0x821, 0x0, 0x0, 0x2004cb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000], 0x0, 0x200306})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000480)={0x10, 0x0, &(0x7f0000000540)=[@acquire, @release], 0x0, 0x0, 0x0})

479.270472ms ago: executing program 5 (id=864):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETTXFILTER(r1, 0x400454ca, &(0x7f0000000100)=ANY=[@ANYBLOB="2e2e210c371303ed6a33f2ff8689b3f20e"])
r2 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r2, 0xc0145401, &(0x7f0000000080)={0x1, 0x0, 0x0, 0x3})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x58, 0x18, &(0x7f0000000000)={@flat=@weak_binder={0x77622a85, 0x90e, 0x2}, @ptr={0x70742a85, 0x0, 0x0, 0x0, 0x0, 0x33}, @flat=@binder={0x73622a85, 0x3000, 0x2}}, &(0x7f0000000280)={0x0, 0x18, 0x40}}, 0x10}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x44, 0x0, &(0x7f00000003c0)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x58, 0x18, &(0x7f0000000140)={@ptr={0x70742a85, 0x0, 0x0, 0x0, 0x0, 0x2}, @fd={0x66642a85, 0x0, r0}, @fd={0x66642a85, 0x0, r0}}, &(0x7f0000000080)={0x0, 0x28, 0x40}}}], 0x9d, 0x0, &(0x7f0000000440)="86a26c9da618d909bce30b7cf1cd8e3cd67bebed2f51f050b192202dc79a841f2307e8a18d200c24f92523c2e73cd5d0392854de671d87310511c3173d65868163dae6dca81ce9330e7f8083114ca0336d334fce1f60203ec29a53e0f3109b5f95a1f5a20b1ee8f1d39b9660a40c44c98093ce8a73170e7bde42b3d6635738d31f142a3cc29ae231a13c3312602d24a87dd2633985828593c874478e39"})

392.208814ms ago: executing program 5 (id=865):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x121400, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_GET_API_VERSION(r1, 0xae00, 0x0) (async)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000002a80)=ANY=[@ANYBLOB='\x00\x00\b']) (async)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x80, 0x0) (async)
r5 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000140), 0x80000, 0x0)
ioctl$int_in(r5, 0x5452, &(0x7f0000000180)=0x6) (async)
r6 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) (async)
ioctl$F2FS_IOC_RESIZE_FS(r2, 0x4008f510, &(0x7f0000000040)=0x9)
r7 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r7, 0xaf01, 0x0)
r8 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VHOST_VDPA_GET_VRING_NUM(r8, 0x4004af07, &(0x7f00000001c0)) (async)
r9 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r9, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="02000000000000fb030100c0"]) (async)
r10 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x220002, 0x0)
ioctl$FITHAW(r10, 0xc0045878) (async)
r11 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)
ioctl$BLKFINISHZONE(r11, 0x40101288, 0x0) (async)
ioctl$KDSKBENT(r0, 0x4b47, 0x0) (async)
ioctl$GIO_CMAP(r0, 0x4b70, &(0x7f0000000000)) (async)
mount$binderfs(0x0, &(0x7f0000000080)='./binderfs\x00', &(0x7f00000000c0), 0x4, &(0x7f00000001c0)=ANY=[@ANYBLOB='max=\x00'])

351.120714ms ago: executing program 4 (id=866):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000200)={0x73622a85, 0x1081, 0x200000000000}) (async)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000240)={0x4, 0x0, &(0x7f00000001c0)=[@enter_looper], 0xe05, 0x0, &(0x7f0000000580)="de547e22bade76f1a03b79e954ee20bc43f7fe47218a02ff8ba942478a7b69462fc21aff55002ce55e854564e7d309f20d222f9220c8d9b1b0d196137252587ab17948adf2dcbba03d2f3e0e647c2e70b7a440b4187098442946238cdd38a235b264899fa2f8b51f8a660653545ab78b6a47b6462efaa8192061344501fb8d96f8de3b132ee012626f94be7b4a9e572a43167614409ee4aa2a40d2feb04bb54137ca025e367e2eee1e8b4f78b741aac17c55ab77d0fd2b7318207e91fd536b9fb7c994a9ad0769020b45bc05965f6dffb15fd462bb2e49632c788cfeb74472be3d9eaf3284719df7187a354b3915df2661363052a24baf8cc101728d302f75878515b436d1fbdb3fc5fc88e8745c56b1bd79dc2cc7e7b5be814275a3edfc67e923d199c97fd6a8b2d11d2923b688471fe8c1e771545d17bad44fc5f7a91cf43ba91b4627c9554a333b6e8ee1c457b54c30bccbbabdfed6158fed6e548cd54ad7409e0a03fb2f685f8987e98ee687a09a730c2a757d3b1595a1146d57230e178284ef3fed5553bbd1e82bd418a13c03f944421d013d96182302122d01c432e24c43a9dff19658a3680167297367a1ee7f70e0968ce28ca2bc8b8525c41f8d4f9cdcaaa25b2d0fea854626eba2e86ecb31e9be7b8e704287fe45ad3f169d7f67e798b0de3bf70f485f81ba5e9aef1ec5782c4c609ffdc93a3bdfeeb7e7cd05ea7023895be4a3f78f188fdbd83ded6dcdf1d429c12b1b250284110295e3515bfb117119839f13057ea2366d3c4b75b28f60afe17b195d04ff58dd2f3382bb57152f2928f9a91bbcc42057777ba13becb4552419caa2ffc325219a6995f5d1e9a193a1aede859834ef765009d6c242ad918ecf3fe62c8dfe2ff309cbce740950cdd05c8e0b7f75aa21731be678552b2d0024a4b3815fb52f056ba37f3f466afab6b5728def0fdef93655524121927df3a39af0845df7612e9ccdae25f406ac0ad7a0e4f980398597ab2c2291d87a1ed618b9e392f1d055d5290be67b6cec9e7505c41025d2aa6e82a4f693042989b5f4a9abfe0ec51fd9dcb972a054b80ee6a460fd422eaa971e2cb759c72e676e2877c667c6ce002be1ce6ba8380e6dd691590c84ba68d26f3284280dcacd082b42bf5aac71467b3fcd5d68ab1bc26cf48fe770ccff5f14ff8afafb18d3127a6d989b7d77665a7a9bf4cb488621c904acd0b073396ad8509c9ddb02eb1d23510a52289a5f0d7edba66d4ef271b9c6acc3bfa996b55f6808650236b0001132ef85fc5070b69144ff5fdd8d64f6c3e0dd22711f69a940ebdb4ab5ff6240da3160049d2047e6713d47ad0db40ec543c095ad67c8cbe438fb875927c98e265498b3da8d4ca54bac0e6efe759a2d4d4190e9fc8835599da8237f472411a71236bb930d28a26f49062d270f4087a6a709c005eebc9740ed54dd005c787c44badac9c720b0d424d0ded9bb8c24c0e842deedf386fc7714a31268292d3bcc53b1cf24b156445c8bf64336f742b1ba836eba0ae4a5aaa9a6f35d4f81734e16bce965795d5b1255609d1860fe11c9c536db078af94772830ba000c13e1d9383e3d862fa07f2199da148632c036bc19f6014eeb206a3654d390c78911deeabebf128def61122754e0a4696db82666a018f8d2f44b5aadc12809ade8bed1b1ba2adbb6e3e82180e26748dc30a8eda0edb21fcaa702632ed3fb4e89550c3e0e1fd2b5ecf1983d85bf9569b231e28155756bd97f1220cbc2b5b1c02dab88ee4a8970d4833b9e51529895afe5029823576297d4a917602fe08df57e1d7f63d050877ddf8e82a5383e15f313171b2d5618a1549f3dfced0732b887508ca5e134124d0ed0bd4b767115d1530f73504387e0364d73a2d3b114fcb49219b1c15e066c455b01672e49499995454a502236f5a5007895d3d1d8843007352a3ccc3f71d3e801efd0a6ef922bf39ead16e01ec20ebff2b1ce7cfd0984b26225cb1359b36efe9ad2ae1f6de4862c0faaa52f4d0eb4c13960ceb4aeaa10ae61a09a5abdb0c61661962a0aab14d465a8ae6f45826e1e66428cf8572eb53c98160df6613a62bb611c63f1ffb7a795a889fc16670f6302fd36ee4247bdd4282f1afb6042c832a4b0857cecae0a7090d9b11ae46d9186c710c8dd12911db573493329bea2c743734d86a577cf27aa01e4fc6c91f1fa34bba173d20b97ed8bb4bad43692df90bfd2b193b9e8b93a95ec0d0d42217395d89db511d2e9bbeb3ef47b7b2d81ab54b5c8faa760ef5c0493af13a9327c9432521ed6bfcb9d778d25031da41a983027fe7d794c26326053d38172444307d88501cdd26c3fdeafdf5f599d3dcfd39972f28ec3fb1fb40982615f5d71d6693a8774df072576834c69b89f209b458fad4671f0108fdfc8548a6fcf76a843369a3bca4d2974221ed9af224d151fa8aa73276ba65ca3d8bc98d6504f16bcac30c697f68cb1625b4f2259ee0c694951752845fa11c20fc4dda369d53918c3746918692ee2cda958612808b841b8d36ef3933f5340e1fc8fb10ac2ae97da921f6a67806831356d515c7a32468dfd3385c1ae2008448e5750c3a3d5733b4a2486788550e6353e9b12cc09750d5b9dcd2aedba61d0520e99a51e880d3dd78a2b502029deac1860cf50885f8bf5119491c6b1e06492e98ca64e5e32afbb3b0630cb35b58640afc2188a232f77968c18d2d0e8f91c974edcb3198b4520f530acacb12017216338cc479de3651e8f15f1672397c730e3ca2a189ca4cc85f35dd46aeb67b6a2eb7268a653b190d8ba670490d50f761c1fa25f1954d8fe6bcb15dbc23698c945262b991e6245b9a25b12b13c87bf8a8a06f51784007abd06e01a0c03ee80b236fabb5b22ce797c4d8a739ac96dcf16c93f454463d3631c4cdd2dea6732a486015dc9937ee4e6efbfff46bdd8887094ca4bd94d995f411421c7ef07f949fcc10132f58b7c99a871780d92464594c930b80596baab77b0d68a05d71ca8a1888f3128f12aebac362c4d80870ab3d9f2e77d51f9af16472faff98dda1e0133c8bc2510345d5eb1d64bce64761f4cc39ac6655902338bf1335dc55393995af4447ed1aa4c50bfacd576842560abca3e6c74dcea6dd03d36f9e7f8bda2cf33e3b7da195fba79f5a60421e19910f1fef31b9fa52064ce9ee8c415746a3cab47a8ad8477e9f21e9ee804a85dc568439b95c01bbbc3fa16a8c26bd81b01b8849795b2370f591e2a8e175cd465a600a541839bc734271b4b3afb2303dc1cf12bee00080ad10658c97672ad023e89f23d9301b5dbf1a7ba6d6c2b8dbd300f05f36a095f188b56fd3ba8e871aaf22e2128696e7232cb22f4f5404a3d1256a11665caaead326faad340031cafb99edbceba7bac44c7d2720aedba9cb708dae55b192a1e31835fae8756f062c151f6778b1d93c2d1f8b479ae9bbe1255abcef9beaa95b558fbbc9a979d46580aa85b10f160b438bea64f23b8e605ce34d2b46bbf8bfbfa683b10f55b3d30c58675dd1a524495e5d42c7d02dc60b853e8b3ed2caf41cd24a8a1d044e27d48b2184bac00730f7c20a1ba2bb6b6a5381a3d359d8e721504bbbce18ee49031b48c278a5730f31fb83f6cf32ac98326b722d3e2d7b38a7b80b94a3eb2b69fb1aefc8c0bbe431191f0ed76141a8365621e4f7118dd4465b4642bdb0af21d30c8cfb1d5201852c0428b1983d91f706e814c1395888b1c2a3516ea20a93d868e27c3c9b68a9cda4befc389b57661a4ff37137628ec96bcb625fd10324625ac1589c2918c66f811a323a19ab30bcf28fc20b64176e319d58f74578093e32ba9f51b255693dda9514ff43f6ef6010143554305073e94be322daa024cb7efcf405ea4924bfa72633b766365fee1d59d1a94717450657ff3b72853785e91f94ca1502b129eafa718633bec1557fb1e0ae2887e6e8c0fdd9f3f99de03c0af7364781766520d90c15b0e2a4c43613089dbecc4dd68be74204809f0270370097642d54388ccbb54b58be8b5796eac48ef5f17752eaa7301f075faee593aae71ee0e0ca1f45a22e7cede3597f14a344796ceec33e98b3b89e031c0d757e83d5093322d9afc9898f80b2e9bb17bc8b2b164d048c1b912f6cd92979df629efcb94968cca6e65b9b078677698fa4937a2ec23edd00971a5505ecc65fe150d3d00a34e52cc64951937fc79014b0df8d2c9c35f06209f45556278fa7ecfc70a92eca165bbd493686fb4c0cd607cec994657149a61da2e09414944c557be54908197724174247194d435b25bf78ec4cc164a574662eb4d1e4d784a6ea0c71dd1a16e53a7b8a27fcec679346afe90a05e06b276fe972d5e1d3486e0452d0a9a1636ab9c517f371a0592ef34513a9a4e961cd79c86891f460becb57f41e22b2a72ae175e29344184cde0b2beae00f90a6a79dc689da4b4b1da0e9758854d404a9cbcf725c68b6f2de865b2b5e12124d09f8745208b5cc544522f7c8bcfceb907422502f1641b600a60a5aef28be5a92ff71755efaf29e23c8ca52ad945bbdc4d6e7502adee312ea8d9338a80671f36309026c0d9c2ceb14da0b8beb087853b8014d30372f0d58448530f1bed15c4caaf8a844853030aab1ba6de9891678a16a2d9b9889d4a367753f0aacda03ce6fae1f62b34a3317a704527e65b18dc3186f32c5caa2d82f058066274e145f3cfe0bb5d40a77f54fb0de584d5f50de29d1c3aa29acea2363ef5c1e0592ef94370936df0152871396c13a89e56086f381862edb6f4bec0d937e94a689a8c5c87a51e073fdaa935591bbccff359e0805ded9ac71e3b295fdd05bc2b03d7af58a393778c9dfdfd8101b3503c86a6d9e2fdeb215be40f90bb7360a04e111d743207a8742275ee7df2508b909ea4d3a7af7886d3f26aa58943edbbcbd686bf9cf9a78b43dd9792bca97cda65083404bd7ab227f68e18cd87541bf069bde649a0b9ef1346a748d794685339973d6b59dcbe74a3caf48f4628eedfcd6900c56746f017f0845fea8c95ac7b2a4ff90940f98a163afc082ef6de72f5fddf056e5fe2d42a173f7fd5f6100933a38fad6"})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) (async)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
write$cgroup_devices(r2, &(0x7f0000000840)=ANY=[@ANYBLOB="0000000000000000288563"], 0xffdd) (async)
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r1, 0x0) (async)
openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x503f01, 0x0) (async)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x10}], 0x0, 0x0, 0x0}) (async)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r3, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f0000000140)={0x1, 0x1, &(0x7f0000000280)=""/188, &(0x7f0000000080)=""/35, &(0x7f00000003c0)=""/181, 0x4000})
syz_clone3(&(0x7f00000006c0)={0x42000000, 0x0, 0x0, 0x0, {0x3c}, 0x0, 0x0, 0x0, &(0x7f0000000680)=[0x0], 0x1}, 0x58)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000000)={0x44, 0x0, &(0x7f0000000340)=[@reply={0x40406301, {0x2, 0x0, 0x0, 0x0, 0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

157.311757ms ago: executing program 4 (id=867):
unlinkat$binderfs_device(0xffffffffffffff9c, 0x0) (async)
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000001c0)='./binderfs2/binder1\x00', 0x2, 0x0)
ioctl$BLKPG(0xffffffffffffffff, 0x1269, &(0x7f0000000000)={0x2, 0x0, 0x98, &(0x7f0000000080)={0xf3fa, 0x9, 0xa}}) (async)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async, rerun: 64)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder1\x00', 0x0, 0x0) (async, rerun: 64)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r5, 0x4138ae84, &(0x7f0000000100)={{}, {}, {0x2000, 0x0, 0x0, 0xfd}, {0x1}, {0xdddd1000, 0x0, 0x0, 0x0, 0x1}, {0x1000, 0x2, 0xb}, {0x0, 0x0, 0x0, 0x0, 0x3e, 0x26}, {}, {0xd000}, {}, 0xddf8ffdb, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x8080000})
ioctl$KVM_TRANSLATE(r5, 0xc018ae85, &(0x7f0000000040)) (async, rerun: 64)
ioctl$BINDER_ENABLE_ONEWAY_SPAM_DETECTION(r2, 0x400c620e, 0xfffffffffffffffe) (rerun: 64)
openat$rnullb(0xffffffffffffff9c, 0x0, 0x164e80, 0x0) (async)
r6 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r6, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) (async)
r7 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r7, 0x4008ae89, 0x0)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, 0x0) (async)
ioctl$KVM_CREATE_IRQCHIP(r9, 0xae60)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r10, 0x4400ae8f, &(0x7f0000000140)=@x86={0x40, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0xff, 0x8, 0x10, 0x0, 0x5, 0x0, 0x0, 0x4, 0x0, 0x80, '\x00', 0x2, 0x5}) (async)
ioctl$KVM_RUN(r10, 0xae80, 0x0)
ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f00000000c0)=0xffffffff) (async, rerun: 64)
ioctl$PPPIOCSMAXCID(r1, 0x4010744d, &(0x7f0000000000)=0x20000002) (rerun: 64)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100}) (async, rerun: 64)
r11 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) (rerun: 64)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r11, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})

126.679558ms ago: executing program 6 (id=856):
mount$binderfs(0x0, &(0x7f0000000280)='./binderfs\x00', 0x0, 0x2000063, &(0x7f0000000400)={[], [{@flag='dirsync'}]})
mount$binderfs(0x0, &(0x7f0000000100)='./binderfs\x00', 0x0, 0x4800, 0x0)
r0 = openat$cgroup_devices(0xffffffffffffffff, &(0x7f0000000000)='devices.deny\x00', 0x2, 0x0)
mmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x1000008, 0x10, r0, 0x243e3000)

60.238939ms ago: executing program 5 (id=868):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x181040, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_time_recursive\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x800000, 0x10012, r4, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4400ae8f, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000000)={@flat=@weak_binder={0x77622a85, 0x90e, 0x2}, @ptr={0x70742a85, 0x0, 0x0, 0x0, 0x0, 0x33}, @ptr={0x70742a85, 0x0, 0x0, 0x0, 0x0, 0x31}}, &(0x7f0000000280)={0x0, 0x18, 0x40}}, 0x10}], 0x0, 0x0, 0x0})

