Extracting prog: 14m11.622776871s
Minimizing prog: 15m42.234162911s
Simplifying prog options: 0s
Extracting C: 22.180567327s
Simplifying C: 11m24.146139099s


extracting reproducer from 72 programs
testing a last program of every proc
single: executing 22 programs separately with timeout 30s
testing program (duration=30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$inet6_tcp-mkdir-pipe2$9p-write$P9_RVERSION-dup-write$FUSE_BMAP-write$FUSE_NOTIFY_RETRIEVE-mount$9p_fd-mount$incfs-setsockopt$inet6_int-seccomp$SECCOMP_SET_MODE_FILTER_LISTENER-close_range-readv-socket$nl_netfilter-sendmsg$NFULNL_MSG_CONFIG-sendmsg$NFULNL_MSG_CONFIG-sendmsg$NFULNL_MSG_CONFIG-bind$inet6-sendto$inet6-close_range-mknod$loop-creat-fadvise64-bpf$PROG_LOAD-listen-syz_emit_ethernet-sendto$inet6
detailed listing:
executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
mkdir(&(0x7f00000003c0)='./file0\x00', 0x21)
pipe2$9p(&(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x800)
write$P9_RVERSION(r2, &(0x7f0000000280)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r3 = dup(r2)
write$FUSE_BMAP(r3, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r3, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r3}})
mount$incfs(&(0x7f0000000080)='./file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f0000000280), 0x1420, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x1a, &(0x7f0000000080)=0x2, 0x4)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffff7f}]})
close_range(r4, 0xffffffffffffffff, 0x2)
readv(r4, 0x0, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)=ANY=[@ANYBLOB="c9fd00000000000000080003400001047e64076ea09b42c853300731057f000500e608b7e33baac9aa7fdb5d52c2f2010001"], 0x24}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)
sendmsg$NFULNL_MSG_CONFIG(r5, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x1c, 0x1, 0x4, 0x101, 0x0, 0x0, {0x1, 0x0, 0x400}, [@NFULA_CFG_CMD={0x5, 0x1, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x60000081}, 0x800)
sendmsg$NFULNL_MSG_CONFIG(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x1c, 0x1, 0x4, 0x5, 0x0, 0x0, {0x3, 0x0, 0x10}, [@NFULA_CFG_CMD={0x5, 0x1, 0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x26088888)
bind$inet6(r0, &(0x7f0000000540)={0xa, 0x4e22, 0x7, @empty, 0x1fc}, 0x1c)
sendto$inet6(r0, &(0x7f0000000200)="b1be21d57d3daa69ce9455db9c2f6031ffc11b4ee489cf6164a2ef540a5963721530376ebf2afb5dc377ad8809608476abb77ee22d106780f9a590bb7c8ef0659d927ae659d3654d8832e580b905b6c39b80179654835df757fe473f2d14f177caadae3ab686eca7f7f73ce9a17a2da4f5f56a7decdabf8ec8f0d551f6f0b8", 0x7f, 0x4840, &(0x7f00000000c0)={0xa, 0x4e22, 0xc, @local, 0xffff}, 0x1c)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x0)
r6 = creat(&(0x7f0000000300)='./file0\x00', 0x8)
fadvise64(r6, 0xc31, 0x3, 0x3)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0xe, &(0x7f00000022c0)=ANY=[@ANYBLOB="b702000000000090bfa300000000000007030000f0ffffff7a0af0ff0200000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000010000006a0af2fe00000000850000000b000000b700000000000000950000000000000000e154cd8445974b26c933f7ffffffffe4fbffffff55bb2007ee51050512b5b42128aa090a79507df79f298129daa7a6b2f91af50342115e17392ac627c87881c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1ef0900094fa737c28b99938512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804da4f85db47a4a69bf9bc5fa96ee293fbd165a5a68488e40b030166565a097b1b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a5a787e814c4fd21a18986252a70f8f92eb6f0e8c7db4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad791fa99dac06b57479321a0574fb30ff0000001989425f5d0b79f6584d0416d7c4bb9f547b328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85821d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b0d2277a84af326f37f3e2c25a61ec45c3af97a8f17da954aff3fc8c108755f01000000010000006e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c6d294d3665016ac59dda0fde4745db06753a7ac74a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d4045c958559b7dcb98a6273b8c651e24d9f679e4fbe948dfb4cc4a389469608241730459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7f9c670012be05e7de0940313c5870786554df26236ebced9390cb6941b8375d936a7d2120eca291963eb2d537d8ee4de5c183c960119451c31539b22809e1d7f0cda06a9fa87d64cb77872a2cd8a104e16bb1a2bacf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b98d2de10c21d3ea02208d304d455c36300000000022320178b00cc6ed7966130b547dbf8b497af002000000cd1d000000200008000000000000001abc11c800000000000000000000000928ee53595a779d243a48cea769470424d20a04c04b2c4324ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2c4af38ffb7d748308eea09fc361b4735efbf3411718d6ee7aebf9ef679dbfae9fb4a79f8a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da202274f20675eb781925441578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec7ffff35e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e93311ab5009c68c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada201bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6151d79c1cee1cd102e3c8e63e9fba05e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2b485185cc92fe7f791e8f6429309d6adab4b7e508e5bf024ed8f8a005f2bbf96c89739f5cf1e750d50517a59a3ad09e8802e8f4f535447cc0fc9d5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d7fcd116bce9c764c714c9402c21d181aac59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755b67fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf000000c42a570f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af4100000000000000749efd3763655500344bae34137f5ab0d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab004321610b857e8717764b633b21cb32f0eb3280e09758bd445ab91d20baca005472b79d7b574a247f1d2fe45b3c4e93da3d51de647c10dd49944dc87c92fe8bad99ca332af00f191b66b6a6f732a91f0e2e9190e4b448da7de018c58e950767f9b320be61e58c79d497247d278888901d442ad7f8536605a644e9e3d769db497c3960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c52573d9308a13d115b43f8b1894c8fa8a14dc4810f61ae96bf704526a8919bc700002100000000000000000001000027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd52ae84c1bb0c8a6c769f952283a1f4e3842edb3d42c68a27ef6a1296dfff4a979369b0e8ebc62887aa46e820a74f91381ccc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e80063bde261fd00000000007271e28ef6806bc8e139c49b91c76bea3858f78fbd8d31330d89069f9648a2ff93060ff073b3a113e47edf76f7d116d2b0976cf2ec447c030931651dd315003b7a6a5433a2bb3c035fc6846abe389b25c988f0bbb889560ae99ec4b227eda2e63a1c31a2c2bd48a822cbe92b6524e0cd8020ecaa34e19e7141d5e221509342bfe7d294d1eb3de6a50ca0301f89c2ee627e949c68b3a4a426a9b7d503a26e9a714ee5f72d8805dd1bfbd081f6a5d1f1289dfe14cb9194e26a44fac273461fc5c0e0a33db7f2d43ea8086cf059f40fa2640b6bfb74dd35f5a31059c01517cf4b6641fce9a24b96767b837ca037a1199735c375c705c798e0e208e4a5259d0bfa526b462af45a6eab34000000000000000000000000c4426344ec1a3366515dee221e747f55d7dd02534bc503b9b28277c253e410986bef2111a99cc448d652929f8a67a6a1d3f00dcad91aff428aade3f85714a1d3ef29acd4d49b62339c10c2ec0dac4728288e78980c1184d8223edbccbf9258b7374e79a1f8bf3fb73cfd1e76982f3d899f71e495f0ba8c6dbb7bbdfc399847a11921f97eba0ea14c4fed9a71eedb97c02461792e4a48dac16c60c3fcaab222025d78963c3ac899fa8b63f58a30212c9b2d7fe751e2046b78f86e22861b6504c667350244dd6d9189a8b9c45f8aaff9db694811ca86ed978f23eed7459c0382074170cf1e25b0e9ba3d1cc309353eea4cd8ab96bafda393276bdd8d32ead8db9e1b54d2d3d50e2815268fc1a6ec566981bc8ca2a4583f3d40e817433d0f4f25cfe6cc1897449ba5f26a9d66ac73e6f5c401376f23a314e0b9ff997d22f3e34b7524642c248aa813edaa626f00000021f8547d393dabe616fbbde21c90be00b5a22671395c7a69c6dd4d022ffc97ddb6aa025131652d409da1d8cfc3d219d4b1c1b7b8170d7c33d91db2b73f7ae02485a209a2474b5d0790d05c01bec623056e4d3f4d3149373a28b26a15a1fcce73d57e6eaf7e6f315fe275ebc9ef7aeca277dde01dde724f419803a2172a7833ceab38d21ca4f1dea5e1f4d8824167b21dd289dd4e6ecfba9e163bdbc48e1e758ecde05c10809c9edfa6d77c652fd742e6dad13d2a397bebe3ea8bc087d3720e2202f36c7719ae34f042e19dc08a3323a3d94098a7ec171469352bab1662c3e4d4803c565cfcce32dad628fade43a4844abb230ce608726fd87e93c405a96cf638c41510f26e9da5f316"], &(0x7f0000000b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000040)={0x0, 0x0, 0x0, 0xfffffffe}, 0x10}, 0x94)
listen(r0, 0x80000003)
syz_emit_ethernet(0x36, &(0x7f0000000080)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x32}, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x67, 0x0, 0x4, 0x6, 0x0, @rand_addr=0x64010001, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0xc2}}}}}}, 0x0)
sendto$inet6(r0, &(0x7f0000000100)="8911b8178f2db8135dda4543dfb61f86559b20da2e119643c6b130e7d9be967be20db0ef402dc615b24aba198e2104053e5641588d0166e37adb69d7602982494984aa44aa23ea536bc1c528976f633549867e79ff7149bd74efb4414f798b582402f741774b6f909e050e587ce5d543c0d8fd338279db45bbb75e8c45c09b67aac1556d59a2dff6ba3d7838cd08427197735ae95605d1937e5e682bdef6fc022b7c79a991553f015ec4c657abf855465aac7cea8671e18e77a9fe815c868347", 0xc0, 0x80, &(0x7f00000001c0)={0xa, 0x4e22, 0x6, @ipv4={'\x00', '\xff\xff', @loopback}, 0xf}, 0x1c)

program did not crash
testing program (duration=30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$inet-ioctl$sock_inet_SIOCSARP-mprotect-accept4$inet-socket$packet-userfaultfd-ioctl$UFFDIO_UNREGISTER-setsockopt$packet_int-setsockopt$packet_rx_ring-socket$packet-ioctl$sock_SIOCGIFINDEX-setsockopt$packet_int-sendto$packet-ioctl$sock_inet_SIOCSARP-openat-ioctl$XFS_IOC_GOINGDOWN-bpf$MAP_CREATE-bpf$MAP_CREATE-bpf$MAP_GET_NEXT_KEY-syz_usb_connect$cdc_ncm
detailed listing:
executing program 0:
r0 = socket$inet(0x2, 0x3, 0x6)
ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f0000000000)={{0x2, 0x4e24, @rand_addr=0x64010102}, {0x1, @remote}, 0x2, {0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x32}}, 'bridge_slave_1\x00'})
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
accept4$inet(0xffffffffffffffff, 0x0, 0x0, 0x80800)
r1 = socket$packet(0x11, 0x2, 0x300)
r2 = userfaultfd(0x1)
ioctl$UFFDIO_UNREGISTER(r2, 0x8010aa01, &(0x7f0000000140)={&(0x7f00005c1000/0x3000)=nil, 0x3000})
setsockopt$packet_int(r1, 0x107, 0x1c, &(0x7f0000000080)=0x2, 0x4)
setsockopt$packet_rx_ring(r1, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x0, 0x0, 0x2}, 0x1c)
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'vlan1\x00', <r4=>0x0})
setsockopt$packet_int(r3, 0x107, 0xf, &(0x7f0000000000)=0x3da, 0x4)
sendto$packet(r3, &(0x7f00000000c0)="3f03fe7f37e9140006001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c153cfdf9435e3ffe46", 0xe955, 0x0, &(0x7f0000000540)={0xc9, 0x0, r4, 0x1, 0x0, 0x6, @multicast}, 0x14)
ioctl$sock_inet_SIOCSARP(r0, 0x8953, &(0x7f0000000000)={{0x2, 0x0, @dev}, {0x0, @local}, 0x4a, {0x2, 0x0, @multicast2}, 'syz_tun\x00'})
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x109342, 0x0)
ioctl$XFS_IOC_GOINGDOWN(r5, 0x8004587d, &(0x7f0000000800)=0x7)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x7f, 0x4, 0x9, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, r5, 0x0, 0x2}, 0x50)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0xd, 0x2, 0x4, 0x1, 0x11, r6}, 0x50)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000000)={r7, 0x0, 0x0}, 0x20)
syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000440)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a0000080480020009058117"], 0x0)

program did not crash
testing program (duration=30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$inet6_udplite-sendmsg$inet6-socket-getgroups-lstat-newfstatat-getegid-getgroups-getgid-getgid-getgroups-openat$fuse-read$FUSE-write$FUSE_CREATE_OPEN-ioctl$sock_FIOGETOWN-ptrace$PTRACE_GETSIGMASK-getsockopt$sock_cred-getgroups-prlimit64-socket$nl_generic-syz_genetlink_get_family_id$devlink-sendmsg$DEVLINK_CMD_SB_POOL_GET-fcntl$setown-syz_genetlink_get_family_id$batadv-getsockopt$sock_cred-setgroups-rt_sigsuspend-getgroups-setgroups-syz_genetlink_get_family_id$tipc2
detailed listing:
executing program 0:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmsg$inet6(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="5c978da9c9754ccbe352e1d584f5b54f178c15b9492701612bfa6037ee38ab1456e546f4318a8a2157f26fbaa1cee15108016dc5c9e00e9c008629122ff89c4a7e1469e2c47979e4b87d090c92c2", 0x4e}], 0x1, &(0x7f00000000c0)=[@rthdr={{0x98, 0x29, 0x39, {0x2b, 0x10, 0x2, 0x10, 0x0, [@ipv4={'\x00', '\xff\xff', @broadcast}, @loopback, @remote, @local, @private0={0xfc, 0x0, '\x00', 0x1}, @private2={0xfc, 0x2, '\x00', 0x1}, @remote, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01']}}}, @dontfrag={{0x14, 0x29, 0x3e, 0x1}}], 0xb0}, 0xc5)
r1 = socket(0x8e4ef131fac423ba, 0x2, 0x34)
getgroups(0x4, &(0x7f00000001c0)=[0xee01, 0xee00, <r2=>0xffffffffffffffff, 0xee00])
lstat(&(0x7f0000000200)='./file0\x00', &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0})
newfstatat(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, <r4=>0x0, <r5=>0x0}, 0x0)
r6 = getegid()
getgroups(0x7, &(0x7f0000000380)=[<r7=>0x0, 0xee01, <r8=>0xee00, 0x0, 0xee01, 0x0, 0x0])
r9 = getgid()
r10 = getgid()
getgroups(0x8, &(0x7f00000003c0)=[r2, r3, <r11=>r5, r6, 0xee01, <r12=>r8, <r13=>r9, r10])
r14 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000000440)={0x2020, 0x0, <r15=>0x0, 0x0, <r16=>0x0, <r17=>0x0}, 0x2020)
write$FUSE_CREATE_OPEN(r14, &(0x7f0000002480)={0xa0, 0x0, r15, {{0x1, 0x2, 0x0, 0x0, 0x5, 0x5, {0x0, 0xfe4, 0x81, 0x1, 0x100, 0x5, 0x5, 0x3, 0x1ff, 0x6000, 0x40, r4, r2, 0xd2}}, {0x0, 0x8}}}, 0xa0)
ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f0000002540)=<r18=>0x0)
ptrace$PTRACE_GETSIGMASK(0x420a, r18, 0x8, &(0x7f0000002580))
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000025c0)={<r19=>0x0, 0x0, <r20=>0x0}, &(0x7f0000002600)=0xc)
getgroups(0x4, &(0x7f0000002640)=[r10, r5, <r21=>r20, r8])
prlimit64(r19, 0xa, &(0x7f0000002680)={0x2, 0x5}, &(0x7f00000026c0))
r22 = socket$nl_generic(0x10, 0x3, 0x10)
r23 = syz_genetlink_get_family_id$devlink(&(0x7f0000002740), r1)
sendmsg$DEVLINK_CMD_SB_POOL_GET(r22, &(0x7f0000002800)={&(0x7f0000002700)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000027c0)={&(0x7f0000002780)={0x40, r23, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [{@pci={{0x8}, {0x11}}, {0x8, 0xb, 0xe}, {0x6}}]}, 0x40}, 0x1, 0x0, 0x0, 0x20000000}, 0x4800)
fcntl$setown(r1, 0x8, r17)
syz_genetlink_get_family_id$batadv(&(0x7f0000002840), 0xffffffffffffffff)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000002880)={0x0, 0x0, <r24=>0x0}, &(0x7f00000028c0)=0xc)
setgroups(0x3, &(0x7f0000002900)=[r24, r16, r12])
rt_sigsuspend(&(0x7f0000002940)={[0x7]}, 0x8)
getgroups(0x2, &(0x7f0000002980)=[<r25=>r13, r9])
setgroups(0x7, &(0x7f00000029c0)=[r21, r25, r7, r8, r11, r11, r13])
syz_genetlink_get_family_id$tipc2(&(0x7f0000002a00), r22)

program did not crash
testing program (duration=30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket-syz_mount_image$ext4-socket$unix-bind$unix-socket$nl_generic-prlimit64-sched_setscheduler-getpid-sched_setaffinity-sched_setscheduler-mmap-socketpair$unix-connect$unix-sendmmsg$unix-recvmmsg-capset-syz_open_procfs-fchdir-syz_clone-syz_open_procfs-pread64-openat-fallocate-socketpair$unix-syz_open_dev$evdev-ioctl$EVIOCGRAB
detailed listing:
executing program 0:
socket(0x10, 0x3, 0x0)
syz_mount_image$ext4(&(0x7f0000000900)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x1000040, &(0x7f0000001300)={[{@nouid32}, {@nodioread_nolock}, {@noquota}, {@delalloc}, {@journal_dev={'journal_dev', 0x3d, 0x9}}, {@commit}, {@usrquota}, {@bh}]}, 0x1, 0x5a3, &(0x7f00000002c0)="$eJzs3T1sG3UbAPDnznHTj7xv+krvK72gDhUgFamqk/QDClO7IipV6oDEApHjRlWcuIodaKJIpHuF6IAAdSkbDIwgBgbEwsjKwseMVNEIpKYDGDk+p2nqFCfEMcS/n3TJ/3939vP8fX7OvtOdHEDfOtr4k0Y8EREXk4jhdcsGIlt4tLneyvJi8f7yYjGJev3Sz0kkEXFvebHYWj/J/h+KiKWI+H9EfJWPOJ6uPeW+VqM6vzA1Xi6XZrP+SG366kh1fuHElenxydJkaebU8y+cOXv6zNjJsfXp3q+v7+W3NtYb3998+8Y3L92++fEnR5aK744ncS6GsmXrx7GTmq9JPs5tmH+6G8F6KOl1AmxLLqvzRin9L4Yjl1V9O/X1O4fBXUkP6KL6YER9zbom0AcSRQ99qvU9oHH825p28/vHnfPNA5BG3JXlxeJb0Yo/0Dw3EftXj00O/pI8dGTSON48vJuJsictXY+I0YGBR9//Sfb+277RnUiQrvryfHNDPbr907X9T7TZ/wy1zp3+Ra3930q2/1tpEz+3yf7vYocxfnv1xw82jX99MJ5sGz9Zi5+0iZ9GxOsdxr/1yudnN1tW/zDiWLSP35I8/vzwyOUr5dJo82/bGF8cO/Li5uOPOLhJ/OY52/2riawf/74sp7TD8X/29adPLT0m/rNPP377t3v9D0TEOx3G/8+9j17ebNmd68ndxreArW7/JPJxu8P4z507+l3WdNYQAAAAAAAAAAB2ULp6LVuSFtbaaVooNO/h/W8cTMuVau345crczETzmrfDkU9bV1oNN/tJoz+WXY/b6p/c0D+VywLmDqz2C8VKeaLHYwcAAAAAAAAAAAAAAAAAAIC/i0Mb7v//Nbd6///Gn6sG9qrNf/Ib2OvUP/Svh+s/6VkewO7z+Q99q67+oX+pf+hf6h/6l/qH/tW2/g/sfh7A7vP5D/1L/QMAAAAAAAAAAAAAAAAAAAAAAAAAQFdcvHChMdXvLy8WG/2Jgfm5qcobJyZK1anC9FyxUKzMXi1MViqT5VKhWJn+s+dLKpWrozEzd22kVqrWRqrzC69NV+ZmWr8pWsp3fUQAAAAAAAAAAAAAAAAAAADwzzO0OiVpISLf7KdpoRDxr4g4nERy+Uq5NBoR/46Ib3P5wUZ/rNdJAwAAAAAAAAAAAAAAAAAAwB5TnV+YGi+XS7PdawxkoTp71A+1ruYzsJWVI2JpZ9NoPOOWH5XPXsDubqY+aeQ6fB/2faOHOyUAAAAAAAAAAAAAAAAAAOhTD2767fQRv3c3IQAAAAAAAAAAAAAAAAAAAOhL6U9JRDSmY8PPDG1cui9Zya3+j4g3b11679p4rTY71ph/d21+7f1s/sle5A90qlWnaUQ06hgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4oDq/MDVeLpdmt9kY7GCdXo8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYDv+CAAA//9bQM66")
r0 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r0, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeee, 0x8031, 0xffffffffffffffff, 0x4000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
capset(&(0x7f0000000080)={0x20080522}, &(0x7f0000000180)={0x200000, 0x200000, 0x0, 0x0, 0xd33, 0x7})
r4 = syz_open_procfs(0x0, &(0x7f0000000300)='task\x00')
fchdir(r4)
r5 = syz_clone(0x20100000, 0x0, 0x0, 0x0, 0x0, 0x0)
r6 = syz_open_procfs(r5, &(0x7f0000000100)='net/icmp6\x00')
pread64(r6, &(0x7f00000001c0)=""/50, 0x32, 0x40000000009)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x183042, 0x15)
fallocate(r7, 0x10, 0x7fffffff, 0x683)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240))
r8 = syz_open_dev$evdev(&(0x7f00000001c0), 0xb, 0x80)
ioctl$EVIOCGRAB(r8, 0x40044590, &(0x7f0000000080)=0x3)

