Extracting prog: 2m54.995420891s
Minimizing prog: 1h12m28.240313172s
Simplifying prog options: 0s
Extracting C: 50.859224635s
Simplifying C: 18m38.787849645s


extracting reproducer from 24 programs
first checking the prog from the crash report
single: executing 1 programs separately with timeout 30s
testing program (duration=30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-openat$binderfs-ioctl$BINDER_SET_CONTEXT_MGR_EXT-openat$binderfs-ioctl$BINDER_WRITE_READ-dup3-openat$binderfs-mmap$binder-ioctl$BINDER_SET_CONTEXT_MGR_EXT-ioctl$BINDER_WRITE_READ-ioctl$BINDER_WRITE_READ-ioctl$KVM_CREATE_VM-ioctl$KVM_CREATE_VCPU-syz_kvm_setup_cpu$x86-open-ioctl$FS_IOC_SETFLAGS-fcntl$setstatus-ioctl$KVM_SET_NESTED_STATE-ioctl$XFS_IOC_FD_TO_HANDLE-syz_kvm_setup_cpu$x86-socket$packet-ioctl$KVM_RUN
detailed listing:
executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x8000, 0x0) (async, rerun: 64)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) (rerun: 64)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000240)={0x73622a85, 0x0, 0x8000000000002}) (async)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r3 = dup3(r2, r1, 0x0) (async)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r4, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000000c0)={0x8, 0x0, &(0x7f00000005c0)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x1058, 0x0, 0x0, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000280)={@flat=@binder={0x73622a85, 0x101, 0x1}, @ptr={0x70742a85, 0x80000, 0x0, 0x0, 0x1, 0x30}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0xfffffffffffffffd, 0x10000000000ca}}, &(0x7f0000000600)={0x0, 0x18, 0x40}}, 0x1000}], 0x0, 0x0, 0x0})
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000fd7000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
r7 = open(&(0x7f0000001440)='./file1\x00', 0x14d77e, 0xc2)
ioctl$FS_IOC_SETFLAGS(r7, 0x40086602, &(0x7f0000000400)=0x20)
fcntl$setstatus(r7, 0x4, 0x2000)
ioctl$KVM_SET_NESTED_STATE(r6, 0x4080aebf, &(0x7f0000003680)=@vmx={0x0, 0x0, 0x2080, {0xeeee8000, 0x0, {}, 0x0, 0x2}}) (async)
ioctl$XFS_IOC_FD_TO_HANDLE(r5, 0xc038586a, &(0x7f0000000240)={<r8=>r0, &(0x7f0000000000)='/dev/kvm\x00', 0x800, &(0x7f0000000100)={@_ha_fsid={[0x0, 0x9]}, {0x8, 0x5, 0x200, 0x4}}, 0x8001, &(0x7f0000000180)={@_ha_fsid}, &(0x7f00000001c0)=0x100})
syz_kvm_setup_cpu$x86(r8, r6, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000280)="2e0f219ec4e2659aa9fb93000066b8b1008ee866baf80cb8f88c0b8def66bafc0cec66b8e3008ec8f2dee3f20f013d3e000000c4c179707df8090f005d0766ba6100b80d000000ef", 0x48}], 0x1, 0x6c, 0x0, 0x0)
socket$packet(0x11, 0x3, 0x300) (async, rerun: 32)
ioctl$KVM_RUN(r6, 0xae80, 0x0) (rerun: 32)

