Extracting prog: 7m27.257406978s
Minimizing prog: 10m17.040615561s
Simplifying prog options: 0s
Extracting C: 20.917753911s
Simplifying C: 13m59.657797802s


extracting reproducer from 51 programs
testing a last program of every proc
single: executing 11 programs separately with timeout 30s
testing program (duration=30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-ioctl$KVM_CREATE_VM-ioctl$KVM_CREATE_IRQCHIP-ioctl$KVM_CREATE_VCPU-ioctl$KVM_RUN-timer_create-timer_settime-timer_create-timer_settime
detailed listing:
executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12}, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f00000008c0)={{0x0, 0x3938700}, {0x0, 0x3938700}}, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x13, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000240)=<r3=>0x0)
timer_settime(r3, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)

program did not crash
testing program (duration=30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$nl_netfilter-sendmsg$IPCTNL_MSG_TIMEOUT_DELETE-socket$netlink-sendmsg$nl_route-socket$netlink-socket$inet6_icmp_raw-ioctl$sock_SIOCGIFINDEX-socket$netlink-sendmsg$nl_route
detailed listing:
executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_DELETE(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000600)={0x14, 0x2, 0x8, 0x201}, 0x14}}, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000100)=@newlink={0x44, 0x10, 0xffffff1f, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x4}}}, @IFLA_ADDRESS={0xa, 0x1, @multicast}]}, 0x44}}, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00', <r3=>0x0})
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=@bridge_delneigh={0x28, 0x1c, 0xc07, 0x0, 0x0, {0x7, 0x0, 0x0, r3, 0x80}, [@NDA_LLADDR={0xa, 0x2, @remote}]}, 0x28}}, 0x0)

program did not crash
testing program (duration=30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$xdp-setsockopt$XDP_UMEM_REG-setsockopt$XDP_UMEM_COMPLETION_RING-socket$inet6_udplite-setsockopt$XDP_RX_RING-ioctl$ifreq_SIOCGIFINDEX_batadv_hard-setsockopt$XDP_UMEM_FILL_RING-bind$xdp-setsockopt$XDP_UMEM_FILL_RING
detailed listing:
executing program 0:
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c)
setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$XDP_RX_RING(r0, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f00000002c0)={'batadv_slave_1\x00', <r2=>0x0})
setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f0000000140)=0x1, 0x4)
bind$xdp(r0, &(0x7f0000000100)={0x2c, 0x0, r2}, 0x10)
setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f0000000180), 0x4)

program did not crash
testing program (duration=30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$BPF_PROG_TEST_RUN-sendmsg$inet-recvmsg-bpf$PROG_LOAD-openat$kvm-ioctl$KVM_CREATE_VM-eventfd2-ioctl$KVM_IOEVENTFD-ioctl$KVM_UNREGISTER_COALESCED_MMIO
detailed listing:
executing program 0:
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x20000000)
recvmsg(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = eventfd2(0x0, 0x0)
ioctl$KVM_IOEVENTFD(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, r2})
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r1, 0xc018aec0, &(0x7f0000000140)={0x2})

program did not crash
testing program (duration=30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): connect$inet6-syz_usb_connect$hid-syz_usb_control_io$hid-ioctl$KVM_CREATE_VCPU-syz_usb_control_io$hid-syz_usb_control_io$hid-syz_usb_control_io$hid-openat$cgroup_ro-bpf$MAP_CREATE
detailed listing:
executing program 0:
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000640)=ANY=[@ANYBLOB="1201000000000010c41090ea40000000000109022400010000000009040000010301000009210000000122050009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000000)={0x24, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="002205"], 0x0}, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000340)={0x2c, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="200125"], 0x0})
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000440)={0x2c, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="20010e"], 0x0})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='blkio.bfq.sectors_recursive\x00', 0x26e1, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x21)

program did not crash
testing program (duration=30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$vhost_vsock-ioctl$VHOST_SET_VRING_BASE-eventfd-ioctl$VHOST_SET_MEM_TABLE-ioctl$VHOST_SET_VRING_KICK-ioctl$VHOST_SET_VRING_ADDR-ioctl$VHOST_SET_VRING_ADDR-ioctl$VHOST_VSOCK_SET_RUNNING-ioctl$VHOST_SET_LOG_BASE
detailed listing:
executing program 0:
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0x103)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f00000001c0))
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f00000005c0)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f00000003c0)={0x0, 0x0, 0x0, &(0x7f0000000080)=""/62, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/68, 0x0, 0x8080000})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)
ioctl$VHOST_SET_LOG_BASE(r0, 0x4008af04, &(0x7f0000000140)=&(0x7f00000002c0))

program did not crash
testing program (duration=30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$vhost_vsock-ioctl$VHOST_SET_VRING_BASE-eventfd-ioctl$VHOST_SET_MEM_TABLE-ioctl$VHOST_SET_VRING_KICK-ioctl$VHOST_SET_VRING_ADDR-ioctl$VHOST_SET_VRING_ADDR-ioctl$VHOST_VSOCK_SET_RUNNING-ioctl$VHOST_SET_LOG_BASE
detailed listing:
executing program 0:
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0x103)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f00000001c0))
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f00000005c0)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f00000003c0)={0x0, 0x0, 0x0, &(0x7f0000000080)=""/62, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/68, 0x0, 0x8080000})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)
ioctl$VHOST_SET_LOG_BASE(r0, 0x4008af04, &(0x7f0000000140)=&(0x7f00000002c0))