program did not crash
testing program (duration=30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): epoll_create1-epoll_ctl$EPOLL_CTL_ADD-dup3-epoll_ctl$EPOLL_CTL_ADD-ioctl$HIDIOCINITREPORT-socket$inet_udp-syz_open_dev$tty1-ioctl$TIOCGDEV-timerfd_create-read-syz_clone-sendmmsg$inet6-socket$inet6_tcp-ioctl$sock_SIOCETHTOOL-socketpair$unix-setsockopt$SO_ATTACH_FILTER-sendmmsg-sendmsg$nl_route-io_setup-openat$vhost_vsock-ioctl$VHOST_SET_OWNER-ioctl$VHOST_SET_VRING_ADDR-syz_usb_connect-eventfd-setresgid-bpf$PROG_LOAD-io_submit-madvise-fsconfig$FSCONFIG_SET_STRING-setsockopt$sock_int
detailed listing:
executing program 0:
r0 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, 0xffffffffffffffff, &(0x7f0000000000)={0xe000202b}) (async)
r1 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r1, &(0x7f00000001c0)={0x2007}) (async)
ioctl$HIDIOCINITREPORT(r1, 0x4805, 0x0) (async)
r2 = socket$inet_udp(0x2, 0x2, 0x0) (async)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCGDEV(r3, 0x80045432, &(0x7f0000000080)) (async)
r4 = timerfd_create(0x0, 0x0)
read(r4, &(0x7f00000000c0)=""/252, 0xfc) (async)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000007240)=[{{0x0, 0x0, &(0x7f0000001380)=[{&(0x7f00000012c0)="1ce02c7a", 0x4}], 0x1}}], 0x1, 0x1c000)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_SIOCETHTOOL(r5, 0x8946, &(0x7f0000000100)={'bridge_slave_1\x00', &(0x7f0000000080)=@ethtool_cmd={0x24, 0x0, 0x3, 0x6, 0xff, 0x0, 0x0, 0xff, 0x0, 0xfa, 0x20000000, 0x7883, 0x0, 0x1, 0x1, 0x6162b9dd, [0x47cb, 0x80000001]}}) (async)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r7, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f0000000040)=[{0x20, 0x0, 0x0, 0xfffff00c}, {0x20, 0x0, 0x0, 0xfffff038}, {0x6}]}, 0x10) (async)
sendmmsg(r6, &(0x7f0000000180), 0x4000190, 0x0) (async)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x40014) (async)
io_setup(0x2, &(0x7f0000000080)=<r8=>0x0) (async)
r9 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r9, 0xaf01, 0x0) (async)
ioctl$VHOST_SET_VRING_ADDR(r9, 0x4028af11, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff})
syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000564404204e080110f9330102030109021b00010000000009040000014a90c200090588", @ANYRES32], 0x0) (async)
r10 = eventfd(0x0)
setresgid(0xffffffffffffffff, 0xee01, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x10, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="b400000000000000791048000000000063a804ff000000009500000000200000"], &(0x7f0000000080)='GPL\x00', 0x2, 0x3e0, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x76}, 0x21) (async)
io_submit(r8, 0x2, &(0x7f0000000040)=[&(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0xca, r10, &(0x7f0000000180)="0000fd6000000000", 0x8, 0x36}, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x2, 0x0, r10, 0x0, 0x0, 0x0, 0x0, 0x1, r10}]) (async)
madvise(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x15) (async)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f00000001c0)='/dev/vhost-vsock\x00', &(0x7f0000000200)=']]!@\x00', 0x0) (async)
setsockopt$sock_int(r2, 0x1, 0x2e, &(0x7f0000000800)=0x80000000, 0x4)

program did not crash
testing program (duration=30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): epoll_create1-epoll_ctl$EPOLL_CTL_ADD-dup3-epoll_ctl$EPOLL_CTL_ADD-ioctl$HIDIOCINITREPORT-socket$inet_udp-syz_open_dev$tty1-ioctl$TIOCGDEV-timerfd_create-read-syz_clone-sendmmsg$inet6-socket$inet6_tcp-ioctl$sock_SIOCETHTOOL-socketpair$unix-setsockopt$SO_ATTACH_FILTER-sendmmsg-sendmsg$nl_route-io_setup-openat$vhost_vsock-ioctl$VHOST_SET_OWNER-ioctl$VHOST_SET_VRING_ADDR-syz_usb_connect-eventfd-setresgid-bpf$PROG_LOAD-io_submit-madvise-fsconfig$FSCONFIG_SET_STRING-setsockopt$sock_int
detailed listing:
executing program 0:
r0 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, 0xffffffffffffffff, &(0x7f0000000000)={0xe000202b}) (async)
r1 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r1, &(0x7f00000001c0)={0x2007}) (async)
ioctl$HIDIOCINITREPORT(r1, 0x4805, 0x0) (async)
r2 = socket$inet_udp(0x2, 0x2, 0x0) (async)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCGDEV(r3, 0x80045432, &(0x7f0000000080)) (async)
r4 = timerfd_create(0x0, 0x0)
read(r4, &(0x7f00000000c0)=""/252, 0xfc) (async)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000007240)=[{{0x0, 0x0, &(0x7f0000001380)=[{&(0x7f00000012c0)="1ce02c7a", 0x4}], 0x1}}], 0x1, 0x1c000)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_SIOCETHTOOL(r5, 0x8946, &(0x7f0000000100)={'bridge_slave_1\x00', &(0x7f0000000080)=@ethtool_cmd={0x24, 0x0, 0x3, 0x6, 0xff, 0x0, 0x0, 0xff, 0x0, 0xfa, 0x20000000, 0x7883, 0x0, 0x1, 0x1, 0x6162b9dd, [0x47cb, 0x80000001]}}) (async)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r7, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f0000000040)=[{0x20, 0x0, 0x0, 0xfffff00c}, {0x20, 0x0, 0x0, 0xfffff038}, {0x6}]}, 0x10) (async)
sendmmsg(r6, &(0x7f0000000180), 0x4000190, 0x0) (async)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x40014) (async)
io_setup(0x2, &(0x7f0000000080)=<r8=>0x0) (async)
r9 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r9, 0xaf01, 0x0) (async)
ioctl$VHOST_SET_VRING_ADDR(r9, 0x4028af11, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff})
syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000564404204e080110f9330102030109021b00010000000009040000014a90c200090588", @ANYRES32], 0x0) (async)
r10 = eventfd(0x0)
setresgid(0xffffffffffffffff, 0xee01, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x10, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="b400000000000000791048000000000063a804ff000000009500000000200000"], &(0x7f0000000080)='GPL\x00', 0x2, 0x3e0, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x76}, 0x21) (async)
io_submit(r8, 0x2, &(0x7f0000000040)=[&(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0xca, r10, &(0x7f0000000180)="0000fd6000000000", 0x8, 0x36}, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x2, 0x0, r10, 0x0, 0x0, 0x0, 0x0, 0x1, r10}]) (async)
madvise(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x15) (async)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f00000001c0)='/dev/vhost-vsock\x00', &(0x7f0000000200)=']]!@\x00', 0x0) (async)
setsockopt$sock_int(r2, 0x1, 0x2e, &(0x7f0000000800)=0x80000000, 0x4)

program did not crash
testing program (duration=30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_open_procfs-close_range-openat$kvm-ioctl$KVM_CHECK_EXTENSION-mount$tmpfs-getpid-syz_pidfd_open-recvmmsg-setns-umount2-socket$inet_tcp-pipe-socket$inet_tcp-setsockopt$inet_tcp_int-prlimit64-sched_setscheduler-getpid-sched_setaffinity-sched_setscheduler-mmap-socketpair$unix-connect$unix-sendmmsg$unix-recvmmsg-socket$nl_route-setsockopt$inet_tcp_int-connect$inet6-connect$inet-seccomp$SECCOMP_SET_MODE_FILTER_LISTENER-close_range
detailed listing:
executing program 0:
syz_open_procfs(0x0, &(0x7f0000000240)='mountinfo\x00')
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0xc)
mount$tmpfs(0x0, 0x0, &(0x7f00000000c0), 0x0, 0x0)
r1 = getpid()
r2 = syz_pidfd_open(r1, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000010c0)=[{{&(0x7f00000003c0)=@sco, 0x80, &(0x7f00000007c0)=[{&(0x7f0000000440)=""/61, 0x3d}, {&(0x7f0000000480)=""/164, 0xa4}, {&(0x7f0000000540)=""/161, 0xa1}, {&(0x7f0000000600)=""/148, 0x94}, {&(0x7f00000006c0)=""/136, 0x88}, {&(0x7f0000000780)}], 0x6, &(0x7f0000000840)=""/21, 0x15}}, {{&(0x7f0000000880)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, 0x80, &(0x7f0000000980)=[{&(0x7f0000000900)=""/101, 0x65}], 0x1}, 0x1}, {{&(0x7f00000009c0)=@rc, 0x80, &(0x7f0000000f40)=[{&(0x7f0000000a40)=""/98, 0x62}, {&(0x7f0000000ac0)=""/29, 0x1d}, {&(0x7f0000001180)=""/132, 0x84}, {&(0x7f0000000b80)=""/240, 0xf0}, {&(0x7f0000000c80)=""/19, 0x13}, {&(0x7f0000000cc0)=""/161, 0xa1}, {&(0x7f0000000d80)=""/215, 0xd7}, {&(0x7f0000000e80)=""/146, 0x92}], 0x8, &(0x7f0000000fc0)=""/203, 0xcb}, 0x3}], 0x3, 0x40, &(0x7f0000001700)={0x77359400})
setns(r2, 0x24020000)
umount2(&(0x7f0000000280)='./file0\x00', 0xa)
socket$inet_tcp(0x2, 0x1, 0x0)
pipe(&(0x7f0000000380)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r4, 0x6, 0x10000000013, &(0x7f0000000180)=0x1, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000080)=0x1000009)
r5 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f0000001800)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
setsockopt$inet_tcp_int(r4, 0x6, 0x14, 0x0, 0x0)
connect$inet6(r3, &(0x7f00000001c0)={0xa, 0x4e24, 0x1, @rand_addr=' \x01\x00', 0x7ff}, 0x1c)
connect$inet(r3, &(0x7f0000000300)={0x2, 0x0, @local}, 0x10)
r8 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x6, 0x7fff7ffc}]})
close_range(r8, 0xffffffffffffffff, 0x200000000000000)

program did not crash
testing program (duration=30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_open_procfs-close_range-openat$kvm-ioctl$KVM_CHECK_EXTENSION-mount$tmpfs-getpid-syz_pidfd_open-recvmmsg-setns-umount2-socket$inet_tcp-pipe-socket$inet_tcp-setsockopt$inet_tcp_int-prlimit64-sched_setscheduler-getpid-sched_setaffinity-sched_setscheduler-mmap-socketpair$unix-connect$unix-sendmmsg$unix-recvmmsg-socket$nl_route-setsockopt$inet_tcp_int-connect$inet6-connect$inet-seccomp$SECCOMP_SET_MODE_FILTER_LISTENER-close_range
detailed listing:
executing program 0:
syz_open_procfs(0x0, &(0x7f0000000240)='mountinfo\x00')
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0xc)
mount$tmpfs(0x0, 0x0, &(0x7f00000000c0), 0x0, 0x0)
r1 = getpid()
r2 = syz_pidfd_open(r1, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000010c0)=[{{&(0x7f00000003c0)=@sco, 0x80, &(0x7f00000007c0)=[{&(0x7f0000000440)=""/61, 0x3d}, {&(0x7f0000000480)=""/164, 0xa4}, {&(0x7f0000000540)=""/161, 0xa1}, {&(0x7f0000000600)=""/148, 0x94}, {&(0x7f00000006c0)=""/136, 0x88}, {&(0x7f0000000780)}], 0x6, &(0x7f0000000840)=""/21, 0x15}}, {{&(0x7f0000000880)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, 0x80, &(0x7f0000000980)=[{&(0x7f0000000900)=""/101, 0x65}], 0x1}, 0x1}, {{&(0x7f00000009c0)=@rc, 0x80, &(0x7f0000000f40)=[{&(0x7f0000000a40)=""/98, 0x62}, {&(0x7f0000000ac0)=""/29, 0x1d}, {&(0x7f0000001180)=""/132, 0x84}, {&(0x7f0000000b80)=""/240, 0xf0}, {&(0x7f0000000c80)=""/19, 0x13}, {&(0x7f0000000cc0)=""/161, 0xa1}, {&(0x7f0000000d80)=""/215, 0xd7}, {&(0x7f0000000e80)=""/146, 0x92}], 0x8, &(0x7f0000000fc0)=""/203, 0xcb}, 0x3}], 0x3, 0x40, &(0x7f0000001700)={0x77359400})
setns(r2, 0x24020000)
umount2(&(0x7f0000000280)='./file0\x00', 0xa)
socket$inet_tcp(0x2, 0x1, 0x0)
pipe(&(0x7f0000000380)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r4, 0x6, 0x10000000013, &(0x7f0000000180)=0x1, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000080)=0x1000009)
r5 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f0000001800)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
setsockopt$inet_tcp_int(r4, 0x6, 0x14, 0x0, 0x0)
connect$inet6(r3, &(0x7f00000001c0)={0xa, 0x4e24, 0x1, @rand_addr=' \x01\x00', 0x7ff}, 0x1c)
connect$inet(r3, &(0x7f0000000300)={0x2, 0x0, @local}, 0x10)
r8 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x6, 0x7fff7ffc}]})
close_range(r8, 0xffffffffffffffff, 0x200000000000000)