59.810949ms ago: executing program 6 (id=869):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000200)={0x73622a85, 0x1081, 0x200000000000})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000240)={0x4, 0x0, &(0x7f00000001c0)=[@enter_looper], 0xe5, 0x0, &(0x7f0000000580)="de547e22bade76f1a03b79e954ee20bc43f7fe47218a02ff8ba942478a7b69462fc21aff55002ce55e854564e7d309f20d222f9220c8d9b1b0d196137252587ab17948adf2dcbba03d2f3e0e647c2e70b7a440b4187098442946238cdd38a235b264899fa2f8b51f8a660653545ab78b6a47b6462efaa8192061344501fb8d96f8de3b132ee012626f94be7b4a9e572a43167614409ee4aa2a40d2feb04bb54137ca025e367e2eee1e8b4f78b741aac17c55ab77d0fd2b7318207e91fd536b9fb7c994a9ad0769020b45bc05965f6dffb15fd462bb2e49632c788cfeb74472be3d9eaf3284"})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
mmap$binder(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x11, r1, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x10}], 0x0, 0x0, 0x0})
r2 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x141342, 0x0)
mmap(&(0x7f0000797000/0x2000)=nil, 0x2000, 0x3000001, 0x22052, r2, 0x2000)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000000)={0x44, 0x0, &(0x7f0000000340)=[@reply={0x40406301, {0x2, 0x0, 0x0, 0x0, 0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

20.26982ms ago: executing program 6 (id=870):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000200)={0x73622a85, 0x1081, 0x200000000000})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000240)={0x4, 0x0, &(0x7f00000001c0)=[@enter_looper], 0x720, 0x0, &(0x7f0000000580)="de547e22bade76f1a03b79e954ee20bc43f7fe47218a02ff8ba942478a7b69462fc21aff55002ce55e854564e7d309f20d222f9220c8d9b1b0d196137252587ab17948adf2dcbba03d2f3e0e647c2e70b7a440b4187098442946238cdd38a235b264899fa2f8b51f8a660653545ab78b6a47b6462efaa8192061344501fb8d96f8de3b132ee012626f94be7b4a9e572a43167614409ee4aa2a40d2feb04bb54137ca025e367e2eee1e8b4f78b741aac17c55ab77d0fd2b7318207e91fd536b9fb7c994a9ad0769020b45bc05965f6dffb15fd462bb2e49632c788cfeb74472be3d9eaf3284719df7187a354b3915df2661363052a24baf8cc101728d302f75878515b436d1fbdb3fc5fc88e8745c56b1bd79dc2cc7e7b5be814275a3edfc67e923d199c97fd6a8b2d11d2923b688471fe8c1e771545d17bad44fc5f7a91cf43ba91b4627c9554a333b6e8ee1c457b54c30bccbbabdfed6158fed6e548cd54ad7409e0a03fb2f685f8987e98ee687a09a730c2a757d3b1595a1146d57230e178284ef3fed5553bbd1e82bd418a13c03f944421d013d96182302122d01c432e24c43a9dff19658a3680167297367a1ee7f70e0968ce28ca2bc8b8525c41f8d4f9cdcaaa25b2d0fea854626eba2e86ecb31e9be7b8e704287fe45ad3f169d7f67e798b0de3bf70f485f81ba5e9aef1ec5782c4c609ffdc93a3bdfeeb7e7cd05ea7023895be4a3f78f188fdbd83ded6dcdf1d429c12b1b250284110295e3515bfb117119839f13057ea2366d3c4b75b28f60afe17b195d04ff58dd2f3382bb57152f2928f9a91bbcc42057777ba13becb4552419caa2ffc325219a6995f5d1e9a193a1aede859834ef765009d6c242ad918ecf3fe62c8dfe2ff309cbce740950cdd05c8e0b7f75aa21731be678552b2d0024a4b3815fb52f056ba37f3f466afab6b5728def0fdef93655524121927df3a39af0845df7612e9ccdae25f406ac0ad7a0e4f980398597ab2c2291d87a1ed618b9e392f1d055d5290be67b6cec9e7505c41025d2aa6e82a4f693042989b5f4a9abfe0ec51fd9dcb972a054b80ee6a460fd422eaa971e2cb759c72e676e2877c667c6ce002be1ce6ba8380e6dd691590c84ba68d26f3284280dcacd082b42bf5aac71467b3fcd5d68ab1bc26cf48fe770ccff5f14ff8afafb18d3127a6d989b7d77665a7a9bf4cb488621c904acd0b073396ad8509c9ddb02eb1d23510a52289a5f0d7edba66d4ef271b9c6acc3bfa996b55f6808650236b0001132ef85fc5070b69144ff5fdd8d64f6c3e0dd22711f69a940ebdb4ab5ff6240da3160049d2047e6713d47ad0db40ec543c095ad67c8cbe438fb875927c98e265498b3da8d4ca54bac0e6efe759a2d4d4190e9fc8835599da8237f472411a71236bb930d28a26f49062d270f4087a6a709c005eebc9740ed54dd005c787c44badac9c720b0d424d0ded9bb8c24c0e842deedf386fc7714a31268292d3bcc53b1cf24b156445c8bf64336f742b1ba836eba0ae4a5aaa9a6f35d4f81734e16bce965795d5b1255609d1860fe11c9c536db078af94772830ba000c13e1d9383e3d862fa07f2199da148632c036bc19f6014eeb206a3654d390c78911deeabebf128def61122754e0a4696db82666a018f8d2f44b5aadc12809ade8bed1b1ba2adbb6e3e82180e26748dc30a8eda0edb21fcaa702632ed3fb4e89550c3e0e1fd2b5ecf1983d85bf9569b231e28155756bd97f1220cbc2b5b1c02dab88ee4a8970d4833b9e51529895afe5029823576297d4a917602fe08df57e1d7f63d050877ddf8e82a5383e15f313171b2d5618a1549f3dfced0732b887508ca5e134124d0ed0bd4b767115d1530f73504387e0364d73a2d3b114fcb49219b1c15e066c455b01672e49499995454a502236f5a5007895d3d1d8843007352a3ccc3f71d3e801efd0a6ef922bf39ead16e01ec20ebff2b1ce7cfd0984b26225cb1359b36efe9ad2ae1f6de4862c0faaa52f4d0eb4c13960ceb4aeaa10ae61a09a5abdb0c61661962a0aab14d465a8ae6f45826e1e66428cf8572eb53c98160df6613a62bb611c63f1ffb7a795a889fc16670f6302fd36ee4247bdd4282f1afb6042c832a4b0857cecae0a7090d9b11ae46d9186c710c8dd12911db573493329bea2c743734d86a577cf27aa01e4fc6c91f1fa34bba173d20b97ed8bb4bad43692df90bfd2b193b9e8b93a95ec0d0d42217395d89db511d2e9bbeb3ef47b7b2d81ab54b5c8faa760ef5c0493af13a9327c9432521ed6bfcb9d778d25031da41a983027fe7d794c26326053d38172444307d88501cdd26c3fdeafdf5f599d3dcfd39972f28ec3fb1fb40982615f5d71d6693a8774df072576834c69b89f209b458fad4671f0108fdfc8548a6fcf76a843369a3bca4d2974221ed9af224d151fa8aa73276ba65ca3d8bc98d6504f16bcac30c697f68cb1625b4f2259ee0c694951752845fa11c20fc4dda369d53918c3746918692ee2cda958612808b841b8d36ef3933f5340e1fc8fb10ac2ae97da921f6a67806831356d515c7a32468dfd3385c"})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000002d00), 0x2000)
ioctl$INCFS_IOC_PERMIT_FILL(0xffffffffffffffff, 0x40046721, &(0x7f0000000040)={r1})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0xc0042, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000140)=ANY=[@ANYBLOB="01feffffffffff0000e39ca500"/27])
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r5 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000240), 0x1, 0x0)
write$vga_arbiter(r5, &(0x7f0000000280)=ANY=[@ANYBLOB='tryl'], 0xc)
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x0, 0x81, 0x100000, 0x0, 0x2004c8, 0x8000000, 0xfffffffffffffffe, 0x1, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x2], 0xeeee8000, 0x42240})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000640)={[0x202a4, 0x7, 0x8000, 0x800000000005, 0x2, 0x5, 0xefffffffffffffff, 0xb, 0x0, 0x7fffffffffffffff, 0x0, 0x9, 0x3, 0x1, 0x8000000000000000, 0xff], 0x0, 0x41845})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x10}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000000)={0x44, 0x0, &(0x7f0000000340)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x0, &(0x7f0000000180)={0x30, 0x30, 0x30}}}], 0x0, 0x0, 0x0})

0s ago: executing program 5 (id=871):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x801, 0x0)
r1 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/sys/net/ipv4/tcp_rmem\x00', 0x1, 0x0)
write$cgroup_subtree(r1, &(0x7f0000001600)=ANY=[@ANYRESHEX], 0x7)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f00000002c0)={0x73622a85, 0x110a, 0x1})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000003c0)={0x18, 0x0, &(0x7f0000000700)=[@increfs={0x40046305}, @increfs={0x40046304, 0x3}, @decrefs], 0x0, 0x0, 0x0})

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.1.21' (ED25519) to the list of known hosts.
[   22.056608][   T36] audit: type=1400 audit(1750406124.660:64): avc:  denied  { mounton } for  pid=281 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2022 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[   22.058039][  T281] cgroup: Unknown subsys name 'net'
[   22.079323][   T36] audit: type=1400 audit(1750406124.660:65): avc:  denied  { mount } for  pid=281 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   22.106666][   T36] audit: type=1400 audit(1750406124.690:66): avc:  denied  { unmount } for  pid=281 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   22.106936][  T281] cgroup: Unknown subsys name 'devices'
[   22.271825][  T281] cgroup: Unknown subsys name 'hugetlb'
[   22.277449][  T281] cgroup: Unknown subsys name 'rlimit'
[   22.452679][   T36] audit: type=1400 audit(1750406125.060:67): avc:  denied  { setattr } for  pid=281 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=190 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   22.475879][   T36] audit: type=1400 audit(1750406125.060:68): avc:  denied  { mounton } for  pid=281 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
Setting up swapspace version 1, size = 127995904 bytes
[   22.498107][  T283] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
[   22.500797][   T36] audit: type=1400 audit(1750406125.060:69): avc:  denied  { mount } for  pid=281 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[   22.530869][  T281] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   22.532417][   T36] audit: type=1400 audit(1750406125.120:70): avc:  denied  { relabelto } for  pid=283 comm="mkswap" name="swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   22.566354][   T36] audit: type=1400 audit(1750406125.120:71): avc:  denied  { write } for  pid=283 comm="mkswap" path="/root/swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   22.591980][   T36] audit: type=1400 audit(1750406125.140:72): avc:  denied  { read } for  pid=281 comm="syz-executor" name="swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   22.617493][   T36] audit: type=1400 audit(1750406125.140:73): avc:  denied  { open } for  pid=281 comm="syz-executor" path="/root/swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   23.885998][  T288] bridge0: port 1(bridge_slave_0) entered blocking state
[   23.905535][  T288] bridge0: port 1(bridge_slave_0) entered disabled state
[   23.912844][  T288] bridge_slave_0: entered allmulticast mode
[   23.920176][  T288] bridge_slave_0: entered promiscuous mode
[   23.927542][  T288] bridge0: port 2(bridge_slave_1) entered blocking state
[   23.936558][  T288] bridge0: port 2(bridge_slave_1) entered disabled state
[   23.943713][  T288] bridge_slave_1: entered allmulticast mode
[   23.950010][  T288] bridge_slave_1: entered promiscuous mode
[   24.078835][  T293] bridge0: port 1(bridge_slave_0) entered blocking state
[   24.085895][  T293] bridge0: port 1(bridge_slave_0) entered disabled state
[   24.092999][  T293] bridge_slave_0: entered allmulticast mode
[   24.099272][  T293] bridge_slave_0: entered promiscuous mode
[   24.108553][  T293] bridge0: port 2(bridge_slave_1) entered blocking state
[   24.115613][  T293] bridge0: port 2(bridge_slave_1) entered disabled state
[   24.122717][  T293] bridge_slave_1: entered allmulticast mode
[   24.129107][  T293] bridge_slave_1: entered promiscuous mode
[   24.167564][  T294] bridge0: port 1(bridge_slave_0) entered blocking state
[   24.174648][  T294] bridge0: port 1(bridge_slave_0) entered disabled state
[   24.181777][  T294] bridge_slave_0: entered allmulticast mode
[   24.188014][  T294] bridge_slave_0: entered promiscuous mode
[   24.195824][  T294] bridge0: port 2(bridge_slave_1) entered blocking state
[   24.202901][  T294] bridge0: port 2(bridge_slave_1) entered disabled state
[   24.209996][  T294] bridge_slave_1: entered allmulticast mode
[   24.216284][  T294] bridge_slave_1: entered promiscuous mode
[   24.222301][  T292] bridge0: port 1(bridge_slave_0) entered blocking state
[   24.229483][  T292] bridge0: port 1(bridge_slave_0) entered disabled state
[   24.236548][  T292] bridge_slave_0: entered allmulticast mode
[   24.242958][  T292] bridge_slave_0: entered promiscuous mode
[   24.249337][  T292] bridge0: port 2(bridge_slave_1) entered blocking state
[   24.256368][  T292] bridge0: port 2(bridge_slave_1) entered disabled state
[   24.263475][  T292] bridge_slave_1: entered allmulticast mode
[   24.269742][  T292] bridge_slave_1: entered promiscuous mode
[   24.340920][  T288] bridge0: port 2(bridge_slave_1) entered blocking state
[   24.348072][  T288] bridge0: port 2(bridge_slave_1) entered forwarding state
[   24.355408][  T288] bridge0: port 1(bridge_slave_0) entered blocking state
[   24.362471][  T288] bridge0: port 1(bridge_slave_0) entered forwarding state
[   24.447701][   T46] bridge0: port 1(bridge_slave_0) entered disabled state
[   24.455437][   T46] bridge0: port 2(bridge_slave_1) entered disabled state
[   24.474799][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[   24.481884][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[   24.530206][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[   24.537269][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[   24.544983][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[   24.552053][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[   24.560281][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[   24.567319][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[   24.613792][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[   24.620880][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[   24.633331][  T293] veth0_vlan: entered promiscuous mode
[   24.644175][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[   24.651237][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[   24.658987][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[   24.666035][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[   24.673682][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[   24.680736][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[   24.697573][  T288] veth0_vlan: entered promiscuous mode
[   24.722661][  T293] veth1_macvtap: entered promiscuous mode
[   24.732122][  T288] veth1_macvtap: entered promiscuous mode
[   24.757849][  T292] veth0_vlan: entered promiscuous mode
[   24.790562][  T293] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   24.808744][  T292] veth1_macvtap: entered promiscuous mode
[   24.816750][  T294] veth0_vlan: entered promiscuous mode
[   24.851665][  T308] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   24.869541][  T294] veth1_macvtap: entered promiscuous mode
[   24.931419][  T308] rust_binder: Error while translating object.
[   24.931480][  T308] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   24.949748][  T308] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:2
[   24.972049][  T324] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 128, limit: 144, size: 128)
[   24.984633][  T324] rust_binder: Error while translating object.
[   24.995557][  T324] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   24.999378][  T320] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   25.001774][  T324] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:10
[   25.025298][  T320] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:2
[   25.059261][  T328] binfmt_misc: register: failed to install interpreter file ./cgroup
[   25.091794][  T332] SELinux:  Context system_u:object_r:cert_t:s0 is not valid (left unmapped).
[   25.102326][  T328] SELinux:  Context system_u: is not valid (left unmapped).
