Extracting prog: 4m57.766179995s Minimizing prog: 32m3.655643712s Simplifying prog options: 0s Extracting C: 51.875399349s Simplifying C: 12m15.517392825s extracting reproducer from 69 programs first checking the prog from the crash report single: executing 1 programs separately with timeout 30s testing program (duration=30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$PROG_LOAD-ptrace-socket$nl_netfilter-sendmsg$IPCTNL_MSG_CT_GET-bpf$MAP_CREATE_TAIL_CALL-syz_mount_image$ext4-syz_mount_image$fuse-bpf$PROG_LOAD-bpf$BPF_PROG_TEST_RUN-mount$incfs-chdir-mount$overlay-chdir-open-syz_io_uring_complete-socket$nl_generic-ioctl$PPPIOCGFLAGS1-syz_genetlink_get_family_id$ethtool-ioctl$ifreq_SIOCGIFINDEX_wireguard-mkdir-mount$incfs-openat-openat$incfs-openat-openat$incfs-sendmsg$ETHTOOL_MSG_COALESCE_GET-sendmsg$ETHTOOL_MSG_CHANNELS_SET-openat detailed listing: executing program 0: bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b40000000000000073113c000000000020000000000000009500200000000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f2, 0x10, &(0x7f0000000000), 0xfffffe51}, 0x48) ptrace(0x10, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, 0x0, 0x4000) bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000280)='./file2\x00', 0x2800000, &(0x7f0000000080)={[{@debug}, {@jqfmt_vfsv0}, {@inlinecrypt}, {@noblock_validity}, {@nodelalloc}, {@norecovery}, {@delalloc}, {@usrquota}, {@noinit_itable}]}, 0x1, 0xbdb, &(0x7f00000023c0)="$eJzs3M1rHOcZAPBnRqsP23JXLqXUvVilFBtK17KLTG0KtYtLLz0U2mvBQl4ZofUHkoorWdBV8g+EJP9ALjkkJsGH+OxLArnmkjjXmBwCJihWAiEkCrMfkiztSpa1q1Hk3w9ezfsxM+/zaKSdeWF3A3hhDWc/0ojjEXEliSg2+tOI6KvVBiKq9f2WlxbGv1laGE9iZeVfXyaRRMSTpYXx5rmSxvZIozEQER/9NYmfv7x53pm5+amxSqU83Wifnr1+6/TM3PwfJq+PXStfK984c+5Po2dHz42cH+1Yrt9+dvH+17/5++fV7976/u5Xr72ZxMUYbIytz6OR9a4Nx/Dq72S9QkSMdeD8+0FPI5/1eSaFbQ5KuxwUAABtpeue4X4ZxeiJtYe3Yrz/ca7BAQAAAB2x0hOxAgAAABxwifU/AAAAHHDN9wE8WVoYb5Z835Gwtx5fioihev7LjVIfKUS1th2I3og4/CSJ9R9rTeqH7dpwRDz69Py7WYkWn0PutupiRPyq1fVPavkPNT4JvTH/NCJGOjD/8Ib2Tyn/ix2YP+/8AXgxPbhUv5Ftvv+lq88/0eL+V2hx73oeed//ms9/y5ue/9by72nz/PfPZ5zjTiFutxvL8v/z/b+90yzZ/Nl2V0ntwOPFiF8XWuWfrOaftMn/yjbnTqJ+iuIPt8vt9sk7/5U3Ik5G6/ybkq2/n+j0xGSlPFL/2XKOxQ9H3243f975Z9f/cJv8t7j+A1nfrafO1P5Lff5z+fK9TZ2N3bfPP/2iL/l3rdbX6Pnf2Ozs9JmIvuQfm/vPbp1vc5/mObL8T/126///Vn//2WtCtfG3kaWy2Nhm7Zc2zPmXu3feaxdPc/2X5/W/uvPrX+t75Rnn+N0Hr57a2Nf8fq3169+sZPM/SuprYQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABoSiNiMJK0FBFJrZ6mpVLEkYj4RRxOKzdnZn8/cfO/N65mYxFD0ZtOTFbKIxFRrLeTrH2mVl9rn93Q/mNEHIuI14uHau3S+M3K1byTBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNWRiBiMJC1FRBoRy8U0LZXyjgoAAADouKG8AwAAAAC6zvofAAAADj7rfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALrs2IkHD5OIqF44VCuZvsZYb66RAd2W5h0AkJuevAMAclPIOwAgNztc43tcgAMo2WZ8oGVv9urR35V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANifTh5/8DCJiOqFQ7WS6WuM9bY84sQeRgd0U5p3AEBuerYaLOxdHMDee+5/8aOdjQPYe63X+MCLJNlmfGBtn+rTI/1diwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/WewVpK0FBFprZ6mpVLE0YgYit5kYrJSHomIn0XEJ8Xe/qzdn3fQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdNzM3PzUWKVSnn6eSrK7w1VU2lX+vz/C2NtKUqsM5B1GvZL3KxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHmYmZufGqtUytMzeUcCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA5G1mbn5qrFIpTz9D5d5Odl5XyTtHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADy82MAAAD//1sCDDY=") syz_mount_image$fuse(0x0, &(0x7f0000000400)='./bus\x00', 0x3000019, 0x0, 0x1, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x3, 0x5, &(0x7f0000000140)=ANY=[@ANYBLOB="180000000000000000000000000000008500000061000000850000002a00000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @sched_cls=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x0, 0x47, 0x0, &(0x7f0000000300)="c5dfb080cd20d308098e000086dd", 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) mount$incfs(&(0x7f00000007c0)='.\x00', &(0x7f0000000800)='./bus\x00', &(0x7f0000000840), 0x1004002, 0x0) chdir(&(0x7f00000001c0)='./bus\x00') mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) chdir(&(0x7f00000003c0)='./bus\x00') r2 = open(&(0x7f0000000100)='./file1\x00', 0x14f840, 0xa4) r3 = syz_io_uring_complete(0x0, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$PPPIOCGFLAGS1(r2, 0x8004745a, &(0x7f00000004c0)) r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_wireguard(r4, 0x8933, &(0x7f0000000180)={'wg0\x00'}) mkdir(&(0x7f0000000040)='./file0\x00', 0x65) mount$incfs(&(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='./file0\x00', &(0x7f0000000200), 0x10006, 0x0) r6 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x4e) openat$incfs(r6, &(0x7f00000001c0)='.pending_reads\x00', 0x2280, 0x10) r7 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x8c) openat$incfs(r7, &(0x7f0000000100)='.pending_reads\x00', 0x1, 0x139) sendmsg$ETHTOOL_MSG_COALESCE_GET(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x18, r5, 0x1, 0x0, 0x0, {0x1c}, [@HEADER={0x4}]}, 0x18}}, 0x0) sendmsg$ETHTOOL_MSG_CHANNELS_SET(r3, &(0x7f0000000480)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x1c, r5, 0x200, 0x70bd2b, 0x25dfdbff, {}, [@ETHTOOL_A_CHANNELS_TX_COUNT={0x8, 0x7, 0xfff}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x8000) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x15) program crashed: general protection fault in mntget single: successfully extracted reproducer found reproducer with 28 syscalls minimizing guilty program testing program (duration=31.187897406s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$PROG_LOAD-ptrace-socket$nl_netfilter-sendmsg$IPCTNL_MSG_CT_GET-bpf$MAP_CREATE_TAIL_CALL-syz_mount_image$ext4-syz_mount_image$fuse-bpf$PROG_LOAD-bpf$BPF_PROG_TEST_RUN-mount$incfs-chdir-mount$overlay-chdir-open-syz_io_uring_complete-socket$nl_generic-ioctl$PPPIOCGFLAGS1-syz_genetlink_get_family_id$ethtool-ioctl$ifreq_SIOCGIFINDEX_wireguard-mkdir-mount$incfs-openat-openat$incfs-openat-openat$incfs-sendmsg$ETHTOOL_MSG_COALESCE_GET-sendmsg$ETHTOOL_MSG_CHANNELS_SET detailed listing: executing program 0: bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b40000000000000073113c000000000020000000000000009500200000000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f2, 0x10, &(0x7f0000000000), 0xfffffe51}, 0x48) ptrace(0x10, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, 0x0, 0x4000) bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000280)='./file2\x00', 0x2800000, &(0x7f0000000080)={[{@debug}, {@jqfmt_vfsv0}, {@inlinecrypt}, {@noblock_validity}, {@nodelalloc}, {@norecovery}, {@delalloc}, {@usrquota}, {@noinit_itable}]}, 0x1, 0xbdb, &(0x7f00000023c0)="$eJzs3M1rHOcZAPBnRqsP23JXLqXUvVilFBtK17KLTG0KtYtLLz0U2mvBQl4ZofUHkoorWdBV8g+EJP9ALjkkJsGH+OxLArnmkjjXmBwCJihWAiEkCrMfkiztSpa1q1Hk3w9ezfsxM+/zaKSdeWF3A3hhDWc/0ojjEXEliSg2+tOI6KvVBiKq9f2WlxbGv1laGE9iZeVfXyaRRMSTpYXx5rmSxvZIozEQER/9NYmfv7x53pm5+amxSqU83Wifnr1+6/TM3PwfJq+PXStfK984c+5Po2dHz42cH+1Yrt9+dvH+17/5++fV7976/u5Xr72ZxMUYbIytz6OR9a4Nx/Dq72S9QkSMdeD8+0FPI5/1eSaFbQ5KuxwUAABtpeue4X4ZxeiJtYe3Yrz/ca7BAQAAAB2x0hOxAgAAABxwifU/AAAAHHDN9wE8WVoYb5Z835Gwtx5fioihev7LjVIfKUS1th2I3og4/CSJ9R9rTeqH7dpwRDz69Py7WYkWn0PutupiRPyq1fVPavkPNT4JvTH/NCJGOjD/8Ib2Tyn/ix2YP+/8AXgxPbhUv5Ftvv+lq88/0eL+V2hx73oeed//ms9/y5ue/9by72nz/PfPZ5zjTiFutxvL8v/z/b+90yzZ/Nl2V0ntwOPFiF8XWuWfrOaftMn/yjbnTqJ+iuIPt8vt9sk7/5U3Ik5G6/ybkq2/n+j0xGSlPFL/2XKOxQ9H3243f975Z9f/cJv8t7j+A1nfrafO1P5Lff5z+fK9TZ2N3bfPP/2iL/l3rdbX6Pnf2Ozs9JmIvuQfm/vPbp1vc5/mObL8T/126///Vn//2WtCtfG3kaWy2Nhm7Zc2zPmXu3feaxdPc/2X5/W/uvPrX+t75Rnn+N0Hr57a2Nf8fq3169+sZPM/SuprYQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABoSiNiMJK0FBFJrZ6mpVLEkYj4RRxOKzdnZn8/cfO/N65mYxFD0ZtOTFbKIxFRrLeTrH2mVl9rn93Q/mNEHIuI14uHau3S+M3K1byTBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNWRiBiMJC1FRBoRy8U0LZXyjgoAAADouKG8AwAAAAC6zvofAAAADj7rfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALrs2IkHD5OIqF44VCuZvsZYb66RAd2W5h0AkJuevAMAclPIOwAgNztc43tcgAMo2WZ8oGVv9urR35V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANifTh5/8DCJiOqFQ7WS6WuM9bY84sQeRgd0U5p3AEBuerYaLOxdHMDee+5/8aOdjQPYe63X+MCLJNlmfGBtn+rTI/1diwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/WewVpK0FBFprZ6mpVLE0YgYit5kYrJSHomIn0XEJ8Xe/qzdn3fQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdNzM3PzUWKVSnn6eSrK7w1VU2lX+vz/C2NtKUqsM5B1GvZL3KxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHmYmZufGqtUytMzeUcCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA5G1mbn5qrFIpTz9D5d5Odl5XyTtHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADy82MAAAD//1sCDDY=") syz_mount_image$fuse(0x0, &(0x7f0000000400)='./bus\x00', 0x3000019, 0x0, 0x1, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x3, 0x5, &(0x7f0000000140)=ANY=[@ANYBLOB="180000000000000000000000000000008500000061000000850000002a00000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @sched_cls=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x0, 0x47, 0x0, &(0x7f0000000300)="c5dfb080cd20d308098e000086dd", 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) mount$incfs(&(0x7f00000007c0)='.\x00', &(0x7f0000000800)='./bus\x00', &(0x7f0000000840), 0x1004002, 0x0) chdir(&(0x7f00000001c0)='./bus\x00') mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) chdir(&(0x7f00000003c0)='./bus\x00') r2 = open(&(0x7f0000000100)='./file1\x00', 0x14f840, 0xa4) r3 = syz_io_uring_complete(0x0, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$PPPIOCGFLAGS1(r2, 0x8004745a, &(0x7f00000004c0)) r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_wireguard(r4, 0x8933, &(0x7f0000000180)={'wg0\x00'}) mkdir(&(0x7f0000000040)='./file0\x00', 0x65) mount$incfs(&(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='./file0\x00', &(0x7f0000000200), 0x10006, 0x0) r6 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x4e) openat$incfs(r6, &(0x7f00000001c0)='.pending_reads\x00', 0x2280, 0x10) r7 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x8c) openat$incfs(r7, &(0x7f0000000100)='.pending_reads\x00', 0x1, 0x139) sendmsg$ETHTOOL_MSG_COALESCE_GET(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x18, r5, 0x1, 0x0, 0x0, {0x1c}, [@HEADER={0x4}]}, 0x18}}, 0x0) sendmsg$ETHTOOL_MSG_CHANNELS_SET(r3, &(0x7f0000000480)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x1c, r5, 0x200, 0x70bd2b, 0x25dfdbff, {}, [@ETHTOOL_A_CHANNELS_TX_COUNT={0x8, 0x7, 0xfff}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x8000) program crashed: general protection fault in mntget testing program (duration=31.187897406s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$PROG_LOAD-ptrace-socket$nl_netfilter-sendmsg$IPCTNL_MSG_CT_GET-bpf$MAP_CREATE_TAIL_CALL-syz_mount_image$ext4-syz_mount_image$fuse-bpf$PROG_LOAD-bpf$BPF_PROG_TEST_RUN-mount$incfs-chdir-mount$overlay-chdir-open-syz_io_uring_complete-socket$nl_generic-ioctl$PPPIOCGFLAGS1-syz_genetlink_get_family_id$ethtool-ioctl$ifreq_SIOCGIFINDEX_wireguard-mkdir-mount$incfs-openat-openat$incfs-openat-openat$incfs-sendmsg$ETHTOOL_MSG_COALESCE_GET detailed listing: executing program 0: bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b40000000000000073113c000000000020000000000000009500200000000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f2, 0x10, &(0x7f0000000000), 0xfffffe51}, 0x48) ptrace(0x10, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, 0x0, 0x4000) bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000280)='./file2\x00', 0x2800000, &(0x7f0000000080)={[{@debug}, {@jqfmt_vfsv0}, {@inlinecrypt}, {@noblock_validity}, {@nodelalloc}, {@norecovery}, {@delalloc}, {@usrquota}, {@noinit_itable}]}, 0x1, 0xbdb, &(0x7f00000023c0)="$eJzs3M1rHOcZAPBnRqsP23JXLqXUvVilFBtK17KLTG0KtYtLLz0U2mvBQl4ZofUHkoorWdBV8g+EJP9ALjkkJsGH+OxLArnmkjjXmBwCJihWAiEkCrMfkiztSpa1q1Hk3w9ezfsxM+/zaKSdeWF3A3hhDWc/0ojjEXEliSg2+tOI6KvVBiKq9f2WlxbGv1laGE9iZeVfXyaRRMSTpYXx5rmSxvZIozEQER/9NYmfv7x53pm5+amxSqU83Wifnr1+6/TM3PwfJq+PXStfK984c+5Po2dHz42cH+1Yrt9+dvH+17/5++fV7976/u5Xr72ZxMUYbIytz6OR9a4Nx/Dq72S9QkSMdeD8+0FPI5/1eSaFbQ5KuxwUAABtpeue4X4ZxeiJtYe3Yrz/ca7BAQAAAB2x0hOxAgAAABxwifU/AAAAHHDN9wE8WVoYb5Z835Gwtx5fioihev7LjVIfKUS1th2I3og4/CSJ9R9rTeqH7dpwRDz69Py7WYkWn0PutupiRPyq1fVPavkPNT4JvTH/NCJGOjD/8Ib2Tyn/ix2YP+/8AXgxPbhUv5Ftvv+lq88/0eL+V2hx73oeed//ms9/y5ue/9by72nz/PfPZ5zjTiFutxvL8v/z/b+90yzZ/Nl2V0ntwOPFiF8XWuWfrOaftMn/yjbnTqJ+iuIPt8vt9sk7/5U3Ik5G6/ybkq2/n+j0xGSlPFL/2XKOxQ9H3243f975Z9f/cJv8t7j+A1nfrafO1P5Lff5z+fK9TZ2N3bfPP/2iL/l3rdbX6Pnf2Ozs9JmIvuQfm/vPbp1vc5/mObL8T/126///Vn//2WtCtfG3kaWy2Nhm7Zc2zPmXu3feaxdPc/2X5/W/uvPrX+t75Rnn+N0Hr57a2Nf8fq3169+sZPM/SuprYQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABoSiNiMJK0FBFJrZ6mpVLEkYj4RRxOKzdnZn8/cfO/N65mYxFD0ZtOTFbKIxFRrLeTrH2mVl9rn93Q/mNEHIuI14uHau3S+M3K1byTBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNWRiBiMJC1FRBoRy8U0LZXyjgoAAADouKG8AwAAAAC6zvofAAAADj7rfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALrs2IkHD5OIqF44VCuZvsZYb66RAd2W5h0AkJuevAMAclPIOwAgNztc43tcgAMo2WZ8oGVv9urR35V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANifTh5/8DCJiOqFQ7WS6WuM9bY84sQeRgd0U5p3AEBuerYaLOxdHMDee+5/8aOdjQPYe63X+MCLJNlmfGBtn+rTI/1diwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/WewVpK0FBFprZ6mpVLE0YgYit5kYrJSHomIn0XEJ8Xe/qzdn3fQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdNzM3PzUWKVSnn6eSrK7w1VU2lX+vz/C2NtKUqsM5B1GvZL3KxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHmYmZufGqtUytMzeUcCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA5G1mbn5qrFIpTz9D5d5Odl5XyTtHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADy82MAAAD//1sCDDY=") syz_mount_image$fuse(0x0, &(0x7f0000000400)='./bus\x00', 0x3000019, 0x0, 0x1, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x3, 0x5, &(0x7f0000000140)=ANY=[@ANYBLOB="180000000000000000000000000000008500000061000000850000002a00000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @sched_cls=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x0, 0x47, 0x0, &(0x7f0000000300)="c5dfb080cd20d308098e000086dd", 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) mount$incfs(&(0x7f00000007c0)='.