program did not crash
single: failed to extract reproducer
bisect: bisecting 24 programs with base timeout 30s
testing program (duration=36s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): [26, 3, 9, 13, 30, 17, 4, 30, 9, 14, 5, 6, 22, 7, 17, 14, 30, 22, 9, 13, 12, 26, 23, 22]
detailed listing:
executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x60140, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_usb_connect(0x5, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000b510f210950b2a7773820102030109022400010000000009042200028953950009050a02ff0300fa000905820250"], 0x0)
syz_usb_control_io$rtl8150(r2, 0x0, 0x0)
syz_usb_control_io$printer(r2, 0x0, &(0x7f00000009c0)={0x34, &(0x7f0000000600)={0x40, 0xf, 0x6, "ae2964eb4fe2"}, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$sierra_net(r2, 0x0, &(0x7f0000000e80)={0x1c, &(0x7f0000000100)={0x0, 0x5, 0x2, "af0b"}, 0x0, 0x0})
syz_usb_control_io$uac1(r2, 0x0, &(0x7f0000000680)={0x44, &(0x7f0000000400)={0x0, 0x0, 0x2, "23c2"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$printer(r2, 0x0, 0x0)
syz_usb_control_io$printer(r2, 0x0, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mremap(&(0x7f00005ab000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000ffe000/0x1000)=nil)
mremap(&(0x7f000020e000/0x2000)=nil, 0x2000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil)
timer_create(0x6, 0x0, &(0x7f0000bbdffc))
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
syz_usb_control_io(r2, 0x0, 0x0)
r3 = syz_open_dev$usbmon(&(0x7f0000000080), 0x870f, 0x20002)
mmap$usbmon(&(0x7f000051e000/0x3000)=nil, 0x3000, 0x0, 0x4000010, r3, 0xa734)
syz_usb_control_io$uac3(r2, 0x0, 0x0)
syz_usb_control_io(r2, 0x0, 0x0)
syz_usb_control_io$printer(r2, 0x0, 0x0)
syz_usb_control_io$uac2(r2, 0x0, 0x0)
ioctl$KVM_SET_TSC_KHZ_vm(r1, 0xaea2, 0x2)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(r4, 0x4400ae8f, &(0x7f0000000440)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34cf2645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6424923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff0000f5620000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe656c9c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"})
executing program 0:
r0 = socket$inet6(0xa, 0x3, 0x7)
sendmmsg$inet6(r0, &(0x7f0000004580)=[{{&(0x7f0000000080)={0xa, 0x0, 0x0, @mcast2}, 0x1c, 0x0, 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB='$\x00\x00\x00\x00\x00\x00\x00)\x00\x00\x002'], 0x28}}], 0x1, 0x0)
mkdir(&(0x7f0000000000)='\x00', 0x40)
executing program 0:
syz_usb_connect$uac1(0x0, 0x8c, &(0x7f0000000540)=ANY=[@ANYBLOB="12011003000000103512148240000102030109027a00030103802f0904000000010100000a2401bb000a0002010209040100000002000009040197eb010200000a24020202005cb8f9010324010202021009240201060801043609050109ff"], &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x2, [{0x4, &(0x7f0000000000)=@lang_id={0x4, 0x3, 0x812}}, {0x37, &(0x7f0000000080)=@string={0x37, 0x3, "7fb9fbc7858737fa316bae2628a171b2cbd20e9352265e63cf1ae1c120031b449661d5ff0bb3dc28ca013bca318a84424032b410c7"}}]})
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10) (async)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) (async)
clock_gettime(0x0, &(0x7f0000003500))
recvmmsg(r0, &(0x7f0000003400)=[{{&(0x7f0000000000)=@l2, 0x80, &(0x7f0000001940)=[{&(0x7f0000000640)=""/4096, 0x1000}], 0x1}, 0x10}, {{0x0, 0x0, &(0x7f0000001b00)=[{&(0x7f0000001a40)=""/71, 0x47}, {0x0}], 0x2}, 0x4f7}], 0x2, 0x40000000, 0x0) (async)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0x7, 0x4) (async)
sendto$inet(r0, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0)
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
executing program 3:
r0 = syz_open_dev$ttys(0xc, 0x2, 0x0)
mmap(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x2000009, 0x1010, r0, 0x61886000) (async)
mmap(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x2000009, 0x1010, r0, 0x61886000)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
mmap(&(0x7f0000ffa000/0x2000)=nil, 0x2000, 0x2, 0x10, r0, 0x91d0a000)
r2 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$TCPDIAG_GETSOCK(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="540000001200010000000000000000000a00000000004e22fcffffff000000007ecd00000000000000000000000000000000ffff"], 0x54}}, 0x20000080)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
ioctl$TUNATTACHFILTER(r1, 0x401054d5, &(0x7f0000000040)={0x5, &(0x7f0000000000)=[{0x25, 0x0, 0x3, 0x1800000}, {}, {0x27}, {0xb1, 0x0, 0x0, 0x1ff}, {0x6}]})
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x10) (async)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x10)
ioctl$KVM_ASSIGN_SET_MSIX_ENTRY(r3, 0x4010ae74, &(0x7f00000000c0)={0x5, 0xbd, 0xfff1}) (async)
ioctl$KVM_ASSIGN_SET_MSIX_ENTRY(r3, 0x4010ae74, &(0x7f00000000c0)={0x5, 0xbd, 0xfff1})
executing program 3:
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)=""/240, &(0x7f0000000140)=""/235, &(0x7f0000000240)=""/154, 0x106000})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f00000005c0)={0x4, 0x0, [{0x9000, 0x64, &(0x7f0000000340)=""/100}, {0xffffffff, 0x6f, &(0x7f00000003c0)=""/111}, {0xe000, 0x7e, &(0x7f0000000440)=""/126}, {0x200000, 0xcd, &(0x7f00000004c0)=""/205}]})
getgroups(0x3, &(0x7f0000000700)=[0x0, 0xffffffffffffffff, <r1=>0xee01])
mount$9p_fd(0x0, &(0x7f0000000680)='./file0\x00', &(0x7f00000006c0), 0x1826042, &(0x7f0000000740)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@dfltgid={'dfltgid', 0x3d, r1}}, {@directio}, {@access_any}, {@nodevmap}], [{@defcontext={'defcontext', 0x3d, 'sysadm_u'}}, {@rootcontext={'rootcontext', 0x3d, 'user_u'}}, {@subj_user}, {@defcontext={'defcontext', 0x3d, 'sysadm_u'}}, {@permit_directio}, {@rootcontext={'rootcontext', 0x3d, 'unconfined_u'}}, {@smackfsroot}]}})
capset(&(0x7f0000000840)={0x20071026}, &(0x7f0000000880)={0x7, 0x3, 0xdf8, 0x1ff, 0x0, 0xb4c})
r2 = socket$can_bcm(0x1d, 0x2, 0x2)
fcntl$setsig(r2, 0xa, 0x24)
r3 = timerfd_create(0x4491fb66b99771d1, 0x80800)
ioctl$TFD_IOC_SET_TICKS(r3, 0x40085400, &(0x7f00000008c0)=0xfd5e)
r4 = syz_open_pts(0xffffffffffffffff, 0x420000)
ioctl$PIO_FONT(r4, 0x4b61, &(0x7f0000000900)="003eec5fa8559740a74790c28fe530fdfa099db457bc1a951505ffc1c39eeb2bbb1db8d52c69638706dcdf28f6689e37523b2dc085")
ioctl$BTRFS_IOC_SNAP_CREATE(0xffffffffffffffff, 0x50009401, &(0x7f0000000940)={{r4}, "0c5dd3dfeccc3a55c7a4f9d834c079a5caabbabd91a7e240cf14bda42761be5124eed359c0911ac6b450f02879412aeff3a74f166f86cd96f29c266718a8961f828a1c0a81c6dd9c8f0be70c1cf9c3da4f581ca3b825addb7f720c9913e0a371c2bbc4c90aa1e29c757c22969709c3e870e69820af7cccfc20ec7371585abf11ff544e2ebd0d5708a1e2e92c7257e1787f6edac504bf0128c19ebefbb98847cd62a83863240484925838b35806467c5465d377c6d265176b2a3c89501471d4a9923f8a21602d963fc917dcb06e61be37e07bba599d8ffa31fd3b4f1cc108effb4a692da2b942aca1dbe60e7c4b467dd1db061cd18a72d0587a3ae2fcce99787286936b8174846022ca8f71940b5a96e175578ad13ff954a9527c8107e06a3ece7ca51318b75fda4cc6c838d884c4f052c9875072f445641ff8890afbb09d7b81534a0c056ee94bfbad9af4ba5766cb709082a4d688fba85deee7e219e4e08738de51891349341348f7cc97e63d3078ea1df74ad4e96d579d812faba0cf4033c9f73dcbd5a6601b61b33a8040d7af5d5a057804cdc623aadf8eb50c85d4b298d6d02c8d3c78c2732db88d14b7d460dd7e506746b674a34149a070122cd52c460de1271febfe58174b62a7cd683d4ee397a7eb6a335dc7c717e954e0bd197abc0dbbd80d38422e4d142f0e50dc562fde2c1bccade22c123f5e1834d39a5ddcc06f54118ecf969cff20178371650d7c11e617b4bcd09a3073d3741b4da6944a46f689caefca79868a163838ad7e01ea08f32538bfa92dbc5e9c1064b36494a27cc57e32ebd878d0258d166128424eecca3b06d19b019352fb32be6a4dcef32677d7ce646291a2c2517001e7c016d95d8551e4990e1bbb2b75e25cb471be48fc829cd8f1500a6603330ced715724e1fa2f267047533a5b73f60efddaa199e86dcfe0e422838594a3bf3aeb76c1287e978de72feccf4562269df3a0c526279878d2a03a14315157573fb6c5c306aa359914b6f37a47ce68ca543737d51926c2fd60e2ecf5192841b4cf68f9d2815315fbf23c7c969d11f743570eb2ed0a0a659dfc41d55430d2e6b1a49797cb8cdae0d9302642cbd76135ad08295ca0d486d6e226a326a1d51cfe306f3cea50ccbb075282277144248c5a73b8875187556f86f1e5525d53da79ebd95e3a821ee1ffab127358cc9b04754a4829a0c7f85df6dbc65e51ce72531085f474c5c12ffe59288907ec2f5835a18bf66ca4ed82efa080182b02f6f8b1c67a96783baa948df583394f4b2429634450cb232c95f76d08c25c7c83717c4dc124a76ea4a8f294f9ffb3de606289f80b813d00ae21cd8fa50905d06b39b8ff187a756e94bf37ab64571063ef9785e91abeaef4c0e67063d6ea68620cf4be4fee2f842c0872b816f0d62057665bf1c2e04beb935e1d05575506add1c36809d316d46b71109cc6a5df6a421c4ca81b0aa47528fa4508aaf7610627e7124d62b7d5ba4cf96bd12a0911d5ba7acd8e91d533e3c5485891cb0ee535c4603eff7e7c66bba787e796a264ab9e651d011e0a35078b2b38766e56b93edb6c81c7695b6b9a1249684123395d6b72ecad75058a43ee40f9c7e8e10fd592a46f8090b71f23ae28160da4dd9a00f18a890c503bb6a2de82d93288a05ef9229700ffcd7e0f01db157658398dbd39bbf58d9883550c7ee01420d92d0ef5c0871f768badc4c41b9aced2ad0296e2e369038f57b40547d3bb44f057ca4930f6f461daad3ce0e8904f1ef1bae2323e9545d01a8fd25347f9ab6126922ae21451fe5ea5003b88de7657840b267fd4df2ed6ed939501af384f353c715e11d5c3ee3e573ce25761d96c61fcb5dec0080e542dfb1adddb8c953020a00f843041ea50cc0e359d66c3a7b916e7b32d422b121e23e02801ddd49d9074aa12b53ad5a1acc9499ba6f2554edd1cb830c3cf42fb309a180c92c49340bda1481a73c4e2f8bf344d9990d417dba7411fb036b239adcadce52696f1d4dcab7d22e19e5f2c320a87e270db69a4162f8db8e113b5a7815da4340b58cb6982844c233f162032ebb3158253de67f5a81d03d489e59b5c0c4fe9112663bb06fa66a6913a779a84858264812e914dadb60d4d52bc2b025fd626792db026d165432de01b421e50d99f4657a24c9d004fa0091e53d0ca3a1c770d51b23d0563c580e9f89485ba484c638438dcbeffceb9af51caaaaa051e488127464fba2c7adc4af42a10f176c4316ce43f965d26d199db8360a5cc17f6e957db26ec669bf858868805027b114b48836824d0b2eb6ae6a8b364e01b2251007b80160b65e84f0e60f35344b375cb79395c36c1ff1edf264b1677ee418644efeb0a94eec7671e65ec0e8a076709c77d479300a14665967051426725a9c9350190dea8ec0071fa74d91dbab9f057810b60c03910b5d2c127d41d96958c8039598f5626022fc9e4f239965efd9c72c7ab319ff45891b71bda29a98ebd9edf543585770ded8d7fcd034f9590278445cc6158f9bd792c7ea4e0671f4357737cab0d135a3be43acff20dcd811e3e2dfdd830ddfe2dc83deaca28e01bb8ca4287502a30cd87c7337304168d6a95ba02754f4e3e758920fdf60c626d9a131ccbd3a802c6b1b55a252f7a199387e58637f7fa0a3b553acbeda123d6cedd0c1028fae52a775956b866b39ba236ddefd63e2df814efbad753edbc49287ac2ef0823747ed9ce6757519fdbaa74576bb7877272c72f3fb719ca8b2e2ac61e03f63e34aa34da9b6b7429a2233a3301c5ed79dae39fd6ad59274493f3c64851f6d6ea7cc0997c3bfad846a2796602e57665b10850623219c3a4bf9204e0bf997bb50e334eab75750e851aef838cf786a7cb6f5bfd0b873f0c597ec9f623e333dd4d713a39ec4ebefc2dc8d1f8e72665b342826d93ae97c128dc8fc2a1c59b2ad155a723c95ae580c710542cf9f0c48e87acf241dc0bd6ad944eb6598020bb24dbbc51e604d42674b7a23946ce5c508f4db5553a1bac47491d5301f7267f1a23b1dab650721371188d0777d15167a4c0c67191cb704749afaf3514b8346d4af300889adb5d76793c3509927f6899941da4d3e17ee7a5ebbe0efdb578707486f8b710849e685c1e0a66a37f658386b04e2305714f80f2b743c03b26140c0ae2e665a5099c2ce41a56c4658d2ce201273ca43a8960473ad3d972bbd86482a0b1195d64a7374d404d3caeb26c27b169cdce24821d18fbcbf30876b0cc8085f3dd3aedcc753890fe9c65e8f959efc36bfd00ed963ec9bc454c0ef80ce39b921fbc43fc49ce03a7ec3deee72b0c58a794ff3288cef119eb748b847420a10b47d31a6e1d444ad19612914eba82dc3626846f50b4024197b2652d1f3230ceb7ebafc46fd3a429d1e629c0a285018ed1ea334c9b41ef07b329a2f170455545619c7947c07891b3181c9b771637776887bc4afab588bb8a102babb4eec55506898cca062f30c19eb426ea6c9c736822e5f28a080edd3d487b9972987444329121895a558d5b342e6c35ab6a119a79a1dab0af41c0d63be4379441d3d52e175349750b7be92cad5efdde21093a31c45ab30ff7f71dd0e4d619ff7c800555783d9b517788d0c462b7c84cd6675e7c9f52f0bab8f4a22767a759d766abf68d2c8d4db60cbcf4d6d812fe63388147e73eaf5d01950532a9ad521f66d9050193a7bd1038672d7ae797023fc560ea99098f0f25973e59c13a8c9f48dc1d529ea7384bd35a0ab74c9e263c7b830124294cfb02c69f121578b25612bd7f7deae97e14c43097865e1df1e813d00d0e23b98099813e516108cf6c6ad39024f3480b65eed0e9a8776fd571daa18fe551206c90ff9cd5e5dd5a54e585fbba616e3489f0756048640dadb9e9938eba8f0b8a257cbc03e2882e1a1cffec009fb37f5b1946ae31d647faa24248711742ad0e7e09dec097bbe20a2920bc0d2b45a3c9e01737e63ccb2896efae2d54833f761e87e6a9d4dec12201c6acd636b237bb0419289aa3b45ffa9c9f5a483104d43ef2bc6f5b1a58704edd48612f60395a393612f303c0a331fdb2ae629750e59f60b415b4b3ffce6f7a063552fc05affe0bb9686049d60f94197478478eafc5304679823a9701280f3e570aa5e2ddf0f8c0d00f1d36309795e65c5611c18159b9aabd6cd2148b6d6cc496b8e7ece302fe45999297d922a5c8126bcf2513b73c69a2b541028e4124f76e17c823d7b37153f41270539d5fb78885aa4c2df90e57e2e42110b98b7f474b7cb1a9eea9f147b75d817bd07ac11d9f5cd0ee93aeb3051c3a2b969391af36ee2141af2bfdd38242ed62fc445fe54a2386e93959e15bc252300f6654805acc2e5531a5ccec76d01cb10e92cc183af6681b778f21e004a3e7e32515b3a13c7d640f3c5c76962d68991612c7ea87af63ce7ccac6750e8d5d187c427144b75e74b328f4cf7f466d6ae51ce0b96b2cf19a20e602d6fab4b3cdfcd47218e5009cc6c94d0d17a0af35099d96f26f0f67254ede1bfb4be17df5db53314118f75be58d982aeb8effbe14a1bf92b0bfff79d29ca6d3f210a07eef22c85f2f339c26e8483d066c2d09b2b3ff1886f553e83bd9147e022563674a142ef554193cbd4fa025569a9a22ff840bccd75fce0b8fce50afded1dace9ad7bdc255c5803afc69fc006f00649f5bfe8143290f8237fb816299df66901721059e6267930ece8d44fbba2f00e03d1edfdd1623c0649957c9e0a3303b03eb8e607a305f273c330e881c1d7e9636948f0ee1a457673f3f5c62d313c45fb17ea5e8ad6f15a7951ba6ab1e6a46d8a5ea83823ad301e15c59a92af42a9d4a17a2fdd4c9ace003a4c662400ab2bc22adaeac3066eb8901ee9ab288b4fcc066ed6860d1b30a478f5362ca29c0959dbc645d7b41b74f158944351bb8ff178a4bd94d2550a4b40173a86473fe484116ac09440da52eed2d81c78f7c73357d61b17fb3bbb977e346910930ebea64e852d60dcb46443a0defc5643673ede6350cb2f0abe481ddc47695cca01f1a3bbd747589c2bb7ddabb07ee5817131f0fc512dbd089b3133aebe6df5085c53da65a07f62fb4efd577f2567a04626cedfb843fda4d0e362d37bffa45d11d25d6112b1fe1e5f1947fa7318ee0a30daed0a6bc794e85ca424214fdde82fdd2d00c99c134060edd7b786af05d77a4d97a8bf542f02f12ffccde448d031048b0da03f6227fceefe48e73a4e65eee9570df9c3673ce34b1cf8fb1d34ecfae16a23cef05190bfdc364fe8e3a4c2059573ee97a8d8e116782d96b089fcfcb57fa88ed792cb23f7f1b589493ba89d0e12d139064996828188204f9c1732bc2a099ac901939feca6fc91f62f1c2147a39011997103942044e22ee493b1f8d3f30dd5c92597a7f5ff741f06af8229d562654cb1af2b6e19166862941aaa0a21a3621f53efb674ccc7e08da3b67135372dc3239c19f51255c2d5a96ff04036c4670b7c1b10c13511ed9fc4d9241fa0f1fc95060ec7686f0fcfab080c95142fcf70f1a9f77abd016bdddeee1c8c4863d0d60b9f95432a67828c51e30e219dad2836c46321d76452543d16d31deaaf4684e67a9a07abaa7275e83b97d4409a4040e9b22a4f9fbb9b50905c841de70552bb50eed73050f02ca78bd7b684cacfe50f4b575fde908e4d467b652065ca6dba0b128b1a4b2e1a3c9fd5722192c5e409b8c75a88f549b16568ad6c62f3460adfc2cb13a4c354416fa64b8d72af016fb0aa4cd9bcc4258a5d6fe68ab9d30008b35178366"})
ioctl$NILFS_IOCTL_GET_VINFO(r0, 0xc0186e86, &(0x7f0000001980)={&(0x7f0000001940), 0x0, 0x20, 0x6, 0xf1f})
r5 = signalfd4(r2, &(0x7f00000019c0)={[0x9]}, 0x8, 0x800)
getsockopt$inet_IP_XFRM_POLICY(r5, 0x0, 0x11, &(0x7f0000001a00)={{{@in, @in6=@loopback}}, {{@in6=@private0}, 0x0, @in6=@private2}}, &(0x7f0000001b00)=0xe8)
recvmsg(r2, &(0x7f0000004100)={0x0, 0x0, &(0x7f0000003f80)=[{&(0x7f0000001b40)=""/101, 0x65}, {&(0x7f0000001bc0)=""/108, 0x6c}, {&(0x7f0000001c40)=""/13, 0xd}, {&(0x7f0000001c80)=""/80, 0x50}, {&(0x7f0000001d00)=""/191, 0xbf}, {&(0x7f0000001dc0)=""/227, 0xe3}, {&(0x7f0000001ec0)=""/103, 0x67}, {&(0x7f0000001f40)=""/4096, 0x1000}, {&(0x7f0000002f40)=""/29, 0x1d}, {&(0x7f0000002f80)=""/4096, 0x1000}], 0xa, &(0x7f0000004040)=""/174, 0xae}, 0x2040)
recvmsg$can_raw(r5, &(0x7f0000004580)={&(0x7f0000004140)=@un=@abs, 0x80, &(0x7f0000004440)=[{&(0x7f00000041c0)=""/230, 0xe6}, {&(0x7f00000042c0)=""/67, 0x43}, {&(0x7f0000004340)=""/253, 0xfd}], 0x3, &(0x7f0000004480)=""/228, 0xe4}, 0x40012100)
ioctl$FS_IOC_GETVERSION(r4, 0x80087601, &(0x7f00000045c0))
setsockopt$inet_int(r5, 0x0, 0x0, &(0x7f0000004600)=0x63aceb4f, 0x4)
getsockopt$inet_int(r5, 0x0, 0x3d, &(0x7f0000004640), &(0x7f0000004680)=0x4)
pipe2(&(0x7f00000046c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x4000)
ioctl$sock_SIOCSIFVLAN_DEL_VLAN_CMD(r7, 0x8983, &(0x7f0000004700)={0x1, 'caif0\x00', {}, 0x8})
openat$zero(0xffffffffffffff9c, &(0x7f0000004740), 0x1041, 0x0)
ioctl$KVM_SET_CPUID2(r6, 0x4008ae90, &(0x7f0000004780)={0x1, 0x0, [{0x40000000, 0xc922, 0x0, 0xc6, 0x0, 0x4, 0x4}]})
syz_open_dev$loop(&(0x7f00000047c0), 0x8, 0x2040)
ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, &(0x7f0000004840)={0x5, &(0x7f0000004800)=[{0x5, 0xd, 0xff, 0xfca}, {0x48b0, 0x9a, 0x2, 0x934c}, {0xffff, 0x7, 0xe, 0x10000}, {0x4, 0xf9, 0x8}, {0xfff9, 0xe, 0x0, 0x305}]})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000004880)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
ioctl$TIOCL_UNBLANKSCREEN(r4, 0x541c, &(0x7f00000048c0))
fsetxattr$security_ima(r8, &(0x7f0000004900), &(0x7f0000004940)=@v1={0x2, "8f889ebd8170"}, 0x7, 0x1)
executing program 3:
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001b40)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCETHTOOL(r1, 0x89f0, &(0x7f0000000180)={'bridge0\x00', &(0x7f0000000100)=@ethtool_ringparam={0x10, 0x0, 0x20040001, 0x0, 0x2, 0x0, 0x0, 0xfffffffd}})
bind$netlink(r0, &(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000000041}, 0xc)
ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000040)=<r2=>0x0)
socket$inet6(0xa, 0x2, 0x7)
prlimit64(r2, 0x5, &(0x7f0000000080)={0x4, 0x8000000000000001}, &(0x7f00000000c0))
r3 = socket$netlink(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(0x0, r3)
r4 = socket$inet6(0xa, 0x3, 0x87)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000001080)={0x200000, 0x200000, 0x0, 0x0, 0x0, 0x4})
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r5, &(0x7f0000000040)={0x1f, 0xffff, 0x2}, 0x6)
setsockopt$inet6_IPV6_XFRM_POLICY(r4, 0x29, 0x23, &(0x7f0000000280)={{{@in6=@remote, @in=@local, 0x0, 0x0, 0x4e20, 0x0, 0x2}, {0x0, 0x4, 0x1, 0x0, 0x0, 0xb}, {0x1ff, 0xffffffffe, 0x4053e5, 0x20}, 0x6, 0x80001, 0x1, 0x0, 0x2, 0x1}, {{@in6=@empty, 0x4d4, 0x32}, 0x2, @in=@empty, 0x3502, 0x1, 0x0, 0x0, 0x44f4123b, 0xfffffffd}}, 0xe8)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}, 0x9df}, 0x1c)
sendmsg$inet6(r4, &(0x7f00000007c0)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000100)="3e8e7a9daba242e124a4d1a06741e7f19bf81314a0bcb40b2a1da96c54bd2e3e69149bee567adfa266d988ab8ec505bb8a51f232d52d9eef8e82d0bd8f89ad8ff4cb49d0eb2f4e4e034ec624718f05b39336b467e0b36bea0f07b5499166ffb96ccff6c01adec8ee2116d83511f23ab416e329aa004295b27b708c4e0aaeb42da70e9d17c51c8eec9e1788e7", 0x8c}, {&(0x7f0000000380)="5b0a95656921a51981d92f6960812d37f7e9981a98f5913fdd2e514be669eb846ae9cecdbae38a8e5e5fb65603f76257c7fef90c2987a78196b7bf8ab65e83725d6385a30395201053f1da2faa5998175c6ac7326bf58e1c5185d03ad868d4eff8473868019f84c504982278a1efd06b19010a8c645df5ab16fdb944aa5dfe946699ababec1fcd2a12218e5e6765c3fff9c202b1667a857a15d2253092927b0733795a33287136566f0df5ee1cc08640a43bb239584a3d50218077bb348393c7e498a18c3aa0ca6f7f29cc89764cbfb0adb3c1795dc53efb6c707a91c9cdea86b15b9a77726fed726841f198be77a42a6de97b26cd", 0xf5}, {&(0x7f0000000480)="c535cea6c60349f24409f6d970cb3b58c6e647e0837982657bbf988b0a93f87cc08e8d9949226da470f7c6c90912aabd7dfb3c6f7412981e846b51cd714c9b03be31c28469a8c7e2bbe45b3c31d19e75cb9b758d2397aeca6b02bcecc01f0dcdf9aab1faf63f5854703543a78591f9220bd4708ecf40237ca7358bfcd313c2bd59c868bf7f640b9e6a2dace14ce1f2eea091098b29d8b4e4622c064d1f3b71b42e46bb38afde215391014465dd71d6700e655dd442a8d747a5176babf12d444f99", 0xc1}, {&(0x7f0000000580)="b831db2e3b169dbcacd93ea1da5ae2a23a", 0x11}], 0x4, &(0x7f00000006c0)=ANY=[@ANYBLOB="280000000000000029000000390000007102aab75f020600000000000000000000000000000000000000001400000000000000290000000b0000008000200100000000380000000000000029000000360000009877b61305d48f29f00e456e57046ca42b030000000000000401ff0502d23f9076a7c910feeed7000000000000000000000000bb01030000000000140000000000000029000000430000d12b9200050f0000000000002000000000000000007300000000000000040108000114d80aa1ff80a2f13d3da725715c8c72b807e1fa1c34c25d33e9c8e74704d259ee47d54ed28dcd936890da49f9b74375"], 0xb0}, 0x4004004)
executing program 3:
r0 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000100), 0x2)
ioctl$UDMABUF_CREATE(r0, 0x40187542, &(0x7f00000002c0)={0xffffffffffffffff, 0x1, 0x1000000000000})
futex_waitv(&(0x7f0000001080)=[{0x3, &(0x7f0000001040)=0x80000000003, 0x82}], 0x1, 0x0, &(0x7f0000000000), 0x1)
syz_usb_connect(0x1, 0x2d, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000009980708b5192100c7980000000109021b00012000ac000904000001070000090905", @ANYRES16], 0x0)
executing program 1:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wpan4\x00', <r2=>0x0})
sendmsg$IEEE802154_LLSEC_ADD_DEV(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r1, 0x800, 0x70bd26, 0x25dfdbfc, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000011}, 0x4050)
r3 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000001c0), r0)
sendmsg$NLBL_UNLABEL_C_STATICLISTDEF(r0, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000280)={&(0x7f0000000200)={0x50, r3, 0x2, 0x70bd25, 0x25dfdbfe, {}, [@NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @mcast1}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'batadv_slave_0\x00'}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'rose0\x00'}]}, 0x50}, 0x1, 0x0, 0x0, 0x800}, 0x4004000)
sendmsg$IEEE802154_LLSEC_ADD_DEV(r0, &(0x7f0000000400)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x50000000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000340)={0x4c, r1, 0x8, 0x70bd25, 0x25dfdbfd, {}, [@IEEE802154_ATTR_LLSEC_DEV_KEY_MODE={0x5, 0x37, 0x2}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_PAN_ID={0x6}, @IEEE802154_ATTR_PAN_ID={0x6, 0x6, 0x3}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan3\x00'}]}, 0x4c}, 0x1, 0x0, 0x0, 0x80}, 0x0)
sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r0, &(0x7f0000000540)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000500)={&(0x7f0000000480)={0x68, r3, 0x800, 0x70bd25, 0x25dfdbfb, {}, [@NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @private=0xa010100}, @NLBL_UNLABEL_A_SECCTX={0x27, 0x7, 'system_u:object_r:passwd_exec_t:s0\x00'}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'wg2\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @rand_addr=0x64010102}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @local}]}, 0x68}, 0x1, 0x0, 0x0, 0x20008010}, 0x24045000)
r4 = syz_genetlink_get_family_id$nl802154(&(0x7f00000005c0), r0)
sendmsg$NL802154_CMD_SET_MAX_CSMA_BACKOFFS(r0, &(0x7f0000000680)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000640)={&(0x7f0000000600)={0x34, r4, 0x400, 0x70bd27, 0x25dfdbfe, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}, @NL802154_ATTR_MAX_CSMA_BACKOFFS={0x5}]}, 0x34}, 0x1, 0x0, 0x0, 0x4008050}, 0x4c082)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000700), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_WIPHY(r5, &(0x7f00000007c0)={&(0x7f00000006c0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000780)={&(0x7f0000000740)={0x1c, r6, 0x400, 0x70bd2d, 0x25dfdbfe, {{}, {@val={0x8, 0x1, 0x5b}, @void, @void}}, ["", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x54)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000840), r5)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000940)={'gre0\x00', &(0x7f0000000880)={'syztnl0\x00', <r8=>0x0, 0x7800, 0x7809, 0x3, 0x1, {{0x1c, 0x4, 0x3, 0x3, 0x70, 0x68, 0x0, 0x2, 0x4, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@rr={0x7, 0x27, 0x35, [@remote, @private=0xa010101, @remote, @rand_addr=0x64010100, @local, @loopback, @initdev={0xac, 0x1e, 0x1, 0x0}, @loopback, @multicast1]}, @cipso={0x86, 0x25, 0x1, [{0x0, 0x3, "e8"}, {0x5, 0x7, "9ffea1a9b3"}, {0x3, 0x5, "6cc91d"}, {0x7, 0x10, "797b7a051e76fc756bf6b30598f3"}]}, @generic={0x44, 0xd, "4ef39f3bdd98ceede0fa23"}]}}}}})
sendmsg$ETHTOOL_MSG_STRSET_GET(r5, &(0x7f0000000ac0)={&(0x7f0000000800)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000a80)={&(0x7f0000000980)={0xf8, r7, 0x100, 0x70bd27, 0x25dfdbff, {}, [@ETHTOOL_A_STRSET_HEADER={0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'dvmrp0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}]}, @ETHTOOL_A_STRSET_COUNTS_ONLY={0x4}, @ETHTOOL_A_STRSET_COUNTS_ONLY={0x4}, @ETHTOOL_A_STRSET_COUNTS_ONLY={0x4}, @ETHTOOL_A_STRSET_STRINGSETS={0xa4, 0x2, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x7}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x6}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x5}]}, {0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x4}]}, {0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x2}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x2}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x4}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x8}]}, {0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x2}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0xa8cce05b7618dca3}, @ETHTOOL_A_STRINGSET_ID={0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x2}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x5}]}]}]}, 0xf8}, 0x1, 0x0, 0x0, 0x40000}, 0x4040051)
vmsplice(r5, &(0x7f0000000d80)=[{&(0x7f0000000b00)="29fb5fe145517f9cc3fd6187b954f14719c10a1dbdea325bfa6c27938657864a974e4f3520365fea1d4cd4036f586c968d0e8a2eabc04451439f625ed04cb30ca069fa", 0x43}, {&(0x7f0000000b80)="d5369b890f5918d3fc490d7af0d568df3a66c6b5e1712e026a2297df122c418c2a706d36793c36bd6d4c0fd30f90018db51d6dd728d73aaf9d1a8ea276f6cc52440830145d924d1e0e66a76d05ecbac051e6df443fd4382671667f9a793fd2e9537a1133ea34f2bfbeb7eff519552d9d373cea5d55a412213090f2b559922eb1b1393f389ea1be96ab071e5c76d993515ee3ec5c846d56ba903c5cfda183b7a4d75d651901a877c7b7804e0ba3bca2488a6207a6f9db5951eee6e182f62693badd66a5e346b567838d4d6781e321ad4827d90b759c5f2962076b6b9390f51323d931cd3fa42e23e89c41b9b1bb", 0xed}, {&(0x7f0000000c80)="0025f238e5c37dead372b4040aff99a27449ea37de28f1531e332fcfb8ee0703cb6e04886a0a7cb75e48e4f376c39e9b41a7f02ed3c99169522b69d6255b7be3fd4dc23c1d5d650c72011b0b054bda644e85ffc221b25dfdfdeba16bdf5945d0af0c2b24d3a4c42e8820ff26aa1c660aa23f034928f5b1e1b0f7426d33e6d460b4a65ebd2427114186d8eb6b0d8175ae562cbfcd3c4706b71b0608cf70198d49204492fbdf844813bdd6555a6e2858553f3fd3fd809d817ee56a5a840faeee2b674c42012abe911f65a3af94cc78f5981b2c4d17026d74ab0114d9a1342dff42dde9", 0xe2}], 0x3, 0x0)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r9, &(0x7f0000000ec0)={&(0x7f0000000dc0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000e80)={&(0x7f0000000e00)={0x74, r7, 0x400, 0x70bd27, 0x25dfdbff, {}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6gretap0\x00'}]}, @HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond_slave_0\x00'}]}, @HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'nicvf0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}]}]}, 0x74}, 0x1, 0x0, 0x0, 0x4}, 0x24008004)
sendmsg$NL80211_CMD_SET_WOWLAN(r5, &(0x7f0000002800)={&(0x7f0000000f00)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000027c0)={&(0x7f0000000f40)={0x1874, r6, 0x200, 0x70bd2d, 0x25dfdbfc, {{}, {@void, @void, @val={0xc, 0x99, {0xcf66, 0x25}}}}, [@NL80211_ATTR_WOWLAN_TRIGGERS={0x10, 0x75, 0x0, 0x1, [@NL80211_WOWLAN_TRIG_MAGIC_PKT={0x4}, @NL80211_WOWLAN_TRIG_RFKILL_RELEASE={0x4}, @NL80211_WOWLAN_TRIG_NET_DETECT={0x4}]}, @NL80211_ATTR_WOWLAN_TRIGGERS={0xc, 0x75, 0x0, 0x1, [@NL80211_WOWLAN_TRIG_ANY={0x4}, @NL80211_WOWLAN_TRIG_DISCONNECT={0x4}]}, @NL80211_ATTR_WOWLAN_TRIGGERS={0x28, 0x75, 0x0, 0x1, [@NL80211_WOWLAN_TRIG_MAGIC_PKT={0x4}, @NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE={0x4}, @NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE={0x4}, @NL80211_WOWLAN_TRIG_NET_DETECT={0x10, 0x12, 0x0, 0x1, [@NL80211_ATTR_TX_NO_CCK_RATE={0x4}, @NL80211_ATTR_BG_SCAN_PERIOD={0x6, 0x98, 0x7}]}, @NL80211_WOWLAN_TRIG_ANY={0x4}, @NL80211_WOWLAN_TRIG_RFKILL_RELEASE={0x4}]}, @NL80211_ATTR_WOWLAN_TRIGGERS={0x14, 0x75, 0x0, 0x1, [@NL80211_WOWLAN_TRIG_EAP_IDENT_REQUEST={0x4}, @NL80211_WOWLAN_TRIG_DISCONNECT={0x4}, @NL80211_WOWLAN_TRIG_ANY={0x4}, @NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE={0x4}]}, @NL80211_ATTR_WOWLAN_TRIGGERS={0x17e8, 0x75, 0x0, 0x1, [@NL80211_WOWLAN_TRIG_TCP_CONNECTION={0x180, 0xe, 0x0, 0x1, [@NL80211_WOWLAN_TCP_DST_PORT={0x6}, @NL80211_WOWLAN_TCP_WAKE_MASK={0x84, 0xb, "68a0c9038a12451e453a6d0c8adaac12890bd4ff44faa3d70a5c8a11b49bad3d476296c8ae4cc04b476d1ffcb11558714b925dfa345f675880a9a1b146d7735db0ca85259a0375f48e731588d80b0d1cdd7d762c95525b2b777a8bee77ac338be93f68ac09839a75e927d339bb98424be90437a355465e0428c2c0a64b5fa86b"}, @NL80211_WOWLAN_TCP_DATA_INTERVAL={0x8, 0x9, 0x6}, @NL80211_WOWLAN_TCP_DATA_PAYLOAD_TOKEN={0xe5, 0x8, {0x1, 0x3, "3b11c224d65f64af56ffc6347d926f7fc545d400e8ed6f568355fdf79aea1b447c29c8db0be975da1c7bd268b6b7826a9d16ba0c74bc132166bd5e2e98745b83e2630daf7b3880d8dcd91bae3bf4ae9ea28c46f94eace4be7c8a2d5ecf5fb3b5916bceb1957d4dec16bfa01cdaed4312086890335296403c0f57a8c02e7d8576aedc6674c91e0ac9614ba0f572e423a368a24f144b9b44626ca5795a7a5822ce637435c0252b4343f0268ce6299d86ea310a58904fdb6352f629efd52da6179a147f92e20fe9301f27146772b7f4180d13d3c2136b8700734c"}}]}, @NL80211_WOWLAN_TRIG_EAP_IDENT_REQUEST={0x4}, @NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE={0x4}, @NL80211_WOWLAN_TRIG_PKT_PATTERN={0x1270, 0x4, 0x0, 0x1, [{0x1d0, 0x0, 0x0, 0x1, [@NL80211_PKTPAT_MASK={0x9e, 0x1, "d4bdbdb5598a742f5d7c793ee1659e5453c38777b892fe524efea62f522fb575067f1c884d59921f4b484f4b3472aaabdad4adcf069929ce7d24d0079894527e61a4f4e48a08f1825c0b72cc110fd90a843fa91ff2d2e2d98158299caf6eb1dffeebd239415f3c5a2d7f393a0e0847f024bab604d16f3123edbb83bc77d9bce2ebae7a01ad92305d5531d1df59b83c3a181874ba20b1b101b45e"}, @NL80211_PKTPAT_PATTERN={0xde, 0x2, "3086797d5030c2f6a3fe381da909400c5aaf2fbf9bea6e69f412c23e648bbbe2d0f5f68a6cd4f1e6e0658459fe7476615eabf4aeb6d35ecab9d9b8b95cb85ab900ef99c4dd31b01f3b72fceebce41d304c242023aeb094068aa7d270c44de60bddbd2e82089fe2a5cac11191659246943b85049529b73b3fb583167cb3d5f4116adc9b9384d4707bc87b94f88b7ea73000f4f7c9bcd842d188f852d2e5a95cd17e148f461251832d05207a16659dbc153f07ef548cf662855523f63498bcba1eccbe8c6bcbf3c7f0f1830702d7c131d6b55e4f8290412671d7c0"}, @NL80211_PKTPAT_PATTERN={0x4b, 0x2, "d8122a0d88266d29bed8d7c838a0a298eed423551e296598130db43b7d6f7348afd52c9521dd10df9a28baf47aedfd4856690751592a4c703198acd7c0364f3a5b0693ee3c2617"}]}, {0x109c, 0x0, 0x0, 0x1, [@NL80211_PKTPAT_MASK={0x1004, 0x1, "4d42e2a02c750ec1cea996626604a9b4f5eb30be0e7b1ff8365e2e67391fce821ef9632528d2a69120969f565f33317be769828f532aef81e3caa1d33982a631080071722e2cc9ce6748fbc370ebd7e317e8578b53a7106c5c9ab1913268d620530dbbba983ce333bc93a10c5f40ba9b88f56a1660cc20f5acfc547183671c4febc3bedd24be4a09371fb4dc513790d3fcbc49de0125c001ce61d79a37100ee1543644fec94516ef97b25a328d373756d2e69cdb226071ba260b232baaffb71b85e230a7b1f5ea4e8edf705c8b1f033de3b9ae5e0fabc1a486dac54b577af78858f41e6703b79138c4c569632ccdfc3328a348b196847af06bd2bbdf072674f4120b645e6e4a0489bc113d518cb3451cf24ff075d18aca4092ae024f9ea11dc228b00ce26f0f307d69cfe91e00135055fb9b4a94e81f76a4ca3d3fa8976c8ee1aba6046cfebd1f0143212e2d8f1b539c27926d4664150d2f52c1467039d24a82d8c59f2aea1d60e92415f66aebec68c5ba17eaed6bb8785630ab5086298f8cdfbbaba31baa6757c8c81cc1a2578f44da7d6dcb5dc0c9880c1ac8854722e57316d791e6001940da44184b14ad8e487beb7ce8ba196e450d9183903ed8dabd372b4d9ba2751df3e8690cf9f0cd877c7ecbabcbf4822adffa0bc8a5450d18a05e0a2d3745a4c19501e59aba7281067546b514c4c0122ff4a91440c79d2b9403825a83ab3389d7075c3adf25d210bd4ffe861e1f938bcc9708dd608549def324a11a3f486d19db6a9ed8f4ce2b72c2e750f2eebdd2eaf24faa59375d4ad61c4869b95c4df474e159500e50a1fd75f8d1c7947499e22b84cbf673c7baf1ff87fd93a0df0a339abb72d6dbd8e923ad75e3863f6e0983ada509169748537c2f89ba6e86bf1e3d13bf114a98eccf02afba5b0a73483e3bf7459ae93a926af0fb25fec04ddaefe0fa8a8998ef54168bf532f9c98aff2e1d39a82aac36dec9dc47156569cef838a253565178ca25249c9d189559c020b7b203413ee99466616a7334a4cb698f69a8194075e9312b7d819645a9745ac7771646ca8296d0467255aa9215579beb59c28a5746e341c79afa2a62cb5955411f8656e949c2834503507d0f746b84684fc64480b7e697bcd0e1d4fdf66284d3eea77cc59d0e24b2ba1983ecb970a9e70d25d5a184886e1ea1c076a3187c925ca4ff8af95b49bce00c81059c6cc6d99fd9f750758954b384040c7db2cd1986efcf80042486b36989da38c24e93a5aff07aebf3bdd6877f6731727d43da0f6a2209b2263235b514d62c789a1b483db61a4dab39b4649b2d5cc1988016799ae8e04835450f97b8ebb09b87c5c77c7ca1509e5807570814d04bd534c7337d2a24e6e2250d0ccea7a87575abc62da474156cc4d35d6b9807b2b12704c203797e48d75ac768e3c88104fab0c4a47cb8bf4becad773087a4c6af1b5a1fe3f20d00d383a67330cf65d766d10672d4e89af6a6f1e395a44ad2b3ce7c36d0d8f98e40164f5dd1f0237bc2af3c02defa755b008fbc19926812c782a9df253c20f9336f846ea81f54c94b98c935bbcc54792673ff3d902ed692569629e1b31c3e549bf3e5f93364c3e87d66b439cee3ffa254e759cf5de95b6ec25fa737b54cfaa99f86936dc265de43672fbfdcb1088ec6ad946bb8177e937f834306b5d3a1706ce3ddb14ffd783004abd862e74dc0207daa1979f213e2f1b8e57390d4d448fda84ebceaaad44cfe116da05d24c805be81a204e94224f5e41f56679378782565223818bd53a7bb18f754d3991ca1222ac0c3c65938b85451f27bb8d61b85a6f69d4643bf7a09e71f5a33dba579f8a134485cdcf80c25fac982482ffd8b6ea38b69415b175da3e7d6e334661930e7aa047dc4f7cf80f87611650cacee2cbe9823a4e9b6c806d2605deba997c81b34cfcf3550ce5bde3032769aad8c60632fe62f1fd37bb41fc4e7171f54d9dc2c32302cb2c01f5c34bf77e57ace1423851aa3e0f604d9ba4776daaef87de71162513939b319496da092970762cbd64d619d28aca7423ff110b7a278efc93f231236d93edd32bd7d8b474eedb9595f5d67f4cb73ed97310949721807776b4ffc6b0c9697904dfdac6596c70ad499ec078e96464898900c26f3f54b2819d46a3dbff11241ad5fee330affe1707d92812f5bb42239a35baba6a16dfd64e9aa666971a24b6d7319e8935ed3113f286f04267aadbfd5b27380c3db3133069829f1a5733734d12fdd56c7db3100536feae6174034a9ad7dfb0dcf2a476159dae711a69ff06215dc6335a2767e02e701b158b3233a17c2dc35245101516102dc72135e67d603cec916796d98b46932e9d3235612fc0b2abaf3d76fb905b09b603d7d51256315183cf69495d3dadeec757a26c6379e71326c239eb715c0e76152fb940b082ef1a1d31b427d823e8d34ce86f221d72f742ed9d018b6b0f00a366b200e982b4af36dc7d4f1006632cd87c9d61386b2b807403616e16a6eca740b720359c9b996240cf52dfcc43e7189caab5cdb1f1061627e258b113d30832fe51c56f5697d1bd4a0e4bdd59eba845eb54a5c3b3b3dbaa0f3bc30049368aad222acc9cc28ef7f6c4177b65dc3e7d115525cffbd6a1d989c5709489baa6f9749f7a7438403b9635e6a70435545877f9953d593bd2c2c45e7ff5b1f23b0ac5d9e5d1bdc56d1abc56f601eb92e3077fc1be34b0b709fcc0b616d10242ed7107f8b4d6650ec533dbc0188eeb1c35767301716a80d2ca90fbe87b902f2bf9a683337c9950d4341fa076da6833b7e7de74837820ede5bf83bee5d11744fcf62426956ad89a7621f54085b27eef82c4c7627d58505804393b3cf2be972a08e397640e1c504b1e875d7ebf1bb5a7f8482fd06d1d6d64851ba66e143cc4e351e0c7ce0e97994eb80ed56eaa03fb1e2089c847e71e93f7cb35d5e488fc23715c61e10d28bd6209959a647d3513041b9dc692930b5a6bc99d15bbe35c804d283dd50b833f92f27c63c7d5b2fda4ab6f77ba6a95108c78a2972dfb8db9c01c61ceaf7b384e382fe3bfc2ecf78b35a1943b38183bd9cc7cd1f03d17f6b9a22d39f7c0a62ab03b30d3cb0e3d601dc914b66ec090811d2fb384d682c87e7697e84fc80ed9ec989f2fdb9b4cb9a71d4631d389535186b1a397bedc0667c12c94adca78c80cf484b13f5223cc2cf3fbd2628eebc6717ab9c3f80acfd751c5f32151bc567e65226c335c383d269f7c8e867e006356214552d57402a772014491e5edef9379a42e46823d16b545ae9588316e791b2a04a0a15b8ff870c571cca187910c999b88c8fb5dd094d15dfa751b6569628162d50dd5955ad341f0b5e4e14884723244b339e3b27aa15638af2e342be32ce481cc241fea58b02e64ddfbdaeffd5c835ac29d937241d7f93f0fb8d7b80be9bbaa47b123a2ede397639e96f6c6f8a1dd61c2b55e049919a48f350ebac11d8306264dc78fd5fb3cba7cd7c7258e5dae6115ca052087a3ebc50218fe652dac2d941086d371d5f85bae5e11081712f8340e84193b7c93616d2bf6c2bec72e8030bd8047cea2c961e65c109cd31accd4b56c5cce7a2f903906d003b311de721c7de1dcf16693d6b43ef2de1277e82eb5a9fa09e954c1fc264836c712782efa1995c761ee37a6776022d648f494769f865b7f3f40aa1b79e5f61a6606078f207713d1610e06215bb5d4de1c8afd33b29f625618d6e32a35e0695a9f7f7500a6e08cba5215205741170fbd0c96c35b090f350dbc4fcabba92900cf03c377ffd5fe1dd64ba2b9bc276a1d1dcf1398a4fb39685b9cb7706e85bc737e0be0d3aa0ad286787004ce1fc9ce262f6072918f07f95b6811b97d6a72426ef4802fd56bd0fdd558cbbada91993a4b19c08fc2ce718f7add1f58c51ba1b9b81e9b459c3db8b7337c16cff307e965519a33fd7c50e458780153aaf7f9e39d3cf49980aaac3f834375fcdddba9e3150f89a87229b9c6c1d48ccbc98a05b3a24f7bac753fce29f23efd5b909b0859bb025e9e983f0cdcc4926dc45672e8d5d993ff033ce066e92e6211e0aa0a6e1384b5dd7c2bf928d0dcdd9236836a498d93f2fb6d891973b1b2f2c8776e39b89e4897db5be4016aee8673f66e806ba29467dc555b922ef4b9722a5f126ce1263ba199c640c0750f90d297b96f14ae078ccc3b6b18443f0e0e5dbacb30aa9d05b958fe6433e0d21c2e7d04db3bb9e8709a6b246ede8eb6bd6224dddd2435c957b33270d3d28c0ab5592d71302b694e4cd371338a1979578ada6b3b1514c07c77f985511bbd223c53266a94a53edc1e0790f319e0df32b83d7e776eae4f1b2addf51047a9dc50b63909dde4593001fe635ddeda0192a6d75765e465f5039f4b5ffe0f50ad8cb49c52b66df0c316871d2e69b6d6f9115d6f6d9d0d7212a593094c4acc25b49be657bd3b9e8abee06ad99a971a64b9908e0a7b354ebeaa93ad2730fdbc86c11de57138295bbd0ca1dc2025dee67f5efdd4030b74844dd5e49626e312c74e1549e008ce7b14e159afbc786b0c31cc0fdc485f9576b4b3f8b77535f9cd619a47e60587e19d70a3d3a213d4c2e622b39de3b8f178fcab3766e05c0139979a2820f591e9bfcca7329a2cfee17270b3f174975a8bd0a37703ccd2d51565a6f09f02adb22e42b432b6d7cc852ef2246d035d0c80cc3735bce304aa0cebd7d5c7227a5360c1c026c9ef7057cc85ad206414d7c9a1bc8726df36b0040a9397ad98e8aa91656558d6d0c1754dd8baed19a62debe318e25509f9da1783199f0693cb510af68dbe43b6150ed5cdad9cfcd977c0cf35368287308f04879cbc14bcbf96940d3bca47c14d19cb7a641da2dae34d2833465da3ab2a685918ad4cd479e0e1351df73cd0dfc006e2123c577f0cbca6c641523a56f1eced26d203ba2a8bffc21f383bd57120724446fa7c21cec38db05cf7d10f8939a480491b41dbdc630b7dfe1f71e513d00f709195e74c0ea59163ff83c31496a331e70644f70e152d141a8a42451c5a1cb33b2062d170eca231d25bb746dcb02ca07f0de782599ae85b22d1474deeacfab44a882ebe927d7642fa2600f90a1e33f5049713a6211438df9137f763c45705a4980f521942477708d1230213e8e03fb411f5e635ba40a4626ac1db0e2f7c18bf9eaf18e3a1112ff9adac304daecb2ccb14b35df0e87b820d21219d1ffb7f8c6514d844999b2f629b89a836a41311adb5a30edf19af7da0ea33faa4e7d2a06a092b2b6fafba6b4e30b7ea567b569a7ded422997b54593c9c8d25b5237a9e7928067ac074cdd54b1a6548bafb63640b67f20eeea979362bc7014817aed5237a295618cfae76201bb598adcfbe374f098545d46762c1e3f116cef793973dbd311b82340a5f17f79216ed02a569a94a1c0d16733e7e8177aaa03cc2a31ccdece4dad4452a00b572c810b0eb0c5003f67a9a5eba1788acfcc05107b2b2ba2e2b9dadb279ec41297a394fcd105df41efa50a8ca854e2373eb7fe67a7d3c0b4323ba4727ae9c27b64bc751175c7de6bda66a1d5a2a34915cf88f6f72c180f911f7ef1e6aa950b1a76859bf62208fb3ecc72966babd4ec4f2d22cd0b7424399c097be88e77185ca7c48c8757181fedcdda37aa53e332be793eb0ff1991c2d0e429aa5082fc17e73542327d3189919098ca21181194ef38c3519a04583a51c77a0df79dc04aab52f84a7e46099857d7c880fd620aee7a3a37cbdbe29c8ea8d438c454c0af466f82ddab1aebc82320cb73cacdcffedef544601"}, @NL80211_PKTPAT_PATTERN={0x89, 0x2, "63c0bc524051861a009a6db086a60c40b31460872dde66f948bd7ca380f092e22aa141f671a378198c489656d79000efe403985fbb1d16c95d227c4c7bf77134aeb9c0c5835ad1b365313d0f9d0c35f2aad746edc2380527c2c065d0797e2bd05bd18d52aec6dc151eb8345dbe12d3d1109af4364068dce4b3c3eaf653d2e196ccf95d2272"}, @NL80211_PKTPAT_OFFSET={0x8, 0x3, 0x1}]}]}, @NL80211_WOWLAN_TRIG_DISCONNECT={0x4}, @NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE={0x4}, @NL80211_WOWLAN_TRIG_MAGIC_PKT={0x4}, @NL80211_WOWLAN_TRIG_PKT_PATTERN={0x3e0, 0x4, 0x0, 0x1, [{0x138, 0x0, 0x0, 0x1, [@NL80211_PKTPAT_OFFSET={0x8}, @NL80211_PKTPAT_PATTERN={0x91, 0x2, "fa0d44fae6326b18c0856963cf9d978d3e2c4259e007105da8babad30df19c4f275fb6889f44d4fba68faf69d365e19e4931a1c9a76e5142ac3323202d8de24c87164e3ce137568755b6d5e279ae64211c4dda1cd7f3dce8c8cb23454f402f9436c634b1cebdba15d78e89dd46ae156f68d8313c2dc0501a7aabc73b460bdada6f3aac24ce24972ca234b3e1ef"}, @NL80211_PKTPAT_MASK={0x96, 0x1, "3a7d9ddaddf8d6cddcf6995035dddbdd4b60b051bf97bc21c2076306dd35887581648a7bd4514c27b069dd64c21a79866571c48dff3c38a2e8ba541d0d2dfc39c3632fd6b5c64905edf835d252cf6951bd371ff4a8a5e30cbaaf446c8b2b36d8a74b9f76f0873ebd899ec5c11e5f88155e6b4c5531ffea13d100a41648f554cca61a75e558e0e9ec23201e628a606bfcfa9c"}]}, {0x1d4, 0x0, 0x0, 0x1, [@NL80211_PKTPAT_PATTERN={0xbf, 0x2, "1898f0d427099d21b19e2135ee9cff4d748a59223ae5d47c93dc513c53e2ab00366fafea67d5fa40e2296737ee316d3a9a3bbc925ec2f36a7dc841a827ef046fb43c1b27ce374c3a4324adaf37c4e951912d2601fa26ba03dd5fc6b5bba23e39b48c1df62f57dbdbd4d97e34a1d1446f78a10b45cb1b02009b994b171f621199eba28d628358a06465201ee9002801abc359d908661346b51d1647bdcb28836aad587150166560a991979bf3c0ff83b1408a7977313498dd8f768c"}, @NL80211_PKTPAT_PATTERN={0x8, 0x2, "90de065e"}, @NL80211_PKTPAT_OFFSET={0x8, 0x3, 0x2}, @NL80211_PKTPAT_PATTERN={0x100, 0x2, "af57d31bfa477dd9ed8365b4e37a53bd4728313d5cf026352a7bade458d933eba79f88b142dfb5025cd3d3ff014bf5a325dfe201a6ca958767ebe81a732a9f28dff6b63c7ef551cd95c51d5e66461a7602ef9706dd778843a98fb88338fb44b3a9d0994112016893cb078bc8fa79c67d167365d25113388314b6198b549713f2a3c7130b47e0d2d417839da5889bc3cef0a96877fdb01083e7e249848ac1cada59d766ae62318aae61ad4f35658bc67b281cbef8ebc867bd90665f92a6d0b2d73f314113b53bf4a9fb2fae3d70139c8a153626646030c8dd8303d6035dd9e705951f3bfd8d4bc64a7ce3e9766406f61db4f5ce0f76d6654368c3f910"}]}, {0x6c, 0x0, 0x0, 0x1, [@NL80211_PKTPAT_PATTERN={0x65, 0x2, "871055ada7c6b33cb6667d13e24ff04c93a48a5761ca76fef3d922b9ecbe3c9928c91ee4d0caf285d66caf0bce5e670828bbf05508a652d1b547615cffd6a94cada142162f55a69e6078cf2b952d2c06330e56348adf7dc5cf30d46e3bec38dd62"}]}, {0x64, 0x0, 0x0, 0x1, [@NL80211_PKTPAT_MASK={0x5e, 0x1, "c4467f99f2ea54b6ec25ed535ae4c377b29606a3467a7b255948d5a4ec87e81aad6434bde50207c2b382ea1a12f4e609d67ee50bda014cd7c98e49bafa70b4412fd2a7908c99c29c921a8ad0a14859d9eb102875b3090fe57f6b"}]}]}]}, @NL80211_ATTR_WOWLAN_TRIGGERS={0x14, 0x75, 0x0, 0x1, [@NL80211_WOWLAN_TRIG_RFKILL_RELEASE={0x4}, @NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE={0x4}, @NL80211_WOWLAN_TRIG_RFKILL_RELEASE={0x4}, @NL80211_WOWLAN_TRIG_GTK_REKEY_FAILURE={0x4}]}]}, 0x1874}, 0x1, 0x0, 0x0, 0x10}, 0x4000840)
ioctl$sock_SIOCGIFINDEX_80211(r9, 0x8933, &(0x7f0000002880)={'wlan0\x00', <r10=>0x0})
sendmsg$NL80211_CMD_LEAVE_MESH(r5, &(0x7f0000002940)={&(0x7f0000002840)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000002900)={&(0x7f00000028c0)={0x1c, r6, 0x2, 0x70bd2d, 0x25dfdbff, {{}, {@val={0x8, 0x3, r10}, @void}}, ["", "", ""]}, 0x1c}}, 0x40c0)
r11 = socket(0x6, 0xa, 0x0)
sendmsg$IEEE802154_LLSEC_LIST_DEVKEY(r0, &(0x7f0000002a40)={&(0x7f0000002980)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000002a00)={&(0x7f00000029c0)={0x14, r1, 0x400, 0x70bd2d, 0x25dfdbfb, {}, ["", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x1)
sendmsg$ETHTOOL_MSG_PAUSE_GET(r5, &(0x7f0000002bc0)={&(0x7f0000002a80)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000002b80)={&(0x7f0000002ac0)={0x94, r7, 0x800, 0x70bd28, 0x25dfdbfc, {}, [@HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}]}, @HEADER={0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip_vti0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_bond\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}]}, 0x94}, 0x1, 0x0, 0x0, 0x20000880}, 0x48804)
writev(r11, &(0x7f0000002dc0)=[{&(0x7f0000002c00)="43ef3d05ee3eaa5f3171b4aa6880b48f797600c5d3bec9db9f1aa6ef2d63c64238068088422ce9e21fb2bdc2c5532e2c0f5b2568cf3c95a121b3314e92a45e518701baf0afec969742953bb9be8bbd9fc41c66e71c387abeb47d3c97566f229d3c09f25e43560eac100bfe27cd84d39a3b82833a3c9e29a4d085c98eaabb6620cb445c29264479ac9ab8b3aedf53ad87f9c9aa7d4a5e3d7159be1e52c0fe2edb919b2ce9db14bc6521b250d96a97fd12cc0aaea72a2fba257b27969dd3d922a8aa36b4ec6dd3f569d1c013e7cce6b1f5708c87da0572c1ca7eb0c6b5c419613216be6210a96a744c4c47f4e29e0717", 0xef}, {&(0x7f0000002d00)="ea5453b859cdda755f3d164ff86df2fef1c4a0169b76998f6aebcbd4f5c15622c027e9184d5df7fe52c69399b53d864e17dd213052e7867caaf3b67262745cbde1f16deb250947e9da19d7c9ea4d8bdb9ae4c90ae9cbbfe7b23d0df9ff33e127bb3cb50b1545986913a15b591e2ac90c0a1ad6f58abe9c1560e66428f3e7eef2a48ebc8cb324d7b84781b5b13a55d493284b1cd3b0f756b348260b0f69c1653e78f2e6d4e32c283b776fcd457945b1efbca03712932189ae04d68a665d02e1", 0xbf}], 0x2)
sendmsg$NL802154_CMD_NEW_SEC_DEV(0xffffffffffffffff, &(0x7f0000002ec0)={&(0x7f0000002e00)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000002e80)={&(0x7f0000002e40)={0x1c, r4, 0x20, 0x70bd27, 0x25dfdbfd, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x20040000)
socket$packet(0x11, 0x3, 0x300)
r12 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000002f40), r0)
sendmsg$NLBL_CIPSOV4_C_LIST(r0, &(0x7f0000003000)={&(0x7f0000002f00)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000002fc0)={&(0x7f0000002f80)={0x20, r12, 0x100, 0x70bd2b, 0x25dfdbfc, {}, [@NLBL_CIPSOV4_A_TAGLST={0xc, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x2}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x40c5}, 0x20004000)
executing program 1:
r0 = landlock_create_ruleset(&(0x7f00000000c0)={0x100}, 0x18, 0x0)
landlock_restrict_self(r0, 0x0)
fcntl$getown(r0, 0x9)
r1 = landlock_create_ruleset(&(0x7f0000000100)={0x100}, 0x18, 0x0)
landlock_restrict_self(r1, 0x0)
r2 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r2, &(0x7f0000002140)={0xa, 0x4e25, 0x1, @mcast2, 0x7}, 0x1c)
sendmmsg$inet6(r2, &(0x7f0000000940)=[{{0x0, 0x0, 0x0}, 0x7101}, {{&(0x7f0000000280)={0xa, 0x4e20, 0x8, @mcast2, 0xed}, 0x1c, 0x0}}], 0x2, 0x4001c00)
symlinkat(&(0x7f0000000080)='.\x00', 0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00')
executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000002a00)={0x1c, 0x76, 0x31f, 0x0, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @fd}, @nested={0x4, 0xd}]}, 0x1c}], 0x1, 0x0, 0x0, 0x4004000}, 0x0)
r1 = socket(0xa, 0x3, 0xff)
shutdown(r1, 0x1)
sendmsg$inet6(r1, &(0x7f0000001c00)={&(0x7f0000000140)={0xa, 0x9, 0x0, @mcast2}, 0x1c, &(0x7f0000000000)=[{&(0x7f0000002340)="7480612e99d9310fa445597a4e67014f000000000eac945db22045ba4df7f0fcb97b055b065bf0ba", 0x28}], 0x1}, 0x30008bcc)
r2 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000000000406c256d0000000200000109022400010000000009040000010300000009210000000122050009058103"], 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
ioctl$FS_IOC_SETFLAGS(r3, 0x40086602, &(0x7f0000000140)=0x80)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12, r3, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
syz_usb_control_io$hid(r2, 0x0, 0x0)
syz_usb_control_io$hid(r2, &(0x7f0000000000)={0x24, 0x0, 0x0, &(0x7f0000000ac0)=ANY=[@ANYBLOB="002205"], 0x0}, 0x0)
syz_usb_control_io$hid(r2, &(0x7f0000000500)={0x24, 0x0, &(0x7f0000000440)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x445}}, 0x0, 0x0}, 0x0)
syz_usb_control_io$hid(r2, &(0x7f0000000b40)={0x24, &(0x7f0000000740)={0x40, 0x21, 0xdb, {0xdb, 0x4, "2fcd2470110e50565e344574e02058456bad9c0d19c44ef5a3ef5fd1de3ab4a3915ce76974f73d99cd57fc4d9a5f5a69211fa718c9f5ec006edacf991e883879eb17bd74b8d1124cd28c1c4d320593fffdc4e38a29e6a62387594eedc696d05933dd60fc59260e97b8e8e9a3e8b41413f80adc86701f92d12ec7b2fc00f30a8a9e460fd997f20daa638c62f30e6ad8cd4463b5014132fbc05f0153a61dc9a3237bca653d5efea1eda4d68e2b8005a4448157b4a8ccfbc2137161161aded92c11ddfc9a90cbec8ad8565d12e3f8e422039d76403b2af88583bb"}}, &(0x7f0000000940)={0x0, 0x3, 0xc8, @string={0xc8, 0x3, "86d9e15b23cb35d0caf2cc49478b76a9e59cd175c90f4eb7e27dbe1a1187e888982d521eb5e058112eb01daf04d8c0bd6ba301a03a9a636a20b5f42d36717fe882d9e69d8a0a4fd71d6c0b65cf7fbb8430c582e450962dae66f87d4aeb21efd825f1170e3cdae49fcebeb8cd805874c713a0c80563d474f710c6d989417876596b35e54b08f7e71f36a4988242ae607c3bd9e0e7a47539754c1df56a9e2977e70936c9334088a8a8e2184ef1e7f96f2ecb7cdf91d5712342ea3f6ff488fe2bcd0616e8634f5e"}}, &(0x7f0000000a80)={0x0, 0x22, 0x14, {[@main=@item_4={0x3, 0x0, 0x9, "7447e64d"}, @main=@item_4={0x3, 0x0, 0x8, "3db6c694"}, @main=@item_012={0x1, 0x0, 0xa, "d0"}, @local, @global=@item_012={0x1, 0x1, 0x8, 'O'}, @global=@item_4={0x3, 0x1, 0x1, "8d1ea798"}]}}, &(0x7f0000000b00)={0x0, 0x21, 0x9, {0x9, 0x21, 0x6, 0xfd, 0x1, {0x22, 0x2c1}}}}, &(0x7f0000000ec0)={0x2c, &(0x7f0000000b80)={0x20, 0x3a, 0xfd, "0a0616a21a8f50578be7e6d6de05f5dbff2dd9362eb18aba30ba691f79ca33e3fee750883a6f0bf5696576ee6f03ebdb87df60c7bb7494d4ab54d51d36426dec7675e3c54e6efb1efe2199ce9fd6e2825922bc3615d994f85420e9151fcd35c850196d770e1975f1b83989d2502b55714c0a7d94a950f21e8a0581a8a8b7939d058e42358fbdcc8c42ba03becd04dbcced7945a65526306620d721a5ca7c52a8e2a7d7a38ad1c968d28a2452c9be9e9d22c6a060741e7558cc730d3ab3c2552188109d08e484452a32348628f3a3111484e35969e42b2c18582e08304123631aa0aab2570e5eec03ee7127ac3ead1683d9f4e694180f6b87d86f18acd2"}, &(0x7f0000000cc0)={0x0, 0xa, 0x1, 0x2}, &(0x7f0000000d00)={0x0, 0x8, 0x1}, &(0x7f0000000d40)={0x20, 0x1, 0xfd, "485735ff9b25d69d7941737e6cafbf6018a634fda329fbfbd245a6634fbb4b3ffdf34c9f3206f9891d7c52ed0e1cc122a1bbe0f18f77d92498ac6c1141c138e3a787dadf047a439b31907e091ca785736c8ca8f9daa2203f64780fa519daa1b2855e7ec7d3708c646013a711afc36739914c31a94c53611e7376fecc944871bcf772798653fb68470d04b8146ef3b34fe4c3d5997b4beea8721481535d7eab63f61e1c1c24c07f3b689249722e8893f2df26cb6e8379c3105c513ba2d9b692532a92ab5388475379cd295d018d3fdc0761738415f740fc5f3da32da050a4890ab0cb359dca388d8d8e732b27ee41ff4a6b04a796d642bedfdea208983c"}, &(0x7f0000000e80)={0x20, 0x3, 0x1, 0x6}})
executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0xa82, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x2)
io_setup(0x7, &(0x7f0000000280)=<r1=>0x0)
syz_clone(0x100411, 0x0, 0x3f, 0x0, 0x0, 0x0)
io_submit(r1, 0x1, &(0x7f0000000240)=[&(0x7f0000000080)={0xfefdffffffffffff, 0x0, 0x0, 0x7, 0xfffe, r0, 0x0}])
executing program 2:
r0 = syz_open_dev$evdev(&(0x7f0000000100), 0x2, 0x842b01)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x8)
r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x8800, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0xa, 0x76, 0x6, 0x6, 0x7, 0x1, 0x3d, 0x2}, 0x0, 0x0, &(0x7f0000000480)={0x0, 0x3938700}, 0x0)
write$char_usb(r0, &(0x7f0000000040)="e2", 0x2250)
fcntl$setpipe(r1, 0x407, 0xfffffffffffffffd)
executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000540), r0)
sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000006c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000fdffffffffff2000000005002000000000000c001f0070687930dc3670941e448248bf444d490bea30d9"], 0x28}, 0x1, 0x0, 0x0, 0x40000}, 0x0) (async)
keyctl$set_timeout(0xf, 0x0, 0x8) (async)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) (async)
bind$netlink(0xffffffffffffffff, &(0x7f0000514ff4)={0x10, 0x0, 0x25dfdbfb, 0x40000000}, 0xc) (async)
r2 = socket$can_raw(0x1d, 0x3, 0x1)
r3 = socket$netlink(0x10, 0x3, 0x0) (async)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0) (async)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000000c0)='./file0/../file0/file0\x00', &(0x7f0000002100), 0x88000, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r4, @ANYRES16=r3, @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=r4]) (async)
read$FUSE(r4, &(0x7f00000102c0)={0x2020, 0x0, <r5=>0x0}, 0x2020)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x109001, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x8)
ioctl$KVM_CHECK_EXTENSION_VM(r7, 0xae03, 0xc7) (async)
syz_fuse_handle_req(r4, &(0x7f000000c280)="897c6500ff3035465c7acb4e06980b05687c1480c7aafe631c0543db2bf0d6f539506e8782da06c1ca018774d72e9e5a3418ab66ee78dad68457b17ec9d47bf7d8272d607c1c0a4bd906f0cee7f8451828d2458596bdd6a459ba18ebaf61b38f5d66c27fa8a024ad7832a85e58689a4c254c94cbcf7208fce6e61d9566459789d15a6f91dd7db7c54cc3a94da956fb290a8a15f849270bc459d9d9f47801be86dd5c9d18382081a993b7bfde5c28adca4c71329afd6be743b076033b5859891703eb65fa256d6f47450b6edacbd05a9bd8b372e90cfc30f32826566dac6c48e6ef001881cbc30482f9ec469e476a101da496b8c0785eaf875d3608b0c49e9d39baaa1041f903a805f0f24aa63722fa2d87b98595fa5cfaf8b79c458de43ee39904e7cac7540a934b4108957785d58807abff186949f1b94cd21b724aff34ac45c7066dcdbd68ea7b766af9d045cd7fafeafc5c5a0c3400ef4e0c71a6fdd5b8d68a6f317644cda9d2fd2c839a82b97b3d909b54c672227bef573c9de1991d65a63017f724d1f7f1575e69db53318a7fd7065b303e751518c8eef04f642dbd4dfa349040a7b5401050ffc2b4ef62803a7c8eaba99e011dfac24d81b2b61e0b0581e53bf520f623eca17f0545c5e59ff15b527475f970f589894ae589145fa4283f7225088ccfeba1d72e9128f8c223ae1840f2edae3dbcdf7e560d5cdf4f71c9ada1931c0f8312c000101b264aaddb9fab166ba8d8903d6098eca20935ca607ea79e936798b3dfb22a7e159abb234cf21f3733dbf263a8ff116092f251659108892b2e21e1b428fd225096a5040270b2d70347013eaa1fd8e452942200283aab092c4ffc5b8b427b5d691a5a773e09da20539ff0f8214331c5d84107ae8a59aeb58efe22d7a079e446f1dfb07510377799bfdc7ee59cabcd76af0fe8a427ac8258ff33bbad5a8061f1cfdfbf375d73d676cc7916d6658ce46a0b17ad6350150f98e3512b513e25ca73f5f5df0a1fb9582ace7906c493fe1fd2889d9aac0b7c29c2b6c205537627bad64df433336a5ace32ca871e51b4dab0fbb00886a1fa81a98b74de0a26cebf65723515ebb807fc3c161ed42d1a7b6b55717613577ea437f3a2967c66ce45ff85a6a35b7cd40625fc575b107d7394e3d2db51d58347276c33e21f50b5a6b5672bf9fda63139bb75aead1fe4ee9a4064af5a5958466aa39faa6d821489fa415224c8d69d3b5922236832c2b1e4f6b8863b32f9aea83fb522a2de081d674502b48f73ce6db98d84136059b4a6676bc85ac6b7626329afa9bc7d3f9f2caa3c4d872744e0a8e02d72a75c6c545b8ec8e15b6fb0fe4185bd0d154960e6fef05ba40e5fe2968eb1301dcc52a03337179e74ba1522af93d77827845f8941c69ed8bb84567e3c63f1cc378a542f1de7007b688ff0a9c69d5861f0b85402c30a2fd391c52bafbe65f8e82135fd38361d7c0b43c982b2f3e7cb09c40c7e215114f4243d670cd576bcd93c1e959345170c75d6c3cf89cf8c2c70dc792e646e7c649d4c5f36bb016c7acd466ad58473d40dfef36394e581065a8581ab852250403cf372ac0065bf757fa3f445424ac0d82aec1938a2ea116bdfd306baa1cb06c62a4a97d66ab1b9489469cb8ba842da12e310caed02c5ef05c0be1e1e8c9c8b87d6871c94c57d164d08672b205c948086a06a545b266b7ad902a908681eb188bc51b6190b5cb9d8ca59b8c4c6e7369c00d6f6119fd5d437239e3d3c89cb81e09e560fb817590106015f08e7b09f1e1e65bfab3b8489fa058e24081978b9e25463d9945bfbca81c08885d4b6d4c62e217bd9e19460762f36c66bc948fe31cde089626fbb310e3c78a8d3f2eac21d374d9b58d887235d3a95721168e4b9475849071d60ecfe7ea5d6c4bf60da3747612ef59bb651270f326c0af31bc8c71361f851de34ccb3c8071b96f1128d7ee79b41246e566edd0272dbd3ccfe472b38e5e03d3ef83218bd498e6de8b4d92cb6f82716449ede7ba845028eccdb9137be8a622ac88ac53118fbc39637fa7a93cd3abc6f7671c7804420d66e94720acbcac916950f9baca77fef4217155ccc2cd0507339a0486f9f468eb28772986ee768c63eba671bf8c52e48a2a5dc2cc24fe925368706c2d712dd1064692b0fb2a32ddfbd4a0ffcf9c2abcedaae6e527bc1d42637aff2a275b76a7a7f010e42e1cc1d27141f6c3585a2bf58c6c5789ce61551d10118a000e3764631ec0b7f4b1a6f22a678133a30940b79dc76f863dd9f6e0d7776300898c97cef286c731c2050928c492439256e481652bff0d202db3cfdc54c9816ceea7895357bfa0362fad79afd09ed55189294d6ead7e898ac091cddbe7efcedb314bc02a18dd5bbddc42e089124758bb491fd1536aab27c5c124567bc325e7028bced5a179a011d1cb9a5ffb61d7af863e91ec8e60495561188b74d158ba1418228d44e92915a22eb1c166ef7d6179e84381ed950ffd747f13e24172942d922ca3109fb8b1e4e6264fa4a4eec75ad0d0e22579d90f45d6cd157300e38ae665eb56457202e25a8dd5877ba99725de288660badd2704345d9bad208c903ba27ea167dd45a77f77b6502b525b2973270582858183c784c324c1366fbba8d410c38bf75b41e067f6a9a017c56595161db4fc5639393fdafb1f148d3f416c1adc5fe1ab9cebe4689855c9b4bda6dcba5d5fa858a1b87d2ad23cdf54dbdf4d14aa4462da0b6f1107f4afa0091c2643508861a4d9f133ba77751941bb8fb756abf1a104205b80d47a3b4a59724d959c8b5833da4f56fb6613231f230a9378c9af741e94fd2c7213ac1d7625559b3f032f6c8df3ab441929720fe43d7c548cc661eed5b3c62b3c61f538ea3228376e2a18c6da2ad906322f64fb4865cde8e1889a8e5237fd6a39bbd6662f1dedc22fbd74e4376fa610cd710703dbd3924a38beae69783d1d5abf36122cbb87129ba719042748f060f4303a3199c5891c5040fd8cdb9761b006bf64cdcb65e5cc50a29994b8c1c34b83760ece12ed9ed7c3d2a7f8911cdf23a1afe0d7db1bf342aa0123dd5cd31339f5c8e160c4efef882602b3eccbe76fb690162b8bfb8a31910bcdf9a4a5dde76c2ac2fcd8678add7a000cfdcab398eb2171c026313eb6eb56b4b87bf8ef93f7f8a1c0bcc3775b681d4229ea561cb52281d8ba4315c3694ed08433596884d5a7ce3a8b1f82359846b7136726e2fe37bf4f7b7e2206cdcdb0705ced9f0dcaaa2ed3a78ea70d2cfeab668eb321400fc955e9aeb7bbcf86cd03f02dd443503a1480d9d9f899f53bd747a95293786798fc59fceb09e686a9328da4f929b6201841bbbefaffcf3386abdf69540e3b46a643ec10f0acf21f27c0053dc13f18485dbc898729dfbeaaa4887b58cd442d7ffa941808cd9658595be8650a815b088621278d89f0d8a4252566b923df3a3cd65c0e4af08fad385927251b31d35f75eaf25e6cf13a579aeeb0bcc0a14ca4a20a6831d532be0b2af3821792a2df95131b7fafef245aa19b214053342aa820c35858d13f84e496294529411015c41ed447b5b51dc44a45d52552a2be1abfc157f3ace7bfa32d5b931421d5a152dd66b7bf549311b08325e5a7201f793037b38990bedeca8a647c08d2478670f8fc2b4e8983ea18bcd514daeeeeb9d7a778f783c76edf01bd4beda4b77b612cd2e865c2e4f58ca7ae06147bf66ae6aee221cf9b9505dc07e6fb6cf4f82dc8c406c78e270210c11cf2531011ed678d9dfe1f49c9a69a95a9f3b0e5b624d9c2664d787ab911b75a4a38d63e9d6c353f8aaf433ff961fe5e34d84936ead0d0bc7954caf84e541f5c6f3f20c9eed21eb0316b82c0dc5182540e63a0af25565496792153d6395adc2b8d68b8bcd93dd110ff5685879db4384ec390d44b89663d43a5de3bdc0e103b7c1b355dc5f6fe3518c93628780ba03f156badea65d1d0af8433c9e8a975fdd19453da662a33fa9f0f5fa15fdb216b483fb48370a967246e0b763df8b3bc7924a6c76c4b114f803dbfa3b312e6815b4eb67be167283a9e482d9a5beac250089d069d4c386b7fda5fc228404a0f58b12ca4dc131c381b49b42b570bcfc0dd663f24afaf65a26a21f6d92f52c9f8de36cb76bacbaa0eef98ba6b7dbbc2629a03bb2b6f83fc5adaf20c217bc8d0f0d2421e01472532bcb546aeb2d483c8f95011a3ba1d2fd8086a717cb015dd53064ef4a80b6d6fdc12d9069223fdf2aa9b192a0e0bdb38436f49d9eedfef3665815633fee4344aff11162526362b70b18e1dbedbb5d8c4698860beccf667851878a25a1e766caae2861f2e23404aac859e62fdfeac06a6057554828d7035806e8ab3ee2fa6d711e5811db61231a22f4672f6a11b27641f350bcab78792362e6ebc1c054a643bbbf2746678c14dc567d1f73e37005c8ab6374c4d8d3106384a2d32c5fcf05cb9ba97cb7fa1aff11505a701bead543e555f3901ef3b693d5b9ebf49518c3509af042b7e84b1b867c22b7e08725220e4338fd074edce428212e6a3563a08e2ccd8ab71910256532904542e93d5c7deb5bf5d49beb3202d4da4f643649e55edbb91188cdcf0883a40c6ed6b8a086fb5c50dc08fee00308420121d4c7431b3cfb80f9c1e099423ac451d67b12e930d9e391d0a799c7d4b54a0d56ea0aae00c1d009e21fb5459416b464b227d66ccc1a68da59d64c1583dee54bbcd7d61ffe541fd0fb7452adba91906918966a7d58019ad1f8fdebeceeed7018837b6e4272eefeec8385abe7207fb2d7061fa6cdc478165a98971f9729b818a73edefed976d5c7c0a651c091cfd1174c020e39330a79144271fe4cbc61ea0ffa274d0d87d06dd08c1d5f8a0364d46ef7b54426bc286330c75fa257afeb2715c2ae511ff53b1189cc59ab80b1325fbdcedfdb8f36ed71f70091116e16b52188b794e637755027caac8db8554f8674b844964c710cacd7a9d6b06baf6fef76159a380e639b0d3e66080a7cf7f86baac01dbe47fe687fcef2f3bfbf6f8fba045181dee688360a11ee56e5fc73ed31c0e2924ae57f0cc93c63a30662a65c5d5f17123ae28cc5b74dd13ed81b03dc7fa61dc575668868c0df12d3553269f04ba79084d070abcdbd4745de80e90e4e3e524f27249b5c4a2f2d4c8b331b0cb6d4efe62a298daacc6eacdfe008c1f912795dbdc37098c42db860953120fda709baa6d46f52eaba781505e68561ca0f281e850532ef8e7c779883e312806e1c357bdef8d0dda005e710cfa6eb8686e8bf3bff036b3fcdc4036541d93530ce6f598442c24170b307ef05f23c93aa0ec96831b532d8120402214a940d1fa01ed649061a4a71308be189cffd729a196754fb8a75f23851189589be1b819f0612cad3dc94ccee88f4ab9ef6ac9c7daad8cf94f5ed9496c4c824e5b4f66ce32a80e7a6ef069a32f6812e656aa5f5742bd432afdf026c86e8f28212c1139dad47d7fc07e5c1a83e993daaa4a4bb5f0c9435ccab2a10f867ffe259dba7a1d9168619b1e3048860a5122e4a5d0b00372eaae861a0cc88549852fffa76e6d78739b654d67df15ea97a9a46b7c382d83191a673aa619b4a10ec05bc681379b0d6df824cb6fe158e9d89ae5dd1ef66976f67972b553db52eb6feef836dca6026293f83a61e117754a7424a3da63bd82d017f87f0603e2a9b8fc550aae611681935ae91f7ca2b5341b05a25208bd28f1a202a7f2a213b1d7411ffb557470aec00c4d13c70163f22a038a189710dd19a47e8db4a87c3fd329a63abca172a9810edad2d8e19ef85b57ea4287cfb3d740d7ea3fa9c80d06e1aa84b317f678ddb3c147ba5e0db432125f59ca4944c8e9050281ca82a3ecf67b2a5df678697a52a7297af1ecb03c586af7b91d74e881964ed95f7be12fa07e2a4e71aab8b913a13996fa33e915144bf00e49b8e7adec5b2c4b8165f54ba3155230e241ee023af77a295ab87c40f63f6092ccee05cb08a265abe8f57c9919bf45064b6c2240ba8011db223a283a4e2292d9b59df8c9a4fdc763f0631007db9976f351717db0e6b5f9c6e5f227c2efa1ae5fe0be1af0b22fc164f9f9678a01fe8b059749fe8a2972455732da1989c609d191544ef9fbb3e58da93ec4a582430523f260b776e4d747312747d18a9bae14740f5dcd35fd1072f8a4d81573b5882203be856b62d7e1d87081a9e431872c9d68864197bbc61f15dd8aeae950d34d6ce97182deebd2ad64cabd1c723baf512acfc7e94675b31369bd60e155af79b97bb734312569f736dcd5b5a78223ffaa0f7e93e1a112cb9f6a5b88fe3cf12c30024c16c6b8380fdf086c662665d3751c11617cc4dbd5b8bc7543301a23fbc90ba8d060193cdc2b68c31c734d516707b759f7db009c8f06e69b40154e1cd8ae444afb28134acdf871136b4fd78bd86d7faaaf618afb25e92d1ee37cdff0595278f9565f5eb109e181e9cacec2f22e32e9f34774ee223fdb992febcc5dbc5cceeda16cbcf1434730d859e7e03d36ff17636a7a7e66956b515894da114f3040909f90ce3cfbb2d7d46e37049c0fb124e0683d662eb427cd7b851ada229451e6e3aaee64b9964ced3036bde5d9d80eb062474f96ecfb9b65fcafc719494ac12ab7df245475f2a5e7f85ca4789833ca373e6214d39176c8f51dde87a4cfe5414a20f68bb9f34709979b99533ba3435c4aa56e525195e10ffd00f8e41aee30a909c07b973bbf733d45500b539ebe2206d438216690998d9e256db1b7ac6bef3e810785e1986985c945a2b820323a592721fcfa444934d0faf8aa439d5efca5dcd77b72d1eb91b3790d50d0a7483e354c415f81d99c133d648c1293e795b3c43f9b47e23ef982e10072ea5baafb0df675e69af1807b225afa0cec3eafbde8535d3ecaa0ea6ddbffe4465207425bb003670320324df0aeeb16b38a043f9c0e85673b36def332fd68b2b1e6edda621d0cadebbced8c7fc8f890489115b457249e8d8103676b3207a472804d33e0fe511ac56cd8dc5333b2333892f87b455940ada78fcf5075c358fce990e6f65f095eb416d876ce6f120b8b02cfa6b176ee269c942f881247c3e464cce2aa65c39137607c585aeb4b5f24f5f8e058c9c8b48003c1809da3e8aad1bee7955c3a976d43fe132e2b16f4758a0a9884e51d13b930675a4361ff366b0fed190ad7b2a00385528951e39cd44ea06d8921b9d613d7626221154cf86249a550198fe4e5b05ad3052b474291da0a0a2f701759859bc0392adf243ad5eca89e6d18e28dff99ef95743bcabe75504be8c715cd6360facf3bb06cb97c29989d4f6ff5083573cefe6ef0b39a252a2678112fa88e5b06c9a6bfc9597cc96e5a49710c4fc120fb0da4945b9d94e46de1e9989d0fc3d8d20df23d815b660c799a903f651b0d013f7fe158f1d297f7fcb6a48780ca5525f1d081ada0aafa83552318b848783306549750b6254cf676c7b934cf7fdab992717f0cdc089b34278f3fb151cadde14d0d3250e85a4b0ff2a2778a219aa40563d3ef575285484424b6d0e7cc8392342e4848c6fc8cb20fa1b450cc4c1fea19f3bbdd9e342e6c49cd7ac893b1eda2e93d1d74d20969465946b398fbc733757741ac822c4a118632cd242a439fc37512cf79b7c629504ccc1e7f2f11798955c3262b5e9695625ba74d8050e20f51d4769e1ab938f487f1bc4b55b5abcaa3ec079c2d0972b2ae9bfb7c5423b959119292ea05f1d79d35afe47e49d97c946b193bffc0a8f607f18a6845cecbbdd98cd351db2b2dce05a4848ba84a6a497b4618950130cb7e76c03d0976eb2fb41d3a42a1430063ed8e5b8c67e80fd4fc1148911958babbcbff33a6505de209b0d9320017fd736fd027a16564008ab2e1f48a6dd66c9256730e9fda0a606875d0871b2b9b0bc2ed4e1b696dbf0283c8dc72cf4338e595266f5390bc3a21f988353118f2948fc75d050ea076b73508d9ed89bade0ba305c1f4e5daf9d40d2f5e7ababed8d1b1d919c61a6d3fb149c1a9b44e38585a2fe322f83d73a3aecb44da3f0e82942d75d62ed3f91eb44f3411df014f88839e4cb1e21b9b259d4eb4adaf6b0be433d0ed4c87ec77dde5ee9d566e3dd8d928fc1875c63af26c59daba5ae267d9bd5da72b99a03e6a33cc48ed961ab484ff4a46c2d5fa597e626e00b530d7b9a9705e4e08d03f3a7f2a5a5233ad6340e3b5c89db81ca713b6d7d855c6324955f85109b204566f50178cd88abe3fcba25de905e8ea0b75ad51831761ed9b1af2470f976f05ec73bf74d137c207270cfd614170518cdc449aeeb663e114359c8124eaf2499d8cf5dc84a0872301db2e57b50bd285060ec4390d99d4ae3674ca3bb8679c1b08e566ba4f30daec8684a980055eb43cb5a1306c4b52a154682aa96637e06c869278aa2f74ef7345632c11265ef8ac97e953745302556881ba0cb590fef271c0abb193fb84d18ee3f24d9976ae816b857d6f68d1fdfe10b312c799fe014debf875d04bff8b4f387859e97c6bf13f7083c28a2045a0b5eb09c94e781a165965e8617c0efed1701ea9667aeca26d9577ea7b1242e1d91b25d6a66756cc627648a293b9f4345966bc469fafaeddc1118d0972bd5c7751a1f51e5989fd952f314ae10417c97b41e60ebfbc47e496486fa4a89fd16aea7fa1eabebd26eb2a37a3e2b351e0c9d2f67b2e5be0f921adc9b6045b045948e5103af0e5050b9c0799b513c00865deebda730de538f956ceb6164e08bd6f58655a294b4b44fc65309b30f9c00f92ef5bd5b911a3d830f72c258b19521bb8e80db02129954efb61423f518d2c5f36587303890cad9a93fa4f4bcd0e24c67db679c67ea59c1350b8442577632d5e8735833f3daf5a74bc7bd82659a81beba8c889632efe03cd24187aee856cf659e16e195464f52f2b984fc7a299e7b2aa53979a147ebed35705d5e89691666536f2febacfcef9b32d14952f958b72512869e4f6a0a34176918217888b1eb8b89322ebb6bb1dead2b4744e728479880db70e6147edaff6c3f083f18e0696bdbd78cf0bda14d9f42e5c1077ced00041aadff90470aacec0e48e2a5f2a0ed37818a173b96061e8c5bf24c0bde9e09f9e0ddb8e13306ef1d4eb8043ebadde5d7553e5212ecd4691eb426251f9d6720b8276ac543dde02399a35d974b22c1727d4b6df01957cae47443b706d43165e01d6932b136f561ce837431254cfb2a6e7d8070a2d3805aaa15b3c10ccd0cda2e9b418ce9ef380e5d08217752e12b3b892d03a9495c83d78d674612fde5a67738b2d4649ce44606ecce6bf3bd1293eca246a83643e4f1c7ba362b110e07c8479f216e3d4afc4fcb8d0820c8ab702a66d8183e83174597035e92b9b500dee08c80b927b42c3689c7c9617b4112c9e54cbfa51e989b5fd42b80c595d3edd265f138e8128cfbbb0e4f53aa0aa95a2ecda4518b2e564c42d5de7671560843d08103b9bdceac5fdeb0b1266f72f491265dd2b2b80a225a50955167da1812364ea340d82f61535401bae6f3140a8795d7c318a64cee4676627244930957b2f0b227be21b72d90027e6a5a7af3c59470c74dcdb71d1ef090a0f49c91acd604c792385c8f4e085765292822ee5eca03885fd6bfeaca9b3bbbdeac939f7846a487c5a483ed1e4fbf37c93886ea27bb35c812089b900b77c7c924147e97b6a71533610750bc84921012aa8158b213f7601d934a20bdd1f757b0a33042a683af6b9069f3900059d7f80f9fdcc9f33ece8cf7888dc9e24f1fc6ca0ecccf161c5334c60f440feb3acfc3d115011c176dfa05314c5bcf089e3c82bbe7680a3eefdcdbf3ac27265b779db4f49bade0128eda6e29bc5933ef454601db1b49628fd39ab938794fa46a33937a086ece7050d31a21524e2f0cacb307ed4412a2078636f9cc8e11c5c31cc0f9edd7be6d1e31a1513a58e25215f5a24245cb988589e6d5e5119f4f6557c697fad7d1c3a7e3bae064db4382701e33e48c5b6a52fe9141a385ef2325c6f7781134607e98bfd02c43d6deefaa861700388b40d98e941cfb2ddec209f977e8b9f93d29fdbf85e3010ce7cd622e8c75ce3df535e392052b6d65d5042d2a6e78bbfe5ee146e8b18d4bc7fb024dbba57cbe0402205593766a313950cb719d00c67bb6b3bcaa1015b89e820f11475afce655947113a7c3dcbb52427f090df994fbf076db867e0ab3f6125fb8884c1d13ff3e99fab5fa8b9f0b72cb44db4d0a48d9ec17f9733764e213c40a15ad821ec60e4a88cb2fd9dd9a4f35e6a708f4b74067f4be3f03a95261f6b191df53fa5bb5164e4a164630ad9ce39087aa950ad9e60cd2c44fa2237c49abf858c97737fd21180fd0b9542767150fbed3f39a29e6c3484d9437e15d2439f2a54b2a1ac7e63e6c436658abc3f1dd52d984f6c6901768a8cf2ec98ebf44e90e0fc0c24f8957c62e05d8eacecaf25b178fd710af609a8a1bc4d7955b5f0cb4f48a37685e6304ea5843573a1abff37b5106916c83c8f23f939a0dc43aea8d196191ed6e18dd793990d1f37d7de0bf8fac6f469843724eaab86be8a483be281b8ecf4aa29d9c571951cde8cd8c2aaf4d597ac2cb48f23fad145916920a55d655924940573b64dbd42a280cddc4810434f930183fdbbdc72db1491a4c9d44daf9b1bc2fecd855508648063040faeb125da0e68e6cd2002181118eecff0be1dd8eae726af5d451630cd65119c52abd6dded97f931202f186a18c4ba34bc2c3f6d765e2d8f445e959f26ffb55827cf3ff2cc0289f17b82c8caa5a2d3d54306a300f0ef42bbe4ea9e32c5d4b1173942745cdcfe4f5d1619eefaf8dc600afbc9171d516f7f4b35331d0b9be005132ffad5e9df59710278b842afb626a78b8b8b37fc3a894dc705b2d4e0940cb264e9dc87eaa148e6faf78125462f28a0f1d7b3c65a291b85713fa71ffc478f6601e8716c35489f4a54ed0c70bcfd5502cc91374dc3c982075c5180398bc6b195b36e79dcc4087cb990cc9d964a150e0dcc887d496bdd27c3f298736b9ad8345ba2df46021964cf43c38f9d2e94b77bee2b7bf059e0870ff9f17b9ef1320c0aa88a2fa9781e9017ab64643de9a3df9ed4b8cfd8fa080a2e494409520b795eb1517d224a05e450c4c8ae0e9fd29c0e72d3a592cce55f6dd5107f21214e1a3f9a5448384de06149f959ec0c92790f0ff229ab4971171f1c528ae6d095ec007bf5e7f55d623a68194e9ea8edc3af418075338328f24e7504341c22bef72c2963fc9c3237ba990d29c2c8aa3007395f6d96e95b40ee1b18dbad550bf39d0d98268cb74dde76d987c3169c9067495fb1b88508bbb7e94cbb7dfc15c03b1d5b163132c8a468906f02d422a8cf98d0b432b5779dd962074b72dd27439b2e94312f573435e5aa84664432c1914839cd6e172186ce93eeb1d7cb0659696d9d550eb3b185f8c6ee16e53f78233cbe709f99d2879d63d93f7d0ed133241d2f1ab1eb2c56605ca0f0e01c39ab0ba2370fe5c4e68de0561b517ff9a10023c386236398372c7176e35443e2cf5dd6cbed9f23395f231e6a54f65626cb5860a8b72122c34664119e7c47204ef4a70583a", 0x2000, &(0x7f0000001940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000006c0)={0x90, 0x0, 0x0, {0x3, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x7f, 0x8000}}}, 0x0, 0x0, 0x0, 0x0, 0x0}) (async)
write$FUSE_INIT(r4, &(0x7f0000000380)={0x50, 0x0, r5, {0x7, 0x27, 0x0, 0x1001a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}}, 0x50) (async)
rename(&(0x7f0000000100)='./file0/../file0/file0\x00', &(0x7f0000000140)='./file0/../file0/file0\x00') (async)
syz_fuse_handle_req(r4, &(0x7f00000021c0)="1695367704d10dd832678e4e2d01860484a69eaac410e2d6cf3b3d3925f9a3cb602592377170dffdc4de86f163e390e21d07459b0f058cfc248c4bcbe896f3c68006f3c2cbe07c55b87170871c1d364d740faeb750c8c8acb76aca18bc0c018ed341b55b0ef80cefe95b85756aac978a0e0b5ce59cae6657643e7ada0c1336bab310888351664553c2faa6dd39054e19e23cc7c4b4d33546407f880194aa0761f2a9360c4ba26de342328b92db81ae84fc9c1e9eefb4b7ec3f58a6d5d23b907327b14480a37f3c84305729a91c28807f8809b997235bfa2d4b6f45ee9568bb4a416df34f4140c5e272bfc068ea61a48b365490ccb02772a906dad457f5d2dd1a57cc1209e8897c8115049d7e4e3c756a7f5ad0c004ef66c8bf91f600910e73b4aa5f516bab5cd62ad93642960ab32b7fdaeacb1a9587a389a529c231f8a47a65fb6d27ba6a0eeb46660cd75dbf47df89e9f578eafa6992a12d9d7de56d69fd0e30b15caabd13c28d63921597466292f8c4e87f23d53d52e6e8f1c9295af0743c8c671a49273074ba44dbce9e9b1136a93dbc19d2b8e60cda5f50eba2d814822a68a0fd4ff5e6a25dd5346f96b26b5e1563ebb97829a76fd8c2aa467499fdced91b05b193b68316494f11f5ce97ed8e13d474b03c6f6eda4eff54b0ec362fda53003e6e2a3868a5d57e2426aed5adccdac8e162c6cc20361dd4709889b79b2810ba42f531fdd3746562a00da65b4211fb7d8f482a3610748d3b80d2942d8432471f98c6e9036cb57f3913b31dd8baddd6d85b44e8463b838fcfb6979628c5fa3dbd30688e10b9ede257ebc7b96d4092f38d11b9e6a4d10490a9df1387b3743cf51e206c7dbc0741c408bbebaae7f36d81b5ce5b21bb9fe992c8a0cb3a91ea2df21e571ff094b53b17c46fe22c0cead29144d203294eb42c984790a6b6348ed8b7b0317ee5b2353cc54bcfd808bf0f61f73917584e17bd9259c8a04d2ba3b4f931571947c77035975933471fb1203088dce478eb4e411ddb7b88caeb02e1cda741245df701a2b5c29c48a631eaf18549bd90c70222fd6dafe5550726bb58dd0fbf84ffeeae683a0379505f03740a652025add8e0e4e6b5bfb4bd0876dfe1ecb639acc110eba97294a4e4642aefbcad04ba50d830e945fd9900ee7e02488694041f43cbaa86280c1df64e8f1f81f7cd5130914efd19b58262f3bd2c43bd8b4a5beac09f1ba27020521994465e62c329debb50efe0716d22cf0056febc7cb95aa818e10639077e91cac3c80b37d6eebc6907dde971b578383ee04086a0dad18750ceff6b8d6d373afa93b71fee65fe1318c1ac291b784e45d66962c8b54571bc1e92a996c11561d94af6ecdd37948d35adbd1ad63c1c05c31c7f4afd707aa1956d1444fec1137fb6d81f56566887131777e5fe3e2fafe8af8f21ed34480afe74afb25d8d16f8089fcb851ac49dd826b7f273aa3d771856d712c62397d49c72d93e3c2a5e6b9767fcff0fc5b3d70dcd70ff8bad5dfd7f5a84c194f99450601f970104f9be026852ead21824152dd8f6536fcd01a69177a65f2af266e619d61d20de0c738680fbec29e7c594cad29f009d46d87908c951b2e4ad8d9a67db8be6f570fe5416d9e4dd22a108140a1c95369731807325ee7f4201209a795fa1609ce8fa27384677816f651a96cc08400e1b647bdddfb851313e3ccaa472b9a6a1da3a0936e119a6d7808f09de244d739c39df3ed36004b77cb54b6b1396b718c87fba28cb1439c7d1d140dae1ee2c2a7d647427b1e7472710c7ac4f1fb0fc0c9d15ecce28167d23e2e42474dbf1c63c0819606be9c9b6dc2eb59bf9932568ef408c20e9498cf105e84eee30460d4348f4cdfab623b416adadb4427887d9b1b6b8db75b224e8a55fa0351d21093b2b7e42e6685491cbfce100d602d0281f4bd086b50612f3ccf055fab1aad97a52695a233c3d458be4536b66b0acdda5ce0aaab48bb7d7f39a8af473c4478991f1c4569839eab0c1d684001ee1772290871653a2293bb7754c1eac178c60f86e2a98e1992dee198c76365f2d04d159d7c210c6cc58764e3b7dfb5bc15190555febd01c69cab8f55926c28a13fa4f9060dde1ca2df7e1f71fd99a0c350d7f0e341ece8e0685e9c205b486ef400910211b688f07fb05b542261c74b45f4ac23ff53e9e620ab12dad7b5131f67128bb8ed6a4a70caec437f2157f8bcb3d080091e5715dfc7d7539dd0320c90d0aab6a6d7a447ebeea893a0efa2176292c648c62cedd4138c9d0535ab0621855484fc43e0e3e84357db6951bb21fe2f4e99fa188ebecbc23f73ea879bd304408acd1c470fd112606ccfd7b7970e950ebd363afbba359a51877248a42845097094ff785dc82264225752f3aefa980d9ed5309b48f47a5b5ef49f698fa8c13f6314c57ec97eea295afc66a9f4ec844474c0da6ff1ef0c6c65c035f3bb74a70ffa668359b58a46af97600c428626b45c81a4e372e198894c02e2bee8010fb4c2c075ea623a6ee24a99e225f809322df6ea6f39b1566b1aee5403d45ba648f94f70976013199b3241744458d030a5319360780897413289d89267c389e04f23de79adf4b864c5ca76efc225eb1ecf6424887f0d8b3ac13cbe9df4eb69f7b702e85fb396dc4a030d57a8c4edd227ee568fb11a9859935ad53dcfdb01727f106af352c569a020b7e405a1ad4c6b39e2e8796fe9f16db3794550f5ef3ecd6af2b2ab0383e6c198f17ada5840bde84ccbaa661d9c456d9ddaf92763ba450098cd5a971d847fd5030a4c9b066ab3b0096dfdf7e5ce2f8349165f94c493b7e4192e85239bb11552f910fb41c5e96ee10fc8dce711e88e0572ce0bbbd9c9f3b7c9dae89f1dfa6af309c4321755a5b19070c8731ac590c30fffb69feeb75f699aebb101d3a30f784f1745182cb4f0bf63a148b521f0a03c691927694ee453b278523e3ed256c150098a932f62c90ac65faa4b9782c27a3ef6ca2b5ecae6a01d8a1d7096bf6a7d1b317a9eab22ef4907c631bcca224f723f5fb9a44d7e1295186cf37fd71343919aa167fa70a505a73e9f52a11cfbd40d8c1087d4ffdfe45a40ed5aebfa4b0c3622c78a914d68dd92f46478711437ff88803ab28cd9ce2223aa0fa37eb9d9a4a7866dec4ca6bb66e794ccac6bd19b11daa0b6d4d42cbcf7d6426b5718030ca51bf92b3d8ea0b11c46ec5c0c6e3805c88b39731b2b751d9928ed1ddba7c66bcc5273d709fd295aa0792384435b98c1f44575c028ff2869074156713931f7e62f8b0f8c7ee9dfeaeb2e096e77600586a47d6f6a2e13a17dfceae46ad84858bf8873f9f1e35fc700aef0a648af168ab0774a3441a203ef325577f2c76f5f0e5808acdc7965bc65e8ad1ca816bc3b67711ea42e619c957d0f26b394be1f3b0c4ac9af8558eaebf5c1c27b6549022513479b4c28dbe3f1c3131cc9211eee768f96a9c8b5e0e6425bef921a355faccf0072ba19b16d88b75feb5dc8fcfc1b7b5973eb9654ca3dcfd482831ff5d1fe09fe7ae43cf129c8c17a6686685a13ed076f34608b7ac16eb8e9de6a44418c4e3f8162e6a679bc9482df96a04b14575ebf093b99bf5cc26495f5dd6e571129d9760de3f801b001a1f3248d14f579bc519de2b656641a88da758a2ed3baf15fdf2739ddb44f0e5892de7ea48e9302129d0c939137b9d0687b296577675bcbf433a53f6a9816797cbfef1ba0caa2b8602387b5a8bae24d3e15d42b34d81708738fd269c3e8cbacdc3ff5ab1d4816a783d7be0f0a8086e345a6b4c231ffd61745f6c45cfceaf6089e70542aea1574e3c78740f77a08eb55b37f03549c1dd318cb5a76094210e8cf800c350d328fbf9442d0437e7affd54b3bfc33da3f24558f3ea8e59da8e61ae60e7e7b4de7179b8cf941d51d420c8eee69143966800dc4f7bcb50a033331fcac02a65e88de28ab219c68388a9da9196e044dd1ebbd3994bf8cc862f6f8b419fa1f4f4e5427f10866b498935fa28b8e6f9c5e48be8b74b9c2262823390480f71aff6cf72281f526265877d223eef9ad7a4be7438f9afb6aff0e80c5125c2c612ceb83f0470ea04479979c0a10fbbd0bed7379e949cc19fe36fbcbcc59a9fe30a2662d3e4d22862e8841b587b8995ef8482bc60fe0863b41752ef3dd44a387eff101595822bf1ce440ff9e5f73e560e4f7fbfe4754d9dabbcd92de02017eb43d3cf7c75e45ba04009a782a68ce11eefd52253c721daa5f37c6408e37b48d1f2e36d7c1793300f2c9039e69a52057486b63c0fa644d00528ce48f2e551ca88e356ac25ae74c73492ed3e6233490acfbe7ed8244f23e2af86e0ade6b78bb34a75a86f6cbadbd39762680cb0821d6d28f18d427df13d0e747f6da54be970e43ef8ca8285dc8bf44e3cecdbf2d8757a9800bb889b846d58cc636a2648809451a95736a0ecec6ea3fe61fb24dcd8a00ac0b8933918189cda555b17e431d99ee190d6d0d9f769e665ec193ba8889ae72a01e18b98cebb75d20ed778e5778ef657ce85d40eafa44b46f293d64023b877e8c5d58587c3abecf9a1ad8d874a4cdba0bfbea61b7eb19e81f7c932be12a83bacc51017b42dbe2931dc11c742a5a942cb6ed9bd9922ad78f55b0f6cbae0e8d4235140263ed8c83ab22e71a0f0a62b6920b5d5109e415254e527546546bd025cf1583e3e8d9d5bf735a4651fa2e5c3c86a185bb77e9b75224cdda8cb0eb21d9e3bb19e286832aa5dce19f055539a0a5caccfd752742a31d0af882c4f02c29cbd90ac2cdf5cc61c448cd09eb7b82b930ca99962c0e5ed84124fe37f7d30aad0296ee340377a7e0aa7413c495ac8ab0b482c4c5f59872efd5a1ceadbc7606e67d3c79a77d095bd82519db0893b9d2bbc2b2f3a7391826840e49424703c006399cde5f2a52a9383e89dfbfca284be4d75dd3aafd8a43dc6c71bd7fde9460647eb5c97707e96ddb9124d6020da38ee7ad743db8fd0377a8711905194c496e39a2132d7bbf35b79f920b6dcaa73625bf8b5320da250513cd45bf42c8072809ad59d69c02f0554cf82b79ff291e42d9227de1948352b0dba0281b69876ae0ca24972a5e75aee7e0a46bd4fc83f5a0dd3f22d666f2d950ca580c6da6dfaaa293beded10c0328613611b6e01d5d8567541e81466467302d8050a3ae4791fbddc1aec749edb68173be5341166c1d5c42d63e7368473e48bafa43459de3fa3a5550a4ac979711dd9a2d6796b0bcf9b5881124ade4b12bf64fa55724976a0da9d642e76a036c430f5fb2c06d599b0f78e978580f8eb763d2846177ff18b9b5cf8c76197ed809ef24212bc5563a1713214ce78e0e6cced6e41578d46a07839795c83c189610244bc1b680535fce39f290da90d719078015d90020b1d4567a97081b48514709df8e327d814e8c15496d90efacae6b13e297ed520d280203896bbc3a23f3b638adf594de03a782bb292a93ef0b14b8b3e13c01787a0b7bfb3abd8ab15eebbc651b7b054d3e56ebb7808de9b9bd067560ec6a6432455b37054292a3d9d32434506bf84b2907560017089de3f60c2deb4dfb7371f96d65a575d446aa1d2df81867135120df4e24e9227f72ff9f8f015a7754948704ecd084a1a93fbeb5a44af086ef73e9fc1c072b7d5473e92558fc2824acf27f1dbe9b019247d3074bf4256a966ceb674a2c4222632c8e4b6c0736de019ccfe4cca40b9b07f8c4df9753cdfb4ad66643ed71510983e29c2b5f9ae7db4913cb74d9dd0461a900810650d0da73f766aa6882385f3bb40644bf43f01faf2aa4cd187659edb0498527f201442b64349afa814b3dae5ce815971f3b11d177e3e1aaf90c7674c097d475640218ad27e63f9071c9081c06d9b5d1f3a070da3eed4f4080190a74063e7f97b5f35706dd1173dcbfa13a70d5362e50d57d0c5105c8d3beb926d93f61699e737ebe1a935839c3aa5b629dc93aa209d9e7774c40de7f59fca1eb274a8280022a15934e5dd2579a8cf5cd16a3b0a1ff3ea712c4258164fe2fa17a4cbfa5630f4041bad4204605eb2e762d610fa17dafa415ed8a678da1d4b5a6618d71d0066d66e3ac10b3ce65137a5a02344abc57f1be4ce0cbf1a2ac66dcb5e94495e863819c627e4704fb479c232b27aa4a5dfca8896a7eb8e0592b6b392ec9fa2767f569d5c1356d7ef7a909d8ee344ba017c75ca664d98f5288230b7f1ffa2fa7a5d07fab5f4b53b7f19c3fb361795fd632fa8a654004d931b4b7fc0890927aec727160cded3c01b7e40e6b81ce015796895f9c007762a1c22acfb9513eccd93c845e91ea8b0960b299b3ce788cbcce5bea9a94325289d2c3573975c512d56e19c4655f849b3652f8b5f9fa6f49e03202f2031debe3c299c3ceceb1febf4b285da9033493088a36f885ed6d3958b8d05cc6be00f3465de8bf6e41796d17e393067585b459b143d592cea102f584e48676a45f896cf662bd6b3b2309aa7f46d2b8ec6597a063f12bcc88922050c8c1e070134ce77ab1cb7a7f29983a0b30d9b2abeca5cfbfc55e941376c616c2834b1c1c9a9473b531c86c3b708478ee95923fe6a8108c2c4dc8a78a9d5e995f6c815b292b986cab0afa233ef10567a49d4e8dc17f438b90b620df4d291b52549ac8e1b69078b62011ed4bb0e288db740817ff07d01e779e11cb8e0606b5ca3aac6c7b262499f5a115acdad8a67b6eb77503318ef3bf0008347b270aa986d9e79e2af174f38a4743250c1091e6053a7a785464483161aad3ef3ad976e5329b71afe9bbfd93d7541a1014db4cc159ac266021e841c665217fa150e130f921ebd4cfb5accdb87f5f9bc0fd94b402289db4d0ac3f0906a689aef044c09fc2c5a00f7795ea935aeb943eb32826bd2176c1d1cb058195e3229d293595ebc07514c6b038a1d964199c59e59d4fc621c54b7bbd3410ccec22f7fb6751527c2aa0940ed2f0c9dcfc4e99ced91d09ba4a37042b5f48b127439cad24df2951ff1e769d3892dc4788dbbe27cce60f7f0138789444712e84e059ac0a4e87557f6c3369fc61b9a843c816df3cb4ec77a11e16390234da24dc0420f6a44554fc7954cc74d63ec030d4d964898e14500d0dacdbb2959f7a8a191773f66448348f36c3f4904187088bcfeafda7dd721236810d04469e93ca4e7926305c25b1ef1380d775008fd238e33e8dd2dc5a9783f97414487a7ef70eba3dcf71331803fad223f65aadfc87d79512bf311c14926d619a089f5e84c46f4a9ff393969f8eacc8fa20acaa9eb01a8aab625853e415d3871e555a11ee71ee93cba85ee9cde60b3962e294c2c840f0a1ba87714bac54f1ca0ebda74daa3e8e19d382b951d64a22da48c632ec5754f42129214a807427e69a93c128b6b0a8697c9ee375818dd79244a38287fe8f66c7cc3aa18aee2fbf804fc1aadcc7d2daf75be82a60276b6902a51f2bbb64c261915b80053fb9635f405f1fa855d1ec8adc0ebe9648b8151eda70ec5ad5f704fa2a337bcfb7ecbc845a11cae7a68d6bc58f107ac7bb0c2f6b83edc48703ba00c94036b9af4ada51d6d78bfe697df06f47573c14cd7191ec52dc0f208ecdcf54669529bba2c2fb7a6b38f6f2b5ec5fe876f03c096ae092b6f881a84b00edd1e9f67449069d876afaa99eb1a446f20656b5104c72ed28bd8553c724785f4e8bfdc33194409960de4969b708ce26e4cd608d21ace0c38e27d54b55369a9e807cfda9a6240466dd94f6150d4b0105f7b9ae392009b2cf146d1dad5d7c8664463d7d60d11b45f30d01db7364e21ac557d37a4c9ad88926c472e98710d2cbfc4b70d6a5dbb128d46909e634761c6f6952bf9021aa5282c391dcee3278a25e3e2ee31a7f6713979a546084fb2e598214c36a3b7618bf23c57bb23b33e9c98dfe5192ef257dc2d891a6f7c11be334fbdab015eedafe1c4aea95ff1fa6d340d0cade542f3f782c1589470fa64c6fd9ac0c31536ecee0ae312f992733beea6fcaf7562dd6e0f2c016f712ce14d93f02a54f577c75b444fd7f46e9bd2cd9cd1f89195781d88f984eca45c97355095d3b48b0d9bd730c7d6f63b1dc78d2344bdb0f18c4e1554822345c11efa2ba32bcef4f29ed05315cf44617a80d7d1392de077bbda08669c8c3cb6c0b12f872f1247bc1d07634bf5bf4acc3a4ecdae7e6acd7c4af9820147afe55500a7270d7eb511f907339e5af54cfaf33e2364f54091ebee2a245ba048452d383cd441604c4dd1c6376e4df8b83ebf6070d2be248174fc1dc0a1352c103325360aeb3ab71cb73bb646ac6247dd68155fd48b90250c3b0f250a74f827780367e117a94094e5005e2f926accaef0b3e36c25e315c1e80cd4c3481f3465d99025c7de91c45bb8dd0a5577174c1f366017d87d2033239a8b6f399a9095845b5fafe9cca113b93f455bb790709b6c93fcbbd0c4bd7b5d621088dca06802e241836291226ad56d40b3b4e90eb68bd5845742baf4cb4a69b4bdb07f02d0bd6fbb5a5fad3af030816b254725e6db4073b7a0536b884c8985c3a159cdb105c73f7e0e03546248336449eff6afeb96cf8ad3617df18ee2247bc2d11ebbe10e0379f5578c41611872c5461541fb4da5be3f3348e0592982a61c352315370a9b452306c9f31f9040ef755ad096a8733dd9daf6bdbcb7a3521ad2282ae4fa7bfdb9cda5997ba3a6652af46c6d0205bb356dfb411e2b931b357723bb70254211819b74a461ed5c126cec6573cda4f6107fc3ebc76483621e9ab5789a5575ea3a91463f76138ea0f3ec9c44e1cddb2de59bef83333d235e922b920e267453676575b38e6415bd136534b8df2360ab489fb69eefd04b66758ab5dd105be7b0635f7194f9e4b158b22b21ac97fda4e804747a9718b40a32531cd5c3fd1d3c1dd8ba5ef9c86d3c8df8c71f81da1a9756e5db4dddf70755053f7129d656a8069fe83c39ab240cf7a73f0f880ec7a791c5115ab262184839b906c238eaabf2268dfcd6560c5bcb70fea00b580ad52e7de0333e6de63ae351952e6e5dee6edf284de0a2f53e2089db13bd5eca5f98883a24eb2e1a58ae199f8db9c60a5b6b85585b2d2a17d6b5406e5668685d95c4718c375db05f7953b363c25d2ed0906eda70eb659845acd31fec9b8e4d5951d12fd50bbb969dd824a78c72622c8311a980f0f2e6a1ddc368879a1f3a07d3c0780e85a4e5d13223a3424782e3f77bf6a1ebf823f468d41b777ff61345064f1096ed653c277bab90ca5afc8ad6d25f4447236cdd82950afff27763f3fef5308f034379f4ad4955cb8cc5280d51b5427de4eba374f64dde2f1e7a6ae628aa4696160a5cf0ae9fc70e307b4eb19c0a5af2c2855710c8e117211d73a7e7f3f7f2ba55d03a4b73d816c9c3fc1edb86ec95ddcd77884a913805ad6549e7a5f776a1c2385dd6d83877727f128207cda29f83462269a7f606fa31934d06a6e0efd238d0a180c754a9d2e85609fd20c880ea0e79cbe887c442f9f682801da783529e1e45eb3e70195fa2711fa291dca43ee0672b7afc14cf87b9506a7ebe223019c856777e1783f6ae1b0ed90486b32e3b6f7ff77be834c7b6676da6c8052fa49450e3e16a6f90ee33742bbfe3dc025832e0bbc7abeb625077b8c1ea07dee89c7dc26fa42514ff9ac21e848e32309bc2862a873fb57796e05923fce42fa2833c73866e22a04497ec13acebcdff6ae1df71dd8756f1febac04f2034c1f3e1d401ddbdb7f2ef676d5c85437830d527a5fb04c9bbf0d892ee1306d2d2df37008916a3a66e70f865cd6d25de16fdb4bb4f2616204cf86a3ffdbf147223968c092a46dc2aae4aedb32fb850b85d4adb87bfada328bce4c2c70ec42affde442179fcc1d3d9f5e4a848c8ba03b0df3065d1b2d5f1b08d8c25148c51bb54e191a87ea59903084000b4b520fffda111fe831d4bdcf62423c1fcd673b020c5f2c41973dd1b9698054368081f917715e1c1592bc78dd265e051bcda5bf5877821fedfcf7790a58b328cf780f71ee71491e59194504bc800d319251607e53ba0e1ed15cd4fd5c959eaff4d3a1c7cb28c479f2776256633ef7c0f0e98688b54e8c8634cf57e27e5c1ee1e43573ae23bfbb1ff1bef6cabd33c02ff165c44f0f190426ba8391ba4f03458be3351869c5c5c9d5fa5600edbcce523525b9cd9c3bb040e34771ea277d05cb76302c72fac5edc815412dbbbc651371d70d044c4f89a68da7abd836fb3a495e212b5fd13819c41c9a240405582ae69b7c35b30935af3085d457a4d76a94c9272c5eafcecc4c92dd4f314b04b4739864e626a5bab27fa2f345f052afe3bae2ff4c442c42a1c83091bfcc23a3b5e06a511d02cefcd618a6d9761de00af192cf1aacc902cf3ba98f898c48fbc74b6710db7ac890b4f7ed7377e0fa3b4c46a131e775130a80db5014a79e674c8fc8b45495066e88201d2e320320fa4561abab617d0e67e9e879b0080a8ab404f4eb007a088990aa6a7b29afce5b8dd038ce96d43e1271315f6070e761e759c44fba1ce78730e35ca31e0bf5840cc01289c81613a07c497f288ed70a6d10d9f58fe135558b2a862bd877fcc939d7536e7dc988409290cd73da04a3b1399b0a2637f737d5f86bba4a31019546e2000a3ca57f8291cd9af28299eb93909061200c9738cca998add04e7bb0137ecc460fc3ef72872e7d13c159914fcdf577910e6c5d7a1636b13b78c5088551c614e3c75befb0f37fb89b918f4aad0126a9efd3390d6a0cab97ed0e01c7eae0e798a4142345578beb10d6b61a90b4d1fe836022def90bb8e37e07428a4592e7bf30e935951e492234a8db96f081379e7c4e18c3b6ce4ed1f97698dc1da940f14217e877bb8e0f33b392d801a01c48ec62ce2774d2e4e55e9415c063e1bfa31a8f0633443ec19c5fab977c1485147e46c06f86742278fd071de4a165dff7eddd5390a1e031d80e3d44477f6009c9fc27a7d92b865a292b0d586083f681c2d92da7e7f42eabd076fa7d61eba0c2b406c75f1cec561b1a523dd4c6f344b02ed59bd473d7d30a24144e981fc8da434931adeb841d63bb705485f8f58a180da91af64bad1379356787b37467dc9b4a0d12496e5048e7ccb40a978eebee5eaac4e9dd96faf194aa93a22333d7f68cccde147dce26c9ff18d7c8ffe0d1377c70dd1057d54473b2c2b2b3eea82fb223952c0dc3796efd0cd94afea38341ab9a83c6a9ee77f26bf8dea8510dfc964f9b9b4942c08ade50e43f06e5101f2e6b68b6a7f9cc5443c862b1198627461938daf4bd1fc7b21d6d7fd3f775f0e4a1f60434a242b049f159dbe5de145e741c5c9b4e59a7f5d7de54a6d51cd87845dde819ca74e3abf60356fbcf18bfff3b6ae1c545e243c08f9f41b86e55ed6e71be453843e0bffc5b6bdcfeefd33075ee5110627d4f05e008e54ddd62fb6979d9c2a5e4a2cb45fad7b2d77bd17508952889b30df2124cdc2fe6a749a12c9f6dbbd01226cc4ba2693b7e6a858d3c36ac6519ee70e896588a6df81b0e3be3604bbbe1a845088cf1834a04368dde8b6ee76d0492911dc09b05cf6642e0003cd8faafd398872c1a8dc3e85d3658ec800", 0x2000, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000008c0)={0x90, 0x0, 0xfffffffffffffffd, {0x3, 0x0, 0x8, 0x0, 0xa, 0x0, {0x2000000000000005, 0x46, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0xa000, 0x0, 0x0, 0x0, 0x10}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'gre0\x00', <r8=>0x0})
bind$can_raw(r2, &(0x7f0000000000)={0x1d, r8}, 0x10) (async)
mlock2(&(0x7f0000549000/0x1000)=nil, 0x1000, 0x0)
executing program 3:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
sendmsg$inet(r0, &(0x7f0000000480)={&(0x7f0000000000)={0x2, 0x4e21, @private=0xa010100}, 0x10, 0x0, 0x0, &(0x7f0000000400)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x800000}}], 0x18}, 0x4044)
sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)={0xfc, 0x0, 0x2, 0x301, 0x0, 0x0, {0x7, 0x0, 0x2}, [@CTA_EXPECT_NAT={0x24, 0xa, 0x0, 0x1, [@CTA_EXPECT_NAT_DIR={0x8}, @CTA_EXPECT_NAT_DIR={0x8}, @CTA_EXPECT_NAT_DIR={0x8, 0x1, 0x1, 0x0, 0x1}, @CTA_EXPECT_NAT_DIR={0x8, 0x1, 0x1, 0x0, 0x1}]}, @CTA_EXPECT_NAT={0xbc, 0xa, 0x0, 0x1, [@CTA_EXPECT_NAT_TUPLE={0x4c, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x21}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x2}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x6}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x21}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @initdev={0xac, 0x1e, 0x1, 0x0}}, {0x8, 0x2, @rand_addr=0x64010102}}}]}, @CTA_EXPECT_NAT_DIR={0x8}, @CTA_EXPECT_NAT_DIR={0x8}, @CTA_EXPECT_NAT_TUPLE={0x5c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @local}, {0x14, 0x4, @local}}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, {0x14, 0x4, @mcast1}}}]}]}, @CTA_EXPECT_ZONE={0x6, 0x7, 0x1, 0x0, 0x3}]}, 0xfc}}, 0x4008000)
r1 = socket(0x10, 0x803, 0x0)
sendto(r1, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000300), 0x148022, &(0x7f0000000400)={[{@redirect_dir_off}, {@uuid_off}, {@volatile}, {@redirect_dir_follow}], [{@smackfsroot={'smackfsroot', 0x3d, ',]\\'}}, {@defcontext={'defcontext', 0x3d, 'staff_u'}}, {@measure}, {@mask={'mask', 0x3d, 'MAY_APPEND'}}, {@subj_user={'subj_user', 0x3d, '\x00'}}]})
recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x321}, {&(0x7f0000000280)=""/85, 0x21}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000580)=""/106, 0x659}, {&(0x7f0000000980)=""/73, 0xd}, {&(0x7f0000000200)=""/77, 0x69}, {&(0x7f00000007c0)=""/141, 0xc4}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}, 0x5}], 0x4000000000003b4, 0x2000, &(0x7f0000003700)={0x77359400})
executing program 2:
r0 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc) (async)
r1 = socket$netlink(0x10, 0x3, 0x0) (async)
r2 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKINFO_SET(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010027bd7000fbdbdf2511000000180001801400020069705f76746930"], 0x2c}}, 0x4000080)
writev(r1, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
writev(r1, &(0x7f0000000100)=[{&(0x7f0000000400)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000200000000000006040000000000f93132", 0x39}], 0x1)
setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f0000000440)={@multicast2, @loopback, 0x0, 0x1, [@private=0xa010102]}, 0x14) (async)
r4 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x109001, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r6, r7, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f00000000c0)="440f20c0350b000000440f22c0b9c60b00000f320f20e035000004000f22e08ec065f30f0966bad004b0eeee0f01c2b9860500000f320f01bd0500000066b871000f00d800dcca", 0x47}], 0x1, 0x43, 0x0, 0x0) (async)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
r8 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000640), r4)
sendmsg$TIPC_NL_PEER_REMOVE(r4, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000980)={&(0x7f00000006c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="010026bd70dbf9db0100140000001800078008000220060000cc040003"], 0x2c}}, 0x8110)
executing program 3:
r0 = syz_usb_connect$printer(0x2, 0x36, &(0x7f00000001c0)=ANY=[@ANYBLOB="1201000000030020f003176c400000000001090224725100000000090400001207010300090501020000000000090582020002"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
syz_usb_connect$uac2(0x3, 0xcb, &(0x7f0000000200)={{0x12, 0x1, 0x310, 0x0, 0x0, 0x0, 0x8, 0x41e, 0x3000, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xb9, 0x3, 0x1, 0x4, 0x10, 0x7, {0x8, 0xb, 0x0, 0x0, 0x1, 0xb, 0x20, 0xe7}, {{{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x20, 0x0, {{0x9, 0x24, 0x1, 0x1, 0xc, 0x19, 0xd1}, [@input_terminal={0x10, 0x24, 0x2, 0x6, 0x1ff, 0x2, 0x7b, 0xff, 0x401, 0xf, 0xff, 0xd}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x20, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x400, 0x3, 0x9, 0x7, {0x8, 0x25, 0x1, 0x42, 0x0, 0x6, 0x7fff}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x20, 0x0, {[@format_type_i_ext={0x9, 0x24, 0x2, 0x1, 0x3, 0x1, 0xe1, 0x80, 0x5}, @format_type_ii_ext={0xa, 0x24, 0x2, 0x2, 0x140, 0x40, 0x10, 0x8}, @format_type_i_continuous={0xa, 0x24, 0x2, 0x1, 0x81, 0x3, 0xc, 0x1, "", "8cd0"}, @format_type_ii_discrete={0xf, 0x24, 0x2, 0x2, 0xf6fa, 0x4, 0x2, "ac6cd776ec58"}, @format_type_ii_ext={0xa, 0x24, 0x2, 0x2, 0xb, 0xfffb, 0xa9, 0x3}, @format_type_ii_discrete={0xa, 0x24, 0x2, 0x2, 0x8001, 0xfff, 0xde, "d8"}]}, {{0x9, 0x5, 0x82, 0x9, 0x3ff, 0x3, 0x9, 0x5, {0x8, 0x25, 0x1, 0x80, 0x3c, 0x5, 0x1}}}}}}}}]}}, &(0x7f00000005c0)={0xa, &(0x7f0000000300)={0xa, 0x6, 0x310, 0x3, 0x0, 0x1, 0x20, 0xc1}, 0xe6, &(0x7f0000000340)={0x5, 0xf, 0xe6, 0x6, [@wireless={0xb, 0x10, 0x1, 0x8, 0x20, 0x5, 0x5, 0x1, 0xc}, @ssp_cap={0x1c, 0x10, 0xa, 0x0, 0x4, 0x0, 0xf, 0x0, [0xf, 0x0, 0xcf, 0xff0000]}, @ext_cap={0x7, 0x10, 0x2, 0x1c, 0x4, 0x9, 0x1}, @ss_cap={0xa, 0x10, 0x3, 0x2, 0x0, 0x0, 0x0, 0x82}, @generic={0x9e, 0x10, 0x3, "1cb8c35c1bf96cecfb633b92cb93d7d4872b0692c430690f3b8b061cfd4c6aaea069bf3a7b6857870808ae30e933cd607c6d7bc173065891f063fe9b90d4c27b0270001a0dcebd28b4964fd479272218bc1d9b7c7f1f0c672e2d8aadab252634636b258dc698ce34be3c891a862420f98f1b059453ca9c7c99ba2a1b83d91500c5650e6fe19e5a46e628f1f78e9500fd877166262d240366c63ab4"}, @wireless={0xb, 0x10, 0x1, 0x4, 0x80, 0x7, 0x5, 0x3c3}]}, 0x3, [{0xf9, &(0x7f0000000440)=@string={0xf9, 0x3, "2a2d828d77008abd10258505008d3470ad0279c3de18de023af39b79d9050ee46ab77d48c748df5346e90d66a205c78ea9949ae413f8a60e640fa5acd539c8720f63c9a993ecf4f803e7c617b4192d3d645f26f1e241c0276c5535586433c4c1c0d35015bf9b6fb5f5630bddb098cd14466ba653de43df99abfce8a9a08b57e7cc734d8abb39c2ac2e28e2357071a3543df6b622805045e5a5b92a46f432ebfb518957d15503403cc15c184a0bb39c0e134df6ce5a97bee81c8aead3337726986d883c4c70a56b7c3f4a36bb864a524db2406bfe5ddaf39861b1a6e0fe6fc306d9c594f2684a2018c46cb23436832cadfcf6b73a8a63cc"}}, {0x4, &(0x7f0000000540)=@lang_id={0x4, 0x3, 0x406}}, {0x4, &(0x7f0000000580)=@lang_id={0x4, 0x3, 0xffed5a66c7cbf288}}]})
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffc000/0x4000)=nil, 0x4000, &(0x7f0000000000)=']')
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_disconnect(r0)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r2 = epoll_create1(0x0)
r3 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000000))
r4 = socket$nl_route(0x10, 0x3, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r4, &(0x7f0000000200)={0x20000004})
close_range(r1, 0xffffffffffffffff, 0x0)
executing program 2:
r0 = socket$nl_generic(0x10, 0x3, 0x10) (async)
rt_sigqueueinfo(0x0, 0x37, &(0x7f0000000000)={0x41f, 0x21, 0x1}) (async)
syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = dup(r2)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000140)={'macvlan0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}) (async)
write$tun(r1, &(0x7f0000000040)=ANY=[@ANYBLOB="0a0000f8feffffffffffaaaaaaaaaabb0806"], 0x2e)
r4 = syz_open_procfs(0x0, &(0x7f0000000300)='task\x00') (async, rerun: 32)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x2c) (rerun: 32)
openat$dir(0xffffffffffffff9c, &(0x7f0000000400)='./file0/file1\x00', 0x40, 0x83) (async, rerun: 32)
socket$inet6(0xa, 0x800000000000002, 0x0) (rerun: 32)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = dup(r5) (async, rerun: 64)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) (rerun: 64)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
ioctl$KVM_REGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae67, 0x0)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
write$tun(r7, &(0x7f0000000080)=ANY=[@ANYBLOB="083c86dd0001cafd04600000a60c6eec00be00442cfffe8000000000000000000000000000aaff020000000000000000000000000001", @ANYRES32=r6], 0xfdef)
fchdir(r4)
statx(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x2000, 0xffff4a9c0080ffff, &(0x7f0000000240))
sendmsg$DEVLINK_CMD_TRAP_GET(r0, &(0x7f0000000380)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000340)={&(0x7f0000000440)=ANY=[@ANYBLOB="b0010000", @ANYRESHEX=0x0, @ANYBLOB="000228bd7000fedbdf253d0000000e0001006e657464657673696d0000000f0002006e657464657673696d3000001c008200736f757263655f6d61635f69735f6d756c74696361737400080001007063690011000200303030303a30303a31302e30000000001c008200736f757263655f6d61635f69735f6d756c746963617374000e0001006e657464657673696d0000000f0002006e657464657673696d3000001c008200736f757263655f6d61635f69735f6d356c746963617374000800a8007063690011000200303030303a30303a31302e30000000001c008200736f757263655f6d61635f69735f6d756c746963617374000e0001006e657464657673696d0000000f0002006e657464657673696d3000001c008200736f757263655f6d61635f69735f6d756c746963617374000e0001006e657464657673696d0000000f0002006e657464657673696d3000001c008200736f757263655f6d61635f69735f6d756c746963617374000e00ba2c42d87464657673696d0000000f0002006e65746465767369000000001c008200736f757263655f6d61635f69735f6d756c74696361737400"], 0x1b0}, 0x1, 0x0, 0x0, 0x20000001}, 0x4) (async, rerun: 32)
ioctl$sock_SIOCGIFCONF(r2, 0x8912, &(0x7f0000001600)=@buf={0x1000, &(0x7f0000000600)="312039803f33c587a0e0e14b05bb5546d530f1e5f6b31f192423c7a265c76fe0a32e092fdbc12a28d4d2258ceabbd39867fada64419ec604f2563c151cd482c869814253a7f9a671c5b48d935abeb749fcef9abc6b1244286ff12227a4d2317e258071e61188c5185a56804d200a59946e58dd8a8746e415cfc84367e7b26e9fe6d2445e91db54c329398d1e482d231e5f453abf8bf055e4599d75d57252bd30a38ad49ae254c1df7e1745ac4ec6a35c39f1cfb9ead4fdd42f6b475a4f1ed12d461427f52513a1f67bc0b997b09d23c94c0b0ac359d9162603e0d5ae19b8ab9c994ac80575872b5b0a64a4c5d78f28ed99a5425158fe3bdb6bb512e26790029fb6db05b500f25d58b8afeaeb14150da8d47a27c230cdff9ad455dba3d46ca8ac548cc2f1ec3215abff489306c7fcba9623a0ead6dfb35362e67f0490fd2893721120d64ea7579c0e76e8c8d708f2d5b07e06db7b869626096970e7377a158929d1034fc28d71d439ecf856b54b9349faeeefeebf81afbc8e5220f6838702cc72506e32a1f5f7568ff006e6284807d479d27c2d576c46b250d10afa4dfcfd5fb56367afabcef304c99a905901f0bd402d097f418196ae99e9667bb174efe5d203d03f3888b0f1067b77643421308b5c3505dcaf931e3a8ec62b2bd52566352b88063b9fdba5fc4d35b5eba2c3fcfd8bc0cff6ac3cd747662f7c25f37b0380f314863431fd30121ba2d7cb7ef10757ed5916fd4620a683bf5175d41bf0fded13d345d4b79446e833c6139c8bad294457ad654c1f9d868a06dde4262491a32f5bb9ad38af601f72b00bcb07276179622aa15bfe5fce1bc697d2a162c1949cb8f206d1b8871aaf4b1ec7e94abcedf3cf5b5f59c3e94676ac8bf85cb49abb7dba74ec29f71fc981acd8916077ade03f5a9a346c2bd37440bbfb49e52c1c03fccacf3efa14d0d55112b778045e9d550bb4465ba4fe231abe131b74babcb7fdd3223b66ad7b6653095bc6f33fe7c9d17e4879405caec9c0cf9506d543bacb1bd39f2b42084a3a416f73fdb7ffb8491e538a538bcd41fb2bccfbe0a6d22ac11516ba2d2f4aa4918e919826e447c1d24141a6dd2c0555ed1bd12de74b0d1e25ce0fd885346e3df36c3447793b112f6bcb8d21b760de4f98116e5d0e37a6e94aa465d4e0f0f82d529524b1e6104189ebfc21cc1df45ef08a075e5a4d1cc1deea8ef17c02e17c60b460c1791f4f818b4ed6aaaa60c680f97ab7e8afe6f21dc5ed90599c7cb0eb1bb4d5798b578a41efbb62b83850988d13ceff7dd40ebf106408aa09d3cdab5443797accdcc97131ae0424f5d27b4e45d690576b771b21e8ec96176a94dd185ff4c1b08c924c086d107202911d1c2a559c3ae803c6e91914356b50d34abacaaf8f4fbfb72524f6dc29e21422a818fdbf35a1a78721c4cec1fa06451bb240b7f27dedca1ed1c47b362b2bb2d256e736af8c25273c2a818d60f836c12713a9ad6c3ede9e0dd8a95eaf414056596b0e8a101ed011a6c20ea467e755d100b9a9be9b7e2a3e0dbb92c42249ac47a1f094b0e7a46a29dc8ae162363504ee7c14e0a42990edbb197afd25e740cff1e6dfd518dec3815be381ca95239c7c4bc4be7da59b378dc1a01b76fa8ea87216d5b149e1fd0ab83a6080693cb165815f9113f1fed13c73ed712de0dac738c6810d337428aab412954163af6bd4f342a0dce8d84d06ccf03fa2893f056ba5da8ae7c6f436db483b375d178ba9bc07ccf0bc060a46217565bb95db574991c116abab6e7e27f68203907ab36e0a23f82ddfdff2e71312900bf2ba3f99c92c5f5011fa620ee4b51597acdd3a457f37ee29ffd40ebc95b116e02f82031ec17429cab40aa154055c35ffad3313aeec187b5d14f585ae16d54b5f3f85a37a0e5db105a85b534477ff97a9f739ed6264eee45fc302cf20df547833fbc2036f2924097746945941e6fa17acbfe901c50a430d0edfca6b134355d22fb5a35dbddcc48f67096d7b1e5bf43348fc1eaf521ce3d94dd7eab5a1420f50a0ddec4691abc69c61a22bae0850ef5b43d248bf4aa1b8b1c6b7fd0f15f1895e14d40e60b330f722c9ed4b3daf59478184d8ee897c5ccb583634266377df52901eb4c3b5a1cc99786984280d9e9759ef74e290a39a68ae996c1f7e7819d36b70fcd06d44259fb8271d23b15b402ceaa2e7766ad66082b5c377baa6d77a6dd976c6243e2a42b290aaf0bb1cf1381231ecfee3f56c1d33f7e07a9effc46c0394acf5b7d2580a8a15fb9080bd0e836e4c76f3e76149723c0863f6215b9c0b36f4ed61c8c8fe6998901a963119ea06cf6b7a9f6f264391cf225aca9e5a3e07ad25d8b6b997925f754c8463684bd8f6246225e4d678b10224c3196068c2163abad91f7255b7b17375668f21efc87f6689e6797a7d68cda9c7e0ca8bdeb70c5232e0dc165d4d45e431e187a2ad97d328f4b50bbaf855d8f6d7cd736e8eacc8e24a90d54325f364830b053d6f0be5704574ea0bcb7f342cf152311ad7fb981a0c6fd3cddde610707e61a0741b7953f3a1c3877d053e331caff993fbc8fa0b8aa947f9dae18a00a9dccc288f4d5e819a0e56b614ae233bc9d3ffba5c9aadc126375a8797a893be4cb6aef40d8b250c7dec6285983c6f6a41622d8343da6f73a42295fe5769ad26fa129e9b5875f0836a80c04c8c993f020e7ea187b91a6b40d67fb7e54ba92273450506f9ec0fd43fae4363e32485eacd457e78f1aa9859edf9eecb6fc265697af2bf60d5c9c1bcbb078d39518316ab4319156259c55323bee85fbb0219753c81d7f7ced057101f38f9f24c498d9bff5e1250283eef676c19ab177dc6e4c15d5513b5ba66357ddb09ca24d77ed9d161d4468166e452145ac187b254c58ae9b7c6c5d7b8ef93bd02aaa06bfbcb17a026a55b123712672c198868e52a229c51139fe64da71b5ce91337bbe3f0c87eb2d0137d06a7255ec473c2f97960e7d4c971d8dd966d7724e1c3bb60be914afb7a393758b46448602c0a9e265157d28268a9b38fe11b55a1668ccab4d10c37e5ced383877dc86112131bc8fed75a3713b0d76945c10e4b7775375c79e8b0a4e42f9e8e9078fce6738b0e99abb1d810d8db5842d7d09473812a556770673b4262a9c6b3ec2ec8c4ccea1d58c73e8227b34bdfaaacb2a67cf0f76d0dc4b8cb35a1899c8012a619299bf66b5d3fa7172500463291be889daca257b2450fcf79a3aabb390e583879d3c79d3ff14384fef7f02f881248bbe8f60542ddd9271099ce3f0851856f8db8827a72740ffcd24cd8e174ed6b8a8cf4bfb514c3ecb05c9a35dc94a7ec95be1b1b89ea95dc1a0674c50ba3a63597880be49469a9e3076d636cb254fe9dca30c7884f1f79dec7d0915e28e18baab6ba54d964d97ffd3fe9d9d5d8c19cc6638974161e9b711774fbcbe6186fcf7d5f53a558ae7195b5d6548e6fe537eba13d447b6be625375d94d370474d78edeb453f6c097199988c860e37714c48459aa50553d74ef09dfa8a056693ab10d0c1c68aca2139bd6e87d9878a0ec0f24eed284e3960965b37438c7c9e17dec4fce185189f0639703619a1a38a3caaea13781036794745fb45ab33db3f3b0914352cceb80e42958459467f7dd6810d9c72a228aa14ad492900c539e212b3437b89287c3e5e10939aaa6d01491cd973e1d300bcb3cbe426222d6e032e227ff639eabaa14f24509864f45f00f2844d966d77ecb7fd6d5df9ee2a30965c32ee55691ac475821f5b4551c91a49c39ba9fe4e87e6bcedccbc057d62e7e36a0c7526eb6083130ba4d1ff32d32cfa64c34999e9824c830778041c22338e2f373b63385610c937abbc9f4caae0971c251e6cc286b0459fa988cd367b38bedddde1b9daf6fcd57bc05bf53ddbbb51cc963d4b627f94583f8fecdd3555866c5f33bf9ebe985c93ae3799b1d5cdb8b12c3d2182467d538d5a82fe1391470ae2ca7ab36317032ceb48a4a9fa729b63b6136f1ea2e5cfc7215a977dda2cb2dc208402a589cdec471f55ce2704a5b636c57d0417b43cdffc9ccf9668fa06fef8ea14196f1c1fa6729188595f6e3cd8673d3d7dd2cd3a304842f31b23eceed75638e4fee9757c1f80c0a89ff4739fd6c851412f2a72f7a6ef8a522d059acdba61c6ed959b7c1debba1273b1ac81d0c96a13447ea0e809cdd8f5412e262ebc940eee336e2acfec401e19d58eeb0d6dc6063bfc92a3eeb736f4daf9ff330bbfc588a867ad83464e4d306600f483eca6b57978a8b6b3b97a76bc5f5ef0d77a91aff22f4d977d55ba31fdf4abe5e79b4eca0a5cc1eda3a5d5aa3a9ad729a280d60c2b4c849c856efb336898ccc78c70ad29d490f001ec00ac5d9dd2f19c7cf8eb0f95edbb7a02cab2b5918dac25b8b7989b39b6a80f10657c1bda706d8e2ebd60ddfac3411c1bf67939c181b46f9ca16a3d18998e9f561906331e82c801a0a56a81849b197db8dbe1705c17fb015db870481ed6b6bb80f612efc2a96abc4c3e9ca09c013454e26eed80cf6cc9b03d993478286210096f0f5ef1eb76c53e95d2a4fe376e4267fd9722f3887a45667fbe93b1f40fe0b7bcc03c642cd51743ece5fb97f79c982f81f858d1fb695d195b785d88dfd26b03568294d533ed54ccb08869099d5de2b42cd9a4dbfacf6a03c2d6ac64dcec9411e0173f3d7e80fb24e904be82593993fc50dbfbe573724594c9ee2ab7a34772a30847f5ac7907425494c2ece6e8b26ed1bbc6f6a83219924c91b9d3a7616284f8c5654a460dd11c9902ee0c1e0799ea68adcffed8ae88a7073f048b188e2600629f6173ccc61b04b3832ee9741fe31442036d1c331e672772fb1241cd37970a371f9eaba891b7af79db8a6a4d69a3d85b454de35a0f177792c1f2f5d3651a064c091f4ee91c9f0231aa44982c633c7c7f268eb5d08373cf25acd1ab0b3c75eb143438c76b367b9568526d96eaead90dc92d38e0bc24d4740bb68cbcc4e939ccc2a1799f475c4d9763b32832be4fcd68067f746d4ee8a69e014e8151d41ce2db829d36a77dd03cfe91317f6bbb530f5bbee0cc575e57530fe73156cac4be55cc37eb0812f0c06c72789f89b4b35f0bf5f6e95694261379fcc5413a78665e9069218a363db208910a69c62269c5d7aff9014e8096473ab9b6043551b8167bc8868d0d8379387286b249871610b76412c285d19a95db6593e390233158be040fe50042afcbba050f03a36ae722d6bbf3120d02d1533d363ddc68307425a40311b3e9c1c168beca7ca5a65021cfef96a63621428358106bd10e9fd31581b0c6f1dcd2992dc2d4534b7570ca16532fa655f2a4ef15a82483327cf220c3b5b4c0a0948ec04027a2658f91c14a532d59c51e8daf318ffa6fb425fdd5fce7a15a215fd6d715de6659c5ade534d3f27f89425e49d919c02a30f716a27d4fc53060ca34c7177f1c3183336f96fccc2deec16156854e2f43d90d5a1e86cdf1fd119386ca0e4c787e2cc8146746ac4dab4416c3404595fa2f1137827394cc40738745b26bc0d9188ebe14c836dda008f3d412500fc5d7690868edaab81a7c38b2cdb4ffd6b6cacdc7460ee3a7e877521017407073e1a0c73958fdd3985c945d3d8e84393fecd7724c18610e53d7df563c932c3eee7961b8bf9a17467184e5abdb395d159709d583b64f1f2c6f8491cdbc8aa093da33e040b560e13b7bbd71820be48ac7b18d12429bbe3adc33ab587d8b101e5899fcd9dba49a36badd2153b33f269274cc6a97ce7f79160eb756a819951404979edefd66"}) (async, rerun: 32)
r8 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000000403810101400000000000109022400010000000009040000030300000009210000000122070009058103"], 0x0)
syz_usb_control_io$hid(r8, 0x0, 0x0) (async)
userfaultfd(0x1) (async)
ioctl$F2FS_IOC_MOVE_RANGE(r3, 0xc020f509, &(0x7f0000000180)={<r9=>r4, 0x3b5b, 0x1, 0x16d})
ioctl$KVM_RUN(r9, 0xae80, 0x0) (async)
syz_usb_control_io(r8, &(0x7f0000000400)={0x2c, &(0x7f0000000080)={0x40, 0x8, 0x88, {0x88, 0xa, "b4f5918ae82e673c81cdb1a944606318375ec260eee426fc3df23b66f95dfe753803b8e20fdbfda3b46d1f7cb829103721201b4851b76d520e6d5577215bad88264d1cea646adcfc54e2e2b97f0580f1b50c04a169257a4009a2f93df4ba2513203b592b982e6c2ca77cf415faae6496fe3c90301b81824495d9c1df99ed6576ebb1f2005d95"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
executing program 2:
r0 = socket(0x11, 0x2, 0x0)
r1 = syz_usb_connect(0x0, 0x81, &(0x7f0000000100)=ANY=[@ANYBLOB="12010000a7420040ab0501030001010203010902240001000000000904000002aad45c0009058e02000000000009050a06"], 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
syz_usb_control_io(r1, 0x0, 0x0)
syz_usb_control_io$uac2(r1, &(0x7f0000000340)={0x14, &(0x7f0000000240)={0x20, 0x31, 0x69, {0x69, 0x10, "9bb25a1289f40ec2df63fc61aac205287c18a899de9de48471b423a9884fac14a06c5dd2c1ba6fea0c21562f1fd4403999c58a36a48404164b2b3126cf964759bd53cd74e7f08d509dcb27bb25d02e1a5376bca87be17e12e8b1b21a3cfff6cb0345f0640353ef"}}, &(0x7f00000002c0)={0x0, 0x3, 0x5e, @string={0x5e, 0x3, "f104d5be961ee2a483b83e72212308afc2858759c396e9f0d10c06d76ffbd9bc6bf4329d4e8712e7f3e9d14724e08f15badcd11badc11f4a62a482108591e03cdaf01376eba675020ef05260df3d5a979b7ab71d5031328826bb1774"}}}, &(0x7f0000000580)={0x44, &(0x7f0000000380)={0x20, 0x12, 0x1a, "e80551af41546e7af0bb0ba8b5da2e416723e893ff69500886ec"}, &(0x7f00000003c0)={0x0, 0xa, 0x1, 0xec}, &(0x7f0000000400)={0x0, 0x8, 0x1, 0x2}, &(0x7f0000000440)={0x20, 0x81, 0x2, 'E\b'}, &(0x7f0000000480)={0x20, 0x82, 0x2, "d50b"}, &(0x7f00000004c0)={0x20, 0x83, 0x3, "fbc97a"}, &(0x7f0000000500)={0x20, 0x84, 0x4, "5099c28e"}, &(0x7f0000000540)={0x20, 0x85, 0x3, "ce23e2"}})
setsockopt(r0, 0x107, 0x1, &(0x7f0000000080)="010000000300060000071a80000001cc", 0x10)
r2 = socket$netlink(0x10, 0x3, 0x0)
writev(r2, &(0x7f0000000040)=[{&(0x7f0000000100)="290000002000190f00003fffffffda060200000000e80001dd0000040d000300ea1120000005000000", 0x29}], 0x1)
pipe2(&(0x7f0000000040)={<r3=>0xffffffffffffffff}, 0x4800)
tee(r3, 0xffffffffffffffff, 0xfffffffffffffc01, 0x0)
r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000000140), r0)
sendmsg$TIPC_CMD_SET_NODE_ADDR(r3, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r4, 0x100, 0x70bd2d, 0x25dfdbfd, {{}, {}, {0x8, 0x11, 0x3}}, ["", "", ""]}, 0x24}}, 0x805)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
r6 = syz_usb_connect$rtl8150(0x5, 0x3f, &(0x7f0000000000)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xbda, 0x8150, 0x0, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d}}]}}, 0x0)
syz_usb_control_io$rtl8150(r6, 0x0, 0x0)
mprotect(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x1)
syz_usb_control_io$rtl8150(r6, 0x0, &(0x7f0000001680)={0x2c, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)={0x40, 0x5, 0x1, '/'}})
syz_usb_control_io(r6, 0x0, 0x0)
syz_usb_control_io(r6, 0x0, 0x0)
syz_usb_ep_write(r6, 0x81, 0x2, &(0x7f0000000040)="22ff")
close_range(r5, 0xffffffffffffffff, 0x0)
executing program 0:
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
r0 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000100), 0x2)
r1 = memfd_create(&(0x7f0000000340)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\xdenJ\xeb\x87\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\x008\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38\x14\xcb\xfa\xb3j\x92\f\xe0\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf0\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xd9\xbd\xd9\xaf\x12\x00\x00\x00\x00\x00\x00\x00\x00\x00', 0x2)
ftruncate(r1, 0xffff)
fcntl$addseals(r1, 0x409, 0x7)
r2 = ioctl$UDMABUF_CREATE(r0, 0x40187542, &(0x7f0000000080)={r1, 0x0, 0x0, 0x4000})
mmap(&(0x7f0000734000/0x1000)=nil, 0x1000, 0x3000007, 0x11, r2, 0x4000)
r3 = syz_open_dev$evdev(&(0x7f0000000240), 0x49d, 0x82083)
ioctl$EVIOCGLED(r3, 0x40284504, 0x0)
executing program 0:
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x1ff) (async)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x1ff)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = dup(r2)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x60001, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}})
write$tun(r4, &(0x7f0000000500)=ANY=[@ANYBLOB="080086dd0001280004000003a60c6eec00be00442ffffe800000000088fc70738daf7b3200aaff020000000000000000000000000001042022eb", @ANYRES64], 0xfdef) (async)
write$tun(r4, &(0x7f0000000500)=ANY=[@ANYBLOB="080086dd0001280004000003a60c6eec00be00442ffffe800000000088fc70738daf7b3200aaff020000000000000000000000000001042022eb", @ANYRES64], 0xfdef)
sendmsg$TIPC_CMD_SET_LINK_PRI(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)={0x68, r1, 0x1, 0x70bd2b, 0x25dfdbfb, {{}, {}, {0x4c, 0x18, {0x8, @media='eth\x00'}}}}, 0x68}, 0x1, 0x0, 0x0, 0x200488d0}, 0x500d4) (async)
sendmsg$TIPC_CMD_SET_LINK_PRI(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)={0x68, r1, 0x1, 0x70bd2b, 0x25dfdbfb, {{}, {}, {0x4c, 0x18, {0x8, @media='eth\x00'}}}}, 0x68}, 0x1, 0x0, 0x0, 0x200488d0}, 0x500d4)
executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000004300), 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) (async)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_X86_SET_MSR_FILTER(r1, 0x4188aec6, &(0x7f0000001b80)={0x0, [{0x1, 0x4f8, 0x40ef, &(0x7f0000000100)="62865e659e7508cfa782a8ba4f4899af880f02da91988139b439d61234fabfbe0f267a7af0a582df802e5f2e2fccd3944f7817e6b1de381b31fe2276c217d244273ec0863892e6b7d902ed6ec3b7537d133392d21a685bf1ce2470049c6f142fb920cb2af2e1cb519df0ea176600e84f6653bdd2e8305e404ee6d760885e362783dfb7c71fdadbeac1e216d03559fa624d08afe3a0e9b9fb097be3d890a084"}, {0x1, 0x348, 0xff, &(0x7f0000000200)="378f1eca6e593155277811bf384358f1c830905f11696d0031cda09a80a464c6721fa868f83d2fde50761eb8fae9e5c5e11f5b79b9adfb070c45929d144999e9e688862fbbc63c6d4889372ef36c08084c8985cb7cd202e48bdf1bce2bac55935eb92834fd9b9950d3"}, {0x2, 0x3a0, 0xb30, &(0x7f0000000340)="1fc6eadcca484a4126e8a03db0daa4e01fbafe29f6abe20f4d21bf6ad38ede6e60bb08fbc77336c351bcc01c7af257860df8552dc406692005696da578cf58ce9f66d9eccb8dbe9b52864772a4ca2b05c99912395cf3f4e95598bd6ac344c6d2691bcfd51bc46ac8d3a76ea8485ff60a1c2ddc42"}, {0x0, 0x80, 0x200, &(0x7f00000003c0)="2450f416f2508ef080f16a15d4c35ff5"}, {0x1, 0x58, 0x7, &(0x7f0000000400)="5c200f4922d3a73d557edc"}, {0x1, 0x778, 0x5, &(0x7f0000000440)="349f088148ae2f53b91981892484d7e8748cd72465c3bd2f335e6d971a7b908ccbe9e4980ed63ada58886f17edec4c8226564b09e8f6c385f0a4b2b20d14523d64335efe59f2a0905bd123c6293e06e76f979115a909b804eef3731331441f85b3d58e4db704179858b6b0bc550b14397dcd308272d47f25094996ad15e364c24b100de54c60be9bae1374903b47cf6861bec6272f2ce3e7961d52384fcdc6071b976053ebca9e2d2483024636c8bb88fb74c63910945944a3552b7dac6c093e98d317e7dc073a41c3b1bae8d9409de0df03a3119106698f1fcc0262c141df2e5851763fe74527e8bcf3be362c1f81"}, {0x1, 0x748, 0xbea, &(0x7f0000000540)="7873af783f0f69dda36413ef90f7c87d9080d52308fd74efc2cc3ce28a5ff1ea6fb3bd18c794352cf5bf5228dcf04cd1b704dca81cdb67c8020ae8e881805bed7d4fc6f1cbad4cbc35a4990caaf03cf2a3b382ec58e73eb882b0b74add742445132c0135a65e42f39f8c74232fda6db2670eeb0381babf0d6321de822d8f58f0a018999b5c2ec867dddf317d9349af3338a01550e18fb5b356a205d343c972accc6a6accfa5cdee84ca1989271fe39aa904f66d8873c8c074f08c864210135f2b233de84145ad0fe2cd282c48b39b468d1b1ce9769a39c23b5331a37c8e12f6d61e74823a97bfface1"}, {0x2, 0x170, 0x3, &(0x7f0000000640)="b7ccb2e8f888cf3f59de9ca83ef8980c57c633f10a6516d9da053cdd784ce67e1225035a1d0bbdd40a111f63ad0a"}, {0x3, 0x3b8, 0xffff5fc0, &(0x7f0000000680)="c723dda8b667037225221a310b55289842fb2c8851f96e10e66b39875944a82c2742bc0434071791719b32406f624b0dbaa003269a6a1b7226fdfa0c3dab6afa7d51f3831258f49a65ec91f56f19dbda16f663a38453f14d588291e48ba79cec986cff13a9d32f460e28c6ccfc82d0591b64fc80750314"}, {0x1, 0x378, 0xb, &(0x7f0000000700)="806460f6e9daf60776682fd96f9d77b3e1beb4e4ca6238d2c8a8aa730fb097cf20ad7053d55fe642ffb0b0ea708ea349421d6ad993645cdb4fb42f2f508bc8545263e24f8cf250fb1c5e6fb6d21f1773d954c4545320c0d5d6be43f74c5ab5e915c2753f100ff1c1a7fc3f23735ea3"}, {0x3, 0x6b0, 0x81, &(0x7f0000000780)="1274f95bc97f21c239adfc66c401a8f6da5eae7dbc9f604cbbc077b8cbbacf9711317925d7fd897c21fe5afa105f7921f7a44dd41275ca06582adde82f50d11027f2f18e3bd5c8993f9f1b5858fbe88bb2f6c572a34021c8e4861d99a3deb8f7b36f4b634585326886cd48685f6f5098b6463e88e613121db686091bc18fbe50b8d539f3fc7989a3d618c8319f439a7db8dad79ceb74e5bb7d023aeca8cc31bdac88db9222af241b1ef3af1ba4a7659bb364a4b4d63064423dfc32d6783d208b1f237de0eaa86b3af0c94270bd68f177d6f3ef0e8624"}, {0x0, 0x5e0, 0x9, &(0x7f0000000880)="f15039439f07bea00860547a3ca954062544afdc9bba9ddae57dd45bbe7604fb30268f66842a16eb44dce86bc05217cdfc15cf176787532bd35811aa706b644ad1d33c0faf3a144487b864b5c2fd64d98766e6aa875d36014444db02b07863eb461abf7fe0679e63495457653a28bfe1f6932c78e7807ef4c0825b1f8c5f137afd4d2805e1068c2e82858a43340dfa2b1db16a57a1f0ef2ce5d7c1cc7ab864eafea2d733f700efed34aceaaca015800ca93a661e7fa415753b4217dc"}, {0x1, 0x7f8, 0xf, &(0x7f0000000940)="ba62ace11493ec9e8656d8cde37884d164ac30fa8afbb91e296e0446d2b2bd6192cd61171693958badb95946e3eed187f65487ca29499e9c9a8296d5be8adc4aa18c415025fef001ea2e0f9661ea4b7dbf53cf0eb1e275f9de0beb46652e38e1b7ab4b6855f64c84fe1d57492d5f1e30adc01473d7a2d2d4120eb4e10914e81a86ea817a560c78d07b332398b880142c48db1156f7a06a79d2080865182d610ab8fa53e25689a339d3bcf1a63e6e3cc8c3fef5fed155efeef6f80842b7a2bde820213555edd9accbe5a5425247effa3d55fe03a50b5d96d741552b6d112b40d1d12bf3d95b8f4c77eaa9c2074718119519fc7125a8fe9ac9a2f4473e551557"}, {0x2, 0x8000, 0x1, &(0x7f0000000a40)="f47ba2991ba39584df50e30c894054b1c1ec31d3fcc9b0d03941043d8021fc59bbd923218bb2d0ebcd88882742fd1cfbb6022739ef048304213a880e685253c1c4c9f36dbefffcaeda822399522ab5559a662166b86ac2158629d00e702e8461610e59f4cbd78778742c6fa788913af7a18eee15b28c49cb91e15b37356f9da545218677283d6ba645bc6f83f1c4a118d48e69f230177c3c4f47158da5e34a9602bdc92ffe4e137c180abdfed2ddeb1b57a8891515c2fae72506567d4b34160fb368598b868027c115bb7b1fb986da0054b0005263dd2c7143415e9f8c2cb155064281498ede20754ecc58524726509b6f76cf42bc521b3b2a13b022723cffd7707627ceeb3efc730058364a71e8b9af4f38afb09446c146ef36f2d4fcb5262b728d66e938e7c753a86d39042c6d55a944677938a2985b0a52eb082c3db8395e1293dd9badcf9064a4c6d3f654a72935c07f2ba04fd393e94c61d9fb6735a33926fe13526042667c33af97d45443e042c3f4dbba0ce16b1c0322e6c9ed6c800b7f97e375e0dcd6e8672b63f10cf3f97af0e6aec7c84e3c5ca82fea7f1953aeec9694e13901e1f9f1352d5200d30b118277b968149753455f0117271547003c094c05689d88ec65cdbc37150a5e5448fe2a3a52da06dc8ca09191ee9eb87207ee2d9c8c11a95a7d97eb15496604a45a1360bf3cd52ce468c3ae218849f986958d643375c4418da80b2a200cb9642adebcbf91985c24d818a83fe5fd789db8d7b3eca537b3559fa3581d308c1d410ee066fd44b959c3937613cb9216fc0b7385673e5d64eb5d4b96f6d3f4e04f6a92cd90f9826aa199d2a7e2b8e9ab8d2c7e6d1eb163184743e457723a2f6d623bbbe6652557d20f1b1113a0be38ec18f5519c9b1be615676cdccd38a58b4929c60967370ea6d1d27a64e0f823ef3acb435fb4bd43e4546cc6c5fc16decbc93ca9cea84853b7fa9aa4c4f7801b053cc22f586d7391d0ad33ec1fcbb98c71beb0a682f7de983a1b1a2ad1b8f6af176e4b79fcfa8e20b0b27b187283d25c0014e0635a8bdc7d968ebc282597cdde00a3ef4a4f3a5cd029ee3b243f6180ce6c1f5b26e4a2ed35ed488a873c75cd12809e57ee7a399224191c1edd4b992e64ba05b7fe77b92b63ecf89a918111e7997bd0194af363e7a97f8d4838e309c4e023e45e225c0ff5dd0da0203e7987c10a8417528b69693e07205156e09646a73aee331c75e52dbd566113ac8d052a46a92c046a1862e659f38b410af6e364bb0df83c18854bfae003951eb8ffc8e72024adb886e100687acaec417ea20bc985bef6e58e736d95753c6f84a33f59af4878b7c730724d08ce47660a5add0a402b2fb2da9105109a30676d8aba15573bcfdb723aab1c278d77767cb0fcf700b91f2213097b3e7276eb75cf787ac955ce2b02467f2d34114621705fd08f9d2216ccfa300176fb5bd2b115393e868e699e6298f681675b63eeeef29e8bd177ec0a3105288bfcac367964cc77f323fb6aeb2abf5359be290666e7c7effea1f50f19fdfde2e2d5bea406c3a6e554ba2da1a7b8e6686cdde4b7e9742853d2e1aee685b1e2163e7c7d6a2629cf9f7d762ef83e858d3867d0d54d991a628e14694c315d4877354a4578f9c8e49dace5049e6df7304d23f4488c0bb2383e67817c0496bfbb1404fc2218af9061fc358ddb514aed826e6983120de08b46d855b6c88897ccea78e51a03eb59b22d261976256cf0aaff631ccacfe2a2acb6167dd4f796e390e15b259b01b5845e9c1d474f2a61d7f8dd0e5ddf4cdbf330bacfc93b3f40c66cadf7cc8229fcdc5a9ad96af9745394a231d236f330ce68cf6482c36c2aa559232bd356a628e9534187290db9b6a32fe3b948747304f9a7c59a147ef20b957e3c482bd334bc18b5e2e47d56ac26c68cdcf7fda0d22c25f900d7ed952179f98e22752406c393c286a41f6271dd591d23b49732806e2cf7b6fc4b43ebbe5ac1c826a34093ef66488e78fd075a29a5ea5e18f6c3484f9438dce071632bf41ee7a732d753328217a49c019046de88bff68b57c9402c57888c82ed97824e8b6e7298f22871a285f9f83a9de2a7eb0144cdb2de75167c503265d2b2a5b967246d08d0abb8f7a034501bdc83af4c3535d4c07e03b48e13ab7d011dfe28885fc6f1352a5db7d3f4eb52ba70686d29536d7b99ef0fe465befcf57704aba201e3c5d67e94bfd2e4adc7f940699936d10c7d8282e129ff9d0e01c34f77cab804d90ab0b65d4e06cc51efb1776f923a698df9bc6164aa3f8eab0168ce5fd652434ee64948dd59d628ff17cd88f7ab16102b1bafe298f1ba6ca66e1ff7b17597bded4255462755b9c0bd7d1b63711bc8c2360ebac5adf3e5f69951196caf7540ed05fb1fb4035b15d9a61d0d383fa08757b8e522bf8f5f183fc01066cf8e1029e319bf36a67c3c3ae07ea8d4f2b2acbc37ffc4b966b11d7f60d9735a4691550070bc544d752afa56aa60c2c92b2db64f529f6cc2daff01f9dcece8c15cce15c117cdb23a6a7f3918b98b36c42c917ffb5d163b183c23adcc205707f83345b741c3e01cf51365d988ca7fc1e84e2932d2bc780931c7299323eeaf7caa9bec1fb0b3a604146512c28424390fb647ad13e8ff53046b88af3a5d63ac9ecba5a82a6204a5cc3983cd11a10b11d5fe4429f9b0bd3dc23adeeb0e2c0d1b30e535575c2dda7d56c00906c3c51012cf587339399ea577a3e5842ae09e2e33c276c2280b3046b542a43802f61eb92a5669ce4e93f397992cc2ab91fb59b5abd3420639168d1c7831dfb0e105841f0354d3ed74ae729bc173dd5a5b136fbb4eab9f8beffeefa8f65a86818d545e12503fbbe9be8e5c5a9a623fab8d21be9ef9f5faa50c9f1a7a47be546a0cd7552c5e048c5d5d5f5ca09f8da9c5c24979441114c24719290149e884aeb02e4c1f6ea650ff33d0275f2dc424e9a8f2daf0041ab126ba00cfec3ae0e5110272e18bc323ff98871f9c6be6e97ac59269c75197d0b711d446d69c48c6453a96e5670d524ffe583b0e1653b67121652992b1766008064c03f0cbfb93821441cf9ebdf3d9d515714fcf8e2d3a58ffd8a2320561d311d61fcf3df13d78af275a42d330adef1de539e6556275bd3f72a308e34184caba9325c8a5a1d7417de3759f05682358cd785b3ab15027b838281377a19c712b8d234b85620c6b60dd16b904af14d42c39690e11a6b7c126b7b01f3474724bf76369ab6a5fff7b6256b9174307a3fa65bb072e3a4593f6d260697de3ca2516153dc4d31b6e87437560d6332502fd29f8ede60675f3d660010ea2ea5fceadadf8e101969088d0981b81129a14a3488551c7e3dd54714f218ba6a3bf11036cbe78abe45b679ce0b3399823e444cc8180dcce94e3a3534133b284df815d43b187645948319ef34fd934d26734ca031a7bf522f0547635c287739cb4db6a62c1aba2567fb15e6e7f41d33f6c65ea64b7299ae3c81ecde326f1917d1baf0a7c3193598ee88ae210b8671a8979f57019854d959fb8d74ec2565f1404b7c160ae32753f88b2aeb396df2ba40ef931193b66ac84fae59685be01b1e204c39be4e54e4207efaf2c371cd7fe77685be8222a932c764ecd38fafe5396148e1964a83e6059a638fe0d6850d3b06f033f195fe84e441a6a10b248c9e02204e83d318e3971b878a38c71f573e37e565c942477b42cc0fd379dea551fe52b327dc1be283661e77f47c289e9f38bca6949fa0dcce858991c7c3841b8c6f98153c641e8a78e45c591f190dbfdcd558b1c36328fafaa63202eb5587b02c6527c9e59bc0f26a4f41f96a748aa544521fc6858aeb64e4cee85cea2ef06d0fada652b4e04ffceb2b54ffa51f49c64a37f6eb7d6b7b195718a83e358e72499f8646ed83ceea2882290e5559cebbbc81abee9e1294586601da10c4b54f9027d41c41983a4e79b641f9c3abe5a1ab5d376fb7a610a5e056e14933e60ec2996819a92943ee90c64cc63ae5de6097396dd9cd59413f703b86a1062b9261f9438bfb8778ce89717b7bbfb5a7ad13db69515543541001ba242e1a30d9ef1e2b29d18ad350a35067cc899eaff242467e3074a559a4882eb9505c6cb30c6a38675fccf7cea5d2ad2c7ded7f1ff6ed6e15054b040096ee229fa66eaa4b83eb277f806cfd32d5699bf21915e5d575b012f4ce904d35e6efeb0f3d0b26f2945e67a849d1ba467aca30b18c0babb0b6630b3fd56a3b1ae14fe4e3248cb4f32921d8e3598f0a6d732f2975815f547f9eedd2b8a8517e8d199414070b9a5a29d850745f061f18aa131869504b0e921c94462ca055770fd839858f00ad2ff1b49371d8678e798f9678df87cba6982a0a8edcc49770ba73a01ad1db7df7d7e52b144fc9fe1c25834fbe998cbb964679d86a141d9cd47ce9ee41c9ae1c931f222a8de75b7d33b5317061845c3b686272fe6148da10eeabaefabac7291ef9ef22c177673f19fde059debafd79b503d442624d7ffa194dd4ca22c5a6169ec27c726351ad9e693981d91620d571f5a889f5c5c30e23fe9ee7ab25284b32de399458b1d55939f1aa108eaff90ebc06f1b071456a98ca8036d91a66ed1f69e19e4a9135427e269f5b61c9c3201da3f37d9d71115c483ae6933654531f468242708bf586727a436a68c4b6a6570f2fe4f975d99c1342d50f044a712870a8a354c53fdd8a798e652d1d5524b62aee65cefd884b56a43891223dc8a18681f64af2d4fda0c248b45b46d10030ba8dae90c5a679f0e3707e0e85ba9dc171ddd12de52198108a9d1f53bdb4b8993b867c0827c2e508f5d66388f6ca7b24f916722a4c9259bbb6d4700b63790844d84ea957ff5bc02a18afd80e7887d7ada32ffa7da54bb4ea6df4af693d95396c42e15f27820a82221a107588f7ca8ed53d26229fa623b2cacfb4e1295dd029bafbc888b2ff67c8445b042bc76a764f6a332817c80c535e737dbf92f02a5d2ea7c0498a3bd7cf1d5a9822a0832bda5f6250b142ad4a6227e8f4fc83c7bb43907939ccbb389b5856517b36956f020ab60aad86320e6cf020787dfa8aeb1ee0ce80fbf2a16a3f6060e083ed74be4a87587005f60fd19a5bb28b74787d1bfab1483624a5ab6bcc52297d4fb01b6cf3a85f8d5a5ea1a5ac5000a3d943f4cd04a4c347e48a473178e3c3b4b4d0c9cfb934c480d2b1057ca547c4999c67aedb17605a11add8ae3dd0d4bc543a8399077c2dfca86faa1a275fc730eb3e5869d61a9e0b176c4cbcb613fbb58d4472124c4daa8f27ae0c9f6bba913cbcbff16be2bcbd0bff36b1726e0808a6b12c088ef217f98f2475b2f197bcde9a99bbb23345b54ad02e253091dccbe095c0b0fda9ac3dff27516d6650290e443170bc35b119bcbdb3659336334855d457fdac0320826692fec59184ff99723fb10836c4708719228955f3bc4249002d6165d306c51b11e7fb357e0b5c82f879f1a632f2140409ac512b9013aa035f37ccc3e7bca363bf21059b556b37fddc5857bfefb9f385d5c86f05e4597e86af1239acc71c1903d15f25fbb88d3dabf6a8b14e2e3335e6ed1e597abbc116c47a3d931b4dd508d108e011d09394139102ce857eacfedeefe87c5eb7360e4aefcdd9c8246bac66ff90b86f8cf53d7a91d7bc1c401a63d5dff0f643baae2a14b73e9faa2283137a62ad37d1f515a8ebbef051b45d859c13f27b104e67631f1af0f38d08a33983c0abcd9cf8835e1fbe471870cb03c56056d741776b6a32cc8dd22380764b9131beb8d44b82e08bc5d"}, {0x3, 0x70, 0x8, &(0x7f0000001a40)="f257606ef68408fbb7ef84734520"}, {0x0, 0x758, 0x7, &(0x7f0000001a80)="1dce2c0f4657710c1c07b846ea74f9a4f6800a3d35632b9c2f68528f5808bd30c8c2667eb86cf8ab797420737e49fe021fe69e76d0c6799353ba2e1707e358e6f70cb92a1202cc90793cae0f382511646864f0feff33c3bc53eb86bd2884809b905e7b3e74fce7d917860797b94640044073c6ee385ab70c110d4238f14b577166bb396ca0ef339469a31fe81d307498fddb3d6bc83acb5fed12ea3901067c8be018d466ab83468370ba369db49d8a464c00ac5d232ce0e1f75d7ac9481d0af1976d2284873603d263cfd147b65d04ab9a20e23dde202c9cb30318f4477f1a4c39d8fb1f4cd8bd42fce4fa"}]}) (async, rerun: 64)
ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f0000000040)={0x1, 0x0, [{0x1, 0x9, 0x4b9, 0x4f1b04e0, 0x1000}]}) (async, rerun: 64)
ioctl$KVM_X86_SETUP_MCE(r2, 0x4008ae9c, &(0x7f0000000000)={0x16, 0x5})
pipe(&(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write$P9_RREAD(r4, &(0x7f0000000280)={0xb, 0x75, 0x2}, 0xb) (async, rerun: 32)
io_setup(0x3, &(0x7f00000000c0)=<r5=>0x0) (rerun: 32)
io_submit(r5, 0x2, &(0x7f0000000300)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0}, &(0x7f0000000080)={0x0, 0x0, 0x9, 0x1, 0x0, r4, &(0x7f00000001c0)='m', 0xfffffdfc}]) (async, rerun: 32)
syz_usb_connect(0x0, 0x5a, &(0x7f0000000000)=ANY=[], 0x0) (rerun: 32)
executing program 1:
r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000005c0), 0x2, 0x0)
r1 = openat$selinux_policy(0xffffff9c, &(0x7f00000000c0), 0x0, 0x0) (async)
r2 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000000), 0x1a9b42, 0x0)
ioctl$ASHMEM_SET_SIZE(r2, 0x40087703, 0x10000003) (async)
r3 = socket(0x10, 0x3, 0x0) (async)
timer_create(0xb, 0x0, &(0x7f00000000c0)=<r4=>0x0) (async)
r5 = timerfd_create(0x0, 0x0) (async, rerun: 64)
r6 = socket(0x10, 0x3, 0x0) (rerun: 64)
connect$netlink(r6, &(0x7f0000000200)=@kern={0x10, 0x0, 0x0, 0x8}, 0x5) (async)
timerfd_settime(r5, 0x1, &(0x7f0000000000)={{0x77359400}, {0x0, 0x989680}}, 0x0)
timerfd_gettime(r5, 0x0)
timer_settime(r4, 0x1, &(0x7f0000001040)={{0x0, 0x989680}, {0x77359400}}, 0x0) (async)
clock_adjtime(0x0, &(0x7f00000001c0)={0x8b8d, 0x40000000000, 0x400000000003, 0x0, 0x0, 0xfffffffffffffffd, 0xe00, 0x0, 0x0, 0x6, 0x0, 0x7, 0x0, 0x3cf2a278, 0x0, 0x400000000000000, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x75b3}) (async)
mprotect(&(0x7f0000ebc000/0x1000)=nil, 0x1000, 0x2) (async)
fcntl$lock(r3, 0x24, 0x0) (async)
mmap(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000009, 0x13, r2, 0x954c3000) (async, rerun: 64)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x41, 0x0) (rerun: 64)
syz_open_procfs(0x0, &(0x7f00000002c0)='fdinfo/3\x00') (async)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
r8 = dup(r7)
ioctl$SIOCSIFHWADDR(r8, 0x8914, &(0x7f0000000100)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}) (async)
read$FUSE(r8, &(0x7f0000002080)={0x2020}, 0x2020) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r1, 0x0) (async, rerun: 32)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000001380), 0x0) (async, rerun: 32)
ioctl$XFS_IOC_ATTRLIST_BY_HANDLE(0xffffffffffffffff, 0x4058587a, &(0x7f0000002940)={{0xffffffffffffffff, 0x0, 0x591942, &(0x7f0000001700)={@_ha_fsid={[0x8, 0x4]}, {0x3, 0x2, 0x0, 0xa}}, 0x2, 0x0, 0x0}, {[0x2, 0x1ff, 0x1, 0xb]}, 0x4bf, 0x0, 0x0}) (async, rerun: 32)
write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x190ec) (rerun: 32)
executing program 1:
syz_usb_connect$uac2(0x0, 0x87, &(0x7f0000000500)=ANY=[@ANYBLOB="12010002000000208205b200400001020301090275000301098007080b0101010620ca0904000000010120000924010900001500b04785e98744c18270f3fe0c2403050603070490f64aff0904010000010220000904010101010220000905010940000108f008250185272d0180090402000001022000090402010101022000090582090004de5c01082501800308ef10"], 0x0)
ioctl$F2FS_IOC_START_VOLATILE_WRITE(0xffffffffffffffff, 0xf503, 0x0)
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r1 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_ADD_MFC(r1, 0x29, 0xcc, 0x0, 0x700)
prctl$PR_GET_TSC(0x19, &(0x7f0000000000))
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(0xffffffffffffffff, 0xc0c89425, &(0x7f0000000000)={"fd2b857f000601001a00", 0x0, <r2=>0x0, {0xc53, 0x6c11}, {0x1, 0x5}, 0x200, [0xb435, 0x0, 0x8, 0x7, 0x3, 0x1, 0xcd1c, 0x8, 0x0, 0x3, 0x8, 0xd, 0xffffffffffffff81, 0x6, 0xc]})
ioctl$BTRFS_IOC_BALANCE_PROGRESS(0xffffffffffffffff, 0x84009422, &(0x7f0000000100)={0x0, 0x0, {0x0, @struct}, {0x0, @struct, <r3=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}})
r4 = socket(0x10, 0x3, 0x0)
r5 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r5, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x800, 0x0, 0x1}, 0x20)
setsockopt$XDP_UMEM_COMPLETION_RING(r5, 0x11b, 0x6, &(0x7f0000000200)=0x1, 0x4)
r6 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r6, 0xaf01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r6, 0x4008af03, &(0x7f00000026c0)={0x5, 0x0, [{0x0, 0x0, 0x0}, {0x930afff, 0x5a, &(0x7f0000002400)=""/90}, {0x4, 0x9e, &(0x7f0000002480)=""/158}, {0x4, 0xa7, &(0x7f0000002580)=""/167}, {0x6000, 0x0, 0x0}]})
setsockopt$XDP_RX_RING(r5, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4)
setsockopt$XDP_UMEM_FILL_RING(r5, 0x11b, 0x5, &(0x7f0000000140)=0x1, 0x4)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r4, 0x8933, &(0x7f00000002c0)={'wg2\x00', <r7=>0x0})
bind$xdp(r5, &(0x7f0000000100)={0x2c, 0xa, r7}, 0x10)
r8 = socket$nl_audit(0x10, 0x3, 0x9)
getsockopt$sock_cred(r8, 0x1, 0x11, &(0x7f00000005c0)={0x0, <r9=>0x0}, &(0x7f0000000600)=0x8)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000640)={{{@in=@remote, @in=@loopback, 0x4e20, 0x0, 0x4e21, 0x1, 0x0, 0x80, 0x80, 0x3b, r7, r9}, {0x3, 0xeace, 0x4, 0x0, 0x9a, 0x4, 0x1, 0x6}, {0x262052f8, 0x61, 0x1c000000, 0x7}, 0x7, 0x6e6bb2, 0x1, 0x1, 0x2, 0x1}, {{@in=@multicast2, 0x4d2, 0x32}, 0xa, @in=@empty, 0x0, 0x3, 0x0, 0x6, 0x6f, 0x5, 0x6}}, 0xe8)
ioctl$BTRFS_IOC_RM_DEV_V2(r0, 0x5000943a, &(0x7f0000000f40)={{r1}, r2, 0x0, @unused=[0x4, 0x8, 0x5, 0x8], @devid=r3})
executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x8000, 0x0) (async, rerun: 64)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) (rerun: 64)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000240)={0x73622a85, 0x0, 0x8000000000002}) (async)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r3 = dup3(r2, r1, 0x0) (async)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r4, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000000c0)={0x8, 0x0, &(0x7f00000005c0)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x1058, 0x0, 0x0, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000280)={@flat=@binder={0x73622a85, 0x101, 0x1}, @ptr={0x70742a85, 0x80000, 0x0, 0x0, 0x1, 0x30}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0xfffffffffffffffd, 0x10000000000ca}}, &(0x7f0000000600)={0x0, 0x18, 0x40}}, 0x1000}], 0x0, 0x0, 0x0})
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000fd7000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
r7 = open(&(0x7f0000001440)='./file1\x00', 0x14d77e, 0xc2)
ioctl$FS_IOC_SETFLAGS(r7, 0x40086602, &(0x7f0000000400)=0x20)
fcntl$setstatus(r7, 0x4, 0x2000)
ioctl$KVM_SET_NESTED_STATE(r6, 0x4080aebf, &(0x7f0000003680)=@vmx={0x0, 0x0, 0x2080, {0xeeee8000, 0x0, {}, 0x0, 0x2}}) (async)
ioctl$XFS_IOC_FD_TO_HANDLE(r5, 0xc038586a, &(0x7f0000000240)={<r8=>r0, &(0x7f0000000000)='/dev/kvm\x00', 0x800, &(0x7f0000000100)={@_ha_fsid={[0x0, 0x9]}, {0x8, 0x5, 0x200, 0x4}}, 0x8001, &(0x7f0000000180)={@_ha_fsid}, &(0x7f00000001c0)=0x100})
syz_kvm_setup_cpu$x86(r8, r6, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000280)="2e0f219ec4e2659aa9fb93000066b8b1008ee866baf80cb8f88c0b8def66bafc0cec66b8e3008ec8f2dee3f20f013d3e000000c4c179707df8090f005d0766ba6100b80d000000ef", 0x48}], 0x1, 0x6c, 0x0, 0x0)
socket$packet(0x11, 0x3, 0x300) (async, rerun: 32)
ioctl$KVM_RUN(r6, 0xae80, 0x0) (rerun: 32)