[   25.110890][  T332] SELinux:  Context ��o���}
��xd is not valid (left unmapped).
[   25.192265][  T337] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:6
[   25.199347][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.229245][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.237040][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.252527][  T346] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[   25.258919][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.278515][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.286497][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.288683][  T349] rust_binder: Write failure EFAULT in pid:14
[   25.308614][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x7
[   25.323528][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.331565][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.339449][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.347215][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.355015][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.362848][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.371191][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.380455][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.388480][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.396273][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.404297][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.412200][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.420069][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.427973][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.438320][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.452983][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.468446][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.477986][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.488540][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.496310][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.504151][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.518612][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.533066][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.543371][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.549091][  T368] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   25.563318][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.579176][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.586960][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.594805][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.602798][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.611315][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.625570][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.635674][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.643513][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.651413][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.660620][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.668478][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.676335][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.684136][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.693129][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.701154][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.709466][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.717222][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.726589][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.735045][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.744497][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.752630][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.760982][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.769259][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x6
[   25.773221][  T387] block device autoloading is deprecated and will be removed.
[   25.777196][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.792572][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.802951][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.810771][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.818584][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.819464][  T388] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[   25.826360][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.836771][  T388] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[   25.842814][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.859339][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.867097][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.874889][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.883101][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.891647][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.899524][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.907306][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.915529][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.923476][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.932394][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.940354][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.948132][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.956042][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.963827][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.971658][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.979479][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   25.991662][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   26.000934][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   26.008885][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   26.016666][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   26.024466][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   26.032274][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   26.040032][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   26.049249][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   26.057517][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   26.065350][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   26.073172][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   26.080960][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   26.088871][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   26.096669][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   26.104469][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   26.112992][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   26.131178][  T402] input: syz0 as /devices/virtual/input/input4
[   26.134830][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   26.150920][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   26.158993][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   26.166852][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   26.175109][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   26.182937][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   26.190745][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   26.199751][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   26.207501][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   26.215289][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   26.223049][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   26.230838][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   26.241185][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   26.249260][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   26.258647][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   26.266985][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   26.274830][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   26.282835][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   26.290744][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   26.298649][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x6
[   26.306462][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x3
[   26.314395][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   26.322524][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   26.331307][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   26.339777][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   26.347585][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   26.355409][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   26.363201][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   26.370984][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   26.378757][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   26.386486][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   26.394285][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   26.402122][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   26.409981][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   26.417409][  T410] rust_binder: Failed to allocate buffer. len:4294966472, is_oneway:false
[   26.417714][  T410] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOSPC }
[   26.417729][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   26.428688][  T410] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOSPC } my_pid:39
[   26.435758][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   26.460343][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   26.469539][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   26.477871][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   26.485766][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   26.493641][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   26.501475][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   26.509321][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   26.517330][   T10] hid-generic 0008:0000:FFFFFBFF.0001: unknown main item tag 0x0
[   26.518954][  T413] binder: Unknown parameter 'fscontext?}'
[   26.526343][   T10] hid-generic 0008:0000:FFFFFBFF.0001: hidraw0: <UNKNOWN> HID v9.86 Device [syz0] on syz1
[   26.646984][  T422] rust_binder: Error while translating object.
[   26.647027][  T422] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   26.666067][  T422] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:30
[   26.685264][  T419] fido_id[419]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[   26.870024][  T435] block device autoloading is deprecated and will be removed.
[   26.885501][  T435] syz.2.39: attempt to access beyond end of device
[   26.885501][  T435] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[   26.885913][  T436] binder: Unknown parameter 'ctats'
[   26.913104][  T435] rust_binder: Error while translating object.
[   26.913141][  T435] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   26.922624][  T435] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:14
[   26.925286][  T439] =======================================================
[   26.925286][  T439] WARNING: The mand mount option has been deprecated and
[   26.925286][  T439]          and is ignored by this kernel. Remove the mand
[   26.925286][  T439]          option from the mount to silence this warning.
[   26.925286][  T439] =======================================================
[   27.100794][  T444] SELinux: security_context_str_to_sid () failed with errno=-22
[   27.207248][   T36] kauditd_printk_skb: 71 callbacks suppressed
[   27.207266][   T36] audit: type=1400 audit(1750406129.810:145): avc:  denied  { write } for  pid=452 comm="syz.3.45" name="rnullb0" dev="devtmpfs" ino=31 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[   27.236723][   T36] audit: type=1400 audit(1750406129.820:146): avc:  denied  { ioctl } for  pid=452 comm="syz.3.45" path="/dev/rnullb0" dev="devtmpfs" ino=31 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[   27.275199][  T458] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:40
[   27.275734][  T458] rust_binder: Read failure Err(EFAULT) in pid:40
[   27.285619][  T458] rust_binder: Write failure EFAULT in pid:40
[   27.316370][  T466] rust_binder: Write failure EINVAL in pid:43
[   27.346838][   T36] audit: type=1400 audit(1750406129.950:147): avc:  denied  { read } for  pid=468 comm="syz.0.50" name="ppp" dev="devtmpfs" ino=86 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   27.377679][   T36] audit: type=1400 audit(1750406129.950:148): avc:  denied  { open } for  pid=468 comm="syz.0.50" path="/dev/ppp" dev="devtmpfs" ino=86 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   27.408027][   T36] audit: type=1400 audit(1750406129.950:149): avc:  denied  { ioctl } for  pid=468 comm="syz.0.50" path="/dev/ppp" dev="devtmpfs" ino=86 ioctlcmd=0x743e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   27.433322][   T36] audit: type=1400 audit(1750406129.960:150): avc:  denied  { write } for  pid=468 comm="syz.0.50" name="ppp" dev="devtmpfs" ino=86 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   27.463440][  T472] rust_binder: BC_REQUEST_FREEZE_NOTIFICATION already set
[   27.471024][  T472] rust_binder: Write failure EINVAL in pid:47
[   27.493183][  T475] input input6: cannot allocate more than FF_MAX_EFFECTS effects
[   27.510563][   T36] audit: type=1400 audit(1750406130.120:151): avc:  denied  { setcurrent } for  pid=474 comm="syz.1.52" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   27.535775][   T36] audit: type=1401 audit(1750406130.120:152): op=security_bounded_transition seresult=denied oldcontext=root:sysadm_r:sysadm_t newcontext=system_u:object_r:hugetlbfs_t
[   27.544400][  T481] rust_binder: Write failure EFAULT in pid:48
[   27.610601][   T36] audit: type=1400 audit(1750406130.220:153): avc:  denied  { write } for  pid=484 comm="syz.1.56" name="pfkey" dev="proc" ino=4026532362 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[   27.640985][  T485] rust_binder: Write failure EINVAL in pid:55
[   27.659579][  T489] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:57
[   27.675897][   T36] audit: type=1400 audit(1750406130.270:154): avc:  denied  { write } for  pid=488 comm="syz.1.58" name="hwrng" dev="devtmpfs" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1
[   27.712318][  T491] rust_binder: Write failure EINVAL in pid:18
[   27.820822][  T501] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:56
[   27.888178][  T507] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   27.904245][  T504] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   27.910857][  T504] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:61
[   27.933688][  T511] rust_binder: Write failure EFAULT in pid:56
[   27.944246][  T511] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:56
[   27.950136][  T513] rust_binder: Failed to allocate buffer. len:40, is_oneway:false
[   27.950468][  T514] rust_binder: Failed to allocate buffer. len:40, is_oneway:false
[   28.165865][  T522] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[   28.175420][  T522] rust_binder: Read failure Err(EFAULT) in pid:28
[   28.184075][  T522] rust_binder: Write failure EINVAL in pid:28
[   28.263095][  T532] rust_binder: Write failure EINVAL in pid:32
[   28.521743][  T551] SELinux: security_context_str_to_sid (*��#) failed with errno=-22
[   28.552567][  T555] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:69
[   28.570970][  T557] input: syz1 as /devices/virtual/input/input9
[   28.596902][  T557] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:39
[   28.767264][  T566] rust_binder: Write failure EINVAL in pid:74
[   28.767593][  T567] rust_binder: Write failure EINVAL in pid:74
[   28.830982][  T573] SELinux: security_context_str_to_sid (sytem_u�Gй) failed with errno=-22
[   28.859744][  T577] rust_binder: BC_REQUEST_FREEZE_NOTIFICATION invalid ref 3
[   28.867165][  T577] rust_binder: Write failure EINVAL in pid:60
[   28.989446][  T591] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   29.006967][  T591] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOMEM }
[   29.014510][  T587] rust_binder: Write failure EINVAL in pid:43
[   29.025991][  T591] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOMEM } my_pid:66
[   29.037159][  T593] can0: slcan on ttyS3.
[   29.104195][  T600] rust_binder: Write failure EINVAL in pid:71
[   29.158878][  T607] SELinux: failed to load policy
[   29.184748][  T607] binder: Unknown parameter 'defcontext01777777777777777777777����0xffffffffffffffff����'
[   29.217355][  T613] KVM: debugfs: duplicate directory 613-5
[   29.259033][  T618] input: syz0 as /devices/virtual/input/input11
[   29.272598][  T613] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   29.272633][  T613] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:73
[   29.308828][  T592] can0 (unregistered): slcan off ttyS3.
[   29.547754][  T649] input: syz0 as /devices/virtual/input/input12
[   29.613660][  T649] binder: Binderfs stats mode cannot be changed during a remount
[   29.619945][  T652] rust_binder: Error while translating object.
[   29.624882][  T652] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBADF }
[   29.638479][  T652] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EBADF } my_pid:75
[   29.683885][  T662] binder: Unknown parameter ' Button"
[   29.683885][  T662] P: Phys'
[   29.822120][  T670] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:60
[   29.822159][  T670] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[   29.835878][  T670] rust_binder: Read failure Err(EFAULT) in pid:60
[   29.925701][  T688] input: syz1 as /devices/virtual/input/input14
[   29.955977][  T688] binder: Unknown parameter 'nXI'
[   29.964909][  T691] rust_binder: Error while translating object.
[   29.964941][  T691] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EPERM }
[   29.978492][  T691] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EPERM } my_pid:82
[   30.043608][  T699] binder: Unknown parameter 'defcontext18446744073709551615'
[   30.175177][  T517] hid-generic C98F:0003:0000.0002: unknown main item tag 0x0
[   30.179703][  T710] rust_binder: Write failure EFAULT in pid:87
[   30.183304][  T710] rust_binder: Write failure EFAULT in pid:87
[   30.189627][  T710] rust_binder: Write failure EFAULT in pid:87
[   30.195711][  T517] hid-generic C98F:0003:0000.0002: unknown main item tag 0x0
[   30.196469][  T517] hid-generic C98F:0003:0000.0002: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[   30.203851][  T710] rust_binder: Write failure EFAULT in pid:87
[   30.219742][  T710] rust_binder: Write failure EFAULT in pid:87
[   30.225854][  T710] rust_binder: Write failure EFAULT in pid:87
[   30.231998][  T710] rust_binder: Write failure EFAULT in pid:87
[   30.232472][  T716] rust_binder: Write failure EINVAL in pid:67
[   30.238092][  T710] rust_binder: Write failure EFAULT in pid:87
[   30.255437][  T716] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:67
[   30.270482][  T710] rust_binder: Write failure EFAULT in pid:87
[   30.285720][  T710] rust_binder: Write failure EFAULT in pid:87
[   30.292023][  T710] rust_binder: Write failure EFAULT in pid:87
[   30.298314][  T710] rust_binder: Write failure EFAULT in pid:87
[   30.309157][  T710] rust_binder: Write failure EFAULT in pid:87
[   30.315530][  T710] rust_binder: Write failure EFAULT in pid:87
[   30.322914][  T710] rust_binder: Write failure EFAULT in pid:87
[   30.335489][  T710] rust_binder: Write failure EFAULT in pid:87
[   30.346688][  T710] rust_binder: Write failure EFAULT in pid:87
[   30.356968][  T710] rust_binder: Write failure EFAULT in pid:87
[   30.363168][  T710] rust_binder: Write failure EFAULT in pid:87
[   30.369738][  T710] rust_binder: Write failure EFAULT in pid:87
[   30.375944][  T710] rust_binder: Write failure EFAULT in pid:87
[   30.383384][  T710] rust_binder: Write failure EFAULT in pid:87
[   30.391204][  T710] rust_binder: Write failure EFAULT in pid:87
[   30.397658][  T710] rust_binder: Write failure EFAULT in pid:87
[   30.403918][  T710] rust_binder: Write failure EFAULT in pid:87
[   30.410121][  T710] rust_binder: Write failure EFAULT in pid:87
[   30.416434][  T710] rust_binder: Write failure EFAULT in pid:87
[   30.422930][  T710] rust_binder: Write failure EFAULT in pid:87
[   30.431066][  T710] rust_binder: Write failure EFAULT in pid:87
[   30.437406][  T710] rust_binder: Write failure EFAULT in pid:87
[   30.443708][  T710] rust_binder: Write failure EFAULT in pid:87
[   30.451663][  T710] rust_binder: Write failure EFAULT in pid:87
[   30.458336][  T710] rust_binder: Write failure EFAULT in pid:87
[   30.465045][  T710] rust_binder: Write failure EFAULT in pid:87
[   30.471837][  T710] rust_binder: Write failure EFAULT in pid:87
[   30.492498][  T710] rust_binder: Write failure EFAULT in pid:87
[   30.498800][  T710] rust_binder: Write failure EFAULT in pid:87
[   30.504943][  T710] rust_binder: Write failure EFAULT in pid:87
[   30.513185][  T710] rust_binder: Write failure EFAULT in pid:87
[   30.526459][  T710] rust_binder: Write failure EFAULT in pid:87
[   30.546060][  T710] rust_binder: Write failure EFAULT in pid:87
[   30.569518][  T710] rust_binder: Write failure EFAULT in pid:87
[   30.575654][  T710] rust_binder: Write failure EFAULT in pid:87
[   30.584048][  T710] rust_binder: Write failure EFAULT in pid:87
[   30.603744][  T710] rust_binder: Write failure EFAULT in pid:87
[   30.610058][  T710] rust_binder: Write failure EFAULT in pid:87
[   30.616176][  T710] rust_binder: Write failure EFAULT in pid:87
[   30.642463][  T710] rust_binder: Write failure EFAULT in pid:87
[   30.654902][  T710] rust_binder: Write failure EFAULT in pid:87
[   30.662608][  T710] rust_binder: Write failure EFAULT in pid:87
[   30.669586][  T710] rust_binder: Write failure EFAULT in pid:87
[   30.675755][  T710] rust_binder: Write failure EFAULT in pid:87
[   30.682928][  T710] rust_binder: Write failure EFAULT in pid:87
[   30.689200][  T710] rust_binder: Write failure EFAULT in pid:87
[   30.701464][  T710] rust_binder: Write failure EFAULT in pid:87
[   30.707576][  T710] rust_binder: Write failure EFAULT in pid:87
[   30.714335][  T710] rust_binder: Write failure EFAULT in pid:87
[   30.728682][  T710] rust_binder: Write failure EFAULT in pid:87
[   30.744091][  T710] rust_binder: Write failure EFAULT in pid:87
[   30.751487][  T710] rust_binder: Write failure EFAULT in pid:87
[   30.757641][  T710] rust_binder: Write failure EFAULT in pid:87
[   30.767920][  T710] rust_binder: Write failure EFAULT in pid:87
[   30.787382][  T710] rust_binder: Write failure EFAULT in pid:87
[   30.793911][  T710] rust_binder: Write failure EFAULT in pid:87
[   30.797139][  T752] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:76
[   30.800399][  T710] rust_binder: Write failure EFAULT in pid:87
[   30.915891][  T760] rust_binder: Error in use_page_slow: ESRCH
[   30.932006][  T760] rust_binder: use_range failure ESRCH
[   30.932027][  T760] rust_binder: Failed to allocate buffer. len:144, is_oneway:false
[   30.937632][  T760] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[   30.950469][  T760] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:92
[   30.982638][  T762] SELinux: failed to load policy
[   31.022135][  T765] SELinux: failed to load policy
[   31.206698][  T792] random: crng reseeded on system resumption
[   31.254991][  T794] rust_binder: Error while translating object.
[   31.255017][  T794] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   31.267936][  T794] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:104
[   31.453591][  T806] binder: Bad value for 'stats'
[   32.279601][   T36] kauditd_printk_skb: 49 callbacks suppressed
[   32.279619][   T36] audit: type=1400 audit(1750406134.890:204): avc:  denied  { append } for  pid=845 comm="syz.0.173" name="rnullb0" dev="devtmpfs" ino=31 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[   32.446391][  T863] rust_binder: Write failure EFAULT in pid:135
[   32.541554][  T867] rust_binder: Write failure EFAULT in pid:139
[   32.564827][  T867] rust_binder: Write failure EFAULT in pid:139
[   32.638648][  T877] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[   32.644866][  T877] rust_binder: Read failure Err(EFAULT) in pid:142
[   33.119817][  T899] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:154
[   33.183361][  T903] rust_binder: Error while translating object.