\x00', &(0x7f0000000800)='./bus\x00', &(0x7f0000000840), 0x1004002, 0x0) chdir(&(0x7f00000001c0)='./bus\x00') mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) chdir(&(0x7f00000003c0)='./bus\x00') r2 = open(&(0x7f0000000100)='./file1\x00', 0x14f840, 0xa4) syz_io_uring_complete(0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$PPPIOCGFLAGS1(r2, 0x8004745a, &(0x7f00000004c0)) r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_wireguard(r3, 0x8933, &(0x7f0000000180)={'wg0\x00'}) mkdir(&(0x7f0000000040)='./file0\x00', 0x65) mount$incfs(&(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='./file0\x00', &(0x7f0000000200), 0x10006, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x4e) openat$incfs(r5, &(0x7f00000001c0)='.pending_reads\x00', 0x2280, 0x10) r6 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x8c) openat$incfs(r6, &(0x7f0000000100)='.pending_reads\x00', 0x1, 0x139) sendmsg$ETHTOOL_MSG_COALESCE_GET(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x18, r4, 0x1, 0x0, 0x0, {0x1c}, [@HEADER={0x4}]}, 0x18}}, 0x0) program crashed: general protection fault in mntget testing program (duration=31.187897406s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$PROG_LOAD-ptrace-socket$nl_netfilter-sendmsg$IPCTNL_MSG_CT_GET-bpf$MAP_CREATE_TAIL_CALL-syz_mount_image$ext4-syz_mount_image$fuse-bpf$PROG_LOAD-bpf$BPF_PROG_TEST_RUN-mount$incfs-chdir-mount$overlay-chdir-open-syz_io_uring_complete-socket$nl_generic-ioctl$PPPIOCGFLAGS1-syz_genetlink_get_family_id$ethtool-ioctl$ifreq_SIOCGIFINDEX_wireguard-mkdir-mount$incfs-openat-openat$incfs-openat-openat$incfs detailed listing: executing program 0: bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b40000000000000073113c000000000020000000000000009500200000000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f2, 0x10, &(0x7f0000000000), 0xfffffe51}, 0x48) ptrace(0x10, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, 0x0, 0x4000) bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000280)='./file2\x00', 0x2800000, &(0x7f0000000080)={[{@debug}, {@jqfmt_vfsv0}, {@inlinecrypt}, {@noblock_validity}, {@nodelalloc}, {@norecovery}, {@delalloc}, {@usrquota}, {@noinit_itable}]}, 0x1, 0xbdb, &(0x7f00000023c0)="$eJzs3M1rHOcZAPBnRqsP23JXLqXUvVilFBtK17KLTG0KtYtLLz0U2mvBQl4ZofUHkoorWdBV8g+EJP9ALjkkJsGH+OxLArnmkjjXmBwCJihWAiEkCrMfkiztSpa1q1Hk3w9ezfsxM+/zaKSdeWF3A3hhDWc/0ojjEXEliSg2+tOI6KvVBiKq9f2WlxbGv1laGE9iZeVfXyaRRMSTpYXx5rmSxvZIozEQER/9NYmfv7x53pm5+amxSqU83Wifnr1+6/TM3PwfJq+PXStfK984c+5Po2dHz42cH+1Yrt9+dvH+17/5++fV7976/u5Xr72ZxMUYbIytz6OR9a4Nx/Dq72S9QkSMdeD8+0FPI5/1eSaFbQ5KuxwUAABtpeue4X4ZxeiJtYe3Yrz/ca7BAQAAAB2x0hOxAgAAABxwifU/AAAAHHDN9wE8WVoYb5Z835Gwtx5fioihev7LjVIfKUS1th2I3og4/CSJ9R9rTeqH7dpwRDz69Py7WYkWn0PutupiRPyq1fVPavkPNT4JvTH/NCJGOjD/8Ib2Tyn/ix2YP+/8AXgxPbhUv5Ftvv+lq88/0eL+V2hx73oeed//ms9/y5ue/9by72nz/PfPZ5zjTiFutxvL8v/z/b+90yzZ/Nl2V0ntwOPFiF8XWuWfrOaftMn/yjbnTqJ+iuIPt8vt9sk7/5U3Ik5G6/ybkq2/n+j0xGSlPFL/2XKOxQ9H3243f975Z9f/cJv8t7j+A1nfrafO1P5Lff5z+fK9TZ2N3bfPP/2iL/l3rdbX6Pnf2Ozs9JmIvuQfm/vPbp1vc5/mObL8T/126///Vn//2WtCtfG3kaWy2Nhm7Zc2zPmXu3feaxdPc/2X5/W/uvPrX+t75Rnn+N0Hr57a2Nf8fq3169+sZPM/SuprYQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABoSiNiMJK0FBFJrZ6mpVLEkYj4RRxOKzdnZn8/cfO/N65mYxFD0ZtOTFbKIxFRrLeTrH2mVl9rn93Q/mNEHIuI14uHau3S+M3K1byTBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNWRiBiMJC1FRBoRy8U0LZXyjgoAAADouKG8AwAAAAC6zvofAAAADj7rfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALrs2IkHD5OIqF44VCuZvsZYb66RAd2W5h0AkJuevAMAclPIOwAgNztc43tcgAMo2WZ8oGVv9urR35V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANifTh5/8DCJiOqFQ7WS6WuM9bY84sQeRgd0U5p3AEBuerYaLOxdHMDee+5/8aOdjQPYe63X+MCLJNlmfGBtn+rTI/1diwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/WewVpK0FBFprZ6mpVLE0YgYit5kYrJSHomIn0XEJ8Xe/qzdn3fQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdNzM3PzUWKVSnn6eSrK7w1VU2lX+vz/C2NtKUqsM5B1GvZL3KxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHmYmZufGqtUytMzeUcCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA5G1mbn5qrFIpTz9D5d5Odl5XyTtHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADy82MAAAD//1sCDDY=") syz_mount_image$fuse(0x0, &(0x7f0000000400)='./bus\x00', 0x3000019, 0x0, 0x1, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x3, 0x5, &(0x7f0000000140)=ANY=[@ANYBLOB="180000000000000000000000000000008500000061000000850000002a00000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @sched_cls=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x0, 0x47, 0x0, &(0x7f0000000300)="c5dfb080cd20d308098e000086dd", 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) mount$incfs(&(0x7f00000007c0)='.\x00', &(0x7f0000000800)='./bus\x00', &(0x7f0000000840), 0x1004002, 0x0) chdir(&(0x7f00000001c0)='./bus\x00') mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) chdir(&(0x7f00000003c0)='./bus\x00') r2 = open(&(0x7f0000000100)='./file1\x00', 0x14f840, 0xa4) syz_io_uring_complete(0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$PPPIOCGFLAGS1(r2, 0x8004745a, &(0x7f00000004c0)) syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_wireguard(r3, 0x8933, &(0x7f0000000180)={'wg0\x00'}) mkdir(&(0x7f0000000040)='./file0\x00', 0x65) mount$incfs(&(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='./file0\x00', &(0x7f0000000200), 0x10006, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x4e) openat$incfs(r4, &(0x7f00000001c0)='.pending_reads\x00', 0x2280, 0x10) r5 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x8c) openat$incfs(r5, &(0x7f0000000100)='.pending_reads\x00', 0x1, 0x139) program crashed: general protection fault in mntget testing program (duration=31.187897406s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$PROG_LOAD-ptrace-socket$nl_netfilter-sendmsg$IPCTNL_MSG_CT_GET-bpf$MAP_CREATE_TAIL_CALL-syz_mount_image$ext4-syz_mount_image$fuse-bpf$PROG_LOAD-bpf$BPF_PROG_TEST_RUN-mount$incfs-chdir-mount$overlay-chdir-open-syz_io_uring_complete-socket$nl_generic-ioctl$PPPIOCGFLAGS1-syz_genetlink_get_family_id$ethtool-ioctl$ifreq_SIOCGIFINDEX_wireguard-mkdir-mount$incfs-openat-openat$incfs-openat detailed listing: executing program 0: bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b40000000000000073113c000000000020000000000000009500200000000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f2, 0x10, &(0x7f0000000000), 0xfffffe51}, 0x48) ptrace(0x10, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, 0x0, 0x4000) bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000280)='./file2\x00', 0x2800000, &(0x7f0000000080)={[{@debug}, {@jqfmt_vfsv0}, {@inlinecrypt}, {@noblock_validity}, {@nodelalloc}, {@norecovery}, {@delalloc}, {@usrquota}, {@noinit_itable}]}, 0x1, 0xbdb, &(0x7f00000023c0)="$eJzs3M1rHOcZAPBnRqsP23JXLqXUvVilFBtK17KLTG0KtYtLLz0U2mvBQl4ZofUHkoorWdBV8g+EJP9ALjkkJsGH+OxLArnmkjjXmBwCJihWAiEkCrMfkiztSpa1q1Hk3w9ezfsxM+/zaKSdeWF3A3hhDWc/0ojjEXEliSg2+tOI6KvVBiKq9f2WlxbGv1laGE9iZeVfXyaRRMSTpYXx5rmSxvZIozEQER/9NYmfv7x53pm5+amxSqU83Wifnr1+6/TM3PwfJq+PXStfK984c+5Po2dHz42cH+1Yrt9+dvH+17/5++fV7976/u5Xr72ZxMUYbIytz6OR9a4Nx/Dq72S9QkSMdeD8+0FPI5/1eSaFbQ5KuxwUAABtpeue4X4ZxeiJtYe3Yrz/ca7BAQAAAB2x0hOxAgAAABxwifU/AAAAHHDN9wE8WVoYb5Z835Gwtx5fioihev7LjVIfKUS1th2I3og4/CSJ9R9rTeqH7dpwRDz69Py7WYkWn0PutupiRPyq1fVPavkPNT4JvTH/NCJGOjD/8Ib2Tyn/ix2YP+/8AXgxPbhUv5Ftvv+lq88/0eL+V2hx73oeed//ms9/y5ue/9by72nz/PfPZ5zjTiFutxvL8v/z/b+90yzZ/Nl2V0ntwOPFiF8XWuWfrOaftMn/yjbnTqJ+iuIPt8vt9sk7/5U3Ik5G6/ybkq2/n+j0xGSlPFL/2XKOxQ9H3243f975Z9f/cJv8t7j+A1nfrafO1P5Lff5z+fK9TZ2N3bfPP/2iL/l3rdbX6Pnf2Ozs9JmIvuQfm/vPbp1vc5/mObL8T/126///Vn//2WtCtfG3kaWy2Nhm7Zc2zPmXu3feaxdPc/2X5/W/uvPrX+t75Rnn+N0Hr57a2Nf8fq3169+sZPM/SuprYQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABoSiNiMJK0FBFJrZ6mpVLEkYj4RRxOKzdnZn8/cfO/N65mYxFD0ZtOTFbKIxFRrLeTrH2mVl9rn93Q/mNEHIuI14uHau3S+M3K1byTBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNWRiBiMJC1FRBoRy8U0LZXyjgoAAADouKG8AwAAAAC6zvofAAAADj7rfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALrs2IkHD5OIqF44VCuZvsZYb66RAd2W5h0AkJuevAMAclPIOwAgNztc43tcgAMo2WZ8oGVv9urR35V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANifTh5/8DCJiOqFQ7WS6WuM9bY84sQeRgd0U5p3AEBuerYaLOxdHMDee+5/8aOdjQPYe63X+MCLJNlmfGBtn+rTI/1diwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/WewVpK0FBFprZ6mpVLE0YgYit5kYrJSHomIn0XEJ8Xe/qzdn3fQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdNzM3PzUWKVSnn6eSrK7w1VU2lX+vz/C2NtKUqsM5B1GvZL3KxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHmYmZufGqtUytMzeUcCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA5G1mbn5qrFIpTz9D5d5Odl5XyTtHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADy82MAAAD//1sCDDY=") syz_mount_image$fuse(0x0, &(0x7f0000000400)='./bus\x00', 0x3000019, 0x0, 0x1, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x3, 0x5, &(0x7f0000000140)=ANY=[@ANYBLOB="180000000000000000000000000000008500000061000000850000002a00000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @sched_cls=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x0, 0x47, 0x0, &(0x7f0000000300)="c5dfb080cd20d308098e000086dd", 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) mount$incfs(&(0x7f00000007c0)='.\x00', &(0x7f0000000800)='./bus\x00', &(0x7f0000000840), 0x1004002, 0x0) chdir(&(0x7f00000001c0)='./bus\x00') mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) chdir(&(0x7f00000003c0)='./bus\x00') r2 = open(&(0x7f0000000100)='./file1\x00', 0x14f840, 0xa4) syz_io_uring_complete(0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$PPPIOCGFLAGS1(r2, 0x8004745a, &(0x7f00000004c0)) syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_wireguard(r3, 0x8933, &(0x7f0000000180)={'wg0\x00'}) mkdir(&(0x7f0000000040)='./file0\x00', 0x65) mount$incfs(&(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='./file0\x00', &(0x7f0000000200), 0x10006, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x4e) openat$incfs(r4, &(0x7f00000001c0)='.pending_reads\x00', 0x2280, 0x10) openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x8c) program crashed: general protection fault in mntget testing program (duration=31.187897406s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$PROG_LOAD-ptrace-socket$nl_netfilter-sendmsg$IPCTNL_MSG_CT_GET-bpf$MAP_CREATE_TAIL_CALL-syz_mount_image$ext4-syz_mount_image$fuse-bpf$PROG_LOAD-bpf$BPF_PROG_TEST_RUN-mount$incfs-chdir-mount$overlay-chdir-open-syz_io_uring_complete-socket$nl_generic-ioctl$PPPIOCGFLAGS1-syz_genetlink_get_family_id$ethtool-ioctl$ifreq_SIOCGIFINDEX_wireguard-mkdir-mount$incfs-openat-openat$incfs detailed listing: executing program 0: bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b40000000000000073113c000000000020000000000000009500200000000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f2, 0x10, &(0x7f0000000000), 0xfffffe51}, 0x48) ptrace(0x10, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, 0x0, 0x4000) bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000280)='./file2\x00', 0x2800000, &(0x7f0000000080)={[{@debug}, {@jqfmt_vfsv0}, {@inlinecrypt}, {@noblock_validity}, {@nodelalloc}, {@norecovery}, {@delalloc}, {@usrquota}, {@noinit_itable}]}, 0x1, 0xbdb, &(0x7f00000023c0)="$eJzs3M1rHOcZAPBnRqsP23JXLqXUvVilFBtK17KLTG0KtYtLLz0U2mvBQl4ZofUHkoorWdBV8g+EJP9ALjkkJsGH+OxLArnmkjjXmBwCJihWAiEkCrMfkiztSpa1q1Hk3w9ezfsxM+/zaKSdeWF3A3hhDWc/0ojjEXEliSg2+tOI6KvVBiKq9f2WlxbGv1laGE9iZeVfXyaRRMSTpYXx5rmSxvZIozEQER/9NYmfv7x53pm5+amxSqU83Wifnr1+6/TM3PwfJq+PXStfK984c+5Po2dHz42cH+1Yrt9+dvH+17/5++fV7976/u5Xr72ZxMUYbIytz6OR9a4Nx/Dq72S9QkSMdeD8+0FPI5/1eSaFbQ5KuxwUAABtpeue4X4ZxeiJtYe3Yrz/ca7BAQAAAB2x0hOxAgAAABxwifU/AAAAHHDN9wE8WVoYb5Z835Gwtx5fioihev7LjVIfKUS1th2I3og4/CSJ9R9rTeqH7dpwRDz69Py7WYkWn0PutupiRPyq1fVPavkPNT4JvTH/NCJGOjD/8Ib2Tyn/ix2YP+/8AXgxPbhUv5Ftvv+lq88/0eL+V2hx73oeed//ms9/y5ue/9by72nz/PfPZ5zjTiFutxvL8v/z/b+90yzZ/Nl2V0ntwOPFiF8XWuWfrOaftMn/yjbnTqJ+iuIPt8vt9sk7/5U3Ik5G6/ybkq2/n+j0xGSlPFL/2XKOxQ9H3243f975Z9f/cJv8t7j+A1nfrafO1P5Lff5z+fK9TZ2N3bfPP/2iL/l3rdbX6Pnf2Ozs9JmIvuQfm/vPbp1vc5/mObL8T/126///Vn//2WtCtfG3kaWy2Nhm7Zc2zPmXu3feaxdPc/2X5/W/uvPrX+t75Rnn+N0Hr57a2Nf8fq3169+sZPM/SuprYQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABoSiNiMJK0FBFJrZ6mpVLEkYj4RRxOKzdnZn8/cfO/N65mYxFD0ZtOTFbKIxFRrLeTrH2mVl9rn93Q/mNEHIuI14uHau3S+M3K1byTBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNWRiBiMJC1FRBoRy8U0LZXyjgoAAADouKG8AwAAAAC6zvofAAAADj7rfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALrs2IkHD5OIqF44VCuZvsZYb66RAd2W5h0AkJuevAMAclPIOwAgNztc43tcgAMo2WZ8oGVv9urR35V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANifTh5/8DCJiOqFQ7WS6WuM9bY84sQeRgd0U5p3AEBuerYaLOxdHMDee+5/8aOdjQPYe63X+MCLJNlmfGBtn+rTI/1diwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/WewVpK0FBFprZ6mpVLE0YgYit5kYrJSHomIn0XEJ8Xe/qzdn3fQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdNzM3PzUWKVSnn6eSrK7w1VU2lX+vz/C2NtKUqsM5B1GvZL3KxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHmYmZufGqtUytMzeUcCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA5G1mbn5qrFIpTz9D5d5Odl5XyTtHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADy82MAAAD//1sCDDY=") syz_mount_image$fuse(0x0, &(0x7f0000000400)='./bus\x00', 0x3000019, 0x0, 0x1, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x3, 0x5, &(0x7f0000000140)=ANY=[@ANYBLOB="180000000000000000000000000000008500000061000000850000002a00000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @sched_cls=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x0, 0x47, 0x0, &(0x7f0000000300)="c5dfb080cd20d308098e000086dd", 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) mount$incfs(&(0x7f00000007c0)='.