Extracting prog: 6m30.593483562s
Minimizing prog: 9m42.251794143s
Simplifying prog options: 0s
Extracting C: 41.387100478s
Simplifying C: 5m55.114843311s


extracting reproducer from 95 programs
testing a last program of every proc
single: executing 45 programs separately with timeout 30s
testing program (duration=30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$binderfs-ioctl$BINDER_SET_CONTEXT_MGR_EXT-openat$binderfs-ioctl$BINDER_WRITE_READ-dup3-openat$binderfs-mmap$binder-ioctl$BINDER_SET_CONTEXT_MGR_EXT-ioctl$BINDER_WRITE_READ-ioctl$BINDER_WRITE_READ
detailed listing:
executing program 0:
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000540)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040))
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000480)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x78, 0x18, &(0x7f0000000580)={@ptr={0x66642a85, 0x0, 0x0}, @ptr={0x70742a85, 0x0, 0x0}, @ptr={0x70742a85, 0x1, 0x0, 0xfffffcbb}}, &(0x7f0000000240)={0x0, 0x28, 0x50}}, 0x40}], 0x0, 0x0, 0x0})

program did not crash
testing program (duration=30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): mkdirat-pipe2$9p-write$P9_RVERSION-dup-write$FUSE_BMAP-write$FUSE_DIRENTPLUS-write$FUSE_DIRENTPLUS-getresuid-mount$9p_fd-mount$overlay
detailed listing:
executing program 0:
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000002c00)=ANY=[@ANYBLOB="b0"], 0xb0)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="b8"], 0xb8)
getresuid(&(0x7f0000000440), &(0x7f0000000480), &(0x7f00000004c0)=<r3=>0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',privport,access=', @ANYRESDEC=r3])
mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f00000002c0)={[{@workdir={'workdir', 0x3d, './file1'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}], [], 0x2c})