[   33.192704][  T903] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   33.210841][  T903] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:153
[   33.546058][   T36] audit: type=1326 audit(1750406136.150:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=917 comm="syz.3.196" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fb7b1f8e929 code=0x0
[   33.783774][  T936] rust_binder: Write failure EINVAL in pid:166
[   34.033329][   T45] hid-generic 009C:0008:0003.0003: unknown main item tag 0x0
[   34.064773][   T45] hid-generic 009C:0008:0003.0003: unknown main item tag 0x0
[   34.079903][   T45] hid-generic 009C:0008:0003.0003: unknown main item tag 0x0
[   34.095053][   T45] hid-generic 009C:0008:0003.0003: unknown main item tag 0x0
[   34.110959][   T45] hid-generic 009C:0008:0003.0003: unknown main item tag 0x0
[   34.128493][   T45] hid-generic 009C:0008:0003.0003: unknown main item tag 0x0
[   34.141486][   T45] hid-generic 009C:0008:0003.0003: unknown main item tag 0x0
[   34.156569][   T45] hid-generic 009C:0008:0003.0003: unknown main item tag 0x0
[   34.172785][   T45] hid-generic 009C:0008:0003.0003: unknown main item tag 0x0
[   34.183764][   T45] hid-generic 009C:0008:0003.0003: unknown main item tag 0x0
[   34.205303][  T948] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOMEM }
[   34.205339][  T948] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOMEM } my_pid:174
[   34.219650][   T45] hid-generic 009C:0008:0003.0003: unknown main item tag 0x0
[   34.242031][   T45] hid-generic 009C:0008:0003.0003: unknown main item tag 0x0
[   34.249819][   T45] hid-generic 009C:0008:0003.0003: unknown main item tag 0x0
[   34.257718][   T45] hid-generic 009C:0008:0003.0003: unknown main item tag 0x0
[   34.265654][   T45] hid-generic 009C:0008:0003.0003: unknown main item tag 0x0
[   34.274113][   T45] hid-generic 009C:0008:0003.0003: hidraw0: <UNKNOWN> HID v0.05 Device [syz1] on syz0
[   34.326923][  T965] fido_id[965]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[   34.456347][   T12] Bluetooth: hci0: Frame reassembly failed (-84)
[   34.478298][  T984] binder: Bad value for 'max'
[   35.003214][ T1013] SELinux: failed to load policy
[   35.129498][ T1017] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[   35.129535][ T1017] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:197
[   35.178989][ T1021] rust_binder: Write failure EINVAL in pid:199
[   35.245691][   T36] audit: type=1400 audit(1750406137.850:206): avc:  denied  { map } for  pid=1018 comm="syz.1.227" path="/dev/uinput" dev="devtmpfs" ino=194 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   35.338058][ T1025] SELinux: security_context_str_to_sid (syte) failed with errno=-22
[   35.424478][ T1029] rust_binder: validate_parent_fixup: fixup_min_offset=29, parent_offset=27
[   35.424502][ T1029] rust_binder: Error while translating object.
[   35.445783][ T1029] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   35.453193][ T1029] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:205
[   35.463024][ T1028] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   35.602106][ T1041] rust_binder: inc_ref_done called when no active inc_refs
[   35.608950][ T1041] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:209
[   36.308448][   T36] audit: type=1400 audit(1750406138.900:207): avc:  denied  { view } for  pid=1050 comm="syz.0.236" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[   36.488495][  T977] Bluetooth: hci0: command 0x1003 tx timeout
[   36.488499][   T53] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   36.629907][ T1053] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[   36.648169][ T1053] kvm: requested 14247 ns i8254 timer period limited to 200000 ns
[   36.678757][ T1053] rust_binder: Failed to claim space for a BINDER_TYPE_PTR. (offset: 4200, limit: 4216, size: 89)
[   36.678784][ T1053] rust_binder: Error while translating object.
[   36.702933][ T1053] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   36.711153][ T1059] syz.0.239 (1059) used obsolete PPPIOCDETACH ioctl
[   36.726839][ T1053] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:167
[   36.890691][ T1069] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:172
[   36.920220][  T305] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   36.941998][  T305] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   36.951189][  T305] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   36.973366][  T305] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   36.980908][  T305] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   36.991035][ T1077] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:172
[   37.001318][  T305] hid-generic 0000:0000:0000.0004: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[   37.069569][ T1083] fido_id[1083]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[   37.105583][ T1085] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3070988179 (3070988179 ns) > initial count (1876204212 ns). Using initial count to start timer.
[   37.172937][ T1088] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   37.172967][ T1088] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   37.359492][   T36] audit: type=1400 audit(1750406139.970:208): avc:  denied  { append } for  pid=1096 comm="syz.3.250" name="uinput" dev="devtmpfs" ino=194 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   37.390392][ T1097] input: syz1 as /devices/virtual/input/input18
[   37.399254][ T1098] input: syz0 as /devices/virtual/input/input19
[   37.417997][ T1098] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:184
[   37.517565][ T1106] rust_binder: BC_REQUEST_FREEZE_NOTIFICATION invalid ref 3
[   37.534670][ T1104] SELinux: failed to load policy
[   37.555193][ T1106] rust_binder: Write failure EINVAL in pid:189
[   37.589604][   T36] audit: type=1326 audit(1750406140.200:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1112 comm="syz.3.255" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb7b1f8e929 code=0x0
[   37.623635][ T1116] SELinux: failed to load policy
[   37.640805][   T36] audit: type=1326 audit(1750406140.250:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1112 comm="syz.3.255" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb7b1f8e929 code=0x0
[   37.735164][   T36] audit: type=1400 audit(1750406140.340:211): avc:  granted  { setsecparam } for  pid=1127 comm="syz.1.259" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[   37.735675][ T1129] rust_binder: Write failure EFAULT in pid:274
[   37.786386][ T1131] rust_binder: Write failure EINVAL in pid:199
[   37.829690][ T1136] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:277
[   37.889056][ T1142] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[   37.901578][ T1142] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:281
[   37.978694][ T1146] random: crng reseeded on system resumption
[   38.250327][ T1157] rust_binder: Write failure EINVAL in pid:286
[   38.250399][ T1157] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:286
[   38.409739][ T1177] binder: Unknown parameter '/dev/kvm'
[   38.468961][ T1175] input: syz0 as /devices/virtual/input/input21
[   38.475265][ T1175] input: failed to attach handler leds to device input21, error: -6
[   38.619901][ T1186] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   38.627189][ T1186] rust_binder: inc_ref_done called when no active inc_refs
[   38.633797][ T1186] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:229
[   38.641431][ T1186] rust_binder: Failed to allocate buffer. len:8, is_oneway:true
[   38.713277][ T1190] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   38.722974][ T1190] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   38.729726][ T1190] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   38.738090][ T1190] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   38.762459][ T1191] rust_binder: BC_REQUEST_FREEZE_NOTIFICATION already set
[   38.776432][ T1190] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   38.776459][ T1190] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   38.785342][ T1191] rust_binder: Write failure EINVAL in pid:244
[   38.792381][ T1190] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   38.799086][ T1190] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   38.807429][ T1190] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   38.814118][ T1190] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   38.826887][ T1190] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   38.833569][ T1190] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   38.840264][ T1190] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   38.848713][ T1190] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   38.855285][ T1190] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   38.862031][ T1190] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   38.868725][ T1190] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   38.875271][ T1190] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   38.885000][ T1190] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   38.891872][ T1190] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   38.904022][ T1190] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   38.910916][ T1190] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   38.917536][ T1198] rust_binder: Write failure EINVAL in pid:237
[   38.924369][ T1190] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   38.930850][ T1190] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   38.937456][ T1190] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   38.944079][ T1198] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:237
[   38.950673][ T1190] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   38.966266][ T1190] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   38.978078][ T1190] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   38.986273][ T1190] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   38.993684][ T1190] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   39.000398][ T1190] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   39.000444][ T1200] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   39.006910][ T1190] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   39.023277][ T1190] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   39.033898][ T1200] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:239
[   39.058547][ T1190] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   39.080819][ T1190] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   39.090024][ T1190] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   39.096533][ T1190] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   39.103109][ T1190] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   39.109794][ T1190] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   39.116738][ T1190] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   39.123332][ T1190] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   39.136141][ T1190] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   39.143167][   T36] audit: type=1400 audit(1750406141.740:212): avc:  denied  { unmount } for  pid=292 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[   39.177065][ T1190] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   39.177100][ T1190] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   39.183897][ T1190] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   39.192189][ T1190] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   39.199720][ T1190] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   39.206326][ T1190] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   39.213143][ T1190] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   39.218614][ T1212] SELinux:  policydb table sizes (0,0) do not match mine (6,7)
[   39.220007][ T1190] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   39.233798][ T1212] SELinux: failed to load policy
[   39.233872][ T1190] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   39.245903][ T1190] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   39.253781][ T1190] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   39.270172][ T1190] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   39.276825][ T1190] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   39.283754][ T1190] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   39.292144][ T1190] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   39.299106][ T1190] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   39.305708][ T1190] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   39.312521][ T1190] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   39.319178][ T1190] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   39.325733][ T1190] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   39.332447][ T1190] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   39.339163][ T1190] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   39.357997][   T36] audit: type=1400 audit(1750406141.960:213): avc:  denied  { validate_trans } for  pid=1216 comm="syz.1.285" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[   39.385600][ T1218] rust_binder: 1217 RLIMIT_NICE not set
[   39.385897][ T1217] rust_binder: Write failure EFAULT in pid:296
[   39.453243][ T1222] rust_binder: Write failure EFAULT in pid:248
[   39.595165][   T36] audit: type=1400 audit(1750406142.200:214): avc:  denied  { setattr } for  pid=294 comm="syz-executor" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   39.664241][   T36] audit: type=1400 audit(1750406142.220:215): avc:  denied  { read } for  pid=1237 comm="syz.0.293" name="rtc0" dev="devtmpfs" ino=195 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[   39.718489][   T36] audit: type=1400 audit(1750406142.220:216): avc:  denied  { open } for  pid=1237 comm="syz.0.293" path="/dev/rtc0" dev="devtmpfs" ino=195 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[   39.742086][   T36] audit: type=1400 audit(1750406142.220:217): avc:  denied  { ioctl } for  pid=1237 comm="syz.0.293" path="/dev/rtc0" dev="devtmpfs" ino=195 ioctlcmd=0x7011 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[   39.983059][ T1259] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[   39.983089][ T1259] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:314
[   39.994154][ T1259] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[   40.003562][ T1259] rust_binder: Read failure Err(EFAULT) in pid:314
[   40.264722][ T1278] random: crng reseeded on system resumption
[   40.346641][ T1285] SELinux: security_context_str_to_sid (syste_u�Gй�:��) failed with errno=-22
[   40.368929][ T1285] rust_binder: Write failure EINVAL in pid:319
[   40.990955][ T1316] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   41.152227][ T1324] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   41.212954][ T1325] rust_binder: Error in use_page_slow: ESRCH
[   41.225722][ T1325] rust_binder: use_range failure ESRCH
[   41.232070][ T1325] rust_binder: Failed to allocate buffer. len:16, is_oneway:false
[   41.237566][ T1325] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[   41.245709][ T1325] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:280
[   41.304617][ T1330] SELinux: security_context_str_to_sid (syste_u�Gй�:��) failed with errno=-22
[   41.407563][ T1335] rust_binder: Error while translating object.
[   41.407592][ T1335] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   41.427857][ T1335] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:282
[   41.460337][ T1338] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:346
[   41.478463][ T1338] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[   41.493328][ T1338] rust_binder: Read failure Err(EFAULT) in pid:346
[   41.545631][ T1344] binder: Bad value for 'max'
[   41.729214][ T1351] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   41.729251][ T1351] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:352
[   41.886172][ T1364] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:358
[   41.901560][ T1364] rust_binder: Error while translating object.
[   41.919142][ T1364] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   41.934252][ T1364] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:358
[   42.140386][ T1380] rust_binder: Write failure EINVAL in pid:366
[   42.593986][   T36] kauditd_printk_skb: 41 callbacks suppressed
[   42.594006][   T36] audit: type=1400 audit(1750406145.200:259): avc:  denied  { map } for  pid=1394 comm="syz.1.339" path="/dev/zero" dev="devtmpfs" ino=5 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:zero_device_t tclass=chr_file permissive=1
[   42.974750][   T36] audit: type=1400 audit(1750406145.580:260): avc:  denied  { read write } for  pid=1404 comm="syz.3.342" name="uhid" dev="devtmpfs" ino=199 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[   43.001388][ T1406] rust_binder: Failed to allocate buffer. len:4232, is_oneway:false
[   43.004362][   T36] audit: type=1400 audit(1750406145.580:261): avc:  denied  { open } for  pid=1404 comm="syz.3.342" path="/dev/uhid" dev="devtmpfs" ino=199 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[   43.220088][   T36] audit: type=1400 audit(1750406145.830:262): avc:  denied  { block_suspend } for  pid=1422 comm="syz.3.347" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   43.520628][ T1441] rust_binder: BC_CLEAR_FREEZE_NOTIFICATION invalid ref 1
[   43.527823][ T1441] rust_binder: Write failure EINVAL in pid:396
[   43.577517][   T36] audit: type=1400 audit(1750406146.180:263): avc:  denied  { append } for  pid=1449 comm="syz.3.355" name="rnullb0" dev="devtmpfs" ino=31 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[   43.611524][   T36] audit: type=1400 audit(1750406146.220:264): avc:  denied  { sys_module } for  pid=1450 comm="syz.1.354" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[   43.644601][   T36] audit: type=1400 audit(1750406146.220:265): avc:  denied  { append } for  pid=1449 comm="syz.3.355" path="/dev/rnullb0" dev="devtmpfs" ino=31 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[   43.670596][   T36] audit: type=1400 audit(1750406146.220:266): avc:  denied  { write } for  pid=1449 comm="syz.3.355" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[   43.698361][   T36] audit: type=1400 audit(1750406146.220:267): avc:  denied  { read write } for  pid=1449 comm="syz.3.355" name="ashmem" dev="devtmpfs" ino=201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   43.721616][   T36] audit: type=1400 audit(1750406146.220:268): avc:  denied  { open } for  pid=1449 comm="syz.3.355" path="/dev/ashmem" dev="devtmpfs" ino=201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   44.034459][ T1461] rust_binder: Error while translating object.
[   44.034506][ T1461] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBADF }
[   44.048498][ T1461] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EBADF } my_pid:409
[   44.259683][ T1483] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   44.292273][ T1483] rust_binder: Failed to allocate buffer. len:64, is_oneway:false
[   44.468351][ T1496] syz.1.368: attempt to access beyond end of device
[   44.468351][ T1496] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[   44.840946][ T1510] SELinux: failed to load policy
[   45.195709][ T1516] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[   45.215596][ T1516] binder: Bad value for 'stats'
[   45.311498][ T1519] rust_binder: Error while translating object.
[   45.311539][ T1519] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   45.317756][ T1519] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:356
[   45.453089][ T1527] binder: Unknown parameter 'non'
[   45.492450][ T1530] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   45.492539][ T1530] rust_binder: Failed to allocate buffer. len:8, is_oneway:true
[   45.669032][ T1538] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:434
[   45.696466][ T1548] SELinux: syz.3.384 (1548) set checkreqprot to 1. This is no longer supported.
[   45.718965][ T1548] SELinux: syz.3.384 (1548) set checkreqprot to 1. This is no longer supported.
[   45.728267][ T1548] SELinux: syz.3.384 (1548) set checkreqprot to 1. This is no longer supported.
[   45.939632][ T1558] SELinux: security_context_str_to_sid () failed with errno=-22
[   46.005698][ T1560] rust_binder: Error while translating object.
[   46.005744][ T1560] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBADF }
[   46.055206][ T1560] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EBADF } my_pid:444
[   46.091742][   T12] bridge_slave_1: left allmulticast mode
[   46.111449][   T12] bridge_slave_1: left promiscuous mode
[   46.119365][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.131016][   T12] bridge_slave_0: left allmulticast mode
[   46.136702][   T12] bridge_slave_0: left promiscuous mode
[   46.153568][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.350993][ T1565] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.358071][ T1565] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.368242][ T1565] bridge_slave_0: entered allmulticast mode
[   46.375225][ T1565] bridge_slave_0: entered promiscuous mode
[   46.382347][   T12] veth1_macvtap: left promiscuous mode
[   46.387883][   T12] veth0_vlan: left promiscuous mode
[   46.457446][ T1565] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.474580][ T1565] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.491336][ T1565] bridge_slave_1: entered allmulticast mode
[   46.497675][ T1565] bridge_slave_1: entered promiscuous mode
[   46.550701][ T1565] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.557754][ T1565] bridge0: port 2(bridge_slave_1) entered forwarding state
[   46.565065][ T1565] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.572116][ T1565] bridge0: port 1(bridge_slave_0) entered forwarding state
[   46.605707][  T304] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.619881][  T304] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.636906][  T304] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.644016][  T304] bridge0: port 1(bridge_slave_0) entered forwarding state
[   46.652632][  T304] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.659735][  T304] bridge0: port 2(bridge_slave_1) entered forwarding state
[   46.667942][ T1583] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:448
[   46.686574][ T1583] rust_binder: Error while translating object.
[   46.695855][ T1583] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   46.703496][ T1565] veth0_vlan: entered promiscuous mode
[   46.703781][ T1583] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:448
[   46.721627][ T1565] veth1_macvtap: entered promiscuous mode
[   46.947764][ T1594] binder: Unknown parameter '0x000000000000000001777777777777777777777'
[   47.066147][ T1609] rust_binder: Error while translating object.