\x00', &(0x7f0000000800)='./bus\x00', &(0x7f0000000840), 0x1004002, 0x0) chdir(&(0x7f00000001c0)='./bus\x00') mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) chdir(&(0x7f00000003c0)='./bus\x00') r2 = open(&(0x7f0000000100)='./file1\x00', 0x14f840, 0xa4) syz_io_uring_complete(0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$PPPIOCGFLAGS1(r2, 0x8004745a, &(0x7f00000004c0)) syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_wireguard(r3, 0x8933, &(0x7f0000000180)={'wg0\x00'}) mkdir(&(0x7f0000000040)='./file0\x00', 0x65) mount$incfs(&(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='./file0\x00', &(0x7f0000000200), 0x10006, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x4e) openat$incfs(r4, &(0x7f00000001c0)='.pending_reads\x00', 0x2280, 0x10) program crashed: general protection fault in mntget testing program (duration=31.187897406s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$PROG_LOAD-ptrace-socket$nl_netfilter-sendmsg$IPCTNL_MSG_CT_GET-bpf$MAP_CREATE_TAIL_CALL-syz_mount_image$ext4-syz_mount_image$fuse-bpf$PROG_LOAD-bpf$BPF_PROG_TEST_RUN-mount$incfs-chdir-mount$overlay-chdir-open-syz_io_uring_complete-socket$nl_generic-ioctl$PPPIOCGFLAGS1-syz_genetlink_get_family_id$ethtool-ioctl$ifreq_SIOCGIFINDEX_wireguard-mkdir-mount$incfs-openat detailed listing: executing program 0: bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b40000000000000073113c000000000020000000000000009500200000000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f2, 0x10, &(0x7f0000000000), 0xfffffe51}, 0x48) ptrace(0x10, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, 0x0, 0x4000) bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000280)='./file2\x00', 0x2800000, &(0x7f0000000080)={[{@debug}, {@jqfmt_vfsv0}, {@inlinecrypt}, {@noblock_validity}, {@nodelalloc}, {@norecovery}, {@delalloc}, {@usrquota}, {@noinit_itable}]}, 0x1, 0xbdb, &(0x7f00000023c0)="$eJzs3M1rHOcZAPBnRqsP23JXLqXUvVilFBtK17KLTG0KtYtLLz0U2mvBQl4ZofUHkoorWdBV8g+EJP9ALjkkJsGH+OxLArnmkjjXmBwCJihWAiEkCrMfkiztSpa1q1Hk3w9ezfsxM+/zaKSdeWF3A3hhDWc/0ojjEXEliSg2+tOI6KvVBiKq9f2WlxbGv1laGE9iZeVfXyaRRMSTpYXx5rmSxvZIozEQER/9NYmfv7x53pm5+amxSqU83Wifnr1+6/TM3PwfJq+PXStfK984c+5Po2dHz42cH+1Yrt9+dvH+17/5++fV7976/u5Xr72ZxMUYbIytz6OR9a4Nx/Dq72S9QkSMdeD8+0FPI5/1eSaFbQ5KuxwUAABtpeue4X4ZxeiJtYe3Yrz/ca7BAQAAAB2x0hOxAgAAABxwifU/AAAAHHDN9wE8WVoYb5Z835Gwtx5fioihev7LjVIfKUS1th2I3og4/CSJ9R9rTeqH7dpwRDz69Py7WYkWn0PutupiRPyq1fVPavkPNT4JvTH/NCJGOjD/8Ib2Tyn/ix2YP+/8AXgxPbhUv5Ftvv+lq88/0eL+V2hx73oeed//ms9/y5ue/9by72nz/PfPZ5zjTiFutxvL8v/z/b+90yzZ/Nl2V0ntwOPFiF8XWuWfrOaftMn/yjbnTqJ+iuIPt8vt9sk7/5U3Ik5G6/ybkq2/n+j0xGSlPFL/2XKOxQ9H3243f975Z9f/cJv8t7j+A1nfrafO1P5Lff5z+fK9TZ2N3bfPP/2iL/l3rdbX6Pnf2Ozs9JmIvuQfm/vPbp1vc5/mObL8T/126///Vn//2WtCtfG3kaWy2Nhm7Zc2zPmXu3feaxdPc/2X5/W/uvPrX+t75Rnn+N0Hr57a2Nf8fq3169+sZPM/SuprYQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABoSiNiMJK0FBFJrZ6mpVLEkYj4RRxOKzdnZn8/cfO/N65mYxFD0ZtOTFbKIxFRrLeTrH2mVl9rn93Q/mNEHIuI14uHau3S+M3K1byTBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNWRiBiMJC1FRBoRy8U0LZXyjgoAAADouKG8AwAAAAC6zvofAAAADj7rfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALrs2IkHD5OIqF44VCuZvsZYb66RAd2W5h0AkJuevAMAclPIOwAgNztc43tcgAMo2WZ8oGVv9urR35V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANifTh5/8DCJiOqFQ7WS6WuM9bY84sQeRgd0U5p3AEBuerYaLOxdHMDee+5/8aOdjQPYe63X+MCLJNlmfGBtn+rTI/1diwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/WewVpK0FBFprZ6mpVLE0YgYit5kYrJSHomIn0XEJ8Xe/qzdn3fQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdNzM3PzUWKVSnn6eSrK7w1VU2lX+vz/C2NtKUqsM5B1GvZL3KxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHmYmZufGqtUytMzeUcCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA5G1mbn5qrFIpTz9D5d5Odl5XyTtHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADy82MAAAD//1sCDDY=") syz_mount_image$fuse(0x0, &(0x7f0000000400)='./bus\x00', 0x3000019, 0x0, 0x1, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x3, 0x5, &(0x7f0000000140)=ANY=[@ANYBLOB="180000000000000000000000000000008500000061000000850000002a00000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @sched_cls=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x0, 0x47, 0x0, &(0x7f0000000300)="c5dfb080cd20d308098e000086dd", 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) mount$incfs(&(0x7f00000007c0)='.\x00', &(0x7f0000000800)='./bus\x00', &(0x7f0000000840), 0x1004002, 0x0) chdir(&(0x7f00000001c0)='./bus\x00') mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) chdir(&(0x7f00000003c0)='./bus\x00') r2 = open(&(0x7f0000000100)='./file1\x00', 0x14f840, 0xa4) syz_io_uring_complete(0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$PPPIOCGFLAGS1(r2, 0x8004745a, &(0x7f00000004c0)) syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_wireguard(r3, 0x8933, &(0x7f0000000180)={'wg0\x00'}) mkdir(&(0x7f0000000040)='./file0\x00', 0x65) mount$incfs(&(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='./file0\x00', &(0x7f0000000200), 0x10006, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x4e) program crashed: general protection fault in mntget testing program (duration=31.187897406s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$PROG_LOAD-ptrace-socket$nl_netfilter-sendmsg$IPCTNL_MSG_CT_GET-bpf$MAP_CREATE_TAIL_CALL-syz_mount_image$ext4-syz_mount_image$fuse-bpf$PROG_LOAD-bpf$BPF_PROG_TEST_RUN-mount$incfs-chdir-mount$overlay-chdir-open-syz_io_uring_complete-socket$nl_generic-ioctl$PPPIOCGFLAGS1-syz_genetlink_get_family_id$ethtool-ioctl$ifreq_SIOCGIFINDEX_wireguard-mkdir-mount$incfs detailed listing: executing program 0: bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b40000000000000073113c000000000020000000000000009500200000000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f2, 0x10, &(0x7f0000000000), 0xfffffe51}, 0x48) ptrace(0x10, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, 0x0, 0x4000) bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000280)='./file2\x00', 0x2800000, &(0x7f0000000080)={[{@debug}, {@jqfmt_vfsv0}, {@inlinecrypt}, {@noblock_validity}, {@nodelalloc}, {@norecovery}, {@delalloc}, {@usrquota}, {@noinit_itable}]}, 0x1, 0xbdb, &(0x7f00000023c0)="$eJzs3M1rHOcZAPBnRqsP23JXLqXUvVilFBtK17KLTG0KtYtLLz0U2mvBQl4ZofUHkoorWdBV8g+EJP9ALjkkJsGH+OxLArnmkjjXmBwCJihWAiEkCrMfkiztSpa1q1Hk3w9ezfsxM+/zaKSdeWF3A3hhDWc/0ojjEXEliSg2+tOI6KvVBiKq9f2WlxbGv1laGE9iZeVfXyaRRMSTpYXx5rmSxvZIozEQER/9NYmfv7x53pm5+amxSqU83Wifnr1+6/TM3PwfJq+PXStfK984c+5Po2dHz42cH+1Yrt9+dvH+17/5++fV7976/u5Xr72ZxMUYbIytz6OR9a4Nx/Dq72S9QkSMdeD8+0FPI5/1eSaFbQ5KuxwUAABtpeue4X4ZxeiJtYe3Yrz/ca7BAQAAAB2x0hOxAgAAABxwifU/AAAAHHDN9wE8WVoYb5Z835Gwtx5fioihev7LjVIfKUS1th2I3og4/CSJ9R9rTeqH7dpwRDz69Py7WYkWn0PutupiRPyq1fVPavkPNT4JvTH/NCJGOjD/8Ib2Tyn/ix2YP+/8AXgxPbhUv5Ftvv+lq88/0eL+V2hx73oeed//ms9/y5ue/9by72nz/PfPZ5zjTiFutxvL8v/z/b+90yzZ/Nl2V0ntwOPFiF8XWuWfrOaftMn/yjbnTqJ+iuIPt8vt9sk7/5U3Ik5G6/ybkq2/n+j0xGSlPFL/2XKOxQ9H3243f975Z9f/cJv8t7j+A1nfrafO1P5Lff5z+fK9TZ2N3bfPP/2iL/l3rdbX6Pnf2Ozs9JmIvuQfm/vPbp1vc5/mObL8T/126///Vn//2WtCtfG3kaWy2Nhm7Zc2zPmXu3feaxdPc/2X5/W/uvPrX+t75Rnn+N0Hr57a2Nf8fq3169+sZPM/SuprYQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABoSiNiMJK0FBFJrZ6mpVLEkYj4RRxOKzdnZn8/cfO/N65mYxFD0ZtOTFbKIxFRrLeTrH2mVl9rn93Q/mNEHIuI14uHau3S+M3K1byTBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNWRiBiMJC1FRBoRy8U0LZXyjgoAAADouKG8AwAAAAC6zvofAAAADj7rfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALrs2IkHD5OIqF44VCuZvsZYb66RAd2W5h0AkJuevAMAclPIOwAgNztc43tcgAMo2WZ8oGVv9urR35V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANifTh5/8DCJiOqFQ7WS6WuM9bY84sQeRgd0U5p3AEBuerYaLOxdHMDee+5/8aOdjQPYe63X+MCLJNlmfGBtn+rTI/1diwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/WewVpK0FBFprZ6mpVLE0YgYit5kYrJSHomIn0XEJ8Xe/qzdn3fQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdNzM3PzUWKVSnn6eSrK7w1VU2lX+vz/C2NtKUqsM5B1GvZL3KxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHmYmZufGqtUytMzeUcCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA5G1mbn5qrFIpTz9D5d5Odl5XyTtHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADy82MAAAD//1sCDDY=") syz_mount_image$fuse(0x0, &(0x7f0000000400)='./bus\x00', 0x3000019, 0x0, 0x1, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x3, 0x5, &(0x7f0000000140)=ANY=[@ANYBLOB="180000000000000000000000000000008500000061000000850000002a00000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @sched_cls=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x0, 0x47, 0x0, &(0x7f0000000300)="c5dfb080cd20d308098e000086dd", 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) mount$incfs(&(0x7f00000007c0)='.\x00', &(0x7f0000000800)='./bus\x00', &(0x7f0000000840), 0x1004002, 0x0) chdir(&(0x7f00000001c0)='./bus\x00') mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) chdir(&(0x7f00000003c0)='./bus\x00') r2 = open(&(0x7f0000000100)='./file1\x00', 0x14f840, 0xa4) syz_io_uring_complete(0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$PPPIOCGFLAGS1(r2, 0x8004745a, &(0x7f00000004c0)) syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_wireguard(r3, 0x8933, &(0x7f0000000180)={'wg0\x00'}) mkdir(&(0x7f0000000040)='./file0\x00', 0x65) mount$incfs(&(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='./file0\x00', &(0x7f0000000200), 0x10006, 0x0) program did not crash testing program (duration=31.187897406s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$PROG_LOAD-ptrace-socket$nl_netfilter-sendmsg$IPCTNL_MSG_CT_GET-bpf$MAP_CREATE_TAIL_CALL-syz_mount_image$ext4-syz_mount_image$fuse-bpf$PROG_LOAD-bpf$BPF_PROG_TEST_RUN-mount$incfs-chdir-mount$overlay-chdir-open-syz_io_uring_complete-socket$nl_generic-ioctl$PPPIOCGFLAGS1-syz_genetlink_get_family_id$ethtool-ioctl$ifreq_SIOCGIFINDEX_wireguard-mkdir-openat detailed listing: executing program 0: bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b40000000000000073113c000000000020000000000000009500200000000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f2, 0x10, &(0x7f0000000000), 0xfffffe51}, 0x48) ptrace(0x10, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, 0x0, 0x4000) bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000280)='./file2\x00', 0x2800000, &(0x7f0000000080)={[{@debug}, {@jqfmt_vfsv0}, {@inlinecrypt}, {@noblock_validity}, {@nodelalloc}, {@norecovery}, {@delalloc}, {@usrquota}, {@noinit_itable}]}, 0x1, 0xbdb, &(0x7f00000023c0)="$eJzs3M1rHOcZAPBnRqsP23JXLqXUvVilFBtK17KLTG0KtYtLLz0U2mvBQl4ZofUHkoorWdBV8g+EJP9ALjkkJsGH+OxLArnmkjjXmBwCJihWAiEkCrMfkiztSpa1q1Hk3w9ezfsxM+/zaKSdeWF3A3hhDWc/0ojjEXEliSg2+tOI6KvVBiKq9f2WlxbGv1laGE9iZeVfXyaRRMSTpYXx5rmSxvZIozEQER/9NYmfv7x53pm5+amxSqU83Wifnr1+6/TM3PwfJq+PXStfK984c+5Po2dHz42cH+1Yrt9+dvH+17/5++fV7976/u5Xr72ZxMUYbIytz6OR9a4Nx/Dq72S9QkSMdeD8+0FPI5/1eSaFbQ5KuxwUAABtpeue4X4ZxeiJtYe3Yrz/ca7BAQAAAB2x0hOxAgAAABxwifU/AAAAHHDN9wE8WVoYb5Z835Gwtx5fioihev7LjVIfKUS1th2I3og4/CSJ9R9rTeqH7dpwRDz69Py7WYkWn0PutupiRPyq1fVPavkPNT4JvTH/NCJGOjD/8Ib2Tyn/ix2YP+/8AXgxPbhUv5Ftvv+lq88/0eL+V2hx73oeed//ms9/y5ue/9by72nz/PfPZ5zjTiFutxvL8v/z/b+90yzZ/Nl2V0ntwOPFiF8XWuWfrOaftMn/yjbnTqJ+iuIPt8vt9sk7/5U3Ik5G6/ybkq2/n+j0xGSlPFL/2XKOxQ9H3243f975Z9f/cJv8t7j+A1nfrafO1P5Lff5z+fK9TZ2N3bfPP/2iL/l3rdbX6Pnf2Ozs9JmIvuQfm/vPbp1vc5/mObL8T/126///Vn//2WtCtfG3kaWy2Nhm7Zc2zPmXu3feaxdPc/2X5/W/uvPrX+t75Rnn+N0Hr57a2Nf8fq3169+sZPM/SuprYQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABoSiNiMJK0FBFJrZ6mpVLEkYj4RRxOKzdnZn8/cfO/N65mYxFD0ZtOTFbKIxFRrLeTrH2mVl9rn93Q/mNEHIuI14uHau3S+M3K1byTBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNWRiBiMJC1FRBoRy8U0LZXyjgoAAADouKG8AwAAAAC6zvofAAAADj7rfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALrs2IkHD5OIqF44VCuZvsZYb66RAd2W5h0AkJuevAMAclPIOwAgNztc43tcgAMo2WZ8oGVv9urR35V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANifTh5/8DCJiOqFQ7WS6WuM9bY84sQeRgd0U5p3AEBuerYaLOxdHMDee+5/8aOdjQPYe63X+MCLJNlmfGBtn+rTI/1diwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/WewVpK0FBFprZ6mpVLE0YgYit5kYrJSHomIn0XEJ8Xe/qzdn3fQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdNzM3PzUWKVSnn6eSrK7w1VU2lX+vz/C2NtKUqsM5B1GvZL3KxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHmYmZufGqtUytMzeUcCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA5G1mbn5qrFIpTz9D5d5Odl5XyTtHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADy82MAAAD//1sCDDY=") syz_mount_image$fuse(0x0, &(0x7f0000000400)='./bus\x00', 0x3000019, 0x0, 0x1, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x3, 0x5, &(0x7f0000000140)=ANY=[@ANYBLOB="180000000000000000000000000000008500000061000000850000002a00000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @sched_cls=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x0, 0x47, 0x0, &(0x7f0000000300)="c5dfb080cd20d308098e000086dd", 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) mount$incfs(&(0x7f00000007c0)='.\x00', &(0x7f0000000800)='./bus\x00', &(0x7f0000000840), 0x1004002, 0x0) chdir(&(0x7f00000001c0)='./bus\x00') mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) chdir(&(0x7f00000003c0)='./bus\x00') r2 = open(&(0x7f0000000100)='./file1\x00', 0x14f840, 0xa4) syz_io_uring_complete(0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$PPPIOCGFLAGS1(r2, 0x8004745a, &(0x7f00000004c0)) syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_wireguard(r3, 0x8933, &(0x7f0000000180)={'wg0\x00'}) mkdir(&(0x7f0000000040)='./file0\x00', 0x65) openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x4e) program crashed: general protection fault in mntget testing program (duration=31.187897406s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$PROG_LOAD-ptrace-socket$nl_netfilter-sendmsg$IPCTNL_MSG_CT_GET-bpf$MAP_CREATE_TAIL_CALL-syz_mount_image$ext4-syz_mount_image$fuse-bpf$PROG_LOAD-bpf$BPF_PROG_TEST_RUN-mount$incfs-chdir-mount$overlay-chdir-open-syz_io_uring_complete-socket$nl_generic-ioctl$PPPIOCGFLAGS1-syz_genetlink_get_family_id$ethtool-ioctl$ifreq_SIOCGIFINDEX_wireguard-openat detailed listing: executing program 0: bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b40000000000000073113c000000000020000000000000009500200000000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f2, 0x10, &(0x7f0000000000), 0xfffffe51}, 0x48) ptrace(0x10, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, 0x0, 0x4000) bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000280)='./file2\x00', 0x2800000, &(0x7f0000000080)={[{@debug}, {@jqfmt_vfsv0}, {@inlinecrypt}, {@noblock_validity}, {@nodelalloc}, {@norecovery}, {@delalloc}, {@usrquota}, {@noinit_itable}]}, 0x1, 0xbdb, &(0x7f00000023c0)="$eJzs3M1rHOcZAPBnRqsP23JXLqXUvVilFBtK17KLTG0KtYtLLz0U2mvBQl4ZofUHkoorWdBV8g+EJP9ALjkkJsGH+OxLArnmkjjXmBwCJihWAiEkCrMfkiztSpa1q1Hk3w9ezfsxM+/zaKSdeWF3A3hhDWc/0ojjEXEliSg2+tOI6KvVBiKq9f2WlxbGv1laGE9iZeVfXyaRRMSTpYXx5rmSxvZIozEQER/9NYmfv7x53pm5+amxSqU83Wifnr1+6/TM3PwfJq+PXStfK984c+5Po2dHz42cH+1Yrt9+dvH+17/5++fV7976/u5Xr72ZxMUYbIytz6OR9a4Nx/Dq72S9QkSMdeD8+0FPI5/1eSaFbQ5KuxwUAABtpeue4X4ZxeiJtYe3Yrz/ca7BAQAAAB2x0hOxAgAAABxwifU/AAAAHHDN9wE8WVoYb5Z835Gwtx5fioihev7LjVIfKUS1th2I3og4/CSJ9R9rTeqH7dpwRDz69Py7WYkWn0PutupiRPyq1fVPavkPNT4JvTH/NCJGOjD/8Ib2Tyn/ix2YP+/8AXgxPbhUv5Ftvv+lq88/0eL+V2hx73oeed//ms9/y5ue/9by72nz/PfPZ5zjTiFutxvL8v/z/b+90yzZ/Nl2V0ntwOPFiF8XWuWfrOaftMn/yjbnTqJ+iuIPt8vt9sk7/5U3Ik5G6/ybkq2/n+j0xGSlPFL/2XKOxQ9H3243f975Z9f/cJv8t7j+A1nfrafO1P5Lff5z+fK9TZ2N3bfPP/2iL/l3rdbX6Pnf2Ozs9JmIvuQfm/vPbp1vc5/mObL8T/126///Vn//2WtCtfG3kaWy2Nhm7Zc2zPmXu3feaxdPc/2X5/W/uvPrX+t75Rnn+N0Hr57a2Nf8fq3169+sZPM/SuprYQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABoSiNiMJK0FBFJrZ6mpVLEkYj4RRxOKzdnZn8/cfO/N65mYxFD0ZtOTFbKIxFRrLeTrH2mVl9rn93Q/mNEHIuI14uHau3S+M3K1byTBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNWRiBiMJC1FRBoRy8U0LZXyjgoAAADouKG8AwAAAAC6zvofAAAADj7rfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALrs2IkHD5OIqF44VCuZvsZYb66RAd2W5h0AkJuevAMAclPIOwAgNztc43tcgAMo2WZ8oGVv9urR35V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANifTh5/8DCJiOqFQ7WS6WuM9bY84sQeRgd0U5p3AEBuerYaLOxdHMDee+5/8aOdjQPYe63X+MCLJNlmfGBtn+rTI/1diwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/WewVpK0FBFprZ6mpVLE0YgYit5kYrJSHomIn0XEJ8Xe/qzdn3fQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdNzM3PzUWKVSnn6eSrK7w1VU2lX+vz/C2NtKUqsM5B1GvZL3KxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHmYmZufGqtUytMzeUcCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA5G1mbn5qrFIpTz9D5d5Odl5XyTtHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADy82MAAAD//1sCDDY=") syz_mount_image$fuse(0x0, &(0x7f0000000400)='./bus\x00', 0x3000019, 0x0, 0x1, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x3, 0x5, &(0x7f0000000140)=ANY=[@ANYBLOB="180000000000000000000000000000008500000061000000850000002a00000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @sched_cls=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x0, 0x47, 0x0, &(0x7f0000000300)="c5dfb080cd20d308098e000086dd", 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) mount$incfs(&(0x7f00000007c0)='.