program did not crash
testing program (duration=30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$PROG_LOAD-openat$kvm-ioctl$KVM_CREATE_VM-syz_kvm_setup_syzos_vm$x86-creat-ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL-syz_mount_image$vfat-syz_open_dev$usbfs-creat-newfstatat-ioctl$ifreq_SIOCGIFINDEX_team-getsockopt$sock_cred-sendmsg$nl_xfrm-syz_clone-syz_kvm_add_vcpu$x86-ioctl$KVM_RUN-syz_open_procfs-openat$tun-ioctl$TUNSETIFF-socket-ioctl$sock_SIOCETHTOOL-socket$inet6-capset-sendmmsg-openat$ptmx-ioctl$TCXONC
detailed listing:
executing program 0:
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x3, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x20000, 0x0, 0x0, 0x0, 0x200020}, [@call={0x85, 0x0, 0x0, 0x6c}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @sched_cls=0x36, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = openat$kvm(0x0, &(0x7f0000000180), 0x128000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$x86(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = creat(&(0x7f0000000300)='./file0\x00', 0x1c2)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000480)={'erspan0\x00', &(0x7f0000000440)={'ip_vti0\x00', <r4=>0x0, 0x7800, 0x700, 0x200, 0x7, {{0x6, 0x4, 0x2, 0x4, 0x18, 0x65, 0x0, 0x7f, 0x2f, 0x0, @loopback, @dev={0xac, 0x14, 0x14, 0x17}, {[@noop]}}}}})
syz_mount_image$vfat(&(0x7f0000000440), &(0x7f0000000280)='./file1\x00', 0x8008dc, &(0x7f0000000600)=ANY=[@ANYBLOB='shortname=winnt,uni_xlate=1,rodir,uni_xlate=0,iocharset=macgaelic,shortname=lower,utf8=1,iocharset=iso8859-13,uni_xlate=1,rodir,shortname=win95,shortname=lower,codepage=874,shortname=lower,utf8=0,shortname=lower,uni_xlate=0,uni_xlate=0,nonumtail=0,short\b\x00\x00\x00\x00\x00\x00\x0095,rodir,uni_xlate=0,rodir,shortname=mixed,sFortname=lower,nnonumtail=1,showexec,\x00', @ANYBLOB="b0baffea7e7b0100f8fde1f7928de8eb76582a", @ANYRES16, @ANYBLOB="41b133d266f2863fd067b900ff4e320c6f"], 0x6, 0x2e7, &(0x7f0000000780)="$eJzs3T+LHGUYAPBn9mZ3J1rsFVYiOKCFVciltblDLiBeZbgiWuhhEpDbRcjBiVHcpBI7G0s/gSD4QWzsLAVbwc4IgVdmdib7J+PeXWBPNL9fkTw37/vM+7wzc3fT3LMfvjI5vl3G3Ydf/BpFkUVvdxjxKIvt6EXrQSzZ/SYAgP+yRynFH2mmY/iXr9fkFhusCwDYnDN+/zfy+t9b1YwfL682AGAzbt567529g4P9d8uyiBuTr04Ps4io/p+N792Nj2Mcd+JajOJxRP2i0I/6baEKb6SUpnlZ2Y7XJ9PTwypz8sFPzfn3fo+o83diFNv1oSdvGyldiYiD/Z1yZiF/WtXxQrP+bpV/PUbx0pPk+fpvH+xf78iPw0G88dpC/VdjFD9/FJ/EOG7XRczzv9wpy7fSt39+/n5VXpWfTU8Ph/W8ubTVLj695HsEAAAAAAAAAAAAAAAAAAAAAMD/z9Wmd84w6v491aGm/87W4+qLfpSt7eX+PLP8rD3RvD9Q9FJK0xTftf11rpVlmbJZG8F5fh4v501jQQAAAAAAAAAAAAAAAAAAAHjOnXx2//hoPL5z78LBg46hthtAHhF/3Yx4tjMfjXcXjrwa97fWTR42ax6Nx70mXJ6TLx6JrXZOFrG2jGoTVdCe/5kv1NnBladqboLvf+jMqnZ0kkfXUHH2ov3utS4YfNpfc1nap+v4KIvO9GFTfBFFdeNi9cYNonv1fqwcGfxThe2jeL7tDDqHRhe+LIMX62C6Zk5k674v3vxtVvbCLpbmDOqr2pneb4KF9JVno/terARRzNKf/lmR6dYBAAAAAAAAAAAAAAAAAAAbNf/r347Bh9niJ/yv6qXhZmsDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgMsy//z/8wT5cvI5sgZx7+Tf2hsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADPj78DAAD//4uDTs0=")
syz_open_dev$usbfs(0x0, 0x205, 0x8401)
creat(&(0x7f00000000c0)='./file0\x00', 0x2)
newfstatat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, <r5=>0x0}, 0x800)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000600)={'team0\x00', <r6=>0x0})
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000640)={0x0, <r7=>0x0}, &(0x7f0000000680)=0xc)
sendmsg$nl_xfrm(r3, &(0x7f0000000b40)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000b00)={&(0x7f00000006c0)=@updsa={0x43c, 0x1a, 0x200, 0x70bd2c, 0x25dfdbfc, {{@in=@remote, @in=@local, 0x4e22, 0x1, 0x4e21, 0x7, 0xa, 0xc0, 0x80, 0x88, r4, r5}, {@in=@multicast1, 0x4d4, 0x47}, @in=@private=0xa010101, {0x733, 0x6, 0x3, 0x0, 0x5, 0x3, 0x742, 0x10}, {0x4, 0x0, 0x101, 0xc}, {0x4, 0x20000000, 0x9ed4}, 0x70bd25, 0x3506, 0x0, 0x3, 0x9, 0x1}, [@etimer_thresh={0x8, 0xc, 0x7fffffff}, @policy={0xac, 0x7, {{@in6=@local, @in6=@loopback, 0x4e23, 0x8, 0x4e22, 0x8, 0xa, 0x0, 0x80, 0x32, r6, r7}, {0x3, 0x9, 0x800, 0x1, 0x101, 0x3, 0xe1}, {0x0, 0x888, 0x40}, 0x7, 0x0, 0x1, 0x0, 0x2, 0x1}}, @lifetime_val={0x24, 0x9, {0xaa53, 0xfffffffffffffffd, 0x6, 0x6}}, @algo_auth={0x8b, 0x1, {{'ghash\x00'}, 0x218, "9eb51522fd8bc2e5dab5220ad8973adbe84cde61536eef04f9af21046c3a88cdef364aa0790189315dccb1fbe1af5b3f255b0a478f3bee5195a514c5ff57b2b25f40a5"}}, @algo_crypt={0x81, 0x2, {{'ecb-serpent-avx\x00'}, 0x1c8, "ee917494ce00eaf63aa5d1b5f99bd17ff40ff5130ca9dd9868ddca285e3afe56ac0fe3bfe866c3afbe9a7b11dd4b04fd6a26c60addecaca950"}}, @address_filter={0x28, 0x1a, {@in6=@mcast1, @in=@dev={0xac, 0x14, 0x14, 0x23}, 0x8, 0x8, 0xe}}, @algo_crypt={0x118, 0x2, {{'lrw-camellia-aesni\x00'}, 0x680, "bf8755d3d98d4267f0aaf512971d72b9543cbb289d1dac2bbd7095cae05fcb4920db118f428d6f9c4bda5ead73d8f3f4927b5d410ff7ded5b0bc8897874a41a5c8b235f673e220874a3740f1ee65e4d00b33ff3a7e7f1ac16ce9c7e7e0a0ef0861bf1ce85e951e82d959885b503d491a48c087b8cbe4d5ea8ce7cb7ef90589c0a3ed308be6b45ac6c24e30ebd33ab0d8f1bd3fcf875c27143c68052fedd7f06174e3da3ed0ac556ca369e97654c9f730fe4c473bb71357a7710c5c9e09b4ca4f40c1691e35a7949ca6444bce03c32910"}}, @tfcpad={0x8, 0x16, 0x9}, @coaddr={0x14, 0xe, @in6=@private0={0xfc, 0x0, '\x00', 0x1}}, @etimer_thresh={0x8, 0xc, 0x5}]}, 0x43c}, 0x1, 0x0, 0x0, 0x4000}, 0x48800)
syz_clone(0x0, &(0x7f0000000080)="4a1850f415893485197d93c52aa8749341cd344a966128751a88c69cb7dab5f9eb925c09ee7b6f104cc33636d6f9ae45daa8e732218f1fa9deaef0ec74abd5ae527eaf4bf16cc05c2d1450279bb18ab2c454f40225ee155d0a49efff4d5e3bb5a33bdede76dc63358ee2e79bdb877e67fe9a6b7f7a414b7e1c81fa67ce6d70a131d5cef8062886dbf053992b74377e9838cd701088c5a7a2e76a695a39a1ce2ddb79b84696401e652c91b10f9dc862a693f775c112de6af6db7e7682", 0xbc, &(0x7f0000000140), &(0x7f00000001c0), &(0x7f0000000200)="e4585a770dc0cf5fd31e9d023af75c73cb1c5e450ee80e98a84cc0e1e097bcb5b95322bbfdd3350f34eba4c6a8ae7c87045234d489b677041758fc2308c5e0cec591966cfc0047dba030763f57c11fc3284530623d986179772f6cedc9ed84727dd1d6751b75f8f1bca9a05361ffaf40dad267fadedaa06f3f4971159f42eeb05e64ffdcbc75fc39a579db3fed16d8c53b5eb9ce10")
r8 = syz_kvm_add_vcpu$x86(r2, &(0x7f0000000040)={0x0, &(0x7f00000004c0)=[@enable_nested={0x12c, 0x18}, @code={0xa, 0x5f, {"3644f936410fc7b52295bcfd66b80c018ec00f01df66baf80cb85065c083ef66bafc0c66ed42da4100360f1a1f460f01ca660f38803048b8f1ffff7f000000000f23c00f21f835010004000f23f8"}}], 0x77})
ioctl$KVM_RUN(r8, 0xae80, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='fd\x00')
r9 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r9, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r10 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r10, 0x8946, &(0x7f00000000c0)={'syzkaller0\x00', &(0x7f00000003c0)=@ethtool_drvinfo={0x3, "7fb3a9c89c027e5bd3b0977d5afb2dc406d7f76472021fde2d1a6d53cdc3a7f3", "dc52532b8fa0ee4c08382626733414f7b83341a051a1b79e027229c1afb949b7", "1caee462d5369d5545606aec028d305881b1d5bd5321243355b8489402ac5730", "17f61d4643488732adfd6e6c6e28e0123c5fa0a9eec41498771bb04e2a335598", "af9d2e686841345c1d83c049f4bf7d3265c1423a1195d87b39115c0c37e618c9", "5565425fb1cebee1befdaea8", 0x9, 0x7ff, 0xff, 0xfffff42b, 0x5}})
r11 = socket$inet6(0xa, 0x3, 0x5)
capset(&(0x7f0000a31000)={0x20080522}, &(0x7f0000000080)={0x0, 0x1, 0x0, 0x0, 0x1, 0x3})
sendmmsg(r11, &(0x7f0000001500)=[{{&(0x7f0000000040)=@l2tp6={0xa, 0x0, 0x7080000, @ipv4={'\x00', '\xff\xff', @broadcast}, 0x7, 0x1}, 0x80, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="080100000000000029000000", @ANYRES64=r11], 0x108}}], 0x1, 0xc040)
r12 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0), 0x70800, 0x0)
ioctl$TCXONC(r12, 0x540a, 0x3)

program did not crash
testing program (duration=30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$PROG_LOAD-openat$kvm-ioctl$KVM_CREATE_VM-syz_kvm_setup_syzos_vm$x86-creat-ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL-syz_mount_image$vfat-syz_open_dev$usbfs-creat-newfstatat-ioctl$ifreq_SIOCGIFINDEX_team-getsockopt$sock_cred-sendmsg$nl_xfrm-syz_clone-syz_kvm_add_vcpu$x86-ioctl$KVM_RUN-syz_open_procfs-openat$tun-ioctl$TUNSETIFF-socket-ioctl$sock_SIOCETHTOOL-socket$inet6-capset-sendmmsg-openat$ptmx-ioctl$TCXONC
detailed listing:
executing program 0:
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x3, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x20000, 0x0, 0x0, 0x0, 0x200020}, [@call={0x85, 0x0, 0x0, 0x6c}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @sched_cls=0x36, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = openat$kvm(0x0, &(0x7f0000000180), 0x128000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$x86(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = creat(&(0x7f0000000300)='./file0\x00', 0x1c2)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000480)={'erspan0\x00', &(0x7f0000000440)={'ip_vti0\x00', <r4=>0x0, 0x7800, 0x700, 0x200, 0x7, {{0x6, 0x4, 0x2, 0x4, 0x18, 0x65, 0x0, 0x7f, 0x2f, 0x0, @loopback, @dev={0xac, 0x14, 0x14, 0x17}, {[@noop]}}}}})
syz_mount_image$vfat(&(0x7f0000000440), &(0x7f0000000280)='./file1\x00', 0x8008dc, &(0x7f0000000600)=ANY=[@ANYBLOB='shortname=winnt,uni_xlate=1,rodir,uni_xlate=0,iocharset=macgaelic,shortname=lower,utf8=1,iocharset=iso8859-13,uni_xlate=1,rodir,shortname=win95,shortname=lower,codepage=874,shortname=lower,utf8=0,shortname=lower,uni_xlate=0,uni_xlate=0,nonumtail=0,short\b\x00\x00\x00\x00\x00\x00\x0095,rodir,uni_xlate=0,rodir,shortname=mixed,sFortname=lower,nnonumtail=1,showexec,\x00', @ANYBLOB="b0baffea7e7b0100f8fde1f7928de8eb76582a", @ANYRES16, @ANYBLOB="41b133d266f2863fd067b900ff4e320c6f"], 0x6, 0x2e7, &(0x7f0000000780)="$eJzs3T+LHGUYAPBn9mZ3J1rsFVYiOKCFVciltblDLiBeZbgiWuhhEpDbRcjBiVHcpBI7G0s/gSD4QWzsLAVbwc4IgVdmdib7J+PeXWBPNL9fkTw37/vM+7wzc3fT3LMfvjI5vl3G3Ydf/BpFkUVvdxjxKIvt6EXrQSzZ/SYAgP+yRynFH2mmY/iXr9fkFhusCwDYnDN+/zfy+t9b1YwfL682AGAzbt567529g4P9d8uyiBuTr04Ps4io/p+N792Nj2Mcd+JajOJxRP2i0I/6baEKb6SUpnlZ2Y7XJ9PTwypz8sFPzfn3fo+o83diFNv1oSdvGyldiYiD/Z1yZiF/WtXxQrP+bpV/PUbx0pPk+fpvH+xf78iPw0G88dpC/VdjFD9/FJ/EOG7XRczzv9wpy7fSt39+/n5VXpWfTU8Ph/W8ubTVLj695HsEAAAAAAAAAAAAAAAAAAAAAMD/z9Wmd84w6v491aGm/87W4+qLfpSt7eX+PLP8rD3RvD9Q9FJK0xTftf11rpVlmbJZG8F5fh4v501jQQAAAAAAAAAAAAAAAAAAAHjOnXx2//hoPL5z78LBg46hthtAHhF/3Yx4tjMfjXcXjrwa97fWTR42ax6Nx70mXJ6TLx6JrXZOFrG2jGoTVdCe/5kv1NnBladqboLvf+jMqnZ0kkfXUHH2ov3utS4YfNpfc1nap+v4KIvO9GFTfBFFdeNi9cYNonv1fqwcGfxThe2jeL7tDDqHRhe+LIMX62C6Zk5k674v3vxtVvbCLpbmDOqr2pneb4KF9JVno/terARRzNKf/lmR6dYBAAAAAAAAAAAAAAAAAAAbNf/r347Bh9niJ/yv6qXhZmsDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgMsy//z/8wT5cvI5sgZx7+Tf2hsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADPj78DAAD//4uDTs0=")
syz_open_dev$usbfs(0x0, 0x205, 0x8401)
creat(&(0x7f00000000c0)='./file0\x00', 0x2)
newfstatat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, <r5=>0x0}, 0x800)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000600)={'team0\x00', <r6=>0x0})
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000640)={0x0, <r7=>0x0}, &(0x7f0000000680)=0xc)
sendmsg$nl_xfrm(r3, &(0x7f0000000b40)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000b00)={&(0x7f00000006c0)=@updsa={0x43c, 0x1a, 0x200, 0x70bd2c, 0x25dfdbfc, {{@in=@remote, @in=@local, 0x4e22, 0x1, 0x4e21, 0x7, 0xa, 0xc0, 0x80, 0x88, r4, r5}, {@in=@multicast1, 0x4d4, 0x47}, @in=@private=0xa010101, {0x733, 0x6, 0x3, 0x0, 0x5, 0x3, 0x742, 0x10}, {0x4, 0x0, 0x101, 0xc}, {0x4, 0x20000000, 0x9ed4}, 0x70bd25, 0x3506, 0x0, 0x3, 0x9, 0x1}, [@etimer_thresh={0x8, 0xc, 0x7fffffff}, @policy={0xac, 0x7, {{@in6=@local, @in6=@loopback, 0x4e23, 0x8, 0x4e22, 0x8, 0xa, 0x0, 0x80, 0x32, r6, r7}, {0x3, 0x9, 0x800, 0x1, 0x101, 0x3, 0xe1}, {0x0, 0x888, 0x40}, 0x7, 0x0, 0x1, 0x0, 0x2, 0x1}}, @lifetime_val={0x24, 0x9, {0xaa53, 0xfffffffffffffffd, 0x6, 0x6}}, @algo_auth={0x8b, 0x1, {{'ghash\x00'}, 0x218, "9eb51522fd8bc2e5dab5220ad8973adbe84cde61536eef04f9af21046c3a88cdef364aa0790189315dccb1fbe1af5b3f255b0a478f3bee5195a514c5ff57b2b25f40a5"}}, @algo_crypt={0x81, 0x2, {{'ecb-serpent-avx\x00'}, 0x1c8, "ee917494ce00eaf63aa5d1b5f99bd17ff40ff5130ca9dd9868ddca285e3afe56ac0fe3bfe866c3afbe9a7b11dd4b04fd6a26c60addecaca950"}}, @address_filter={0x28, 0x1a, {@in6=@mcast1, @in=@dev={0xac, 0x14, 0x14, 0x23}, 0x8, 0x8, 0xe}}, @algo_crypt={0x118, 0x2, {{'lrw-camellia-aesni\x00'}, 0x680, "bf8755d3d98d4267f0aaf512971d72b9543cbb289d1dac2bbd7095cae05fcb4920db118f428d6f9c4bda5ead73d8f3f4927b5d410ff7ded5b0bc8897874a41a5c8b235f673e220874a3740f1ee65e4d00b33ff3a7e7f1ac16ce9c7e7e0a0ef0861bf1ce85e951e82d959885b503d491a48c087b8cbe4d5ea8ce7cb7ef90589c0a3ed308be6b45ac6c24e30ebd33ab0d8f1bd3fcf875c27143c68052fedd7f06174e3da3ed0ac556ca369e97654c9f730fe4c473bb71357a7710c5c9e09b4ca4f40c1691e35a7949ca6444bce03c32910"}}, @tfcpad={0x8, 0x16, 0x9}, @coaddr={0x14, 0xe, @in6=@private0={0xfc, 0x0, '\x00', 0x1}}, @etimer_thresh={0x8, 0xc, 0x5}]}, 0x43c}, 0x1, 0x0, 0x0, 0x4000}, 0x48800)
syz_clone(0x0, &(0x7f0000000080)="4a1850f415893485197d93c52aa8749341cd344a966128751a88c69cb7dab5f9eb925c09ee7b6f104cc33636d6f9ae45daa8e732218f1fa9deaef0ec74abd5ae527eaf4bf16cc05c2d1450279bb18ab2c454f40225ee155d0a49efff4d5e3bb5a33bdede76dc63358ee2e79bdb877e67fe9a6b7f7a414b7e1c81fa67ce6d70a131d5cef8062886dbf053992b74377e9838cd701088c5a7a2e76a695a39a1ce2ddb79b84696401e652c91b10f9dc862a693f775c112de6af6db7e7682", 0xbc, &(0x7f0000000140), &(0x7f00000001c0), &(0x7f0000000200)="e4585a770dc0cf5fd31e9d023af75c73cb1c5e450ee80e98a84cc0e1e097bcb5b95322bbfdd3350f34eba4c6a8ae7c87045234d489b677041758fc2308c5e0cec591966cfc0047dba030763f57c11fc3284530623d986179772f6cedc9ed84727dd1d6751b75f8f1bca9a05361ffaf40dad267fadedaa06f3f4971159f42eeb05e64ffdcbc75fc39a579db3fed16d8c53b5eb9ce10")
r8 = syz_kvm_add_vcpu$x86(r2, &(0x7f0000000040)={0x0, &(0x7f00000004c0)=[@enable_nested={0x12c, 0x18}, @code={0xa, 0x5f, {"3644f936410fc7b52295bcfd66b80c018ec00f01df66baf80cb85065c083ef66bafc0c66ed42da4100360f1a1f460f01ca660f38803048b8f1ffff7f000000000f23c00f21f835010004000f23f8"}}], 0x77})
ioctl$KVM_RUN(r8, 0xae80, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='fd\x00')
r9 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r9, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r10 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r10, 0x8946, &(0x7f00000000c0)={'syzkaller0\x00', &(0x7f00000003c0)=@ethtool_drvinfo={0x3, "7fb3a9c89c027e5bd3b0977d5afb2dc406d7f76472021fde2d1a6d53cdc3a7f3", "dc52532b8fa0ee4c08382626733414f7b83341a051a1b79e027229c1afb949b7", "1caee462d5369d5545606aec028d305881b1d5bd5321243355b8489402ac5730", "17f61d4643488732adfd6e6c6e28e0123c5fa0a9eec41498771bb04e2a335598", "af9d2e686841345c1d83c049f4bf7d3265c1423a1195d87b39115c0c37e618c9", "5565425fb1cebee1befdaea8", 0x9, 0x7ff, 0xff, 0xfffff42b, 0x5}})
r11 = socket$inet6(0xa, 0x3, 0x5)
capset(&(0x7f0000a31000)={0x20080522}, &(0x7f0000000080)={0x0, 0x1, 0x0, 0x0, 0x1, 0x3})
sendmmsg(r11, &(0x7f0000001500)=[{{&(0x7f0000000040)=@l2tp6={0xa, 0x0, 0x7080000, @ipv4={'\x00', '\xff\xff', @broadcast}, 0x7, 0x1}, 0x80, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="080100000000000029000000", @ANYRES64=r11], 0x108}}], 0x1, 0xc040)
r12 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0), 0x70800, 0x0)
ioctl$TCXONC(r12, 0x540a, 0x3)

program did not crash
testing program (duration=30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$ext4-open-ftruncate-bpf$PROG_LOAD-recvmmsg-sendfile-openat-ioctl$EXT4_IOC_MOVE_EXT
detailed listing:
executing program 0:
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000000c0)='./bus\x00', 0x800714, &(0x7f0000000000)={[{@nobarrier}]}, 0xff, 0x485, &(0x7f0000001040)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=")
r0 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
ftruncate(r0, 0x2007ffc)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x16, 0xb, &(0x7f00000004c0)=ANY=[@ANYBLOB="180000000000000000000000053607aa0641000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000010000008500000089000000950000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
recvmmsg(0xffffffffffffffff, &(0x7f0000005180)=[{{0x0, 0x0, &(0x7f00000025c0)=[{&(0x7f0000000340)=""/202, 0xca}, {&(0x7f0000000440)=""/172, 0xac}, {&(0x7f0000000500)=""/212, 0xd4}, {&(0x7f0000000600)=""/161, 0xa1}, {&(0x7f00000006c0)=""/125, 0x7d}, {&(0x7f0000000740)=""/63, 0x3f}, {&(0x7f0000000780)=""/48, 0x30}, {&(0x7f0000001500)=""/4096, 0x1000}, {&(0x7f0000002500)=""/160, 0xa0}], 0x9, &(0x7f0000002680)=""/4096, 0x1000}, 0x369ad06c}, {{&(0x7f0000003680)=@nfc_llcp, 0x80, &(0x7f0000003a80)=[{&(0x7f0000003700)=""/231, 0xe7}, {&(0x7f0000003800)=""/240, 0xf0}, {&(0x7f0000003900)=""/101, 0x65}, {&(0x7f0000003980)=""/214, 0xd6}], 0x4}, 0x5}, {{&(0x7f0000003ac0)=@l2, 0x80, &(0x7f0000004f40)=[{&(0x7f0000003b40)=""/36, 0x24}, {&(0x7f0000003b80)=""/226, 0xe2}, {&(0x7f0000003c80)=""/4096, 0x1000}, {&(0x7f0000004c80)=""/121, 0x79}, {&(0x7f0000004d00)=""/39, 0x27}, {&(0x7f0000004d40)=""/58, 0x3a}, {&(0x7f0000004d80)=""/71, 0x47}, {&(0x7f0000004e00)}, {&(0x7f0000004e40)=""/62, 0x3e}, {&(0x7f0000004e80)=""/161, 0xa1}], 0xa}, 0x7fffffff}, {{&(0x7f0000005000)=@qipcrtr, 0x80, &(0x7f0000005140)=[{&(0x7f0000005080)=""/161, 0xa1}], 0x1}, 0x1}], 0x4, 0x40000100, &(0x7f0000005280)={0x0, 0x3938700})
sendfile(r0, r0, 0x0, 0x800000009)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0xc4042, 0x1ff)
ioctl$EXT4_IOC_MOVE_EXT(r1, 0x40305829, &(0x7f0000000240)={0x17c04, r0, 0x7, 0x10000, 0xfffffffffffffffe})