program did not crash
testing program (duration=30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$ext4-openat-openat-openat-pwritev2-openat-pwritev2-ioctl$EXT4_IOC_MOVE_EXT
detailed listing:
executing program 0:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f00000001c0), 0x1, 0x4c6, &(0x7f00000012c0)="$eJzs3c1rHGUYAPB3dps0SaP9UKStYAsV6gfN5gNpol48qYeCWPCiUGOyjTWbbMhuahN6SPXWgwdRFMSDd/8CL/ZkEcSz3sWDVLRGUEFYmdndNl+7LprutJnfDyb7zsfu875Znndn3p3ZCUBmHY//RCEMhhC+DSHsr89u3OB4/WHt5uWpeIpCrXb2lyjZLp5vbtp83r4QwmoIoS+E8PLzIbwRbY1bWV6ZnSyViouN+UJ1bqFQWV45dWFucqY4U5wfGT89MTE+PDY6sWNtvfreW1fPfPFi7+d/vHvj+vtffRlXa7Cxbn07dlK96T3h4Lple0IIz96JYCnIN9rTn3ZF+E/i9++BEMKJJP/3h3zybgJZUKvVan/X9rZavVoDdq1csg8c5YZCCPVyLjc0VN+HfzAM5ErlSvXJ8+Wl+en6vvKB0JM7f6FUHG4cKxwIPVE8P5KUb8+PbpofCyHZB/4g35/MD02VS9Pd7eqATfZtyv/f8/X8BzLCIT9kl/yH7JL/kF3yH7JL/kN2yX/Irvb539O1egDd5/Mfskv+Q3bJf8gu+Q+Z9NKZM/FUa17/Pn1xeWm2fPHUdLEyOzS3NDU0VV5cGJopl2eSa3bm/u31SuXywshTYelSoVqsVAuV5ZVzc+Wl+eq55Lr+c0WDiXD3OHjs2vdRCGH16f5kivU21slV2N1qtSikfQ0ykI582h0QkBpDf5BdjvGBzT/Ru3m/oK/VExdujxcC95Zc2hUAUnPyiO//IKuM/0N2Gf+H7LKPD2xzi74N2o3/A/emDsb/B7tRD6D7Blvc/+u+5N5d16Pmvb7uDyF8l+/Z27zXF7Ab5H6KGvv/J/c/uuWzvjf6M/mKoDeE8PYnZz+6NFmtLo7Ey3+9tbz6cWP56LontjxgANLSzNNmHgMA2bV28/JUc+pm3J+fq5+EsDX+nsbYZF/yHeXAWrThXIVoh85dWL0SQji8Xfyocb/z+oHMwFp+S/xDjceo/hJJffck903vTvwj6+I/si7+0f/9X4FsuBb3P8Pb5V8uyelwK/829j+DO3TuROv+L3er/8u36P+OdRjjzU/f+bFl/CshHN02fjNeXxJrc/y4bic7jH/jtVcearWu9ln9dbaL3xSXCtW5hUJleeVU8jtyM8X5kfHTExPjw2OjE4VkjLrQHKne6pnD31xv1/6BFvHbtT9e9niH7f/r4a9fPd4m/mMntn//D7WJ3x9CeKLD+L+N/vB6q3Vx/OkW7c+1iR8vG+swfuXDF/Z2uCkA0AWV5ZXZyVKpuJhSoS+kGV1BIf3ClbujGpsKafdMwJ1WWY4PzeOkT7smAAAAAAAAAAAAQKe6cTpx2m0EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANgN/gkAAP//wPPUxg==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x107042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x187842, 0x147)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x103042, 0x0)
pwritev2(r2, &(0x7f0000000200)=[{&(0x7f0000001b40)="a7", 0x1}], 0x1, 0x8000, 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x143042, 0x0)
pwritev2(r3, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5405, 0x0, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f0000000240)={0x3920e, r0, 0x4, 0x0, 0x0, 0x3})

program did not crash
testing program (duration=30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$ext4-openat-openat-openat-pwritev2-openat-pwritev2-ioctl$EXT4_IOC_MOVE_EXT
detailed listing:
executing program 0:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f00000001c0), 0x1, 0x4c6, &(0x7f00000012c0)="$eJzs3c1rHGUYAPB3dps0SaP9UKStYAsV6gfN5gNpol48qYeCWPCiUGOyjTWbbMhuahN6SPXWgwdRFMSDd/8CL/ZkEcSz3sWDVLRGUEFYmdndNl+7LprutJnfDyb7zsfu875Znndn3p3ZCUBmHY//RCEMhhC+DSHsr89u3OB4/WHt5uWpeIpCrXb2lyjZLp5vbtp83r4QwmoIoS+E8PLzIbwRbY1bWV6ZnSyViouN+UJ1bqFQWV45dWFucqY4U5wfGT89MTE+PDY6sWNtvfreW1fPfPFi7+d/vHvj+vtffRlXa7Cxbn07dlK96T3h4Lple0IIz96JYCnIN9rTn3ZF+E/i9++BEMKJJP/3h3zybgJZUKvVan/X9rZavVoDdq1csg8c5YZCCPVyLjc0VN+HfzAM5ErlSvXJ8+Wl+en6vvKB0JM7f6FUHG4cKxwIPVE8P5KUb8+PbpofCyHZB/4g35/MD02VS9Pd7eqATfZtyv/f8/X8BzLCIT9kl/yH7JL/kF3yH7JL/kN2yX/Irvb539O1egDd5/Mfskv+Q3bJf8gu+Q+Z9NKZM/FUa17/Pn1xeWm2fPHUdLEyOzS3NDU0VV5cGJopl2eSa3bm/u31SuXywshTYelSoVqsVAuV5ZVzc+Wl+eq55Lr+c0WDiXD3OHjs2vdRCGH16f5kivU21slV2N1qtSikfQ0ykI582h0QkBpDf5BdjvGBzT/Ru3m/oK/VExdujxcC95Zc2hUAUnPyiO//IKuM/0N2Gf+H7LKPD2xzi74N2o3/A/emDsb/B7tRD6D7Blvc/+u+5N5d16Pmvb7uDyF8l+/Z27zXF7Ab5H6KGvv/J/c/uuWzvjf6M/mKoDeE8PYnZz+6NFmtLo7Ey3+9tbz6cWP56LontjxgANLSzNNmHgMA2bV28/JUc+pm3J+fq5+EsDX+nsbYZF/yHeXAWrThXIVoh85dWL0SQji8Xfyocb/z+oHMwFp+S/xDjceo/hJJffck903vTvwj6+I/si7+0f/9X4FsuBb3P8Pb5V8uyelwK/829j+DO3TuROv+L3er/8u36P+OdRjjzU/f+bFl/CshHN02fjNeXxJrc/y4bic7jH/jtVcearWu9ln9dbaL3xSXCtW5hUJleeVU8jtyM8X5kfHTExPjw2OjE4VkjLrQHKne6pnD31xv1/6BFvHbtT9e9niH7f/r4a9fPd4m/mMntn//D7WJ3x9CeKLD+L+N/vB6q3Vx/OkW7c+1iR8vG+swfuXDF/Z2uCkA0AWV5ZXZyVKpuJhSoS+kGV1BIf3ClbujGpsKafdMwJ1WWY4PzeOkT7smAAAAAAAAAAAAQKe6cTpx2m0EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANgN/gkAAP//wPPUxg==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x107042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x187842, 0x147)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x103042, 0x0)
pwritev2(r2, &(0x7f0000000200)=[{&(0x7f0000001b40)="a7", 0x1}], 0x1, 0x8000, 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x143042, 0x0)
pwritev2(r3, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5405, 0x0, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f0000000240)={0x3920e, r0, 0x4, 0x0, 0x0, 0x3})