\x00', &(0x7f0000000800)='./bus\x00', &(0x7f0000000840), 0x1004002, 0x0) chdir(&(0x7f00000001c0)='./bus\x00') mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) chdir(&(0x7f00000003c0)='./bus\x00') r2 = open(&(0x7f0000000100)='./file1\x00', 0x14f840, 0xa4) syz_io_uring_complete(0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$PPPIOCGFLAGS1(r2, 0x8004745a, &(0x7f00000004c0)) syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_wireguard(r3, 0x8933, &(0x7f0000000180)={'wg0\x00'}) openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x4e) program crashed: general protection fault in mntget testing program (duration=31.187897406s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$PROG_LOAD-ptrace-socket$nl_netfilter-sendmsg$IPCTNL_MSG_CT_GET-bpf$MAP_CREATE_TAIL_CALL-syz_mount_image$ext4-syz_mount_image$fuse-bpf$PROG_LOAD-bpf$BPF_PROG_TEST_RUN-mount$incfs-chdir-mount$overlay-chdir-open-syz_io_uring_complete-socket$nl_generic-ioctl$PPPIOCGFLAGS1-syz_genetlink_get_family_id$ethtool-openat detailed listing: executing program 0: bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b40000000000000073113c000000000020000000000000009500200000000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f2, 0x10, &(0x7f0000000000), 0xfffffe51}, 0x48) ptrace(0x10, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, 0x0, 0x4000) bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000280)='./file2\x00', 0x2800000, &(0x7f0000000080)={[{@debug}, {@jqfmt_vfsv0}, {@inlinecrypt}, {@noblock_validity}, {@nodelalloc}, {@norecovery}, {@delalloc}, {@usrquota}, {@noinit_itable}]}, 0x1, 0xbdb, &(0x7f00000023c0)="$eJzs3M1rHOcZAPBnRqsP23JXLqXUvVilFBtK17KLTG0KtYtLLz0U2mvBQl4ZofUHkoorWdBV8g+EJP9ALjkkJsGH+OxLArnmkjjXmBwCJihWAiEkCrMfkiztSpa1q1Hk3w9ezfsxM+/zaKSdeWF3A3hhDWc/0ojjEXEliSg2+tOI6KvVBiKq9f2WlxbGv1laGE9iZeVfXyaRRMSTpYXx5rmSxvZIozEQER/9NYmfv7x53pm5+amxSqU83Wifnr1+6/TM3PwfJq+PXStfK984c+5Po2dHz42cH+1Yrt9+dvH+17/5++fV7976/u5Xr72ZxMUYbIytz6OR9a4Nx/Dq72S9QkSMdeD8+0FPI5/1eSaFbQ5KuxwUAABtpeue4X4ZxeiJtYe3Yrz/ca7BAQAAAB2x0hOxAgAAABxwifU/AAAAHHDN9wE8WVoYb5Z835Gwtx5fioihev7LjVIfKUS1th2I3og4/CSJ9R9rTeqH7dpwRDz69Py7WYkWn0PutupiRPyq1fVPavkPNT4JvTH/NCJGOjD/8Ib2Tyn/ix2YP+/8AXgxPbhUv5Ftvv+lq88/0eL+V2hx73oeed//ms9/y5ue/9by72nz/PfPZ5zjTiFutxvL8v/z/b+90yzZ/Nl2V0ntwOPFiF8XWuWfrOaftMn/yjbnTqJ+iuIPt8vt9sk7/5U3Ik5G6/ybkq2/n+j0xGSlPFL/2XKOxQ9H3243f975Z9f/cJv8t7j+A1nfrafO1P5Lff5z+fK9TZ2N3bfPP/2iL/l3rdbX6Pnf2Ozs9JmIvuQfm/vPbp1vc5/mObL8T/126///Vn//2WtCtfG3kaWy2Nhm7Zc2zPmXu3feaxdPc/2X5/W/uvPrX+t75Rnn+N0Hr57a2Nf8fq3169+sZPM/SuprYQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABoSiNiMJK0FBFJrZ6mpVLEkYj4RRxOKzdnZn8/cfO/N65mYxFD0ZtOTFbKIxFRrLeTrH2mVl9rn93Q/mNEHIuI14uHau3S+M3K1byTBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNWRiBiMJC1FRBoRy8U0LZXyjgoAAADouKG8AwAAAAC6zvofAAAADj7rfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALrs2IkHD5OIqF44VCuZvsZYb66RAd2W5h0AkJuevAMAclPIOwAgNztc43tcgAMo2WZ8oGVv9urR35V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANifTh5/8DCJiOqFQ7WS6WuM9bY84sQeRgd0U5p3AEBuerYaLOxdHMDee+5/8aOdjQPYe63X+MCLJNlmfGBtn+rTI/1diwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/WewVpK0FBFprZ6mpVLE0YgYit5kYrJSHomIn0XEJ8Xe/qzdn3fQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdNzM3PzUWKVSnn6eSrK7w1VU2lX+vz/C2NtKUqsM5B1GvZL3KxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHmYmZufGqtUytMzeUcCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA5G1mbn5qrFIpTz9D5d5Odl5XyTtHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADy82MAAAD//1sCDDY=") syz_mount_image$fuse(0x0, &(0x7f0000000400)='./bus\x00', 0x3000019, 0x0, 0x1, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x3, 0x5, &(0x7f0000000140)=ANY=[@ANYBLOB="180000000000000000000000000000008500000061000000850000002a00000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @sched_cls=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x0, 0x47, 0x0, &(0x7f0000000300)="c5dfb080cd20d308098e000086dd", 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) mount$incfs(&(0x7f00000007c0)='.\x00', &(0x7f0000000800)='./bus\x00', &(0x7f0000000840), 0x1004002, 0x0) chdir(&(0x7f00000001c0)='./bus\x00') mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) chdir(&(0x7f00000003c0)='./bus\x00') r2 = open(&(0x7f0000000100)='./file1\x00', 0x14f840, 0xa4) syz_io_uring_complete(0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) ioctl$PPPIOCGFLAGS1(r2, 0x8004745a, &(0x7f00000004c0)) syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x4e) program crashed: general protection fault in mntget testing program (duration=31.187897406s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$PROG_LOAD-ptrace-socket$nl_netfilter-sendmsg$IPCTNL_MSG_CT_GET-bpf$MAP_CREATE_TAIL_CALL-syz_mount_image$ext4-syz_mount_image$fuse-bpf$PROG_LOAD-bpf$BPF_PROG_TEST_RUN-mount$incfs-chdir-mount$overlay-chdir-open-syz_io_uring_complete-socket$nl_generic-ioctl$PPPIOCGFLAGS1-openat detailed listing: executing program 0: bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b40000000000000073113c000000000020000000000000009500200000000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f2, 0x10, &(0x7f0000000000), 0xfffffe51}, 0x48) ptrace(0x10, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, 0x0, 0x4000) bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000280)='./file2\x00', 0x2800000, &(0x7f0000000080)={[{@debug}, {@jqfmt_vfsv0}, {@inlinecrypt}, {@noblock_validity}, {@nodelalloc}, {@norecovery}, {@delalloc}, {@usrquota}, {@noinit_itable}]}, 0x1, 0xbdb, &(0x7f00000023c0)="$eJzs3M1rHOcZAPBnRqsP23JXLqXUvVilFBtK17KLTG0KtYtLLz0U2mvBQl4ZofUHkoorWdBV8g+EJP9ALjkkJsGH+OxLArnmkjjXmBwCJihWAiEkCrMfkiztSpa1q1Hk3w9ezfsxM+/zaKSdeWF3A3hhDWc/0ojjEXEliSg2+tOI6KvVBiKq9f2WlxbGv1laGE9iZeVfXyaRRMSTpYXx5rmSxvZIozEQER/9NYmfv7x53pm5+amxSqU83Wifnr1+6/TM3PwfJq+PXStfK984c+5Po2dHz42cH+1Yrt9+dvH+17/5++fV7976/u5Xr72ZxMUYbIytz6OR9a4Nx/Dq72S9QkSMdeD8+0FPI5/1eSaFbQ5KuxwUAABtpeue4X4ZxeiJtYe3Yrz/ca7BAQAAAB2x0hOxAgAAABxwifU/AAAAHHDN9wE8WVoYb5Z835Gwtx5fioihev7LjVIfKUS1th2I3og4/CSJ9R9rTeqH7dpwRDz69Py7WYkWn0PutupiRPyq1fVPavkPNT4JvTH/NCJGOjD/8Ib2Tyn/ix2YP+/8AXgxPbhUv5Ftvv+lq88/0eL+V2hx73oeed//ms9/y5ue/9by72nz/PfPZ5zjTiFutxvL8v/z/b+90yzZ/Nl2V0ntwOPFiF8XWuWfrOaftMn/yjbnTqJ+iuIPt8vt9sk7/5U3Ik5G6/ybkq2/n+j0xGSlPFL/2XKOxQ9H3243f975Z9f/cJv8t7j+A1nfrafO1P5Lff5z+fK9TZ2N3bfPP/2iL/l3rdbX6Pnf2Ozs9JmIvuQfm/vPbp1vc5/mObL8T/126///Vn//2WtCtfG3kaWy2Nhm7Zc2zPmXu3feaxdPc/2X5/W/uvPrX+t75Rnn+N0Hr57a2Nf8fq3169+sZPM/SuprYQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABoSiNiMJK0FBFJrZ6mpVLEkYj4RRxOKzdnZn8/cfO/N65mYxFD0ZtOTFbKIxFRrLeTrH2mVl9rn93Q/mNEHIuI14uHau3S+M3K1byTBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNWRiBiMJC1FRBoRy8U0LZXyjgoAAADouKG8AwAAAAC6zvofAAAADj7rfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALrs2IkHD5OIqF44VCuZvsZYb66RAd2W5h0AkJuevAMAclPIOwAgNztc43tcgAMo2WZ8oGVv9urR35V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANifTh5/8DCJiOqFQ7WS6WuM9bY84sQeRgd0U5p3AEBuerYaLOxdHMDee+5/8aOdjQPYe63X+MCLJNlmfGBtn+rTI/1diwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/WewVpK0FBFprZ6mpVLE0YgYit5kYrJSHomIn0XEJ8Xe/qzdn3fQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdNzM3PzUWKVSnn6eSrK7w1VU2lX+vz/C2NtKUqsM5B1GvZL3KxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHmYmZufGqtUytMzeUcCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA5G1mbn5qrFIpTz9D5d5Odl5XyTtHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADy82MAAAD//1sCDDY=") syz_mount_image$fuse(0x0, &(0x7f0000000400)='./bus\x00', 0x3000019, 0x0, 0x1, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x3, 0x5, &(0x7f0000000140)=ANY=[@ANYBLOB="180000000000000000000000000000008500000061000000850000002a00000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @sched_cls=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x0, 0x47, 0x0, &(0x7f0000000300)="c5dfb080cd20d308098e000086dd", 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) mount$incfs(&(0x7f00000007c0)='.\x00', &(0x7f0000000800)='./bus\x00', &(0x7f0000000840), 0x1004002, 0x0) chdir(&(0x7f00000001c0)='./bus\x00') mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) chdir(&(0x7f00000003c0)='./bus\x00') r2 = open(&(0x7f0000000100)='./file1\x00', 0x14f840, 0xa4) syz_io_uring_complete(0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) ioctl$PPPIOCGFLAGS1(r2, 0x8004745a, &(0x7f00000004c0)) openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x4e) program crashed: general protection fault in mntget testing program (duration=31.187897406s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$PROG_LOAD-ptrace-socket$nl_netfilter-sendmsg$IPCTNL_MSG_CT_GET-bpf$MAP_CREATE_TAIL_CALL-syz_mount_image$ext4-syz_mount_image$fuse-bpf$PROG_LOAD-bpf$BPF_PROG_TEST_RUN-mount$incfs-chdir-mount$overlay-chdir-open-syz_io_uring_complete-socket$nl_generic-openat detailed listing: executing program 0: bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b40000000000000073113c000000000020000000000000009500200000000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f2, 0x10, &(0x7f0000000000), 0xfffffe51}, 0x48) ptrace(0x10, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, 0x0, 0x4000) bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000280)='./file2\x00', 0x2800000, &(0x7f0000000080)={[{@debug}, {@jqfmt_vfsv0}, {@inlinecrypt}, {@noblock_validity}, {@nodelalloc}, {@norecovery}, {@delalloc}, {@usrquota}, {@noinit_itable}]}, 0x1, 0xbdb, &(0x7f00000023c0)="$eJzs3M1rHOcZAPBnRqsP23JXLqXUvVilFBtK17KLTG0KtYtLLz0U2mvBQl4ZofUHkoorWdBV8g+EJP9ALjkkJsGH+OxLArnmkjjXmBwCJihWAiEkCrMfkiztSpa1q1Hk3w9ezfsxM+/zaKSdeWF3A3hhDWc/0ojjEXEliSg2+tOI6KvVBiKq9f2WlxbGv1laGE9iZeVfXyaRRMSTpYXx5rmSxvZIozEQER/9NYmfv7x53pm5+amxSqU83Wifnr1+6/TM3PwfJq+PXStfK984c+5Po2dHz42cH+1Yrt9+dvH+17/5++fV7976/u5Xr72ZxMUYbIytz6OR9a4Nx/Dq72S9QkSMdeD8+0FPI5/1eSaFbQ5KuxwUAABtpeue4X4ZxeiJtYe3Yrz/ca7BAQAAAB2x0hOxAgAAABxwifU/AAAAHHDN9wE8WVoYb5Z835Gwtx5fioihev7LjVIfKUS1th2I3og4/CSJ9R9rTeqH7dpwRDz69Py7WYkWn0PutupiRPyq1fVPavkPNT4JvTH/NCJGOjD/8Ib2Tyn/ix2YP+/8AXgxPbhUv5Ftvv+lq88/0eL+V2hx73oeed//ms9/y5ue/9by72nz/PfPZ5zjTiFutxvL8v/z/b+90yzZ/Nl2V0ntwOPFiF8XWuWfrOaftMn/yjbnTqJ+iuIPt8vt9sk7/5U3Ik5G6/ybkq2/n+j0xGSlPFL/2XKOxQ9H3243f975Z9f/cJv8t7j+A1nfrafO1P5Lff5z+fK9TZ2N3bfPP/2iL/l3rdbX6Pnf2Ozs9JmIvuQfm/vPbp1vc5/mObL8T/126///Vn//2WtCtfG3kaWy2Nhm7Zc2zPmXu3feaxdPc/2X5/W/uvPrX+t75Rnn+N0Hr57a2Nf8fq3169+sZPM/SuprYQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABoSiNiMJK0FBFJrZ6mpVLEkYj4RRxOKzdnZn8/cfO/N65mYxFD0ZtOTFbKIxFRrLeTrH2mVl9rn93Q/mNEHIuI14uHau3S+M3K1byTBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNWRiBiMJC1FRBoRy8U0LZXyjgoAAADouKG8AwAAAAC6zvofAAAADj7rfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALrs2IkHD5OIqF44VCuZvsZYb66RAd2W5h0AkJuevAMAclPIOwAgNztc43tcgAMo2WZ8oGVv9urR35V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANifTh5/8DCJiOqFQ7WS6WuM9bY84sQeRgd0U5p3AEBuerYaLOxdHMDee+5/8aOdjQPYe63X+MCLJNlmfGBtn+rTI/1diwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/WewVpK0FBFprZ6mpVLE0YgYit5kYrJSHomIn0XEJ8Xe/qzdn3fQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdNzM3PzUWKVSnn6eSrK7w1VU2lX+vz/C2NtKUqsM5B1GvZL3KxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHmYmZufGqtUytMzeUcCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA5G1mbn5qrFIpTz9D5d5Odl5XyTtHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADy82MAAAD//1sCDDY=") syz_mount_image$fuse(0x0, &(0x7f0000000400)='./bus\x00', 0x3000019, 0x0, 0x1, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x3, 0x5, &(0x7f0000000140)=ANY=[@ANYBLOB="180000000000000000000000000000008500000061000000850000002a00000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @sched_cls=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x0, 0x47, 0x0, &(0x7f0000000300)="c5dfb080cd20d308098e000086dd", 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) mount$incfs(&(0x7f00000007c0)='.