program did not crash
replaying the whole log did not cause a kernel crash
single: executing 1 programs separately with timeout 1m40s
testing program (duration=1m40s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-openat$binderfs-ioctl$BINDER_SET_CONTEXT_MGR_EXT-openat$binderfs-ioctl$BINDER_WRITE_READ-dup3-openat$binderfs-mmap$binder-ioctl$BINDER_SET_CONTEXT_MGR_EXT-ioctl$BINDER_WRITE_READ-ioctl$BINDER_WRITE_READ-ioctl$KVM_CREATE_VM-ioctl$KVM_CREATE_VCPU-syz_kvm_setup_cpu$x86-open-ioctl$FS_IOC_SETFLAGS-fcntl$setstatus-ioctl$KVM_SET_NESTED_STATE-ioctl$XFS_IOC_FD_TO_HANDLE-syz_kvm_setup_cpu$x86-socket$packet-ioctl$KVM_RUN
detailed listing:
executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x8000, 0x0) (async, rerun: 64)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) (rerun: 64)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000240)={0x73622a85, 0x0, 0x8000000000002}) (async)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r3 = dup3(r2, r1, 0x0) (async)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r4, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000000c0)={0x8, 0x0, &(0x7f00000005c0)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x1058, 0x0, 0x0, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000280)={@flat=@binder={0x73622a85, 0x101, 0x1}, @ptr={0x70742a85, 0x80000, 0x0, 0x0, 0x1, 0x30}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0xfffffffffffffffd, 0x10000000000ca}}, &(0x7f0000000600)={0x0, 0x18, 0x40}}, 0x1000}], 0x0, 0x0, 0x0})
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000fd7000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
r7 = open(&(0x7f0000001440)='./file1\x00', 0x14d77e, 0xc2)
ioctl$FS_IOC_SETFLAGS(r7, 0x40086602, &(0x7f0000000400)=0x20)
fcntl$setstatus(r7, 0x4, 0x2000)
ioctl$KVM_SET_NESTED_STATE(r6, 0x4080aebf, &(0x7f0000003680)=@vmx={0x0, 0x0, 0x2080, {0xeeee8000, 0x0, {}, 0x0, 0x2}}) (async)
ioctl$XFS_IOC_FD_TO_HANDLE(r5, 0xc038586a, &(0x7f0000000240)={<r8=>r0, &(0x7f0000000000)='/dev/kvm\x00', 0x800, &(0x7f0000000100)={@_ha_fsid={[0x0, 0x9]}, {0x8, 0x5, 0x200, 0x4}}, 0x8001, &(0x7f0000000180)={@_ha_fsid}, &(0x7f00000001c0)=0x100})
syz_kvm_setup_cpu$x86(r8, r6, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000280)="2e0f219ec4e2659aa9fb93000066b8b1008ee866baf80cb8f88c0b8def66bafc0cec66b8e3008ec8f2dee3f20f013d3e000000c4c179707df8090f005d0766ba6100b80d000000ef", 0x48}], 0x1, 0x6c, 0x0, 0x0)
socket$packet(0x11, 0x3, 0x300) (async, rerun: 32)
ioctl$KVM_RUN(r6, 0xae80, 0x0) (rerun: 32)