[   47.066197][ T1609] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   47.072721][ T1609] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:13
[   47.123430][ T1612] rust_binder: Write failure EINVAL in pid:16
[   47.529132][ T1643] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:393
[   47.547637][ T1643] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[   47.578479][ T1643] rust_binder: Read failure Err(EFAULT) in pid:393
[   47.608355][   T36] kauditd_printk_skb: 72 callbacks suppressed
[   47.608376][   T36] audit: type=1400 audit(1750406150.210:341): avc:  denied  { ioctl } for  pid=1652 comm="syz.1.415" path="/dev/snapshot" dev="devtmpfs" ino=21 ioctlcmd=0x943e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[   47.615678][ T1640] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[   47.753501][ T1662] rust_binder: Failed to allocate buffer. len:4216, is_oneway:true
[   47.753527][ T1662] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOSPC }
[   47.769503][ T1665] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[   47.779684][ T1662] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOSPC } my_pid:398
[   47.827986][ T1665] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[   47.854714][ T1665] rust_binder: Error while translating object.
[   47.854747][ T1665] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOENT }
[   47.862558][ T1665] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:470
[   48.000882][   T36] audit: type=1400 audit(1750406150.610:342): avc:  denied  { relabelfrom } for  pid=1672 comm="syz.3.421" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[   48.001116][ T1673] binder: Bad value for 'stats'
[   48.028521][   T36] audit: type=1400 audit(1750406150.610:343): avc:  denied  { relabelto } for  pid=1672 comm="syz.3.421" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[   48.240768][ T1679] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   48.268759][ T1680] rust_binder: Error while translating object.
[   48.295870][ T1679] rust_binder: Failed to allocate buffer. len:4232, is_oneway:false
[   48.315694][ T1680] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   48.318523][ T1679] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOSPC }
[   48.333947][ T1680] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:406
[   48.358226][ T1679] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOSPC } my_pid:406
[   48.565240][   T36] audit: type=1400 audit(1750406151.170:344): avc:  denied  { write } for  pid=1683 comm="syz.4.425" name="snapshot" dev="devtmpfs" ino=21 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[   48.597369][ T1684] random: crng reseeded on system resumption
[   48.713615][   T36] audit: type=1400 audit(1750406151.320:345): avc:  denied  { execute } for  pid=1689 comm="syz.3.427" path="/dev/ashmem" dev="devtmpfs" ino=201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   48.763583][   T36] audit: type=1400 audit(1750406151.370:346): avc:  denied  { append } for  pid=1691 comm="syz.3.428" name="ptp0" dev="devtmpfs" ino=196 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[   48.931531][   T36] audit: type=1400 audit(1750406151.540:347): avc:  denied  { map } for  pid=1698 comm="syz.3.430" path="/" dev="tmpfs" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[   49.028591][   T36] audit: type=1400 audit(1750406151.630:348): avc:  denied  { execute } for  pid=1704 comm="syz.4.432" path="/selinux/commit_pending_bools" dev="selinuxfs" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=file permissive=1
[   49.085101][ T1711] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   49.102988][ T1709] rust_binder: Read failure Err(EAGAIN) in pid:482
[   49.110506][ T1711] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:421
[   49.164551][ T1716] rust_binder: Error while translating object.
[   49.173858][ T1716] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   49.181819][ T1716] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:485
[   49.255613][ T1718] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[   49.277919][   T36] audit: type=1400 audit(1750406151.890:349): avc:  denied  { validate_trans } for  pid=1719 comm="syz.3.438" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[   49.389128][ T1730] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   49.389693][ T1730] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOMEM }
[   49.418496][ T1730] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOMEM } my_pid:428
[   49.606350][ T1738] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:436
[   49.620219][ T1740] kernel profiling enabled (shift: 8)
[   49.675376][ T1740] binder: Unknown parameter 'rw'
[   49.784919][ T1746] rust_binder: Write failure EFAULT in pid:440
[   49.868598][ T1748] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[   49.874824][ T1748] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:442
[   50.022732][ T1765] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:488
[   50.028500][   T36] audit: type=1400 audit(1750406152.630:350): avc:  denied  { read write } for  pid=1764 comm="syz.1.450" name="uhid" dev="devtmpfs" ino=199 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[   50.089224][ T1769] SELinux:  policydb string  does not match my string SE Linux
[   50.111652][ T1769] SELinux: failed to load policy
[   50.114617][ T1771] binder: Bad value for 'stats'
[   50.212348][ T1777] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   50.212381][ T1777] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   50.220556][ T1777] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   50.227027][ T1777] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   50.247148][ T1777] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   50.262013][ T1777] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   50.270639][ T1777] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   50.288653][ T1777] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   50.296407][ T1777] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   50.309231][ T1773] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:494
[   50.315706][ T1773] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[   50.338461][ T1777] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   50.344760][ T1773] rust_binder: Read failure Err(EFAULT) in pid:494
[   50.354092][ T1781] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:56
[   50.358528][ T1777] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   50.374920][ T1777] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   50.393346][ T1777] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   50.401238][ T1777] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   50.418555][ T1777] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   50.425454][ T1777] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   50.446601][ T1777] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   50.456697][ T1777] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   50.482371][ T1787] rust_binder: Write failure EINVAL in pid:59
[   50.489127][ T1777] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   50.495243][ T1777] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   50.517102][ T1777] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   50.537425][ T1777] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   50.555926][ T1777] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   50.564798][ T1777] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   50.572878][ T1777] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   50.579583][ T1777] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   50.586417][ T1777] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   50.593350][ T1777] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   50.611321][ T1777] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   50.617808][ T1777] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   50.624773][ T1777] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   50.631413][ T1777] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   50.637931][ T1777] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   50.915365][ T1805] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:469
[   50.940240][ T1805] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[   50.950777][ T1805] rust_binder: Read failure Err(EFAULT) in pid:469
[   51.006788][ T1811] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   51.023613][ T1811] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:501
[   51.091667][ T1817] binder: Unknown parameter 'non'
[   51.141970][ T1818] binder: Unknown parameter 'non'
[   51.189516][ T1821] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   51.208746][ T1821] rust_binder: Error while translating object.
[   51.228595][ T1821] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOENT }
[   51.254228][ T1821] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:505
[   51.589336][ T1837] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:478
[   51.608791][ T1836] rust_binder: Error while translating object.
[   51.628500][ T1836] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EPERM }
[   51.645232][ T1836] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EPERM } my_pid:76
[   51.668903][ T1836] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   51.680712][ T1837] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:478
[   51.765915][ T1844] binder: Unknown parameter '
'
[   52.478620][ T1864] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:94
[   52.479673][ T1861] rust_binder: Failed to vm_insert_page(35184372744192): vma_addr:35184372744192 i:0 err:EBUSY
[   52.508493][ T1861] rust_binder: Error in use_page_slow: EBUSY
[   52.540593][ T1861] rust_binder: use_range failure EBUSY
[   52.548603][ T1861] rust_binder: Failed to allocate buffer. len:8, is_oneway:true
[   52.564307][ T1861] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBUSY }
[   52.578494][ T1861] rust_binder: Failure BR_FAILED_REPLY { source: EBUSY } during reply - delivering BR_FAILED_REPLY to sender.
[   52.608507][ T1861] rust_binder: Transaction failed: BR_TRANSACTION_COMPLETE my_pid:94
[   52.712909][ T1869] rust_binder: BC_CLEAR_FREEZE_NOTIFICATION invalid ref 1
[   52.733177][ T1869] rust_binder: Write failure EINVAL in pid:486
[   52.861613][ T1882] rust_binder: Write failure EFAULT in pid:489
[   52.889575][ T1886] input: syz1 as /devices/virtual/input/input27
[   53.292296][ T1898] rust_binder: Write failure EFAULT in pid:496
[   53.292576][ T1898] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   53.382501][ T1900] rust_binder: validate_parent_fixup: new_min_offset=56, sg_entry.length=0
[   53.397961][ T1900] rust_binder: Error while translating object.
[   53.406785][ T1900] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   53.413657][ T1900] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:498
[   53.437644][   T36] kauditd_printk_skb: 9 callbacks suppressed
[   53.437664][   T36] audit: type=1400 audit(1750406156.040:360): avc:  denied  { map } for  pid=1899 comm="syz.3.499" path="/dev/ttyS3" dev="devtmpfs" ino=28 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tty_device_t tclass=chr_file permissive=1
[   53.490615][ T1912] input: syz1 as /devices/virtual/input/input28
[   53.500921][   T36] audit: type=1400 audit(1750406156.100:361): avc:  denied  { append } for  pid=1910 comm="syz.3.503" name="ashmem" dev="devtmpfs" ino=201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   53.543732][   T36] audit: type=1400 audit(1750406156.110:362): avc:  denied  { read } for  pid=94 comm="acpid" name="event4" dev="devtmpfs" ino=460 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   53.568312][   T36] audit: type=1400 audit(1750406156.110:363): avc:  denied  { open } for  pid=94 comm="acpid" path="/dev/input/event4" dev="devtmpfs" ino=460 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   53.591847][   T36] audit: type=1400 audit(1750406156.110:364): avc:  denied  { ioctl } for  pid=94 comm="acpid" path="/dev/input/event4" dev="devtmpfs" ino=460 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   53.617041][ T1919] rust_binder: BC_REQUEST_FREEZE_NOTIFICATION invalid ref 3
[   53.624610][ T1919] rust_binder: Write failure EINVAL in pid:508
[   53.850540][ T1926] rust_binder: Failed to allocate buffer. len:144, is_oneway:false
[   53.887695][ T1925] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOMEM }
[   53.900868][ T1925] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOMEM } my_pid:512
[   53.938996][ T1930] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:538
[   53.949985][ T1932] rust_binder: Failed to allocate buffer. len:65376, is_oneway:true
[   53.953368][ T1930] input: syz1 as /devices/virtual/input/input29
[   53.974054][ T1932] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOSPC }
[   53.974082][ T1932] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOSPC } my_pid:109
[   54.045797][ T1935] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[   54.266484][ T1945] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:520
[   54.286941][ T1947] binder: Unknown parameter 'nXI'
[   54.331830][ T1947] binder: Unknown parameter 'nXIv/ptmx'
[   54.344481][ T1949] rust_binder: Write failure EFAULT in pid:542
[   54.437663][ T1964] rust_binder: Write failure EFAULT in pid:527
[   54.486039][ T1969] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:532
[   54.498480][   T36] audit: type=1400 audit(1750406157.090:365): avc:  denied  { block_suspend } for  pid=1958 comm="syz.4.519" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   54.555414][   T36] audit: type=1400 audit(1750406157.160:366): avc:  denied  { append } for  pid=1975 comm="syz.1.522" name="hwrng" dev="devtmpfs" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1
[   54.585581][ T1978] input: syz1 as /devices/virtual/input/input31
[   54.598612][   T36] audit: type=1400 audit(1750406157.160:367): avc:  denied  { map } for  pid=1975 comm="syz.1.522" path="/dev/hwrng" dev="devtmpfs" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1
[   54.632948][ T1976] input: syz0 as /devices/virtual/input/input30
[   54.655238][ T1978] rust_binder: Failed to allocate buffer. len:112, is_oneway:false
[   54.655957][ T1980] input: syz1 as /devices/virtual/input/input32
[   54.872156][   T36] audit: type=1400 audit(1750406157.480:368): avc:  denied  { map } for  pid=1993 comm="syz.1.528" path="/dev/zero" dev="devtmpfs" ino=5 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:zero_device_t tclass=chr_file permissive=1
[   55.121900][ T2000] random: crng reseeded on system resumption
[   55.182811][ T2002] rust_binder: Failed to allocate buffer. len:4120, is_oneway:false
[   55.211459][  T589] hid-generic 009C:0008:0003.0005: unknown main item tag 0x0
[   55.238458][  T589] hid-generic 009C:0008:0003.0005: unknown main item tag 0x0
[   55.248672][  T589] hid-generic 009C:0008:0003.0005: unknown main item tag 0x0
[   55.256094][  T589] hid-generic 009C:0008:0003.0005: unknown main item tag 0x0
[   55.280170][  T589] hid-generic 009C:0008:0003.0005: unknown main item tag 0x0
[   55.280197][ T2010] binder: Unknown parameter 'fscontext?}'
[   55.287606][  T589] hid-generic 009C:0008:0003.0005: unknown main item tag 0x0
[   55.287633][  T589] hid-generic 009C:0008:0003.0005: unknown main item tag 0x0
[   55.287656][  T589] hid-generic 009C:0008:0003.0005: unknown main item tag 0x0
[   55.287679][  T589] hid-generic 009C:0008:0003.0005: unknown main item tag 0x0
[   55.287703][  T589] hid-generic 009C:0008:0003.0005: unknown main item tag 0x0
[   55.287726][  T589] hid-generic 009C:0008:0003.0005: unknown main item tag 0x0
[   55.287750][  T589] hid-generic 009C:0008:0003.0005: unknown main item tag 0x0
[   55.287774][  T589] hid-generic 009C:0008:0003.0005: unknown main item tag 0x0
[   55.287798][  T589] hid-generic 009C:0008:0003.0005: unknown main item tag 0x0
[   55.354224][ T2012] binder: Unknown parameter 'defcontextb0'
[   55.361514][  T589] hid-generic 009C:0008:0003.0005: unknown main item tag 0x0
[   55.378985][  T589] hid-generic 009C:0008:0003.0005: hidraw0: <UNKNOWN> HID v0.05 Device [syz1] on syz0
[   55.452841][ T2015] fido_id[2015]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[   55.566285][   T36] audit: type=1400 audit(1750406158.170:369): avc:  denied  { execute } for  pid=2025 comm="syz.1.538" path="/dev/hwrng" dev="devtmpfs" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1
[   55.806277][ T2037] serio: Serial port ttynull
[   55.818363][ T2042] rust_binder: Error while translating object.
[   55.818450][ T2042] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   55.837122][ T2043] rust_binder: Error while translating object.
[   55.852985][ T2047] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:138
[   55.859288][ T2042] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:577
[   55.868531][ T2046] rust_binder: Failed to allocate buffer. len:128, is_oneway:false
[   55.868894][ T2043] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   55.896040][ T2043] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:577
[   56.031287][ T2062] can0: slcan on ptm1.
[   56.206576][ T2081] rust_binder: Error in use_page_slow: ESRCH
[   56.206621][ T2081] rust_binder: use_range failure ESRCH
[   56.213308][ T2081] rust_binder: Failed to allocate buffer. len:4096, is_oneway:false
[   56.219010][ T2081] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ESRCH }
[   56.227092][ T2081] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ESRCH } my_pid:586
[   56.280679][ T2059] can0 (unregistered): slcan off ptm1.
[   56.346117][ T2092] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[   56.346141][ T2092] rust_binder: Read failure Err(EFAULT) in pid:590
[   56.368231][ T2101] rust_binder: Write failure EINVAL in pid:152
[   56.378514][   T46] Bluetooth: hci0: Frame reassembly failed (-84)
[   56.379390][ T2101] rust_binder: Read failure Err(EAGAIN) in pid:152
[   56.496491][ T2116] SELinux: syz.4.557 (2116) set checkreqprot to 1. This is no longer supported.
[   56.771582][ T2124] rust_binder: BC_REQUEST_FREEZE_NOTIFICATION invalid ref 1
[   56.779114][ T2124] rust_binder: Write failure EINVAL in pid:601
[   56.779540][ T2124] rust_binder: BC_REQUEST_FREEZE_NOTIFICATION invalid ref 1
[   56.793151][ T2124] rust_binder: Write failure EINVAL in pid:601
[   57.268238][ T2146] binder: Bad value for 'max'
[   57.371462][ T2152] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   57.371491][ T2152] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   57.378165][ T2152] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   57.384881][ T2152] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   57.396385][ T2152] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   57.413036][ T2152] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   57.427553][ T2153] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   57.434260][ T2152] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   57.441255][ T2152] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   57.455897][ T2156] rust_binder: Write failure EINVAL in pid:158
[   57.462441][ T2152] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   57.469073][ T2152] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   57.476300][ T2152] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   57.482787][ T2152] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   57.489279][ T2152] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   57.495729][ T2152] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   57.502278][ T2152] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   57.508739][ T2152] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   57.515217][ T2152] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   57.528524][ T2152] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   57.534993][ T2152] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   57.544385][ T2152] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   57.551192][ T2152] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   57.559833][ T2152] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   57.567056][ T2152] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   57.573615][ T2152] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   57.580171][ T2152] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   57.586724][ T2152] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   57.593247][ T2152] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   57.599807][ T2152] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   57.606320][ T2152] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   57.619091][ T2152] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   57.625847][ T2152] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   57.635243][ T2152] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   57.641858][ T2152] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   57.648362][ T2152] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   57.654940][ T2152] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   57.661459][ T2152] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   57.670784][ T2152] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   57.677295][ T2152] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   57.683813][ T2152] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   57.690623][ T2152] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   57.697436][ T2152] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   57.713252][ T2152] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   57.719814][ T2152] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   57.726260][ T2152] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   57.733926][ T2152] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   57.740414][ T2152] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   57.746909][ T2152] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   57.753432][ T2152] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   57.759930][ T2152] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   57.766375][ T2152] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   57.773697][ T2152] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   57.780190][ T2152] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   57.786668][ T2152] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   57.793704][ T2152] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   57.800968][ T2152] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   57.808318][ T2152] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   57.815042][ T2152] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   57.821665][ T2152] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   57.828153][ T2152] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   57.834846][ T2152] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   57.853514][ T2152] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   57.860359][ T2152] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   57.867053][ T2152] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   57.873754][ T2152] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   57.880581][ T2164] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:636
[   57.896519][ T2164] rust_binder: Write failure EFAULT in pid:636
[   57.987500][ T2173] binder: Bad value for 'max'
[   58.052561][ T2180] rust_binder: Write failure EINVAL in pid:169
[   58.258181][ T2186] kvm: user requested TSC rate below hardware speed
[   58.358089][ T2190] rust_binder: Error while translating object.