\x00', &(0x7f0000000800)='./bus\x00', &(0x7f0000000840), 0x1004002, 0x0) chdir(&(0x7f00000001c0)='./bus\x00') mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) chdir(&(0x7f00000003c0)='./bus\x00') open(&(0x7f0000000100)='./file1\x00', 0x14f840, 0xa4) syz_io_uring_complete(0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x4e) program crashed: general protection fault in mntget testing program (duration=31.187897406s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$PROG_LOAD-ptrace-socket$nl_netfilter-sendmsg$IPCTNL_MSG_CT_GET-bpf$MAP_CREATE_TAIL_CALL-syz_mount_image$ext4-syz_mount_image$fuse-bpf$PROG_LOAD-bpf$BPF_PROG_TEST_RUN-mount$incfs-chdir-mount$overlay-chdir-open-syz_io_uring_complete-openat detailed listing: executing program 0: bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b40000000000000073113c000000000020000000000000009500200000000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f2, 0x10, &(0x7f0000000000), 0xfffffe51}, 0x48) ptrace(0x10, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, 0x0, 0x4000) bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000280)='./file2\x00', 0x2800000, &(0x7f0000000080)={[{@debug}, {@jqfmt_vfsv0}, {@inlinecrypt}, {@noblock_validity}, {@nodelalloc}, {@norecovery}, {@delalloc}, {@usrquota}, {@noinit_itable}]}, 0x1, 0xbdb, &(0x7f00000023c0)="$eJzs3M1rHOcZAPBnRqsP23JXLqXUvVilFBtK17KLTG0KtYtLLz0U2mvBQl4ZofUHkoorWdBV8g+EJP9ALjkkJsGH+OxLArnmkjjXmBwCJihWAiEkCrMfkiztSpa1q1Hk3w9ezfsxM+/zaKSdeWF3A3hhDWc/0ojjEXEliSg2+tOI6KvVBiKq9f2WlxbGv1laGE9iZeVfXyaRRMSTpYXx5rmSxvZIozEQER/9NYmfv7x53pm5+amxSqU83Wifnr1+6/TM3PwfJq+PXStfK984c+5Po2dHz42cH+1Yrt9+dvH+17/5++fV7976/u5Xr72ZxMUYbIytz6OR9a4Nx/Dq72S9QkSMdeD8+0FPI5/1eSaFbQ5KuxwUAABtpeue4X4ZxeiJtYe3Yrz/ca7BAQAAAB2x0hOxAgAAABxwifU/AAAAHHDN9wE8WVoYb5Z835Gwtx5fioihev7LjVIfKUS1th2I3og4/CSJ9R9rTeqH7dpwRDz69Py7WYkWn0PutupiRPyq1fVPavkPNT4JvTH/NCJGOjD/8Ib2Tyn/ix2YP+/8AXgxPbhUv5Ftvv+lq88/0eL+V2hx73oeed//ms9/y5ue/9by72nz/PfPZ5zjTiFutxvL8v/z/b+90yzZ/Nl2V0ntwOPFiF8XWuWfrOaftMn/yjbnTqJ+iuIPt8vt9sk7/5U3Ik5G6/ybkq2/n+j0xGSlPFL/2XKOxQ9H3243f975Z9f/cJv8t7j+A1nfrafO1P5Lff5z+fK9TZ2N3bfPP/2iL/l3rdbX6Pnf2Ozs9JmIvuQfm/vPbp1vc5/mObL8T/126///Vn//2WtCtfG3kaWy2Nhm7Zc2zPmXu3feaxdPc/2X5/W/uvPrX+t75Rnn+N0Hr57a2Nf8fq3169+sZPM/SuprYQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABoSiNiMJK0FBFJrZ6mpVLEkYj4RRxOKzdnZn8/cfO/N65mYxFD0ZtOTFbKIxFRrLeTrH2mVl9rn93Q/mNEHIuI14uHau3S+M3K1byTBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNWRiBiMJC1FRBoRy8U0LZXyjgoAAADouKG8AwAAAAC6zvofAAAADj7rfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALrs2IkHD5OIqF44VCuZvsZYb66RAd2W5h0AkJuevAMAclPIOwAgNztc43tcgAMo2WZ8oGVv9urR35V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANifTh5/8DCJiOqFQ7WS6WuM9bY84sQeRgd0U5p3AEBuerYaLOxdHMDee+5/8aOdjQPYe63X+MCLJNlmfGBtn+rTI/1diwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/WewVpK0FBFprZ6mpVLE0YgYit5kYrJSHomIn0XEJ8Xe/qzdn3fQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdNzM3PzUWKVSnn6eSrK7w1VU2lX+vz/C2NtKUqsM5B1GvZL3KxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHmYmZufGqtUytMzeUcCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA5G1mbn5qrFIpTz9D5d5Odl5XyTtHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADy82MAAAD//1sCDDY=") syz_mount_image$fuse(0x0, &(0x7f0000000400)='./bus\x00', 0x3000019, 0x0, 0x1, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x3, 0x5, &(0x7f0000000140)=ANY=[@ANYBLOB="180000000000000000000000000000008500000061000000850000002a00000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @sched_cls=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x0, 0x47, 0x0, &(0x7f0000000300)="c5dfb080cd20d308098e000086dd", 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) mount$incfs(&(0x7f00000007c0)='.\x00', &(0x7f0000000800)='./bus\x00', &(0x7f0000000840), 0x1004002, 0x0) chdir(&(0x7f00000001c0)='./bus\x00') mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) chdir(&(0x7f00000003c0)='./bus\x00') open(&(0x7f0000000100)='./file1\x00', 0x14f840, 0xa4) syz_io_uring_complete(0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x4e) program crashed: general protection fault in mntget testing program (duration=31.187897406s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$PROG_LOAD-ptrace-socket$nl_netfilter-sendmsg$IPCTNL_MSG_CT_GET-bpf$MAP_CREATE_TAIL_CALL-syz_mount_image$ext4-syz_mount_image$fuse-bpf$PROG_LOAD-bpf$BPF_PROG_TEST_RUN-mount$incfs-chdir-mount$overlay-chdir-open-openat detailed listing: executing program 0: bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b40000000000000073113c000000000020000000000000009500200000000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f2, 0x10, &(0x7f0000000000), 0xfffffe51}, 0x48) ptrace(0x10, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, 0x0, 0x4000) bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000280)='./file2\x00', 0x2800000, &(0x7f0000000080)={[{@debug}, {@jqfmt_vfsv0}, {@inlinecrypt}, {@noblock_validity}, {@nodelalloc}, {@norecovery}, {@delalloc}, {@usrquota}, {@noinit_itable}]}, 0x1, 0xbdb, &(0x7f00000023c0)="$eJzs3M1rHOcZAPBnRqsP23JXLqXUvVilFBtK17KLTG0KtYtLLz0U2mvBQl4ZofUHkoorWdBV8g+EJP9ALjkkJsGH+OxLArnmkjjXmBwCJihWAiEkCrMfkiztSpa1q1Hk3w9ezfsxM+/zaKSdeWF3A3hhDWc/0ojjEXEliSg2+tOI6KvVBiKq9f2WlxbGv1laGE9iZeVfXyaRRMSTpYXx5rmSxvZIozEQER/9NYmfv7x53pm5+amxSqU83Wifnr1+6/TM3PwfJq+PXStfK984c+5Po2dHz42cH+1Yrt9+dvH+17/5++fV7976/u5Xr72ZxMUYbIytz6OR9a4Nx/Dq72S9QkSMdeD8+0FPI5/1eSaFbQ5KuxwUAABtpeue4X4ZxeiJtYe3Yrz/ca7BAQAAAB2x0hOxAgAAABxwifU/AAAAHHDN9wE8WVoYb5Z835Gwtx5fioihev7LjVIfKUS1th2I3og4/CSJ9R9rTeqH7dpwRDz69Py7WYkWn0PutupiRPyq1fVPavkPNT4JvTH/NCJGOjD/8Ib2Tyn/ix2YP+/8AXgxPbhUv5Ftvv+lq88/0eL+V2hx73oeed//ms9/y5ue/9by72nz/PfPZ5zjTiFutxvL8v/z/b+90yzZ/Nl2V0ntwOPFiF8XWuWfrOaftMn/yjbnTqJ+iuIPt8vt9sk7/5U3Ik5G6/ybkq2/n+j0xGSlPFL/2XKOxQ9H3243f975Z9f/cJv8t7j+A1nfrafO1P5Lff5z+fK9TZ2N3bfPP/2iL/l3rdbX6Pnf2Ozs9JmIvuQfm/vPbp1vc5/mObL8T/126///Vn//2WtCtfG3kaWy2Nhm7Zc2zPmXu3feaxdPc/2X5/W/uvPrX+t75Rnn+N0Hr57a2Nf8fq3169+sZPM/SuprYQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABoSiNiMJK0FBFJrZ6mpVLEkYj4RRxOKzdnZn8/cfO/N65mYxFD0ZtOTFbKIxFRrLeTrH2mVl9rn93Q/mNEHIuI14uHau3S+M3K1byTBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNWRiBiMJC1FRBoRy8U0LZXyjgoAAADouKG8AwAAAAC6zvofAAAADj7rfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALrs2IkHD5OIqF44VCuZvsZYb66RAd2W5h0AkJuevAMAclPIOwAgNztc43tcgAMo2WZ8oGVv9urR35V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANifTh5/8DCJiOqFQ7WS6WuM9bY84sQeRgd0U5p3AEBuerYaLOxdHMDee+5/8aOdjQPYe63X+MCLJNlmfGBtn+rTI/1diwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/WewVpK0FBFprZ6mpVLE0YgYit5kYrJSHomIn0XEJ8Xe/qzdn3fQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdNzM3PzUWKVSnn6eSrK7w1VU2lX+vz/C2NtKUqsM5B1GvZL3KxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHmYmZufGqtUytMzeUcCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA5G1mbn5qrFIpTz9D5d5Odl5XyTtHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADy82MAAAD//1sCDDY=") syz_mount_image$fuse(0x0, &(0x7f0000000400)='./bus\x00', 0x3000019, 0x0, 0x1, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x3, 0x5, &(0x7f0000000140)=ANY=[@ANYBLOB="180000000000000000000000000000008500000061000000850000002a00000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @sched_cls=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x0, 0x47, 0x0, &(0x7f0000000300)="c5dfb080cd20d308098e000086dd", 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) mount$incfs(&(0x7f00000007c0)='.\x00', &(0x7f0000000800)='./bus\x00', &(0x7f0000000840), 0x1004002, 0x0) chdir(&(0x7f00000001c0)='./bus\x00') mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) chdir(&(0x7f00000003c0)='./bus\x00') open(&(0x7f0000000100)='./file1\x00', 0x14f840, 0xa4) openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x4e) program crashed: general protection fault in mntget testing program (duration=31.187897406s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$PROG_LOAD-ptrace-socket$nl_netfilter-sendmsg$IPCTNL_MSG_CT_GET-bpf$MAP_CREATE_TAIL_CALL-syz_mount_image$ext4-syz_mount_image$fuse-bpf$PROG_LOAD-bpf$BPF_PROG_TEST_RUN-mount$incfs-chdir-mount$overlay-chdir-openat detailed listing: executing program 0: bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b40000000000000073113c000000000020000000000000009500200000000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f2, 0x10, &(0x7f0000000000), 0xfffffe51}, 0x48) ptrace(0x10, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, 0x0, 0x4000) bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000280)='./file2\x00', 0x2800000, &(0x7f0000000080)={[{@debug}, {@jqfmt_vfsv0}, {@inlinecrypt}, {@noblock_validity}, {@nodelalloc}, {@norecovery}, {@delalloc}, {@usrquota}, {@noinit_itable}]}, 0x1, 0xbdb, &(0x7f00000023c0)="$eJzs3M1rHOcZAPBnRqsP23JXLqXUvVilFBtK17KLTG0KtYtLLz0U2mvBQl4ZofUHkoorWdBV8g+EJP9ALjkkJsGH+OxLArnmkjjXmBwCJihWAiEkCrMfkiztSpa1q1Hk3w9ezfsxM+/zaKSdeWF3A3hhDWc/0ojjEXEliSg2+tOI6KvVBiKq9f2WlxbGv1laGE9iZeVfXyaRRMSTpYXx5rmSxvZIozEQER/9NYmfv7x53pm5+amxSqU83Wifnr1+6/TM3PwfJq+PXStfK984c+5Po2dHz42cH+1Yrt9+dvH+17/5++fV7976/u5Xr72ZxMUYbIytz6OR9a4Nx/Dq72S9QkSMdeD8+0FPI5/1eSaFbQ5KuxwUAABtpeue4X4ZxeiJtYe3Yrz/ca7BAQAAAB2x0hOxAgAAABxwifU/AAAAHHDN9wE8WVoYb5Z835Gwtx5fioihev7LjVIfKUS1th2I3og4/CSJ9R9rTeqH7dpwRDz69Py7WYkWn0PutupiRPyq1fVPavkPNT4JvTH/NCJGOjD/8Ib2Tyn/ix2YP+/8AXgxPbhUv5Ftvv+lq88/0eL+V2hx73oeed//ms9/y5ue/9by72nz/PfPZ5zjTiFutxvL8v/z/b+90yzZ/Nl2V0ntwOPFiF8XWuWfrOaftMn/yjbnTqJ+iuIPt8vt9sk7/5U3Ik5G6/ybkq2/n+j0xGSlPFL/2XKOxQ9H3243f975Z9f/cJv8t7j+A1nfrafO1P5Lff5z+fK9TZ2N3bfPP/2iL/l3rdbX6Pnf2Ozs9JmIvuQfm/vPbp1vc5/mObL8T/126///Vn//2WtCtfG3kaWy2Nhm7Zc2zPmXu3feaxdPc/2X5/W/uvPrX+t75Rnn+N0Hr57a2Nf8fq3169+sZPM/SuprYQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABoSiNiMJK0FBFJrZ6mpVLEkYj4RRxOKzdnZn8/cfO/N65mYxFD0ZtOTFbKIxFRrLeTrH2mVl9rn93Q/mNEHIuI14uHau3S+M3K1byTBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNWRiBiMJC1FRBoRy8U0LZXyjgoAAADouKG8AwAAAAC6zvofAAAADj7rfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALrs2IkHD5OIqF44VCuZvsZYb66RAd2W5h0AkJuevAMAclPIOwAgNztc43tcgAMo2WZ8oGVv9urR35V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANifTh5/8DCJiOqFQ7WS6WuM9bY84sQeRgd0U5p3AEBuerYaLOxdHMDee+5/8aOdjQPYe63X+MCLJNlmfGBtn+rTI/1diwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/WewVpK0FBFprZ6mpVLE0YgYit5kYrJSHomIn0XEJ8Xe/qzdn3fQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdNzM3PzUWKVSnn6eSrK7w1VU2lX+vz/C2NtKUqsM5B1GvZL3KxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHmYmZufGqtUytMzeUcCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA5G1mbn5qrFIpTz9D5d5Odl5XyTtHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADy82MAAAD//1sCDDY=") syz_mount_image$fuse(0x0, &(0x7f0000000400)='./bus\x00', 0x3000019, 0x0, 0x1, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x3, 0x5, &(0x7f0000000140)=ANY=[@ANYBLOB="180000000000000000000000000000008500000061000000850000002a00000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @sched_cls=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x0, 0x47, 0x0, &(0x7f0000000300)="c5dfb080cd20d308098e000086dd", 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) mount$incfs(&(0x7f00000007c0)='.\x00', &(0x7f0000000800)='./bus\x00', &(0x7f0000000840), 0x1004002, 0x0) chdir(&(0x7f00000001c0)='./bus\x00') mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) chdir(&(0x7f00000003c0)='./bus\x00') openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x4e) program crashed: general protection fault in mntget testing program (duration=31.187897406s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$PROG_LOAD-ptrace-socket$nl_netfilter-sendmsg$IPCTNL_MSG_CT_GET-bpf$MAP_CREATE_TAIL_CALL-syz_mount_image$ext4-syz_mount_image$fuse-bpf$PROG_LOAD-bpf$BPF_PROG_TEST_RUN-mount$incfs-chdir-mount$overlay-openat detailed listing: executing program 0: bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b40000000000000073113c000000000020000000000000009500200000000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f2, 0x10, &(0x7f0000000000), 0xfffffe51}, 0x48) ptrace(0x10, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, 0x0, 0x4000) bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000280)='./file2\x00', 0x2800000, &(0x7f0000000080)={[{@debug}, {@jqfmt_vfsv0}, {@inlinecrypt}, {@noblock_validity}, {@nodelalloc}, {@norecovery}, {@delalloc}, {@usrquota}, {@noinit_itable}]}, 0x1, 0xbdb, &(0x7f00000023c0)="$eJzs3M1rHOcZAPBnRqsP23JXLqXUvVilFBtK17KLTG0KtYtLLz0U2mvBQl4ZofUHkoorWdBV8g+EJP9ALjkkJsGH+OxLArnmkjjXmBwCJihWAiEkCrMfkiztSpa1q1Hk3w9ezfsxM+/zaKSdeWF3A3hhDWc/0ojjEXEliSg2+tOI6KvVBiKq9f2WlxbGv1laGE9iZeVfXyaRRMSTpYXx5rmSxvZIozEQER/9NYmfv7x53pm5+amxSqU83Wifnr1+6/TM3PwfJq+PXStfK984c+5Po2dHz42cH+1Yrt9+dvH+17/5++fV7976/u5Xr72ZxMUYbIytz6OR9a4Nx/Dq72S9QkSMdeD8+0FPI5/1eSaFbQ5KuxwUAABtpeue4X4ZxeiJtYe3Yrz/ca7BAQAAAB2x0hOxAgAAABxwifU/AAAAHHDN9wE8WVoYb5Z835Gwtx5fioihev7LjVIfKUS1th2I3og4/CSJ9R9rTeqH7dpwRDz69Py7WYkWn0PutupiRPyq1fVPavkPNT4JvTH/NCJGOjD/8Ib2Tyn/ix2YP+/8AXgxPbhUv5Ftvv+lq88/0eL+V2hx73oeed//ms9/y5ue/9by72nz/PfPZ5zjTiFutxvL8v/z/b+90yzZ/Nl2V0ntwOPFiF8XWuWfrOaftMn/yjbnTqJ+iuIPt8vt9sk7/5U3Ik5G6/ybkq2/n+j0xGSlPFL/2XKOxQ9H3243f975Z9f/cJv8t7j+A1nfrafO1P5Lff5z+fK9TZ2N3bfPP/2iL/l3rdbX6Pnf2Ozs9JmIvuQfm/vPbp1vc5/mObL8T/126///Vn//2WtCtfG3kaWy2Nhm7Zc2zPmXu3feaxdPc/2X5/W/uvPrX+t75Rnn+N0Hr57a2Nf8fq3169+sZPM/SuprYQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABoSiNiMJK0FBFJrZ6mpVLEkYj4RRxOKzdnZn8/cfO/N65mYxFD0ZtOTFbKIxFRrLeTrH2mVl9rn93Q/mNEHIuI14uHau3S+M3K1byTBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNWRiBiMJC1FRBoRy8U0LZXyjgoAAADouKG8AwAAAAC6zvofAAAADj7rfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALrs2IkHD5OIqF44VCuZvsZYb66RAd2W5h0AkJuevAMAclPIOwAgNztc43tcgAMo2WZ8oGVv9urR35V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANifTh5/8DCJiOqFQ7WS6WuM9bY84sQeRgd0U5p3AEBuerYaLOxdHMDee+5/8aOdjQPYe63X+MCLJNlmfGBtn+rTI/1diwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/WewVpK0FBFprZ6mpVLE0YgYit5kYrJSHomIn0XEJ8Xe/qzdn3fQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdNzM3PzUWKVSnn6eSrK7w1VU2lX+vz/C2NtKUqsM5B1GvZL3KxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHmYmZufGqtUytMzeUcCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA5G1mbn5qrFIpTz9D5d5Odl5XyTtHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADy82MAAAD//1sCDDY=") syz_mount_image$fuse(0x0, &(0x7f0000000400)='./bus\x00', 0x3000019, 0x0, 0x1, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x3, 0x5, &(0x7f0000000140)=ANY=[@ANYBLOB="180000000000000000000000000000008500000061000000850000002a00000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @sched_cls=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x0, 0x47, 0x0, &(0x7f0000000300)="c5dfb080cd20d308098e000086dd", 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) mount$incfs(&(0x7f00000007c0)='.