program crashed: BUG: stack guard page was hit in corrupted
single: successfully extracted reproducer
found reproducer with 22 syscalls
minimizing guilty program
testing program (duration=1m40s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-openat$binderfs-ioctl$BINDER_SET_CONTEXT_MGR_EXT-openat$binderfs-ioctl$BINDER_WRITE_READ-dup3-openat$binderfs-mmap$binder-ioctl$BINDER_SET_CONTEXT_MGR_EXT-ioctl$BINDER_WRITE_READ-ioctl$BINDER_WRITE_READ-ioctl$KVM_CREATE_VM-ioctl$KVM_CREATE_VCPU-syz_kvm_setup_cpu$x86-open-ioctl$FS_IOC_SETFLAGS-fcntl$setstatus-ioctl$KVM_SET_NESTED_STATE-ioctl$XFS_IOC_FD_TO_HANDLE-syz_kvm_setup_cpu$x86-socket$packet
detailed listing:
executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x8000, 0x0) (async, rerun: 64)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) (rerun: 64)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000240)={0x73622a85, 0x0, 0x8000000000002}) (async)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r3 = dup3(r2, r1, 0x0) (async)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r4, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000000c0)={0x8, 0x0, &(0x7f00000005c0)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x1058, 0x0, 0x0, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000280)={@flat=@binder={0x73622a85, 0x101, 0x1}, @ptr={0x70742a85, 0x80000, 0x0, 0x0, 0x1, 0x30}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0xfffffffffffffffd, 0x10000000000ca}}, &(0x7f0000000600)={0x0, 0x18, 0x40}}, 0x1000}], 0x0, 0x0, 0x0})
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000fd7000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
r7 = open(&(0x7f0000001440)='./file1\x00', 0x14d77e, 0xc2)
ioctl$FS_IOC_SETFLAGS(r7, 0x40086602, &(0x7f0000000400)=0x20)
fcntl$setstatus(r7, 0x4, 0x2000)
ioctl$KVM_SET_NESTED_STATE(r6, 0x4080aebf, &(0x7f0000003680)=@vmx={0x0, 0x0, 0x2080, {0xeeee8000, 0x0, {}, 0x0, 0x2}}) (async)
ioctl$XFS_IOC_FD_TO_HANDLE(r5, 0xc038586a, &(0x7f0000000240)={<r8=>r0, &(0x7f0000000000)='/dev/kvm\x00', 0x800, &(0x7f0000000100)={@_ha_fsid={[0x0, 0x9]}, {0x8, 0x5, 0x200, 0x4}}, 0x8001, &(0x7f0000000180)={@_ha_fsid}, &(0x7f00000001c0)=0x100})
syz_kvm_setup_cpu$x86(r8, r6, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000280)="2e0f219ec4e2659aa9fb93000066b8b1008ee866baf80cb8f88c0b8def66bafc0cec66b8e3008ec8f2dee3f20f013d3e000000c4c179707df8090f005d0766ba6100b80d000000ef", 0x48}], 0x1, 0x6c, 0x0, 0x0)
socket$packet(0x11, 0x3, 0x300) (async, rerun: 32)