program did not crash
testing program (duration=30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): mkdirat-openat$fuse-mount$fuse-read$FUSE-write$FUSE_INIT-syz_fuse_handle_req-openat-fsync-syz_fuse_handle_req-fsync
detailed listing:
executing program 0:
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000180)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r0, &(0x7f00000077c0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000100)={0x50, 0x0, r1, {0x7, 0x1f}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f0000009800)="000000000000000000000000000000000000000000000000000000000000000090c400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000015000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000001f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ea8286a2fba523440000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000633956a10000000000000000000000000000000000000000000000000000000000000000000000000000000093160000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000018000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f1000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007d6ab715107fa1820000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f6ffffffffffffff0000000000000e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1ffffff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fffffff3000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f400000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fff30000000000007f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000286071480000000000b13bc1e6d970884f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001b000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f3ffffffffffffff0000000000000000000000000000002000", 0x2000, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20, 0x0, 0xfffffffffffffffd}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x101000, 0x0)
fsync(r2)
syz_fuse_handle_req(r0, &(0x7f0000002140)="c119ed7667ec1da6ce5ad10520d9f0d916f246337b0557963a20976c5c2e3b9c50442c3aa3ad8af4490e25e8a248ad6569c868927ce88fde8f6dd47700c012579d8f5517c15a8692ebbfe31637d24da9b182159a75eb201be82b5b3482e6f7d3344eb462be4e452a789b9246974e521beb91400d62ba27d79dc7e4a2511c941b7658a426f1b03867abe8958cf54e277c8c7eba60d65881156958563b415fdfb45237d979dfffc5a2399d245c064928d88f8f2ad57fc65556fc4404b0deb7fe8b794c8f853fc356646a4bd5a3bde17b164539cde75bfbcb82189d10658affc840871f99d48a657c0a490f44959ec808a7de09590156b5f4dbe9689884f22c3388c3d735ab0a38bfa911e234a40a7700258e36df5be8b1e6e8d229a9ad553628c9e2d099d87e54328d8e75a59b5add9aa55447c933e752fc3bd90aa92645449401e7a715f3b4bcc17c799eed78a917850f05886472640ec78ba017ae6e83683db81d999696d3ad34143e5d6be46724f4086dd8480e85b070e2980ee952ef91f8467bf542428b1958ead9f7a09641d0c33c1566e77a3c923d94bee7dc9046e8b6803dc5c5a6e34ba951d2a0fe9d6d03a57391560e2328e8c581474e38e40055b45f7467b4dba95d64dac57b6fc0dc8a40f054aa801a3c022dcfadc793ecfb9968d3121157b0a8b25b99b09038c58570205b4166f3bd749d7a0f8bf89033e11c0a456bb72788cf7ccfeb980ce085711f8ea531fcc57206d8e0e0aea1f3220066c7769d71026259468604a5cc7331cc971a4cd78d8552e0e0d9955deb21282a27f0a5f8364d0f9fe91016f086c10a3662a154316891ae4fb8cc3481b2253bbd09c64629f3ffcb5e82b495e6721dce47734254ab64cc119c2a446f34d6cac813a3c0444d9a13ebbc0fa4baf1bdf78b9a9cf6620fe488bf2a1bf7e857ad6ea157542761cc6a7da8d4c2242853a1fd14629491680253603b910466927c2dd4818464d7d9c246b9cd726d123d1dda95d0325370a0f1b5751796d13501a2aa1ec0dc70a5b749f8d171cb7569d9b74354883a2216f452cc712d0829c8c5f206cc7924652473931adfd2bd3940b3adaf54967c0af599d4968da74f25d2cc309dbdbe3d6faa08f2c08205365d3c4a2c8344b1047c7d0caf6b595e5d24c89ea1b532fe3094d7a16c716110b75deb22a5a281c0f133cfcfaf5238a3c493c4f97f890bb33769ea652c67149be70e62de16b65730b3bd2f547c084ee77d456a86bf8f1f7304703d2524443c4b66ceb7d2e5d97124a6ae48158c16cefa3eb94a7ec49ae43dd02f9edd0924d73c7cec977186442518b8dc642dea31dce2b79b4ec5400210817da04caf0198e933e8c618a5f0e7123ca5786c45b10a543e7de350aa4c072c85612a99ec9534f70130eebc0ef842416091a0adba1d30730d04080928c094d49a70f0a354b918725578b27a9b65f1a43a7dc9d8b6c9a23e08ba83bb8802e69454eb316a6a0188713704b30098479f5d99497e60ffb372dbbe07642dea12bf6f3f4b6c508f1e061b0211b9be792fda7bb86f51f018085f2fd5ae316c761b35d562dcfb783b87d6da0820947f5d055f0f7cd3c50f1c61f1da1a73c7ef107f0ad957977a33cdc67f6aa82e03490f5333c1ec0a1fbd14b2aa961d2b3f6315bd06029c4c9654414bd9256de44ecf3b0485a41a9f7183d0469bd327f549201924ab80e3227f228e20e9fd3b646b3134385ed058f4bff4f714cdaa855e2c364d7bbaaf26df65bdb9dfc4f6104d219e41684493c621588ca8d01ef3211c28d613bc67e498b4b80279249bd947d029315dcabea9362e0258a5a819530459df44f7c83972299e54a29afd836fb176cdc1d86398b6c7a75cd15b1f76a0070839b5a24366603a0aee35a9f784e4a633703de42e6648a9626160a25c9033242cd97eb07ffc54a01d94c48333e832ec0eefe51a266fcb526dd2954cd1147d2a2df260affac31e4cec7ece02dce3f61078b0111b94c3bbddd41487e33820ddc8cdf7a1ebc58531f280e2c12a8514bb4e7a176208b73ec6f4cf1b660393837dea00a8474fc41039db848ad6b0375a36ba35582736cf7bdb33a051d49f966fd17a80cef2f0c458d1d5c932e4193c5018105416ff1b27eddf56d4277a49d0adbf34c998a062db4c8263f5c03696cda85a6f0db49a5c58e2809d7519e6ecaa017d90e31eef725fdb3f26d77bb15a3d924d3ccb728535dfdb7517a10b9a54a551c1ec95c6770ee0901d18f24149678f1677d1f5c447aee584c6f1dbb7a952da6b91e8af3d98fe790201b89a05b61abacfe6acd7a774e3a12436d169f54b8e2572f0ed70ca78e801bbc3b783d73c96d5424b82de2d8ba84f585c67cb4c7d8175b8a2fd75a59b24db0403064924a4a6ea5423ee818b70d1c5403da14370fbc98ab4ea6a7fe78e7d3e8da1a3f04856edd96e8b9d7e80064daed38d0ca194a638a11175a9812569a640a8d373aed41e9a1e0118ff7ecade45238544dcf5864697c4d36e444fb82bbc222a8a2bec2869c623f61aa38299d3a4e8806721d579907c31a0cf50b82dcebe08d8c5a21d97a707d5a83de1fb145227d0303334e5cc73c628e818ab6901c001ef8f02557d5ec579189b620f0e3307df5273573f707ee91985823894f9ccd80415c91d7baadd31ceedb3b26212e09a62bc22392fbbf3aa5e340dd3408c1c9e3d1d144dd5260c904812952466ba31a2dc80b8826b1354335b0d754954bc93cfce0eaf93665600f67505595ed66eb38ac98a23ae6568aac700361e784fc8ff3cf0cd19e15a3508f42fb1bca1f95a6502b5ed09df0f75859527025798b890df2f0110cc20798a7096831c9822ed5a9341fd6afc85a78736b857bbfbcae5f61fb5a3ca5577c4bfb6b1ccac7f21e95cb2c1e3fbe91f5a46522bfc49a0e11b4ccae898b5215cebacac2ac8d6685b05a9df649d39e40c66f4f1373e77a722beb0ed05167fa206fd66cae5b01741f86cc1681ce7efcee5d67cf8a89627d7d02ca8ae96e32cd5d74dffa715b7c2e0f24648932930e69667939490cadcd06b4396800152fa3dfb4810ab6c4de8f0814a9fb211517d19932befe0c0613699d481ba2d3140836d9dd074ac5dbbc27284463f190442b453d4a06e1e0053d0e097420e1406b104cc8bdc486a1fc581cf1dca50f63ce3de1403eb4a5080971aa2a2a911c3d24d0370b1c062e6b21c6a694eda76e61b877e596d34ebc507f10c3bbf969793f5b71d026d03cfcc2bdda2acdeea4b7066f07be408f6bb35ba7f3b8196e9a1d1ea30ff709d8c0fa29c40056bd53e609b5217976c422efe8052e4cbda4b12dd2a1286a4460c57bb3a138c55408fa6a0888e32299cc47efb84ad61a98385854824ec253f1279f9d1ffe6becb8c427b53c57b537e6494f6acc7902347589230aa7316523108ab38842b3b97a0840d4c3eabd229232a71302edd1f3375d0092cb3a07312400c1be8a94da53a79d2fce38fed341193f6c4dc41f396774145aa18400bf108577e714f4a4c50ce408392f954eeae696d2605bb973b147ef98fa35d576c957a01f262d81157e1c8aaafc708634366afcebbf31cd4b7190d29e0b3a2960ab5ea952eecd38becbb7cf7659a95044a1ebe4240b0d26c7a932c14c1252eb24bad57be94c5632bc42aea31f722904306d39f1d0850ac029537c4425d048ecf3fcb5428638dbcb86e17d60164fc396c706c10f0a1ccb4dff2f36b47510a749dc03e32fd7f13893db135790d29a56fe1fae6d0202831d440242be2086c6e5dc71dae14089fc080a358f159faafb397da8ad8b48b1615112c76627a0e47a7cbfd2cb0e9a9c5316e96f8c2cf4ab7c875ed1bbd5a020ff2f265a1f63b6151a2288c3e83183e68cd12dce8094d392137f061d43421eeeee504e4db172c9fabc6297a5641a9a7696f16660489fd6f7ad9421068bd1294941e51b8d2b818627e3081369583e91c6b8b68c93173dc7fae27f3bb9a4c6a3d69cf5bf28b3f8b5c8fa8a8a90bfc228acd1df93c8b3f15fb318c7524ef2e8b6bc18010b4ac5b448dd3a134531654d610cfc9b393b5b1a22e90377b74ebc64aae95987881c0602311c0fa94cd612889125da49b810acf9617263b55e504b1b9160675cfbef83170fba4134640cc2be541bdb54077dd65304eddabcef91a3445804bcdbf00f53dbd3345c190c2ec117dfa986dd04c3f02b7ba9eee47538c5fda856d432cf343596c53cf3c109ada41fc6d7b09c3f14b60c2c8a4cdf5ee0791017cd25f7ad96d0c51a5cc52e2647826662a99266a2f2072b7b1acf805d44d8064d419999df38537ffcd78a78ce3837bfe1faf7dc79f5e0d32ea5e62c06e6aa716e0e048cd5c5fa8b4212ac668ffaca2a4e8afb91aa7425a800fef89fd97587569489088b434510a38a49e8ee3e1b96a307dcd999268967405f354dc0478bac5229203eb9d6aacc2db83e233ce852ad55b799b6923653d3d5788ac56ffdfeb206acac33010161536e3573d54eea1925b6f4edc6aa193e9e362681e34564d146b49ed916ab8d6aea1a78e526c7a0dc56f5ca90d07862d17cb3f21307f2e012ffd011ec64d4cc23faa4a08c4128c0892be5d5999f681dd28bd6796f83e1e0b80ab61249e5049e81c2e692e360194129d1c9aa13d5302d3cbc6060159632c6d3c2db27c3fab53e0919a81ff5878f6328536292905883095b65581b696ee94a8a0dd7d0d11a2e269959a6f848c87eefef283e57fadf325b665ade2d6591b283c33ce9092ceb39df5bf6ff92cd6180353d8021cd3b8a7efb9be4f79b37ee19e4b9eccfec49b1f526420aed78424d5129afca3e28e1e6cb5cfdd894289abd5ee69d29413c548f65baea4c99ae73055000adb0dab38e7bc6c9c562a3214e3b279decf1dc731ceed1e4def2d70360953886da1eb7b18b745fd6d8751d038c6cde166d4101df1418689468d3add001cc44c8f2ab8105fc362cf5792d5c270441af890ba4bd563ce68b57a0f99b80ba93f7fea3765ec1fdadfc7274d4d7c46da05fbaf47e29de56ffc53f71188f94cc3ea26197eb9274aea10f793e348541feda0cb82915fbc966d317b74ef23a851f3a7886fe99c4bf917d5932dc9576313518276f690f400b8de28cc92c2b753ae283c7fa1639af82ab