[   58.358141][ T2190] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EPERM }
[   58.364634][ T2190] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EPERM } my_pid:647
[   58.408487][   T53] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   58.423732][  T977] Bluetooth: hci0: command 0x1003 tx timeout
[   58.428561][ T2194] rust_binder: Write failure EFAULT in pid:651
[   58.429952][  T304] Bluetooth: hci1: Frame reassembly failed (-84)
[   58.538715][ T2202] random: crng reseeded on system resumption
[   58.743230][   T36] kauditd_printk_skb: 21 callbacks suppressed
[   58.743250][   T36] audit: type=1400 audit(1750406161.350:391): avc:  denied  { map } for  pid=2213 comm="syz.3.589" path="/dev/kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[   58.789398][   T36] audit: type=1400 audit(1750406161.390:392): avc:  denied  { execute } for  pid=2213 comm="syz.3.589" path="/dev/kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[   58.877649][ T2216] rust_binder: Failed to allocate buffer. len:8, is_oneway:true
[   58.877685][ T2216] rust_binder: Failure in copy_transaction_data: BR_DEAD_REPLY
[   58.885632][ T2216] rust_binder: Failure BR_DEAD_REPLY during reply - delivering BR_FAILED_REPLY to sender.
[   59.109904][ T2226] input: syz0 as /devices/virtual/input/input34
[   59.127831][ T2226] binder: Unknown parameter '��후C��Y��B*ٹr\�E�q�Q�sʒ�?Aջ_•�~n�VB��*xq�z��nN�^j�9�u[��ao��ow�p��'
[   59.221892][ T2230] SELinux: security_context_str_to_sid () failed with errno=-22
[   59.921892][ T2243] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[   59.931628][ T2244] rust_binder: Error while translating object.
[   59.931663][ T2244] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   59.937854][ T2244] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:189
[   59.947627][ T2243] SELinux: failed to load policy
[   60.083575][ T2253] serio: Serial port ttynull
[   60.134490][ T2256] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:603
[   60.148662][ T2257] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:195
[   60.157864][ T2257] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[   60.178436][ T2257] rust_binder: Read failure Err(EFAULT) in pid:195
[   60.225530][ T2265] input: syz1 as /devices/virtual/input/input35
[   60.449994][ T2276] binder: Unknown parameter 'non00000000000000000000000'
[   60.488425][ T2196] Bluetooth: hci1: command 0x1003 tx timeout
[   60.488434][  T978] Bluetooth: hci1: Opcode 0x1003 failed: -110
[   60.515355][ T2278] rust_binder: Write failure EINVAL in pid:619
[   60.541391][ T2280] rust_binder: BC_FREEZE_NOTIFICATION_DONE 0000000000000000 not found
[   60.568550][ T2280] rust_binder: Write failure EINVAL in pid:621
[   60.581542][ T2288] SELinux: security_context_str_to_sid (syte) failed with errno=-22
[   60.809744][ T2306] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:207
[   60.955520][  T589] hid (null): report_id 4186114223 is invalid
[   60.972337][  T589] hid (null): unknown global tag 0xe
[   60.977663][  T589] hid (null): unknown global tag 0x14
[   60.983127][  T589] hid (null): unknown global tag 0xe
[   60.988511][  T589] hid (null): invalid report_count -890263096
[   60.997111][  T589] hid-generic 0007:0040:0000.0006: unknown main item tag 0x4
[   61.014396][  T589] hid-generic 0007:0040:0000.0006: unknown main item tag 0x1
[   61.031079][ T2327] rust_binder: Read failure Err(EAGAIN) in pid:213
[   61.039446][  T589] hid-generic 0007:0040:0000.0006: unexpected long global item
[   61.056094][  T589] hid-generic 0007:0040:0000.0006: probe with driver hid-generic failed with error -22
[   61.533076][ T2347] rust_binder: Write failure EFAULT in pid:217
[   61.878542][   T36] audit: type=1326 audit(1750406164.480:393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2363 comm="syz.4.635" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd791f8e929 code=0x0
[   62.402242][ T2388] binder: Unknown parameter ''
[   62.722547][  T589] hid-generic 0000:0000:0000.0007: item fetching failed at offset 0/1
[   62.741021][  T589] hid-generic 0000:0000:0000.0007: probe with driver hid-generic failed with error -22
[   62.951810][ T2409] SELinux: security_context_str_to_sid () failed with errno=-22
[   63.285972][  T304] bridge_slave_1: left allmulticast mode
[   63.291719][  T304] bridge_slave_1: left promiscuous mode
[   63.308501][  T304] bridge0: port 2(bridge_slave_1) entered disabled state
[   63.329878][  T304] bridge_slave_0: left allmulticast mode
[   63.335568][  T304] bridge_slave_0: left promiscuous mode
[   63.356650][  T304] bridge0: port 1(bridge_slave_0) entered disabled state
[   63.570202][ T2427] bridge0: port 1(bridge_slave_0) entered blocking state
[   63.577302][ T2427] bridge0: port 1(bridge_slave_0) entered disabled state
[   63.584524][ T2427] bridge_slave_0: entered allmulticast mode
[   63.594850][ T2427] bridge_slave_0: entered promiscuous mode
[   63.602770][ T2427] bridge0: port 2(bridge_slave_1) entered blocking state
[   63.609898][ T2427] bridge0: port 2(bridge_slave_1) entered disabled state
[   63.616983][ T2427] bridge_slave_1: entered allmulticast mode
[   63.623584][ T2427] bridge_slave_1: entered promiscuous mode
[   63.639702][  T304] veth1_macvtap: left promiscuous mode
[   63.645402][  T304] veth0_vlan: left promiscuous mode
[   63.656539][ T2445] rust_binder: Failed to allocate buffer. len:8, is_oneway:true
[   63.855313][ T2427] bridge0: port 2(bridge_slave_1) entered blocking state
[   63.870096][ T2427] bridge0: port 2(bridge_slave_1) entered forwarding state
[   63.877407][ T2427] bridge0: port 1(bridge_slave_0) entered blocking state
[   63.884496][ T2427] bridge0: port 1(bridge_slave_0) entered forwarding state
[   63.913561][   T46] bridge0: port 1(bridge_slave_0) entered disabled state
[   63.921360][   T46] bridge0: port 2(bridge_slave_1) entered disabled state
[   63.940492][   T46] bridge0: port 1(bridge_slave_0) entered blocking state
[   63.947581][   T46] bridge0: port 1(bridge_slave_0) entered forwarding state
[   63.955612][   T46] bridge0: port 2(bridge_slave_1) entered blocking state
[   63.962705][   T46] bridge0: port 2(bridge_slave_1) entered forwarding state
[   63.992382][ T2427] veth0_vlan: entered promiscuous mode
[   64.005682][ T2427] veth1_macvtap: entered promiscuous mode
[   64.205356][   T36] audit: type=1400 audit(1750406166.810:394): avc:  denied  { map } for  pid=2452 comm="syz.5.654" path="/dev/vhost-vsock" dev="devtmpfs" ino=200 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[   64.205565][ T2453] rust_binder: Write failure EINVAL in pid:2
[   64.383892][ T2469] input: syz1 as /devices/virtual/input/input36
[   64.419594][ T2467] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[   64.443360][ T2467] SELinux: security_context_str_to_sid (dev/kvm) failed with errno=-22
[   64.492964][ T2470] binder: Unknown parameter '��������0xffffffffffffffff'
[   64.612629][ T2478] rust_binder: Write failure EFAULT in pid:12
[   64.786502][ T2486] SELinux:  policydb version -845211227 does not match my version range 15-33
[   64.822885][ T2486] SELinux: failed to load policy
[   65.167982][ T2503] rust_binder: Failed to allocate buffer. len:4294966472, is_oneway:false
[   65.168028][ T2503] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOSPC }
[   65.189570][ T2503] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOSPC } my_pid:27
[   65.374260][ T2512] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   65.457621][ T2520] rust_binder: got new transaction with bad transaction stack
[   65.464323][ T2520] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:31
[   65.914610][ T2549] rust_binder: Write failure EINVAL in pid:280
[   66.117188][ T2554] kvm: user requested TSC rate below hardware speed
[   66.368937][ T2572] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[   66.368959][ T2572] rust_binder: Read failure Err(EFAULT) in pid:285
[   66.429580][ T2572] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[   66.438611][ T2572] rust_binder: Read failure Err(EFAULT) in pid:285
[   66.470477][ T2572] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[   66.497453][ T2572] rust_binder: Read failure Err(EFAULT) in pid:285
[   66.529235][ T2572] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[   66.563962][ T2572] rust_binder: Read failure Err(EFAULT) in pid:285
[   66.591121][ T2572] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[   66.599353][    T9] hid-generic 009C:0008:0003.0008: unknown main item tag 0x0
[   66.634857][ T2572] rust_binder: Read failure Err(EFAULT) in pid:285
[   66.634899][ T2572] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[   66.638499][    T9] hid-generic 009C:0008:0003.0008: unknown main item tag 0x0
[   66.655059][ T2572] rust_binder: Read failure Err(EFAULT) in pid:285
[   66.668435][ T2572] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[   66.675815][    T9] hid-generic 009C:0008:0003.0008: unknown main item tag 0x0
[   66.698519][ T2572] rust_binder: Read failure Err(EFAULT) in pid:285
[   66.698559][ T2572] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[   66.718432][    T9] hid-generic 009C:0008:0003.0008: unknown main item tag 0x0
[   66.734089][ T2572] rust_binder: Read failure Err(EFAULT) in pid:285
[   66.734129][ T2572] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[   66.748451][    T9] hid-generic 009C:0008:0003.0008: unknown main item tag 0x0
[   66.780451][ T2572] rust_binder: Read failure Err(EFAULT) in pid:285
[   66.780491][ T2572] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[   66.787110][ T2572] rust_binder: Read failure Err(EFAULT) in pid:285
[   66.793518][    T9] hid-generic 009C:0008:0003.0008: unknown main item tag 0x0
[   66.838438][    T9] hid-generic 009C:0008:0003.0008: unknown main item tag 0x0
[   66.845893][    T9] hid-generic 009C:0008:0003.0008: unknown main item tag 0x0
[   66.855936][ T2572] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[   66.855956][ T2572] rust_binder: Read failure Err(EFAULT) in pid:285
[   66.872091][    T9] hid-generic 009C:0008:0003.0008: unknown main item tag 0x0
[   66.897557][    T9] hid-generic 009C:0008:0003.0008: unknown main item tag 0x0
[   66.905077][    T9] hid-generic 009C:0008:0003.0008: unknown main item tag 0x0
[   66.912592][ T2572] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[   66.912612][ T2572] rust_binder: Read failure Err(EFAULT) in pid:285
[   66.914260][    T9] hid-generic 009C:0008:0003.0008: unknown main item tag 0x0
[   66.934642][    T9] hid-generic 009C:0008:0003.0008: unknown main item tag 0x0
[   66.942114][    T9] hid-generic 009C:0008:0003.0008: unknown main item tag 0x0
[   66.950206][    T9] hid-generic 009C:0008:0003.0008: unknown main item tag 0x0
[   66.959733][ T2572] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[   66.959751][ T2572] rust_binder: Read failure Err(EFAULT) in pid:285
[   66.975581][    T9] hid-generic 009C:0008:0003.0008: hidraw0: <UNKNOWN> HID v0.05 Device [syz1] on syz0
[   66.991767][ T2572] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[   66.991845][ T2572] rust_binder: Read failure Err(EFAULT) in pid:285
[   67.006940][ T2572] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[   67.014477][ T2572] rust_binder: Read failure Err(EFAULT) in pid:285
[   67.029828][ T2572] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[   67.062593][ T2602] fido_id[2602]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[   67.072187][ T2572] rust_binder: Read failure Err(EFAULT) in pid:285
[   67.114450][ T2604] binder: Unknown parameter 'coyBLV�"i5������ntext'
[   67.138455][ T2572] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[   67.138478][ T2572] rust_binder: Read failure Err(EFAULT) in pid:285
[   67.484689][   T36] audit: type=1326 audit(1750406170.090:395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2635 comm="syz.4.718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd791f8e929 code=0x7ffc0000
[   67.498669][ T2636] binder: Unknown parameter 'context'
[   67.514902][   T36] audit: type=1326 audit(1750406170.090:396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2635 comm="syz.4.718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd791f8e929 code=0x7ffc0000
[   67.575874][   T36] audit: type=1326 audit(1750406170.110:397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2635 comm="syz.4.718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7fd791f8e929 code=0x7ffc0000
[   67.615871][ T2644] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   67.615952][ T2644] rust_binder: Write failure EINVAL in pid:64
[   67.619061][ T2642] rust_binder: Write failure EINVAL in pid:296
[   67.623218][   T36] audit: type=1326 audit(1750406170.130:398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2635 comm="syz.4.718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd791f8e929 code=0x7ffc0000
[   67.663580][   T36] audit: type=1326 audit(1750406170.130:399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2635 comm="syz.4.718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd791f8e929 code=0x7ffc0000
[   67.919762][ T2666] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   67.933769][ T2675] rust_binder: Failed to allocate buffer. len:160, is_oneway:false
[   68.143647][ T2688] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   68.244285][ T2696] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3070988179 (3070988179 ns) > initial count (1876204212 ns). Using initial count to start timer.
[   68.318517][   T36] audit: type=1400 audit(1750406170.920:400): avc:  denied  { setattr } for  pid=2706 comm="syz.1.740" path="/dev/net/tun" dev="devtmpfs" ino=85 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tun_tap_device_t tclass=chr_file permissive=1
[   68.351389][ T2698] rust_binder: Write failure EINVAL in pid:94
[   68.351447][ T2699] rust_binder: Write failure EINVAL in pid:94
[   68.357979][ T2698] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOMEM }
[   68.364550][   T36] audit: type=1400 audit(1750406170.930:401): avc:  denied  { append } for  pid=2697 comm="syz.5.738" name="snapshot" dev="devtmpfs" ino=21 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[   68.397370][ T2698] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOMEM } my_pid:94
[   68.431886][ T2709] input: syz1 as /devices/virtual/input/input38
[   68.548753][ T2722] rust_binder: Write failure EFAULT in pid:104
[   68.557170][ T2725] rust_binder: Failed to allocate buffer. len:40, is_oneway:false
[   68.636905][ T2728] rust_binder: validate_parent_fixup: new_min_offset=56, sg_entry.length=0
[   68.645057][ T2728] rust_binder: Error while translating object.
[   68.653989][ T2728] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   68.666291][ T2728] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:106
[   68.685937][ T2730] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   68.810993][ T2747] input: syz0 as /devices/virtual/input/input39
[   68.820134][ T2749] rust_binder: Write failure EFAULT in pid:122
[   68.850208][ T2754] rust_binder: Error while translating object.
[   68.856442][ T2754] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   68.862786][ T2754] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:315
[   68.954230][ T2758] rust_binder: Write failure EINVAL in pid:127
[   69.102023][ T2768] rust_binder: BC_CLEAR_FREEZE_NOTIFICATION invalid ref 1
[   69.139221][ T2768] rust_binder: Write failure EINVAL in pid:319
[   69.294294][ T2779] rust_binder: Failed to allocate buffer. len:40, is_oneway:false
[   69.319219][ T2779] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:858
[   69.320627][ T2780] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:858
[   69.431445][ T2782] rust_binder: Failed to allocate buffer. len:4216, is_oneway:false
[   69.519740][ T2785] rust_binder: Write failure EINVAL in pid:324
[   69.914832][ T2802] rust_binder: Error while translating object.
[   69.923603][ T2802] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   69.929895][ T2802] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:338
[   70.098429][   T36] audit: type=1326 audit(1750406172.700:402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2812 comm="syz.5.773" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff24d38e929 code=0x0
[   70.153502][ T2821] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EFAULT }
[   70.153527][ T2821] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EFAULT } my_pid:343
[   70.284317][ T2828] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:345
[   70.299989][ T2832] rust_binder: Write failure EINVAL in pid:870
[   70.571841][   T12] Bluetooth: hci0: Frame reassembly failed (-90)
[   70.770281][   T36] audit: type=1326 audit(1750406173.380:403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2851 comm="syz.1.783" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f0cb1f8e929 code=0x0
[   71.087981][ T2856] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   71.088179][ T2856] rust_binder: BC_CLEAR_FREEZE_NOTIFICATION invalid ref 1
[   71.102743][ T2857] rust_binder: inc_ref_done called when no active inc_refs
[   71.102791][ T2856] rust_binder: Write failure EINVAL in pid:154
[   71.135563][ T2861] binder: Bad value for 'defcontext'
[   71.179930][ T2863] binder: Bad value for 'max'
[   71.814358][ T2878] SELinux: failed to load policy
[   71.821759][ T2878] rust_binder: Error while translating object.