program crashed: BUG: stack guard page was hit in rust_binder::rust_binder_ioctl
testing program (duration=1m40s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-openat$binderfs-ioctl$BINDER_SET_CONTEXT_MGR_EXT-openat$binderfs-ioctl$BINDER_WRITE_READ-dup3-openat$binderfs-mmap$binder-ioctl$BINDER_SET_CONTEXT_MGR_EXT-ioctl$BINDER_WRITE_READ-ioctl$BINDER_WRITE_READ-ioctl$KVM_CREATE_VM-ioctl$KVM_CREATE_VCPU-syz_kvm_setup_cpu$x86-open-ioctl$FS_IOC_SETFLAGS-fcntl$setstatus-ioctl$KVM_SET_NESTED_STATE-ioctl$XFS_IOC_FD_TO_HANDLE-syz_kvm_setup_cpu$x86
detailed listing:
executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x8000, 0x0) (async, rerun: 64)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) (rerun: 64)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000240)={0x73622a85, 0x0, 0x8000000000002}) (async)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r3 = dup3(r2, r1, 0x0) (async)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r4, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000000c0)={0x8, 0x0, &(0x7f00000005c0)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x1058, 0x0, 0x0, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000280)={@flat=@binder={0x73622a85, 0x101, 0x1}, @ptr={0x70742a85, 0x80000, 0x0, 0x0, 0x1, 0x30}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0xfffffffffffffffd, 0x10000000000ca}}, &(0x7f0000000600)={0x0, 0x18, 0x40}}, 0x1000}], 0x0, 0x0, 0x0})
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000fd7000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
r7 = open(&(0x7f0000001440)='./file1\x00', 0x14d77e, 0xc2)
ioctl$FS_IOC_SETFLAGS(r7, 0x40086602, &(0x7f0000000400)=0x20)
fcntl$setstatus(r7, 0x4, 0x2000)
ioctl$KVM_SET_NESTED_STATE(r6, 0x4080aebf, &(0x7f0000003680)=@vmx={0x0, 0x0, 0x2080, {0xeeee8000, 0x0, {}, 0x0, 0x2}}) (async)
ioctl$XFS_IOC_FD_TO_HANDLE(r5, 0xc038586a, &(0x7f0000000240)={<r8=>r0, &(0x7f0000000000)='/dev/kvm\x00', 0x800, &(0x7f0000000100)={@_ha_fsid={[0x0, 0x9]}, {0x8, 0x5, 0x200, 0x4}}, 0x8001, &(0x7f0000000180)={@_ha_fsid}, &(0x7f00000001c0)=0x100})
syz_kvm_setup_cpu$x86(r8, r6, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000280)="2e0f219ec4e2659aa9fb93000066b8b1008ee866baf80cb8f88c0b8def66bafc0cec66b8e3008ec8f2dee3f20f013d3e000000c4c179707df8090f005d0766ba6100b80d000000ef", 0x48}], 0x1, 0x6c, 0x0, 0x0)

program crashed: BUG: stack guard page was hit in corrupted
testing program (duration=1m40s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-openat$binderfs-ioctl$BINDER_SET_CONTEXT_MGR_EXT-openat$binderfs-ioctl$BINDER_WRITE_READ-dup3-openat$binderfs-mmap$binder-ioctl$BINDER_SET_CONTEXT_MGR_EXT-ioctl$BINDER_WRITE_READ-ioctl$BINDER_WRITE_READ-ioctl$KVM_CREATE_VM-ioctl$KVM_CREATE_VCPU-syz_kvm_setup_cpu$x86-open-ioctl$FS_IOC_SETFLAGS-fcntl$setstatus-ioctl$KVM_SET_NESTED_STATE-ioctl$XFS_IOC_FD_TO_HANDLE
detailed listing:
executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x8000, 0x0) (async, rerun: 64)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) (rerun: 64)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000240)={0x73622a85, 0x0, 0x8000000000002}) (async)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r3 = dup3(r2, r1, 0x0) (async)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r4, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000000c0)={0x8, 0x0, &(0x7f00000005c0)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x1058, 0x0, 0x0, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000280)={@flat=@binder={0x73622a85, 0x101, 0x1}, @ptr={0x70742a85, 0x80000, 0x0, 0x0, 0x1, 0x30}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0xfffffffffffffffd, 0x10000000000ca}}, &(0x7f0000000600)={0x0, 0x18, 0x40}}, 0x1000}], 0x0, 0x0, 0x0})
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000fd7000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
r7 = open(&(0x7f0000001440)='./file1\x00', 0x14d77e, 0xc2)
ioctl$FS_IOC_SETFLAGS(r7, 0x40086602, &(0x7f0000000400)=0x20)
fcntl$setstatus(r7, 0x4, 0x2000)
ioctl$KVM_SET_NESTED_STATE(r6, 0x4080aebf, &(0x7f0000003680)=@vmx={0x0, 0x0, 0x2080, {0xeeee8000, 0x0, {}, 0x0, 0x2}}) (async)
ioctl$XFS_IOC_FD_TO_HANDLE(r5, 0xc038586a, &(0x7f0000000240)={r0, &(0x7f0000000000)='/dev/kvm\x00', 0x800, &(0x7f0000000100)={@_ha_fsid={[0x0, 0x9]}, {0x8, 0x5, 0x200, 0x4}}, 0x8001, &(0x7f0000000180)={@_ha_fsid}, &(0x7f00000001c0)=0x100})

program did not crash
testing program (duration=1m40s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-openat$binderfs-ioctl$BINDER_SET_CONTEXT_MGR_EXT-openat$binderfs-ioctl$BINDER_WRITE_READ-dup3-openat$binderfs-mmap$binder-ioctl$BINDER_SET_CONTEXT_MGR_EXT-ioctl$BINDER_WRITE_READ-ioctl$BINDER_WRITE_READ-ioctl$KVM_CREATE_VM-ioctl$KVM_CREATE_VCPU-syz_kvm_setup_cpu$x86-open-ioctl$FS_IOC_SETFLAGS-fcntl$setstatus-ioctl$KVM_SET_NESTED_STATE-syz_kvm_setup_cpu$x86
detailed listing:
executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x8000, 0x0) (async, rerun: 64)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) (rerun: 64)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000240)={0x73622a85, 0x0, 0x8000000000002}) (async)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r3 = dup3(r2, r1, 0x0) (async)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r4, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000000c0)={0x8, 0x0, &(0x7f00000005c0)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x1058, 0x0, 0x0, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000280)={@flat=@binder={0x73622a85, 0x101, 0x1}, @ptr={0x70742a85, 0x80000, 0x0, 0x0, 0x1, 0x30}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0xfffffffffffffffd, 0x10000000000ca}}, &(0x7f0000000600)={0x0, 0x18, 0x40}}, 0x1000}], 0x0, 0x0, 0x0})
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000fd7000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
r7 = open(&(0x7f0000001440)='./file1\x00', 0x14d77e, 0xc2)
ioctl$FS_IOC_SETFLAGS(r7, 0x40086602, &(0x7f0000000400)=0x20)
fcntl$setstatus(r7, 0x4, 0x2000)
ioctl$KVM_SET_NESTED_STATE(r6, 0x4080aebf, &(0x7f0000003680)=@vmx={0x0, 0x0, 0x2080, {0xeeee8000, 0x0, {}, 0x0, 0x2}}) (async)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000280)="2e0f219ec4e2659aa9fb93000066b8b1008ee866baf80cb8f88c0b8def66bafc0cec66b8e3008ec8f2dee3f20f013d3e000000c4c179707df8090f005d0766ba6100b80d000000ef", 0x48}], 0x1, 0x6c, 0x0, 0x0)

program did not crash
testing program (duration=1m40s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-openat$binderfs-ioctl$BINDER_SET_CONTEXT_MGR_EXT-openat$binderfs-ioctl$BINDER_WRITE_READ-dup3-openat$binderfs-mmap$binder-ioctl$BINDER_SET_CONTEXT_MGR_EXT-ioctl$BINDER_WRITE_READ-ioctl$BINDER_WRITE_READ-ioctl$KVM_CREATE_VM-ioctl$KVM_CREATE_VCPU-syz_kvm_setup_cpu$x86-open-ioctl$FS_IOC_SETFLAGS-fcntl$setstatus-ioctl$XFS_IOC_FD_TO_HANDLE-syz_kvm_setup_cpu$x86
detailed listing:
executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x8000, 0x0) (async, rerun: 64)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) (rerun: 64)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000240)={0x73622a85, 0x0, 0x8000000000002}) (async)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r3 = dup3(r2, r1, 0x0) (async)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r4, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000000c0)={0x8, 0x0, &(0x7f00000005c0)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x1058, 0x0, 0x0, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000280)={@flat=@binder={0x73622a85, 0x101, 0x1}, @ptr={0x70742a85, 0x80000, 0x0, 0x0, 0x1, 0x30}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0xfffffffffffffffd, 0x10000000000ca}}, &(0x7f0000000600)={0x0, 0x18, 0x40}}, 0x1000}], 0x0, 0x0, 0x0})
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000fd7000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
r7 = open(&(0x7f0000001440)='./file1\x00', 0x14d77e, 0xc2)
ioctl$FS_IOC_SETFLAGS(r7, 0x40086602, &(0x7f0000000400)=0x20)
fcntl$setstatus(r7, 0x4, 0x2000)
ioctl$XFS_IOC_FD_TO_HANDLE(r5, 0xc038586a, &(0x7f0000000240)={<r8=>r0, &(0x7f0000000000)='/dev/kvm\x00', 0x800, &(0x7f0000000100)={@_ha_fsid={[0x0, 0x9]}, {0x8, 0x5, 0x200, 0x4}}, 0x8001, &(0x7f0000000180)={@_ha_fsid}, &(0x7f00000001c0)=0x100})
syz_kvm_setup_cpu$x86(r8, r6, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000280)="2e0f219ec4e2659aa9fb93000066b8b1008ee866baf80cb8f88c0b8def66bafc0cec66b8e3008ec8f2dee3f20f013d3e000000c4c179707df8090f005d0766ba6100b80d000000ef", 0x48}], 0x1, 0x6c, 0x0, 0x0)

program crashed: BUG: stack guard page was hit in corrupted
testing program (duration=1m40s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-openat$binderfs-ioctl$BINDER_SET_CONTEXT_MGR_EXT-openat$binderfs-ioctl$BINDER_WRITE_READ-dup3-openat$binderfs-mmap$binder-ioctl$BINDER_SET_CONTEXT_MGR_EXT-ioctl$BINDER_WRITE_READ-ioctl$BINDER_WRITE_READ-ioctl$KVM_CREATE_VM-ioctl$KVM_CREATE_VCPU-syz_kvm_setup_cpu$x86-open-ioctl$FS_IOC_SETFLAGS-ioctl$XFS_IOC_FD_TO_HANDLE-syz_kvm_setup_cpu$x86
detailed listing:
executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x8000, 0x0) (async, rerun: 64)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) (rerun: 64)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000240)={0x73622a85, 0x0, 0x8000000000002}) (async)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r3 = dup3(r2, r1, 0x0) (async)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r4, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000000c0)={0x8, 0x0, &(0x7f00000005c0)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x1058, 0x0, 0x0, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000280)={@flat=@binder={0x73622a85, 0x101, 0x1}, @ptr={0x70742a85, 0x80000, 0x0, 0x0, 0x1, 0x30}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0xfffffffffffffffd, 0x10000000000ca}}, &(0x7f0000000600)={0x0, 0x18, 0x40}}, 0x1000}], 0x0, 0x0, 0x0})
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000fd7000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
r7 = open(&(0x7f0000001440)='./file1\x00', 0x14d77e, 0xc2)
ioctl$FS_IOC_SETFLAGS(r7, 0x40086602, &(0x7f0000000400)=0x20)
ioctl$XFS_IOC_FD_TO_HANDLE(r5, 0xc038586a, &(0x7f0000000240)={<r8=>r0, &(0x7f0000000000)='/dev/kvm\x00', 0x800, &(0x7f0000000100)={@_ha_fsid={[0x0, 0x9]}, {0x8, 0x5, 0x200, 0x4}}, 0x8001, &(0x7f0000000180)={@_ha_fsid}, &(0x7f00000001c0)=0x100})
syz_kvm_setup_cpu$x86(r8, r6, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000280)="2e0f219ec4e2659aa9fb93000066b8b1008ee866baf80cb8f88c0b8def66bafc0cec66b8e3008ec8f2dee3f20f013d3e000000c4c179707df8090f005d0766ba6100b80d000000ef", 0x48}], 0x1, 0x6c, 0x0, 0x0)

program crashed: BUG: stack guard page was hit in corrupted
testing program (duration=1m40s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-openat$binderfs-ioctl$BINDER_SET_CONTEXT_MGR_EXT-openat$binderfs-ioctl$BINDER_WRITE_READ-dup3-openat$binderfs-mmap$binder-ioctl$BINDER_SET_CONTEXT_MGR_EXT-ioctl$BINDER_WRITE_READ-ioctl$BINDER_WRITE_READ-ioctl$KVM_CREATE_VM-ioctl$KVM_CREATE_VCPU-syz_kvm_setup_cpu$x86-open-ioctl$XFS_IOC_FD_TO_HANDLE-syz_kvm_setup_cpu$x86
detailed listing:
executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x8000, 0x0) (async, rerun: 64)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) (rerun: 64)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000240)={0x73622a85, 0x0, 0x8000000000002}) (async)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r3 = dup3(r2, r1, 0x0) (async)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r4, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000000c0)={0x8, 0x0, &(0x7f00000005c0)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x1058, 0x0, 0x0, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000280)={@flat=@binder={0x73622a85, 0x101, 0x1}, @ptr={0x70742a85, 0x80000, 0x0, 0x0, 0x1, 0x30}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0xfffffffffffffffd, 0x10000000000ca}}, &(0x7f0000000600)={0x0, 0x18, 0x40}}, 0x1000}], 0x0, 0x0, 0x0})
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000fd7000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
open(&(0x7f0000001440)='./file1\x00', 0x14d77e, 0xc2)
ioctl$XFS_IOC_FD_TO_HANDLE(r5, 0xc038586a, &(0x7f0000000240)={<r7=>r0, &(0x7f0000000000)='/dev/kvm\x00', 0x800, &(0x7f0000000100)={@_ha_fsid={[0x0, 0x9]}, {0x8, 0x5, 0x200, 0x4}}, 0x8001, &(0x7f0000000180)={@_ha_fsid}, &(0x7f00000001c0)=0x100})
syz_kvm_setup_cpu$x86(r7, r6, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000280)="2e0f219ec4e2659aa9fb93000066b8b1008ee866baf80cb8f88c0b8def66bafc0cec66b8e3008ec8f2dee3f20f013d3e000000c4c179707df8090f005d0766ba6100b80d000000ef", 0x48}], 0x1, 0x6c, 0x0, 0x0)

program crashed: lost connection to test machine
suppressed program crash: lost connection to test machine
testing program (duration=1m40s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-openat$binderfs-ioctl$BINDER_SET_CONTEXT_MGR_EXT-openat$binderfs-ioctl$BINDER_WRITE_READ-dup3-openat$binderfs-mmap$binder-ioctl$BINDER_SET_CONTEXT_MGR_EXT-ioctl$BINDER_WRITE_READ-ioctl$BINDER_WRITE_READ-ioctl$KVM_CREATE_VM-ioctl$KVM_CREATE_VCPU-syz_kvm_setup_cpu$x86-ioctl$FS_IOC_SETFLAGS-ioctl$XFS_IOC_FD_TO_HANDLE-syz_kvm_setup_cpu$x86
detailed listing:
executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x8000, 0x0) (async, rerun: 64)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) (rerun: 64)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000240)={0x73622a85, 0x0, 0x8000000000002}) (async)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r3 = dup3(r2, r1, 0x0) (async)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r4, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000000c0)={0x8, 0x0, &(0x7f00000005c0)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x1058, 0x0, 0x0, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000280)={@flat=@binder={0x73622a85, 0x101, 0x1}, @ptr={0x70742a85, 0x80000, 0x0, 0x0, 0x1, 0x30}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0xfffffffffffffffd, 0x10000000000ca}}, &(0x7f0000000600)={0x0, 0x18, 0x40}}, 0x1000}], 0x0, 0x0, 0x0})
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000fd7000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, &(0x7f0000000400)=0x20)
ioctl$XFS_IOC_FD_TO_HANDLE(r5, 0xc038586a, &(0x7f0000000240)={<r7=>r0, &(0x7f0000000000)='/dev/kvm\x00', 0x800, &(0x7f0000000100)={@_ha_fsid={[0x0, 0x9]}, {0x8, 0x5, 0x200, 0x4}}, 0x8001, &(0x7f0000000180)={@_ha_fsid}, &(0x7f00000001c0)=0x100})
syz_kvm_setup_cpu$x86(r7, r6, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000280)="2e0f219ec4e2659aa9fb93000066b8b1008ee866baf80cb8f88c0b8def66bafc0cec66b8e3008ec8f2dee3f20f013d3e000000c4c179707df8090f005d0766ba6100b80d000000ef", 0x48}], 0x1, 0x6c, 0x0, 0x0)