939e3be687621a525dbed50d33cd6366d559a75f1bd1cf25a0bc421c79debae4263beb171539835e6e5447d411383c3d7ebc8157892ab6d5013d49b0b777dc27f629e9e0924d889702dec588045563cc09cf1bea68fcfd0a2c6943248009b95cb6055b5c2f521c4120ecb4233c47d7f0454afa93063d5b26b94530b3b3089b85b64ebc684e5c38a561ba437b09582d38fd379e48e752cffc532bb8bec2999b2ce70fb9e5d7101d740008c935680537e8992b576c9f5dbcfb35513c11fa48caaedf52a6bc350aa2acbf1ec561680d8ee9837d3373e2d51183279a95d41eeb9558dee0fa43256b9a19012b3091a4bc1e94961beb05c33869915e69413122a953e0be0fb9759c9b8ac1254aabcce151638d60d197458e9757a1d1b0e7286fd66dbbe9deb51ca7274b3e0efb464ff44aafd5024cc534ce0d725bdd4e43601279231b6fda22ec25a680588794f086a9c094b751c575d0e0251afa27381c55a9c190ee3af55af0d20424db2411233fe46c537b41dc576639979469925a8c8e515539bebba248d3372ec80875afd26a04ef5d1aeb61390901eccf4df562680445ccd6a90fc70cf0ec08910b23e108ba9b35a689fecbeeacccda80a2ac86d2e7ed2990ac386ff3cc7992ea29d94bbe7d13c96cd31763cb8a5a150c6ee1781160e27df9b51678e650d009e95322a0a63a9165288be42681e3dea6262e00ffdea6f076b9bc810880cfed87a609f1096dcf6af0f053b5ed80c2053157b97396d2876f6600149cda0fcbdac08621ae99e9fd24393d30c3911da7573c3675a695f9e014a3dc2d2e45296abaff428a733cb742a01df7059828f64e515099141081ab3a263c7c38459dbc0d32fa8768b8fc3550131d286637e25466d2a129d587663d9d0eaf4079a72cf37c9fccf5f2cdda2e9db69d82a87b4cf9c20dee03d935cf6099d1d1174344d551cb569a73c21ccafa6c59b988e0681bb175edd912cd64670598b444825c8f4a280dfee91ba18f50aa0f2fb529e5f73302fa09c4b9937f19ff6175af4f1321d3dc09e692ca7e1934f31ac91fb6e6fca4b1dda3a0063c8eeb5f68d43c820f8b9e1c6903ec1a2626ca3536bc386f42e7d865102daa82db5b2d2b580825afcfb65ca9c5cca7de06d838f84a84ee4f8381c05de2a0ec53bdcc447df8e8b9921c21cdd43312e1454790d727ae9c33487239195afc93149090e3c47dd9ec03feb51551ae92e9dc21ce5ebc4e8c8b99b9dd09ecd33a949aac69299024a52680c91244fcfefb9e2def28d0cdb621d7be8442c67c61b18a1228d341014a3116e9b8f2829e291f788e368b6e36460a6a76987918caa641f06184ab0a3910a43dfa97b3e5c31c837a12a436ee8796f9f507cfc438e6b061a59342be0c0bef0b646973d58830063a28c1cd3f434173f450c2ca3a846adcedf6b5d0bfd0813948e79fb8b6bdf9a5add644ab2a1d9795faae8ab680db6a4ad933848ec6ad09b212605ce497b2dba4eea307c45c17099a3f116508c73371d6f3dad906cf8ee9a9eab88e9365fc78112dfc8a4f865e627f1f6e11357632a3a1a2e9391f56376f8e181555ffc98ab9d93874392e81aa4183e8caec57a4a29613a3c4319595553143adf28bae56b719b8be0b2acc4b03038d48de63b19ca362945637d4a385becaaddad5b3dba297ffe71ca0cc9c9c1ff843ea5f0dff511b88ec7a6001a2570d09606c36d6bede06c4c7e93c77ca3da73f9933b16650df963a39ff34a3e83bad1c14a5a9457166f13c53502e9b9600982aa99598f711ef22720204282c9b02fea3eb55d568160f0fd62633787a77fd8acaed92f2607020c26f6f9386f9021f9123204a3f20e745caf37849b25f360e174718e1d78a32dbdab5d5aeb36c9b3366167b0fee60883a9b0f8bcd9695472ff4820462fa6f75801abe45c4ce02c6de61bddb434bf020b1145f0ca58f035f46107ca63a507498d7a1ffd9f6d3071479aec5999c1e7abc0e014c5be04b92486dce4d8bd88c321f3017050c599a6ed8888f810c75f2607fd35a8795b7478d1c346ce6694a0e1e3604cbe2ec7a31415d80508dd23ffe4db304a2ca1bc65681cff1135b95fc05f0a3b8cada0f5c83e8d0f3cdcbd4bfb48a7895cc9535d81d13ccc8f9534dfc542d9837e352eddd62577ee711d26bb07f41e9948d4b917a926eb8093944ae45cc6dd13ec9b61816950d158226ab7f1b8d8a1465f3eef2e9a63b3ff097282d2541fef5102c8b651ded051d3219f6527d4b5b6fcb1bd0fffe7080abde84ea1acbd2b89b0c9577fd7273675527a12dcaec02b3262389b05c2c09792ce465f7a879de0270fc2b6f28403a1dca0c5fc28f0687351c5bb346de8cfea7532b834904bb012731ef8fe83036c95251c757683834672fa80ba8383308e3e9e536fb0e906a9727e6b2870c3a8ee056d353a3fafe8e9ffde7b0ce951b60b35fc2f7d1e476ad1c45f2559ac66dd007fc27253256f98877a4476ad273880a874023e3f75b14b32366172bf860eb6dbcb0a98b83972e23b02fd02027ca7f9eaa0ee38eef55ccbace6ea3051d79c6017c34b5b502a9b0e52c8b4bd80391af549e6f4accb1cfdf2071de59ba903dde378d9e66ed0cbbddd66ac365e64c8fdb93b97305a55cb39beb745d4a824d1de5282b1b839a72603fe033f8c7aae2cbab65fcfb54eff28eb0bd4c72e3e892f953e3251b88ce178641e79ab5484bff93a8eaaf601be15368b46690ca10e70188f581f999eac931fe48f31b8951ccff1ba5d6cc007246595bdb22a3dcbfb2c9fe0d010bbab856f4c651dc5ab7e8fb0193b1c9924facf3c05a255ef328d589a0a89bfe67c7d971bd7b708517c8540391f6a6b9724069e572be3f85ca86e46e6fdedd22695fd8b364f3d10723a34971a39e1822eac8f51661ecd13c41e6349c030434a0dff79f441cb195bb08717345cf29401c834c35d9009895b6e5c03406b202ee333d7f531898967f93aaea74265fc605fb4b5a5750305ab82203f2fb49493a5d3deb285a2777c8641b3d5df1c7cdde888786d314ccdf20b60c5e05279160fae24073027d8b8b61aa4e4760d8d7d785d2fa1e551c2ff644bb83e69fc574c754a195efbca225e7a5e5ffb1f0852cc80187661295786fa35cca2baba685f744ec9e193e212823741437dde5ca003973261a167a389f2e5ead402feecbb4045a39d3ebd76c4bfcc65f60bc841f8488d08f258a95caf36cbac22671ac59a7e3ebd22d600bc417b15daaf296b562928ca6a2d7c11c5e96d3c1f56e683f1a55c07dde2cf889be2ca901606b613a299703312e74f80092ff6128835ea200fad70e0c2d094818ba6178200a211d6b2d2b068a4a0d757361535a73ad59a309c2167c874b23b2abf4e5eaf76e7e6851d4232303b8c9073ccea7398d34732289d0530f4183d004cc4c9827668005d28799ed2b23005f70bfbdcf2f4b6a821c2ca12b7915a5bd6098753218ebc41b16475c8611f492f85b08f551fee983915a5cfc82d24abd29a281963feadfe33cfe14735168b2e0528b0493011aa234d18450d9b29322d7094f3202f6a6b49094dad52707a3a80324835bf34daf557ac5f18695069601c6011f148084355af3b531fb0e16a6ff81a8f9708e1a610d38dda66365255c7aa3a3d37bd4b58baa13d1b910280567642f97bf4836a1fcf336bf6e9a0fb347abcd1cdccfda04acdca918766a64fe7904b2e67b8872afd4366f9feb944f9b9ae5577c76c55c24b85e44b48d464333ba1a9f6e1e8ba10b57d7d8aab05e86702637485998fecc12b3fb12ff7ba3fd26223881a06350f215a8bffc46eba2cba0af2e11439ce012c667c5cafe3d0690c77b3f1ba108caffd5726393e61f194295cf4c51d0d383632cd9b75daeceb84ec450a0d344b08596530f1b95ff8b034c04b263a530c59d822e9c8c5c7328e539a18a2905c117944e22eceb60247b7aaaabdf0859a9143ffe2935454b6a87f21bc1de97893c23b48ce03782252f60e880f56b839daae71aa8a19e753506b370739ea88294ca2e0c1af31438ea33b084c43c6fa1381b7f1b9423685c53f3438e1e8893c6d157b297b336cf7f032ab4c01248ea5b2222e24f90240d8f28f6455e36cc423dbd2888d56c3fe6bdbcacf397ac13a1983797f7ccb84a1cb83339d4e9f599a154ac406a3bee3d4b3749b4f0768b0b225f31c9c91dc26a45a2e109a218ddd22af93b86b6fe336d3a051f7e07ff1d1d5eb662de4cfda0dacce0e20c37f34c75a97815591da22aacaa1e3a8028af1b5e15e470e800fd1dbdc99f21687724f07737c2c315e0836cb169f71e689fca00a2c73fe666699cd6571ea106767bd7f0bca061f0b4a21991fd02b8e695b78474ee1c9bc13bcdb9e477c02acf2343d449f9b85bd618bf7a2bc353c356b9578d3316b17f8bd3fc20f2b1a7a4cdc518e79c77d472c5cb6762693388d3124579d884a49a69d7f07c332be891c3244525c2e6b9387c041b93706a0121365cdf69aa839346e5e180945d8af7da0a8f65cd1bad1377d13ff6d02e7ea54d4377a1d3d49d3d357e61890034409b19f44fc02f5574f40fe535bd423bbd96a0a542ccade1b478b78265b25c1322fbbb8ec99cb45b22d737ee248169fe08f8a2958b925ace6372bcf1d1be57e9b4de97bd0db62425c53d869794d4390312b67db5e61d1b42c5afa549065005f359c47734f54b7f30918be1e2d0ff21596258caa287159fbe6dc0090242c43815367bb45067a55e0658d58eefd081b1541cf393561a5a369fe90c6d5d8caba63198c84fa0467fae813ecd3fb740a3783a53dfad07c9493fb3936b802e1bd9fb558bae88c44d9a4795aa634c13a5fba50923636ac6e2952da6c8424cc616eb364c11f876663d105fed392c15dbb00f9caf50af20c44e4fea91480cb4bfecaf126451e6f19146bb2ff26d310416c62410c37b000a1d1f0480419e5f5f320827fce26fbb25c9ab882ad4bdf6a674aaee87b85309a9783bbd34606ed46f6f761c5e124825b0e5df507c505814c769323bfa36170015e1720e2cbf30f79cc8515df1fb7d58695ecf8825e924e098d0dfcd5e396093d996a2fd4a9c5de03254b12dfcd2342f49acbecf18dc3417382e5b507652b1d089eed0805479546eba0fc7d17ecf11d692b4ce817f270720cf20737d3f02e302cf5e18d649bf3405fd262dba305e916280a38e3511307033dd70d2cde39d528e676f6a051ebc73b6ff0d5f63b58970e38e39ea366977a0809e22eed665620f65bbdd2f94ad82f3faaba1bfac309f60f843fe89573787092c8f7a7b44018ba7daba13e6b093b496f79adc0732574cac1cc33e5234d7770ad6cb534dab9856e390e172a91532ae77f4ec98054f4c12b02d0438ddf8d8d173e6a59f66564accb785693897b335199d9d8338e242703ad120f465a19153a1a330dcc275a399af921e0dac2b6d79ea51ec72fe932be071352c12933367487d7385de66d62b2bf5cae6c4d54f099d7c4ee10919dcb33a2b31498d979504b619a6eaf64ed400e491859f9c78c1d9d434d6ac69d570796088d76a47b4999816eb3b15e8de155f1392b75c1517c91df38ef0793610451ad31a0906eecf14c80b679202a6df9f00c7d28d1449988410c652740dde2ace85080e2a4f16024cde15ec4023b1fc4537d6947f1e001d37c90acae2995aab5476a99d3a20af07ae2e564e27e31b30d7bc3b8aa016e3b5c38feb9fc947ace24e83e7ba4f69f72e92f8f26bda8dd09ca791fe9cb1d0e14278c89a20ee2896924e88ba9cb3b916aff3b7a5924a91b4495d0305fb4adb3e036a31e2f200f272d4fa7285f96ab7e7b934464227e108511ded2ae4337aee944e4067c7b741d2f55483243d641b8bcca425bb69f591065a3b45c6f9513b472aff95c1b3e71133b3479cd5fc51e9eefe5bf0f7c2f9256f8d49a2ceb2d11ca0f0eab1e42464cb7d6aaa0c023147c1f108c3d6d1fa379638979170cb6d94fa92e5cf5f69316fd64c027eb10ddfd9b91fc91829f347cd73433e5197fd97fb10e99d2ed8868d49e24d59efa6758667f6ffc18e5258f98afeb01a3d794813fc2b9190090ccceaca0526f06a948d45bc7e2e40cdec3cf78c10676a8bb8a3e5e7200b3726b3407bf666862f9038d8216f9505cf7aa9a04f934d6da311d6500452676dccfd60977c4c99d56dcb7bb45fb2081e19803841a8edd8cc55b08082d9798a5c3a80de66f4ba2ccd90566d393d94608f17724719393b9df7725baacdf0e4e984b454576ad4f793143f4c8dc5f1ca822fbcdc90e9636727ee0638fb26759e6ff79b19c97ad224e5a85e1075833fe7fd2f3424420a5197eaa9d440c52807fc3e96c647dd745e49189f427454aae6aede782a8ac40582d85acc9ae68f95af556945889ae1fe381e69ed18aecb08866f5558ae36b6ff61c86fdb2b6f3eca083dc41c0", 0x2000, &(0x7f0000000b00)={&(0x7f0000000280)={0x50, 0xffffffffffffffda}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
fsync(r2)