program did not crash
testing program (duration=30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-ioctl$KVM_CREATE_VM-syz_mount_image$vfat-ioctl$KVM_CAP_SPLIT_IRQCHIP-ioctl$KVM_CREATE_VCPU-syz_kvm_setup_cpu$x86-setsockopt$inet_group_source_req-ioctl$KVM_SET_VCPU_EVENTS-ioctl$KVM_RUN
detailed listing:
executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x8c57, &(0x7f0000000340)=ANY=[@ANYBLOB="666c7573682c756e695f786c6174653d312c6e6f6e756d7461696c3d302c73686f72746e616d653d6c6f7765722c757466383d312c6e6f6e756d7461696c3d302c756e695f786c6174653d312c646f733178666c6f7070792c636865636b3d72656c617865642c73686f72746e616d653d77696e6e742c726f6469722c73686f72746e616d653d77696e6e742c756e695f786c6174653d312c6e6f6e756d7461696c3d302c757365667265652c757466383d312c00b3c6df3745b1b2f7ea92d20d3f3ffa31ec18e46c7acb9a9107d3ce985f76b3a3dc9d46f6169759de80d2f3cf06d8371513b924dffc1f6593f8aebd687934be114c6763c847faf7c4d3fae3941cabc5ab2e9e5b3d2c39a940e89c46b2a11ff48439b8c9df29ab8fa870da2aea26caf8c72d4e9b093cf5f95b64d5864755b8be6e0fcb0e3d58e260b9ba7f96d7f8d7a853964b0aba61dc573dfb949cc8e577059a6abd2708ab31a9c71522fca70047fcc10e67fe50d6af857dee630aaa3c192f7a1a8f33"], 0xf5, 0x2e6, &(0x7f0000000540)="$eJzs3ctrE18UwPGTV5O0v/6ShYiIwqWCKNKhCbhz0SItiAGlbQQrCFM71ZBpUjKhEBGbheDWtYsuXIoggjs3Im678S/wteumOwsWR6Yzk6bJGNNqX/b7WTSnOffMvZm56eO2uVm59GSuOGtp321XdFjqshaStIQlIq66nH+/9On0xLv/3M+VGhuZzGSVCovIrQcvBt5W+268/v9NXJbTt1dWs1+XT02K/Ji8V7BUwVIl21a6mi6XqyGneKZgFTWlrpuGbhmqULKMStXL69OmoWbN8vx8Temlmf7e+YphWUov1VTRqKlqWVUrNaXf1QslpWma6u8ViEi6EYXbcqFOhfnna7Ytq86Fj9fFtu2A1nU/iHm38T8bLA6SluvfsW3b5Ijs5siwF9bsaNfXH/8e9/n/+SnX/2iauDl1dSSXGx1XKiEy93ghv5B3b938xz4piCmGLI1fmFoXsRsk5Hwcu5IbHVIb0nJ2btGrX1zIu98cRma9+oyknJ9TmurFr8+49WprfUx6m+uzkpJjwfVZv17CTfU9cu5MU70mKflwR8piyow4tZv1DzNKXb6Wa+k/udEOAAAAAAAAAIDDSFMNm+v3oc0/9WpafOM/Phr5pHOv087NN9bXhyQl68Hr80OB6/tRORndv8cNAAAAAMBRYtXuF3XTNCq7E0SeJTt0ERMRJxB5NOAMpuMBj3sj7q73HhFpT0U6d7ElSF50+3s57g1MdvNE/aXAf7FGUTdf+amkBDUOb2sCDPYEnvnEnj5A6aaxJHY2seNdT63WILTu33MisI0d+v1xbN2Mba/34W09HX4ZJFpP1OAX97hmhy8a3xpLfAAAAAAOkaZfnAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwD7Z0eZh/r79W1PivUV8+5Zsre8Tz77/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6gnwEAAP//JZK+GA==")
ioctl$KVM_CAP_SPLIT_IRQCHIP(r1, 0x4068aea3, &(0x7f0000000180)={0x79, 0x0, 0x1})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000080)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d90000002e460f01c50f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x45}], 0x1, 0x43, 0x0, 0x0)
setsockopt$inet_group_source_req(0xffffffffffffffff, 0x0, 0x2b, &(0x7f00000004c0)={0x2, {{0x2, 0x0, @local}}, {{0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x29}}}}, 0x108)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@x86={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

program crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted
single: successfully extracted reproducer
found reproducer with 9 syscalls
minimizing guilty program
testing program (duration=32.472163738s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-ioctl$KVM_CREATE_VM-syz_mount_image$vfat-ioctl$KVM_CAP_SPLIT_IRQCHIP-ioctl$KVM_CREATE_VCPU-syz_kvm_setup_cpu$x86-setsockopt$inet_group_source_req-ioctl$KVM_SET_VCPU_EVENTS
detailed listing:
executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x8c57, &(0x7f0000000340)=ANY=[@ANYBLOB="666c7573682c756e695f786c6174653d312c6e6f6e756d7461696c3d302c73686f72746e616d653d6c6f7765722c757466383d312c6e6f6e756d7461696c3d302c756e695f786c6174653d312c646f733178666c6f7070792c636865636b3d72656c617865642c73686f72746e616d653d77696e6e742c726f6469722c73686f72746e616d653d77696e6e742c756e695f786c6174653d312c6e6f6e756d7461696c3d302c757365667265652c757466383d312c00b3c6df3745b1b2f7ea92d20d3f3ffa31ec18e46c7acb9a9107d3ce985f76b3a3dc9d46f6169759de80d2f3cf06d8371513b924dffc1f6593f8aebd687934be114c6763c847faf7c4d3fae3941cabc5ab2e9e5b3d2c39a940e89c46b2a11ff48439b8c9df29ab8fa870da2aea26caf8c72d4e9b093cf5f95b64d5864755b8be6e0fcb0e3d58e260b9ba7f96d7f8d7a853964b0aba61dc573dfb949cc8e577059a6abd2708ab31a9c71522fca70047fcc10e67fe50d6af857dee630aaa3c192f7a1a8f33"], 0xf5, 0x2e6, &(0x7f0000000540)="$eJzs3ctrE18UwPGTV5O0v/6ShYiIwqWCKNKhCbhz0SItiAGlbQQrCFM71ZBpUjKhEBGbheDWtYsuXIoggjs3Im678S/wteumOwsWR6Yzk6bJGNNqX/b7WTSnOffMvZm56eO2uVm59GSuOGtp321XdFjqshaStIQlIq66nH+/9On0xLv/3M+VGhuZzGSVCovIrQcvBt5W+268/v9NXJbTt1dWs1+XT02K/Ji8V7BUwVIl21a6mi6XqyGneKZgFTWlrpuGbhmqULKMStXL69OmoWbN8vx8Temlmf7e+YphWUov1VTRqKlqWVUrNaXf1QslpWma6u8ViEi6EYXbcqFOhfnna7Ytq86Fj9fFtu2A1nU/iHm38T8bLA6SluvfsW3b5Ijs5siwF9bsaNfXH/8e9/n/+SnX/2iauDl1dSSXGx1XKiEy93ghv5B3b938xz4piCmGLI1fmFoXsRsk5Hwcu5IbHVIb0nJ2btGrX1zIu98cRma9+oyknJ9TmurFr8+49WprfUx6m+uzkpJjwfVZv17CTfU9cu5MU70mKflwR8piyow4tZv1DzNKXb6Wa+k/udEOAAAAAAAAAIDDSFMNm+v3oc0/9WpafOM/Phr5pHOv087NN9bXhyQl68Hr80OB6/tRORndv8cNAAAAAMBRYtXuF3XTNCq7E0SeJTt0ERMRJxB5NOAMpuMBj3sj7q73HhFpT0U6d7ElSF50+3s57g1MdvNE/aXAf7FGUTdf+amkBDUOb2sCDPYEnvnEnj5A6aaxJHY2seNdT63WILTu33MisI0d+v1xbN2Mba/34W09HX4ZJFpP1OAX97hmhy8a3xpLfAAAAAAOkaZfnAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwD7Z0eZh/r79W1PivUV8+5Zsre8Tz77/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6gnwEAAP//JZK+GA==")
ioctl$KVM_CAP_SPLIT_IRQCHIP(r1, 0x4068aea3, &(0x7f0000000180)={0x79, 0x0, 0x1})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000080)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d90000002e460f01c50f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x45}], 0x1, 0x43, 0x0, 0x0)
setsockopt$inet_group_source_req(0xffffffffffffffff, 0x0, 0x2b, &(0x7f00000004c0)={0x2, {{0x2, 0x0, @local}}, {{0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x29}}}}, 0x108)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@x86={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8})

program did not crash
testing program (duration=32.472163738s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-ioctl$KVM_CREATE_VM-syz_mount_image$vfat-ioctl$KVM_CAP_SPLIT_IRQCHIP-ioctl$KVM_CREATE_VCPU-syz_kvm_setup_cpu$x86-setsockopt$inet_group_source_req-ioctl$KVM_RUN
detailed listing:
executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x8c57, &(0x7f0000000340)=ANY=[@ANYBLOB="666c7573682c756e695f786c6174653d312c6e6f6e756d7461696c3d302c73686f72746e616d653d6c6f7765722c757466383d312c6e6f6e756d7461696c3d302c756e695f786c6174653d312c646f733178666c6f7070792c636865636b3d72656c617865642c73686f72746e616d653d77696e6e742c726f6469722c73686f72746e616d653d77696e6e742c756e695f786c6174653d312c6e6f6e756d7461696c3d302c757365667265652c757466383d312c00b3c6df3745b1b2f7ea92d20d3f3ffa31ec18e46c7acb9a9107d3ce985f76b3a3dc9d46f6169759de80d2f3cf06d8371513b924dffc1f6593f8aebd687934be114c6763c847faf7c4d3fae3941cabc5ab2e9e5b3d2c39a940e89c46b2a11ff48439b8c9df29ab8fa870da2aea26caf8c72d4e9b093cf5f95b64d5864755b8be6e0fcb0e3d58e260b9ba7f96d7f8d7a853964b0aba61dc573dfb949cc8e577059a6abd2708ab31a9c71522fca70047fcc10e67fe50d6af857dee630aaa3c192f7a1a8f33"], 0xf5, 0x2e6, &(0x7f0000000540)="$eJzs3ctrE18UwPGTV5O0v/6ShYiIwqWCKNKhCbhz0SItiAGlbQQrCFM71ZBpUjKhEBGbheDWtYsuXIoggjs3Im678S/wteumOwsWR6Yzk6bJGNNqX/b7WTSnOffMvZm56eO2uVm59GSuOGtp321XdFjqshaStIQlIq66nH+/9On0xLv/3M+VGhuZzGSVCovIrQcvBt5W+268/v9NXJbTt1dWs1+XT02K/Ji8V7BUwVIl21a6mi6XqyGneKZgFTWlrpuGbhmqULKMStXL69OmoWbN8vx8Temlmf7e+YphWUov1VTRqKlqWVUrNaXf1QslpWma6u8ViEi6EYXbcqFOhfnna7Ytq86Fj9fFtu2A1nU/iHm38T8bLA6SluvfsW3b5Ijs5siwF9bsaNfXH/8e9/n/+SnX/2iauDl1dSSXGx1XKiEy93ghv5B3b938xz4piCmGLI1fmFoXsRsk5Hwcu5IbHVIb0nJ2btGrX1zIu98cRma9+oyknJ9TmurFr8+49WprfUx6m+uzkpJjwfVZv17CTfU9cu5MU70mKflwR8piyow4tZv1DzNKXb6Wa+k/udEOAAAAAAAAAIDDSFMNm+v3oc0/9WpafOM/Phr5pHOv087NN9bXhyQl68Hr80OB6/tRORndv8cNAAAAAMBRYtXuF3XTNCq7E0SeJTt0ERMRJxB5NOAMpuMBj3sj7q73HhFpT0U6d7ElSF50+3s57g1MdvNE/aXAf7FGUTdf+amkBDUOb2sCDPYEnvnEnj5A6aaxJHY2seNdT63WILTu33MisI0d+v1xbN2Mba/34W09HX4ZJFpP1OAX97hmhy8a3xpLfAAAAAAOkaZfnAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwD7Z0eZh/r79W1PivUV8+5Zsre8Tz77/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6gnwEAAP//JZK+GA==")
ioctl$KVM_CAP_SPLIT_IRQCHIP(r1, 0x4068aea3, &(0x7f0000000180)={0x79, 0x0, 0x1})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000080)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d90000002e460f01c50f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x45}], 0x1, 0x43, 0x0, 0x0)
setsockopt$inet_group_source_req(0xffffffffffffffff, 0x0, 0x2b, &(0x7f00000004c0)={0x2, {{0x2, 0x0, @local}}, {{0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x29}}}}, 0x108)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

program crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted
testing program (duration=32.472163738s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-ioctl$KVM_CREATE_VM-syz_mount_image$vfat-ioctl$KVM_CAP_SPLIT_IRQCHIP-ioctl$KVM_CREATE_VCPU-syz_kvm_setup_cpu$x86-ioctl$KVM_RUN
detailed listing:
executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x8c57, &(0x7f0000000340)=ANY=[@ANYBLOB="666c7573682c756e695f786c6174653d312c6e6f6e756d7461696c3d302c73686f72746e616d653d6c6f7765722c757466383d312c6e6f6e756d7461696c3d302c756e695f786c6174653d312c646f733178666c6f7070792c636865636b3d72656c617865642c73686f72746e616d653d77696e6e742c726f6469722c73686f72746e616d653d77696e6e742c756e695f786c6174653d312c6e6f6e756d7461696c3d302c757365667265652c757466383d312c00b3c6df3745b1b2f7ea92d20d3f3ffa31ec18e46c7acb9a9107d3ce985f76b3a3dc9d46f6169759de80d2f3cf06d8371513b924dffc1f6593f8aebd687934be114c6763c847faf7c4d3fae3941cabc5ab2e9e5b3d2c39a940e89c46b2a11ff48439b8c9df29ab8fa870da2aea26caf8c72d4e9b093cf5f95b64d5864755b8be6e0fcb0e3d58e260b9ba7f96d7f8d7a853964b0aba61dc573dfb949cc8e577059a6abd2708ab31a9c71522fca70047fcc10e67fe50d6af857dee630aaa3c192f7a1a8f33"], 0xf5, 0x2e6, &(0x7f0000000540)="$eJzs3ctrE18UwPGTV5O0v/6ShYiIwqWCKNKhCbhz0SItiAGlbQQrCFM71ZBpUjKhEBGbheDWtYsuXIoggjs3Im678S/wteumOwsWR6Yzk6bJGNNqX/b7WTSnOffMvZm56eO2uVm59GSuOGtp321XdFjqshaStIQlIq66nH+/9On0xLv/3M+VGhuZzGSVCovIrQcvBt5W+268/v9NXJbTt1dWs1+XT02K/Ji8V7BUwVIl21a6mi6XqyGneKZgFTWlrpuGbhmqULKMStXL69OmoWbN8vx8Temlmf7e+YphWUov1VTRqKlqWVUrNaXf1QslpWma6u8ViEi6EYXbcqFOhfnna7Ytq86Fj9fFtu2A1nU/iHm38T8bLA6SluvfsW3b5Ijs5siwF9bsaNfXH/8e9/n/+SnX/2iauDl1dSSXGx1XKiEy93ghv5B3b938xz4piCmGLI1fmFoXsRsk5Hwcu5IbHVIb0nJ2btGrX1zIu98cRma9+oyknJ9TmurFr8+49WprfUx6m+uzkpJjwfVZv17CTfU9cu5MU70mKflwR8piyow4tZv1DzNKXb6Wa+k/udEOAAAAAAAAAIDDSFMNm+v3oc0/9WpafOM/Phr5pHOv087NN9bXhyQl68Hr80OB6/tRORndv8cNAAAAAMBRYtXuF3XTNCq7E0SeJTt0ERMRJxB5NOAMpuMBj3sj7q73HhFpT0U6d7ElSF50+3s57g1MdvNE/aXAf7FGUTdf+amkBDUOb2sCDPYEnvnEnj5A6aaxJHY2seNdT63WILTu33MisI0d+v1xbN2Mba/34W09HX4ZJFpP1OAX97hmhy8a3xpLfAAAAAAOkaZfnAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwD7Z0eZh/r79W1PivUV8+5Zsre8Tz77/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6gnwEAAP//JZK+GA==")
ioctl$KVM_CAP_SPLIT_IRQCHIP(r1, 0x4068aea3, &(0x7f0000000180)={0x79, 0x0, 0x1})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000080)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d90000002e460f01c50f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x45}], 0x1, 0x43, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

program crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted
testing program (duration=32.472163738s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-ioctl$KVM_CREATE_VM-syz_mount_image$vfat-ioctl$KVM_CAP_SPLIT_IRQCHIP-ioctl$KVM_CREATE_VCPU-ioctl$KVM_RUN
detailed listing:
executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x8c57, &(0x7f0000000340)=ANY=[@ANYBLOB="666c7573682c756e695f786c6174653d312c6e6f6e756d7461696c3d302c73686f72746e616d653d6c6f7765722c757466383d312c6e6f6e756d7461696c3d302c756e695f786c6174653d312c646f733178666c6f7070792c636865636b3d72656c617865642c73686f72746e616d653d77696e6e742c726f6469722c73686f72746e616d653d77696e6e742c756e695f786c6174653d312c6e6f6e756d7461696c3d302c757365667265652c757466383d312c00b3c6df3745b1b2f7ea92d20d3f3ffa31ec18e46c7acb9a9107d3ce985f76b3a3dc9d46f6169759de80d2f3cf06d8371513b924dffc1f6593f8aebd687934be114c6763c847faf7c4d3fae3941cabc5ab2e9e5b3d2c39a940e89c46b2a11ff48439b8c9df29ab8fa870da2aea26caf8c72d4e9b093cf5f95b64d5864755b8be6e0fcb0e3d58e260b9ba7f96d7f8d7a853964b0aba61dc573dfb949cc8e577059a6abd2708ab31a9c71522fca70047fcc10e67fe50d6af857dee630aaa3c192f7a1a8f33"], 0xf5, 0x2e6, &(0x7f0000000540)="$eJzs3ctrE18UwPGTV5O0v/6ShYiIwqWCKNKhCbhz0SItiAGlbQQrCFM71ZBpUjKhEBGbheDWtYsuXIoggjs3Im678S/wteumOwsWR6Yzk6bJGNNqX/b7WTSnOffMvZm56eO2uVm59GSuOGtp321XdFjqshaStIQlIq66nH+/9On0xLv/3M+VGhuZzGSVCovIrQcvBt5W+268/v9NXJbTt1dWs1+XT02K/Ji8V7BUwVIl21a6mi6XqyGneKZgFTWlrpuGbhmqULKMStXL69OmoWbN8vx8Temlmf7e+YphWUov1VTRqKlqWVUrNaXf1QslpWma6u8ViEi6EYXbcqFOhfnna7Ytq86Fj9fFtu2A1nU/iHm38T8bLA6SluvfsW3b5Ijs5siwF9bsaNfXH/8e9/n/+SnX/2iauDl1dSSXGx1XKiEy93ghv5B3b938xz4piCmGLI1fmFoXsRsk5Hwcu5IbHVIb0nJ2btGrX1zIu98cRma9+oyknJ9TmurFr8+49WprfUx6m+uzkpJjwfVZv17CTfU9cu5MU70mKflwR8piyow4tZv1DzNKXb6Wa+k/udEOAAAAAAAAAIDDSFMNm+v3oc0/9WpafOM/Phr5pHOv087NN9bXhyQl68Hr80OB6/tRORndv8cNAAAAAMBRYtXuF3XTNCq7E0SeJTt0ERMRJxB5NOAMpuMBj3sj7q73HhFpT0U6d7ElSF50+3s57g1MdvNE/aXAf7FGUTdf+amkBDUOb2sCDPYEnvnEnj5A6aaxJHY2seNdT63WILTu33MisI0d+v1xbN2Mba/34W09HX4ZJFpP1OAX97hmhy8a3xpLfAAAAAAOkaZfnAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwD7Z0eZh/r79W1PivUV8+5Zsre8Tz77/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6gnwEAAP//JZK+GA==")
ioctl$KVM_CAP_SPLIT_IRQCHIP(r1, 0x4068aea3, &(0x7f0000000180)={0x79, 0x0, 0x1})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

program crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted
testing program (duration=32.472163738s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-ioctl$KVM_CREATE_VM-syz_mount_image$vfat-ioctl$KVM_CAP_SPLIT_IRQCHIP-ioctl$KVM_RUN
detailed listing:
executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x8c57, &(0x7f0000000340)=ANY=[@ANYBLOB="666c7573682c756e695f786c6174653d312c6e6f6e756d7461696c3d302c73686f72746e616d653d6c6f7765722c757466383d312c6e6f6e756d7461696c3d302c756e695f786c6174653d312c646f733178666c6f7070792c636865636b3d72656c617865642c73686f72746e616d653d77696e6e742c726f6469722c73686f72746e616d653d77696e6e742c756e695f786c6174653d312c6e6f6e756d7461696c3d302c757365667265652c757466383d312c00b3c6df3745b1b2f7ea92d20d3f3ffa31ec18e46c7acb9a9107d3ce985f76b3a3dc9d46f6169759de80d2f3cf06d8371513b924dffc1f6593f8aebd687934be114c6763c847faf7c4d3fae3941cabc5ab2e9e5b3d2c39a940e89c46b2a11ff48439b8c9df29ab8fa870da2aea26caf8c72d4e9b093cf5f95b64d5864755b8be6e0fcb0e3d58e260b9ba7f96d7f8d7a853964b0aba61dc573dfb949cc8e577059a6abd2708ab31a9c71522fca70047fcc10e67fe50d6af857dee630aaa3c192f7a1a8f33"], 0xf5, 0x2e6, &(0x7f0000000540)="$eJzs3ctrE18UwPGTV5O0v/6ShYiIwqWCKNKhCbhz0SItiAGlbQQrCFM71ZBpUjKhEBGbheDWtYsuXIoggjs3Im678S/wteumOwsWR6Yzk6bJGNNqX/b7WTSnOffMvZm56eO2uVm59GSuOGtp321XdFjqshaStIQlIq66nH+/9On0xLv/3M+VGhuZzGSVCovIrQcvBt5W+268/v9NXJbTt1dWs1+XT02K/Ji8V7BUwVIl21a6mi6XqyGneKZgFTWlrpuGbhmqULKMStXL69OmoWbN8vx8Temlmf7e+YphWUov1VTRqKlqWVUrNaXf1QslpWma6u8ViEi6EYXbcqFOhfnna7Ytq86Fj9fFtu2A1nU/iHm38T8bLA6SluvfsW3b5Ijs5siwF9bsaNfXH/8e9/n/+SnX/2iauDl1dSSXGx1XKiEy93ghv5B3b938xz4piCmGLI1fmFoXsRsk5Hwcu5IbHVIb0nJ2btGrX1zIu98cRma9+oyknJ9TmurFr8+49WprfUx6m+uzkpJjwfVZv17CTfU9cu5MU70mKflwR8piyow4tZv1DzNKXb6Wa+k/udEOAAAAAAAAAIDDSFMNm+v3oc0/9WpafOM/Phr5pHOv087NN9bXhyQl68Hr80OB6/tRORndv8cNAAAAAMBRYtXuF3XTNCq7E0SeJTt0ERMRJxB5NOAMpuMBj3sj7q73HhFpT0U6d7ElSF50+3s57g1MdvNE/aXAf7FGUTdf+amkBDUOb2sCDPYEnvnEnj5A6aaxJHY2seNdT63WILTu33MisI0d+v1xbN2Mba/34W09HX4ZJFpP1OAX97hmhy8a3xpLfAAAAAAOkaZfnAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwD7Z0eZh/r79W1PivUV8+5Zsre8Tz77/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6gnwEAAP//JZK+GA==")
ioctl$KVM_CAP_SPLIT_IRQCHIP(r1, 0x4068aea3, &(0x7f0000000180)={0x79, 0x0, 0x1})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