program did not crash
testing program (duration=1m40s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-openat$binderfs-ioctl$BINDER_SET_CONTEXT_MGR_EXT-openat$binderfs-ioctl$BINDER_WRITE_READ-dup3-openat$binderfs-mmap$binder-ioctl$BINDER_SET_CONTEXT_MGR_EXT-ioctl$BINDER_WRITE_READ-ioctl$BINDER_WRITE_READ-ioctl$KVM_CREATE_VM-ioctl$KVM_CREATE_VCPU-open-ioctl$FS_IOC_SETFLAGS-ioctl$XFS_IOC_FD_TO_HANDLE-syz_kvm_setup_cpu$x86
detailed listing:
executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x8000, 0x0) (async, rerun: 64)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) (rerun: 64)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000240)={0x73622a85, 0x0, 0x8000000000002}) (async)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r3 = dup3(r2, r1, 0x0) (async)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r4, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000000c0)={0x8, 0x0, &(0x7f00000005c0)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x1058, 0x0, 0x0, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000280)={@flat=@binder={0x73622a85, 0x101, 0x1}, @ptr={0x70742a85, 0x80000, 0x0, 0x0, 0x1, 0x30}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0xfffffffffffffffd, 0x10000000000ca}}, &(0x7f0000000600)={0x0, 0x18, 0x40}}, 0x1000}], 0x0, 0x0, 0x0})
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
r7 = open(&(0x7f0000001440)='./file1\x00', 0x14d77e, 0xc2)
ioctl$FS_IOC_SETFLAGS(r7, 0x40086602, &(0x7f0000000400)=0x20)
ioctl$XFS_IOC_FD_TO_HANDLE(r5, 0xc038586a, &(0x7f0000000240)={<r8=>r0, &(0x7f0000000000)='/dev/kvm\x00', 0x800, &(0x7f0000000100)={@_ha_fsid={[0x0, 0x9]}, {0x8, 0x5, 0x200, 0x4}}, 0x8001, &(0x7f0000000180)={@_ha_fsid}, &(0x7f00000001c0)=0x100})
syz_kvm_setup_cpu$x86(r8, r6, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000280)="2e0f219ec4e2659aa9fb93000066b8b1008ee866baf80cb8f88c0b8def66bafc0cec66b8e3008ec8f2dee3f20f013d3e000000c4c179707df8090f005d0766ba6100b80d000000ef", 0x48}], 0x1, 0x6c, 0x0, 0x0)

program did not crash
testing program (duration=1m40s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-openat$binderfs-ioctl$BINDER_SET_CONTEXT_MGR_EXT-openat$binderfs-ioctl$BINDER_WRITE_READ-dup3-openat$binderfs-mmap$binder-ioctl$BINDER_SET_CONTEXT_MGR_EXT-ioctl$BINDER_WRITE_READ-ioctl$BINDER_WRITE_READ-ioctl$KVM_CREATE_VM-syz_kvm_setup_cpu$x86-open-ioctl$FS_IOC_SETFLAGS-ioctl$XFS_IOC_FD_TO_HANDLE-syz_kvm_setup_cpu$x86
detailed listing:
executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x8000, 0x0) (async, rerun: 64)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) (rerun: 64)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000240)={0x73622a85, 0x0, 0x8000000000002}) (async)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r3 = dup3(r2, r1, 0x0) (async)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r4, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000000c0)={0x8, 0x0, &(0x7f00000005c0)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x1058, 0x0, 0x0, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000280)={@flat=@binder={0x73622a85, 0x101, 0x1}, @ptr={0x70742a85, 0x80000, 0x0, 0x0, 0x1, 0x30}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0xfffffffffffffffd, 0x10000000000ca}}, &(0x7f0000000600)={0x0, 0x18, 0x40}}, 0x1000}], 0x0, 0x0, 0x0})
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fd7000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
r6 = open(&(0x7f0000001440)='./file1\x00', 0x14d77e, 0xc2)
ioctl$FS_IOC_SETFLAGS(r6, 0x40086602, &(0x7f0000000400)=0x20)
ioctl$XFS_IOC_FD_TO_HANDLE(r5, 0xc038586a, &(0x7f0000000240)={<r7=>r0, &(0x7f0000000000)='/dev/kvm\x00', 0x800, &(0x7f0000000100)={@_ha_fsid={[0x0, 0x9]}, {0x8, 0x5, 0x200, 0x4}}, 0x8001, &(0x7f0000000180)={@_ha_fsid}, &(0x7f00000001c0)=0x100})
syz_kvm_setup_cpu$x86(r7, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000280)="2e0f219ec4e2659aa9fb93000066b8b1008ee866baf80cb8f88c0b8def66bafc0cec66b8e3008ec8f2dee3f20f013d3e000000c4c179707df8090f005d0766ba6100b80d000000ef", 0x48}], 0x1, 0x6c, 0x0, 0x0)

program did not crash
testing program (duration=1m40s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-openat$binderfs-ioctl$BINDER_SET_CONTEXT_MGR_EXT-openat$binderfs-ioctl$BINDER_WRITE_READ-dup3-openat$binderfs-mmap$binder-ioctl$BINDER_SET_CONTEXT_MGR_EXT-ioctl$BINDER_WRITE_READ-ioctl$BINDER_WRITE_READ-ioctl$KVM_CREATE_VCPU-syz_kvm_setup_cpu$x86-open-ioctl$FS_IOC_SETFLAGS-ioctl$XFS_IOC_FD_TO_HANDLE-syz_kvm_setup_cpu$x86
detailed listing:
executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x8000, 0x0) (async, rerun: 64)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) (rerun: 64)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000240)={0x73622a85, 0x0, 0x8000000000002}) (async)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r3 = dup3(r2, r1, 0x0) (async)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r4, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000000c0)={0x8, 0x0, &(0x7f00000005c0)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x1058, 0x0, 0x0, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000280)={@flat=@binder={0x73622a85, 0x101, 0x1}, @ptr={0x70742a85, 0x80000, 0x0, 0x0, 0x1, 0x30}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0xfffffffffffffffd, 0x10000000000ca}}, &(0x7f0000000600)={0x0, 0x18, 0x40}}, 0x1000}], 0x0, 0x0, 0x0})
r5 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000fd7000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
r6 = open(&(0x7f0000001440)='./file1\x00', 0x14d77e, 0xc2)
ioctl$FS_IOC_SETFLAGS(r6, 0x40086602, &(0x7f0000000400)=0x20)
ioctl$XFS_IOC_FD_TO_HANDLE(0xffffffffffffffff, 0xc038586a, &(0x7f0000000240)={<r7=>r0, &(0x7f0000000000)='/dev/kvm\x00', 0x800, &(0x7f0000000100)={@_ha_fsid={[0x0, 0x9]}, {0x8, 0x5, 0x200, 0x4}}, 0x8001, &(0x7f0000000180)={@_ha_fsid}, &(0x7f00000001c0)=0x100})
syz_kvm_setup_cpu$x86(r7, r5, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000280)="2e0f219ec4e2659aa9fb93000066b8b1008ee866baf80cb8f88c0b8def66bafc0cec66b8e3008ec8f2dee3f20f013d3e000000c4c179707df8090f005d0766ba6100b80d000000ef", 0x48}], 0x1, 0x6c, 0x0, 0x0)

program crashed: BUG: stack guard page was hit in corrupted
testing program (duration=1m40s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-openat$binderfs-ioctl$BINDER_SET_CONTEXT_MGR_EXT-openat$binderfs-ioctl$BINDER_WRITE_READ-dup3-openat$binderfs-mmap$binder-ioctl$BINDER_SET_CONTEXT_MGR_EXT-ioctl$BINDER_WRITE_READ-ioctl$KVM_CREATE_VCPU-syz_kvm_setup_cpu$x86-open-ioctl$FS_IOC_SETFLAGS-ioctl$XFS_IOC_FD_TO_HANDLE-syz_kvm_setup_cpu$x86
detailed listing:
executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x8000, 0x0) (async, rerun: 64)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) (rerun: 64)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000240)={0x73622a85, 0x0, 0x8000000000002}) (async)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r3 = dup3(r2, r1, 0x0) (async)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r4, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000000c0)={0x8, 0x0, &(0x7f00000005c0)=[@acquire], 0x0, 0x0, 0x0})
r5 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000fd7000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
r6 = open(&(0x7f0000001440)='./file1\x00', 0x14d77e, 0xc2)
ioctl$FS_IOC_SETFLAGS(r6, 0x40086602, &(0x7f0000000400)=0x20)
ioctl$XFS_IOC_FD_TO_HANDLE(0xffffffffffffffff, 0xc038586a, &(0x7f0000000240)={<r7=>r0, &(0x7f0000000000)='/dev/kvm\x00', 0x800, &(0x7f0000000100)={@_ha_fsid={[0x0, 0x9]}, {0x8, 0x5, 0x200, 0x4}}, 0x8001, &(0x7f0000000180)={@_ha_fsid}, &(0x7f00000001c0)=0x100})
syz_kvm_setup_cpu$x86(r7, r5, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000280)="2e0f219ec4e2659aa9fb93000066b8b1008ee866baf80cb8f88c0b8def66bafc0cec66b8e3008ec8f2dee3f20f013d3e000000c4c179707df8090f005d0766ba6100b80d000000ef", 0x48}], 0x1, 0x6c, 0x0, 0x0)

program did not crash
testing program (duration=1m40s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-openat$binderfs-ioctl$BINDER_SET_CONTEXT_MGR_EXT-openat$binderfs-ioctl$BINDER_WRITE_READ-dup3-openat$binderfs-mmap$binder-ioctl$BINDER_SET_CONTEXT_MGR_EXT-ioctl$BINDER_WRITE_READ-ioctl$KVM_CREATE_VCPU-syz_kvm_setup_cpu$x86-open-ioctl$FS_IOC_SETFLAGS-ioctl$XFS_IOC_FD_TO_HANDLE-syz_kvm_setup_cpu$x86
detailed listing:
executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x8000, 0x0) (async, rerun: 64)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) (rerun: 64)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000240)={0x73622a85, 0x0, 0x8000000000002}) (async)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r3 = dup3(r2, r1, 0x0) (async)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r4, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x1058, 0x0, 0x0, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000280)={@flat=@binder={0x73622a85, 0x101, 0x1}, @ptr={0x70742a85, 0x80000, 0x0, 0x0, 0x1, 0x30}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0xfffffffffffffffd, 0x10000000000ca}}, &(0x7f0000000600)={0x0, 0x18, 0x40}}, 0x1000}], 0x0, 0x0, 0x0})
r5 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000fd7000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
r6 = open(&(0x7f0000001440)='./file1\x00', 0x14d77e, 0xc2)
ioctl$FS_IOC_SETFLAGS(r6, 0x40086602, &(0x7f0000000400)=0x20)
ioctl$XFS_IOC_FD_TO_HANDLE(0xffffffffffffffff, 0xc038586a, &(0x7f0000000240)={<r7=>r0, &(0x7f0000000000)='/dev/kvm\x00', 0x800, &(0x7f0000000100)={@_ha_fsid={[0x0, 0x9]}, {0x8, 0x5, 0x200, 0x4}}, 0x8001, &(0x7f0000000180)={@_ha_fsid}, &(0x7f00000001c0)=0x100})
syz_kvm_setup_cpu$x86(r7, r5, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000280)="2e0f219ec4e2659aa9fb93000066b8b1008ee866baf80cb8f88c0b8def66bafc0cec66b8e3008ec8f2dee3f20f013d3e000000c4c179707df8090f005d0766ba6100b80d000000ef", 0x48}], 0x1, 0x6c, 0x0, 0x0)

program did not crash
testing program (duration=1m40s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-openat$binderfs-ioctl$BINDER_SET_CONTEXT_MGR_EXT-openat$binderfs-ioctl$BINDER_WRITE_READ-dup3-openat$binderfs-mmap$binder-ioctl$BINDER_WRITE_READ-ioctl$BINDER_WRITE_READ-ioctl$KVM_CREATE_VCPU-syz_kvm_setup_cpu$x86-open-ioctl$FS_IOC_SETFLAGS-ioctl$XFS_IOC_FD_TO_HANDLE-syz_kvm_setup_cpu$x86
detailed listing:
executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x8000, 0x0) (async, rerun: 64)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) (rerun: 64)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000240)={0x73622a85, 0x0, 0x8000000000002}) (async)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r3 = dup3(r2, r1, 0x0) (async)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r4, 0x10000000000)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000000c0)={0x8, 0x0, &(0x7f00000005c0)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x1058, 0x0, 0x0, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000280)={@flat=@binder={0x73622a85, 0x101, 0x1}, @ptr={0x70742a85, 0x80000, 0x0, 0x0, 0x1, 0x30}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0xfffffffffffffffd, 0x10000000000ca}}, &(0x7f0000000600)={0x0, 0x18, 0x40}}, 0x1000}], 0x0, 0x0, 0x0})
r5 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000fd7000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
r6 = open(&(0x7f0000001440)='./file1\x00', 0x14d77e, 0xc2)
ioctl$FS_IOC_SETFLAGS(r6, 0x40086602, &(0x7f0000000400)=0x20)
ioctl$XFS_IOC_FD_TO_HANDLE(0xffffffffffffffff, 0xc038586a, &(0x7f0000000240)={<r7=>r0, &(0x7f0000000000)='/dev/kvm\x00', 0x800, &(0x7f0000000100)={@_ha_fsid={[0x0, 0x9]}, {0x8, 0x5, 0x200, 0x4}}, 0x8001, &(0x7f0000000180)={@_ha_fsid}, &(0x7f00000001c0)=0x100})
syz_kvm_setup_cpu$x86(r7, r5, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000280)="2e0f219ec4e2659aa9fb93000066b8b1008ee866baf80cb8f88c0b8def66bafc0cec66b8e3008ec8f2dee3f20f013d3e000000c4c179707df8090f005d0766ba6100b80d000000ef", 0x48}], 0x1, 0x6c, 0x0, 0x0)

program did not crash
testing program (duration=1m40s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-openat$binderfs-ioctl$BINDER_SET_CONTEXT_MGR_EXT-openat$binderfs-ioctl$BINDER_WRITE_READ-dup3-openat$binderfs-ioctl$BINDER_SET_CONTEXT_MGR_EXT-ioctl$BINDER_WRITE_READ-ioctl$BINDER_WRITE_READ-ioctl$KVM_CREATE_VCPU-syz_kvm_setup_cpu$x86-open-ioctl$FS_IOC_SETFLAGS-ioctl$XFS_IOC_FD_TO_HANDLE-syz_kvm_setup_cpu$x86
detailed listing:
executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x8000, 0x0) (async, rerun: 64)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) (rerun: 64)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000240)={0x73622a85, 0x0, 0x8000000000002}) (async)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r3 = dup3(r2, r1, 0x0) (async)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000000c0)={0x8, 0x0, &(0x7f00000005c0)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x1058, 0x0, 0x0, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000280)={@flat=@binder={0x73622a85, 0x101, 0x1}, @ptr={0x70742a85, 0x80000, 0x0, 0x0, 0x1, 0x30}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0xfffffffffffffffd, 0x10000000000ca}}, &(0x7f0000000600)={0x0, 0x18, 0x40}}, 0x1000}], 0x0, 0x0, 0x0})
r5 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000fd7000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
r6 = open(&(0x7f0000001440)='./file1\x00', 0x14d77e, 0xc2)
ioctl$FS_IOC_SETFLAGS(r6, 0x40086602, &(0x7f0000000400)=0x20)
ioctl$XFS_IOC_FD_TO_HANDLE(0xffffffffffffffff, 0xc038586a, &(0x7f0000000240)={<r7=>r0, &(0x7f0000000000)='/dev/kvm\x00', 0x800, &(0x7f0000000100)={@_ha_fsid={[0x0, 0x9]}, {0x8, 0x5, 0x200, 0x4}}, 0x8001, &(0x7f0000000180)={@_ha_fsid}, &(0x7f00000001c0)=0x100})
syz_kvm_setup_cpu$x86(r7, r5, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000280)="2e0f219ec4e2659aa9fb93000066b8b1008ee866baf80cb8f88c0b8def66bafc0cec66b8e3008ec8f2dee3f20f013d3e000000c4c179707df8090f005d0766ba6100b80d000000ef", 0x48}], 0x1, 0x6c, 0x0, 0x0)

program did not crash
testing program (duration=1m40s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-openat$binderfs-ioctl$BINDER_SET_CONTEXT_MGR_EXT-openat$binderfs-ioctl$BINDER_WRITE_READ-dup3-mmap$binder-ioctl$BINDER_SET_CONTEXT_MGR_EXT-ioctl$BINDER_WRITE_READ-ioctl$BINDER_WRITE_READ-ioctl$KVM_CREATE_VCPU-syz_kvm_setup_cpu$x86-open-ioctl$FS_IOC_SETFLAGS-ioctl$XFS_IOC_FD_TO_HANDLE-syz_kvm_setup_cpu$x86
detailed listing:
executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x8000, 0x0) (async, rerun: 64)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) (rerun: 64)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000240)={0x73622a85, 0x0, 0x8000000000002}) (async)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r3 = dup3(r2, r1, 0x0) (async)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, 0xffffffffffffffff, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000000c0)={0x8, 0x0, &(0x7f00000005c0)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x1058, 0x0, 0x0, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000280)={@flat=@binder={0x73622a85, 0x101, 0x1}, @ptr={0x70742a85, 0x80000, 0x0, 0x0, 0x1, 0x30}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0xfffffffffffffffd, 0x10000000000ca}}, &(0x7f0000000600)={0x0, 0x18, 0x40}}, 0x1000}], 0x0, 0x0, 0x0})
r4 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fd7000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
r5 = open(&(0x7f0000001440)='./file1\x00', 0x14d77e, 0xc2)
ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f0000000400)=0x20)
ioctl$XFS_IOC_FD_TO_HANDLE(0xffffffffffffffff, 0xc038586a, &(0x7f0000000240)={<r6=>r0, &(0x7f0000000000)='/dev/kvm\x00', 0x800, &(0x7f0000000100)={@_ha_fsid={[0x0, 0x9]}, {0x8, 0x5, 0x200, 0x4}}, 0x8001, &(0x7f0000000180)={@_ha_fsid}, &(0x7f00000001c0)=0x100})
syz_kvm_setup_cpu$x86(r6, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000280)="2e0f219ec4e2659aa9fb93000066b8b1008ee866baf80cb8f88c0b8def66bafc0cec66b8e3008ec8f2dee3f20f013d3e000000c4c179707df8090f005d0766ba6100b80d000000ef", 0x48}], 0x1, 0x6c, 0x0, 0x0)

program did not crash
testing program (duration=1m40s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-openat$binderfs-ioctl$BINDER_SET_CONTEXT_MGR_EXT-openat$binderfs-ioctl$BINDER_WRITE_READ-openat$binderfs-mmap$binder-ioctl$BINDER_SET_CONTEXT_MGR_EXT-ioctl$BINDER_WRITE_READ-ioctl$BINDER_WRITE_READ-ioctl$KVM_CREATE_VCPU-syz_kvm_setup_cpu$x86-open-ioctl$FS_IOC_SETFLAGS-ioctl$XFS_IOC_FD_TO_HANDLE-syz_kvm_setup_cpu$x86
detailed listing:
executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x8000, 0x0) (async, rerun: 64)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) (rerun: 64)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000240)={0x73622a85, 0x0, 0x8000000000002}) (async)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f00000000c0)={0x8, 0x0, &(0x7f00000005c0)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x1058, 0x0, 0x0, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000280)={@flat=@binder={0x73622a85, 0x101, 0x1}, @ptr={0x70742a85, 0x80000, 0x0, 0x0, 0x1, 0x30}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0xfffffffffffffffd, 0x10000000000ca}}, &(0x7f0000000600)={0x0, 0x18, 0x40}}, 0x1000}], 0x0, 0x0, 0x0})
r4 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fd7000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
r5 = open(&(0x7f0000001440)='./file1\x00', 0x14d77e, 0xc2)
ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f0000000400)=0x20)
ioctl$XFS_IOC_FD_TO_HANDLE(0xffffffffffffffff, 0xc038586a, &(0x7f0000000240)={<r6=>r0, &(0x7f0000000000)='/dev/kvm\x00', 0x800, &(0x7f0000000100)={@_ha_fsid={[0x0, 0x9]}, {0x8, 0x5, 0x200, 0x4}}, 0x8001, &(0x7f0000000180)={@_ha_fsid}, &(0x7f00000001c0)=0x100})
syz_kvm_setup_cpu$x86(r6, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000280)="2e0f219ec4e2659aa9fb93000066b8b1008ee866baf80cb8f88c0b8def66bafc0cec66b8e3008ec8f2dee3f20f013d3e000000c4c179707df8090f005d0766ba6100b80d000000ef", 0x48}], 0x1, 0x6c, 0x0, 0x0)

program did not crash
testing program (duration=1m40s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-openat$binderfs-ioctl$BINDER_SET_CONTEXT_MGR_EXT-openat$binderfs-dup3-openat$binderfs-mmap$binder-ioctl$BINDER_SET_CONTEXT_MGR_EXT-ioctl$BINDER_WRITE_READ-ioctl$BINDER_WRITE_READ-ioctl$KVM_CREATE_VCPU-syz_kvm_setup_cpu$x86-open-ioctl$FS_IOC_SETFLAGS-ioctl$XFS_IOC_FD_TO_HANDLE-syz_kvm_setup_cpu$x86
detailed listing:
executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x8000, 0x0) (async, rerun: 64)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) (rerun: 64)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000240)={0x73622a85, 0x0, 0x8000000000002}) (async)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
r3 = dup3(r2, r1, 0x0) (async)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r4, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000000c0)={0x8, 0x0, &(0x7f00000005c0)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x1058, 0x0, 0x0, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000280)={@flat=@binder={0x73622a85, 0x101, 0x1}, @ptr={0x70742a85, 0x80000, 0x0, 0x0, 0x1, 0x30}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0xfffffffffffffffd, 0x10000000000ca}}, &(0x7f0000000600)={0x0, 0x18, 0x40}}, 0x1000}], 0x0, 0x0, 0x0})
r5 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000fd7000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
r6 = open(&(0x7f0000001440)='./file1\x00', 0x14d77e, 0xc2)
ioctl$FS_IOC_SETFLAGS(r6, 0x40086602, &(0x7f0000000400)=0x20)
ioctl$XFS_IOC_FD_TO_HANDLE(0xffffffffffffffff, 0xc038586a, &(0x7f0000000240)={<r7=>r0, &(0x7f0000000000)='/dev/kvm\x00', 0x800, &(0x7f0000000100)={@_ha_fsid={[0x0, 0x9]}, {0x8, 0x5, 0x200, 0x4}}, 0x8001, &(0x7f0000000180)={@_ha_fsid}, &(0x7f00000001c0)=0x100})
syz_kvm_setup_cpu$x86(r7, r5, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000280)="2e0f219ec4e2659aa9fb93000066b8b1008ee866baf80cb8f88c0b8def66bafc0cec66b8e3008ec8f2dee3f20f013d3e000000c4c179707df8090f005d0766ba6100b80d000000ef", 0x48}], 0x1, 0x6c, 0x0, 0x0)

program did not crash
testing program (duration=1m40s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-openat$binderfs-ioctl$BINDER_SET_CONTEXT_MGR_EXT-ioctl$BINDER_WRITE_READ-dup3-openat$binderfs-mmap$binder-ioctl$BINDER_SET_CONTEXT_MGR_EXT-ioctl$BINDER_WRITE_READ-ioctl$BINDER_WRITE_READ-ioctl$KVM_CREATE_VCPU-syz_kvm_setup_cpu$x86-open-ioctl$FS_IOC_SETFLAGS-ioctl$XFS_IOC_FD_TO_HANDLE-syz_kvm_setup_cpu$x86
detailed listing:
executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x8000, 0x0) (async, rerun: 64)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) (rerun: 64)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000240)={0x73622a85, 0x0, 0x8000000000002}) (async)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f00000001c0)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(0xffffffffffffffff, r1, 0x0) (async)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000000c0)={0x8, 0x0, &(0x7f00000005c0)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x1058, 0x0, 0x0, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000280)={@flat=@binder={0x73622a85, 0x101, 0x1}, @ptr={0x70742a85, 0x80000, 0x0, 0x0, 0x1, 0x30}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0xfffffffffffffffd, 0x10000000000ca}}, &(0x7f0000000600)={0x0, 0x18, 0x40}}, 0x1000}], 0x0, 0x0, 0x0})
r4 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fd7000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
r5 = open(&(0x7f0000001440)='./file1\x00', 0x14d77e, 0xc2)
ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f0000000400)=0x20)
ioctl$XFS_IOC_FD_TO_HANDLE(0xffffffffffffffff, 0xc038586a, &(0x7f0000000240)={<r6=>r0, &(0x7f0000000000)='/dev/kvm\x00', 0x800, &(0x7f0000000100)={@_ha_fsid={[0x0, 0x9]}, {0x8, 0x5, 0x200, 0x4}}, 0x8001, &(0x7f0000000180)={@_ha_fsid}, &(0x7f00000001c0)=0x100})
syz_kvm_setup_cpu$x86(r6, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000280)="2e0f219ec4e2659aa9fb93000066b8b1008ee866baf80cb8f88c0b8def66bafc0cec66b8e3008ec8f2dee3f20f013d3e000000c4c179707df8090f005d0766ba6100b80d000000ef", 0x48}], 0x1, 0x6c, 0x0, 0x0)

program did not crash
testing program (duration=1m40s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-openat$binderfs-openat$binderfs-ioctl$BINDER_WRITE_READ-dup3-openat$binderfs-mmap$binder-ioctl$BINDER_SET_CONTEXT_MGR_EXT-ioctl$BINDER_WRITE_READ-ioctl$BINDER_WRITE_READ-ioctl$KVM_CREATE_VCPU-syz_kvm_setup_cpu$x86-open-ioctl$FS_IOC_SETFLAGS-ioctl$XFS_IOC_FD_TO_HANDLE-syz_kvm_setup_cpu$x86
detailed listing:
executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x8000, 0x0) (async, rerun: 64)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) (rerun: 64)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r3 = dup3(r2, r1, 0x0) (async)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r4, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000000c0)={0x8, 0x0, &(0x7f00000005c0)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x1058, 0x0, 0x0, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000280)={@flat=@binder={0x73622a85, 0x101, 0x1}, @ptr={0x70742a85, 0x80000, 0x0, 0x0, 0x1, 0x30}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0xfffffffffffffffd, 0x10000000000ca}}, &(0x7f0000000600)={0x0, 0x18, 0x40}}, 0x1000}], 0x0, 0x0, 0x0})
r5 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000fd7000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
r6 = open(&(0x7f0000001440)='./file1\x00', 0x14d77e, 0xc2)
ioctl$FS_IOC_SETFLAGS(r6, 0x40086602, &(0x7f0000000400)=0x20)
ioctl$XFS_IOC_FD_TO_HANDLE(0xffffffffffffffff, 0xc038586a, &(0x7f0000000240)={<r7=>r0, &(0x7f0000000000)='/dev/kvm\x00', 0x800, &(0x7f0000000100)={@_ha_fsid={[0x0, 0x9]}, {0x8, 0x5, 0x200, 0x4}}, 0x8001, &(0x7f0000000180)={@_ha_fsid}, &(0x7f00000001c0)=0x100})
syz_kvm_setup_cpu$x86(r7, r5, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000280)="2e0f219ec4e2659aa9fb93000066b8b1008ee866baf80cb8f88c0b8def66bafc0cec66b8e3008ec8f2dee3f20f013d3e000000c4c179707df8090f005d0766ba6100b80d000000ef", 0x48}], 0x1, 0x6c, 0x0, 0x0)

program did not crash
testing program (duration=1m40s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-ioctl$BINDER_SET_CONTEXT_MGR_EXT-openat$binderfs-ioctl$BINDER_WRITE_READ-dup3-openat$binderfs-mmap$binder-ioctl$BINDER_SET_CONTEXT_MGR_EXT-ioctl$BINDER_WRITE_READ-ioctl$BINDER_WRITE_READ-ioctl$KVM_CREATE_VCPU-syz_kvm_setup_cpu$x86-open-ioctl$FS_IOC_SETFLAGS-ioctl$XFS_IOC_FD_TO_HANDLE-syz_kvm_setup_cpu$x86
detailed listing:
executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x8000, 0x0) (async, rerun: 64)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f0000000240)={0x73622a85, 0x0, 0x8000000000002}) (async)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000001c0)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, 0xffffffffffffffff, 0x0) (async)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000000c0)={0x8, 0x0, &(0x7f00000005c0)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x1058, 0x0, 0x0, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000280)={@flat=@binder={0x73622a85, 0x101, 0x1}, @ptr={0x70742a85, 0x80000, 0x0, 0x0, 0x1, 0x30}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0xfffffffffffffffd, 0x10000000000ca}}, &(0x7f0000000600)={0x0, 0x18, 0x40}}, 0x1000}], 0x0, 0x0, 0x0})
r4 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fd7000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
r5 = open(&(0x7f0000001440)='./file1\x00', 0x14d77e, 0xc2)
ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f0000000400)=0x20)
ioctl$XFS_IOC_FD_TO_HANDLE(0xffffffffffffffff, 0xc038586a, &(0x7f0000000240)={<r6=>r0, &(0x7f0000000000)='/dev/kvm\x00', 0x800, &(0x7f0000000100)={@_ha_fsid={[0x0, 0x9]}, {0x8, 0x5, 0x200, 0x4}}, 0x8001, &(0x7f0000000180)={@_ha_fsid}, &(0x7f00000001c0)=0x100})
syz_kvm_setup_cpu$x86(r6, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000280)="2e0f219ec4e2659aa9fb93000066b8b1008ee866baf80cb8f88c0b8def66bafc0cec66b8e3008ec8f2dee3f20f013d3e000000c4c179707df8090f005d0766ba6100b80d000000ef", 0x48}], 0x1, 0x6c, 0x0, 0x0)

program did not crash
testing program (duration=1m40s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$binderfs-ioctl$BINDER_SET_CONTEXT_MGR_EXT-openat$binderfs-ioctl$BINDER_WRITE_READ-dup3-openat$binderfs-mmap$binder-ioctl$BINDER_SET_CONTEXT_MGR_EXT-ioctl$BINDER_WRITE_READ-ioctl$BINDER_WRITE_READ-ioctl$KVM_CREATE_VCPU-syz_kvm_setup_cpu$x86-open-ioctl$FS_IOC_SETFLAGS-ioctl$XFS_IOC_FD_TO_HANDLE-syz_kvm_setup_cpu$x86
detailed listing:
executing program 0:
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) (rerun: 64)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000240)={0x73622a85, 0x0, 0x8000000000002}) (async)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000001c0)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0) (async)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000000c0)={0x8, 0x0, &(0x7f00000005c0)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x1058, 0x0, 0x0, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000280)={@flat=@binder={0x73622a85, 0x101, 0x1}, @ptr={0x70742a85, 0x80000, 0x0, 0x0, 0x1, 0x30}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0xfffffffffffffffd, 0x10000000000ca}}, &(0x7f0000000600)={0x0, 0x18, 0x40}}, 0x1000}], 0x0, 0x0, 0x0})
r4 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fd7000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
r5 = open(&(0x7f0000001440)='./file1\x00', 0x14d77e, 0xc2)
ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f0000000400)=0x20)
ioctl$XFS_IOC_FD_TO_HANDLE(0xffffffffffffffff, 0xc038586a, &(0x7f0000000240)={<r6=>0xffffffffffffffff, &(0x7f0000000000)='/dev/kvm\x00', 0x800, &(0x7f0000000100)={@_ha_fsid={[0x0, 0x9]}, {0x8, 0x5, 0x200, 0x4}}, 0x8001, &(0x7f0000000180)={@_ha_fsid}, &(0x7f00000001c0)=0x100})
syz_kvm_setup_cpu$x86(r6, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000280)="2e0f219ec4e2659aa9fb93000066b8b1008ee866baf80cb8f88c0b8def66bafc0cec66b8e3008ec8f2dee3f20f013d3e000000c4c179707df8090f005d0766ba6100b80d000000ef", 0x48}], 0x1, 0x6c, 0x0, 0x0)

program crashed: BUG: stack guard page was hit in rust_binder::rust_binder_ioctl
testing program (duration=1m40s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$binderfs-ioctl$BINDER_SET_CONTEXT_MGR_EXT-openat$binderfs-ioctl$BINDER_WRITE_READ-dup3-openat$binderfs-mmap$binder-ioctl$BINDER_SET_CONTEXT_MGR_EXT-ioctl$BINDER_WRITE_READ-ioctl$BINDER_WRITE_READ-ioctl$KVM_CREATE_VCPU-syz_kvm_setup_cpu$x86-open-ioctl$FS_IOC_SETFLAGS-ioctl$XFS_IOC_FD_TO_HANDLE-syz_kvm_setup_cpu$x86
detailed listing:
executing program 0:
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000240)={0x73622a85, 0x0, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000001c0)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000000c0)={0x8, 0x0, &(0x7f00000005c0)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x1058, 0x0, 0x0, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000280)={@flat=@binder={0x73622a85, 0x101, 0x1}, @ptr={0x70742a85, 0x80000, 0x0, 0x0, 0x1, 0x30}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0xfffffffffffffffd, 0x10000000000ca}}, &(0x7f0000000600)={0x0, 0x18, 0x40}}, 0x1000}], 0x0, 0x0, 0x0})
r4 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fd7000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
r5 = open(&(0x7f0000001440)='./file1\x00', 0x14d77e, 0xc2)
ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f0000000400)=0x20)
ioctl$XFS_IOC_FD_TO_HANDLE(0xffffffffffffffff, 0xc038586a, &(0x7f0000000240)={<r6=>0xffffffffffffffff, &(0x7f0000000000)='/dev/kvm\x00', 0x800, &(0x7f0000000100)={@_ha_fsid={[0x0, 0x9]}, {0x8, 0x5, 0x200, 0x4}}, 0x8001, &(0x7f0000000180)={@_ha_fsid}, &(0x7f00000001c0)=0x100})
syz_kvm_setup_cpu$x86(r6, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000280)="2e0f219ec4e2659aa9fb93000066b8b1008ee866baf80cb8f88c0b8def66bafc0cec66b8e3008ec8f2dee3f20f013d3e000000c4c179707df8090f005d0766ba6100b80d000000ef", 0x48}], 0x1, 0x6c, 0x0, 0x0)

program crashed: BUG: stack guard page was hit in rust_binder::rust_binder_ioctl
testing program (duration=1m40s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$binderfs-ioctl$BINDER_SET_CONTEXT_MGR_EXT-openat$binderfs-ioctl$BINDER_WRITE_READ-dup3-openat$binderfs-mmap$binder-ioctl$BINDER_SET_CONTEXT_MGR_EXT-ioctl$BINDER_WRITE_READ-ioctl$BINDER_WRITE_READ-ioctl$KVM_CREATE_VCPU-syz_kvm_setup_cpu$x86-open-ioctl$FS_IOC_SETFLAGS-ioctl$XFS_IOC_FD_TO_HANDLE-syz_kvm_setup_cpu$x86
detailed listing:
executing program 0:
r0 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000240)={0x73622a85, 0x0, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000001c0)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000000c0)={0x8, 0x0, &(0x7f00000005c0)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x1058, 0x0, 0x0, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000280)={@flat=@binder={0x73622a85, 0x101, 0x1}, @ptr={0x70742a85, 0x80000, 0x0, 0x0, 0x1, 0x30}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0xfffffffffffffffd, 0x10000000000ca}}, &(0x7f0000000600)={0x0, 0x18, 0x40}}, 0x1000}], 0x0, 0x0, 0x0})
r4 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fd7000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
r5 = open(&(0x7f0000001440)='./file1\x00', 0x14d77e, 0xc2)
ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f0000000400)=0x20)
ioctl$XFS_IOC_FD_TO_HANDLE(0xffffffffffffffff, 0xc038586a, &(0x7f0000000240)={<r6=>0xffffffffffffffff, &(0x7f0000000000)='/dev/kvm\x00', 0x800, &(0x7f0000000100)={@_ha_fsid={[0x0, 0x9]}, {0x8, 0x5, 0x200, 0x4}}, 0x8001, &(0x7f0000000180)={@_ha_fsid}, &(0x7f00000001c0)=0x100})
syz_kvm_setup_cpu$x86(r6, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000280)="2e0f219ec4e2659aa9fb93000066b8b1008ee866baf80cb8f88c0b8def66bafc0cec66b8e3008ec8f2dee3f20f013d3e000000c4c179707df8090f005d0766ba6100b80d000000ef", 0x48}], 0x1, 0x6c, 0x0, 0x0)

program did not crash
testing program (duration=1m40s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$binderfs-ioctl$BINDER_SET_CONTEXT_MGR_EXT-openat$binderfs-ioctl$BINDER_WRITE_READ-dup3-openat$binderfs-mmap$binder-ioctl$BINDER_SET_CONTEXT_MGR_EXT-ioctl$BINDER_WRITE_READ-ioctl$BINDER_WRITE_READ-ioctl$KVM_CREATE_VCPU-syz_kvm_setup_cpu$x86-open-ioctl$FS_IOC_SETFLAGS-ioctl$XFS_IOC_FD_TO_HANDLE-syz_kvm_setup_cpu$x86
detailed listing:
executing program 0:
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000001c0)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000000c0)={0x8, 0x0, &(0x7f00000005c0)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x1058, 0x0, 0x0, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000280)={@flat=@binder={0x73622a85, 0x101, 0x1}, @ptr={0x70742a85, 0x80000, 0x0, 0x0, 0x1, 0x30}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0xfffffffffffffffd, 0x10000000000ca}}, &(0x7f0000000600)={0x0, 0x18, 0x40}}, 0x1000}], 0x0, 0x0, 0x0})
r4 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fd7000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
r5 = open(&(0x7f0000001440)='./file1\x00', 0x14d77e, 0xc2)
ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f0000000400)=0x20)
ioctl$XFS_IOC_FD_TO_HANDLE(0xffffffffffffffff, 0xc038586a, &(0x7f0000000240)={<r6=>0xffffffffffffffff, &(0x7f0000000000)='/dev/kvm\x00', 0x800, &(0x7f0000000100)={@_ha_fsid={[0x0, 0x9]}, {0x8, 0x5, 0x200, 0x4}}, 0x8001, &(0x7f0000000180)={@_ha_fsid}, &(0x7f00000001c0)=0x100})
syz_kvm_setup_cpu$x86(r6, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000280)="2e0f219ec4e2659aa9fb93000066b8b1008ee866baf80cb8f88c0b8def66bafc0cec66b8e3008ec8f2dee3f20f013d3e000000c4c179707df8090f005d0766ba6100b80d000000ef", 0x48}], 0x1, 0x6c, 0x0, 0x0)

program did not crash
testing program (duration=1m40s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$binderfs-ioctl$BINDER_SET_CONTEXT_MGR_EXT-openat$binderfs-ioctl$BINDER_WRITE_READ-dup3-openat$binderfs-mmap$binder-ioctl$BINDER_SET_CONTEXT_MGR_EXT-ioctl$BINDER_WRITE_READ-ioctl$BINDER_WRITE_READ-ioctl$KVM_CREATE_VCPU-syz_kvm_setup_cpu$x86-open-ioctl$FS_IOC_SETFLAGS-ioctl$XFS_IOC_FD_TO_HANDLE-syz_kvm_setup_cpu$x86
detailed listing:
executing program 0:
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000240)={0x73622a85, 0x0, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000001c0)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000000c0)={0x8, 0x0, &(0x7f00000005c0)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x1058, 0x0, 0x0, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000280)={@flat=@binder={0x73622a85, 0x101, 0x1}, @ptr={0x70742a85, 0x80000, 0x0, 0x0, 0x1, 0x30}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0xfffffffffffffffd, 0x10000000000ca}}, &(0x7f0000000600)={0x0, 0x18, 0x40}}, 0x1000}], 0x0, 0x0, 0x0})
r4 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fd7000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
r5 = open(&(0x7f0000001440)='./file1\x00', 0x14d77e, 0xc2)
ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f0000000400)=0x20)
ioctl$XFS_IOC_FD_TO_HANDLE(0xffffffffffffffff, 0xc038586a, &(0x7f0000000240)={<r6=>0xffffffffffffffff, &(0x7f0000000000)='/dev/kvm\x00', 0x800, &(0x7f0000000100)={@_ha_fsid={[0x0, 0x9]}, {0x8, 0x5, 0x200, 0x4}}, 0x8001, &(0x7f0000000180)={@_ha_fsid}, &(0x7f00000001c0)=0x100})
syz_kvm_setup_cpu$x86(r6, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000280)="2e0f219ec4e2659aa9fb93000066b8b1008ee866baf80cb8f88c0b8def66bafc0cec66b8e3008ec8f2dee3f20f013d3e000000c4c179707df8090f005d0766ba6100b80d000000ef", 0x48}], 0x1, 0x6c, 0x0, 0x0)

program did not crash
testing program (duration=1m40s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$binderfs-ioctl$BINDER_SET_CONTEXT_MGR_EXT-openat$binderfs-ioctl$BINDER_WRITE_READ-dup3-openat$binderfs-mmap$binder-ioctl$BINDER_SET_CONTEXT_MGR_EXT-ioctl$BINDER_WRITE_READ-ioctl$BINDER_WRITE_READ-ioctl$KVM_CREATE_VCPU-syz_kvm_setup_cpu$x86-open-ioctl$FS_IOC_SETFLAGS-ioctl$XFS_IOC_FD_TO_HANDLE-syz_kvm_setup_cpu$x86
detailed listing:
executing program 0:
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000240)={0x73622a85, 0x0, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, 0x0)
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000000c0)={0x8, 0x0, &(0x7f00000005c0)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x1058, 0x0, 0x0, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000280)={@flat=@binder={0x73622a85, 0x101, 0x1}, @ptr={0x70742a85, 0x80000, 0x0, 0x0, 0x1, 0x30}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0xfffffffffffffffd, 0x10000000000ca}}, &(0x7f0000000600)={0x0, 0x18, 0x40}}, 0x1000}], 0x0, 0x0, 0x0})
r4 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fd7000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
r5 = open(&(0x7f0000001440)='./file1\x00', 0x14d77e, 0xc2)
ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f0000000400)=0x20)
ioctl$XFS_IOC_FD_TO_HANDLE(0xffffffffffffffff, 0xc038586a, &(0x7f0000000240)={<r6=>0xffffffffffffffff, &(0x7f0000000000)='/dev/kvm\x00', 0x800, &(0x7f0000000100)={@_ha_fsid={[0x0, 0x9]}, {0x8, 0x5, 0x200, 0x4}}, 0x8001, &(0x7f0000000180)={@_ha_fsid}, &(0x7f00000001c0)=0x100})
syz_kvm_setup_cpu$x86(r6, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000280)="2e0f219ec4e2659aa9fb93000066b8b1008ee866baf80cb8f88c0b8def66bafc0cec66b8e3008ec8f2dee3f20f013d3e000000c4c179707df8090f005d0766ba6100b80d000000ef", 0x48}], 0x1, 0x6c, 0x0, 0x0)