program did not crash
testing program (duration=30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): connect$unix-bpf$MAP_CREATE-ioctl$sock_SIOCGIFINDEX_80211-timerfd_create-timerfd_settime-socket$nl_generic-getrandom-ioctl$F2FS_IOC_RELEASE_COMPRESS_BLOCKS-syz_mount_image$ext4-quotactl$Q_SETQUOTA
detailed listing:
executing program 0:
connect$unix(0xffffffffffffffff, &(0x7f0000000500)=@file={0x0, './file0\x00'}, 0x6e)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000040000006c0100000700000008220000", @ANYRES32, @ANYBLOB="fcfffeff0000000ece15d74bdc98", @ANYRES32=0x0, @ANYBLOB], 0x50)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000400)={'wlan1\x00'})
r0 = timerfd_create(0x0, 0x0)
timerfd_settime(r0, 0x3, &(0x7f0000000380)={{0x0, 0x989680}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
getrandom(&(0x7f0000000540)=""/200, 0xc8, 0x206666b0490c644c)
ioctl$F2FS_IOC_RELEASE_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f512, &(0x7f0000000140))
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000000240), 0x21, 0x4a6, &(0x7f0000000a40)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
quotactl$Q_SETQUOTA(0xffffffff80000801, &(0x7f0000000000)=@loop={'/dev/loop', 0x0}, 0xee00, &(0x7f0000000080)={0x0, 0x1, 0x0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x278d1aff})