program did not crash
testing program (duration=32.472163738s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-ioctl$KVM_CREATE_VM-syz_mount_image$vfat-ioctl$KVM_CREATE_VCPU-ioctl$KVM_RUN
detailed listing:
executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x8c57, &(0x7f0000000340)=ANY=[@ANYBLOB="666c7573682c756e695f786c6174653d312c6e6f6e756d7461696c3d302c73686f72746e616d653d6c6f7765722c757466383d312c6e6f6e756d7461696c3d302c756e695f786c6174653d312c646f733178666c6f7070792c636865636b3d72656c617865642c73686f72746e616d653d77696e6e742c726f6469722c73686f72746e616d653d77696e6e742c756e695f786c6174653d312c6e6f6e756d7461696c3d302c757365667265652c757466383d312c00b3c6df3745b1b2f7ea92d20d3f3ffa31ec18e46c7acb9a9107d3ce985f76b3a3dc9d46f6169759de80d2f3cf06d8371513b924dffc1f6593f8aebd687934be114c6763c847faf7c4d3fae3941cabc5ab2e9e5b3d2c39a940e89c46b2a11ff48439b8c9df29ab8fa870da2aea26caf8c72d4e9b093cf5f95b64d5864755b8be6e0fcb0e3d58e260b9ba7f96d7f8d7a853964b0aba61dc573dfb949cc8e577059a6abd2708ab31a9c71522fca70047fcc10e67fe50d6af857dee630aaa3c192f7a1a8f33"], 0xf5, 0x2e6, &(0x7f0000000540)="$eJzs3ctrE18UwPGTV5O0v/6ShYiIwqWCKNKhCbhz0SItiAGlbQQrCFM71ZBpUjKhEBGbheDWtYsuXIoggjs3Im678S/wteumOwsWR6Yzk6bJGNNqX/b7WTSnOffMvZm56eO2uVm59GSuOGtp321XdFjqshaStIQlIq66nH+/9On0xLv/3M+VGhuZzGSVCovIrQcvBt5W+268/v9NXJbTt1dWs1+XT02K/Ji8V7BUwVIl21a6mi6XqyGneKZgFTWlrpuGbhmqULKMStXL69OmoWbN8vx8Temlmf7e+YphWUov1VTRqKlqWVUrNaXf1QslpWma6u8ViEi6EYXbcqFOhfnna7Ytq86Fj9fFtu2A1nU/iHm38T8bLA6SluvfsW3b5Ijs5siwF9bsaNfXH/8e9/n/+SnX/2iauDl1dSSXGx1XKiEy93ghv5B3b938xz4piCmGLI1fmFoXsRsk5Hwcu5IbHVIb0nJ2btGrX1zIu98cRma9+oyknJ9TmurFr8+49WprfUx6m+uzkpJjwfVZv17CTfU9cu5MU70mKflwR8piyow4tZv1DzNKXb6Wa+k/udEOAAAAAAAAAIDDSFMNm+v3oc0/9WpafOM/Phr5pHOv087NN9bXhyQl68Hr80OB6/tRORndv8cNAAAAAMBRYtXuF3XTNCq7E0SeJTt0ERMRJxB5NOAMpuMBj3sj7q73HhFpT0U6d7ElSF50+3s57g1MdvNE/aXAf7FGUTdf+amkBDUOb2sCDPYEnvnEnj5A6aaxJHY2seNdT63WILTu33MisI0d+v1xbN2Mba/34W09HX4ZJFpP1OAX97hmhy8a3xpLfAAAAAAOkaZfnAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwD7Z0eZh/r79W1PivUV8+5Zsre8Tz77/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6gnwEAAP//JZK+GA==")
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

program did not crash
testing program (duration=32.472163738s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-ioctl$KVM_CREATE_VM-ioctl$KVM_CAP_SPLIT_IRQCHIP-ioctl$KVM_CREATE_VCPU-ioctl$KVM_RUN
detailed listing:
executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r1, 0x4068aea3, &(0x7f0000000180)={0x79, 0x0, 0x1})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

program crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted
testing program (duration=32.472163738s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-ioctl$KVM_CAP_SPLIT_IRQCHIP-ioctl$KVM_CREATE_VCPU-ioctl$KVM_RUN
detailed listing:
executing program 0:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000180)={0x79, 0x0, 0x1})
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_RUN(r0, 0xae80, 0x0)

program did not crash
testing program (duration=32.472163738s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): ioctl$KVM_CREATE_VM-ioctl$KVM_CAP_SPLIT_IRQCHIP-ioctl$KVM_CREATE_VCPU-ioctl$KVM_RUN
detailed listing:
executing program 0:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r0, 0x4068aea3, &(0x7f0000000180)={0x79, 0x0, 0x1})
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)

program did not crash
testing program (duration=32.472163738s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-ioctl$KVM_CREATE_VM-ioctl$KVM_CAP_SPLIT_IRQCHIP-ioctl$KVM_CREATE_VCPU-ioctl$KVM_RUN
detailed listing:
executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r1, 0x4068aea3, &(0x7f0000000180)={0x79, 0x0, 0x1})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

program did not crash
testing program (duration=32.472163738s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-ioctl$KVM_CREATE_VM-ioctl$KVM_CAP_SPLIT_IRQCHIP-ioctl$KVM_CREATE_VCPU-ioctl$KVM_RUN
detailed listing:
executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r1, 0x4068aea3, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