program did not crash
testing program (duration=30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$ext4-open-ftruncate-bpf$PROG_LOAD-recvmmsg-sendfile-openat-ioctl$EXT4_IOC_MOVE_EXT
detailed listing:
executing program 0:
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000000c0)='./bus\x00', 0x800714, &(0x7f0000000000)={[{@nobarrier}]}, 0xff, 0x485, &(0x7f0000001040)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=")
r0 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
ftruncate(r0, 0x2007ffc)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x16, 0xb, &(0x7f00000004c0)=ANY=[@ANYBLOB="180000000000000000000000053607aa0641000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000010000008500000089000000950000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
recvmmsg(0xffffffffffffffff, &(0x7f0000005180)=[{{0x0, 0x0, &(0x7f00000025c0)=[{&(0x7f0000000340)=""/202, 0xca}, {&(0x7f0000000440)=""/172, 0xac}, {&(0x7f0000000500)=""/212, 0xd4}, {&(0x7f0000000600)=""/161, 0xa1}, {&(0x7f00000006c0)=""/125, 0x7d}, {&(0x7f0000000740)=""/63, 0x3f}, {&(0x7f0000000780)=""/48, 0x30}, {&(0x7f0000001500)=""/4096, 0x1000}, {&(0x7f0000002500)=""/160, 0xa0}], 0x9, &(0x7f0000002680)=""/4096, 0x1000}, 0x369ad06c}, {{&(0x7f0000003680)=@nfc_llcp, 0x80, &(0x7f0000003a80)=[{&(0x7f0000003700)=""/231, 0xe7}, {&(0x7f0000003800)=""/240, 0xf0}, {&(0x7f0000003900)=""/101, 0x65}, {&(0x7f0000003980)=""/214, 0xd6}], 0x4}, 0x5}, {{&(0x7f0000003ac0)=@l2, 0x80, &(0x7f0000004f40)=[{&(0x7f0000003b40)=""/36, 0x24}, {&(0x7f0000003b80)=""/226, 0xe2}, {&(0x7f0000003c80)=""/4096, 0x1000}, {&(0x7f0000004c80)=""/121, 0x79}, {&(0x7f0000004d00)=""/39, 0x27}, {&(0x7f0000004d40)=""/58, 0x3a}, {&(0x7f0000004d80)=""/71, 0x47}, {&(0x7f0000004e00)}, {&(0x7f0000004e40)=""/62, 0x3e}, {&(0x7f0000004e80)=""/161, 0xa1}], 0xa}, 0x7fffffff}, {{&(0x7f0000005000)=@qipcrtr, 0x80, &(0x7f0000005140)=[{&(0x7f0000005080)=""/161, 0xa1}], 0x1}, 0x1}], 0x4, 0x40000100, &(0x7f0000005280)={0x0, 0x3938700})
sendfile(r0, r0, 0x0, 0x800000009)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0xc4042, 0x1ff)
ioctl$EXT4_IOC_MOVE_EXT(r1, 0x40305829, &(0x7f0000000240)={0x17c04, r0, 0x7, 0x10000, 0xfffffffffffffffe})

program did not crash
testing program (duration=30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-sendmsg$nl_route_sched-ioctl$KVM_CREATE_VM-ioctl$KVM_CREATE_VCPU-ioctl$KVM_SET_USER_MEMORY_REGION-syz_kvm_setup_cpu$x86-syz_kvm_setup_cpu$x86-ioctl$KVM_RUN-openat$kvm-ioctl$KVM_CREATE_VM-pipe2-socket$nl_route-bpf$PROG_LOAD-sendmsg$nl_route-ioctl$KVM_CREATE_IRQCHIP-ioctl$KVM_CREATE_VCPU-ioctl$KVM_GET_VCPU_EVENTS-bpf$BPF_PROG_RAW_TRACEPOINT_LOAD-fcntl$dupfd-ioctl$sock_SIOCGIFINDEX_80211-sendmsg$NL80211_CMD_NOTIFY_RADAR
detailed listing:
executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x202, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x1, 0x0, 0x0, 0x4c014}, 0x20044000)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x2, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000200)=[@textreal={0x8, &(0x7f0000000000)="f00fc7484d36f08266060266b9800000c00f326635000400000f308bc1de780066b9aa0200000f3266b9ab0900000f32f2f031b3e759dc2c", 0x38}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
pipe2(&(0x7f00000000c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x80000)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x6, 0x4, &(0x7f0000001680)=ANY=[@ANYBLOB="18020000000000000000000000000000850000002c0000009500000000000000eb4779fcbb3e3bbff2971871b1b1c0b4f0fca28377f3aa77d6c8d949060c54d53bd61b3561319f7b346f8cadae05957ee562fe28a5d0b564a59c30cb37ebb90e516d9c72b9d81817f7a04496e4261b41dae579bd93d38e2740ac98d6108c318a35d29534fd3c6bf14ef7a5c59c3d48f092e6b6bb43ec765d850f71052de0718c08"], &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, '\x00', 0x0, @xdp}, 0x70)
sendmsg$nl_route(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newlink={0x50, 0x10, 0x801, 0x0, 0xfffffffd, {0x0, 0x0, 0x0, 0x0, 0x3101, 0x61001}, [@IFLA_XDP={0x1c, 0x2b, 0x0, 0x1, [@IFLA_XDP_FD={0x8, 0x1, r8}, @IFLA_XDP_FLAGS={0x8, 0x3, 0x19}, @IFLA_XDP_EXPECTED_FD={0x8, 0x8, r5}]}, @IFLA_IFNAME={0x14, 0x3, 'veth0_virt_wifi\x00'}]}, 0x50}, 0x1, 0x0, 0x0, 0x40040c5}, 0x400c040)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r9 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(r9, 0x8040ae9f, &(0x7f0000000040))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x9, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000090000000000000000005eeb1200"/32], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd}, 0x80)
r10 = fcntl$dupfd(r6, 0x406, r6)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000280)={'wlan1\x00', <r11=>0x0})
sendmsg$NL80211_CMD_NOTIFY_RADAR(r10, &(0x7f0000000340)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="02002abd7000fbdbdf258602000008000300", @ANYRES32=r11, @ANYBLOB="0c009900010400001d0000000800a00001800000"], 0x30}, 0x1, 0x0, 0x0, 0x11}, 0x4040850)

program did not crash
testing program (duration=30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-sendmsg$nl_route_sched-ioctl$KVM_CREATE_VM-ioctl$KVM_CREATE_VCPU-ioctl$KVM_SET_USER_MEMORY_REGION-syz_kvm_setup_cpu$x86-syz_kvm_setup_cpu$x86-ioctl$KVM_RUN-openat$kvm-ioctl$KVM_CREATE_VM-pipe2-socket$nl_route-bpf$PROG_LOAD-sendmsg$nl_route-ioctl$KVM_CREATE_IRQCHIP-ioctl$KVM_CREATE_VCPU-ioctl$KVM_GET_VCPU_EVENTS-bpf$BPF_PROG_RAW_TRACEPOINT_LOAD-fcntl$dupfd-ioctl$sock_SIOCGIFINDEX_80211-sendmsg$NL80211_CMD_NOTIFY_RADAR
detailed listing:
executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x202, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x1, 0x0, 0x0, 0x4c014}, 0x20044000)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x2, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000200)=[@textreal={0x8, &(0x7f0000000000)="f00fc7484d36f08266060266b9800000c00f326635000400000f308bc1de780066b9aa0200000f3266b9ab0900000f32f2f031b3e759dc2c", 0x38}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
pipe2(&(0x7f00000000c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x80000)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x6, 0x4, &(0x7f0000001680)=ANY=[@ANYBLOB="18020000000000000000000000000000850000002c0000009500000000000000eb4779fcbb3e3bbff2971871b1b1c0b4f0fca28377f3aa77d6c8d949060c54d53bd61b3561319f7b346f8cadae05957ee562fe28a5d0b564a59c30cb37ebb90e516d9c72b9d81817f7a04496e4261b41dae579bd93d38e2740ac98d6108c318a35d29534fd3c6bf14ef7a5c59c3d48f092e6b6bb43ec765d850f71052de0718c08"], &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, '\x00', 0x0, @xdp}, 0x70)
sendmsg$nl_route(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newlink={0x50, 0x10, 0x801, 0x0, 0xfffffffd, {0x0, 0x0, 0x0, 0x0, 0x3101, 0x61001}, [@IFLA_XDP={0x1c, 0x2b, 0x0, 0x1, [@IFLA_XDP_FD={0x8, 0x1, r8}, @IFLA_XDP_FLAGS={0x8, 0x3, 0x19}, @IFLA_XDP_EXPECTED_FD={0x8, 0x8, r5}]}, @IFLA_IFNAME={0x14, 0x3, 'veth0_virt_wifi\x00'}]}, 0x50}, 0x1, 0x0, 0x0, 0x40040c5}, 0x400c040)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r9 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(r9, 0x8040ae9f, &(0x7f0000000040))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x9, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000090000000000000000005eeb1200"/32], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd}, 0x80)
r10 = fcntl$dupfd(r6, 0x406, r6)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000280)={'wlan1\x00', <r11=>0x0})
sendmsg$NL80211_CMD_NOTIFY_RADAR(r10, &(0x7f0000000340)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="02002abd7000fbdbdf258602000008000300", @ANYRES32=r11, @ANYBLOB="0c009900010400001d0000000800a00001800000"], 0x30}, 0x1, 0x0, 0x0, 0x11}, 0x4040850)

program did not crash
testing program (duration=30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$inet6_tcp-socket$inet6_tcp-listen-socket$netlink-writev-unshare-unshare-pipe-openat$tun-ioctl$TUNSETIFF-write$cgroup_subtree-write$cgroup_subtree-creat-ioctl$FS_IOC_RESVSP-pipe2$9p-pipe2$9p-lremovexattr-mount$9p_fd-fallocate-fallocate
detailed listing:
executing program 0:
socket$inet6_tcp(0xa, 0x1, 0x0) (async)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r1, &(0x7f0000000140)=[{&(0x7f0000000900)="580000001400192340834b80040d8c560a066e0202ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000004000200060c10000000010000000000", 0x58}], 0x1)
unshare(0x24020400) (async)
unshare(0x24020400)
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x121942, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000140)={'\x00', 0x6132})
write$cgroup_subtree(r3, &(0x7f0000000700)=ANY=[@ANYBLOB="7c1292442b"], 0xfe3a) (async)
write$cgroup_subtree(r3, &(0x7f0000000700)=ANY=[@ANYBLOB="7c1292442b"], 0xfe3a)
r4 = creat(&(0x7f0000000140)='./file0\x00', 0xe3)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f0000000080)={0x0, 0x1, 0x6, 0x2000008})
pipe2$9p(&(0x7f00000001c0), 0x84000) (async)
pipe2$9p(&(0x7f00000001c0)={<r5=>0xffffffffffffffff}, 0x84000)
lremovexattr(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000200)=@known='system.posix_acl_default\x00')
mount$9p_fd(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000002c0)={'trans=fd,', {'rfdno', 0x3d, r5}, 0x2c, {'wfdno', 0x3d, r4}})
fallocate(r2, 0x0, 0x0, 0x8) (async)
fallocate(r2, 0x0, 0x0, 0x8)

program did not crash
testing program (duration=30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$inet_tcp-bind$inet-socket$inet_icmp_raw-setsockopt$inet_msfilter-prlimit64-time-sched_setscheduler-getpid-sched_setaffinity-sched_setscheduler-mmap-syz_open_dev$evdev-ioctl$EVIOCSFF-mkdirat-sendmsg$NFNL_MSG_ACCT_GET_CTRZERO-write$char_usb-socketpair$unix-connect$unix-sendmmsg$unix-recvmmsg-mount$9p_tcp
detailed listing:
executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, 0x0, 0x0)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_msfilter(r1, 0x0, 0x8, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
time(0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
ioctl$EVIOCSFF(r3, 0x40304580, &(0x7f00000003c0)={0x55, 0x8000, 0xfffd, {0x0, 0x1}, {0x4f, 0x2}, @cond=[{0x1ff, 0x5388, 0x6f5, 0x800, 0xc7, 0x2}, {0xffff, 0x5, 0x1, 0x46, 0x6, 0xfd}]})
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
sendmsg$NFNL_MSG_ACCT_GET_CTRZERO(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000400)=ANY=[@ANYBLOB="fa1400000002070108000000000800000000000000056e3a04fd42ca26e07b25a84c8c9102ab69d7feaf284757c62c4f016901979fbfcedbce172d0d16c227f33706bcabd367967454a55f6de392dd751b7a7a5807f8880fa43cd50210bec669d94a8d4fc649faf7c3c3dc1c55042634472af60d9e14f7d02470f5b9c9d06864774000038252d77604bb2aeb1aa45e06423707e3d9bf5927eee340713beddf1e1249d0af621beeb388314d047043fa522de544de64f3cd6acc5f564052605ce6cb47d10ffc49290523c74a1605cdb6fe34b7577ae8471f4e9c23f769105db4e91f59f283e91101784bac3bf3c1cc04c3c852f003935dc5f5e73bcb1bb6431377301ac118780eb4f09a6946634dcef71713c1686922c57a9addbd5786d795287ef5e72b8c94a9"], 0x14}, 0x1, 0x0, 0x0, 0x40000040}, 0x24004004)
write$char_usb(r3, &(0x7f0000000040)="e2", 0x2250)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount$9p_tcp(0x0, &(0x7f0000000680)='.\x00', &(0x7f00000006c0), 0x8010, &(0x7f0000000080)=ANY=[@ANYBLOB='trans=t'])

program did not crash
testing program (duration=30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$inet6_tcp-socket$inet6_tcp-listen-socket$netlink-writev-unshare-unshare-pipe-openat$tun-ioctl$TUNSETIFF-write$cgroup_subtree-write$cgroup_subtree-creat-ioctl$FS_IOC_RESVSP-pipe2$9p-pipe2$9p-lremovexattr-mount$9p_fd-fallocate-fallocate
detailed listing:
executing program 0:
socket$inet6_tcp(0xa, 0x1, 0x0) (async)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r1, &(0x7f0000000140)=[{&(0x7f0000000900)="580000001400192340834b80040d8c560a066e0202ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000004000200060c10000000010000000000", 0x58}], 0x1)
unshare(0x24020400) (async)
unshare(0x24020400)
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x121942, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000140)={'\x00', 0x6132})
write$cgroup_subtree(r3, &(0x7f0000000700)=ANY=[@ANYBLOB="7c1292442b"], 0xfe3a) (async)
write$cgroup_subtree(r3, &(0x7f0000000700)=ANY=[@ANYBLOB="7c1292442b"], 0xfe3a)
r4 = creat(&(0x7f0000000140)='./file0\x00', 0xe3)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f0000000080)={0x0, 0x1, 0x6, 0x2000008})
pipe2$9p(&(0x7f00000001c0), 0x84000) (async)
pipe2$9p(&(0x7f00000001c0)={<r5=>0xffffffffffffffff}, 0x84000)
lremovexattr(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000200)=@known='system.posix_acl_default\x00')
mount$9p_fd(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000002c0)={'trans=fd,', {'rfdno', 0x3d, r5}, 0x2c, {'wfdno', 0x3d, r4}})
fallocate(r2, 0x0, 0x0, 0x8) (async)
fallocate(r2, 0x0, 0x0, 0x8)

program did not crash
testing program (duration=30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): pipe2-mkdirat-openat$fuse-mount$fuse-bpf$BPF_BTF_LOAD-mkdirat-syz_open_dev$usbfs-prlimit64-sched_setscheduler-sched_setaffinity-getpid-sched_setscheduler-mmap-socketpair$unix-connect$unix-sendmmsg$unix-recvmmsg-prlimit64-bpf$PROG_LOAD
detailed listing:
executing program 0:
pipe2(&(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x84000)
mkdirat(r0, &(0x7f0000000100)='./file0\x00', 0x1c0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x80, &(0x7f00000002c0)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4000}})
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="9febec3595c90000000000002400000090ffffff02000000000000000000000400000003000000000000000000000000000000000000000d020000c2d76e"], 0xffffffffffffffff, 0x3e, 0xb1, 0x2}, 0x20)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x1c0)
syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x41341)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, 0x0, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)