\x00', &(0x7f0000000800)='./bus\x00', &(0x7f0000000840), 0x1004002, 0x0) chdir(&(0x7f00000001c0)='./bus\x00') mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x4e) program crashed: KASAN: null-ptr-deref Write in vfs_rmdir testing program (duration=31.187897406s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$PROG_LOAD-ptrace-socket$nl_netfilter-sendmsg$IPCTNL_MSG_CT_GET-bpf$MAP_CREATE_TAIL_CALL-syz_mount_image$ext4-syz_mount_image$fuse-bpf$PROG_LOAD-bpf$BPF_PROG_TEST_RUN-mount$incfs-chdir-openat detailed listing: executing program 0: bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b40000000000000073113c000000000020000000000000009500200000000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f2, 0x10, &(0x7f0000000000), 0xfffffe51}, 0x48) ptrace(0x10, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, 0x0, 0x4000) bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000280)='./file2\x00', 0x2800000, &(0x7f0000000080)={[{@debug}, {@jqfmt_vfsv0}, {@inlinecrypt}, {@noblock_validity}, {@nodelalloc}, {@norecovery}, {@delalloc}, {@usrquota}, {@noinit_itable}]}, 0x1, 0xbdb, &(0x7f00000023c0)="$eJzs3M1rHOcZAPBnRqsP23JXLqXUvVilFBtK17KLTG0KtYtLLz0U2mvBQl4ZofUHkoorWdBV8g+EJP9ALjkkJsGH+OxLArnmkjjXmBwCJihWAiEkCrMfkiztSpa1q1Hk3w9ezfsxM+/zaKSdeWF3A3hhDWc/0ojjEXEliSg2+tOI6KvVBiKq9f2WlxbGv1laGE9iZeVfXyaRRMSTpYXx5rmSxvZIozEQER/9NYmfv7x53pm5+amxSqU83Wifnr1+6/TM3PwfJq+PXStfK984c+5Po2dHz42cH+1Yrt9+dvH+17/5++fV7976/u5Xr72ZxMUYbIytz6OR9a4Nx/Dq72S9QkSMdeD8+0FPI5/1eSaFbQ5KuxwUAABtpeue4X4ZxeiJtYe3Yrz/ca7BAQAAAB2x0hOxAgAAABxwifU/AAAAHHDN9wE8WVoYb5Z835Gwtx5fioihev7LjVIfKUS1th2I3og4/CSJ9R9rTeqH7dpwRDz69Py7WYkWn0PutupiRPyq1fVPavkPNT4JvTH/NCJGOjD/8Ib2Tyn/ix2YP+/8AXgxPbhUv5Ftvv+lq88/0eL+V2hx73oeed//ms9/y5ue/9by72nz/PfPZ5zjTiFutxvL8v/z/b+90yzZ/Nl2V0ntwOPFiF8XWuWfrOaftMn/yjbnTqJ+iuIPt8vt9sk7/5U3Ik5G6/ybkq2/n+j0xGSlPFL/2XKOxQ9H3243f975Z9f/cJv8t7j+A1nfrafO1P5Lff5z+fK9TZ2N3bfPP/2iL/l3rdbX6Pnf2Ozs9JmIvuQfm/vPbp1vc5/mObL8T/126///Vn//2WtCtfG3kaWy2Nhm7Zc2zPmXu3feaxdPc/2X5/W/uvPrX+t75Rnn+N0Hr57a2Nf8fq3169+sZPM/SuprYQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABoSiNiMJK0FBFJrZ6mpVLEkYj4RRxOKzdnZn8/cfO/N65mYxFD0ZtOTFbKIxFRrLeTrH2mVl9rn93Q/mNEHIuI14uHau3S+M3K1byTBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNWRiBiMJC1FRBoRy8U0LZXyjgoAAADouKG8AwAAAAC6zvofAAAADj7rfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALrs2IkHD5OIqF44VCuZvsZYb66RAd2W5h0AkJuevAMAclPIOwAgNztc43tcgAMo2WZ8oGVv9urR35V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANifTh5/8DCJiOqFQ7WS6WuM9bY84sQeRgd0U5p3AEBuerYaLOxdHMDee+5/8aOdjQPYe63X+MCLJNlmfGBtn+rTI/1diwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/WewVpK0FBFprZ6mpVLE0YgYit5kYrJSHomIn0XEJ8Xe/qzdn3fQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdNzM3PzUWKVSnn6eSrK7w1VU2lX+vz/C2NtKUqsM5B1GvZL3KxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHmYmZufGqtUytMzeUcCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA5G1mbn5qrFIpTz9D5d5Odl5XyTtHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADy82MAAAD//1sCDDY=") syz_mount_image$fuse(0x0, &(0x7f0000000400)='./bus\x00', 0x3000019, 0x0, 0x1, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x3, 0x5, &(0x7f0000000140)=ANY=[@ANYBLOB="180000000000000000000000000000008500000061000000850000002a00000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @sched_cls=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x0, 0x47, 0x0, &(0x7f0000000300)="c5dfb080cd20d308098e000086dd", 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) mount$incfs(&(0x7f00000007c0)='.\x00', &(0x7f0000000800)='./bus\x00', &(0x7f0000000840), 0x1004002, 0x0) chdir(&(0x7f00000001c0)='./bus\x00') openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x4e) program crashed: KASAN: null-ptr-deref Write in vfs_rmdir testing program (duration=31.187897406s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$PROG_LOAD-ptrace-socket$nl_netfilter-sendmsg$IPCTNL_MSG_CT_GET-bpf$MAP_CREATE_TAIL_CALL-syz_mount_image$ext4-syz_mount_image$fuse-bpf$PROG_LOAD-bpf$BPF_PROG_TEST_RUN-mount$incfs-openat detailed listing: executing program 0: bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b40000000000000073113c000000000020000000000000009500200000000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f2, 0x10, &(0x7f0000000000), 0xfffffe51}, 0x48) ptrace(0x10, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, 0x0, 0x4000) bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000280)='./file2\x00', 0x2800000, &(0x7f0000000080)={[{@debug}, {@jqfmt_vfsv0}, {@inlinecrypt}, {@noblock_validity}, {@nodelalloc}, {@norecovery}, {@delalloc}, {@usrquota}, {@noinit_itable}]}, 0x1, 0xbdb, &(0x7f00000023c0)="$eJzs3M1rHOcZAPBnRqsP23JXLqXUvVilFBtK17KLTG0KtYtLLz0U2mvBQl4ZofUHkoorWdBV8g+EJP9ALjkkJsGH+OxLArnmkjjXmBwCJihWAiEkCrMfkiztSpa1q1Hk3w9ezfsxM+/zaKSdeWF3A3hhDWc/0ojjEXEliSg2+tOI6KvVBiKq9f2WlxbGv1laGE9iZeVfXyaRRMSTpYXx5rmSxvZIozEQER/9NYmfv7x53pm5+amxSqU83Wifnr1+6/TM3PwfJq+PXStfK984c+5Po2dHz42cH+1Yrt9+dvH+17/5++fV7976/u5Xr72ZxMUYbIytz6OR9a4Nx/Dq72S9QkSMdeD8+0FPI5/1eSaFbQ5KuxwUAABtpeue4X4ZxeiJtYe3Yrz/ca7BAQAAAB2x0hOxAgAAABxwifU/AAAAHHDN9wE8WVoYb5Z835Gwtx5fioihev7LjVIfKUS1th2I3og4/CSJ9R9rTeqH7dpwRDz69Py7WYkWn0PutupiRPyq1fVPavkPNT4JvTH/NCJGOjD/8Ib2Tyn/ix2YP+/8AXgxPbhUv5Ftvv+lq88/0eL+V2hx73oeed//ms9/y5ue/9by72nz/PfPZ5zjTiFutxvL8v/z/b+90yzZ/Nl2V0ntwOPFiF8XWuWfrOaftMn/yjbnTqJ+iuIPt8vt9sk7/5U3Ik5G6/ybkq2/n+j0xGSlPFL/2XKOxQ9H3243f975Z9f/cJv8t7j+A1nfrafO1P5Lff5z+fK9TZ2N3bfPP/2iL/l3rdbX6Pnf2Ozs9JmIvuQfm/vPbp1vc5/mObL8T/126///Vn//2WtCtfG3kaWy2Nhm7Zc2zPmXu3feaxdPc/2X5/W/uvPrX+t75Rnn+N0Hr57a2Nf8fq3169+sZPM/SuprYQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABoSiNiMJK0FBFJrZ6mpVLEkYj4RRxOKzdnZn8/cfO/N65mYxFD0ZtOTFbKIxFRrLeTrH2mVl9rn93Q/mNEHIuI14uHau3S+M3K1byTBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNWRiBiMJC1FRBoRy8U0LZXyjgoAAADouKG8AwAAAAC6zvofAAAADj7rfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALrs2IkHD5OIqF44VCuZvsZYb66RAd2W5h0AkJuevAMAclPIOwAgNztc43tcgAMo2WZ8oGVv9urR35V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANifTh5/8DCJiOqFQ7WS6WuM9bY84sQeRgd0U5p3AEBuerYaLOxdHMDee+5/8aOdjQPYe63X+MCLJNlmfGBtn+rTI/1diwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/WewVpK0FBFprZ6mpVLE0YgYit5kYrJSHomIn0XEJ8Xe/qzdn3fQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdNzM3PzUWKVSnn6eSrK7w1VU2lX+vz/C2NtKUqsM5B1GvZL3KxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHmYmZufGqtUytMzeUcCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA5G1mbn5qrFIpTz9D5d5Odl5XyTtHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADy82MAAAD//1sCDDY=") syz_mount_image$fuse(0x0, &(0x7f0000000400)='./bus\x00', 0x3000019, 0x0, 0x1, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x3, 0x5, &(0x7f0000000140)=ANY=[@ANYBLOB="180000000000000000000000000000008500000061000000850000002a00000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @sched_cls=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x0, 0x47, 0x0, &(0x7f0000000300)="c5dfb080cd20d308098e000086dd", 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) mount$incfs(&(0x7f00000007c0)='.\x00', &(0x7f0000000800)='./bus\x00', &(0x7f0000000840), 0x1004002, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x4e) program crashed: KASAN: null-ptr-deref Write in vfs_rmdir testing program (duration=31.187897406s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$PROG_LOAD-ptrace-socket$nl_netfilter-sendmsg$IPCTNL_MSG_CT_GET-bpf$MAP_CREATE_TAIL_CALL-syz_mount_image$ext4-syz_mount_image$fuse-bpf$PROG_LOAD-bpf$BPF_PROG_TEST_RUN-openat detailed listing: executing program 0: bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b40000000000000073113c000000000020000000000000009500200000000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f2, 0x10, &(0x7f0000000000), 0xfffffe51}, 0x48) ptrace(0x10, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, 0x0, 0x4000) bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000280)='./file2\x00', 0x2800000, &(0x7f0000000080)={[{@debug}, {@jqfmt_vfsv0}, {@inlinecrypt}, {@noblock_validity}, {@nodelalloc}, {@norecovery}, {@delalloc}, {@usrquota}, {@noinit_itable}]}, 0x1, 0xbdb, &(0x7f00000023c0)="$eJzs3M1rHOcZAPBnRqsP23JXLqXUvVilFBtK17KLTG0KtYtLLz0U2mvBQl4ZofUHkoorWdBV8g+EJP9ALjkkJsGH+OxLArnmkjjXmBwCJihWAiEkCrMfkiztSpa1q1Hk3w9ezfsxM+/zaKSdeWF3A3hhDWc/0ojjEXEliSg2+tOI6KvVBiKq9f2WlxbGv1laGE9iZeVfXyaRRMSTpYXx5rmSxvZIozEQER/9NYmfv7x53pm5+amxSqU83Wifnr1+6/TM3PwfJq+PXStfK984c+5Po2dHz42cH+1Yrt9+dvH+17/5++fV7976/u5Xr72ZxMUYbIytz6OR9a4Nx/Dq72S9QkSMdeD8+0FPI5/1eSaFbQ5KuxwUAABtpeue4X4ZxeiJtYe3Yrz/ca7BAQAAAB2x0hOxAgAAABxwifU/AAAAHHDN9wE8WVoYb5Z835Gwtx5fioihev7LjVIfKUS1th2I3og4/CSJ9R9rTeqH7dpwRDz69Py7WYkWn0PutupiRPyq1fVPavkPNT4JvTH/NCJGOjD/8Ib2Tyn/ix2YP+/8AXgxPbhUv5Ftvv+lq88/0eL+V2hx73oeed//ms9/y5ue/9by72nz/PfPZ5zjTiFutxvL8v/z/b+90yzZ/Nl2V0ntwOPFiF8XWuWfrOaftMn/yjbnTqJ+iuIPt8vt9sk7/5U3Ik5G6/ybkq2/n+j0xGSlPFL/2XKOxQ9H3243f975Z9f/cJv8t7j+A1nfrafO1P5Lff5z+fK9TZ2N3bfPP/2iL/l3rdbX6Pnf2Ozs9JmIvuQfm/vPbp1vc5/mObL8T/126///Vn//2WtCtfG3kaWy2Nhm7Zc2zPmXu3feaxdPc/2X5/W/uvPrX+t75Rnn+N0Hr57a2Nf8fq3169+sZPM/SuprYQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABoSiNiMJK0FBFJrZ6mpVLEkYj4RRxOKzdnZn8/cfO/N65mYxFD0ZtOTFbKIxFRrLeTrH2mVl9rn93Q/mNEHIuI14uHau3S+M3K1byTBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNWRiBiMJC1FRBoRy8U0LZXyjgoAAADouKG8AwAAAAC6zvofAAAADj7rfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALrs2IkHD5OIqF44VCuZvsZYb66RAd2W5h0AkJuevAMAclPIOwAgNztc43tcgAMo2WZ8oGVv9urR35V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANifTh5/8DCJiOqFQ7WS6WuM9bY84sQeRgd0U5p3AEBuerYaLOxdHMDee+5/8aOdjQPYe63X+MCLJNlmfGBtn+rTI/1diwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/WewVpK0FBFprZ6mpVLE0YgYit5kYrJSHomIn0XEJ8Xe/qzdn3fQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdNzM3PzUWKVSnn6eSrK7w1VU2lX+vz/C2NtKUqsM5B1GvZL3KxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHmYmZufGqtUytMzeUcCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA5G1mbn5qrFIpTz9D5d5Odl5XyTtHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADy82MAAAD//1sCDDY=") syz_mount_image$fuse(0x0, &(0x7f0000000400)='./bus\x00', 0x3000019, 0x0, 0x1, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x3, 0x5, &(0x7f0000000140)=ANY=[@ANYBLOB="180000000000000000000000000000008500000061000000850000002a00000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @sched_cls=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x0, 0x47, 0x0, &(0x7f0000000300)="c5dfb080cd20d308098e000086dd", 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x4e) program did not crash testing program (duration=31.187897406s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$PROG_LOAD-ptrace-socket$nl_netfilter-sendmsg$IPCTNL_MSG_CT_GET-bpf$MAP_CREATE_TAIL_CALL-syz_mount_image$ext4-syz_mount_image$fuse-bpf$PROG_LOAD-mount$incfs-openat detailed listing: executing program 0: bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b40000000000000073113c000000000020000000000000009500200000000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f2, 0x10, &(0x7f0000000000), 0xfffffe51}, 0x48) ptrace(0x10, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, 0x0, 0x4000) bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000280)='./file2\x00', 0x2800000, &(0x7f0000000080)={[{@debug}, {@jqfmt_vfsv0}, {@inlinecrypt}, {@noblock_validity}, {@nodelalloc}, {@norecovery}, {@delalloc}, {@usrquota}, {@noinit_itable}]}, 0x1, 0xbdb, &(0x7f00000023c0)="$eJzs3M1rHOcZAPBnRqsP23JXLqXUvVilFBtK17KLTG0KtYtLLz0U2mvBQl4ZofUHkoorWdBV8g+EJP9ALjkkJsGH+OxLArnmkjjXmBwCJihWAiEkCrMfkiztSpa1q1Hk3w9ezfsxM+/zaKSdeWF3A3hhDWc/0ojjEXEliSg2+tOI6KvVBiKq9f2WlxbGv1laGE9iZeVfXyaRRMSTpYXx5rmSxvZIozEQER/9NYmfv7x53pm5+amxSqU83Wifnr1+6/TM3PwfJq+PXStfK984c+5Po2dHz42cH+1Yrt9+dvH+17/5++fV7976/u5Xr72ZxMUYbIytz6OR9a4Nx/Dq72S9QkSMdeD8+0FPI5/1eSaFbQ5KuxwUAABtpeue4X4ZxeiJtYe3Yrz/ca7BAQAAAB2x0hOxAgAAABxwifU/AAAAHHDN9wE8WVoYb5Z835Gwtx5fioihev7LjVIfKUS1th2I3og4/CSJ9R9rTeqH7dpwRDz69Py7WYkWn0PutupiRPyq1fVPavkPNT4JvTH/NCJGOjD/8Ib2Tyn/ix2YP+/8AXgxPbhUv5Ftvv+lq88/0eL+V2hx73oeed//ms9/y5ue/9by72nz/PfPZ5zjTiFutxvL8v/z/b+90yzZ/Nl2V0ntwOPFiF8XWuWfrOaftMn/yjbnTqJ+iuIPt8vt9sk7/5U3Ik5G6/ybkq2/n+j0xGSlPFL/2XKOxQ9H3243f975Z9f/cJv8t7j+A1nfrafO1P5Lff5z+fK9TZ2N3bfPP/2iL/l3rdbX6Pnf2Ozs9JmIvuQfm/vPbp1vc5/mObL8T/126///Vn//2WtCtfG3kaWy2Nhm7Zc2zPmXu3feaxdPc/2X5/W/uvPrX+t75Rnn+N0Hr57a2Nf8fq3169+sZPM/SuprYQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABoSiNiMJK0FBFJrZ6mpVLEkYj4RRxOKzdnZn8/cfO/N65mYxFD0ZtOTFbKIxFRrLeTrH2mVl9rn93Q/mNEHIuI14uHau3S+M3K1byTBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNWRiBiMJC1FRBoRy8U0LZXyjgoAAADouKG8AwAAAAC6zvofAAAADj7rfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALrs2IkHD5OIqF44VCuZvsZYb66RAd2W5h0AkJuevAMAclPIOwAgNztc43tcgAMo2WZ8oGVv9urR35V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANifTh5/8DCJiOqFQ7WS6WuM9bY84sQeRgd0U5p3AEBuerYaLOxdHMDee+5/8aOdjQPYe63X+MCLJNlmfGBtn+rTI/1diwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/WewVpK0FBFprZ6mpVLE0YgYit5kYrJSHomIn0XEJ8Xe/qzdn3fQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdNzM3PzUWKVSnn6eSrK7w1VU2lX+vz/C2NtKUqsM5B1GvZL3KxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHmYmZufGqtUytMzeUcCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA5G1mbn5qrFIpTz9D5d5Odl5XyTtHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADy82MAAAD//1sCDDY=") syz_mount_image$fuse(0x0, &(0x7f0000000400)='./bus\x00', 0x3000019, 0x0, 0x1, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x3, 0x5, &(0x7f0000000140)=ANY=[@ANYBLOB="180000000000000000000000000000008500000061000000850000002a00000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @sched_cls=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) mount$incfs(&(0x7f00000007c0)='.\x00', &(0x7f0000000800)='./bus\x00', &(0x7f0000000840), 0x1004002, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x4e) program crashed: KASAN: null-ptr-deref Write in vfs_rmdir testing program (duration=31.187897406s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$PROG_LOAD-ptrace-socket$nl_netfilter-sendmsg$IPCTNL_MSG_CT_GET-bpf$MAP_CREATE_TAIL_CALL-syz_mount_image$ext4-syz_mount_image$fuse-mount$incfs-openat detailed listing: executing program 0: bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b40000000000000073113c000000000020000000000000009500200000000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f2, 0x10, &(0x7f0000000000), 0xfffffe51}, 0x48) ptrace(0x10, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, 0x0, 0x4000) bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000280)='./file2\x00', 0x2800000, &(0x7f0000000080)={[{@debug}, {@jqfmt_vfsv0}, {@inlinecrypt}, {@noblock_validity}, {@nodelalloc}, {@norecovery}, {@delalloc}, {@usrquota}, {@noinit_itable}]}, 0x1, 0xbdb, &(0x7f00000023c0)="$eJzs3M1rHOcZAPBnRqsP23JXLqXUvVilFBtK17KLTG0KtYtLLz0U2mvBQl4ZofUHkoorWdBV8g+EJP9ALjkkJsGH+OxLArnmkjjXmBwCJihWAiEkCrMfkiztSpa1q1Hk3w9ezfsxM+/zaKSdeWF3A3hhDWc/0ojjEXEliSg2+tOI6KvVBiKq9f2WlxbGv1laGE9iZeVfXyaRRMSTpYXx5rmSxvZIozEQER/9NYmfv7x53pm5+amxSqU83Wifnr1+6/TM3PwfJq+PXStfK984c+5Po2dHz42cH+1Yrt9+dvH+17/5++fV7976/u5Xr72ZxMUYbIytz6OR9a4Nx/Dq72S9QkSMdeD8+0FPI5/1eSaFbQ5KuxwUAABtpeue4X4ZxeiJtYe3Yrz/ca7BAQAAAB2x0hOxAgAAABxwifU/AAAAHHDN9wE8WVoYb5Z835Gwtx5fioihev7LjVIfKUS1th2I3og4/CSJ9R9rTeqH7dpwRDz69Py7WYkWn0PutupiRPyq1fVPavkPNT4JvTH/NCJGOjD/8Ib2Tyn/ix2YP+/8AXgxPbhUv5Ftvv+lq88/0eL+V2hx73oeed//ms9/y5ue/9by72nz/PfPZ5zjTiFutxvL8v/z/b+90yzZ/Nl2V0ntwOPFiF8XWuWfrOaftMn/yjbnTqJ+iuIPt8vt9sk7/5U3Ik5G6/ybkq2/n+j0xGSlPFL/2XKOxQ9H3243f975Z9f/cJv8t7j+A1nfrafO1P5Lff5z+fK9TZ2N3bfPP/2iL/l3rdbX6Pnf2Ozs9JmIvuQfm/vPbp1vc5/mObL8T/126///Vn//2WtCtfG3kaWy2Nhm7Zc2zPmXu3feaxdPc/2X5/W/uvPrX+t75Rnn+N0Hr57a2Nf8fq3169+sZPM/SuprYQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABoSiNiMJK0FBFJrZ6mpVLEkYj4RRxOKzdnZn8/cfO/N65mYxFD0ZtOTFbKIxFRrLeTrH2mVl9rn93Q/mNEHIuI14uHau3S+M3K1byTBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNWRiBiMJC1FRBoRy8U0LZXyjgoAAADouKG8AwAAAAC6zvofAAAADj7rfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALrs2IkHD5OIqF44VCuZvsZYb66RAd2W5h0AkJuevAMAclPIOwAgNztc43tcgAMo2WZ8oGVv9urR35V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANifTh5/8DCJiOqFQ7WS6WuM9bY84sQeRgd0U5p3AEBuerYaLOxdHMDee+5/8aOdjQPYe63X+MCLJNlmfGBtn+rTI/1diwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/WewVpK0FBFprZ6mpVLE0YgYit5kYrJSHomIn0XEJ8Xe/qzdn3fQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdNzM3PzUWKVSnn6eSrK7w1VU2lX+vz/C2NtKUqsM5B1GvZL3KxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHmYmZufGqtUytMzeUcCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA5G1mbn5qrFIpTz9D5d5Odl5XyTtHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADy82MAAAD//1sCDDY=") syz_mount_image$fuse(0x0, &(0x7f0000000400)='./bus\x00', 0x3000019, 0x0, 0x1, 0x0, 0x0) mount$incfs(&(0x7f00000007c0)='.