program did not crash
extracting C reproducer
testing compiled C program (duration=32.472163738s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-ioctl$KVM_CREATE_VM-ioctl$KVM_CAP_SPLIT_IRQCHIP-ioctl$KVM_CREATE_VCPU-ioctl$KVM_RUN
program crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted
simplifying C reproducer
testing compiled C program (duration=32.472163738s, {Threaded:false Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-ioctl$KVM_CREATE_VM-ioctl$KVM_CAP_SPLIT_IRQCHIP-ioctl$KVM_CREATE_VCPU-ioctl$KVM_RUN
program crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted
testing compiled C program (duration=32.472163738s, {Threaded:false Repeat:false RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:false Cgroups:false BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-ioctl$KVM_CREATE_VM-ioctl$KVM_CAP_SPLIT_IRQCHIP-ioctl$KVM_CREATE_VCPU-ioctl$KVM_RUN
program did not crash
testing compiled C program (duration=32.472163738s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-ioctl$KVM_CREATE_VM-ioctl$KVM_CAP_SPLIT_IRQCHIP-ioctl$KVM_CREATE_VCPU-ioctl$KVM_RUN
program crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted
testing compiled C program (duration=32.472163738s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:false UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-ioctl$KVM_CREATE_VM-ioctl$KVM_CAP_SPLIT_IRQCHIP-ioctl$KVM_CREATE_VCPU-ioctl$KVM_RUN
program did not crash
testing compiled C program (duration=32.472163738s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-ioctl$KVM_CREATE_VM-ioctl$KVM_CAP_SPLIT_IRQCHIP-ioctl$KVM_CREATE_VCPU-ioctl$KVM_RUN
program crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted
testing compiled C program (duration=32.472163738s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-ioctl$KVM_CREATE_VM-ioctl$KVM_CAP_SPLIT_IRQCHIP-ioctl$KVM_CREATE_VCPU-ioctl$KVM_RUN
program crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted
testing compiled C program (duration=32.472163738s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-ioctl$KVM_CREATE_VM-ioctl$KVM_CAP_SPLIT_IRQCHIP-ioctl$KVM_CREATE_VCPU-ioctl$KVM_RUN
program crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted
testing compiled C program (duration=32.472163738s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-ioctl$KVM_CREATE_VM-ioctl$KVM_CAP_SPLIT_IRQCHIP-ioctl$KVM_CREATE_VCPU-ioctl$KVM_RUN
program crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted
testing compiled C program (duration=32.472163738s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-ioctl$KVM_CREATE_VM-ioctl$KVM_CAP_SPLIT_IRQCHIP-ioctl$KVM_CREATE_VCPU-ioctl$KVM_RUN
program crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted
testing compiled C program (duration=32.472163738s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-ioctl$KVM_CREATE_VM-ioctl$KVM_CAP_SPLIT_IRQCHIP-ioctl$KVM_CREATE_VCPU-ioctl$KVM_RUN
program did not crash
testing compiled C program (duration=32.472163738s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:false HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-ioctl$KVM_CREATE_VM-ioctl$KVM_CAP_SPLIT_IRQCHIP-ioctl$KVM_CREATE_VCPU-ioctl$KVM_RUN
program crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted
testing compiled C program (duration=32.472163738s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:false HandleSegv:false Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-ioctl$KVM_CREATE_VM-ioctl$KVM_CAP_SPLIT_IRQCHIP-ioctl$KVM_CREATE_VCPU-ioctl$KVM_RUN
program crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted
testing compiled C program (duration=32.472163738s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:true UseTmpDir:false HandleSegv:false Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-ioctl$KVM_CREATE_VM-ioctl$KVM_CAP_SPLIT_IRQCHIP-ioctl$KVM_CREATE_VCPU-ioctl$KVM_RUN
program crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted
testing compiled C program (duration=32.472163738s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:false HandleSegv:false Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-ioctl$KVM_CREATE_VM-ioctl$KVM_CAP_SPLIT_IRQCHIP-ioctl$KVM_CREATE_VCPU-ioctl$KVM_RUN
program crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted
reproducing took 32m4.873597543s
repro crashed as (corrupted=true):
BUG: kernel NULL pointer dereference, address: 0000000000000086
#PF: supervisor instruction fetch in kernel mode
#PF: error_code(0x0010) - not-present page
PGD 1f35cb067 P4D 1f35cb067 PUD 1debaa067 PMD 0 
Oops: 0010 [#1] PREEMPT SMP KASAN
CPU: 1 PID: 1098 Comm: syz-executor225 Not tainted 5.4.289-syzkaller-00025-g49530c73f82d #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
RIP: 0010:0x86
Code: Bad RIP value.
RSP: 0018:ffff8881de69f308 EFLAGS: 00010086
RAX: ffff8881de69f338 RBX: dffffc0000000000 RCX: ffff88823fe42000
RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
RBP: 0000000000000ec0 R08: ffffffff8231c921 R09: ffffffff811c8f95
R10: ffff88823fe42000 R11: 0000000000000002 R12: ffffffff84601550
R13: fffffe0000000ec8 R14: ffff8881f2ee0000 R15: fffffe0000000ecb
FS:  00005555929a2380(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000000000000005c CR3: 00000001f36fe000 CR4: 00000000003426a0
Call Trace:
Modules linked in:
CR2: 0000000000000086
---[ end trace 1fc6cd50c3957907 ]---
RIP: 0010:0x86
Code: Bad RIP value.
RSP: 0018:ffff8881de69f308 EFLAGS: 00010086
RAX: ffff8881de69f338 RBX: dffffc0000000000 RCX: ffff88823fe42000
RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
RBP: 0000000000000ec0 R08: ffffffff8231c921 R09: ffffffff811c8f95
R10: ffff88823fe42000 R11: 0000000000000002 R12: ffffffff84601550
R13: fffffe0000000ec8 R14: ffff8881f2ee0000 R15: fffffe0000000ecb
FS:  00005555929a2380(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000000000000005c CR3: 00000001f36fe000 CR4: 00000000003426a0

report is corrupted, running repro again
testing compiled C program (duration=32.472163738s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:false HandleSegv:false Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-ioctl$KVM_CREATE_VM-ioctl$KVM_CAP_SPLIT_IRQCHIP-ioctl$KVM_CREATE_VCPU-ioctl$KVM_RUN
program crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted
report is corrupted, running repro again
testing compiled C program (duration=32.472163738s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:false HandleSegv:false Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-ioctl$KVM_CREATE_VM-ioctl$KVM_CAP_SPLIT_IRQCHIP-ioctl$KVM_CREATE_VCPU-ioctl$KVM_RUN
program crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted
report is corrupted, running repro again
testing compiled C program (duration=32.472163738s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:false HandleSegv:false Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-ioctl$KVM_CREATE_VM-ioctl$KVM_CAP_SPLIT_IRQCHIP-ioctl$KVM_CREATE_VCPU-ioctl$KVM_RUN
program crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted
final repro crashed as (corrupted=true):
BUG: kernel NULL pointer dereference, address: 0000000000000086
#PF: supervisor instruction fetch in kernel mode
#PF: error_code(0x0010) - not-present page
PGD 1f0219067 P4D 1f0219067 PUD 1ef4ce067 PMD 0 
Oops: 0010 [#1] PREEMPT SMP KASAN
CPU: 1 PID: 383 Comm: syz-executor340 Not tainted 5.4.289-syzkaller-00025-g49530c73f82d #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
RIP: 0010:0x86
Code: Bad RIP value.
RSP: 0018:ffff8881ee7bf308 EFLAGS: 00010086
RAX: ffff8881ee7bf338 RBX: dffffc0000000000 RCX: ffff8881ee234ec0
RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
RBP: 0000000000000ec0 R08: ffffffff8231c921 R09: ffffffff811c8f95
R10: ffff8881ee234ec0 R11: 0000000000000002 R12: ffffffff84601550
R13: fffffe0000000ec8 R14: ffff8881ee2e8000 R15: fffffe0000000ecb
FS:  000055559101a380(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000000000000005c CR3: 00000001ef1e2000 CR4: 00000000003426a0
Call Trace:
Modules linked in:
CR2: 0000000000000086
---[ end trace bbe89848d5768e6b ]---
RIP: 0010:0x86
Code: Bad RIP value.
RSP: 0018:ffff8881ee7bf308 EFLAGS: 00010086
RAX: ffff8881ee7bf338 RBX: dffffc0000000000 RCX: ffff8881ee234ec0
RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
RBP: 0000000000000ec0 R08: ffffffff8231c921 R09: ffffffff811c8f95
R10: ffff8881ee234ec0 R11: 0000000000000002 R12: ffffffff84601550
R13: fffffe0000000ec8 R14: ffff8881ee2e8000 R15: fffffe0000000ecb
FS:  000055559101a380(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000000000000005c CR3: 00000001ef1e2000 CR4: 00000000003426a0