program did not crash
testing program (duration=30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_init_net_socket$802154_dgram-ioctl$BTRFS_IOC_FS_INFO-socket$nl_generic-syz_genetlink_get_family_id$nl80211-sendmsg$NL80211_CMD_SET_POWER_SAVE-socket$xdp-setsockopt$XDP_UMEM_REG-sendmsg$NL80211_CMD_GET_INTERFACE-setsockopt$XDP_UMEM_FILL_RING-ioctl$KVM_CREATE_VM-ioctl$KVM_CAP_MSR_PLATFORM_INFO-bpf$MAP_UPDATE_ELEM_TAIL_CALL-bpf$MAP_UPDATE_BATCH-syz_init_net_socket$nl_generic-syz_genetlink_get_family_id$nl802154-sendmsg$NL802154_CMD_NEW_SEC_DEV-syz_open_procfs-ioctl$UFFDIO_REGISTER-madvise-socket$nl_generic-ioctl$sock_SIOCGIFINDEX_80211-sendmsg$NL80211_CMD_SET_COALESCE-ioctl$BTRFS_IOC_TREE_SEARCH_V2-ioctl$BTRFS_IOC_INO_LOOKUP_USER-setsockopt$inet6_mtu-ioctl$sock_SIOCSIFVLAN_SET_VLAN_EGRESS_PRIORITY_CMD-ioctl$XFS_IOC_BULKSTAT-ioctl$KVM_CREATE_VM-chroot-ioctl$KVM_CAP_EXIT_ON_EMULATION_FAILURE
detailed listing:
executing program 0:
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
ioctl$BTRFS_IOC_FS_INFO(r0, 0x8400941f, &(0x7f0000000000))
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000440), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_POWER_SAVE(r1, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000500)={&(0x7f0000000480)={0x70, r2, 0x8, 0x70bd28, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x80000000, 0xb}}}}, [@NL80211_ATTR_PS_STATE={0x8, 0x5d, 0x1}, @NL80211_ATTR_PS_STATE={0x8}, @NL80211_ATTR_PS_STATE={0x8}, @NL80211_ATTR_PS_STATE={0x8}, @NL80211_ATTR_PS_STATE={0x8}, @NL80211_ATTR_PS_STATE={0x8, 0x5d, 0x1}, @NL80211_ATTR_PS_STATE={0x8}, @NL80211_ATTR_PS_STATE={0x8}, @NL80211_ATTR_PS_STATE={0x8, 0x5d, 0x1}, @NL80211_ATTR_PS_STATE={0x8}]}, 0x70}, 0x1, 0x0, 0x0, 0x10}, 0x88c4)
r3 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r3, 0x11b, 0x4, &(0x7f0000001580)={&(0x7f0000000580)=""/4096, 0x2000, 0x800, 0xc0000}, 0x20)
sendmsg$NL80211_CMD_GET_INTERFACE(r1, &(0x7f0000001680)={&(0x7f00000015c0)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000001640)={&(0x7f0000001600)={0x20, r2, 0x2, 0x70bd29, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x80000000, 0x69}}}}, ["", "", "", "", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x800}, 0x8080)
setsockopt$XDP_UMEM_FILL_RING(r3, 0x11b, 0x5, &(0x7f00000016c0)=0x100, 0x4)
r4 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0xf)
ioctl$KVM_CAP_MSR_PLATFORM_INFO(r4, 0x4068aea3, &(0x7f0000001700)={0x9f, 0x0, 0x1})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001a40)={{0x1, <r5=>0xffffffffffffffff}, &(0x7f00000019c0), &(0x7f0000001a00)}, 0x20)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000001a80)={&(0x7f0000001780)="e8380cbb03ef617e0837561857431c7d18101f5d8d5788f9d21c8802ec0de27f21cb7e4d9f", &(0x7f00000017c0)=""/129, &(0x7f0000001880)="5c031858365f2f4c9efabc371a3c02d2b4dc377004b0a25a60a3fa78d8591745bdcec49ac9f92f01c806abe24b7011f60faf8c00f9ae683fed5630007e0da5d4e5d50d0bd2dedd8444438e588eb8c7cfb4fe5d3e3846ff55178b39183fd82a683ae7823896e8595802d3a8431b72caa9282c5429dbeac740a1bb02ae806c52669751b886504a9598ea78c75871d49033658aee01165d2435b6a901725ef8775f71c12c0b68bc1739587095d3a8b3c63e2bf004d7524a67566013d9d5a69ae92dec4092666a1926a7717c4436137d491209cce97d", &(0x7f0000001980)="66c9b9001d4aeb2465a1505ce62b914bbe63cdfcb0c63d", 0x6, r5, 0x4}, 0x38)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl802154(&(0x7f0000001b00), 0xffffffffffffffff)
sendmsg$NL802154_CMD_NEW_SEC_DEV(r6, &(0x7f0000001c00)={&(0x7f0000001ac0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000001bc0)={&(0x7f0000001b40)={0x74, r7, 0x8, 0x70bd2a, 0x25dfdbfb, {}, [@NL802154_ATTR_SEC_DEVICE={0x34, 0x2e, 0x0, 0x1, [@NL802154_DEV_ATTR_PAN_ID={0x6, 0x2, 0x1}, @NL802154_DEV_ATTR_KEY_MODE={0x8, 0x6, 0x1}, @NL802154_DEV_ATTR_SECLEVEL_EXEMPT={0x5, 0x5, 0x1}, @NL802154_DEV_ATTR_PAN_ID={0x6, 0x2, 0x3}, @NL802154_DEV_ATTR_SHORT_ADDR={0x6, 0x3, 0xaaa3}, @NL802154_DEV_ATTR_FRAME_COUNTER={0x6, 0x1, 0x401}]}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_SEC_DEVICE={0xc, 0x2e, 0x0, 0x1, [@NL802154_DEV_ATTR_SECLEVEL_EXEMPT={0x5, 0x5, 0x1}]}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}]}, 0x74}, 0x1, 0x0, 0x0, 0x24000000}, 0x20000081)
r8 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001c40)='net/mcfilter\x00')
ioctl$UFFDIO_REGISTER(r8, 0xc020aa00, &(0x7f0000001c80)={{&(0x7f0000ffc000/0x3000)=nil, 0x3000}, 0x6})
madvise(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x19)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000001d00)={'wlan1\x00', <r10=>0x0})
sendmsg$NL80211_CMD_SET_COALESCE(r9, &(0x7f0000001dc0)={&(0x7f0000001cc0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000001d80)={&(0x7f0000001d40)={0x24, r2, 0x20, 0x70bd25, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r10}, @void}}, [@NL80211_ATTR_COALESCE_RULE_CONDITION={0x8, 0x2, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000040}, 0x24004080)
ioctl$BTRFS_IOC_TREE_SEARCH_V2(r8, 0xc0709411, &(0x7f0000001e00)={{<r11=>0x0, 0xfffffffffffffff0, 0xe, 0x1, 0x4, 0x8, 0x3, 0x7f, 0x8, 0x7, 0x7, 0x6, 0x6, 0x5, 0x1}, 0x38, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$BTRFS_IOC_INO_LOOKUP_USER(r3, 0xd000943e, &(0x7f0000001ec0)={0x0, r11, "7872d1ba659bfdc40dc8718f2ee61e1fea3f4f457ef1286844dfd2e79f29f41bcec5cada0eed9503713adf5c540f4792a7d5f6bc1785c567d776be56e5375da98266ee6c671f4d7119567499c01771f54c460f09119e21d0d32f59a43e87f8e60cc84cf495ac4eb8d1d5fa287b8ed0007f38c8b7e732e22506a4c8f6ed7f819414453ca9f221eb37054d8060eef6a86f212eace5020991ec7c20692c3fa6c913201b2ca9092313d7e7b378ac527dc80448514ea042b6d31a687fe8fee1658cb898da4f9759ad0177f520ae521ad4b587afcd1e80e313ff225443c4df23deb56d06648b218ef8386a067144b1441b74589b4beb4441a6bafd31317b68aa1b4b12", "8e1d146c5330a8a8c555be67d367ac2ab0880066895a11c0200e7e920ffdf89e7f60adb89c59e92fd8c0021dceb2c7d6c0224241be05db80aa2b732519c3093e83310170762addc7f93ab8eea270d30f722fd3bc800e00d19579b412ab6d3f7999dc19cf27cd1334996a6d152b4a7cbc14e227a244611aadc05d0469bc79c1133616855058c7129edbeff5b18b9b551b0f39006d45fcd8d092f280e0e8169a127f4029695b16466dfedb184f6638a0cbaa8f0b9f44d0bf52d8ad0b7cdd2ea6e8d6c2f7d49c7579a76295a13a2009ebcbe12dbc424aeefad4d31226997d794ac924d6fc4fcccaed33c4f81f62a03e95eb80a47293cea93cde2069385e667e48252148bd342ca99c26bf3d48d239818b0a6de9177cb236d8fc7681ae6c02e5c277cbe8ae9e05bd33302b9937f66a5404e3e878bc7d3c12f90eec30fffb6262cf10324b03610daf60b699052df8c6d8f5820334dca204285e4112ac7efd6614428e750e2d98ca487f8f007c98d4fcebbc84f78a05811406a0fad4c35e88e4f11456ca01782b147f417701cfa5961192707d2bbcdbec27ce856984124c9f33f289c1832f8771869b707290aa63752d2e26a4231d62f93d8a70eaab85d4fe5b2e85956157dec37119cae8ce667d0bfb15f65dcf08a41ddb413e7094e217354f664594be0318f447986f5bc2c9bb96baab2630cc2d68e8cbed341a726ac13282bb6b3ef5a4b7497b8221e9309d323da7b7cde867d71bd89dab919b0725ca006a14d123631bea8e71d3e42a174b36351cd004435adfe8d0f2488112540a4ea5fccfe02571e0b02684ad56aa5207a45797ad4d1351d80500933f2bc861b55040e17fcb839f18a130d2add12496d0145265133ff2167675b6f2db099f9e7e0ea8d1f5893ce4a443a1dbfd3579bbd6e02d3aabc7d4790d423730f0ffeca275f5be591bd0f3af2c2c511704967fa33c01ef100701fcf156eb0780866c06eb45bd0fe36ca8bf803cec89c751be0955199bff48d8eb997789fa22258cc78a46d2d03985bd292d735458fce4eee0195f8993a3d1a48154cebe705ef02068024d43aaa4ac55bea671f597c3ff125a32f58ab9286b238616cd0043fb1a3bd5f9963b190f6b4da0a4ab5facb74e1753f431a95fea0955dfb3501f5e347d6ca7b83d3ee4b3ae6799281a572eb59be07b450a736ceee491ba60c9e4747fcfc08c76138b660bd6dfd36e5b0f0d32a93065eb05a9878ac16d89396db7945366abaa47a6443c1637288b0adbc4157a73250b3439d57478fcd5d872b4a1227fb4d40c22a9bad1428f0abbf9207c6e4fe691a798f1cf6ebc974f9dd3288bce307a7646a82c223a68045295770b1eeeb55000166d828419bafaa0f19f4985be018f684c93cdb3a17ff15d2fb59bf0b40fa16603c85aeb69e1ccf53a54e94f417fcb6a57642cac29c7955b6604845530f7f96192f9adb0b8d7d2d3f9e1c3d3efd44e6ffc06b8c9891557f0b9e86dabc4b515e523a3601447152562ab6fac4f7d87f98c87e7d748deaf514eea9db66914a5cdecc76a81f9d49f5fd5986656823ffaa2cffbeeb0cca5efaa4fcfb005812eef02f1a9bd1445c80dc3a4c83a4677e8aade3bcc6d10cfa9f19e9390ed55574506274bd6c193dc7a59e73c6be6e9c49507c2f5385f3e887b7148dcfb4a5365c7a62c0a7f5f294e1269f0dc1d0dd2267d028f1259084d42104f3b62d33cebc9bba0de4c9adc794074a07b4345abee80d4e19059a0b4eb912cebaf84dcd6448d279affc5e10769aee1dc2bb832a8c2dd27e4ffa052a63e50aac3fc9ce9ea8016a1588462e9fba12d9b39ce9757575b705db17e66677d3f6abf9c447a927a1eb05cb6260d79511f53c9d2ed428a317167cee942dc706976304ecdd24f8f1ec4054c6275d9a5e7716becaf53d2a3b85c26c704c536ee14ad2c9d81f41d7b095bee453f0cfd02f07969f4101331659db1487d482ad7ea40f92e55335b6348749af22f36c13130fd1670bab2477e46e00db38cc273ce031300789028c08065853d177930e83e3b43d2aa765f02033dc42ec7e59766b98192ea9059e949c34b791ddf582732f4fd5fb1d5cdd1bdc59c40f4801d224b88944121b657acc8064d217003fa48069c8dd98a5f0a28c088f69177660cdb6e0be88ac13bf171e6e6b25325312d0e76a6394476ac0c4112996f11754f471bcfca0b151ddb959f8b640f63764a26adb194d3ea015824ba3c361adcffddb1ec1e72a04705c0d3ba2f1cf825212576705046a5ca55e0121ac30da4796e068518cccc3ed2939a32810bb9d7270e8c1ec165572f9bc566047054eeff3fdc4ac293ae0803baba027e4b01cc19d34975fe932d4e7b4b5541437b9606d3f5c3177a28c349180746f51f0b01321bfc49215959af3a39850cd417f0fd58e7bb087d111c00e42ceb0f789921afd2b342465cb7e788107696d8b39d1c8e11fe91f0058a3663fe620e2f5bc76c644eb2f2973986446d214a271d9b0f3ee834ed37e5060bbd3e3efbcc6105d05205bbd349f73f0c39e6ed6a12d9d4a4e14e03f48579a233bc21cfaf878786fc47a4e6d65bda31ef25676aa78456917b11e2d110fde34b2bb7075148be7b2e43d43e180c5e692677b1b2007909f5e79cfe7362c4bb02480a7610a2ece41affa30eb6acf7258f0f5e097ab6c7df002fd40119621133976b3d9c27cdd56e06840249ebe6681eef3901e9a0285a220e84d46c8e8cfd8a3a175f40709db7f27ca30e15ca252597fb107aef026931897232a572dea4ea782311251f8f9e4fe6b1aa550c0e796142a94dbc1e1903d4a5550489ac521470658bc3a5e2be735070c42ee6f880d78699841f3c4c6893fb787eea0e0eeaab2ebfa523fcf91370354a9faec4cfbf4dba2a4f5f36f4fb7982ce76d864d35543800111dcd673f2678054a233beeda5997d1165d1ca66b11e2e615c5458ba0c4026cadbf8533badfcabc83aad3e441830f28000de943253952bd21e8556045c34aa84c57502e6bc9a8b3b44e65883e526b5eaed3057801d4ae763912641b6a826bd6d74d72a2ed386cbe5ba95ce5f6528c6877dbd19ef30fab7d7c72a3e3e7f05c368fba126205b406f5fe3e13e048886b11eafb188af8615680cd28ebdd1226f9f939d802846bc403bc524a5b4b02cb6ccf90541d28b76bf3a144cb61aaafa0db83e8d6ce16b271cbd8fa8d4508a796be8b9da8a56d3303abea5b107a97dff53cc49b0fe48ff96809b426d9df60f4106a778e0ff7dab344cf5421eb79ec227a609c2a8617b37d82765914610f913a50886c65ec8c45f8369fd5907404f4cffa42b6e17ef082d64132c5ebc23c0bd08be32be04623cc05df723c86449eb26780567d8860b9bd2714e618dd7efd75cc0307ea1c4d2aee8d426ac6410e8c8a687d9ab2e8c20ec784fccd16ee98d6ee59c7f81989e63fc92987a0a217636a7b1317525a9d2a974204078b932050bfe7d578c642c8f7352d920d54a64477fdfb2664d42b467ba28985173fa830c769d747e1a942fa2fc8aa3fc84203bf4f8a6cd133ee9646443def9594c2e40994fff0591632ba7788e558293813ecc137c40de1776f523d139cac671e82c3b49c01d74a324ebc85a2bee4b68c70a0e741210d4b42c7ecb8a061e0c4a8432a7ec74c3ac3b89e9b30f647f943aadcdbb96cfbd4b28166d128a03ab82d2d4dac288ee38cf23853db08d533c70c1608baa48ca32ab68367ed8e2015c4f319342c3772919aa743330b637bdff964cf31cd7653cc22ca041318f7e9b45a150547b4f97ced56e4004eb10ff57879d977e2d2ec241477a26c34a5d90f19faa8f434345ceb57bbfe124f6268766dbc8b56c4bd8b75c105bb102112aa191590f73ab118e4b9f03c4d91c372fe4be3a45e238d68ba94d2d469a3b870806cd2b5d29c869dad1c2580bf6d9c567227d320ef41023f66ad88e7f0b54cb27499fafb1c203e121ae5281c964c894a5d559e851dcd9f4ffca079140e342b889488371aa8ca48c2fb329c33c8b8025830d5c9294cc84987f5d071fbdbaf3c8761ff1cfa6b0f83c758fe65a36b610cf489ce1d6dbbd917a8bc9316b3823f0cfeeaed653d2f15da2f9483eda73b210af5ed75fad919c26d5607a16eb41517ef5d817b3f5d7bdb28562e85f5068352608905842fac90b4eae838fe71bd5126c7202000885ebb0c3ddea5183fe4f3958814fc0cdb2fca1b20ca88fbadcf4c549fc7d3123394c1616f922c78fb8d08b2fa4d5fc507a2d36200f217713468a9e854ac450d1378a12b4a7bf181832c9c61bd4256c0260c3d834eae011787389811c829810979d7387ae4328016955e60c6f805b9a9c78cf860c6728a18d05e717a77dfc5ffdf23ac4d65c0176677b0f5a77715a86d2276e2facdf80285af7d67a75e489c6eb56ebe1fac432cf5d0cb021e59b400575736327efc550f2d0c471acac34a18266a748c3eaccc44be6a60f5c0eb829199d21bc9afc6c170c58138f9f30db3965f56cf715cfcec2d53dc327ca3a31053c974730848b6d1b32a5ab797ea338929303c5cc9ee5103672c7b73e5a501c00563d78474c3c6e25b5842f6786b73164501c1de390e37683d1a8655027f5ff343b30b9864033ee5e5f8abc5811bdbf227042f2ca82b16fa7f04d82878e89954a1cd76fce093fe269016093598c117964170badef061c7ab9958c3855ae78420affec5f53dfd286fb8511c507e81d9a22edf3abeb7a989bb3c8a452de044fd662bb9943d5739a62064ea3ae164be1807828b13051379887b0438066edaf40dc0606f9fa4bfc04f02f0b5ddc1804ed0de5dfb4263666091073a2739a293a415109fb6ab88421b8e996cbdd278a51149701ad8b48ad60262b2040cf949f0fc4b4e996f88a397bae4f2bc9f4fb7d1a92b151f60c3df828c000fd018cdc618a4eecd5736adf825e1971d968deffda2f293ecbd6a90f69a4ef36b6648ff7e177361608c3fdaeb90a6544f09abce9b6ce1dce17e730087738c596d6beaff3f17f1a4d17656a0bfe183035fe8f0b2294f3018c9652a1c31f92e62934ed00b0ccb10e603931c9084ea213c409737181fe9eabf5742e3939766ad8f54e8a3de251378cf396736720e10c8aba12c60e2ef1634e142634f22455891a5a7b1e816c75321f07ec7b8974098621789829b60ae70a32d9ec9da46c82f93f2df2986143e8888448a7815783ad43ce31b101a75bb1d0b73eb006eda57c5b7eba5ffe47ed8102c36f1dd4d4f9775a40a7537a37a50f14f44d7bd5ece36b333fe11e88d6a41c63b6d2b6c6697065e7ed11f2cec6fd890ebef06e3c1bb2a36d2bddbcc00eed5ce9e8535768f865aa661007420f781e9611536f7cfe30f4c389d8281a2e5de4b4f1ff220bae2f608c02a5e1c87c69287295b8ace1"})
setsockopt$inet6_mtu(r8, 0x29, 0x17, &(0x7f0000002ec0), 0x4)
ioctl$sock_SIOCSIFVLAN_SET_VLAN_EGRESS_PRIORITY_CMD(r8, 0x8983, &(0x7f0000002f00)={0x3, 'tunl0\x00', {0x4}, 0x2})
ioctl$XFS_IOC_BULKSTAT(r8, 0x8040587f, &(0x7f00000030c0)={{0x69d, 0x5, 0x8, 0x10001, 0x8}, &(0x7f0000002f40)=[{}, {}]})
r12 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x3d)
chroot(&(0x7f0000003140)='./file0\x00')
ioctl$KVM_CAP_EXIT_ON_EMULATION_FAILURE(r12, 0x4068aea3, &(0x7f0000003180))