program did not crash
testing program (duration=1m40s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$binderfs-ioctl$BINDER_SET_CONTEXT_MGR_EXT-openat$binderfs-ioctl$BINDER_WRITE_READ-dup3-openat$binderfs-mmap$binder-ioctl$BINDER_SET_CONTEXT_MGR_EXT-ioctl$BINDER_WRITE_READ-ioctl$BINDER_WRITE_READ-ioctl$KVM_CREATE_VCPU-syz_kvm_setup_cpu$x86-open-ioctl$FS_IOC_SETFLAGS-ioctl$XFS_IOC_FD_TO_HANDLE-syz_kvm_setup_cpu$x86
detailed listing:
executing program 0:
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000240)={0x73622a85, 0x0, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000000c0)={0x8, 0x0, &(0x7f00000005c0)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x1058, 0x0, 0x0, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000280)={@flat=@binder={0x73622a85, 0x101, 0x1}, @ptr={0x70742a85, 0x80000, 0x0, 0x0, 0x1, 0x30}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0xfffffffffffffffd, 0x10000000000ca}}, &(0x7f0000000600)={0x0, 0x18, 0x40}}, 0x1000}], 0x0, 0x0, 0x0})
r4 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fd7000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
r5 = open(&(0x7f0000001440)='./file1\x00', 0x14d77e, 0xc2)
ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f0000000400)=0x20)
ioctl$XFS_IOC_FD_TO_HANDLE(0xffffffffffffffff, 0xc038586a, &(0x7f0000000240)={<r6=>0xffffffffffffffff, &(0x7f0000000000)='/dev/kvm\x00', 0x800, &(0x7f0000000100)={@_ha_fsid={[0x0, 0x9]}, {0x8, 0x5, 0x200, 0x4}}, 0x8001, &(0x7f0000000180)={@_ha_fsid}, &(0x7f00000001c0)=0x100})
syz_kvm_setup_cpu$x86(r6, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000280)="2e0f219ec4e2659aa9fb93000066b8b1008ee866baf80cb8f88c0b8def66bafc0cec66b8e3008ec8f2dee3f20f013d3e000000c4c179707df8090f005d0766ba6100b80d000000ef", 0x48}], 0x1, 0x6c, 0x0, 0x0)

program did not crash
testing program (duration=1m40s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$binderfs-ioctl$BINDER_SET_CONTEXT_MGR_EXT-openat$binderfs-ioctl$BINDER_WRITE_READ-dup3-openat$binderfs-mmap$binder-ioctl$BINDER_SET_CONTEXT_MGR_EXT-ioctl$BINDER_WRITE_READ-ioctl$BINDER_WRITE_READ-ioctl$KVM_CREATE_VCPU-syz_kvm_setup_cpu$x86-open-ioctl$FS_IOC_SETFLAGS-ioctl$XFS_IOC_FD_TO_HANDLE-syz_kvm_setup_cpu$x86
detailed listing:
executing program 0:
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000240)={0x73622a85, 0x0, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000001c0)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000000c0)={0x8, 0x0, &(0x7f00000005c0)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x1058, 0x0, 0x0, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000280)={@flat=@binder={0x73622a85, 0x101, 0x1}, @ptr={0x70742a85, 0x80000, 0x0, 0x0, 0x1, 0x30}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0xfffffffffffffffd, 0x10000000000ca}}, &(0x7f0000000600)={0x0, 0x18, 0x40}}, 0x1000}], 0x0, 0x0, 0x0})
r4 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fd7000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
r5 = open(&(0x7f0000001440)='./file1\x00', 0x14d77e, 0xc2)
ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f0000000400)=0x20)
ioctl$XFS_IOC_FD_TO_HANDLE(0xffffffffffffffff, 0xc038586a, &(0x7f0000000240)={<r6=>0xffffffffffffffff, &(0x7f0000000000)='/dev/kvm\x00', 0x800, &(0x7f0000000100)={@_ha_fsid={[0x0, 0x9]}, {0x8, 0x5, 0x200, 0x4}}, 0x8001, &(0x7f0000000180)={@_ha_fsid}, &(0x7f00000001c0)=0x100})
syz_kvm_setup_cpu$x86(r6, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000280)="2e0f219ec4e2659aa9fb93000066b8b1008ee866baf80cb8f88c0b8def66bafc0cec66b8e3008ec8f2dee3f20f013d3e000000c4c179707df8090f005d0766ba6100b80d000000ef", 0x48}], 0x1, 0x6c, 0x0, 0x0)

program did not crash
testing program (duration=1m40s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$binderfs-ioctl$BINDER_SET_CONTEXT_MGR_EXT-openat$binderfs-ioctl$BINDER_WRITE_READ-dup3-openat$binderfs-mmap$binder-ioctl$BINDER_SET_CONTEXT_MGR_EXT-ioctl$BINDER_WRITE_READ-ioctl$BINDER_WRITE_READ-ioctl$KVM_CREATE_VCPU-syz_kvm_setup_cpu$x86-open-ioctl$FS_IOC_SETFLAGS-ioctl$XFS_IOC_FD_TO_HANDLE-syz_kvm_setup_cpu$x86
detailed listing:
executing program 0:
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000240)={0x73622a85, 0x0, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000001c0)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000000c0)={0x8, 0x0, &(0x7f00000005c0)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x1058, 0x0, 0x0, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000280)={@flat=@binder={0x73622a85, 0x101, 0x1}, @ptr={0x70742a85, 0x80000, 0x0, 0x0, 0x1, 0x30}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0xfffffffffffffffd, 0x10000000000ca}}, &(0x7f0000000600)={0x0, 0x18, 0x40}}, 0x1000}], 0x0, 0x0, 0x0})
r4 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fd7000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
r5 = open(&(0x7f0000001440)='./file1\x00', 0x14d77e, 0xc2)
ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f0000000400)=0x20)
ioctl$XFS_IOC_FD_TO_HANDLE(0xffffffffffffffff, 0xc038586a, &(0x7f0000000240)={<r6=>0xffffffffffffffff, &(0x7f0000000000)='/dev/kvm\x00', 0x800, &(0x7f0000000100)={@_ha_fsid={[0x0, 0x9]}, {0x8, 0x5, 0x200, 0x4}}, 0x8001, &(0x7f0000000180)={@_ha_fsid}, &(0x7f00000001c0)=0x100})
syz_kvm_setup_cpu$x86(r6, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000280)="2e0f219ec4e2659aa9fb93000066b8b1008ee866baf80cb8f88c0b8def66bafc0cec66b8e3008ec8f2dee3f20f013d3e000000c4c179707df8090f005d0766ba6100b80d000000ef", 0x48}], 0x1, 0x6c, 0x0, 0x0)

program did not crash
testing program (duration=1m40s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$binderfs-ioctl$BINDER_SET_CONTEXT_MGR_EXT-openat$binderfs-ioctl$BINDER_WRITE_READ-dup3-openat$binderfs-mmap$binder-ioctl$BINDER_SET_CONTEXT_MGR_EXT-ioctl$BINDER_WRITE_READ-ioctl$BINDER_WRITE_READ-ioctl$KVM_CREATE_VCPU-syz_kvm_setup_cpu$x86-open-ioctl$FS_IOC_SETFLAGS-ioctl$XFS_IOC_FD_TO_HANDLE-syz_kvm_setup_cpu$x86
detailed listing:
executing program 0:
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000240)={0x73622a85, 0x0, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000001c0)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x1058, 0x0, 0x0, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000280)={@flat=@binder={0x73622a85, 0x101, 0x1}, @ptr={0x70742a85, 0x80000, 0x0, 0x0, 0x1, 0x30}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0xfffffffffffffffd, 0x10000000000ca}}, &(0x7f0000000600)={0x0, 0x18, 0x40}}, 0x1000}], 0x0, 0x0, 0x0})
r4 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fd7000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
r5 = open(&(0x7f0000001440)='./file1\x00', 0x14d77e, 0xc2)
ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f0000000400)=0x20)
ioctl$XFS_IOC_FD_TO_HANDLE(0xffffffffffffffff, 0xc038586a, &(0x7f0000000240)={<r6=>0xffffffffffffffff, &(0x7f0000000000)='/dev/kvm\x00', 0x800, &(0x7f0000000100)={@_ha_fsid={[0x0, 0x9]}, {0x8, 0x5, 0x200, 0x4}}, 0x8001, &(0x7f0000000180)={@_ha_fsid}, &(0x7f00000001c0)=0x100})
syz_kvm_setup_cpu$x86(r6, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000280)="2e0f219ec4e2659aa9fb93000066b8b1008ee866baf80cb8f88c0b8def66bafc0cec66b8e3008ec8f2dee3f20f013d3e000000c4c179707df8090f005d0766ba6100b80d000000ef", 0x48}], 0x1, 0x6c, 0x0, 0x0)

program did not crash
testing program (duration=1m40s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$binderfs-ioctl$BINDER_SET_CONTEXT_MGR_EXT-openat$binderfs-ioctl$BINDER_WRITE_READ-dup3-openat$binderfs-mmap$binder-ioctl$BINDER_SET_CONTEXT_MGR_EXT-ioctl$BINDER_WRITE_READ-ioctl$BINDER_WRITE_READ-ioctl$KVM_CREATE_VCPU-syz_kvm_setup_cpu$x86-open-ioctl$FS_IOC_SETFLAGS-ioctl$XFS_IOC_FD_TO_HANDLE-syz_kvm_setup_cpu$x86
detailed listing:
executing program 0:
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000240)={0x73622a85, 0x0, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000001c0)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x1058, 0x0, 0x0, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000280)={@flat=@binder={0x73622a85, 0x101, 0x1}, @ptr={0x70742a85, 0x80000, 0x0, 0x0, 0x1, 0x30}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0xfffffffffffffffd, 0x10000000000ca}}, &(0x7f0000000600)={0x0, 0x18, 0x40}}, 0x1000}], 0x0, 0x0, 0x0})
r4 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fd7000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
r5 = open(&(0x7f0000001440)='./file1\x00', 0x14d77e, 0xc2)
ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f0000000400)=0x20)
ioctl$XFS_IOC_FD_TO_HANDLE(0xffffffffffffffff, 0xc038586a, &(0x7f0000000240)={<r6=>0xffffffffffffffff, &(0x7f0000000000)='/dev/kvm\x00', 0x800, &(0x7f0000000100)={@_ha_fsid={[0x0, 0x9]}, {0x8, 0x5, 0x200, 0x4}}, 0x8001, &(0x7f0000000180)={@_ha_fsid}, &(0x7f00000001c0)=0x100})
syz_kvm_setup_cpu$x86(r6, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000280)="2e0f219ec4e2659aa9fb93000066b8b1008ee866baf80cb8f88c0b8def66bafc0cec66b8e3008ec8f2dee3f20f013d3e000000c4c179707df8090f005d0766ba6100b80d000000ef", 0x48}], 0x1, 0x6c, 0x0, 0x0)

program did not crash
testing program (duration=1m40s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$binderfs-ioctl$BINDER_SET_CONTEXT_MGR_EXT-openat$binderfs-ioctl$BINDER_WRITE_READ-dup3-openat$binderfs-mmap$binder-ioctl$BINDER_SET_CONTEXT_MGR_EXT-ioctl$BINDER_WRITE_READ-ioctl$BINDER_WRITE_READ-ioctl$KVM_CREATE_VCPU-syz_kvm_setup_cpu$x86-open-ioctl$FS_IOC_SETFLAGS-ioctl$XFS_IOC_FD_TO_HANDLE-syz_kvm_setup_cpu$x86
detailed listing:
executing program 0:
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000240)={0x73622a85, 0x0, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000001c0)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000000c0)={0x8, 0x0, &(0x7f00000005c0)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fd7000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
r5 = open(&(0x7f0000001440)='./file1\x00', 0x14d77e, 0xc2)
ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f0000000400)=0x20)
ioctl$XFS_IOC_FD_TO_HANDLE(0xffffffffffffffff, 0xc038586a, &(0x7f0000000240)={<r6=>0xffffffffffffffff, &(0x7f0000000000)='/dev/kvm\x00', 0x800, &(0x7f0000000100)={@_ha_fsid={[0x0, 0x9]}, {0x8, 0x5, 0x200, 0x4}}, 0x8001, &(0x7f0000000180)={@_ha_fsid}, &(0x7f00000001c0)=0x100})
syz_kvm_setup_cpu$x86(r6, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000280)="2e0f219ec4e2659aa9fb93000066b8b1008ee866baf80cb8f88c0b8def66bafc0cec66b8e3008ec8f2dee3f20f013d3e000000c4c179707df8090f005d0766ba6100b80d000000ef", 0x48}], 0x1, 0x6c, 0x0, 0x0)

program did not crash
testing program (duration=1m40s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$binderfs-ioctl$BINDER_SET_CONTEXT_MGR_EXT-openat$binderfs-ioctl$BINDER_WRITE_READ-dup3-openat$binderfs-mmap$binder-ioctl$BINDER_SET_CONTEXT_MGR_EXT-ioctl$BINDER_WRITE_READ-ioctl$BINDER_WRITE_READ-ioctl$KVM_CREATE_VCPU-syz_kvm_setup_cpu$x86-open-ioctl$FS_IOC_SETFLAGS-ioctl$XFS_IOC_FD_TO_HANDLE-syz_kvm_setup_cpu$x86
detailed listing:
executing program 0:
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000240)={0x73622a85, 0x0, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000001c0)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000000c0)={0x8, 0x0, &(0x7f00000005c0)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r4 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fd7000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
r5 = open(&(0x7f0000001440)='./file1\x00', 0x14d77e, 0xc2)
ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f0000000400)=0x20)
ioctl$XFS_IOC_FD_TO_HANDLE(0xffffffffffffffff, 0xc038586a, &(0x7f0000000240)={<r6=>0xffffffffffffffff, &(0x7f0000000000)='/dev/kvm\x00', 0x800, &(0x7f0000000100)={@_ha_fsid={[0x0, 0x9]}, {0x8, 0x5, 0x200, 0x4}}, 0x8001, &(0x7f0000000180)={@_ha_fsid}, &(0x7f00000001c0)=0x100})
syz_kvm_setup_cpu$x86(r6, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000280)="2e0f219ec4e2659aa9fb93000066b8b1008ee866baf80cb8f88c0b8def66bafc0cec66b8e3008ec8f2dee3f20f013d3e000000c4c179707df8090f005d0766ba6100b80d000000ef", 0x48}], 0x1, 0x6c, 0x0, 0x0)

program did not crash
testing program (duration=1m40s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$binderfs-ioctl$BINDER_SET_CONTEXT_MGR_EXT-openat$binderfs-ioctl$BINDER_WRITE_READ-dup3-openat$binderfs-mmap$binder-ioctl$BINDER_SET_CONTEXT_MGR_EXT-ioctl$BINDER_WRITE_READ-ioctl$BINDER_WRITE_READ-ioctl$KVM_CREATE_VCPU-syz_kvm_setup_cpu$x86-open-ioctl$FS_IOC_SETFLAGS-ioctl$XFS_IOC_FD_TO_HANDLE-syz_kvm_setup_cpu$x86
detailed listing:
executing program 0:
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000240)={0x73622a85, 0x0, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000001c0)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000000c0)={0x8, 0x0, &(0x7f00000005c0)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x1058, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x0, &(0x7f0000000600)={0x30, 0x30, 0x30}}, 0x1000}], 0x0, 0x0, 0x0})
r4 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fd7000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
r5 = open(&(0x7f0000001440)='./file1\x00', 0x14d77e, 0xc2)
ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f0000000400)=0x20)
ioctl$XFS_IOC_FD_TO_HANDLE(0xffffffffffffffff, 0xc038586a, &(0x7f0000000240)={<r6=>0xffffffffffffffff, &(0x7f0000000000)='/dev/kvm\x00', 0x800, &(0x7f0000000100)={@_ha_fsid={[0x0, 0x9]}, {0x8, 0x5, 0x200, 0x4}}, 0x8001, &(0x7f0000000180)={@_ha_fsid}, &(0x7f00000001c0)=0x100})
syz_kvm_setup_cpu$x86(r6, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000280)="2e0f219ec4e2659aa9fb93000066b8b1008ee866baf80cb8f88c0b8def66bafc0cec66b8e3008ec8f2dee3f20f013d3e000000c4c179707df8090f005d0766ba6100b80d000000ef", 0x48}], 0x1, 0x6c, 0x0, 0x0)

program did not crash
testing program (duration=1m40s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$binderfs-ioctl$BINDER_SET_CONTEXT_MGR_EXT-openat$binderfs-ioctl$BINDER_WRITE_READ-dup3-openat$binderfs-mmap$binder-ioctl$BINDER_SET_CONTEXT_MGR_EXT-ioctl$BINDER_WRITE_READ-ioctl$BINDER_WRITE_READ-ioctl$KVM_CREATE_VCPU-syz_kvm_setup_cpu$x86-open-ioctl$FS_IOC_SETFLAGS-ioctl$XFS_IOC_FD_TO_HANDLE-syz_kvm_setup_cpu$x86
detailed listing:
executing program 0:
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000240)={0x73622a85, 0x0, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000001c0)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000000c0)={0x8, 0x0, &(0x7f00000005c0)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x1058, 0x0, 0x0, 0x0, 0x0, 0x68, 0x0, &(0x7f0000000280)={@flat=@binder={0x73622a85, 0x101, 0x1}, @ptr={0x70742a85, 0x80000, 0x0, 0x0, 0x1, 0x30}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0xfffffffffffffffd, 0x10000000000ca}}, 0x0}, 0x1000}], 0x0, 0x0, 0x0})
r4 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fd7000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
r5 = open(&(0x7f0000001440)='./file1\x00', 0x14d77e, 0xc2)
ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f0000000400)=0x20)
ioctl$XFS_IOC_FD_TO_HANDLE(0xffffffffffffffff, 0xc038586a, &(0x7f0000000240)={<r6=>0xffffffffffffffff, &(0x7f0000000000)='/dev/kvm\x00', 0x800, &(0x7f0000000100)={@_ha_fsid={[0x0, 0x9]}, {0x8, 0x5, 0x200, 0x4}}, 0x8001, &(0x7f0000000180)={@_ha_fsid}, &(0x7f00000001c0)=0x100})
syz_kvm_setup_cpu$x86(r6, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000280)="2e0f219ec4e2659aa9fb93000066b8b1008ee866baf80cb8f88c0b8def66bafc0cec66b8e3008ec8f2dee3f20f013d3e000000c4c179707df8090f005d0766ba6100b80d000000ef", 0x48}], 0x1, 0x6c, 0x0, 0x0)

program did not crash
testing program (duration=1m40s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$binderfs-ioctl$BINDER_SET_CONTEXT_MGR_EXT-openat$binderfs-ioctl$BINDER_WRITE_READ-dup3-openat$binderfs-mmap$binder-ioctl$BINDER_SET_CONTEXT_MGR_EXT-ioctl$BINDER_WRITE_READ-ioctl$BINDER_WRITE_READ-ioctl$KVM_CREATE_VCPU-syz_kvm_setup_cpu$x86-open-ioctl$FS_IOC_SETFLAGS-ioctl$XFS_IOC_FD_TO_HANDLE-syz_kvm_setup_cpu$x86
detailed listing:
executing program 0:
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000240)={0x73622a85, 0x0, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000001c0)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000000c0)={0x8, 0x0, &(0x7f00000005c0)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x1058, 0x0, 0x0, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000280)={@flat=@binder={0x73622a85, 0x101, 0x1}, @ptr={0x70742a85, 0x80000, 0x0, 0x0, 0x1, 0x30}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0xfffffffffffffffd, 0x10000000000ca}}, &(0x7f0000000600)={0x0, 0x18, 0x40}}, 0x1000}], 0x0, 0x0, 0x0})
r4 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fd7000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
r5 = open(&(0x7f0000001440)='./file1\x00', 0x14d77e, 0xc2)
ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f0000000400)=0x20)
ioctl$XFS_IOC_FD_TO_HANDLE(0xffffffffffffffff, 0xc038586a, &(0x7f0000000240)={<r6=>0xffffffffffffffff, &(0x7f0000000000)='/dev/kvm\x00', 0x800, &(0x7f0000000100)={@_ha_fsid={[0x0, 0x9]}, {0x8, 0x5, 0x200, 0x4}}, 0x8001, &(0x7f0000000180)={@_ha_fsid}, &(0x7f00000001c0)=0x100})
syz_kvm_setup_cpu$x86(r6, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000280)="2e0f219ec4e2659aa9fb93000066b8b1008ee866baf80cb8f88c0b8def66bafc0cec66b8e3008ec8f2dee3f20f013d3e000000c4c179707df8090f005d0766ba6100b80d000000ef", 0x48}], 0x1, 0x6c, 0x0, 0x0)

program crashed: BUG: stack guard page was hit in corrupted
testing program (duration=1m40s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$binderfs-ioctl$BINDER_SET_CONTEXT_MGR_EXT-openat$binderfs-ioctl$BINDER_WRITE_READ-dup3-openat$binderfs-mmap$binder-ioctl$BINDER_SET_CONTEXT_MGR_EXT-ioctl$BINDER_WRITE_READ-ioctl$BINDER_WRITE_READ-ioctl$KVM_CREATE_VCPU-syz_kvm_setup_cpu$x86-open-ioctl$FS_IOC_SETFLAGS-ioctl$XFS_IOC_FD_TO_HANDLE-syz_kvm_setup_cpu$x86
detailed listing:
executing program 0:
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000240)={0x73622a85, 0x0, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000001c0)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000000c0)={0x8, 0x0, &(0x7f00000005c0)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x1058, 0x0, 0x0, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000280)={@flat=@binder={0x73622a85, 0x101, 0x1}, @ptr={0x70742a85, 0x80000, 0x0, 0x0, 0x1, 0x30}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0xfffffffffffffffd, 0x10000000000ca}}, &(0x7f0000000600)={0x0, 0x18, 0x40}}, 0x1000}], 0x0, 0x0, 0x0})
r4 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fd7000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
r5 = open(0x0, 0x14d77e, 0xc2)
ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f0000000400)=0x20)
ioctl$XFS_IOC_FD_TO_HANDLE(0xffffffffffffffff, 0xc038586a, &(0x7f0000000240)={<r6=>0xffffffffffffffff, &(0x7f0000000000)='/dev/kvm\x00', 0x800, &(0x7f0000000100)={@_ha_fsid={[0x0, 0x9]}, {0x8, 0x5, 0x200, 0x4}}, 0x8001, &(0x7f0000000180)={@_ha_fsid}, &(0x7f00000001c0)=0x100})
syz_kvm_setup_cpu$x86(r6, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000280)="2e0f219ec4e2659aa9fb93000066b8b1008ee866baf80cb8f88c0b8def66bafc0cec66b8e3008ec8f2dee3f20f013d3e000000c4c179707df8090f005d0766ba6100b80d000000ef", 0x48}], 0x1, 0x6c, 0x0, 0x0)

program crashed: BUG: stack guard page was hit in corrupted
testing program (duration=1m40s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$binderfs-ioctl$BINDER_SET_CONTEXT_MGR_EXT-openat$binderfs-ioctl$BINDER_WRITE_READ-dup3-openat$binderfs-mmap$binder-ioctl$BINDER_SET_CONTEXT_MGR_EXT-ioctl$BINDER_WRITE_READ-ioctl$BINDER_WRITE_READ-ioctl$KVM_CREATE_VCPU-syz_kvm_setup_cpu$x86-open-ioctl$FS_IOC_SETFLAGS-ioctl$XFS_IOC_FD_TO_HANDLE-syz_kvm_setup_cpu$x86
detailed listing:
executing program 0:
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000240)={0x73622a85, 0x0, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000001c0)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000000c0)={0x8, 0x0, &(0x7f00000005c0)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x1058, 0x0, 0x0, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000280)={@flat=@binder={0x73622a85, 0x101, 0x1}, @ptr={0x70742a85, 0x80000, 0x0, 0x0, 0x1, 0x30}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0xfffffffffffffffd, 0x10000000000ca}}, &(0x7f0000000600)={0x0, 0x18, 0x40}}, 0x1000}], 0x0, 0x0, 0x0})
r4 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fd7000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
r5 = open(0x0, 0x14d77e, 0xc2)
ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, 0x0)
ioctl$XFS_IOC_FD_TO_HANDLE(0xffffffffffffffff, 0xc038586a, &(0x7f0000000240)={<r6=>0xffffffffffffffff, &(0x7f0000000000)='/dev/kvm\x00', 0x800, &(0x7f0000000100)={@_ha_fsid={[0x0, 0x9]}, {0x8, 0x5, 0x200, 0x4}}, 0x8001, &(0x7f0000000180)={@_ha_fsid}, &(0x7f00000001c0)=0x100})
syz_kvm_setup_cpu$x86(r6, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000280)="2e0f219ec4e2659aa9fb93000066b8b1008ee866baf80cb8f88c0b8def66bafc0cec66b8e3008ec8f2dee3f20f013d3e000000c4c179707df8090f005d0766ba6100b80d000000ef", 0x48}], 0x1, 0x6c, 0x0, 0x0)

program did not crash
testing program (duration=1m40s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$binderfs-ioctl$BINDER_SET_CONTEXT_MGR_EXT-openat$binderfs-ioctl$BINDER_WRITE_READ-dup3-openat$binderfs-mmap$binder-ioctl$BINDER_SET_CONTEXT_MGR_EXT-ioctl$BINDER_WRITE_READ-ioctl$BINDER_WRITE_READ-ioctl$KVM_CREATE_VCPU-syz_kvm_setup_cpu$x86-open-ioctl$FS_IOC_SETFLAGS-ioctl$XFS_IOC_FD_TO_HANDLE-syz_kvm_setup_cpu$x86
detailed listing:
executing program 0:
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000240)={0x73622a85, 0x0, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000001c0)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000000c0)={0x8, 0x0, &(0x7f00000005c0)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x1058, 0x0, 0x0, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000280)={@flat=@binder={0x73622a85, 0x101, 0x1}, @ptr={0x70742a85, 0x80000, 0x0, 0x0, 0x1, 0x30}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0xfffffffffffffffd, 0x10000000000ca}}, &(0x7f0000000600)={0x0, 0x18, 0x40}}, 0x1000}], 0x0, 0x0, 0x0})
r4 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fd7000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
r5 = open(0x0, 0x14d77e, 0xc2)
ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f0000000400)=0x20)
ioctl$XFS_IOC_FD_TO_HANDLE(0xffffffffffffffff, 0xc038586a, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000280)="2e0f219ec4e2659aa9fb93000066b8b1008ee866baf80cb8f88c0b8def66bafc0cec66b8e3008ec8f2dee3f20f013d3e000000c4c179707df8090f005d0766ba6100b80d000000ef", 0x48}], 0x1, 0x6c, 0x0, 0x0)

program did not crash
testing program (duration=1m40s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$binderfs-ioctl$BINDER_SET_CONTEXT_MGR_EXT-openat$binderfs-ioctl$BINDER_WRITE_READ-dup3-openat$binderfs-mmap$binder-ioctl$BINDER_SET_CONTEXT_MGR_EXT-ioctl$BINDER_WRITE_READ-ioctl$BINDER_WRITE_READ-ioctl$KVM_CREATE_VCPU-syz_kvm_setup_cpu$x86-open-ioctl$FS_IOC_SETFLAGS-ioctl$XFS_IOC_FD_TO_HANDLE-syz_kvm_setup_cpu$x86
detailed listing:
executing program 0:
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000240)={0x73622a85, 0x0, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000001c0)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000000c0)={0x8, 0x0, &(0x7f00000005c0)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x1058, 0x0, 0x0, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000280)={@flat=@binder={0x73622a85, 0x101, 0x1}, @ptr={0x70742a85, 0x80000, 0x0, 0x0, 0x1, 0x30}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0xfffffffffffffffd, 0x10000000000ca}}, &(0x7f0000000600)={0x0, 0x18, 0x40}}, 0x1000}], 0x0, 0x0, 0x0})
r4 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fd7000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
r5 = open(0x0, 0x14d77e, 0xc2)
ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f0000000400)=0x20)
ioctl$XFS_IOC_FD_TO_HANDLE(0xffffffffffffffff, 0xc038586a, &(0x7f0000000240)={<r6=>0xffffffffffffffff, 0x0, 0x800, &(0x7f0000000100)={@_ha_fsid={[0x0, 0x9]}, {0x8, 0x5, 0x200, 0x4}}, 0x8001, &(0x7f0000000180)={@_ha_fsid}, &(0x7f00000001c0)=0x100})
syz_kvm_setup_cpu$x86(r6, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000280)="2e0f219ec4e2659aa9fb93000066b8b1008ee866baf80cb8f88c0b8def66bafc0cec66b8e3008ec8f2dee3f20f013d3e000000c4c179707df8090f005d0766ba6100b80d000000ef", 0x48}], 0x1, 0x6c, 0x0, 0x0)

program did not crash
testing program (duration=1m40s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$binderfs-ioctl$BINDER_SET_CONTEXT_MGR_EXT-openat$binderfs-ioctl$BINDER_WRITE_READ-dup3-openat$binderfs-mmap$binder-ioctl$BINDER_SET_CONTEXT_MGR_EXT-ioctl$BINDER_WRITE_READ-ioctl$BINDER_WRITE_READ-ioctl$KVM_CREATE_VCPU-syz_kvm_setup_cpu$x86-open-ioctl$FS_IOC_SETFLAGS-ioctl$XFS_IOC_FD_TO_HANDLE-syz_kvm_setup_cpu$x86
detailed listing:
executing program 0:
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000240)={0x73622a85, 0x0, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000001c0)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000000c0)={0x8, 0x0, &(0x7f00000005c0)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x1058, 0x0, 0x0, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000280)={@flat=@binder={0x73622a85, 0x101, 0x1}, @ptr={0x70742a85, 0x80000, 0x0, 0x0, 0x1, 0x30}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0xfffffffffffffffd, 0x10000000000ca}}, &(0x7f0000000600)={0x0, 0x18, 0x40}}, 0x1000}], 0x0, 0x0, 0x0})
r4 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fd7000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
r5 = open(0x0, 0x14d77e, 0xc2)
ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f0000000400)=0x20)
ioctl$XFS_IOC_FD_TO_HANDLE(0xffffffffffffffff, 0xc038586a, &(0x7f0000000240)={<r6=>0xffffffffffffffff, &(0x7f0000000000)='/dev/kvm\x00', 0x800, 0x0, 0x8001, &(0x7f0000000180)={@_ha_fsid}, &(0x7f00000001c0)=0x100})
syz_kvm_setup_cpu$x86(r6, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000280)="2e0f219ec4e2659aa9fb93000066b8b1008ee866baf80cb8f88c0b8def66bafc0cec66b8e3008ec8f2dee3f20f013d3e000000c4c179707df8090f005d0766ba6100b80d000000ef", 0x48}], 0x1, 0x6c, 0x0, 0x0)

program did not crash
testing program (duration=1m40s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$binderfs-ioctl$BINDER_SET_CONTEXT_MGR_EXT-openat$binderfs-ioctl$BINDER_WRITE_READ-dup3-openat$binderfs-mmap$binder-ioctl$BINDER_SET_CONTEXT_MGR_EXT-ioctl$BINDER_WRITE_READ-ioctl$BINDER_WRITE_READ-ioctl$KVM_CREATE_VCPU-syz_kvm_setup_cpu$x86-open-ioctl$FS_IOC_SETFLAGS-ioctl$XFS_IOC_FD_TO_HANDLE-syz_kvm_setup_cpu$x86
detailed listing:
executing program 0:
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000240)={0x73622a85, 0x0, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000001c0)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000000c0)={0x8, 0x0, &(0x7f00000005c0)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x1058, 0x0, 0x0, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000280)={@flat=@binder={0x73622a85, 0x101, 0x1}, @ptr={0x70742a85, 0x80000, 0x0, 0x0, 0x1, 0x30}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0xfffffffffffffffd, 0x10000000000ca}}, &(0x7f0000000600)={0x0, 0x18, 0x40}}, 0x1000}], 0x0, 0x0, 0x0})
r4 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fd7000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
r5 = open(0x0, 0x14d77e, 0xc2)
ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f0000000400)=0x20)
ioctl$XFS_IOC_FD_TO_HANDLE(0xffffffffffffffff, 0xc038586a, &(0x7f0000000240)={<r6=>0xffffffffffffffff, &(0x7f0000000000)='/dev/kvm\x00', 0x800, &(0x7f0000000100)={@_ha_fsid={[0x0, 0x9]}, {0x8, 0x5, 0x200, 0x4}}, 0x8001, 0x0, &(0x7f00000001c0)=0x100})
syz_kvm_setup_cpu$x86(r6, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000280)="2e0f219ec4e2659aa9fb93000066b8b1008ee866baf80cb8f88c0b8def66bafc0cec66b8e3008ec8f2dee3f20f013d3e000000c4c179707df8090f005d0766ba6100b80d000000ef", 0x48}], 0x1, 0x6c, 0x0, 0x0)

program did not crash
testing program (duration=1m40s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$binderfs-ioctl$BINDER_SET_CONTEXT_MGR_EXT-openat$binderfs-ioctl$BINDER_WRITE_READ-dup3-openat$binderfs-mmap$binder-ioctl$BINDER_SET_CONTEXT_MGR_EXT-ioctl$BINDER_WRITE_READ-ioctl$BINDER_WRITE_READ-ioctl$KVM_CREATE_VCPU-syz_kvm_setup_cpu$x86-open-ioctl$FS_IOC_SETFLAGS-ioctl$XFS_IOC_FD_TO_HANDLE-syz_kvm_setup_cpu$x86
detailed listing:
executing program 0:
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000240)={0x73622a85, 0x0, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000001c0)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000000c0)={0x8, 0x0, &(0x7f00000005c0)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x1058, 0x0, 0x0, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000280)={@flat=@binder={0x73622a85, 0x101, 0x1}, @ptr={0x70742a85, 0x80000, 0x0, 0x0, 0x1, 0x30}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0xfffffffffffffffd, 0x10000000000ca}}, &(0x7f0000000600)={0x0, 0x18, 0x40}}, 0x1000}], 0x0, 0x0, 0x0})
r4 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fd7000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
r5 = open(0x0, 0x14d77e, 0xc2)
ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f0000000400)=0x20)
ioctl$XFS_IOC_FD_TO_HANDLE(0xffffffffffffffff, 0xc038586a, &(0x7f0000000240)={<r6=>0xffffffffffffffff, &(0x7f0000000000)='/dev/kvm\x00', 0x800, &(0x7f0000000100)={@_ha_fsid={[0x0, 0x9]}, {0x8, 0x5, 0x200, 0x4}}, 0x8001, &(0x7f0000000180)={@_ha_fsid}, 0x0})
syz_kvm_setup_cpu$x86(r6, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000280)="2e0f219ec4e2659aa9fb93000066b8b1008ee866baf80cb8f88c0b8def66bafc0cec66b8e3008ec8f2dee3f20f013d3e000000c4c179707df8090f005d0766ba6100b80d000000ef", 0x48}], 0x1, 0x6c, 0x0, 0x0)

program crashed: BUG: stack guard page was hit in rust_binder::rust_binder_ioctl
testing program (duration=1m40s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$binderfs-ioctl$BINDER_SET_CONTEXT_MGR_EXT-openat$binderfs-ioctl$BINDER_WRITE_READ-dup3-openat$binderfs-mmap$binder-ioctl$BINDER_SET_CONTEXT_MGR_EXT-ioctl$BINDER_WRITE_READ-ioctl$BINDER_WRITE_READ-ioctl$KVM_CREATE_VCPU-syz_kvm_setup_cpu$x86-open-ioctl$FS_IOC_SETFLAGS-ioctl$XFS_IOC_FD_TO_HANDLE-syz_kvm_setup_cpu$x86
detailed listing:
executing program 0:
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000240)={0x73622a85, 0x0, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000001c0)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000000c0)={0x8, 0x0, &(0x7f00000005c0)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x1058, 0x0, 0x0, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000280)={@flat=@binder={0x73622a85, 0x101, 0x1}, @ptr={0x70742a85, 0x80000, 0x0, 0x0, 0x1, 0x30}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0xfffffffffffffffd, 0x10000000000ca}}, &(0x7f0000000600)={0x0, 0x18, 0x40}}, 0x1000}], 0x0, 0x0, 0x0})
r4 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fd7000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
r5 = open(0x0, 0x14d77e, 0xc2)
ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f0000000400)=0x20)
ioctl$XFS_IOC_FD_TO_HANDLE(0xffffffffffffffff, 0xc038586a, &(0x7f0000000240)={<r6=>0xffffffffffffffff, &(0x7f0000000000)='/dev/kvm\x00', 0x800, &(0x7f0000000100)={@_ha_fsid={[0x0, 0x9]}, {0x8, 0x5, 0x200, 0x4}}, 0x8001, &(0x7f0000000180)={@_ha_fsid}, 0x0})
syz_kvm_setup_cpu$x86(r6, r4, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x6c, 0x0, 0x0)

program did not crash
testing program (duration=1m40s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$binderfs-ioctl$BINDER_SET_CONTEXT_MGR_EXT-openat$binderfs-ioctl$BINDER_WRITE_READ-dup3-openat$binderfs-mmap$binder-ioctl$BINDER_SET_CONTEXT_MGR_EXT-ioctl$BINDER_WRITE_READ-ioctl$BINDER_WRITE_READ-ioctl$KVM_CREATE_VCPU-syz_kvm_setup_cpu$x86-open-ioctl$FS_IOC_SETFLAGS-ioctl$XFS_IOC_FD_TO_HANDLE-syz_kvm_setup_cpu$x86
detailed listing:
executing program 0:
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000240)={0x73622a85, 0x0, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000001c0)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000000c0)={0x8, 0x0, &(0x7f00000005c0)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x1058, 0x0, 0x0, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000280)={@flat=@binder={0x73622a85, 0x101, 0x1}, @ptr={0x70742a85, 0x80000, 0x0, 0x0, 0x1, 0x30}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0xfffffffffffffffd, 0x10000000000ca}}, &(0x7f0000000600)={0x0, 0x18, 0x40}}, 0x1000}], 0x0, 0x0, 0x0})
r4 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fd7000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
r5 = open(0x0, 0x14d77e, 0xc2)
ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f0000000400)=0x20)
ioctl$XFS_IOC_FD_TO_HANDLE(0xffffffffffffffff, 0xc038586a, &(0x7f0000000240)={<r6=>0xffffffffffffffff, &(0x7f0000000000)='/dev/kvm\x00', 0x800, &(0x7f0000000100)={@_ha_fsid={[0x0, 0x9]}, {0x8, 0x5, 0x200, 0x4}}, 0x8001, &(0x7f0000000180)={@_ha_fsid}, 0x0})
syz_kvm_setup_cpu$x86(r6, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, 0x0}], 0x1, 0x6c, 0x0, 0x0)