program did not crash
testing program (duration=30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_usb_connect$cdc_ncm-syz_usb_control_io$cdc_ncm-syz_usb_control_io$cdc_ncm-syz_usb_control_io-syz_usb_control_io$cdc_ncm-syz_usb_control_io$cdc_ncm-syz_usb_control_io-syz_usb_disconnect-syz_usb_connect$cdc_ecm
detailed listing:
executing program 0:
r0 = syz_usb_connect$cdc_ncm(0x0, 0x7a, &(0x7f0000000140)=ANY=[@ANYBLOB="12010000020000402505a1a44000010203010902680002010040000904000001020e0000052406000105240000000d240f0100000000000000000006241a0000000c241b4800050000050080050905810300020000000904010000020d00000904010102020d0000090582020004000000090503020002"], 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000a00)={0x84, &(0x7f0000000600)={0x40, 0x16, 0x12, "c42ce5a4991b2b931a404c02c2e3a93f0870"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, &(0x7f0000000080)={0x14, 0x0, &(0x7f0000000040)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
syz_usb_connect$cdc_ecm(0x0, 0x5e, 0x0, 0x0)

program did not crash
testing program (duration=30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$vfat-mount$bind-mount$bind-io_setup-syz_open_procfs-io_submit-io_submit-umount2
detailed listing:
executing program 0:
syz_mount_image$vfat(&(0x7f0000000280), &(0x7f00000001c0)='./file0\x00', 0x89d8acdc520a1335, 0xffffffffffffffff, 0x40, 0x0, 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(&(0x7f0000000300)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x9101a, 0x0)
io_setup(0x4, &(0x7f00000014c0)=<r0=>0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000002c0)='mounts\x00')
io_submit(r0, 0x1, &(0x7f0000000180)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}])
io_submit(0x0, 0x0, 0x0)
umount2(&(0x7f0000000140)='./file0\x00', 0xa)