program did not crash
testing program (duration=30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): sendmsg$DEVLINK_CMD_SB_GET-dup-ioctl$TUNSETIFF-mprotect-seccomp$SECCOMP_SET_MODE_FILTER_LISTENER-mprotect-io_setup-io_pgetevents-mkdirat$cgroup_root-clock_gettime-futex-setsockopt$IPT_SO_SET_REPLACE-ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL-bpf$PROG_LOAD-pselect6-ioctl$VT_GETMODE-io_setup-recvmmsg-io_destroy-pselect6-preadv2-ioctl$KVM_CREATE_DEVICE-ppoll-fcntl$dupfd-syz_open_procfs-getresuid-getgid-ioctl$NS_GET_OWNER_UID-getuid-syz_mount_image$fuse
detailed listing:
executing program 0:
sendmsg$DEVLINK_CMD_SB_GET(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000100)={&(0x7f0000000040)={0x8c, 0x0, 0x1, 0x70bd28, 0x25dfdbfd, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x3}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0xecc1}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x3}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x20000014}, 0x0)
r0 = dup(0xffffffffffffffff)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000180)={'veth0_to_team\x00', 0x100})
mprotect(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x6000005)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000200)={0x6, &(0x7f00000001c0)=[{0xefa, 0x81, 0x2, 0x1}, {0x0, 0xe, 0x4, 0x80000000}, {0x4, 0x5, 0x8, 0x8a}, {0x1000, 0x3, 0x81, 0x1}, {0x8, 0x2, 0xff, 0x1}, {0x500, 0xd, 0x6, 0x1ff}]})
mprotect(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2)
io_setup(0x3ff, &(0x7f0000000240)=<r2=>0x0)
io_pgetevents(r2, 0x9, 0x6, &(0x7f0000000280)=[{}, {}, {}, {}, {}, {}], &(0x7f0000000340), &(0x7f00000003c0)={&(0x7f0000000380)={[0x3]}, 0x8})
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/syz1\x00', 0x1ff)
clock_gettime(0x0, &(0x7f0000000480)={<r3=>0x0, <r4=>0x0})
futex(&(0x7f0000000440), 0x3, 0x0, &(0x7f00000004c0)={r3, r4+10000000}, &(0x7f0000000500)=0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000580)=@security={'security\x00', 0xe, 0x4, 0x300, 0xffffffff, 0x0, 0x1d0, 0x100, 0xffffffff, 0xffffffff, 0x268, 0x268, 0x268, 0xffffffff, 0x4, &(0x7f0000000540), {[{{@ip={@empty, @dev={0xac, 0x14, 0x14, 0x36}, 0xff000000, 0xff000000, 'wg0\x00', 'veth1_to_hsr\x00', {}, {}, 0x0, 0x0, 0xf3fd5ef7430d421e}, 0x0, 0xa0, 0x100, 0x0, {}, [@common=@ah={{0x30}, {[0x4, 0x71], 0x1}}]}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x1, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x84, 0x6, [0x34, 0x39, 0x8, 0x3d, 0x2f, 0xc, 0x3b, 0x32, 0x28, 0xb, 0x3d, 0x8, 0x33, 0x3b, 0x38, 0x3d], 0x2, 0x3, 0x101}}}, {{@uncond, 0x0, 0x70, 0xd0}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x1, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x30}, 0x8, 0xfff1, [0xc, 0x19, 0x1f, 0x6, 0x2e, 0x24, 0x2b, 0x35, 0x35, 0x2d, 0x39, 0x4, 0x1a, 0x27, 0x5, 0x12], 0x1, 0x6, 0x8}}}, {{@uncond, 0x0, 0x70, 0x98}, @common=@unspec=@NFQUEUE0={0x28, 'NFQUEUE\x00', 0x0, {0x8}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x360)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000ac0)={'tunl0\x00', &(0x7f00000009c0)={'syztnl2\x00', <r5=>0x0, 0x20, 0x20, 0x47e, 0x9, {{0x2f, 0x4, 0x1, 0x13, 0xbc, 0x67, 0x0, 0x8, 0x4, 0x0, @multicast2, @empty, {[@end, @noop, @timestamp_addr={0x44, 0x34, 0x64, 0x1, 0xc, [{@private=0xa010100, 0x5abe3e59}, {@multicast2, 0x4}, {@broadcast, 0x8}, {@remote, 0x9}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x7}, {@multicast1, 0x8001}]}, @end, @end, @noop, @cipso={0x86, 0x6c, 0x3, [{0x2, 0xb, "fbf104b3fbbd116dc2"}, {0x7, 0x3, 'u'}, {0x0, 0x10, "c99b6f8d040488f68f2c586dc6ac"}, {0x6, 0x9, "1b9ae6794f3156"}, {0x1, 0x7, "0ec003c94f"}, {0x2, 0x11, "46a390df4eee9b6e88ccd914f6c280"}, {0x5, 0xa, "079635bcbfef4a2d"}, {0x1, 0xe, "b1f58b4b9b77e302d0679f30"}, {0x2, 0xf, "37fef5fefed4e5a80cca4ca2d4"}]}]}}}}})
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0xe, 0x6, &(0x7f0000000900)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x1}, [@alu={0x7, 0x0, 0x1, 0x1, 0x5, 0x80, 0xfffffffffffffffc}, @map_idx={0x18, 0x8b597cea25f09929, 0x5, 0x0, 0xf}]}, &(0x7f0000000940)='GPL\x00', 0x4d8, 0x31, &(0x7f0000000980)=""/49, 0x0, 0x1, '\x00', r5, @fallback=0x2f, r0, 0x8, &(0x7f0000000b00)={0x2, 0x1}, 0x8, 0x10, 0x0, 0x0, 0xffffffffffffffff, r0, 0x0, &(0x7f0000000b40)=[r0, r0, r0, r0, r0], 0x0, 0x10, 0xf86}, 0x94)
pselect6(0x40, &(0x7f0000000c40)={0x3, 0x7, 0xce, 0x9576, 0x2, 0x2894, 0x1000, 0x400}, &(0x7f0000000c80)={0x5, 0x80000000000, 0x8000000000000000, 0x4, 0xf3ac, 0x0, 0xb3f8, 0x4}, &(0x7f0000000cc0)={0x8, 0x2, 0x5, 0x3ff, 0xffff, 0x5, 0x3, 0x6}, &(0x7f0000000d00)={0x77359400}, &(0x7f0000000d80)={&(0x7f0000000d40)={[0x6]}, 0x8})
ioctl$VT_GETMODE(r0, 0x5601, &(0x7f0000000dc0))
io_setup(0x3c40, &(0x7f0000000e00)=<r7=>0x0)
recvmmsg(r0, &(0x7f0000002880)=[{{0x0, 0x0, &(0x7f00000010c0)=[{&(0x7f0000000e40)=""/244, 0xf4}, {&(0x7f0000000f40)=""/212, 0xd4}, {&(0x7f0000001040)=""/64, 0x40}, {&(0x7f0000001080)=""/47, 0x2f}], 0x4, &(0x7f0000001100)=""/34, 0x22}, 0xffff}, {{&(0x7f0000001140)=@l2tp={0x2, 0x0, @multicast1}, 0x80, &(0x7f0000002640)=[{&(0x7f00000011c0)=""/71, 0x47}, {&(0x7f0000001240)=""/151, 0x97}, {&(0x7f0000001300)=""/133, 0x85}, {&(0x7f00000013c0)=""/181, 0xb5}, {&(0x7f0000001480)=""/16, 0x10}, {&(0x7f00000014c0)=""/4096, 0x1000}, {&(0x7f00000024c0)=""/195, 0xc3}, {&(0x7f00000025c0)=""/65, 0x41}], 0x8}, 0xd8e}, {{&(0x7f00000026c0)=@tipc=@id, 0x80, &(0x7f00000027c0)=[{&(0x7f0000002740)=""/70, 0x46}], 0x1, &(0x7f0000002800)=""/122, 0x7a}, 0xd}], 0x3, 0x2142, &(0x7f0000002940))
io_destroy(r7)
pselect6(0x40, &(0x7f0000002980)={0x0, 0x2, 0x3, 0x9bf, 0x0, 0x12000000000, 0xa073, 0x2f}, &(0x7f00000029c0)={0x1, 0x9, 0xfffffffffffffff7, 0x2, 0x2, 0x2, 0x7, 0x5}, &(0x7f0000002a00)={0x6, 0xfffffffffffffc00, 0x401, 0x64, 0x1, 0x6, 0x6cb, 0xba}, &(0x7f0000002a40)={0x0, 0x3938700}, &(0x7f0000002ac0)={&(0x7f0000002a80)={[0x9]}, 0x8})
preadv2(r0, &(0x7f0000003cc0)=[{&(0x7f0000002b00)=""/255, 0xff}, {&(0x7f0000002c00)=""/4096, 0x1000}, {&(0x7f0000003c00)=""/63, 0x3f}, {&(0x7f0000003c40)=""/66, 0x42}], 0x4, 0xc0b, 0x400000, 0x1)
ioctl$KVM_CREATE_DEVICE(r0, 0xc00caee0, &(0x7f0000003d00)={0x8, <r8=>0xffffffffffffffff})
ppoll(&(0x7f0000003d40)=[{r8, 0x80}, {r6, 0x8000}, {0xffffffffffffffff, 0x135}, {r1}, {r6, 0x20}], 0x5, &(0x7f0000003d80), &(0x7f0000003dc0)={[0x5]}, 0x8)
fcntl$dupfd(r1, 0x0, r0)
r9 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000003e80)='attr/fscreate\x00')
getresuid(&(0x7f0000003ec0)=<r10=>0x0, &(0x7f0000003f00), &(0x7f0000003f40))
r11 = getgid()
ioctl$NS_GET_OWNER_UID(r1, 0xb704, &(0x7f0000003f80)=<r12=>0x0)
r13 = getuid()
syz_mount_image$fuse(&(0x7f0000003e00), &(0x7f0000003e40)='./file0\x00', 0x4000810, &(0x7f0000003fc0)={{'fd', 0x3d, r9}, 0x2c, {'rootmode', 0x3d, 0x6000}, 0x2c, {'user_id', 0x3d, r10}, 0x2c, {'group_id', 0x3d, r11}, 0x2c, {[{@allow_other}, {@default_permissions}, {@default_permissions}, {@max_read={'max_read', 0x3d, 0x3}}], [{@uid_eq={'uid', 0x3d, r12}}, {@flag='lazytime'}, {@fsuuid={'fsuuid', 0x3d, {[0x33, 0x66, 0x37, 0x61, 0x37, 0x65, 0x37, 0x36], 0x2d, [0x35, 0x36, 0x32, 0x36], 0x2d, [0x32, 0x30, 0x34, 0x35], 0x2d, [0x31, 0x66, 0x62, 0x61], 0x2d, [0x32, 0x34, 0x39, 0x37, 0x65, 0x39, 0x36, 0x37]}}}, {@euid_eq={'euid', 0x3d, r13}}, {@measure}, {@dont_hash}]}}, 0x1, 0x0, &(0x7f0000004100)="cb517f03253d189e4c1287dc852decba57cf0b2abfb1b1da6e2d188b7c8551dad80e466b3e77e7f43fb3478d51c3e5c235c2d508e5c3a5ed127d9e80a5454b9a9a6ab76b0ee789cbe3eca55397ee251ca8db6b8392c5a40dbda630ea763879a129176246c70a1b6c67744b1fef5ee51bc34d065300a180d7f5b47e568e8fa39d28919a7e54eca5f75092bcddf7272cd2b0e6714c65faf02eb576686f0bb6e9f947")

program did not crash
testing program (duration=30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): memfd_create-pwritev-openat$selinux_policy-syz_mount_image$vfat-syz_mount_image$vfat-openat$kvm-ioctl$KVM_CREATE_VM-ioctl$KVM_CREATE_VCPU-ioctl$KVM_SET_GUEST_DEBUG_x86-syz_kvm_setup_cpu$x86-ioctl$KVM_RUN-mount$incfs-dup3
detailed listing:
executing program 0:
r0 = memfd_create(&(0x7f0000000ac0)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89c\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9cJ\x02\x00\x00\x00\x00\x00\x00!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc9\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\xa4(V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9bP\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93iz\xc0\x00\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1y\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)\x8f\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2E\x00\x00\x00\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\xb5\x13^\x13\xcb\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n>V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xe4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe55\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5\xefo\xb8\x8f]\x14\x1d', 0x6)
pwritev(r0, &(0x7f0000000600)=[{&(0x7f0000000180)="10e4a3c418c14b48233ae3c202c14454027bca39511357f7000000000000", 0x1e}, {0x0}, {0x0}, {&(0x7f0000000480)="5327b62001931eecbef03e5324c6b3cf849c60556c902db8c0185dedd3c8f34cf4fb7373ce675f4a2fbbda7c143b98a3a1470e5d1437f84976ef8ddf40d9e327c7286668d919d9f8b82fffab62aeacb4ece0898d73fe343a344680881608edefdc88c47d47cecc27b55abd0788775c1630dbaa52a49a96fd5ebb9a77687f72b4d08228c8cdcaefb670b0b6961fcb2c6d8bb621d2666401d39ca58e35c4ec49a8721924b40f7492b5157aeae53438f9d4c701988ff0697558f9df80ff3eed50ff08e0fa2bcc52877651b16e8e3ceda366dcbae7982ca9c3f11a368738831b54cdc16952a0c596a77f4d372e0e4f8c8dc7a7287daef1eee18f7e9c38ef954bfbed44e2675b064c4eabe03624e594f87e54a35d8e718d7cde66b2e9417f05b2421e2e7616c1ea321d10e940354aa219285aa675c16e46fc1ec8c103af4b530146ea812fde604f230d5678cf1801", 0x14c}, {&(0x7f0000000200)="b93eee414941b23f7e236a513d8617bc6281d3b018a87b1ffb522034547f5646dffd32b668a062ef912bf5a197e32ca7db6cf716f67daf54fb5ef95d5505f6d67dc42c4eeacc54f1b90b36f6e9205469da4c37407584891e748eaaef6008b191c329ea83c6d68d85792e0000000000000053caba1870d9d9ca89b023ac43ccdcdcfa87c713ad96a3c347d319b9b75db353bd453f02a13494555ce22329d00ac4d0420dfb9efd378381ad2974144e8bb7ee1ae2ef2b4530bc64fb83a449cf4c4337269d49e099fa6135383d8a931850f8302e09fe92b5c309a6f70197fcc535", 0xdf}, {&(0x7f0000000300)}, {&(0x7f0000000380)="5016cf957341f1309660144f05a4c852b7c91d465959679f46274313d42623a941d53dda228a21cfe2d24324e88452b9a5826f74c9aa4fa5812d9b4d91a93f16302922ec7c1b3c24d380b5096f3f1ade3e646c935db9811d60cad83d8ce1fcf5062841d4", 0x64}], 0x7, 0x0, 0x0)
r1 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x2808080, &(0x7f0000000440)=ANY=[@ANYBLOB="696f636861727365743d6b6f69382d72752c6e6f6e756d7461696c3d302c756e695f786c6174653d302c73686f72746e616d653d77696e6e742c73686f72746e616d653d77696e39352c636f6465706167653d3835302c0072726f72733d72656d6f756e742d726f2c757466383d302c73686f72746e616d653d6d697865642c73686f72746e616d643d77696e39352c696f636861327384743d69736f383835392d31352c73686f72746e616d653d6c6f7765722c73686f72746e616d653d77696e39352c756e695f786c6174653d312c00"], 0x81, 0x2ba, &(0x7f0000000a40)="$eJzs3c+KI0UYAPCvJ51MRmWTgydZsEEPnoadfYIdZITFOSl90IuKmwWZhIUJBFbBuCfvgifBR/AdfAAvvoEHj4I39yC2JN35O524kTGr4+93ma+r6quuqq6ZgUBXPrw9uHjwaPjwya2fot1O4uBe3IunSXTjIGa+iIX2rQAA/uOeFkX8WpQiWlvbptP6olNe3T7YzwgBgOu2+v8fAPg/ePe9998+PT8/eyfL2hGDL0d5EhGDZJSX9acP45PoRy/uRCd+jyjmyvil++dnkWbZ7MOA0VHkEYMPfqiuT3+JmOafRCe6V/Pfun9+dpKV4vXBeJRP7jz52YwXkojTIik7uhudeDmiaEbVySL/bk1+5K1447VvqvH/0Yvj6MSPH8ej6MeDaReL/M9PsuzN4uvfPitnkEck41F+OG23UDT29lAAAAAAAAAAAAAAAAAAAAAAALjxjrO57vL5ObPTAI+P6+un5wM1as4Hqk74GS+dr3Mny7LZMT6jvBllfhqvpJE+18kDAAAAAAAAAAAAAAAAAADAv8Tw8acXH/X7vcuV4PtivaQmqN7oj6okXapKV6u291MTXHwXsXvWswTRqIbWT67cYjahZ+4w3dz4cLXk263TOarrJw42rWHaj3LwX+2+CK/uNMFJUPyNdZ7trskm2dK4EcPH7fpNsrQzj6rncjmcBkebNu1qUNQsXWNjVuua9ljrxV2yWn/ZZjLj5nwxV9u0J09yqaR5zb8pa5J/5O8PAAAAAAAAAAAAAAAAAACwsHjpN36+UvnkuQwJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPZu8f3/8yC66yXrwbhK7tWlrwWHl8Oa23b3PE0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABuuD8DAAD//6EYVj0=")
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000280)='./bus\x00', 0x3c9c9b, 0x0, 0x0, 0x0, &(0x7f0000000140))
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x181403, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
ioctl$KVM_SET_GUEST_DEBUG_x86(r4, 0x4048ae9b, &(0x7f0000000300)={0x9f634221288b0807, 0x0, {[0x4, 0x3, 0x7fffdfff, 0x800000000005, 0x100000000, 0x9, 0xfffffffffffffffe, 0x2012]}})
syz_kvm_setup_cpu$x86(r3, r4, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f00000003c0)="b99d809a0000c000c0350004000066b8db000f00d8b805000000b9cac900000f01d9a7670f010e0e01c9670f01cf3e660f01df0fc729f72fc4e31d7f6380b7c4e2c1a639", 0x44}], 0x1, 0x40, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
mount$incfs(&(0x7f00000007c0)='.\x00', &(0x7f0000000800)='./bus\x00', &(0x7f0000000840), 0x1004002, 0x0)
dup3(r0, r1, 0x80000)

program crashed: KASAN: null-ptr-deref Write in vfs_rmdir
single: successfully extracted reproducer
found reproducer with 13 syscalls
minimizing guilty program
testing program (duration=45.217014642s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): memfd_create-pwritev-openat$selinux_policy-syz_mount_image$vfat-syz_mount_image$vfat-openat$kvm-ioctl$KVM_CREATE_VM-ioctl$KVM_CREATE_VCPU-ioctl$KVM_SET_GUEST_DEBUG_x86-syz_kvm_setup_cpu$x86-ioctl$KVM_RUN-mount$incfs
detailed listing:
executing program 0:
r0 = memfd_create(&(0x7f0000000ac0)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89c\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9cJ\x02\x00\x00\x00\x00\x00\x00!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc9\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\xa4(V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9bP\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93iz\xc0\x00\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1y\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)\x8f\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2E\x00\x00\x00\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\xb5\x13^\x13\xcb\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n>V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xe4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe55\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5\xefo\xb8\x8f]\x14\x1d', 0x6)
pwritev(r0, &(0x7f0000000600)=[{&(0x7f0000000180)="10e4a3c418c14b48233ae3c202c14454027bca39511357f7000000000000", 0x1e}, {0x0}, {0x0}, {&(0x7f0000000480)="5327b62001931eecbef03e5324c6b3cf849c60556c902db8c0185dedd3c8f34cf4fb7373ce675f4a2fbbda7c143b98a3a1470e5d1437f84976ef8ddf40d9e327c7286668d919d9f8b82fffab62aeacb4ece0898d73fe343a344680881608edefdc88c47d47cecc27b55abd0788775c1630dbaa52a49a96fd5ebb9a77687f72b4d08228c8cdcaefb670b0b6961fcb2c6d8bb621d2666401d39ca58e35c4ec49a8721924b40f7492b5157aeae53438f9d4c701988ff0697558f9df80ff3eed50ff08e0fa2bcc52877651b16e8e3ceda366dcbae7982ca9c3f11a368738831b54cdc16952a0c596a77f4d372e0e4f8c8dc7a7287daef1eee18f7e9c38ef954bfbed44e2675b064c4eabe03624e594f87e54a35d8e718d7cde66b2e9417f05b2421e2e7616c1ea321d10e940354aa219285aa675c16e46fc1ec8c103af4b530146ea812fde604f230d5678cf1801", 0x14c}, {&(0x7f0000000200)="b93eee414941b23f7e236a513d8617bc6281d3b018a87b1ffb522034547f5646dffd32b668a062ef912bf5a197e32ca7db6cf716f67daf54fb5ef95d5505f6d67dc42c4eeacc54f1b90b36f6e9205469da4c37407584891e748eaaef6008b191c329ea83c6d68d85792e0000000000000053caba1870d9d9ca89b023ac43ccdcdcfa87c713ad96a3c347d319b9b75db353bd453f02a13494555ce22329d00ac4d0420dfb9efd378381ad2974144e8bb7ee1ae2ef2b4530bc64fb83a449cf4c4337269d49e099fa6135383d8a931850f8302e09fe92b5c309a6f70197fcc535", 0xdf}, {&(0x7f0000000300)}, {&(0x7f0000000380)="5016cf957341f1309660144f05a4c852b7c91d465959679f46274313d42623a941d53dda228a21cfe2d24324e88452b9a5826f74c9aa4fa5812d9b4d91a93f16302922ec7c1b3c24d380b5096f3f1ade3e646c935db9811d60cad83d8ce1fcf5062841d4", 0x64}], 0x7, 0x0, 0x0)
openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x2808080, &(0x7f0000000440)=ANY=[@ANYBLOB="696f636861727365743d6b6f69382d72752c6e6f6e756d7461696c3d302c756e695f786c6174653d302c73686f72746e616d653d77696e6e742c73686f72746e616d653d77696e39352c636f6465706167653d3835302c0072726f72733d72656d6f756e742d726f2c757466383d302c73686f72746e616d653d6d697865642c73686f72746e616d643d77696e39352c696f636861327384743d69736f383835392d31352c73686f72746e616d653d6c6f7765722c73686f72746e616d653d77696e39352c756e695f786c6174653d312c00"], 0x81, 0x2ba, &(0x7f0000000a40)="$eJzs3c+KI0UYAPCvJ51MRmWTgydZsEEPnoadfYIdZITFOSl90IuKmwWZhIUJBFbBuCfvgifBR/AdfAAvvoEHj4I39yC2JN35O524kTGr4+93ma+r6quuqq6ZgUBXPrw9uHjwaPjwya2fot1O4uBe3IunSXTjIGa+iIX2rQAA/uOeFkX8WpQiWlvbptP6olNe3T7YzwgBgOu2+v8fAPg/ePe9998+PT8/eyfL2hGDL0d5EhGDZJSX9acP45PoRy/uRCd+jyjmyvil++dnkWbZ7MOA0VHkEYMPfqiuT3+JmOafRCe6V/Pfun9+dpKV4vXBeJRP7jz52YwXkojTIik7uhudeDmiaEbVySL/bk1+5K1447VvqvH/0Yvj6MSPH8ej6MeDaReL/M9PsuzN4uvfPitnkEck41F+OG23UDT29lAAAAAAAAAAAAAAAAAAAAAAALjxjrO57vL5ObPTAI+P6+un5wM1as4Hqk74GS+dr3Mny7LZMT6jvBllfhqvpJE+18kDAAAAAAAAAAAAAAAAAADAv8Tw8acXH/X7vcuV4PtivaQmqN7oj6okXapKV6u291MTXHwXsXvWswTRqIbWT67cYjahZ+4w3dz4cLXk263TOarrJw42rWHaj3LwX+2+CK/uNMFJUPyNdZ7trskm2dK4EcPH7fpNsrQzj6rncjmcBkebNu1qUNQsXWNjVuua9ljrxV2yWn/ZZjLj5nwxV9u0J09yqaR5zb8pa5J/5O8PAAAAAAAAAAAAAAAAAACwsHjpN36+UvnkuQwJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPZu8f3/8yC66yXrwbhK7tWlrwWHl8Oa23b3PE0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABuuD8DAAD//6EYVj0=")
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000280)='./bus\x00', 0x3c9c9b, 0x0, 0x0, 0x0, &(0x7f0000000140))
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x181403, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
ioctl$KVM_SET_GUEST_DEBUG_x86(r3, 0x4048ae9b, &(0x7f0000000300)={0x9f634221288b0807, 0x0, {[0x4, 0x3, 0x7fffdfff, 0x800000000005, 0x100000000, 0x9, 0xfffffffffffffffe, 0x2012]}})
syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f00000003c0)="b99d809a0000c000c0350004000066b8db000f00d8b805000000b9cac900000f01d9a7670f010e0e01c9670f01cf3e660f01df0fc729f72fc4e31d7f6380b7c4e2c1a639", 0x44}], 0x1, 0x40, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
mount$incfs(&(0x7f00000007c0)='.\x00', &(0x7f0000000800)='./bus\x00', &(0x7f0000000840), 0x1004002, 0x0)