program crashed: BUG: stack guard page was hit in rust_binder::rust_binder_ioctl
extracting C reproducer
testing compiled C program (duration=1m40s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$binderfs-ioctl$BINDER_SET_CONTEXT_MGR_EXT-openat$binderfs-ioctl$BINDER_WRITE_READ-dup3-openat$binderfs-mmap$binder-ioctl$BINDER_SET_CONTEXT_MGR_EXT-ioctl$BINDER_WRITE_READ-ioctl$BINDER_WRITE_READ-ioctl$KVM_CREATE_VCPU-syz_kvm_setup_cpu$x86-open-ioctl$FS_IOC_SETFLAGS-ioctl$XFS_IOC_FD_TO_HANDLE-syz_kvm_setup_cpu$x86
program crashed: BUG: stack guard page was hit in corrupted
simplifying C reproducer
testing compiled C program (duration=1m40s, {Threaded:false Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$binderfs-ioctl$BINDER_SET_CONTEXT_MGR_EXT-openat$binderfs-ioctl$BINDER_WRITE_READ-dup3-openat$binderfs-mmap$binder-ioctl$BINDER_SET_CONTEXT_MGR_EXT-ioctl$BINDER_WRITE_READ-ioctl$BINDER_WRITE_READ-ioctl$KVM_CREATE_VCPU-syz_kvm_setup_cpu$x86-open-ioctl$FS_IOC_SETFLAGS-ioctl$XFS_IOC_FD_TO_HANDLE-syz_kvm_setup_cpu$x86
program crashed: BUG: stack guard page was hit in rust_binder::rust_binder_ioctl
testing compiled C program (duration=1m40s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$binderfs-ioctl$BINDER_SET_CONTEXT_MGR_EXT-openat$binderfs-ioctl$BINDER_WRITE_READ-dup3-openat$binderfs-mmap$binder-ioctl$BINDER_SET_CONTEXT_MGR_EXT-ioctl$BINDER_WRITE_READ-ioctl$BINDER_WRITE_READ-ioctl$KVM_CREATE_VCPU-syz_kvm_setup_cpu$x86-open-ioctl$FS_IOC_SETFLAGS-ioctl$XFS_IOC_FD_TO_HANDLE-syz_kvm_setup_cpu$x86
program did not crash
testing compiled C program (duration=1m40s, {Threaded:false Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:false UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$binderfs-ioctl$BINDER_SET_CONTEXT_MGR_EXT-openat$binderfs-ioctl$BINDER_WRITE_READ-dup3-openat$binderfs-mmap$binder-ioctl$BINDER_SET_CONTEXT_MGR_EXT-ioctl$BINDER_WRITE_READ-ioctl$BINDER_WRITE_READ-ioctl$KVM_CREATE_VCPU-syz_kvm_setup_cpu$x86-open-ioctl$FS_IOC_SETFLAGS-ioctl$XFS_IOC_FD_TO_HANDLE-syz_kvm_setup_cpu$x86
program did not crash
testing compiled C program (duration=1m40s, {Threaded:false Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$binderfs-ioctl$BINDER_SET_CONTEXT_MGR_EXT-openat$binderfs-ioctl$BINDER_WRITE_READ-dup3-openat$binderfs-mmap$binder-ioctl$BINDER_SET_CONTEXT_MGR_EXT-ioctl$BINDER_WRITE_READ-ioctl$BINDER_WRITE_READ-ioctl$KVM_CREATE_VCPU-syz_kvm_setup_cpu$x86-open-ioctl$FS_IOC_SETFLAGS-ioctl$XFS_IOC_FD_TO_HANDLE-syz_kvm_setup_cpu$x86
program did not crash
testing compiled C program (duration=1m40s, {Threaded:false Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:false NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$binderfs-ioctl$BINDER_SET_CONTEXT_MGR_EXT-openat$binderfs-ioctl$BINDER_WRITE_READ-dup3-openat$binderfs-mmap$binder-ioctl$BINDER_SET_CONTEXT_MGR_EXT-ioctl$BINDER_WRITE_READ-ioctl$BINDER_WRITE_READ-ioctl$KVM_CREATE_VCPU-syz_kvm_setup_cpu$x86-open-ioctl$FS_IOC_SETFLAGS-ioctl$XFS_IOC_FD_TO_HANDLE-syz_kvm_setup_cpu$x86
program did not crash
testing compiled C program (duration=1m40s, {Threaded:false Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:false Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$binderfs-ioctl$BINDER_SET_CONTEXT_MGR_EXT-openat$binderfs-ioctl$BINDER_WRITE_READ-dup3-openat$binderfs-mmap$binder-ioctl$BINDER_SET_CONTEXT_MGR_EXT-ioctl$BINDER_WRITE_READ-ioctl$BINDER_WRITE_READ-ioctl$KVM_CREATE_VCPU-syz_kvm_setup_cpu$x86-open-ioctl$FS_IOC_SETFLAGS-ioctl$XFS_IOC_FD_TO_HANDLE-syz_kvm_setup_cpu$x86
program did not crash
testing compiled C program (duration=1m40s, {Threaded:false Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:false BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$binderfs-ioctl$BINDER_SET_CONTEXT_MGR_EXT-openat$binderfs-ioctl$BINDER_WRITE_READ-dup3-openat$binderfs-mmap$binder-ioctl$BINDER_SET_CONTEXT_MGR_EXT-ioctl$BINDER_WRITE_READ-ioctl$BINDER_WRITE_READ-ioctl$KVM_CREATE_VCPU-syz_kvm_setup_cpu$x86-open-ioctl$FS_IOC_SETFLAGS-ioctl$XFS_IOC_FD_TO_HANDLE-syz_kvm_setup_cpu$x86
program did not crash
testing compiled C program (duration=1m40s, {Threaded:false Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:false CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$binderfs-ioctl$BINDER_SET_CONTEXT_MGR_EXT-openat$binderfs-ioctl$BINDER_WRITE_READ-dup3-openat$binderfs-mmap$binder-ioctl$BINDER_SET_CONTEXT_MGR_EXT-ioctl$BINDER_WRITE_READ-ioctl$BINDER_WRITE_READ-ioctl$KVM_CREATE_VCPU-syz_kvm_setup_cpu$x86-open-ioctl$FS_IOC_SETFLAGS-ioctl$XFS_IOC_FD_TO_HANDLE-syz_kvm_setup_cpu$x86
program did not crash
testing compiled C program (duration=1m40s, {Threaded:false Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$binderfs-ioctl$BINDER_SET_CONTEXT_MGR_EXT-openat$binderfs-ioctl$BINDER_WRITE_READ-dup3-openat$binderfs-mmap$binder-ioctl$BINDER_SET_CONTEXT_MGR_EXT-ioctl$BINDER_WRITE_READ-ioctl$BINDER_WRITE_READ-ioctl$KVM_CREATE_VCPU-syz_kvm_setup_cpu$x86-open-ioctl$FS_IOC_SETFLAGS-ioctl$XFS_IOC_FD_TO_HANDLE-syz_kvm_setup_cpu$x86
program did not crash
testing compiled C program (duration=1m40s, {Threaded:false Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:false Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$binderfs-ioctl$BINDER_SET_CONTEXT_MGR_EXT-openat$binderfs-ioctl$BINDER_WRITE_READ-dup3-openat$binderfs-mmap$binder-ioctl$BINDER_SET_CONTEXT_MGR_EXT-ioctl$BINDER_WRITE_READ-ioctl$BINDER_WRITE_READ-ioctl$KVM_CREATE_VCPU-syz_kvm_setup_cpu$x86-open-ioctl$FS_IOC_SETFLAGS-ioctl$XFS_IOC_FD_TO_HANDLE-syz_kvm_setup_cpu$x86
program crashed: BUG: stack guard page was hit in rust_binder::rust_binder_ioctl
testing compiled C program (duration=1m40s, {Threaded:false Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:true UseTmpDir:true HandleSegv:false Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$binderfs-ioctl$BINDER_SET_CONTEXT_MGR_EXT-openat$binderfs-ioctl$BINDER_WRITE_READ-dup3-openat$binderfs-mmap$binder-ioctl$BINDER_SET_CONTEXT_MGR_EXT-ioctl$BINDER_WRITE_READ-ioctl$BINDER_WRITE_READ-ioctl$KVM_CREATE_VCPU-syz_kvm_setup_cpu$x86-open-ioctl$FS_IOC_SETFLAGS-ioctl$XFS_IOC_FD_TO_HANDLE-syz_kvm_setup_cpu$x86
program crashed: BUG: stack guard page was hit in rust_binder::rust_binder_ioctl
testing compiled C program (duration=1m40s, {Threaded:false Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:true HandleSegv:false Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$binderfs-ioctl$BINDER_SET_CONTEXT_MGR_EXT-openat$binderfs-ioctl$BINDER_WRITE_READ-dup3-openat$binderfs-mmap$binder-ioctl$BINDER_SET_CONTEXT_MGR_EXT-ioctl$BINDER_WRITE_READ-ioctl$BINDER_WRITE_READ-ioctl$KVM_CREATE_VCPU-syz_kvm_setup_cpu$x86-open-ioctl$FS_IOC_SETFLAGS-ioctl$XFS_IOC_FD_TO_HANDLE-syz_kvm_setup_cpu$x86
program crashed: BUG: stack guard page was hit in rust_binder::rust_binder_ioctl
testing program (duration=1m40s, {Threaded:false Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:true HandleSegv:false Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$binderfs-ioctl$BINDER_SET_CONTEXT_MGR_EXT-openat$binderfs-ioctl$BINDER_WRITE_READ-dup3-openat$binderfs-mmap$binder-ioctl$BINDER_SET_CONTEXT_MGR_EXT-ioctl$BINDER_WRITE_READ-ioctl$BINDER_WRITE_READ-ioctl$KVM_CREATE_VCPU-syz_kvm_setup_cpu$x86-open-ioctl$FS_IOC_SETFLAGS-ioctl$XFS_IOC_FD_TO_HANDLE-syz_kvm_setup_cpu$x86
detailed listing:
executing program 0:
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000240)={0x73622a85, 0x0, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000001c0)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000000c0)={0x8, 0x0, &(0x7f00000005c0)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x1058, 0x0, 0x0, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000280)={@flat=@binder={0x73622a85, 0x101, 0x1}, @ptr={0x70742a85, 0x80000, 0x0, 0x0, 0x1, 0x30}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0xfffffffffffffffd, 0x10000000000ca}}, &(0x7f0000000600)={0x0, 0x18, 0x40}}, 0x1000}], 0x0, 0x0, 0x0})
r4 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fd7000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
r5 = open(0x0, 0x14d77e, 0xc2)
ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f0000000400)=0x20)
ioctl$XFS_IOC_FD_TO_HANDLE(0xffffffffffffffff, 0xc038586a, &(0x7f0000000240)={<r6=>0xffffffffffffffff, &(0x7f0000000000)='/dev/kvm\x00', 0x800, &(0x7f0000000100)={@_ha_fsid={[0x0, 0x9]}, {0x8, 0x5, 0x200, 0x4}}, 0x8001, &(0x7f0000000180)={@_ha_fsid}, 0x0})
syz_kvm_setup_cpu$x86(r6, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, 0x0}], 0x1, 0x6c, 0x0, 0x0)

program crashed: BUG: stack guard page was hit in rust_binder::rust_binder_ioctl
validation run: crashed=true
testing program (duration=1m40s, {Threaded:false Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:true HandleSegv:false Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$binderfs-ioctl$BINDER_SET_CONTEXT_MGR_EXT-openat$binderfs-ioctl$BINDER_WRITE_READ-dup3-openat$binderfs-mmap$binder-ioctl$BINDER_SET_CONTEXT_MGR_EXT-ioctl$BINDER_WRITE_READ-ioctl$BINDER_WRITE_READ-ioctl$KVM_CREATE_VCPU-syz_kvm_setup_cpu$x86-open-ioctl$FS_IOC_SETFLAGS-ioctl$XFS_IOC_FD_TO_HANDLE-syz_kvm_setup_cpu$x86
detailed listing:
executing program 0:
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000240)={0x73622a85, 0x0, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000001c0)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000000c0)={0x8, 0x0, &(0x7f00000005c0)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x1058, 0x0, 0x0, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000280)={@flat=@binder={0x73622a85, 0x101, 0x1}, @ptr={0x70742a85, 0x80000, 0x0, 0x0, 0x1, 0x30}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0xfffffffffffffffd, 0x10000000000ca}}, &(0x7f0000000600)={0x0, 0x18, 0x40}}, 0x1000}], 0x0, 0x0, 0x0})
r4 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fd7000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
r5 = open(0x0, 0x14d77e, 0xc2)
ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f0000000400)=0x20)
ioctl$XFS_IOC_FD_TO_HANDLE(0xffffffffffffffff, 0xc038586a, &(0x7f0000000240)={<r6=>0xffffffffffffffff, &(0x7f0000000000)='/dev/kvm\x00', 0x800, &(0x7f0000000100)={@_ha_fsid={[0x0, 0x9]}, {0x8, 0x5, 0x200, 0x4}}, 0x8001, &(0x7f0000000180)={@_ha_fsid}, 0x0})
syz_kvm_setup_cpu$x86(r6, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, 0x0}], 0x1, 0x6c, 0x0, 0x0)

program did not crash
validation run: crashed=false
testing program (duration=1m40s, {Threaded:false Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:true HandleSegv:false Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$binderfs-ioctl$BINDER_SET_CONTEXT_MGR_EXT-openat$binderfs-ioctl$BINDER_WRITE_READ-dup3-openat$binderfs-mmap$binder-ioctl$BINDER_SET_CONTEXT_MGR_EXT-ioctl$BINDER_WRITE_READ-ioctl$BINDER_WRITE_READ-ioctl$KVM_CREATE_VCPU-syz_kvm_setup_cpu$x86-open-ioctl$FS_IOC_SETFLAGS-ioctl$XFS_IOC_FD_TO_HANDLE-syz_kvm_setup_cpu$x86
detailed listing:
executing program 0:
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000240)={0x73622a85, 0x0, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000001c0)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000000c0)={0x8, 0x0, &(0x7f00000005c0)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x1058, 0x0, 0x0, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000280)={@flat=@binder={0x73622a85, 0x101, 0x1}, @ptr={0x70742a85, 0x80000, 0x0, 0x0, 0x1, 0x30}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0xfffffffffffffffd, 0x10000000000ca}}, &(0x7f0000000600)={0x0, 0x18, 0x40}}, 0x1000}], 0x0, 0x0, 0x0})
r4 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fd7000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
r5 = open(0x0, 0x14d77e, 0xc2)
ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f0000000400)=0x20)
ioctl$XFS_IOC_FD_TO_HANDLE(0xffffffffffffffff, 0xc038586a, &(0x7f0000000240)={<r6=>0xffffffffffffffff, &(0x7f0000000000)='/dev/kvm\x00', 0x800, &(0x7f0000000100)={@_ha_fsid={[0x0, 0x9]}, {0x8, 0x5, 0x200, 0x4}}, 0x8001, &(0x7f0000000180)={@_ha_fsid}, 0x0})
syz_kvm_setup_cpu$x86(r6, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, 0x0}], 0x1, 0x6c, 0x0, 0x0)

program crashed: BUG: stack guard page was hit in rust_binder::rust_binder_ioctl
validation run: crashed=true
testing program (duration=1m40s, {Threaded:false Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:true HandleSegv:false Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$binderfs-ioctl$BINDER_SET_CONTEXT_MGR_EXT-openat$binderfs-ioctl$BINDER_WRITE_READ-dup3-openat$binderfs-mmap$binder-ioctl$BINDER_SET_CONTEXT_MGR_EXT-ioctl$BINDER_WRITE_READ-ioctl$BINDER_WRITE_READ-ioctl$KVM_CREATE_VCPU-syz_kvm_setup_cpu$x86-open-ioctl$FS_IOC_SETFLAGS-ioctl$XFS_IOC_FD_TO_HANDLE-syz_kvm_setup_cpu$x86
detailed listing:
executing program 0:
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000240)={0x73622a85, 0x0, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000001c0)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000000c0)={0x8, 0x0, &(0x7f00000005c0)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x1058, 0x0, 0x0, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000280)={@flat=@binder={0x73622a85, 0x101, 0x1}, @ptr={0x70742a85, 0x80000, 0x0, 0x0, 0x1, 0x30}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0xfffffffffffffffd, 0x10000000000ca}}, &(0x7f0000000600)={0x0, 0x18, 0x40}}, 0x1000}], 0x0, 0x0, 0x0})
r4 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fd7000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
r5 = open(0x0, 0x14d77e, 0xc2)
ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f0000000400)=0x20)
ioctl$XFS_IOC_FD_TO_HANDLE(0xffffffffffffffff, 0xc038586a, &(0x7f0000000240)={<r6=>0xffffffffffffffff, &(0x7f0000000000)='/dev/kvm\x00', 0x800, &(0x7f0000000100)={@_ha_fsid={[0x0, 0x9]}, {0x8, 0x5, 0x200, 0x4}}, 0x8001, &(0x7f0000000180)={@_ha_fsid}, 0x0})
syz_kvm_setup_cpu$x86(r6, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, 0x0}], 0x1, 0x6c, 0x0, 0x0)

program did not crash
validation run: crashed=false
testing program (duration=1m40s, {Threaded:false Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:true HandleSegv:false Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$binderfs-ioctl$BINDER_SET_CONTEXT_MGR_EXT-openat$binderfs-ioctl$BINDER_WRITE_READ-dup3-openat$binderfs-mmap$binder-ioctl$BINDER_SET_CONTEXT_MGR_EXT-ioctl$BINDER_WRITE_READ-ioctl$BINDER_WRITE_READ-ioctl$KVM_CREATE_VCPU-syz_kvm_setup_cpu$x86-open-ioctl$FS_IOC_SETFLAGS-ioctl$XFS_IOC_FD_TO_HANDLE-syz_kvm_setup_cpu$x86
detailed listing:
executing program 0:
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000240)={0x73622a85, 0x0, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000001c0)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000000c0)={0x8, 0x0, &(0x7f00000005c0)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x1058, 0x0, 0x0, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000280)={@flat=@binder={0x73622a85, 0x101, 0x1}, @ptr={0x70742a85, 0x80000, 0x0, 0x0, 0x1, 0x30}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0xfffffffffffffffd, 0x10000000000ca}}, &(0x7f0000000600)={0x0, 0x18, 0x40}}, 0x1000}], 0x0, 0x0, 0x0})
r4 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fd7000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
r5 = open(0x0, 0x14d77e, 0xc2)
ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f0000000400)=0x20)
ioctl$XFS_IOC_FD_TO_HANDLE(0xffffffffffffffff, 0xc038586a, &(0x7f0000000240)={<r6=>0xffffffffffffffff, &(0x7f0000000000)='/dev/kvm\x00', 0x800, &(0x7f0000000100)={@_ha_fsid={[0x0, 0x9]}, {0x8, 0x5, 0x200, 0x4}}, 0x8001, &(0x7f0000000180)={@_ha_fsid}, 0x0})
syz_kvm_setup_cpu$x86(r6, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, 0x0}], 0x1, 0x6c, 0x0, 0x0)

program did not crash
validation run: crashed=false
testing program (duration=1m40s, {Threaded:false Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:true HandleSegv:false Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$binderfs-ioctl$BINDER_SET_CONTEXT_MGR_EXT-openat$binderfs-ioctl$BINDER_WRITE_READ-dup3-openat$binderfs-mmap$binder-ioctl$BINDER_SET_CONTEXT_MGR_EXT-ioctl$BINDER_WRITE_READ-ioctl$BINDER_WRITE_READ-ioctl$KVM_CREATE_VCPU-syz_kvm_setup_cpu$x86-open-ioctl$FS_IOC_SETFLAGS-ioctl$XFS_IOC_FD_TO_HANDLE-syz_kvm_setup_cpu$x86
detailed listing:
executing program 0:
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000240)={0x73622a85, 0x0, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000001c0)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000000c0)={0x8, 0x0, &(0x7f00000005c0)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x1058, 0x0, 0x0, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000280)={@flat=@binder={0x73622a85, 0x101, 0x1}, @ptr={0x70742a85, 0x80000, 0x0, 0x0, 0x1, 0x30}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0xfffffffffffffffd, 0x10000000000ca}}, &(0x7f0000000600)={0x0, 0x18, 0x40}}, 0x1000}], 0x0, 0x0, 0x0})
r4 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fd7000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
r5 = open(0x0, 0x14d77e, 0xc2)
ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f0000000400)=0x20)
ioctl$XFS_IOC_FD_TO_HANDLE(0xffffffffffffffff, 0xc038586a, &(0x7f0000000240)={<r6=>0xffffffffffffffff, &(0x7f0000000000)='/dev/kvm\x00', 0x800, &(0x7f0000000100)={@_ha_fsid={[0x0, 0x9]}, {0x8, 0x5, 0x200, 0x4}}, 0x8001, &(0x7f0000000180)={@_ha_fsid}, 0x0})
syz_kvm_setup_cpu$x86(r6, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, 0x0}], 0x1, 0x6c, 0x0, 0x0)

program did not crash
validation run: crashed=false
testing program (duration=1m40s, {Threaded:false Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:true HandleSegv:false Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$binderfs-ioctl$BINDER_SET_CONTEXT_MGR_EXT-openat$binderfs-ioctl$BINDER_WRITE_READ-dup3-openat$binderfs-mmap$binder-ioctl$BINDER_SET_CONTEXT_MGR_EXT-ioctl$BINDER_WRITE_READ-ioctl$BINDER_WRITE_READ-ioctl$KVM_CREATE_VCPU-syz_kvm_setup_cpu$x86-open-ioctl$FS_IOC_SETFLAGS-ioctl$XFS_IOC_FD_TO_HANDLE-syz_kvm_setup_cpu$x86
detailed listing:
executing program 0:
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000240)={0x73622a85, 0x0, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000001c0)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000000c0)={0x8, 0x0, &(0x7f00000005c0)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x1058, 0x0, 0x0, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000280)={@flat=@binder={0x73622a85, 0x101, 0x1}, @ptr={0x70742a85, 0x80000, 0x0, 0x0, 0x1, 0x30}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0xfffffffffffffffd, 0x10000000000ca}}, &(0x7f0000000600)={0x0, 0x18, 0x40}}, 0x1000}], 0x0, 0x0, 0x0})
r4 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fd7000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
r5 = open(0x0, 0x14d77e, 0xc2)
ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f0000000400)=0x20)
ioctl$XFS_IOC_FD_TO_HANDLE(0xffffffffffffffff, 0xc038586a, &(0x7f0000000240)={<r6=>0xffffffffffffffff, &(0x7f0000000000)='/dev/kvm\x00', 0x800, &(0x7f0000000100)={@_ha_fsid={[0x0, 0x9]}, {0x8, 0x5, 0x200, 0x4}}, 0x8001, &(0x7f0000000180)={@_ha_fsid}, 0x0})
syz_kvm_setup_cpu$x86(r6, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, 0x0}], 0x1, 0x6c, 0x0, 0x0)

program did not crash
validation run: crashed=false
testing program (duration=1m40s, {Threaded:false Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:true HandleSegv:false Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$binderfs-ioctl$BINDER_SET_CONTEXT_MGR_EXT-openat$binderfs-ioctl$BINDER_WRITE_READ-dup3-openat$binderfs-mmap$binder-ioctl$BINDER_SET_CONTEXT_MGR_EXT-ioctl$BINDER_WRITE_READ-ioctl$BINDER_WRITE_READ-ioctl$KVM_CREATE_VCPU-syz_kvm_setup_cpu$x86-open-ioctl$FS_IOC_SETFLAGS-ioctl$XFS_IOC_FD_TO_HANDLE-syz_kvm_setup_cpu$x86
detailed listing:
executing program 0:
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000240)={0x73622a85, 0x0, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000001c0)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000000c0)={0x8, 0x0, &(0x7f00000005c0)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x1058, 0x0, 0x0, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000280)={@flat=@binder={0x73622a85, 0x101, 0x1}, @ptr={0x70742a85, 0x80000, 0x0, 0x0, 0x1, 0x30}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0xfffffffffffffffd, 0x10000000000ca}}, &(0x7f0000000600)={0x0, 0x18, 0x40}}, 0x1000}], 0x0, 0x0, 0x0})
r4 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fd7000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
r5 = open(0x0, 0x14d77e, 0xc2)
ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f0000000400)=0x20)
ioctl$XFS_IOC_FD_TO_HANDLE(0xffffffffffffffff, 0xc038586a, &(0x7f0000000240)={<r6=>0xffffffffffffffff, &(0x7f0000000000)='/dev/kvm\x00', 0x800, &(0x7f0000000100)={@_ha_fsid={[0x0, 0x9]}, {0x8, 0x5, 0x200, 0x4}}, 0x8001, &(0x7f0000000180)={@_ha_fsid}, 0x0})
syz_kvm_setup_cpu$x86(r6, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, 0x0}], 0x1, 0x6c, 0x0, 0x0)

program did not crash
validation run: crashed=false
testing program (duration=1m40s, {Threaded:false Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:true HandleSegv:false Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$binderfs-ioctl$BINDER_SET_CONTEXT_MGR_EXT-openat$binderfs-ioctl$BINDER_WRITE_READ-dup3-openat$binderfs-mmap$binder-ioctl$BINDER_SET_CONTEXT_MGR_EXT-ioctl$BINDER_WRITE_READ-ioctl$BINDER_WRITE_READ-ioctl$KVM_CREATE_VCPU-syz_kvm_setup_cpu$x86-open-ioctl$FS_IOC_SETFLAGS-ioctl$XFS_IOC_FD_TO_HANDLE-syz_kvm_setup_cpu$x86
detailed listing:
executing program 0:
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000240)={0x73622a85, 0x0, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000001c0)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000000c0)={0x8, 0x0, &(0x7f00000005c0)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x1058, 0x0, 0x0, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000280)={@flat=@binder={0x73622a85, 0x101, 0x1}, @ptr={0x70742a85, 0x80000, 0x0, 0x0, 0x1, 0x30}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0xfffffffffffffffd, 0x10000000000ca}}, &(0x7f0000000600)={0x0, 0x18, 0x40}}, 0x1000}], 0x0, 0x0, 0x0})
r4 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fd7000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
r5 = open(0x0, 0x14d77e, 0xc2)
ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f0000000400)=0x20)
ioctl$XFS_IOC_FD_TO_HANDLE(0xffffffffffffffff, 0xc038586a, &(0x7f0000000240)={<r6=>0xffffffffffffffff, &(0x7f0000000000)='/dev/kvm\x00', 0x800, &(0x7f0000000100)={@_ha_fsid={[0x0, 0x9]}, {0x8, 0x5, 0x200, 0x4}}, 0x8001, &(0x7f0000000180)={@_ha_fsid}, 0x0})
syz_kvm_setup_cpu$x86(r6, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, 0x0}], 0x1, 0x6c, 0x0, 0x0)

program crashed: BUG: stack guard page was hit in corrupted
validation run: crashed=true
reproducing took 1h48m24.009526316s
repro crashed as (corrupted=true):
BUG: TASK stack guard page was hit at ffffc90001067fb8 (stack is ffffc90001068000..ffffc90001070000)
Oops: stack guard page: 0000 [#1] PREEMPT SMP KASAN PTI
CPU: 0 UID: 0 PID: 398 Comm: syz.1.18 Not tainted syzkaller #0 41f03d0600fcd02359dd533896f58be78fe14346
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
RIP: 0010:update_stack_state+0xf4/0x4b0 arch/x86/kernel/unwind_frame.c:-1
Code: 84 c0 0f 85 89 03 00 00 41 c6 06 01 b8 a8 00 00 00 49 89 d7 eb 05 b8 10 00 00 00 4c 8d 73 08 48 8d 4b 10 4c 89 7d b0 4c 01 f8 <48> 89 85 78 ff ff ff 48 8d 53 18 48 8d 43 28 48 8d 73 20 48 89 b5
RSP: 0018:ffffc90001067fc0 EFLAGS: 00010282
RAX: ffffc90001068108 RBX: ffffc90001068108 RCX: ffffc90001068118
RDX: ffffc900010680f8 RSI: ffffc900010680f8 RDI: ffffc90001068160
RBP: ffffc90001068080 R08: ffffc90001068101 R09: 0000000000000000
R10: ffffc90001068108 R11: fffff5200020d02d R12: 0000000000000000
R13: dffffc0000000000 R14: ffffc90001068110 R15: ffffc900010680f8
FS:  00005555670f5500(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffc90001067fb8 CR3: 0000000115c92000 CR4: 00000000003526b0
Call Trace:
 <TASK>
 </TASK>
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:update_stack_state+0xf4/0x4b0 arch/x86/kernel/unwind_frame.c:-1
Code: 84 c0 0f 85 89 03 00 00 41 c6 06 01 b8 a8 00 00 00 49 89 d7 eb 05 b8 10 00 00 00 4c 8d 73 08 48 8d 4b 10 4c 89 7d b0 4c 01 f8 <48> 89 85 78 ff ff ff 48 8d 53 18 48 8d 43 28 48 8d 73 20 48 89 b5
RSP: 0018:ffffc90001067fc0 EFLAGS: 00010282
RAX: ffffc90001068108 RBX: ffffc90001068108 RCX: ffffc90001068118
RDX: ffffc900010680f8 RSI: ffffc900010680f8 RDI: ffffc90001068160
RBP: ffffc90001068080 R08: ffffc90001068101 R09: 0000000000000000
R10: ffffc90001068108 R11: fffff5200020d02d R12: 0000000000000000
R13: dffffc0000000000 R14: ffffc90001068110 R15: ffffc900010680f8
FS:  00005555670f5500(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffc90001067fb8 CR3: 0000000115c92000 CR4: 00000000003526b0
----------------
Code disassembly (best guess):
   0:	84 c0                	test   %al,%al
   2:	0f 85 89 03 00 00    	jne    0x391
   8:	41 c6 06 01          	movb   $0x1,(%r14)
   c:	b8 a8 00 00 00       	mov    $0xa8,%eax
  11:	49 89 d7             	mov    %rdx,%r15
  14:	eb 05                	jmp    0x1b
  16:	b8 10 00 00 00       	mov    $0x10,%eax
  1b:	4c 8d 73 08          	lea    0x8(%rbx),%r14
  1f:	48 8d 4b 10          	lea    0x10(%rbx),%rcx
  23:	4c 89 7d b0          	mov    %r15,-0x50(%rbp)
  27:	4c 01 f8             	add    %r15,%rax
* 2a:	48 89 85 78 ff ff ff 	mov    %rax,-0x88(%rbp) <-- trapping instruction
  31:	48 8d 53 18          	lea    0x18(%rbx),%rdx
  35:	48 8d 43 28          	lea    0x28(%rbx),%rax
  39:	48 8d 73 20          	lea    0x20(%rbx),%rsi
  3d:	48                   	rex.W
  3e:	89                   	.byte 0x89
  3f:	b5                   	.byte 0xb5

report is corrupted, running repro again
testing compiled C program (duration=1m40s, {Threaded:false Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:true HandleSegv:false Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$binderfs-ioctl$BINDER_SET_CONTEXT_MGR_EXT-openat$binderfs-ioctl$BINDER_WRITE_READ-dup3-openat$binderfs-mmap$binder-ioctl$BINDER_SET_CONTEXT_MGR_EXT-ioctl$BINDER_WRITE_READ-ioctl$BINDER_WRITE_READ-ioctl$KVM_CREATE_VCPU-syz_kvm_setup_cpu$x86-open-ioctl$FS_IOC_SETFLAGS-ioctl$XFS_IOC_FD_TO_HANDLE-syz_kvm_setup_cpu$x86
program crashed: BUG: stack guard page was hit in rust_binder::rust_binder_ioctl
final repro crashed as (corrupted=false):
BUG: TASK stack guard page was hit at ffffc900042b7ff8 (stack is ffffc900042b8000..ffffc900042c0000)
Oops: stack guard page: 0000 [#1] PREEMPT SMP KASAN PTI
CPU: 1 UID: 0 PID: 2289 Comm: syz-executor421 Not tainted syzkaller #0 41f03d0600fcd02359dd533896f58be78fe14346
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
RIP: 0010:check_region_inline mm/kasan/generic.c:171 [inline]
RIP: 0010:kasan_check_range+0x1b/0x2b0 mm/kasan/generic.c:189
Code: 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 66 0f 1f 00 b0 01 48 85 f6 0f 84 c0 01 00 00 55 48 89 e5 41 57 41 56 41 55 41 54 <53> 4c 8d 04 37 49 39 f8 0f 82 29 02 00 00 49 89 f9 49 c1 e9 2f 41
RSP: 0018:ffffc900042b8000 EFLAGS: 00010002
RAX: f3f3f3f8f1f1f101 RBX: ffff8881f6f50dc0 RCX: ffffffff85aa0c68
RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffff8881f6f50dc0
RBP: ffffc900042b8020 R08: ffff8881f6f50c87 R09: 1ffff1103edea190
R10: dffffc0000000000 R11: ffffed103edea191 R12: 1ffff92000857008
R13: dffffc0000000000 R14: 1ffff1103edea195 R15: dffffc0000000000
FS:  000055556035f3c0(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffc900042b7ff8 CR3: 000000010b742000 CR4: 00000000003526b0
Call Trace:
 <TASK>
 __kasan_check_read+0x15/0x20 mm/kasan/shadow.c:31
 instrument_atomic_read include/linux/instrumented.h:68 [inline]
 atomic_read include/linux/atomic/atomic-instrumented.h:32 [inline]
 queued_spin_trylock include/asm-generic/qspinlock.h:92 [inline]
 do_raw_spin_trylock include/linux/spinlock.h:193 [inline]
 __raw_spin_trylock include/linux/spinlock_api_smp.h:89 [inline]
 _raw_spin_trylock+0x78/0x140 kernel/locking/spinlock.c:138
 rcu_nocb_bypass_lock kernel/rcu/tree_nocb.h:96 [inline]
 rcu_nocb_try_bypass kernel/rcu/tree_nocb.h:483 [inline]
 call_rcu_nocb+0x623/0xc80 kernel/rcu/tree_nocb.h:606
 __call_rcu_common+0x43b/0x720 kernel/rcu/tree.c:3117
 call_rcu+0x14/0x20 kernel/rcu/tree.c:3202
 thread_stack_delayed_free kernel/fork.c:246 [inline]
 free_thread_stack kernel/fork.c:352 [inline]
 release_task_stack kernel/fork.c:563 [inline]
 put_task_stack+0x1a8/0x230 kernel/fork.c:570
 finish_task_switch+0x31d/0x760 kernel/sched/core.c:5933
 context_switch kernel/sched/core.c:6029 [inline]
 __schedule+0x13a1/0x1fa0 kernel/sched/core.c:7880
 preempt_schedule_irq+0xab/0x110 kernel/sched/core.c:8206
 raw_irqentry_exit_cond_resched+0x32/0x40 kernel/entry/common.c:311
 irqentry_exit+0x4a/0x60 kernel/entry/common.c:354
 sysvec_reschedule_ipi+0x72/0x80 arch/x86/kernel/smp.c:248
 asm_sysvec_reschedule_ipi+0x1f/0x30 arch/x86/include/asm/idtentry.h:707
RIP: 0010:update_stack_state+0x264/0x4b0 arch/x86/include/asm/stacktrace.h:-1
Code: 8b 7d c0 e8 be 7a 9b 00 e9 0e ff ff ff 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c 64 ff ff ff 48 89 df e8 71 7a 9b 00 e9 57 ff ff ff <4c> 89 e3 4d 8d 74 24 40 4d 89 f7 49 c1 ef 03 48 b8 00 00 00 00 00
RSP: 0018:ffffc900042b8738 EFLAGS: 00000202
RAX: 0000000000000001 RBX: ffffc900042b8888 RCX: ffffc900042b8c01
RDX: ffffc900042b8c10 RSI: 1ffff92000857112 RDI: ffffc900042b88e0
RBP: ffffc900042b87f8 R08: ffffc900042b8950 R09: ffffc900042b8948
R10: 0000000000000001 R11: ffffffff8175f0a0 R12: ffffc900042b8888
R13: 0000000000000001 R14: ffffc900042c0000 R15: ffffc900042b8000
 unwind_next_frame+0x3c1/0x750 arch/x86/kernel/unwind_frame.c:315
 arch_stack_walk+0x138/0x170 arch/x86/kernel/stacktrace.c:25
 stack_trace_save+0xaa/0x100 kernel/stacktrace.c:122
 kasan_save_stack mm/kasan/common.c:49 [inline]
 kasan_save_track+0x3e/0x80 mm/kasan/common.c:70
 kasan_save_free_info+0x4a/0x60 mm/kasan/generic.c:579
 poison_slab_object mm/kasan/common.c:249 [inline]
 __kasan_slab_free+0x5f/0x80 mm/kasan/common.c:266
 kasan_slab_free include/linux/kasan.h:234 [inline]
 slab_free_hook mm/slub.c:2445 [inline]
 slab_free mm/slub.c:4714 [inline]
 kfree+0x158/0x440 mm/slub.c:4875
 krealloc_noprof+0xfa/0x130 mm/slab_common.c:-1
 <kernel::alloc::allocator::ReallocFunc>::call rust/kernel/alloc/allocator.rs:102 [inline]
 <kernel::alloc::allocator::Kmalloc as kernel::alloc::Allocator>::realloc rust/kernel/alloc/allocator.rs:141 [inline]
 <kernel::alloc::allocator::Kmalloc as kernel::alloc::Allocator>::free rust/kernel/alloc.rs:214 [inline]
 <kernel::alloc::kbox::Box<kernel::sync::arc::ArcInner<rust_binder::process::NodeRefInfo>, kernel::alloc::allocator::Kmalloc> as core::ops::drop::Drop>::drop+0x594/0x850 rust/kernel/alloc/kbox.rs:492
 core::ptr::drop_in_place::<kernel::alloc::kbox::Box<kernel::sync::arc::ArcInner<rust_binder::process::NodeRefInfo>, kernel::alloc::allocator::Kmalloc>> usr/local/rustup/toolchains/1.91.1-x86_64-unknown-linux-gnu/lib/rustlib/src/rust/library/core/src/ptr/mod.rs:804 [inline]
 core::mem::drop::<kernel::alloc::kbox::Box<kernel::sync::arc::ArcInner<rust_binder::process::NodeRefInfo>, kernel::alloc::allocator::Kmalloc>> usr/local/rustup/toolchains/1.91.1-x86_64-unknown-linux-gnu/lib/rustlib/src/rust/library/core/src/mem/mod.rs:961 [inline]
 <kernel::sync::arc::Arc<rust_binder::process::NodeRefInfo> as core::ops::drop::Drop>::drop rust/kernel/sync/arc.rs:404 [inline]
 core::ptr::drop_in_place::<kernel::sync::arc::Arc<rust_binder::process::NodeRefInfo>> usr/local/rustup/toolchains/1.91.1-x86_64-unknown-linux-gnu/lib/rustlib/src/rust/library/core/src/ptr/mod.rs:804 [inline]
 core::ptr::drop_in_place::<kernel::list::arc::ListArc<rust_binder::process::NodeRefInfo, 15493408726748792400>> usr/local/rustup/toolchains/1.91.1-x86_64-unknown-linux-gnu/lib/rustlib/src/rust/library/core/src/ptr/mod.rs:804 [inline]
 core::ptr::drop_in_place::<core::option::Option<kernel::list::arc::ListArc<rust_binder::process::NodeRefInfo, 15493408726748792400>>> usr/local/rustup/toolchains/1.91.1-x86_64-unknown-linux-gnu/lib/rustlib/src/rust/library/core/src/ptr/mod.rs:804 [inline]
 <rust_binder::process::Process>::update_ref+0x1706/0x2660 drivers/android/binder/process.rs:975
 <rust_binder::allocation::AllocationView>::cleanup_object drivers/android/binder/allocation.rs:453 [inline]
 <rust_binder::allocation::Allocation as core::ops::drop::Drop>::drop+0x1715/0x5dd0 drivers/android/binder/allocation.rs:263
 core::ptr::drop_in_place::<rust_binder::allocation::Allocation>+0x1a/0xf0 usr/local/rustup/toolchains/1.91.1-x86_64-unknown-linux-gnu/lib/rustlib/src/rust/library/core/src/ptr/mod.rs:804
 core::ptr::drop_in_place::<rust_binder::allocation::NewAllocation> usr/local/rustup/toolchains/1.91.1-x86_64-unknown-linux-gnu/lib/rustlib/src/rust/library/core/src/ptr/mod.rs:804 [inline]
 <rust_binder::thread::Thread>::copy_transaction_data+0x7c54/0x9460 drivers/android/binder/thread.rs:1233
 <rust_binder::transaction::Transaction>::new+0x3d0/0x28d0 drivers/android/binder/transaction.rs:110
 <rust_binder::thread::Thread>::transaction_inner drivers/android/binder/thread.rs:1410 [inline]
 <rust_binder::thread::Thread>::transaction+0x1b97/0x3e50 drivers/android/binder/thread.rs:1370
 <rust_binder::thread::Thread>::write+0x127c/0xa7b0 drivers/android/binder/thread.rs:1532
 <rust_binder::thread::Thread>::write_read drivers/android/binder/thread.rs:1668 [inline]
 <rust_binder::process::Process>::ioctl_write_read drivers/android/binder/process.rs:1620 [inline]
 <rust_binder::process::Process>::ioctl drivers/android/binder/process.rs:1685 [inline]
 rust_binder::rust_binder_ioctl+0x1192/0x5c20 drivers/android/binder/rust_binder_main.rs:462
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:907 [inline]
 __se_sys_ioctl+0x132/0x1b0 fs/ioctl.c:893
 __x64_sys_ioctl+0x7f/0xa0 fs/ioctl.c:893
 x64_sys_call+0x1878/0x2ee0 arch/x86/include/generated/asm/syscalls_64.h:17
 do_syscall_x64 arch/x86/entry/common.c:47 [inline]
 do_syscall_64+0x57/0xf0 arch/x86/entry/common.c:78
 entry_SYSCALL_64_after_hwframe+0x76/0x7e
RIP: 0033:0x7f1df9132309
Code: c0 79 93 eb d5 48 8d 7c 1d 00 eb 99 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 d8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffe13fbe2f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f1df9132309
RDX: 0000200000000180 RSI: 00000000c0306201 RDI: 0000000000000003
RBP: 0000000000000000 R08: 0000010000000000 R09: 0000010000000000
R10: 0000010000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
 </TASK>
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:check_region_inline mm/kasan/generic.c:171 [inline]
RIP: 0010:kasan_check_range+0x1b/0x2b0 mm/kasan/generic.c:189
Code: 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 66 0f 1f 00 b0 01 48 85 f6 0f 84 c0 01 00 00 55 48 89 e5 41 57 41 56 41 55 41 54 <53> 4c 8d 04 37 49 39 f8 0f 82 29 02 00 00 49 89 f9 49 c1 e9 2f 41
RSP: 0018:ffffc900042b8000 EFLAGS: 00010002
RAX: f3f3f3f8f1f1f101 RBX: ffff8881f6f50dc0 RCX: ffffffff85aa0c68
RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffff8881f6f50dc0
RBP: ffffc900042b8020 R08: ffff8881f6f50c87 R09: 1ffff1103edea190
R10: dffffc0000000000 R11: ffffed103edea191 R12: 1ffff92000857008
R13: dffffc0000000000 R14: 1ffff1103edea195 R15: dffffc0000000000
FS:  000055556035f3c0(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffc900042b7ff8 CR3: 000000010b742000 CR4: 00000000003526b0
----------------
Code disassembly (best guess):
   0:	00 00                	add    %al,(%rax)
   2:	00 00                	add    %al,(%rax)
   4:	90                   	nop
   5:	90                   	nop
   6:	90                   	nop
   7:	90                   	nop
   8:	90                   	nop
   9:	90                   	nop
   a:	90                   	nop
   b:	90                   	nop
   c:	90                   	nop
   d:	90                   	nop
   e:	90                   	nop
   f:	66 0f 1f 00          	nopw   (%rax)
  13:	b0 01                	mov    $0x1,%al
  15:	48 85 f6             	test   %rsi,%rsi
  18:	0f 84 c0 01 00 00    	je     0x1de
  1e:	55                   	push   %rbp
  1f:	48 89 e5             	mov    %rsp,%rbp
  22:	41 57                	push   %r15
  24:	41 56                	push   %r14
  26:	41 55                	push   %r13
  28:	41 54                	push   %r12
* 2a:	53                   	push   %rbx <-- trapping instruction
  2b:	4c 8d 04 37          	lea    (%rdi,%rsi,1),%r8
  2f:	49 39 f8             	cmp    %rdi,%r8
  32:	0f 82 29 02 00 00    	jb     0x261
  38:	49 89 f9             	mov    %rdi,%r9
  3b:	49 c1 e9 2f          	shr    $0x2f,%r9
  3f:	41                   	rex.B