\x00', &(0x7f0000000800)='./bus\x00', &(0x7f0000000840), 0x1004002, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x4e) program crashed: KASAN: null-ptr-deref Write in vfs_rmdir testing program (duration=31.187897406s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$PROG_LOAD-ptrace-socket$nl_netfilter-sendmsg$IPCTNL_MSG_CT_GET-bpf$MAP_CREATE_TAIL_CALL-syz_mount_image$ext4-mount$incfs-openat detailed listing: executing program 0: bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b40000000000000073113c000000000020000000000000009500200000000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f2, 0x10, &(0x7f0000000000), 0xfffffe51}, 0x48) ptrace(0x10, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, 0x0, 0x4000) bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000280)='./file2\x00', 0x2800000, &(0x7f0000000080)={[{@debug}, {@jqfmt_vfsv0}, {@inlinecrypt}, {@noblock_validity}, {@nodelalloc}, {@norecovery}, {@delalloc}, {@usrquota}, {@noinit_itable}]}, 0x1, 0xbdb, &(0x7f00000023c0)="$eJzs3M1rHOcZAPBnRqsP23JXLqXUvVilFBtK17KLTG0KtYtLLz0U2mvBQl4ZofUHkoorWdBV8g+EJP9ALjkkJsGH+OxLArnmkjjXmBwCJihWAiEkCrMfkiztSpa1q1Hk3w9ezfsxM+/zaKSdeWF3A3hhDWc/0ojjEXEliSg2+tOI6KvVBiKq9f2WlxbGv1laGE9iZeVfXyaRRMSTpYXx5rmSxvZIozEQER/9NYmfv7x53pm5+amxSqU83Wifnr1+6/TM3PwfJq+PXStfK984c+5Po2dHz42cH+1Yrt9+dvH+17/5++fV7976/u5Xr72ZxMUYbIytz6OR9a4Nx/Dq72S9QkSMdeD8+0FPI5/1eSaFbQ5KuxwUAABtpeue4X4ZxeiJtYe3Yrz/ca7BAQAAAB2x0hOxAgAAABxwifU/AAAAHHDN9wE8WVoYb5Z835Gwtx5fioihev7LjVIfKUS1th2I3og4/CSJ9R9rTeqH7dpwRDz69Py7WYkWn0PutupiRPyq1fVPavkPNT4JvTH/NCJGOjD/8Ib2Tyn/ix2YP+/8AXgxPbhUv5Ftvv+lq88/0eL+V2hx73oeed//ms9/y5ue/9by72nz/PfPZ5zjTiFutxvL8v/z/b+90yzZ/Nl2V0ntwOPFiF8XWuWfrOaftMn/yjbnTqJ+iuIPt8vt9sk7/5U3Ik5G6/ybkq2/n+j0xGSlPFL/2XKOxQ9H3243f975Z9f/cJv8t7j+A1nfrafO1P5Lff5z+fK9TZ2N3bfPP/2iL/l3rdbX6Pnf2Ozs9JmIvuQfm/vPbp1vc5/mObL8T/126///Vn//2WtCtfG3kaWy2Nhm7Zc2zPmXu3feaxdPc/2X5/W/uvPrX+t75Rnn+N0Hr57a2Nf8fq3169+sZPM/SuprYQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABoSiNiMJK0FBFJrZ6mpVLEkYj4RRxOKzdnZn8/cfO/N65mYxFD0ZtOTFbKIxFRrLeTrH2mVl9rn93Q/mNEHIuI14uHau3S+M3K1byTBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNWRiBiMJC1FRBoRy8U0LZXyjgoAAADouKG8AwAAAAC6zvofAAAADj7rfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALrs2IkHD5OIqF44VCuZvsZYb66RAd2W5h0AkJuevAMAclPIOwAgNztc43tcgAMo2WZ8oGVv9urR35V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANifTh5/8DCJiOqFQ7WS6WuM9bY84sQeRgd0U5p3AEBuerYaLOxdHMDee+5/8aOdjQPYe63X+MCLJNlmfGBtn+rTI/1diwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/WewVpK0FBFprZ6mpVLE0YgYit5kYrJSHomIn0XEJ8Xe/qzdn3fQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdNzM3PzUWKVSnn6eSrK7w1VU2lX+vz/C2NtKUqsM5B1GvZL3KxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHmYmZufGqtUytMzeUcCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA5G1mbn5qrFIpTz9D5d5Odl5XyTtHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADy82MAAAD//1sCDDY=") mount$incfs(&(0x7f00000007c0)='.\x00', &(0x7f0000000800)='./bus\x00', &(0x7f0000000840), 0x1004002, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x4e) program did not crash testing program (duration=31.187897406s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$PROG_LOAD-ptrace-socket$nl_netfilter-sendmsg$IPCTNL_MSG_CT_GET-bpf$MAP_CREATE_TAIL_CALL-syz_mount_image$fuse-mount$incfs-openat detailed listing: executing program 0: bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b40000000000000073113c000000000020000000000000009500200000000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f2, 0x10, &(0x7f0000000000), 0xfffffe51}, 0x48) ptrace(0x10, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, 0x0, 0x4000) bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0) syz_mount_image$fuse(0x0, &(0x7f0000000400)='./bus\x00', 0x3000019, 0x0, 0x1, 0x0, 0x0) mount$incfs(&(0x7f00000007c0)='.\x00', &(0x7f0000000800)='./bus\x00', &(0x7f0000000840), 0x1004002, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x4e) program crashed: KASAN: null-ptr-deref Write in vfs_rmdir testing program (duration=31.187897406s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$PROG_LOAD-ptrace-socket$nl_netfilter-sendmsg$IPCTNL_MSG_CT_GET-syz_mount_image$fuse-mount$incfs-openat detailed listing: executing program 0: bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b40000000000000073113c000000000020000000000000009500200000000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f2, 0x10, &(0x7f0000000000), 0xfffffe51}, 0x48) ptrace(0x10, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, 0x0, 0x4000) syz_mount_image$fuse(0x0, &(0x7f0000000400)='./bus\x00', 0x3000019, 0x0, 0x1, 0x0, 0x0) mount$incfs(&(0x7f00000007c0)='.\x00', &(0x7f0000000800)='./bus\x00', &(0x7f0000000840), 0x1004002, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x4e) program crashed: KASAN: null-ptr-deref Write in vfs_rmdir testing program (duration=31.187897406s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$PROG_LOAD-ptrace-socket$nl_netfilter-syz_mount_image$fuse-mount$incfs-openat detailed listing: executing program 0: bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b40000000000000073113c000000000020000000000000009500200000000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f2, 0x10, &(0x7f0000000000), 0xfffffe51}, 0x48) ptrace(0x10, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) syz_mount_image$fuse(0x0, &(0x7f0000000400)='./bus\x00', 0x3000019, 0x0, 0x1, 0x0, 0x0) mount$incfs(&(0x7f00000007c0)='.\x00', &(0x7f0000000800)='./bus\x00', &(0x7f0000000840), 0x1004002, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x4e) program crashed: KASAN: null-ptr-deref Write in vfs_rmdir testing program (duration=31.187897406s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$PROG_LOAD-ptrace-syz_mount_image$fuse-mount$incfs-openat detailed listing: executing program 0: bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b40000000000000073113c000000000020000000000000009500200000000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f2, 0x10, &(0x7f0000000000), 0xfffffe51}, 0x48) ptrace(0x10, 0x0) syz_mount_image$fuse(0x0, &(0x7f0000000400)='./bus\x00', 0x3000019, 0x0, 0x1, 0x0, 0x0) mount$incfs(&(0x7f00000007c0)='.\x00', &(0x7f0000000800)='./bus\x00', &(0x7f0000000840), 0x1004002, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x4e) program crashed: KASAN: null-ptr-deref Write in vfs_rmdir testing program (duration=31.187897406s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$PROG_LOAD-syz_mount_image$fuse-mount$incfs-openat detailed listing: executing program 0: bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b40000000000000073113c000000000020000000000000009500200000000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f2, 0x10, &(0x7f0000000000), 0xfffffe51}, 0x48) syz_mount_image$fuse(0x0, &(0x7f0000000400)='./bus\x00', 0x3000019, 0x0, 0x1, 0x0, 0x0) mount$incfs(&(0x7f00000007c0)='.\x00', &(0x7f0000000800)='./bus\x00', &(0x7f0000000840), 0x1004002, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x4e) program crashed: KASAN: null-ptr-deref Write in vfs_rmdir testing program (duration=31.187897406s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$fuse-mount$incfs-openat detailed listing: executing program 0: syz_mount_image$fuse(0x0, &(0x7f0000000400)='./bus\x00', 0x3000019, 0x0, 0x1, 0x0, 0x0) mount$incfs(&(0x7f00000007c0)='.\x00', &(0x7f0000000800)='./bus\x00', &(0x7f0000000840), 0x1004002, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x4e) program crashed: KASAN: null-ptr-deref Write in vfs_rmdir testing program (duration=31.187897406s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$fuse-mount$incfs-openat detailed listing: executing program 0: syz_mount_image$fuse(0x0, 0x0, 0x3000019, 0x0, 0x1, 0x0, 0x0) mount$incfs(&(0x7f00000007c0)='.\x00', &(0x7f0000000800)='./bus\x00', &(0x7f0000000840), 0x1004002, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x4e) program did not crash testing program (duration=31.187897406s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$fuse-mount$incfs-openat detailed listing: executing program 0: syz_mount_image$fuse(0x0, &(0x7f0000000400)='./bus\x00', 0x3000019, 0x0, 0x1, 0x0, 0x0) mount$incfs(0x0, &(0x7f0000000800)='./bus\x00', &(0x7f0000000840), 0x1004002, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x4e) program did not crash testing program (duration=31.187897406s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$fuse-mount$incfs-openat detailed listing: executing program 0: syz_mount_image$fuse(0x0, &(0x7f0000000400)='./bus\x00', 0x3000019, 0x0, 0x1, 0x0, 0x0) mount$incfs(&(0x7f00000007c0)='.\x00', 0x0, &(0x7f0000000840), 0x1004002, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x4e) program did not crash testing program (duration=31.187897406s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$fuse-mount$incfs-openat detailed listing: executing program 0: syz_mount_image$fuse(0x0, &(0x7f0000000400)='./bus\x00', 0x3000019, 0x0, 0x1, 0x0, 0x0) mount$incfs(&(0x7f00000007c0)='.\x00', &(0x7f0000000800)='./bus\x00', 0x0, 0x1004002, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x4e) program did not crash testing program (duration=31.187897406s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$fuse-mount$incfs-openat detailed listing: executing program 0: syz_mount_image$fuse(0x0, &(0x7f0000000400)='./bus\x00', 0x3000019, 0x0, 0x1, 0x0, 0x0) mount$incfs(&(0x7f00000007c0)='.\x00', &(0x7f0000000800)='./bus\x00', &(0x7f0000000840), 0x1004002, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x4e) program crashed: KASAN: null-ptr-deref Write in vfs_rmdir extracting C reproducer testing compiled C program (duration=31.187897406s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$fuse-mount$incfs-openat program crashed: KASAN: null-ptr-deref Write in vfs_rmdir simplifying C reproducer testing compiled C program (duration=31.187897406s, {Threaded:false Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$fuse-mount$incfs-openat program crashed: KASAN: null-ptr-deref Write in vfs_rmdir testing compiled C program (duration=31.187897406s, {Threaded:false Repeat:false RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:false Cgroups:false BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$fuse-mount$incfs-openat program did not crash testing compiled C program (duration=31.187897406s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$fuse-mount$incfs-openat program crashed: KASAN: null-ptr-deref Write in vfs_rmdir testing compiled C program (duration=31.187897406s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:false UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$fuse-mount$incfs-openat program did not crash testing compiled C program (duration=31.187897406s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$fuse-mount$incfs-openat program crashed: KASAN: null-ptr-deref Write in vfs_rmdir testing compiled C program (duration=31.187897406s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$fuse-mount$incfs-openat program crashed: KASAN: null-ptr-deref Write in vfs_rmdir testing compiled C program (duration=31.187897406s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$fuse-mount$incfs-openat program crashed: KASAN: null-ptr-deref Write in vfs_rmdir testing compiled C program (duration=31.187897406s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$fuse-mount$incfs-openat program crashed: KASAN: null-ptr-deref Write in vfs_rmdir testing compiled C program (duration=31.187897406s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$fuse-mount$incfs-openat program crashed: KASAN: null-ptr-deref Write in vfs_rmdir testing compiled C program (duration=31.187897406s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$fuse-mount$incfs-openat program crashed: KASAN: null-ptr-deref Write in vfs_rmdir testing compiled C program (duration=31.187897406s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:false HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$fuse-mount$incfs-openat program did not crash testing compiled C program (duration=31.187897406s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:false Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$fuse-mount$incfs-openat program did not crash testing compiled C program (duration=31.187897406s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$fuse-mount$incfs-openat program crashed: KASAN: null-ptr-deref Write in vfs_rmdir testing compiled C program (duration=31.187897406s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$fuse-mount$incfs-openat program crashed: KASAN: null-ptr-deref Write in vfs_rmdir testing program (duration=31.187897406s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$fuse-mount$incfs-openat detailed listing: executing program 0: syz_mount_image$fuse(0x0, &(0x7f0000000400)='./bus\x00', 0x3000019, 0x0, 0x1, 0x0, 0x0) mount$incfs(&(0x7f00000007c0)='.\x00', &(0x7f0000000800)='./bus\x00', &(0x7f0000000840), 0x1004002, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x4e) program crashed: KASAN: null-ptr-deref Write in vfs_rmdir validation run: crashed=true testing program (duration=31.187897406s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$fuse-mount$incfs-openat detailed listing: executing program 0: syz_mount_image$fuse(0x0, &(0x7f0000000400)='./bus\x00', 0x3000019, 0x0, 0x1, 0x0, 0x0) mount$incfs(&(0x7f00000007c0)='.