# https://syzkaller.appspot.com/bug?id=2482a8d5abeea4a58e18323d9c18c6ea8af30cca # See https://goo.gl/kgGztJ for information about syzkaller reproducers. #{"repeat":true,"procs":4,"slowdown":1,"sandbox":"none","sandbox_arg":0,"tun":true,"netdev":true,"resetnet":true,"cgroups":true,"binfmt_misc":true,"close_fds":true,"usb":true,"tmpdir":true,"callcomments":true} r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000240)={0x73622a85, 0x0, 0x8000000000002}) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000001c0)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0}) r2 = dup3(r1, r0, 0x0) r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0) mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x10000000000) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a}) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000000c0)={0x8, 0x0, &(0x7f00000005c0)=[@acquire], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x1058, 0x0, 0x0, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000280)={@flat=@binder={0x73622a85, 0x101, 0x1}, @ptr={0x70742a85, 0x80000, 0x0, 0x0, 0x1, 0x30}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0xfffffffffffffffd, 0x10000000000ca}}, &(0x7f0000000600)={0x0, 0x18, 0x40}}, 0x1000}], 0x0, 0x0, 0x0}) r4 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fd7000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) r5 = open(0x0, 0x14d77e, 0xc2) ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f0000000400)=0x20) ioctl$XFS_IOC_FD_TO_HANDLE(0xffffffffffffffff, 0xc038586a, &(0x7f0000000240)={0xffffffffffffffff, &(0x7f0000000000)='/dev/kvm\x00', 0x800, &(0x7f0000000100)={@_ha_fsid={[0x0, 0x9]}, {0x8, 0x5, 0x200, 0x4}}, 0x8001, &(0x7f0000000180)={@_ha_fsid}, 0x0}) syz_kvm_setup_cpu$x86(r6, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, 0x0}], 0x1, 0x6c, 0x0, 0x0)