[   71.821800][ T2878] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   71.828025][ T2878] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:886
[   71.871667][ T2883] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[   71.880903][ T2883] rust_binder: Read failure Err(EFAULT) in pid:168
[   71.919848][ T2887] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[   71.935487][ T2886] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[   72.191020][ T2898] input: syz0 as /devices/virtual/input/input40
[   72.305802][ T2904] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   72.307131][   T12] Bluetooth: hci1: Frame reassembly failed (-84)
[   72.648449][ T2195] Bluetooth: hci0: command 0x1003 tx timeout
[   72.654514][  T978] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   72.697078][ T2914] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:362
[   72.808853][ T2922] SELinux:  policydb magic number 0xf97cff26 does not match expected magic number 0xf97cff8c
[   72.830325][ T2922] SELinux: failed to load policy
[   72.867785][   T36] audit: type=1326 audit(1750406175.460:404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2923 comm="syz.1.806" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0cb1f8e929 code=0x0
[   73.271292][ T2940] __vm_enough_memory: pid: 2940, comm: syz.4.811, bytes: 281474976845824 not enough memory for the allocation
[   73.295866][ T2942] binder: Bad value for 'stats'
[   73.460913][ T2944] rust_binder: Failed to vm_insert_page(35184372744192): vma_addr:35184372744192 i:0 err:EBUSY
[   73.460946][ T2944] rust_binder: Error in use_page_slow: EBUSY
[   73.471604][ T2944] rust_binder: use_range failure EBUSY
[   73.477668][ T2944] rust_binder: Failed to allocate buffer. len:8, is_oneway:true
[   73.483470][ T2944] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBUSY }
[   73.491329][ T2944] rust_binder: Failure BR_FAILED_REPLY { source: EBUSY } during reply - delivering BR_FAILED_REPLY to sender.
[   73.500877][ T2944] rust_binder: Transaction failed: BR_TRANSACTION_COMPLETE my_pid:382
[   73.582757][ T2947] binder: Unknown parameter 'processor	: 0
[   73.582757][ T2947] vendor_id	: GenuineIntel
[   73.582757][ T2947] cpu family	: 6
[   73.582757][ T2947] model		: 79
[   73.582757][ T2947] model name	: Intel(R) Xeon(R) CPU @ 2.20GHz
[   73.582757][ T2947] stepping	: 0
[   73.582757][ T2947] microcode	: 0xffffffff
[   73.582757][ T2947] cpu MHz		: 2199.998
[   73.582757][ T2947] cache size	: 56320 KB
[   73.582757][ T2947] physical id	: 0
[   73.582757][ T2947] siblings	: 2
[   73.582757][ T2947] core id		: 0
[   73.582757][ T2947] cpu cores	: 1
[   73.582757][ T2947] apicid		: 0
[   73.582757][ T2947] initial apicid	: 0
[   73.582757][ T2947] fpu		: yes
[   73.582757][ T2947] fpu_exception	: yes
[   73.582757][ T2947] cpuid level	: 13
[   73.582757][ T2947] wp		: yes
[   73.582757][ T2947] flags		: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ss ht syscall nx pdpe1gb rdtscp lm constant_tsc rep_good nopl xtopology nonstop_tsc cpuid tsc_known_freq pni pclmulqdq vmx ssse3 fma cx16 sse4_1 sse4_2 x2apic movbe popcnt aes xsave avx f16c rdrand hypervisor lahf_lm abm 3dnowprefetch pti ssbd ibrs ibpb stibp tpr_shadow flexpriority ept vpid ept_ad fsgsbase tsc_adjust bmi1 hle avx2 smep bmi2 erms invpcid rtm rdseed adx smap xsaveopt arat vnmi md_clear arch_capabilities
[   73.582757][ T2947] vmx flags	: vnmi preemption_timer invvpid ept_x_only ept_ad flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest vapi
[   73.681266][ T2951] rust_binder: Failed to allocate buffer. len:8, is_oneway:true
[   73.818502][ T2951] rust_binder: Failure in copy_transaction_data: BR_DEAD_REPLY
[   73.837322][ T2951] rust_binder: Failure BR_DEAD_REPLY during reply - delivering BR_FAILED_REPLY to sender.
[   74.103821][   T36] audit: type=1400 audit(1750406176.710:405): avc:  denied  { write } for  pid=2960 comm="syz.1.819" name="urandom" dev="devtmpfs" ino=8 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:urandom_device_t tclass=chr_file permissive=1
[   74.137274][ T2961] binder: Unknown parameter 'subj_type'
[   74.218987][ T2969] binder: Unknown parameter 'oax~�����S੐�F��B��7-��b�V�W8�(��j��N�3��Y�\O��!j���0���g�I
����)Y\���1wqȂ��j���"C���Wfs�G���3܌
���5*�:�2  �񺐪͍���$0'
[   74.328570][ T2196] Bluetooth: hci1: Opcode 0x1003 failed: -110
[   74.357279][ T2974] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   74.357550][ T2974] rust_binder: BC_CLEAR_FREEZE_NOTIFICATION freeze notification not active
[   74.373086][ T2974] rust_binder: Write failure EINVAL in pid:184
[   74.393174][   T36] audit: type=1400 audit(1750406177.000:406): avc:  denied  { view } for  pid=2975 comm="syz.5.825" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[   74.516118][ T2984] rust_binder: Write failure EINVAL in pid:400
[   74.516152][ T2984] rust_binder: Write failure EINVAL in pid:400
[   74.656960][ T2990] rust_binder: Write failure EINVAL in pid:405
[   74.689104][ T2990] rust_binder: Failure when writing BR_NOOP at beginning of buffer.
[   74.695339][ T2990] rust_binder: Read failure Err(EFAULT) in pid:405
[   74.901253][ T2998] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   74.913917][ T3002] random: crng reseeded on system resumption
[   74.970900][ T3000] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:935
[   74.998543][ T3005] rust_binder: Error while translating object.
[   75.014934][ T3005] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EBADF }
[   75.034513][ T3005] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EBADF } my_pid:193
[   75.120394][ T3010] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   75.145247][ T3012] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:411
[   75.182894][ T3013] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   75.219062][ T3013] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   75.305176][ T3020] rust_binder: Got transaction with invalid offset.
[   75.324032][ T3020] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   75.346654][ T3020] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:415
[   75.459255][ T3025] SELinux: syz.5.841 (3025) set checkreqprot to 1. This is no longer supported.
[   75.607955][   T36] audit: type=1400 audit(1750406178.210:407): avc:  denied  { execute } for  pid=3032 comm="syz.4.844" path="/syzcgroup/unified/syz4/cgroup.procs" dev="cgroup2" ino=237 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=file permissive=1
[   75.785146][ T3041] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOMEM }
[   75.785194][ T3041] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOMEM } my_pid:212
[   76.074833][ T3007] syz.1.835: vmalloc error: size 4194304, failed to allocated page array size 8192, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=syz1,mems_allowed=0
[   76.134856][ T3007] CPU: 1 UID: 0 PID: 3007 Comm: syz.1.835 Not tainted 6.12.23-syzkaller-g6c1c18fcb8b7 #0 ba78288b1e32eb9f88d3f8d8da6b79a037cd8362
[   76.134889][ T3007] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   76.134908][ T3007] Call Trace:
[   76.134914][ T3007]  <TASK>
[   76.134921][ T3007]  __dump_stack+0x21/0x30
[   76.134947][ T3007]  dump_stack_lvl+0x10c/0x190
[   76.134969][ T3007]  ? __cfi_dump_stack_lvl+0x10/0x10
[   76.134990][ T3007]  ? _raw_spin_unlock_irqrestore+0x4a/0x70
[   76.135017][ T3007]  dump_stack+0x19/0x20
[   76.135037][ T3007]  warn_alloc+0x1bc/0x2a0
[   76.135054][ T3007]  ? x64_sys_call+0x271c/0x2ee0
[   76.135079][ T3007]  ? __cfi_warn_alloc+0x10/0x10
[   76.135097][ T3007]  ? __get_vm_area_node+0x1dc/0x3a0
[   76.135114][ T3007]  ? sel_write_load+0x226/0x5e0
[   76.135141][ T3007]  __vmalloc_node_range_noprof+0x68e/0x1420
[   76.135159][ T3007]  ? alloc_vmap_area+0x1da5/0x2500
[   76.135180][ T3007]  ? __cfi___vmalloc_node_range_noprof+0x10/0x10
[   76.135199][ T3007]  ? __get_vm_area_node+0x154/0x3a0
[   76.135216][ T3007]  ? sel_write_load+0x226/0x5e0
[   76.135243][ T3007]  ? __get_vm_area_node+0x1dc/0x3a0
[   76.135260][ T3007]  ? sel_write_load+0x226/0x5e0
[   76.135286][ T3007]  __vmalloc_node_range_noprof+0x5b4/0x1420
[   76.135304][ T3007]  ? sel_write_load+0x226/0x5e0
[   76.135340][ T3007]  ? __cfi___vmalloc_node_range_noprof+0x10/0x10
[   76.135359][ T3007]  ? __asan_memcpy+0x5a/0x80
[   76.135379][ T3007]  ? avc_has_perm_noaudit+0x286/0x360
[   76.135398][ T3007]  ? sel_write_load+0x226/0x5e0
[   76.135423][ T3007]  vmalloc_noprof+0xfd/0x1d0
[   76.135441][ T3007]  ? sel_write_load+0x226/0x5e0
[   76.135466][ T3007]  ? __cfi_avc_has_perm+0x10/0x10
[   76.135483][ T3007]  ? mutex_lock+0x92/0x1c0
[   76.135499][ T3007]  ? __cfi_vmalloc_noprof+0x10/0x10
[   76.135517][ T3007]  sel_write_load+0x226/0x5e0
[   76.135542][ T3007]  ? futex_wait+0x288/0x540
[   76.135559][ T3007]  ? __cfi_sel_write_load+0x10/0x10
[   76.135585][ T3007]  ? __cfi_futex_wait+0x10/0x10
[   76.135601][ T3007]  ? bpf_lsm_file_permission+0xd/0x20
[   76.135621][ T3007]  ? __cfi_sel_write_load+0x10/0x10
[   76.135647][ T3007]  vfs_write+0x3c0/0xe80
[   76.135668][ T3007]  ? __cfi_vfs_write+0x10/0x10
[   76.135688][ T3007]  ? __kasan_check_write+0x18/0x20
[   76.135706][ T3007]  ? mutex_lock+0x92/0x1c0
[   76.135721][ T3007]  ? __cfi_mutex_lock+0x10/0x10
[   76.135737][ T3007]  ? __fget_files+0x2c5/0x340
[   76.135762][ T3007]  ksys_write+0x141/0x250
[   76.135783][ T3007]  ? xfd_validate_state+0x68/0x150
[   76.135815][ T3007]  ? __cfi_ksys_write+0x10/0x10
[   76.135834][ T3007]  ? __kasan_check_write+0x18/0x20
[   76.135851][ T3007]  ? fpregs_restore_userregs+0x11d/0x260
[   76.135877][ T3007]  __x64_sys_write+0x7f/0x90
[   76.135897][ T3007]  x64_sys_call+0x271c/0x2ee0
[   76.135919][ T3007]  do_syscall_64+0x58/0xf0
[   76.135940][ T3007]  ? clear_bhb_loop+0x35/0x90
[   76.135964][ T3007]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[   76.135989][ T3007] RIP: 0033:0x7f0cb1f8e929
[   76.136008][ T3007] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   76.136023][ T3007] RSP: 002b:00007f0cb2d4e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   76.136043][ T3007] RAX: ffffffffffffffda RBX: 00007f0cb21b5fa0 RCX: 00007f0cb1f8e929
[   76.136056][ T3007] RDX: 00000000ffffff05 RSI: 00002000000003c0 RDI: 0000000000000005
[   76.136068][ T3007] RBP: 00007f0cb2010b39 R08: 0000000000000000 R09: 0000000000000000
[   76.136079][ T3007] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   76.136090][ T3007] R13: 0000000000000000 R14: 00007f0cb21b5fa0 R15: 00007ffc43845b78
[   76.136104][ T3007]  </TASK>
[   76.136113][ T3007] Mem-Info:
[   76.407754][ T3058] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:221
[   76.412745][ T3007] active_anon:5918 inactive_anon:0 isolated_anon:0
[   76.412745][ T3007]  active_file:21652 inactive_file:2224 isolated_file:0
[   76.412745][ T3007]  unevictable:20 dirty:48 writeback:0
[   76.412745][ T3007]  slab_reclaimable:5261 slab_unreclaimable:74212
[   76.412745][ T3007]  mapped:23911 shmem:174 pagetables:725
[   76.412745][ T3007]  sec_pagetables:0 bounce:0
[   76.412745][ T3007]  kernel_misc_reclaimable:0
[   76.412745][ T3007]  free:1462994 free_pcp:3792 free_cma:0
[   76.427135][ T3058] rust_binder: Write failure EINVAL in pid:221
[   76.441551][ T3007] Node 0 active_anon:23772kB inactive_anon:0kB active_file:86608kB inactive_file:8896kB unevictable:80kB isolated(anon):0kB isolated(file):0kB mapped:95644kB dirty:192kB writeback:0kB shmem:696kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:4380kB pagetables:2900kB sec_pagetables:0kB all_unreclaimable? no
[   76.587555][ T3007] DMA32 free:2960212kB boost:0kB min:19088kB low:23860kB high:28632kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:2966004kB mlocked:0kB bounce:0kB free_pcp:5792kB local_pcp:5728kB free_cma:0kB
[   76.617766][ T3007] lowmem_reserve[]: 0 3921 3921
[   76.622729][ T3007] Normal free:2891596kB boost:0kB min:25964kB low:32452kB high:38940kB reserved_highatomic:0KB free_highatomic:0KB active_anon:23772kB inactive_anon:0kB active_file:86608kB inactive_file:8896kB unevictable:80kB writepending:192kB present:5242880kB managed:4016120kB mlocked:80kB bounce:0kB free_pcp:8912kB local_pcp:8848kB free_cma:0kB
[   76.654130][ T3007] lowmem_reserve[]: 0 0 0
[   76.658644][ T3007] DMA32: 5*4kB (M) 2*8kB (M) 3*16kB (M) 4*32kB (M) 4*64kB (M) 3*128kB (M) 4*256kB (M) 4*512kB (M) 5*1024kB (UM) 5*2048kB (M) 718*4096kB (M) = 2960212kB
[   76.674727][ T3007] Normal: 276*4kB (UM) 785*8kB (UME) 736*16kB (UME) 571*32kB (UME) 379*64kB (UME) 120*128kB (UME) 82*256kB 
[   76.675026][ T3060] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOENT } my_pid:429
[   76.686909][ T3007] (UM) 50*512kB (UME) 27*1024kB (M) 9*2048kB (ME) 664*4096kB (UM) = 2889464kB
[   76.705827][ T3007] 24016 total pagecache pages
[   76.710952][ T3007] 0 pages in swap cache
[   76.715185][ T3007] Free swap  = 124996kB
[   76.719534][ T3007] Total swap = 124996kB
[   76.724346][ T3007] 2097051 pages RAM
[   76.728242][ T3007] 0 pages HighMem/MovableOnly
[   76.733507][ T3007] 351520 pages reserved
[   76.737685][ T3007] 0 pages cma reserved
[   76.744504][ T3007] Memory allocations:
[   76.748683][ T3007]          0 B        0 init/main.c:1370 func:do_initcalls
[   76.755922][ T3007]          0 B        0 init/do_mounts.c:186 func:mount_root_generic
[   76.766904][ T3007]          0 B        0 init/do_mounts.c:158 func:do_mount_root
[   76.774849][ T3007]          0 B        0 init/do_mounts.c:352 func:mount_nodev_root
[   76.782963][ T3007]          0 B        0 init/do_mounts_rd.c:241 func:rd_load_image
[   76.791125][ T3007]          0 B        0 init/do_mounts_rd.c:72 func:identify_ramdisk_image
[   76.799934][ T3007]          0 B        0 init/initramfs.c:507 func:unpack_to_rootfs
[   76.807892][ T3007]          0 B        0 init/initramfs.c:508 func:unpack_to_rootfs
[   76.816077][ T3007]          0 B        0 init/initramfs.c:509 func:unpack_to_rootfs
[   76.824203][ T3007]          0 B        0 init/initramfs.c:101 func:find_link
[   76.938069][ T3063] rust_binder: Failed to allocate buffer. len:4294966472, is_oneway:false
[   76.938097][ T3063] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: ENOSPC }
[   76.968625][ T3063] rust_binder: Transaction failed: BR_FAILED_REPLY { source: ENOSPC } my_pid:942
[   77.135328][ T3065] rust_binder: BINDER_SET_CONTEXT_MGR already set
[   77.313686][   T12] bridge_slave_1: left allmulticast mode
[   77.326924][   T12] bridge_slave_1: left promiscuous mode
[   77.333159][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[   77.344493][   T12] bridge_slave_0: left allmulticast mode
[   77.350522][   T12] bridge_slave_0: left promiscuous mode
[   77.356655][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[   77.531430][   T12] veth1_macvtap: left promiscuous mode
[   77.537114][   T12] veth0_vlan: left promiscuous mode
[   77.610931][ T3088] rust_binder: Write failure EINVAL in pid:434
[   77.654480][ T3072] bridge0: port 1(bridge_slave_0) entered blocking state
[   77.669623][ T3072] bridge0: port 1(bridge_slave_0) entered disabled state
[   77.691557][ T3072] bridge_slave_0: entered allmulticast mode
[   77.698128][ T3072] bridge_slave_0: entered promiscuous mode
[   77.705811][ T3072] bridge0: port 2(bridge_slave_1) entered blocking state
[   77.712946][ T3072] bridge0: port 2(bridge_slave_1) entered disabled state
[   77.720668][ T3072] bridge_slave_1: entered allmulticast mode
[   77.727218][ T3072] bridge_slave_1: entered promiscuous mode
[   77.837191][ T3072] bridge0: port 2(bridge_slave_1) entered blocking state
[   77.844332][ T3072] bridge0: port 2(bridge_slave_1) entered forwarding state
[   77.851691][ T3072] bridge0: port 1(bridge_slave_0) entered blocking state
[   77.858757][ T3072] bridge0: port 1(bridge_slave_0) entered forwarding state
[   77.894680][  T304] bridge0: port 1(bridge_slave_0) entered disabled state
[   77.920876][  T304] bridge0: port 2(bridge_slave_1) entered disabled state
[   77.935955][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[   77.943054][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[   77.958875][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[   77.966009][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[   78.001769][ T3072] veth0_vlan: entered promiscuous mode
[   78.016546][ T3072] veth1_macvtap: entered promiscuous mode
[   78.188419][ T3118] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:4
[   78.246746][ T3122] rust_kernel: panicked at drivers/android/binder/node.rs:877:13:
[   78.246746][ T3122] attempt to subtract with overflow
[   78.269501][ T3122] ------------[ cut here ]------------
[   78.275085][ T3122] kernel BUG at rust/helpers/bug.c:7!