program did not crash
testing program (duration=30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$vfat-mount$bind-mount$bind-io_setup-syz_open_procfs-io_submit-io_submit-umount2
detailed listing:
executing program 0:
syz_mount_image$vfat(&(0x7f0000000280), &(0x7f00000001c0)='./file0\x00', 0x89d8acdc520a1335, 0xffffffffffffffff, 0x40, 0x0, 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(&(0x7f0000000300)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x9101a, 0x0)
io_setup(0x4, &(0x7f00000014c0)=<r0=>0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000002c0)='mounts\x00')
io_submit(r0, 0x1, &(0x7f0000000180)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}])
io_submit(0x0, 0x0, 0x0)
umount2(&(0x7f0000000140)='./file0\x00', 0xa)

program did not crash
testing program (duration=30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-ioctl$KVM_CREATE_VM-syz_kvm_setup_cpu$x86-ioctl$KVM_CREATE_IRQCHIP-ioctl$KVM_CREATE_PIT2-ioctl$KVM_CREATE_VCPU-ioctl$KVM_SET_PIT-ioctl$KVM_SET_USER_MEMORY_REGION-ioctl$KVM_SET_REGS-ioctl$KVM_RUN
detailed listing:
executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f00000001c0)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c00f3266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040))
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {0x0, 0xb7f, 0x0, 0x0, 0x0, 0x3, 0x20, 0x0, 0x0, 0x0, 0x40}, {0x0, 0x0, 0x10, 0x0, 0x0, 0x1}]})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2004cb, 0x0, 0xfffffffffffffffc], 0x0, 0x200})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

program crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted
single: successfully extracted reproducer
found reproducer with 10 syscalls
minimizing guilty program
testing program (duration=31.501727401s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-ioctl$KVM_CREATE_VM-syz_kvm_setup_cpu$x86-ioctl$KVM_CREATE_IRQCHIP-ioctl$KVM_CREATE_PIT2-ioctl$KVM_CREATE_VCPU-ioctl$KVM_SET_PIT-ioctl$KVM_SET_USER_MEMORY_REGION-ioctl$KVM_SET_REGS
detailed listing:
executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f00000001c0)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c00f3266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040))
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {0x0, 0xb7f, 0x0, 0x0, 0x0, 0x3, 0x20, 0x0, 0x0, 0x0, 0x40}, {0x0, 0x0, 0x10, 0x0, 0x0, 0x1}]})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2004cb, 0x0, 0xfffffffffffffffc], 0x0, 0x200})

program did not crash
testing program (duration=31.501727401s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-ioctl$KVM_CREATE_VM-syz_kvm_setup_cpu$x86-ioctl$KVM_CREATE_IRQCHIP-ioctl$KVM_CREATE_PIT2-ioctl$KVM_CREATE_VCPU-ioctl$KVM_SET_PIT-ioctl$KVM_SET_USER_MEMORY_REGION-ioctl$KVM_RUN
detailed listing:
executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f00000001c0)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c00f3266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040))
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {0x0, 0xb7f, 0x0, 0x0, 0x0, 0x3, 0x20, 0x0, 0x0, 0x0, 0x40}, {0x0, 0x0, 0x10, 0x0, 0x0, 0x1}]})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

program crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted
testing program (duration=31.501727401s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-ioctl$KVM_CREATE_VM-syz_kvm_setup_cpu$x86-ioctl$KVM_CREATE_IRQCHIP-ioctl$KVM_CREATE_PIT2-ioctl$KVM_CREATE_VCPU-ioctl$KVM_SET_PIT-ioctl$KVM_RUN
detailed listing:
executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f00000001c0)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c00f3266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040))
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {0x0, 0xb7f, 0x0, 0x0, 0x0, 0x3, 0x20, 0x0, 0x0, 0x0, 0x40}, {0x0, 0x0, 0x10, 0x0, 0x0, 0x1}]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

program crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted
testing program (duration=31.501727401s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-ioctl$KVM_CREATE_VM-syz_kvm_setup_cpu$x86-ioctl$KVM_CREATE_IRQCHIP-ioctl$KVM_CREATE_PIT2-ioctl$KVM_CREATE_VCPU-ioctl$KVM_RUN
detailed listing:
executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f00000001c0)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c00f3266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040))
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

program crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted
testing program (duration=31.501727401s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-ioctl$KVM_CREATE_VM-syz_kvm_setup_cpu$x86-ioctl$KVM_CREATE_IRQCHIP-ioctl$KVM_CREATE_PIT2-ioctl$KVM_RUN
detailed listing:
executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f00000001c0)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c00f3266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040))
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

program did not crash
testing program (duration=31.501727401s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-ioctl$KVM_CREATE_VM-syz_kvm_setup_cpu$x86-ioctl$KVM_CREATE_IRQCHIP-ioctl$KVM_CREATE_VCPU-ioctl$KVM_RUN
detailed listing:
executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f00000001c0)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c00f3266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

program crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted
testing program (duration=31.501727401s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-ioctl$KVM_CREATE_VM-syz_kvm_setup_cpu$x86-ioctl$KVM_CREATE_VCPU-ioctl$KVM_RUN
detailed listing:
executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f00000001c0)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c00f3266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x0, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

program did not crash
testing program (duration=31.501727401s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-ioctl$KVM_CREATE_VM-ioctl$KVM_CREATE_IRQCHIP-ioctl$KVM_CREATE_VCPU-ioctl$KVM_RUN
detailed listing:
executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

program crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted
testing program (duration=31.501727401s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-ioctl$KVM_CREATE_IRQCHIP-ioctl$KVM_CREATE_VCPU-ioctl$KVM_RUN
detailed listing:
executing program 0:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_RUN(r0, 0xae80, 0x0)

program did not crash
testing program (duration=31.501727401s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): ioctl$KVM_CREATE_VM-ioctl$KVM_CREATE_IRQCHIP-ioctl$KVM_CREATE_VCPU-ioctl$KVM_RUN
detailed listing:
executing program 0:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)

program did not crash
testing program (duration=31.501727401s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-ioctl$KVM_CREATE_VM-ioctl$KVM_CREATE_IRQCHIP-ioctl$KVM_CREATE_VCPU-ioctl$KVM_RUN
detailed listing:
executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