\x00', &(0x7f0000000800)='./bus\x00', &(0x7f0000000840), 0x1004002, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x4e) program crashed: KASAN: null-ptr-deref Write in vfs_rmdir validation run: crashed=true testing program (duration=31.187897406s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$fuse-mount$incfs-openat detailed listing: executing program 0: syz_mount_image$fuse(0x0, &(0x7f0000000400)='./bus\x00', 0x3000019, 0x0, 0x1, 0x0, 0x0) mount$incfs(&(0x7f00000007c0)='.\x00', &(0x7f0000000800)='./bus\x00', &(0x7f0000000840), 0x1004002, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x4e) program crashed: KASAN: null-ptr-deref Write in vfs_rmdir validation run: crashed=true reproducing took 53m45.814646819s repro crashed as (corrupted=false): RBP: 00007ffe8acc8210 R08: 00007ffe8acc9210 R09: 00000000ffffffff R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffe8acc92a0 R13: 00007f62543922ca R14: 0000000000006d8f R15: 00007ffe8acc92e0 ---[ end trace ae78f9a5d8801eea ]--- ================================================================== BUG: KASAN: null-ptr-deref in instrument_atomic_read_write include/linux/instrumented.h:101 [inline] BUG: KASAN: null-ptr-deref in atomic_inc_return include/asm-generic/atomic-instrumented.h:250 [inline] BUG: KASAN: null-ptr-deref in ihold+0x20/0x60 fs/inode.c:423 Write of size 4 at addr 0000000000000170 by task syz-executor/382 CPU: 0 PID: 382 Comm: syz-executor Tainted: G W syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 Call Trace: __dump_stack+0x21/0x24 lib/dump_stack.c:77 dump_stack_lvl+0x1a7/0x208 lib/dump_stack.c:118 __kasan_report mm/kasan/report.c:439 [inline] kasan_report+0xbd/0x140 mm/kasan/report.c:452 check_region_inline mm/kasan/generic.c:-1 [inline] kasan_check_range+0x249/0x2a0 mm/kasan/generic.c:189 __kasan_check_write+0x14/0x20 mm/kasan/shadow.c:37 instrument_atomic_read_write include/linux/instrumented.h:101 [inline] atomic_inc_return include/asm-generic/atomic-instrumented.h:250 [inline] ihold+0x20/0x60 fs/inode.c:423 d_delete_notify include/linux/fsnotify.h:264 [inline] vfs_rmdir+0x2d5/0x3c0 fs/namei.c:3873 incfs_kill_sb+0xf7/0x200 fs/incfs/vfs.c:1973 deactivate_locked_super+0xa0/0x100 fs/super.c:335 deactivate_super+0xaf/0xe0 fs/super.c:366 cleanup_mnt+0x44f/0x500 fs/namespace.c:1123 __cleanup_mnt+0x19/0x20 fs/namespace.c:1130 task_work_run+0x127/0x190 kernel/task_work.c:189 tracehook_notify_resume include/linux/tracehook.h:188 [inline] exit_to_user_mode_loop+0xcb/0xe0 kernel/entry/common.c:172 exit_to_user_mode_prepare+0x76/0xa0 kernel/entry/common.c:199 syscall_exit_to_user_mode+0x1d/0x40 kernel/entry/common.c:274 do_syscall_64+0x3d/0x40 arch/x86/entry/common.c:56 entry_SYSCALL_64_after_hwframe+0x61/0xcb RIP: 0033:0x7f62542fe097 Code: a2 c7 05 5c 06 25 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 RSP: 002b:00007ffe8acc8158 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f62542fe097 RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe8acc8210 RBP: 00007ffe8acc8210 R08: 00007ffe8acc9210 R09: 00000000ffffffff R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffe8acc92a0 R13: 00007f62543922ca R14: 0000000000006d8f R15: 00007ffe8acc92e0 ================================================================== BUG: kernel NULL pointer dereference, address: 0000000000000170 #PF: supervisor write access in kernel mode #PF: error_code(0x0002) - not-present page PGD 11182c067 P4D 11182c067 PUD 0 Oops: 0002 [#1] PREEMPT SMP KASAN CPU: 0 PID: 382 Comm: syz-executor Tainted: G B W syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 RIP: 0010:arch_atomic_add_return arch/x86/include/asm/atomic.h:165 [inline] RIP: 0010:arch_atomic_inc_return include/linux/atomic-arch-fallback.h:286 [inline] RIP: 0010:atomic_inc_return include/asm-generic/atomic-instrumented.h:251 [inline] RIP: 0010:ihold+0x26/0x60 fs/inode.c:423 Code: 00 00 00 00 55 48 89 e5 41 56 53 48 89 fb e8 71 7d b7 ff 48 8d bb 70 01 00 00 be 04 00 00 00 e8 a0 f5 f1 ff 41 be 01 00 00 00 44 0f c1 b3 70 01 00 00 41 ff c6 bf 02 00 00 00 44 89 f6 e8 f1 RSP: 0018:ffffc90000cb7d38 EFLAGS: 00010246 RAX: ffff88810d4fcf00 RBX: 0000000000000000 RCX: ffff88810d4fcf00 RDX: 0000000000000000 RSI: 0000000000000002 RDI: 00000000ffffffff RBP: ffffc90000cb7d48 R08: 0000000000000003 R09: 0000000000000004 R10: dffffc0000000000 R11: fffffbfff0dcf648 R12: dffffc0000000000 R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000000 FS: 000055555f1f6500(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000170 CR3: 0000000127233000 CR4: 00000000003506b0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: d_delete_notify include/linux/fsnotify.h:264 [inline] vfs_rmdir+0x2d5/0x3c0 fs/namei.c:3873 incfs_kill_sb+0xf7/0x200 fs/incfs/vfs.c:1973 deactivate_locked_super+0xa0/0x100 fs/super.c:335 deactivate_super+0xaf/0xe0 fs/super.c:366 cleanup_mnt+0x44f/0x500 fs/namespace.c:1123 __cleanup_mnt+0x19/0x20 fs/namespace.c:1130 task_work_run+0x127/0x190 kernel/task_work.c:189 tracehook_notify_resume include/linux/tracehook.h:188 [inline] exit_to_user_mode_loop+0xcb/0xe0 kernel/entry/common.c:172 exit_to_user_mode_prepare+0x76/0xa0 kernel/entry/common.c:199 syscall_exit_to_user_mode+0x1d/0x40 kernel/entry/common.c:274 do_syscall_64+0x3d/0x40 arch/x86/entry/common.c:56 entry_SYSCALL_64_after_hwframe+0x61/0xcb RIP: 0033:0x7f62542fe097 Code: a2 c7 05 5c 06 25 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 RSP: 002b:00007ffe8acc8158 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f62542fe097 RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe8acc8210 RBP: 00007ffe8acc8210 R08: 00007ffe8acc9210 R09: 00000000ffffffff R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffe8acc92a0 R13: 00007f62543922ca R14: 0000000000006d8f R15: 00007ffe8acc92e0 Modules linked in: CR2: 0000000000000170 ---[ end trace ae78f9a5d8801eeb ]--- RIP: 0010:arch_atomic_add_return arch/x86/include/asm/atomic.h:165 [inline] RIP: 0010:arch_atomic_inc_return include/linux/atomic-arch-fallback.h:286 [inline] RIP: 0010:atomic_inc_return include/asm-generic/atomic-instrumented.h:251 [inline] RIP: 0010:ihold+0x26/0x60 fs/inode.c:423 Code: 00 00 00 00 55 48 89 e5 41 56 53 48 89 fb e8 71 7d b7 ff 48 8d bb 70 01 00 00 be 04 00 00 00 e8 a0 f5 f1 ff 41 be 01 00 00 00 44 0f c1 b3 70 01 00 00 41 ff c6 bf 02 00 00 00 44 89 f6 e8 f1 RSP: 0018:ffffc90000cb7d38 EFLAGS: 00010246 RAX: ffff88810d4fcf00 RBX: 0000000000000000 RCX: ffff88810d4fcf00 RDX: 0000000000000000 RSI: 0000000000000002 RDI: 00000000ffffffff RBP: ffffc90000cb7d48 R08: 0000000000000003 R09: 0000000000000004 R10: dffffc0000000000 R11: fffffbfff0dcf648 R12: dffffc0000000000 R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000000 FS: 000055555f1f6500(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000170 CR3: 0000000127233000 CR4: 00000000003506b0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 ---------------- Code disassembly (best guess): 0: 00 00 add %al,(%rax) 2: 00 00 add %al,(%rax) 4: 55 push %rbp 5: 48 89 e5 mov %rsp,%rbp 8: 41 56 push %r14 a: 53 push %rbx b: 48 89 fb mov %rdi,%rbx e: e8 71 7d b7 ff call 0xffb77d84 13: 48 8d bb 70 01 00 00 lea 0x170(%rbx),%rdi 1a: be 04 00 00 00 mov $0x4,%esi 1f: e8 a0 f5 f1 ff call 0xfff1f5c4 24: 41 be 01 00 00 00 mov $0x1,%r14d * 2a: f0 44 0f c1 b3 70 01 lock xadd %r14d,0x170(%rbx) <-- trapping instruction 31: 00 00 33: 41 ff c6 inc %r14d 36: bf 02 00 00 00 mov $0x2,%edi 3b: 44 89 f6 mov %r14d,%esi 3e: e8 .byte 0xe8 3f: f1 int1 final repro crashed as (corrupted=false): RBP: 00007ffe8acc8210 R08: 00007ffe8acc9210 R09: 00000000ffffffff R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffe8acc92a0 R13: 00007f62543922ca R14: 0000000000006d8f R15: 00007ffe8acc92e0 ---[ end trace ae78f9a5d8801eea ]--- ================================================================== BUG: KASAN: null-ptr-deref in instrument_atomic_read_write include/linux/instrumented.h:101 [inline] BUG: KASAN: null-ptr-deref in atomic_inc_return include/asm-generic/atomic-instrumented.h:250 [inline] BUG: KASAN: null-ptr-deref in ihold+0x20/0x60 fs/inode.c:423 Write of size 4 at addr 0000000000000170 by task syz-executor/382 CPU: 0 PID: 382 Comm: syz-executor Tainted: G W syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 Call Trace: __dump_stack+0x21/0x24 lib/dump_stack.c:77 dump_stack_lvl+0x1a7/0x208 lib/dump_stack.c:118 __kasan_report mm/kasan/report.c:439 [inline] kasan_report+0xbd/0x140 mm/kasan/report.c:452 check_region_inline mm/kasan/generic.c:-1 [inline] kasan_check_range+0x249/0x2a0 mm/kasan/generic.c:189 __kasan_check_write+0x14/0x20 mm/kasan/shadow.c:37 instrument_atomic_read_write include/linux/instrumented.h:101 [inline] atomic_inc_return include/asm-generic/atomic-instrumented.h:250 [inline] ihold+0x20/0x60 fs/inode.c:423 d_delete_notify include/linux/fsnotify.h:264 [inline] vfs_rmdir+0x2d5/0x3c0 fs/namei.c:3873 incfs_kill_sb+0xf7/0x200 fs/incfs/vfs.c:1973 deactivate_locked_super+0xa0/0x100 fs/super.c:335 deactivate_super+0xaf/0xe0 fs/super.c:366 cleanup_mnt+0x44f/0x500 fs/namespace.c:1123 __cleanup_mnt+0x19/0x20 fs/namespace.c:1130 task_work_run+0x127/0x190 kernel/task_work.c:189 tracehook_notify_resume include/linux/tracehook.h:188 [inline] exit_to_user_mode_loop+0xcb/0xe0 kernel/entry/common.c:172 exit_to_user_mode_prepare+0x76/0xa0 kernel/entry/common.c:199 syscall_exit_to_user_mode+0x1d/0x40 kernel/entry/common.c:274 do_syscall_64+0x3d/0x40 arch/x86/entry/common.c:56 entry_SYSCALL_64_after_hwframe+0x61/0xcb RIP: 0033:0x7f62542fe097 Code: a2 c7 05 5c 06 25 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 RSP: 002b:00007ffe8acc8158 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f62542fe097 RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe8acc8210 RBP: 00007ffe8acc8210 R08: 00007ffe8acc9210 R09: 00000000ffffffff R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffe8acc92a0 R13: 00007f62543922ca R14: 0000000000006d8f R15: 00007ffe8acc92e0 ================================================================== BUG: kernel NULL pointer dereference, address: 0000000000000170 #PF: supervisor write access in kernel mode #PF: error_code(0x0002) - not-present page PGD 11182c067 P4D 11182c067 PUD 0 Oops: 0002 [#1] PREEMPT SMP KASAN CPU: 0 PID: 382 Comm: syz-executor Tainted: G B W syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 RIP: 0010:arch_atomic_add_return arch/x86/include/asm/atomic.h:165 [inline] RIP: 0010:arch_atomic_inc_return include/linux/atomic-arch-fallback.h:286 [inline] RIP: 0010:atomic_inc_return include/asm-generic/atomic-instrumented.h:251 [inline] RIP: 0010:ihold+0x26/0x60 fs/inode.c:423 Code: 00 00 00 00 55 48 89 e5 41 56 53 48 89 fb e8 71 7d b7 ff 48 8d bb 70 01 00 00 be 04 00 00 00 e8 a0 f5 f1 ff 41 be 01 00 00 00 44 0f c1 b3 70 01 00 00 41 ff c6 bf 02 00 00 00 44 89 f6 e8 f1 RSP: 0018:ffffc90000cb7d38 EFLAGS: 00010246 RAX: ffff88810d4fcf00 RBX: 0000000000000000 RCX: ffff88810d4fcf00 RDX: 0000000000000000 RSI: 0000000000000002 RDI: 00000000ffffffff RBP: ffffc90000cb7d48 R08: 0000000000000003 R09: 0000000000000004 R10: dffffc0000000000 R11: fffffbfff0dcf648 R12: dffffc0000000000 R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000000 FS: 000055555f1f6500(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000170 CR3: 0000000127233000 CR4: 00000000003506b0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: d_delete_notify include/linux/fsnotify.h:264 [inline] vfs_rmdir+0x2d5/0x3c0 fs/namei.c:3873 incfs_kill_sb+0xf7/0x200 fs/incfs/vfs.c:1973 deactivate_locked_super+0xa0/0x100 fs/super.c:335 deactivate_super+0xaf/0xe0 fs/super.c:366 cleanup_mnt+0x44f/0x500 fs/namespace.c:1123 __cleanup_mnt+0x19/0x20 fs/namespace.c:1130 task_work_run+0x127/0x190 kernel/task_work.c:189 tracehook_notify_resume include/linux/tracehook.h:188 [inline] exit_to_user_mode_loop+0xcb/0xe0 kernel/entry/common.c:172 exit_to_user_mode_prepare+0x76/0xa0 kernel/entry/common.c:199 syscall_exit_to_user_mode+0x1d/0x40 kernel/entry/common.c:274 do_syscall_64+0x3d/0x40 arch/x86/entry/common.c:56 entry_SYSCALL_64_after_hwframe+0x61/0xcb RIP: 0033:0x7f62542fe097 Code: a2 c7 05 5c 06 25 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 RSP: 002b:00007ffe8acc8158 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f62542fe097 RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe8acc8210 RBP: 00007ffe8acc8210 R08: 00007ffe8acc9210 R09: 00000000ffffffff R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffe8acc92a0 R13: 00007f62543922ca R14: 0000000000006d8f R15: 00007ffe8acc92e0 Modules linked in: CR2: 0000000000000170 ---[ end trace ae78f9a5d8801eeb ]--- RIP: 0010:arch_atomic_add_return arch/x86/include/asm/atomic.h:165 [inline] RIP: 0010:arch_atomic_inc_return include/linux/atomic-arch-fallback.h:286 [inline] RIP: 0010:atomic_inc_return include/asm-generic/atomic-instrumented.h:251 [inline] RIP: 0010:ihold+0x26/0x60 fs/inode.c:423 Code: 00 00 00 00 55 48 89 e5 41 56 53 48 89 fb e8 71 7d b7 ff 48 8d bb 70 01 00 00 be 04 00 00 00 e8 a0 f5 f1 ff 41 be 01 00 00 00 44 0f c1 b3 70 01 00 00 41 ff c6 bf 02 00 00 00 44 89 f6 e8 f1 RSP: 0018:ffffc90000cb7d38 EFLAGS: 00010246 RAX: ffff88810d4fcf00 RBX: 0000000000000000 RCX: ffff88810d4fcf00 RDX: 0000000000000000 RSI: 0000000000000002 RDI: 00000000ffffffff RBP: ffffc90000cb7d48 R08: 0000000000000003 R09: 0000000000000004 R10: dffffc0000000000 R11: fffffbfff0dcf648 R12: dffffc0000000000 R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000000 FS: 000055555f1f6500(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000170 CR3: 0000000127233000 CR4: 00000000003506b0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 ---------------- Code disassembly (best guess): 0: 00 00 add %al,(%rax) 2: 00 00 add %al,(%rax) 4: 55 push %rbp 5: 48 89 e5 mov %rsp,%rbp 8: 41 56 push %r14 a: 53 push %rbx b: 48 89 fb mov %rdi,%rbx e: e8 71 7d b7 ff call 0xffb77d84 13: 48 8d bb 70 01 00 00 lea 0x170(%rbx),%rdi 1a: be 04 00 00 00 mov $0x4,%esi 1f: e8 a0 f5 f1 ff call 0xfff1f5c4 24: 41 be 01 00 00 00 mov $0x1,%r14d * 2a: f0 44 0f c1 b3 70 01 lock xadd %r14d,0x170(%rbx) <-- trapping instruction 31: 00 00 33: 41 ff c6 inc %r14d 36: bf 02 00 00 00 mov $0x2,%edi 3b: 44 89 f6 mov %r14d,%esi 3e: e8 .byte 0xe8 3f: f1 int1