program did not crash
testing program (duration=45.217014642s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): memfd_create-pwritev-openat$selinux_policy-syz_mount_image$vfat-syz_mount_image$vfat-openat$kvm-ioctl$KVM_CREATE_VM-ioctl$KVM_CREATE_VCPU-ioctl$KVM_SET_GUEST_DEBUG_x86-syz_kvm_setup_cpu$x86-ioctl$KVM_RUN-dup3
detailed listing:
executing program 0:
r0 = memfd_create(&(0x7f0000000ac0)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89c\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9cJ\x02\x00\x00\x00\x00\x00\x00!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc9\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\xa4(V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9bP\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93iz\xc0\x00\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1y\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)\x8f\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2E\x00\x00\x00\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\xb5\x13^\x13\xcb\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n>V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xe4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe55\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5\xefo\xb8\x8f]\x14\x1d', 0x6)
pwritev(r0, &(0x7f0000000600)=[{&(0x7f0000000180)="10e4a3c418c14b48233ae3c202c14454027bca39511357f7000000000000", 0x1e}, {0x0}, {0x0}, {&(0x7f0000000480)="5327b62001931eecbef03e5324c6b3cf849c60556c902db8c0185dedd3c8f34cf4fb7373ce675f4a2fbbda7c143b98a3a1470e5d1437f84976ef8ddf40d9e327c7286668d919d9f8b82fffab62aeacb4ece0898d73fe343a344680881608edefdc88c47d47cecc27b55abd0788775c1630dbaa52a49a96fd5ebb9a77687f72b4d08228c8cdcaefb670b0b6961fcb2c6d8bb621d2666401d39ca58e35c4ec49a8721924b40f7492b5157aeae53438f9d4c701988ff0697558f9df80ff3eed50ff08e0fa2bcc52877651b16e8e3ceda366dcbae7982ca9c3f11a368738831b54cdc16952a0c596a77f4d372e0e4f8c8dc7a7287daef1eee18f7e9c38ef954bfbed44e2675b064c4eabe03624e594f87e54a35d8e718d7cde66b2e9417f05b2421e2e7616c1ea321d10e940354aa219285aa675c16e46fc1ec8c103af4b530146ea812fde604f230d5678cf1801", 0x14c}, {&(0x7f0000000200)="b93eee414941b23f7e236a513d8617bc6281d3b018a87b1ffb522034547f5646dffd32b668a062ef912bf5a197e32ca7db6cf716f67daf54fb5ef95d5505f6d67dc42c4eeacc54f1b90b36f6e9205469da4c37407584891e748eaaef6008b191c329ea83c6d68d85792e0000000000000053caba1870d9d9ca89b023ac43ccdcdcfa87c713ad96a3c347d319b9b75db353bd453f02a13494555ce22329d00ac4d0420dfb9efd378381ad2974144e8bb7ee1ae2ef2b4530bc64fb83a449cf4c4337269d49e099fa6135383d8a931850f8302e09fe92b5c309a6f70197fcc535", 0xdf}, {&(0x7f0000000300)}, {&(0x7f0000000380)="5016cf957341f1309660144f05a4c852b7c91d465959679f46274313d42623a941d53dda228a21cfe2d24324e88452b9a5826f74c9aa4fa5812d9b4d91a93f16302922ec7c1b3c24d380b5096f3f1ade3e646c935db9811d60cad83d8ce1fcf5062841d4", 0x64}], 0x7, 0x0, 0x0)
r1 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x2808080, &(0x7f0000000440)=ANY=[@ANYBLOB="696f636861727365743d6b6f69382d72752c6e6f6e756d7461696c3d302c756e695f786c6174653d302c73686f72746e616d653d77696e6e742c73686f72746e616d653d77696e39352c636f6465706167653d3835302c0072726f72733d72656d6f756e742d726f2c757466383d302c73686f72746e616d653d6d697865642c73686f72746e616d643d77696e39352c696f636861327384743d69736f383835392d31352c73686f72746e616d653d6c6f7765722c73686f72746e616d653d77696e39352c756e695f786c6174653d312c00"], 0x81, 0x2ba, &(0x7f0000000a40)="$eJzs3c+KI0UYAPCvJ51MRmWTgydZsEEPnoadfYIdZITFOSl90IuKmwWZhIUJBFbBuCfvgifBR/AdfAAvvoEHj4I39yC2JN35O524kTGr4+93ma+r6quuqq6ZgUBXPrw9uHjwaPjwya2fot1O4uBe3IunSXTjIGa+iIX2rQAA/uOeFkX8WpQiWlvbptP6olNe3T7YzwgBgOu2+v8fAPg/ePe9998+PT8/eyfL2hGDL0d5EhGDZJSX9acP45PoRy/uRCd+jyjmyvil++dnkWbZ7MOA0VHkEYMPfqiuT3+JmOafRCe6V/Pfun9+dpKV4vXBeJRP7jz52YwXkojTIik7uhudeDmiaEbVySL/bk1+5K1447VvqvH/0Yvj6MSPH8ej6MeDaReL/M9PsuzN4uvfPitnkEck41F+OG23UDT29lAAAAAAAAAAAAAAAAAAAAAAALjxjrO57vL5ObPTAI+P6+un5wM1as4Hqk74GS+dr3Mny7LZMT6jvBllfhqvpJE+18kDAAAAAAAAAAAAAAAAAADAv8Tw8acXH/X7vcuV4PtivaQmqN7oj6okXapKV6u291MTXHwXsXvWswTRqIbWT67cYjahZ+4w3dz4cLXk263TOarrJw42rWHaj3LwX+2+CK/uNMFJUPyNdZ7trskm2dK4EcPH7fpNsrQzj6rncjmcBkebNu1qUNQsXWNjVuua9ljrxV2yWn/ZZjLj5nwxV9u0J09yqaR5zb8pa5J/5O8PAAAAAAAAAAAAAAAAAACwsHjpN36+UvnkuQwJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPZu8f3/8yC66yXrwbhK7tWlrwWHl8Oa23b3PE0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABuuD8DAAD//6EYVj0=")
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000280)='./bus\x00', 0x3c9c9b, 0x0, 0x0, 0x0, &(0x7f0000000140))
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x181403, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
ioctl$KVM_SET_GUEST_DEBUG_x86(r4, 0x4048ae9b, &(0x7f0000000300)={0x9f634221288b0807, 0x0, {[0x4, 0x3, 0x7fffdfff, 0x800000000005, 0x100000000, 0x9, 0xfffffffffffffffe, 0x2012]}})
syz_kvm_setup_cpu$x86(r3, r4, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f00000003c0)="b99d809a0000c000c0350004000066b8db000f00d8b805000000b9cac900000f01d9a7670f010e0e01c9670f01cf3e660f01df0fc729f72fc4e31d7f6380b7c4e2c1a639", 0x44}], 0x1, 0x40, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
dup3(r0, r1, 0x80000)

program did not crash
testing program (duration=45.217014642s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): memfd_create-pwritev-openat$selinux_policy-syz_mount_image$vfat-syz_mount_image$vfat-openat$kvm-ioctl$KVM_CREATE_VM-ioctl$KVM_CREATE_VCPU-ioctl$KVM_SET_GUEST_DEBUG_x86-syz_kvm_setup_cpu$x86-mount$incfs-dup3
detailed listing:
executing program 0:
r0 = memfd_create(&(0x7f0000000ac0)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89c\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9cJ\x02\x00\x00\x00\x00\x00\x00!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc9\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\xa4(V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9bP\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93iz\xc0\x00\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1y\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)\x8f\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2E\x00\x00\x00\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\xb5\x13^\x13\xcb\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n>V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xe4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe55\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5\xefo\xb8\x8f]\x14\x1d', 0x6)
pwritev(r0, &(0x7f0000000600)=[{&(0x7f0000000180)="10e4a3c418c14b48233ae3c202c14454027bca39511357f7000000000000", 0x1e}, {0x0}, {0x0}, {&(0x7f0000000480)="5327b62001931eecbef03e5324c6b3cf849c60556c902db8c0185dedd3c8f34cf4fb7373ce675f4a2fbbda7c143b98a3a1470e5d1437f84976ef8ddf40d9e327c7286668d919d9f8b82fffab62aeacb4ece0898d73fe343a344680881608edefdc88c47d47cecc27b55abd0788775c1630dbaa52a49a96fd5ebb9a77687f72b4d08228c8cdcaefb670b0b6961fcb2c6d8bb621d2666401d39ca58e35c4ec49a8721924b40f7492b5157aeae53438f9d4c701988ff0697558f9df80ff3eed50ff08e0fa2bcc52877651b16e8e3ceda366dcbae7982ca9c3f11a368738831b54cdc16952a0c596a77f4d372e0e4f8c8dc7a7287daef1eee18f7e9c38ef954bfbed44e2675b064c4eabe03624e594f87e54a35d8e718d7cde66b2e9417f05b2421e2e7616c1ea321d10e940354aa219285aa675c16e46fc1ec8c103af4b530146ea812fde604f230d5678cf1801", 0x14c}, {&(0x7f0000000200)="b93eee414941b23f7e236a513d8617bc6281d3b018a87b1ffb522034547f5646dffd32b668a062ef912bf5a197e32ca7db6cf716f67daf54fb5ef95d5505f6d67dc42c4eeacc54f1b90b36f6e9205469da4c37407584891e748eaaef6008b191c329ea83c6d68d85792e0000000000000053caba1870d9d9ca89b023ac43ccdcdcfa87c713ad96a3c347d319b9b75db353bd453f02a13494555ce22329d00ac4d0420dfb9efd378381ad2974144e8bb7ee1ae2ef2b4530bc64fb83a449cf4c4337269d49e099fa6135383d8a931850f8302e09fe92b5c309a6f70197fcc535", 0xdf}, {&(0x7f0000000300)}, {&(0x7f0000000380)="5016cf957341f1309660144f05a4c852b7c91d465959679f46274313d42623a941d53dda228a21cfe2d24324e88452b9a5826f74c9aa4fa5812d9b4d91a93f16302922ec7c1b3c24d380b5096f3f1ade3e646c935db9811d60cad83d8ce1fcf5062841d4", 0x64}], 0x7, 0x0, 0x0)
r1 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x2808080, &(0x7f0000000440)=ANY=[@ANYBLOB="696f636861727365743d6b6f69382d72752c6e6f6e756d7461696c3d302c756e695f786c6174653d302c73686f72746e616d653d77696e6e742c73686f72746e616d653d77696e39352c636f6465706167653d3835302c0072726f72733d72656d6f756e742d726f2c757466383d302c73686f72746e616d653d6d697865642c73686f72746e616d643d77696e39352c696f636861327384743d69736f383835392d31352c73686f72746e616d653d6c6f7765722c73686f72746e616d653d77696e39352c756e695f786c6174653d312c00"], 0x81, 0x2ba, &(0x7f0000000a40)="$eJzs3c+KI0UYAPCvJ51MRmWTgydZsEEPnoadfYIdZITFOSl90IuKmwWZhIUJBFbBuCfvgifBR/AdfAAvvoEHj4I39yC2JN35O524kTGr4+93ma+r6quuqq6ZgUBXPrw9uHjwaPjwya2fot1O4uBe3IunSXTjIGa+iIX2rQAA/uOeFkX8WpQiWlvbptP6olNe3T7YzwgBgOu2+v8fAPg/ePe9998+PT8/eyfL2hGDL0d5EhGDZJSX9acP45PoRy/uRCd+jyjmyvil++dnkWbZ7MOA0VHkEYMPfqiuT3+JmOafRCe6V/Pfun9+dpKV4vXBeJRP7jz52YwXkojTIik7uhudeDmiaEbVySL/bk1+5K1447VvqvH/0Yvj6MSPH8ej6MeDaReL/M9PsuzN4uvfPitnkEck41F+OG23UDT29lAAAAAAAAAAAAAAAAAAAAAAALjxjrO57vL5ObPTAI+P6+un5wM1as4Hqk74GS+dr3Mny7LZMT6jvBllfhqvpJE+18kDAAAAAAAAAAAAAAAAAADAv8Tw8acXH/X7vcuV4PtivaQmqN7oj6okXapKV6u291MTXHwXsXvWswTRqIbWT67cYjahZ+4w3dz4cLXk263TOarrJw42rWHaj3LwX+2+CK/uNMFJUPyNdZ7trskm2dK4EcPH7fpNsrQzj6rncjmcBkebNu1qUNQsXWNjVuua9ljrxV2yWn/ZZjLj5nwxV9u0J09yqaR5zb8pa5J/5O8PAAAAAAAAAAAAAAAAAACwsHjpN36+UvnkuQwJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPZu8f3/8yC66yXrwbhK7tWlrwWHl8Oa23b3PE0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABuuD8DAAD//6EYVj0=")
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000280)='./bus\x00', 0x3c9c9b, 0x0, 0x0, 0x0, &(0x7f0000000140))
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x181403, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
ioctl$KVM_SET_GUEST_DEBUG_x86(r4, 0x4048ae9b, &(0x7f0000000300)={0x9f634221288b0807, 0x0, {[0x4, 0x3, 0x7fffdfff, 0x800000000005, 0x100000000, 0x9, 0xfffffffffffffffe, 0x2012]}})
syz_kvm_setup_cpu$x86(r3, r4, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f00000003c0)="b99d809a0000c000c0350004000066b8db000f00d8b805000000b9cac900000f01d9a7670f010e0e01c9670f01cf3e660f01df0fc729f72fc4e31d7f6380b7c4e2c1a639", 0x44}], 0x1, 0x40, 0x0, 0x0)
mount$incfs(&(0x7f00000007c0)='.\x00', &(0x7f0000000800)='./bus\x00', &(0x7f0000000840), 0x1004002, 0x0)
dup3(r0, r1, 0x80000)

program did not crash
testing program (duration=45.217014642s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): memfd_create-pwritev-openat$selinux_policy-syz_mount_image$vfat-syz_mount_image$vfat-openat$kvm-ioctl$KVM_CREATE_VM-ioctl$KVM_CREATE_VCPU-ioctl$KVM_SET_GUEST_DEBUG_x86-ioctl$KVM_RUN-mount$incfs-dup3
detailed listing:
executing program 0:
r0 = memfd_create(&(0x7f0000000ac0)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89c\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9cJ\x02\x00\x00\x00\x00\x00\x00!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc9\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\xa4(V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9bP\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93iz\xc0\x00\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1y\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)\x8f\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2E\x00\x00\x00\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\xb5\x13^\x13\xcb\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n>V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xe4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe55\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5\xefo\xb8\x8f]\x14\x1d', 0x6)
pwritev(r0, &(0x7f0000000600)=[{&(0x7f0000000180)="10e4a3c418c14b48233ae3c202c14454027bca39511357f7000000000000", 0x1e}, {0x0}, {0x0}, {&(0x7f0000000480)="5327b62001931eecbef03e5324c6b3cf849c60556c902db8c0185dedd3c8f34cf4fb7373ce675f4a2fbbda7c143b98a3a1470e5d1437f84976ef8ddf40d9e327c7286668d919d9f8b82fffab62aeacb4ece0898d73fe343a344680881608edefdc88c47d47cecc27b55abd0788775c1630dbaa52a49a96fd5ebb9a77687f72b4d08228c8cdcaefb670b0b6961fcb2c6d8bb621d2666401d39ca58e35c4ec49a8721924b40f7492b5157aeae53438f9d4c701988ff0697558f9df80ff3eed50ff08e0fa2bcc52877651b16e8e3ceda366dcbae7982ca9c3f11a368738831b54cdc16952a0c596a77f4d372e0e4f8c8dc7a7287daef1eee18f7e9c38ef954bfbed44e2675b064c4eabe03624e594f87e54a35d8e718d7cde66b2e9417f05b2421e2e7616c1ea321d10e940354aa219285aa675c16e46fc1ec8c103af4b530146ea812fde604f230d5678cf1801", 0x14c}, {&(0x7f0000000200)="b93eee414941b23f7e236a513d8617bc6281d3b018a87b1ffb522034547f5646dffd32b668a062ef912bf5a197e32ca7db6cf716f67daf54fb5ef95d5505f6d67dc42c4eeacc54f1b90b36f6e9205469da4c37407584891e748eaaef6008b191c329ea83c6d68d85792e0000000000000053caba1870d9d9ca89b023ac43ccdcdcfa87c713ad96a3c347d319b9b75db353bd453f02a13494555ce22329d00ac4d0420dfb9efd378381ad2974144e8bb7ee1ae2ef2b4530bc64fb83a449cf4c4337269d49e099fa6135383d8a931850f8302e09fe92b5c309a6f70197fcc535", 0xdf}, {&(0x7f0000000300)}, {&(0x7f0000000380)="5016cf957341f1309660144f05a4c852b7c91d465959679f46274313d42623a941d53dda228a21cfe2d24324e88452b9a5826f74c9aa4fa5812d9b4d91a93f16302922ec7c1b3c24d380b5096f3f1ade3e646c935db9811d60cad83d8ce1fcf5062841d4", 0x64}], 0x7, 0x0, 0x0)
r1 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x2808080, &(0x7f0000000440)=ANY=[@ANYBLOB="696f636861727365743d6b6f69382d72752c6e6f6e756d7461696c3d302c756e695f786c6174653d302c73686f72746e616d653d77696e6e742c73686f72746e616d653d77696e39352c636f6465706167653d3835302c0072726f72733d72656d6f756e742d726f2c757466383d302c73686f72746e616d653d6d697865642c73686f72746e616d643d77696e39352c696f636861327384743d69736f383835392d31352c73686f72746e616d653d6c6f7765722c73686f72746e616d653d77696e39352c756e695f786c6174653d312c00"], 0x81, 0x2ba, &(0x7f0000000a40)="$eJzs3c+KI0UYAPCvJ51MRmWTgydZsEEPnoadfYIdZITFOSl90IuKmwWZhIUJBFbBuCfvgifBR/AdfAAvvoEHj4I39yC2JN35O524kTGr4+93ma+r6quuqq6ZgUBXPrw9uHjwaPjwya2fot1O4uBe3IunSXTjIGa+iIX2rQAA/uOeFkX8WpQiWlvbptP6olNe3T7YzwgBgOu2+v8fAPg/ePe9998+PT8/eyfL2hGDL0d5EhGDZJSX9acP45PoRy/uRCd+jyjmyvil++dnkWbZ7MOA0VHkEYMPfqiuT3+JmOafRCe6V/Pfun9+dpKV4vXBeJRP7jz52YwXkojTIik7uhudeDmiaEbVySL/bk1+5K1447VvqvH/0Yvj6MSPH8ej6MeDaReL/M9PsuzN4uvfPitnkEck41F+OG23UDT29lAAAAAAAAAAAAAAAAAAAAAAALjxjrO57vL5ObPTAI+P6+un5wM1as4Hqk74GS+dr3Mny7LZMT6jvBllfhqvpJE+18kDAAAAAAAAAAAAAAAAAADAv8Tw8acXH/X7vcuV4PtivaQmqN7oj6okXapKV6u291MTXHwXsXvWswTRqIbWT67cYjahZ+4w3dz4cLXk263TOarrJw42rWHaj3LwX+2+CK/uNMFJUPyNdZ7trskm2dK4EcPH7fpNsrQzj6rncjmcBkebNu1qUNQsXWNjVuua9ljrxV2yWn/ZZjLj5nwxV9u0J09yqaR5zb8pa5J/5O8PAAAAAAAAAAAAAAAAAACwsHjpN36+UvnkuQwJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPZu8f3/8yC66yXrwbhK7tWlrwWHl8Oa23b3PE0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABuuD8DAAD//6EYVj0=")
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000280)='./bus\x00', 0x3c9c9b, 0x0, 0x0, 0x0, &(0x7f0000000140))
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x181403, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
ioctl$KVM_SET_GUEST_DEBUG_x86(r4, 0x4048ae9b, &(0x7f0000000300)={0x9f634221288b0807, 0x0, {[0x4, 0x3, 0x7fffdfff, 0x800000000005, 0x100000000, 0x9, 0xfffffffffffffffe, 0x2012]}})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
mount$incfs(&(0x7f00000007c0)='.\x00', &(0x7f0000000800)='./bus\x00', &(0x7f0000000840), 0x1004002, 0x0)
dup3(r0, r1, 0x80000)