program did not crash
extracting C reproducer
testing compiled C program (duration=31.501727401s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-ioctl$KVM_CREATE_VM-ioctl$KVM_CREATE_IRQCHIP-ioctl$KVM_CREATE_VCPU-ioctl$KVM_RUN
program crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted
simplifying C reproducer
testing compiled C program (duration=31.501727401s, {Threaded:false Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-ioctl$KVM_CREATE_VM-ioctl$KVM_CREATE_IRQCHIP-ioctl$KVM_CREATE_VCPU-ioctl$KVM_RUN
program crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted
testing compiled C program (duration=31.501727401s, {Threaded:false Repeat:false RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:false Cgroups:false BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-ioctl$KVM_CREATE_VM-ioctl$KVM_CREATE_IRQCHIP-ioctl$KVM_CREATE_VCPU-ioctl$KVM_RUN
program did not crash
testing compiled C program (duration=31.501727401s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-ioctl$KVM_CREATE_VM-ioctl$KVM_CREATE_IRQCHIP-ioctl$KVM_CREATE_VCPU-ioctl$KVM_RUN
program crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted
testing compiled C program (duration=31.501727401s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:false UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-ioctl$KVM_CREATE_VM-ioctl$KVM_CREATE_IRQCHIP-ioctl$KVM_CREATE_VCPU-ioctl$KVM_RUN
program crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted
testing compiled C program (duration=31.501727401s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:false UseTmpDir:false HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-ioctl$KVM_CREATE_VM-ioctl$KVM_CREATE_IRQCHIP-ioctl$KVM_CREATE_VCPU-ioctl$KVM_RUN
program crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted
testing compiled C program (duration=31.501727401s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:false UseTmpDir:false HandleSegv:false Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-ioctl$KVM_CREATE_VM-ioctl$KVM_CREATE_IRQCHIP-ioctl$KVM_CREATE_VCPU-ioctl$KVM_RUN
program crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted
testing compiled C program (duration=31.501727401s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:false HandleSegv:false Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-ioctl$KVM_CREATE_VM-ioctl$KVM_CREATE_IRQCHIP-ioctl$KVM_CREATE_VCPU-ioctl$KVM_RUN
program crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted
reproducing took 22m49.347240373s
repro crashed as (corrupted=true):
BUG: kernel NULL pointer dereference, address: 0000000000000086
#PF: supervisor instruction fetch in kernel mode
#PF: error_code(0x0010) - not-present page
PGD 1ef57c067 P4D 1ef57c067 PUD 1dd5ea067 PMD 0 
Oops: 0010 [#1] PREEMPT SMP KASAN
CPU: 1 PID: 352 Comm: syz-executor184 Not tainted 5.4.289-syzkaller-00028-g3f2c17e79750 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
RIP: 0010:0x86
Code: Bad RIP value.
RSP: 0018:ffff8881dc24f308 EFLAGS: 00010086
RAX: ffff8881dc24f338 RBX: dffffc0000000000 RCX: ffff8881f30e8fc0
RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
RBP: 0000000000000ec0 R08: ffffffff8231c921 R09: ffffffff811c8f95
R10: ffff8881f30e8fc0 R11: 0000000000000002 R12: ffffffff84601550
R13: fffffe0000000ec8 R14: ffff8881dc288000 R15: fffffe0000000ecb
FS:  0000555576507380(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000000000000005c CR3: 00000001ef5e8000 CR4: 00000000003426a0
Call Trace:
Modules linked in:
CR2: 0000000000000086
---[ end trace 7036fcc1c9d54980 ]---
RIP: 0010:0x86
Code: Bad RIP value.
RSP: 0018:ffff8881dc24f308 EFLAGS: 00010086
RAX: ffff8881dc24f338 RBX: dffffc0000000000 RCX: ffff8881f30e8fc0
RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
RBP: 0000000000000ec0 R08: ffffffff8231c921 R09: ffffffff811c8f95
R10: ffff8881f30e8fc0 R11: 0000000000000002 R12: ffffffff84601550
R13: fffffe0000000ec8 R14: ffff8881dc288000 R15: fffffe0000000ecb
FS:  0000555576507380(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000000000000005c CR3: 00000001ef5e8000 CR4: 00000000003426a0

report is corrupted, running repro again
testing compiled C program (duration=31.501727401s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:false HandleSegv:false Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-ioctl$KVM_CREATE_VM-ioctl$KVM_CREATE_IRQCHIP-ioctl$KVM_CREATE_VCPU-ioctl$KVM_RUN
program crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted
report is corrupted, running repro again
testing compiled C program (duration=31.501727401s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:false HandleSegv:false Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-ioctl$KVM_CREATE_VM-ioctl$KVM_CREATE_IRQCHIP-ioctl$KVM_CREATE_VCPU-ioctl$KVM_RUN
program crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted
report is corrupted, running repro again
testing compiled C program (duration=31.501727401s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:false HandleSegv:false Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-ioctl$KVM_CREATE_VM-ioctl$KVM_CREATE_IRQCHIP-ioctl$KVM_CREATE_VCPU-ioctl$KVM_RUN
program crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted
final repro crashed as (corrupted=true):
BUG: kernel NULL pointer dereference, address: 0000000000000086
#PF: supervisor instruction fetch in kernel mode
#PF: error_code(0x0010) - not-present page
PGD 1ed262067 P4D 1ed262067 PUD 1eee6e067 PMD 0 
Oops: 0010 [#1] PREEMPT SMP KASAN
CPU: 1 PID: 481 Comm: syz-executor460 Not tainted 5.4.289-syzkaller-00028-g3f2c17e79750 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
RIP: 0010:0x86
Code: Bad RIP value.
RSP: 0018:ffff8881eb65f308 EFLAGS: 00010086
RAX: ffff8881eb65f338 RBX: dffffc0000000000 RCX: ffff8881eb640000
RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
RBP: 0000000000000ec0 R08: ffffffff8231c921 R09: ffffffff811c8f95
R10: ffff8881eb640000 R11: 0000000000000002 R12: ffffffff84601550
R13: fffffe0000000ec8 R14: ffff8881ead70000 R15: fffffe0000000ecb
FS:  000055555f80f380(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000000000000005c CR3: 00000001ec5de000 CR4: 00000000003426a0
Call Trace:
Modules linked in:
CR2: 0000000000000086
---[ end trace b8030f8597ac4ef5 ]---
RIP: 0010:0x86
Code: Bad RIP value.
RSP: 0018:ffff8881eb65f308 EFLAGS: 00010086
RAX: ffff8881eb65f338 RBX: dffffc0000000000 RCX: ffff8881eb640000
RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
RBP: 0000000000000ec0 R08: ffffffff8231c921 R09: ffffffff811c8f95
R10: ffff8881eb640000 R11: 0000000000000002 R12: ffffffff84601550
R13: fffffe0000000ec8 R14: ffff8881ead70000 R15: fffffe0000000ecb
FS:  000055555f80f380(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000000000000005c CR3: 00000001ec5de000 CR4: 00000000003426a0