[   78.281209][   T36] audit: type=1400 audit(1750406180.890:408): avc:  denied  { read } for  pid=91 comm="syslogd" name="log" dev="sda1" ino=2010 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[   78.282794][ T3122] Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI
[   78.309918][ T3122] CPU: 1 UID: 0 PID: 3122 Comm: syz.5.871 Not tainted 6.12.23-syzkaller-g6c1c18fcb8b7 #0 ba78288b1e32eb9f88d3f8d8da6b79a037cd8362
[   78.323346][ T3122] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   78.328970][   T36] audit: type=1400 audit(1750406180.890:409): avc:  denied  { search } for  pid=91 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   78.333432][ T3122] RIP: 0010:rust_helper_BUG+0x8/0x10
[   78.360007][ T3122] Code: cc cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 b8 c5 1a 4d 37 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 55 48 89 e5 <0f> 0b 66 0f 1f 44 00 00 b8 8f de 04 bb 90 90 90 90 90 90 90 90 90
[   78.378475][   T36] audit: type=1400 audit(1750406180.890:410): avc:  denied  { write } for  pid=91 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   78.379642][ T3122] RSP: 0018:ffffc9000c0c5a90 EFLAGS: 00010246
[   78.406919][ T3122] RAX: 0000000000000061 RBX: 1ffff92001818b54 RCX: 97eb9c7cb09b6500
[   78.414975][ T3122] RDX: ffffc90004e6f000 RSI: 0000000000003ade RDI: 0000000000003adf
[   78.422978][ T3122] RBP: ffffc9000c0c5a90 R08: ffffc9000c0c5787 R09: 1ffff92001818af0
[   78.430972][ T3122] R10: dffffc0000000000 R11: fffff52001818af1 R12: 0000000000000000
[   78.436154][   T36] audit: type=1400 audit(1750406180.890:411): avc:  denied  { add_name } for  pid=91 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   78.438974][ T3122] R13: dffffc0000000000 R14: ffffc9000c0c5ac0 R15: ffffc9000c0c5af0
[   78.438994][ T3122] FS:  00007ff24e2736c0(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[   78.439014][ T3122] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   78.439029][ T3122] CR2: 00007f34605f6f98 CR3: 000000014ccc8000 CR4: 00000000003526b0
[   78.439047][ T3122] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000800
[   78.490688][   T36] audit: type=1400 audit(1750406180.890:412): avc:  denied  { create } for  pid=91 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   78.491052][ T3122] DR3: 0000000100000001 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   78.502788][ T3120] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   78.519415][ T3122] Call Trace:
[   78.519429][ T3122]  <TASK>
[   78.519437][ T3122]  _RNvCscSpY9Juk0HT_7___rustc17rust_begin_unwind+0x15b/0x160
[   78.519474][ T3122]  ? __cfi__RNvCscSpY9Juk0HT_7___rustc17rust_begin_unwind+0x10/0x10
[   78.538675][   T36] audit: type=1400 audit(1750406180.890:413): avc:  denied  { append open } for  pid=91 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   78.540131][ T3122]  ? _RNvMs0_NtCshgDM7dBCdno_11rust_binder4nodeNtB5_4Node22update_refcount_locked+0x401/0x810
[   78.543110][   T36] audit: type=1400 audit(1750406180.890:414): avc:  denied  { getattr } for  pid=91 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   78.550550][ T3122]  ? __cfi__RNvXs1b_NtCs9jEwPDbx20M_4core3fmtRNtNtNtB8_5panic10panic_info9PanicInfoNtB6_7Display3fmtCs43vyB533jt3_6kernel+0x10/0x10
[   78.550593][ T3122]  ? __cfi__RNvMs0_NtCshgDM7dBCdno_11rust_binder4nodeNtB5_4Node22update_refcount_locked+0x10/0x10
[   78.575062][ T3120] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:7
[   78.581415][ T3122]  ? __kasan_check_write+0x18/0x20
[   78.581451][ T3122]  ? _raw_spin_lock+0x8c/0x120
[   78.581478][ T3122]  ? __cfi__raw_spin_lock+0x10/0x10
[   78.581506][ T3122]  _RNvNtCs9jEwPDbx20M_4core9panicking9panic_fmt+0x84/0x90
[   78.669549][ T3122]  ? __cfi__RNvNtCs9jEwPDbx20M_4core9panicking9panic_fmt+0x10/0x10
[   78.677498][ T3122]  _RNvNtNtCs9jEwPDbx20M_4core9panicking11panic_const24panic_const_sub_overflow+0xb2/0xc0
[   78.687430][ T3122]  ? __cfi__RNvNtNtCs9jEwPDbx20M_4core9panicking11panic_const24panic_const_sub_overflow+0x10/0x10
[   78.698056][ T3122]  _RNvMs3_NtCshgDM7dBCdno_11rust_binder7processNtB5_7Process10update_ref+0x17e5/0x1860
[   78.707822][ T3122]  ? __cfi__RNvMs3_NtCshgDM7dBCdno_11rust_binder7processNtB5_7Process10update_ref+0x10/0x10
[   78.717943][ T3122]  ? __kasan_check_write+0x18/0x20
[   78.723105][ T3122]  ? _raw_spin_lock+0x8c/0x120
[   78.727903][ T3122]  ? __cfi__raw_spin_lock+0x10/0x10
[   78.733156][ T3122]  ? __kasan_check_write+0x18/0x20
[   78.738322][ T3122]  _RNvMs2_NtCshgDM7dBCdno_11rust_binder6threadNtB5_6Thread10write_read+0x278d/0x9d20
[   78.747925][ T3122]  ? __cfi__RNvMs2_NtCshgDM7dBCdno_11rust_binder6threadNtB5_6Thread10write_read+0x10/0x10
[   78.757929][ T3122]  ? is_bpf_text_address+0x17b/0x1a0
[   78.763250][ T3122]  ? kernel_text_address+0xa9/0xe0
[   78.768411][ T3122]  ? unwind_get_return_address+0x51/0x90
[   78.774073][ T3122]  ? __cfi_stack_trace_consume_entry+0x10/0x10
[   78.780268][ T3122]  ? arch_stack_walk+0x10b/0x170
[   78.785252][ T3122]  ? stack_depot_save_flags+0x38/0x800
[   78.790755][ T3122]  ? kasan_save_alloc_info+0x40/0x50
[   78.796075][ T3122]  ? kasan_save_track+0x4f/0x80
[   78.800976][ T3122]  ? kasan_save_track+0x3e/0x80
[   78.805874][ T3122]  ? kasan_save_alloc_info+0x40/0x50
[   78.811204][ T3122]  ? __kasan_kmalloc+0x96/0xb0
[   78.816013][ T3122]  ? __kmalloc_node_track_caller_noprof+0x1ad/0x440
[   78.822636][ T3122]  ? krealloc_noprof+0x8d/0x130
[   78.827529][ T3122]  ? rust_helper_krealloc+0x33/0xd0
[   78.832769][ T3122]  ? _RNvMNtNtCs43vyB533jt3_6kernel5alloc9allocatorNtB2_11ReallocFunc4call+0xaf/0x100
[   78.842360][ T3122]  ? _RNvMs3_NtCshgDM7dBCdno_11rust_binder7processNtB5_7Process18get_current_thread+0x715/0x1440
[   78.852907][ T3122]  ? _RNvMs5_NtCshgDM7dBCdno_11rust_binder7processNtB5_7Process5ioctl+0x1a9/0x2c20
[   78.862226][ T3122]  ? _RNvCshgDM7dBCdno_11rust_binder26rust_binder_unlocked_ioctl+0xa0/0x100
[   78.870933][ T3122]  ? __se_sys_ioctl+0x132/0x1b0
[   78.875820][ T3122]  ? __x64_sys_ioctl+0x7f/0xa0
[   78.880629][ T3122]  ? do_syscall_64+0x58/0xf0
[   78.885257][ T3122]  ? entry_SYSCALL_64_after_hwframe+0x76/0x7e
[   78.891380][ T3122]  ? __kasan_kmalloc+0x96/0xb0
[   78.896187][ T3122]  ? kasan_save_alloc_info+0x40/0x50
[   78.901507][ T3122]  ? __kasan_kmalloc+0x96/0xb0
[   78.906306][ T3122]  ? __kmalloc_node_track_caller_noprof+0x1ad/0x440
[   78.912928][ T3122]  ? __kasan_check_write+0x18/0x20
[   78.918073][ T3122]  ? _raw_spin_lock+0x8c/0x120
[   78.922900][ T3122]  ? __cfi__raw_spin_lock+0x10/0x10
[   78.928145][ T3122]  ? __asan_memset+0x39/0x50
[   78.932771][ T3122]  ? _raw_spin_unlock+0x45/0x60
[   78.937663][ T3122]  ? rust_helper_spin_unlock+0x19/0x30
[   78.943161][ T3122]  ? _RNvMs3_NtCshgDM7dBCdno_11rust_binder7processNtB5_7Process18get_current_thread+0xdfc/0x1440
[   78.953724][ T3122]  ? __cfi__RNvMs3_NtCshgDM7dBCdno_11rust_binder7processNtB5_7Process18get_current_thread+0x10/0x10
[   78.964541][ T3122]  ? kvm_sched_clock_read+0x15/0x30
[   78.969784][ T3122]  ? sched_clock_noinstr+0xd/0x30
[   78.974838][ T3122]  ? sched_clock+0x44/0x60
[   78.979300][ T3122]  ? sched_clock_cpu+0x75/0x400
[   78.984186][ T3122]  ? sched_balance_newidle+0x845/0xe00
[   78.989703][ T3122]  ? __cfi___switch_to+0x10/0x10
[   78.994675][ T3122]  _RNvMs5_NtCshgDM7dBCdno_11rust_binder7processNtB5_7Process5ioctl+0x411/0x2c20
[   79.003817][ T3122]  ? finish_task_switch+0x1de/0x780
[   79.009052][ T3122]  ? __switch_to_asm+0x3d/0x70
[   79.013851][ T3122]  ? avc_has_extended_perms+0x7c7/0xdd0
[   79.019436][ T3122]  ? __asan_memcpy+0x5a/0x80
[   79.024062][ T3122]  ? avc_has_extended_perms+0x921/0xdd0
[   79.029638][ T3122]  ? __cfi__RNvMs5_NtCshgDM7dBCdno_11rust_binder7processNtB5_7Process5ioctl+0x10/0x10
[   79.039212][ T3122]  ? do_vfs_ioctl+0xeda/0x1e30
[   79.044014][ T3122]  ? __futex_queue+0x19a/0x340
[   79.048821][ T3122]  ? __ia32_compat_sys_ioctl+0x850/0x850
[   79.054494][ T3122]  ? __cfi___futex_queue+0x10/0x10
[   79.059650][ T3122]  ? futex_wait_setup+0x1bc/0x260
[   79.064712][ T3122]  ? __futex_wait+0x218/0x2a0
[   79.069417][ T3122]  ? ioctl_has_perm+0x384/0x4d0
[   79.074304][ T3122]  ? has_cap_mac_admin+0xd0/0xd0
[   79.079278][ T3122]  ? futex_wake+0x63a/0x900
[   79.083826][ T3122]  ? futex_setup_timer+0xb4/0xd0
[   79.088814][ T3122]  ? futex_wait+0x288/0x540
[   79.093395][ T3122]  ? __cfi_futex_wait+0x10/0x10
[   79.098283][ T3122]  ? selinux_file_ioctl+0x6e0/0x1360
[   79.103630][ T3122]  ? __cfi_selinux_file_ioctl+0x10/0x10
[   79.109236][ T3122]  ? do_futex+0x309/0x500
[   79.113606][ T3122]  ? __cfi_do_futex+0x10/0x10
[   79.118324][ T3122]  ? __fget_files+0x2c5/0x340
[   79.123039][ T3122]  _RNvCshgDM7dBCdno_11rust_binder26rust_binder_unlocked_ioctl+0xa0/0x100
[   79.131584][ T3122]  ? __se_sys_ioctl+0x114/0x1b0
[   79.136471][ T3122]  ? __cfi__RNvCshgDM7dBCdno_11rust_binder26rust_binder_unlocked_ioctl+0x10/0x10
[   79.145622][ T3122]  __se_sys_ioctl+0x132/0x1b0
[   79.150335][ T3122]  __x64_sys_ioctl+0x7f/0xa0
[   79.154956][ T3122]  x64_sys_call+0x1878/0x2ee0
[   79.159663][ T3122]  do_syscall_64+0x58/0xf0
[   79.164118][ T3122]  ? clear_bhb_loop+0x35/0x90
[   79.168838][ T3122]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[   79.174772][ T3122] RIP: 0033:0x7ff24d38e929
[   79.179218][ T3122] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   79.198850][ T3122] RSP: 002b:00007ff24e273038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   79.207295][ T3122] RAX: ffffffffffffffda RBX: 00007ff24d5b5fa0 RCX: 00007ff24d38e929
[   79.215296][ T3122] RDX: 00002000000003c0 RSI: 00000000c0306201 RDI: 0000000000000003
[   79.223388][ T3122] RBP: 00007ff24d410b39 R08: 0000000000000000 R09: 0000000000000000
[   79.231391][ T3122] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   79.239390][ T3122] R13: 0000000000000000 R14: 00007ff24d5b5fa0 R15: 00007fff7c36ee28
[   79.247395][ T3122]  </TASK>
[   79.250433][ T3122] Modules linked in:
[   79.256106][ T3122] ---[ end trace 0000000000000000 ]---
[   79.264166][ T3122] RIP: 0010:rust_helper_BUG+0x8/0x10
[   79.270086][ T3122] Code: cc cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 b8 c5 1a 4d 37 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 55 48 89 e5 <0f> 0b 66 0f 1f 44 00 00 b8 8f de 04 bb 90 90 90 90 90 90 90 90 90
[   79.289905][ T3122] RSP: 0018:ffffc9000c0c5a90 EFLAGS: 00010246
[   79.296086][ T3122] RAX: 0000000000000061 RBX: 1ffff92001818b54 RCX: 97eb9c7cb09b6500
[   79.306843][ T3122] RDX: ffffc90004e6f000 RSI: 0000000000003ade RDI: 0000000000003adf
[   79.314967][ T3122] RBP: ffffc9000c0c5a90 R08: ffffc9000c0c5787 R09: 1ffff92001818af0
[   79.323202][ T3122] R10: dffffc0000000000 R11: fffff52001818af1 R12: 0000000000000000
[   79.331260][ T3122] R13: dffffc0000000000 R14: ffffc9000c0c5ac0 R15: ffffc9000c0c5af0
[   79.339452][ T3122] FS:  00007ff24e2736c0(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[   79.351467][ T3122] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   79.358239][ T3122] CR2: 00007f34605f6f98 CR3: 000000014ccc8000 CR4: 00000000003526b0
[   79.366396][ T3122] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000800
[   79.374770][ T3122] DR3: 0000000100000001 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   79.382905][ T3122] Kernel panic - not syncing: Fatal exception
[   79.389338][ T3122] Kernel Offset: disabled
[   79.393660][ T3122] Rebooting in 86400 seconds..