program crashed: KASAN: null-ptr-deref Write in vfs_rmdir
testing program (duration=45.217014642s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): memfd_create-pwritev-openat$selinux_policy-syz_mount_image$vfat-syz_mount_image$vfat-openat$kvm-ioctl$KVM_CREATE_VM-ioctl$KVM_CREATE_VCPU-ioctl$KVM_RUN-mount$incfs-dup3
detailed listing:
executing program 0:
r0 = memfd_create(&(0x7f0000000ac0)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89c\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9cJ\x02\x00\x00\x00\x00\x00\x00!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc9\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\xa4(V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9bP\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93iz\xc0\x00\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1y\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)\x8f\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2E\x00\x00\x00\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\xb5\x13^\x13\xcb\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n>V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xe4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe55\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5\xefo\xb8\x8f]\x14\x1d', 0x6)
pwritev(r0, &(0x7f0000000600)=[{&(0x7f0000000180)="10e4a3c418c14b48233ae3c202c14454027bca39511357f7000000000000", 0x1e}, {0x0}, {0x0}, {&(0x7f0000000480)="5327b62001931eecbef03e5324c6b3cf849c60556c902db8c0185dedd3c8f34cf4fb7373ce675f4a2fbbda7c143b98a3a1470e5d1437f84976ef8ddf40d9e327c7286668d919d9f8b82fffab62aeacb4ece0898d73fe343a344680881608edefdc88c47d47cecc27b55abd0788775c1630dbaa52a49a96fd5ebb9a77687f72b4d08228c8cdcaefb670b0b6961fcb2c6d8bb621d2666401d39ca58e35c4ec49a8721924b40f7492b5157aeae53438f9d4c701988ff0697558f9df80ff3eed50ff08e0fa2bcc52877651b16e8e3ceda366dcbae7982ca9c3f11a368738831b54cdc16952a0c596a77f4d372e0e4f8c8dc7a7287daef1eee18f7e9c38ef954bfbed44e2675b064c4eabe03624e594f87e54a35d8e718d7cde66b2e9417f05b2421e2e7616c1ea321d10e940354aa219285aa675c16e46fc1ec8c103af4b530146ea812fde604f230d5678cf1801", 0x14c}, {&(0x7f0000000200)="b93eee414941b23f7e236a513d8617bc6281d3b018a87b1ffb522034547f5646dffd32b668a062ef912bf5a197e32ca7db6cf716f67daf54fb5ef95d5505f6d67dc42c4eeacc54f1b90b36f6e9205469da4c37407584891e748eaaef6008b191c329ea83c6d68d85792e0000000000000053caba1870d9d9ca89b023ac43ccdcdcfa87c713ad96a3c347d319b9b75db353bd453f02a13494555ce22329d00ac4d0420dfb9efd378381ad2974144e8bb7ee1ae2ef2b4530bc64fb83a449cf4c4337269d49e099fa6135383d8a931850f8302e09fe92b5c309a6f70197fcc535", 0xdf}, {&(0x7f0000000300)}, {&(0x7f0000000380)="5016cf957341f1309660144f05a4c852b7c91d465959679f46274313d42623a941d53dda228a21cfe2d24324e88452b9a5826f74c9aa4fa5812d9b4d91a93f16302922ec7c1b3c24d380b5096f3f1ade3e646c935db9811d60cad83d8ce1fcf5062841d4", 0x64}], 0x7, 0x0, 0x0)
r1 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x2808080, &(0x7f0000000440)=ANY=[@ANYBLOB="696f636861727365743d6b6f69382d72752c6e6f6e756d7461696c3d302c756e695f786c6174653d302c73686f72746e616d653d77696e6e742c73686f72746e616d653d77696e39352c636f6465706167653d3835302c0072726f72733d72656d6f756e742d726f2c757466383d302c73686f72746e616d653d6d697865642c73686f72746e616d643d77696e39352c696f636861327384743d69736f383835392d31352c73686f72746e616d653d6c6f7765722c73686f72746e616d653d77696e39352c756e695f786c6174653d312c00"], 0x81, 0x2ba, &(0x7f0000000a40)="$eJzs3c+KI0UYAPCvJ51MRmWTgydZsEEPnoadfYIdZITFOSl90IuKmwWZhIUJBFbBuCfvgifBR/AdfAAvvoEHj4I39yC2JN35O524kTGr4+93ma+r6quuqq6ZgUBXPrw9uHjwaPjwya2fot1O4uBe3IunSXTjIGa+iIX2rQAA/uOeFkX8WpQiWlvbptP6olNe3T7YzwgBgOu2+v8fAPg/ePe9998+PT8/eyfL2hGDL0d5EhGDZJSX9acP45PoRy/uRCd+jyjmyvil++dnkWbZ7MOA0VHkEYMPfqiuT3+JmOafRCe6V/Pfun9+dpKV4vXBeJRP7jz52YwXkojTIik7uhudeDmiaEbVySL/bk1+5K1447VvqvH/0Yvj6MSPH8ej6MeDaReL/M9PsuzN4uvfPitnkEck41F+OG23UDT29lAAAAAAAAAAAAAAAAAAAAAAALjxjrO57vL5ObPTAI+P6+un5wM1as4Hqk74GS+dr3Mny7LZMT6jvBllfhqvpJE+18kDAAAAAAAAAAAAAAAAAADAv8Tw8acXH/X7vcuV4PtivaQmqN7oj6okXapKV6u291MTXHwXsXvWswTRqIbWT67cYjahZ+4w3dz4cLXk263TOarrJw42rWHaj3LwX+2+CK/uNMFJUPyNdZ7trskm2dK4EcPH7fpNsrQzj6rncjmcBkebNu1qUNQsXWNjVuua9ljrxV2yWn/ZZjLj5nwxV9u0J09yqaR5zb8pa5J/5O8PAAAAAAAAAAAAAAAAAACwsHjpN36+UvnkuQwJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPZu8f3/8yC66yXrwbhK7tWlrwWHl8Oa23b3PE0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABuuD8DAAD//6EYVj0=")
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000280)='./bus\x00', 0x3c9c9b, 0x0, 0x0, 0x0, &(0x7f0000000140))
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x181403, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
mount$incfs(&(0x7f00000007c0)='.\x00', &(0x7f0000000800)='./bus\x00', &(0x7f0000000840), 0x1004002, 0x0)
dup3(r0, r1, 0x80000)

program did not crash
testing program (duration=45.217014642s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): memfd_create-pwritev-openat$selinux_policy-syz_mount_image$vfat-syz_mount_image$vfat-openat$kvm-ioctl$KVM_CREATE_VM-ioctl$KVM_SET_GUEST_DEBUG_x86-ioctl$KVM_RUN-mount$incfs-dup3
detailed listing:
executing program 0:
r0 = memfd_create(&(0x7f0000000ac0)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89c\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9cJ\x02\x00\x00\x00\x00\x00\x00!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc9\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\xa4(V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9bP\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93iz\xc0\x00\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1y\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)\x8f\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2E\x00\x00\x00\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\xb5\x13^\x13\xcb\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n>V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xe4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe55\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5\xefo\xb8\x8f]\x14\x1d', 0x6)
pwritev(r0, &(0x7f0000000600)=[{&(0x7f0000000180)="10e4a3c418c14b48233ae3c202c14454027bca39511357f7000000000000", 0x1e}, {0x0}, {0x0}, {&(0x7f0000000480)="5327b62001931eecbef03e5324c6b3cf849c60556c902db8c0185dedd3c8f34cf4fb7373ce675f4a2fbbda7c143b98a3a1470e5d1437f84976ef8ddf40d9e327c7286668d919d9f8b82fffab62aeacb4ece0898d73fe343a344680881608edefdc88c47d47cecc27b55abd0788775c1630dbaa52a49a96fd5ebb9a77687f72b4d08228c8cdcaefb670b0b6961fcb2c6d8bb621d2666401d39ca58e35c4ec49a8721924b40f7492b5157aeae53438f9d4c701988ff0697558f9df80ff3eed50ff08e0fa2bcc52877651b16e8e3ceda366dcbae7982ca9c3f11a368738831b54cdc16952a0c596a77f4d372e0e4f8c8dc7a7287daef1eee18f7e9c38ef954bfbed44e2675b064c4eabe03624e594f87e54a35d8e718d7cde66b2e9417f05b2421e2e7616c1ea321d10e940354aa219285aa675c16e46fc1ec8c103af4b530146ea812fde604f230d5678cf1801", 0x14c}, {&(0x7f0000000200)="b93eee414941b23f7e236a513d8617bc6281d3b018a87b1ffb522034547f5646dffd32b668a062ef912bf5a197e32ca7db6cf716f67daf54fb5ef95d5505f6d67dc42c4eeacc54f1b90b36f6e9205469da4c37407584891e748eaaef6008b191c329ea83c6d68d85792e0000000000000053caba1870d9d9ca89b023ac43ccdcdcfa87c713ad96a3c347d319b9b75db353bd453f02a13494555ce22329d00ac4d0420dfb9efd378381ad2974144e8bb7ee1ae2ef2b4530bc64fb83a449cf4c4337269d49e099fa6135383d8a931850f8302e09fe92b5c309a6f70197fcc535", 0xdf}, {&(0x7f0000000300)}, {&(0x7f0000000380)="5016cf957341f1309660144f05a4c852b7c91d465959679f46274313d42623a941d53dda228a21cfe2d24324e88452b9a5826f74c9aa4fa5812d9b4d91a93f16302922ec7c1b3c24d380b5096f3f1ade3e646c935db9811d60cad83d8ce1fcf5062841d4", 0x64}], 0x7, 0x0, 0x0)
r1 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x2808080, &(0x7f0000000440)=ANY=[@ANYBLOB="696f636861727365743d6b6f69382d72752c6e6f6e756d7461696c3d302c756e695f786c6174653d302c73686f72746e616d653d77696e6e742c73686f72746e616d653d77696e39352c636f6465706167653d3835302c0072726f72733d72656d6f756e742d726f2c757466383d302c73686f72746e616d653d6d697865642c73686f72746e616d643d77696e39352c696f636861327384743d69736f383835392d31352c73686f72746e616d653d6c6f7765722c73686f72746e616d653d77696e39352c756e695f786c6174653d312c00"], 0x81, 0x2ba, &(0x7f0000000a40)="$eJzs3c+KI0UYAPCvJ51MRmWTgydZsEEPnoadfYIdZITFOSl90IuKmwWZhIUJBFbBuCfvgifBR/AdfAAvvoEHj4I39yC2JN35O524kTGr4+93ma+r6quuqq6ZgUBXPrw9uHjwaPjwya2fot1O4uBe3IunSXTjIGa+iIX2rQAA/uOeFkX8WpQiWlvbptP6olNe3T7YzwgBgOu2+v8fAPg/ePe9998+PT8/eyfL2hGDL0d5EhGDZJSX9acP45PoRy/uRCd+jyjmyvil++dnkWbZ7MOA0VHkEYMPfqiuT3+JmOafRCe6V/Pfun9+dpKV4vXBeJRP7jz52YwXkojTIik7uhudeDmiaEbVySL/bk1+5K1447VvqvH/0Yvj6MSPH8ej6MeDaReL/M9PsuzN4uvfPitnkEck41F+OG23UDT29lAAAAAAAAAAAAAAAAAAAAAAALjxjrO57vL5ObPTAI+P6+un5wM1as4Hqk74GS+dr3Mny7LZMT6jvBllfhqvpJE+18kDAAAAAAAAAAAAAAAAAADAv8Tw8acXH/X7vcuV4PtivaQmqN7oj6okXapKV6u291MTXHwXsXvWswTRqIbWT67cYjahZ+4w3dz4cLXk263TOarrJw42rWHaj3LwX+2+CK/uNMFJUPyNdZ7trskm2dK4EcPH7fpNsrQzj6rncjmcBkebNu1qUNQsXWNjVuua9ljrxV2yWn/ZZjLj5nwxV9u0J09yqaR5zb8pa5J/5O8PAAAAAAAAAAAAAAAAAACwsHjpN36+UvnkuQwJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPZu8f3/8yC66yXrwbhK7tWlrwWHl8Oa23b3PE0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABuuD8DAAD//6EYVj0=")
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000280)='./bus\x00', 0x3c9c9b, 0x0, 0x0, 0x0, &(0x7f0000000140))
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x181403, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_GUEST_DEBUG_x86(0xffffffffffffffff, 0x4048ae9b, &(0x7f0000000300)={0x9f634221288b0807, 0x0, {[0x4, 0x3, 0x7fffdfff, 0x800000000005, 0x100000000, 0x9, 0xfffffffffffffffe, 0x2012]}})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
mount$incfs(&(0x7f00000007c0)='.\x00', &(0x7f0000000800)='./bus\x00', &(0x7f0000000840), 0x1004002, 0x0)
dup3(r0, r1, 0x80000)

program crashed: KASAN: null-ptr-deref Write in vfs_rmdir
testing program (duration=45.217014642s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): memfd_create-pwritev-openat$selinux_policy-syz_mount_image$vfat-syz_mount_image$vfat-openat$kvm-ioctl$KVM_SET_GUEST_DEBUG_x86-ioctl$KVM_RUN-mount$incfs-dup3
detailed listing:
executing program 0:
r0 = memfd_create(&(0x7f0000000ac0)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89c\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9cJ\x02\x00\x00\x00\x00\x00\x00!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc9\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\xa4(V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9bP\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93iz\xc0\x00\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1y\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)\x8f\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2E\x00\x00\x00\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\xb5\x13^\x13\xcb\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n>V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xe4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe55\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5\xefo\xb8\x8f]\x14\x1d', 0x6)
pwritev(r0, &(0x7f0000000600)=[{&(0x7f0000000180)="10e4a3c418c14b48233ae3c202c14454027bca39511357f7000000000000", 0x1e}, {0x0}, {0x0}, {&(0x7f0000000480)="5327b62001931eecbef03e5324c6b3cf849c60556c902db8c0185dedd3c8f34cf4fb7373ce675f4a2fbbda7c143b98a3a1470e5d1437f84976ef8ddf40d9e327c7286668d919d9f8b82fffab62aeacb4ece0898d73fe343a344680881608edefdc88c47d47cecc27b55abd0788775c1630dbaa52a49a96fd5ebb9a77687f72b4d08228c8cdcaefb670b0b6961fcb2c6d8bb621d2666401d39ca58e35c4ec49a8721924b40f7492b5157aeae53438f9d4c701988ff0697558f9df80ff3eed50ff08e0fa2bcc52877651b16e8e3ceda366dcbae7982ca9c3f11a368738831b54cdc16952a0c596a77f4d372e0e4f8c8dc7a7287daef1eee18f7e9c38ef954bfbed44e2675b064c4eabe03624e594f87e54a35d8e718d7cde66b2e9417f05b2421e2e7616c1ea321d10e940354aa219285aa675c16e46fc1ec8c103af4b530146ea812fde604f230d5678cf1801", 0x14c}, {&(0x7f0000000200)="b93eee414941b23f7e236a513d8617bc6281d3b018a87b1ffb522034547f5646dffd32b668a062ef912bf5a197e32ca7db6cf716f67daf54fb5ef95d5505f6d67dc42c4eeacc54f1b90b36f6e9205469da4c37407584891e748eaaef6008b191c329ea83c6d68d85792e0000000000000053caba1870d9d9ca89b023ac43ccdcdcfa87c713ad96a3c347d319b9b75db353bd453f02a13494555ce22329d00ac4d0420dfb9efd378381ad2974144e8bb7ee1ae2ef2b4530bc64fb83a449cf4c4337269d49e099fa6135383d8a931850f8302e09fe92b5c309a6f70197fcc535", 0xdf}, {&(0x7f0000000300)}, {&(0x7f0000000380)="5016cf957341f1309660144f05a4c852b7c91d465959679f46274313d42623a941d53dda228a21cfe2d24324e88452b9a5826f74c9aa4fa5812d9b4d91a93f16302922ec7c1b3c24d380b5096f3f1ade3e646c935db9811d60cad83d8ce1fcf5062841d4", 0x64}], 0x7, 0x0, 0x0)
r1 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x2808080, &(0x7f0000000440)=ANY=[@ANYBLOB="696f636861727365743d6b6f69382d72752c6e6f6e756d7461696c3d302c756e695f786c6174653d302c73686f72746e616d653d77696e6e742c73686f72746e616d653d77696e39352c636f6465706167653d3835302c0072726f72733d72656d6f756e742d726f2c757466383d302c73686f72746e616d653d6d697865642c73686f72746e616d643d77696e39352c696f636861327384743d69736f383835392d31352c73686f72746e616d653d6c6f7765722c73686f72746e616d653d77696e39352c756e695f786c6174653d312c00"], 0x81, 0x2ba, &(0x7f0000000a40)="$eJzs3c+KI0UYAPCvJ51MRmWTgydZsEEPnoadfYIdZITFOSl90IuKmwWZhIUJBFbBuCfvgifBR/AdfAAvvoEHj4I39yC2JN35O524kTGr4+93ma+r6quuqq6ZgUBXPrw9uHjwaPjwya2fot1O4uBe3IunSXTjIGa+iIX2rQAA/uOeFkX8WpQiWlvbptP6olNe3T7YzwgBgOu2+v8fAPg/ePe9998+PT8/eyfL2hGDL0d5EhGDZJSX9acP45PoRy/uRCd+jyjmyvil++dnkWbZ7MOA0VHkEYMPfqiuT3+JmOafRCe6V/Pfun9+dpKV4vXBeJRP7jz52YwXkojTIik7uhudeDmiaEbVySL/bk1+5K1447VvqvH/0Yvj6MSPH8ej6MeDaReL/M9PsuzN4uvfPitnkEck41F+OG23UDT29lAAAAAAAAAAAAAAAAAAAAAAALjxjrO57vL5ObPTAI+P6+un5wM1as4Hqk74GS+dr3Mny7LZMT6jvBllfhqvpJE+18kDAAAAAAAAAAAAAAAAAADAv8Tw8acXH/X7vcuV4PtivaQmqN7oj6okXapKV6u291MTXHwXsXvWswTRqIbWT67cYjahZ+4w3dz4cLXk263TOarrJw42rWHaj3LwX+2+CK/uNMFJUPyNdZ7trskm2dK4EcPH7fpNsrQzj6rncjmcBkebNu1qUNQsXWNjVuua9ljrxV2yWn/ZZjLj5nwxV9u0J09yqaR5zb8pa5J/5O8PAAAAAAAAAAAAAAAAAACwsHjpN36+UvnkuQwJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPZu8f3/8yC66yXrwbhK7tWlrwWHl8Oa23b3PE0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABuuD8DAAD//6EYVj0=")
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000280)='./bus\x00', 0x3c9c9b, 0x0, 0x0, 0x0, &(0x7f0000000140))
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x181403, 0x0)
ioctl$KVM_SET_GUEST_DEBUG_x86(0xffffffffffffffff, 0x4048ae9b, &(0x7f0000000300)={0x9f634221288b0807, 0x0, {[0x4, 0x3, 0x7fffdfff, 0x800000000005, 0x100000000, 0x9, 0xfffffffffffffffe, 0x2012]}})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
mount$incfs(&(0x7f00000007c0)='.\x00', &(0x7f0000000800)='./bus\x00', &(0x7f0000000840), 0x1004002, 0x0)
dup3(r0, r1, 0x80000)

program crashed: KASAN: null-ptr-deref Write in vfs_rmdir
testing program (duration=45.217014642s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): memfd_create-pwritev-openat$selinux_policy-syz_mount_image$vfat-syz_mount_image$vfat-ioctl$KVM_SET_GUEST_DEBUG_x86-ioctl$KVM_RUN-mount$incfs-dup3
detailed listing:
executing program 0:
r0 = memfd_create(&(0x7f0000000ac0)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89c\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9cJ\x02\x00\x00\x00\x00\x00\x00!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc9\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\xa4(V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9bP\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93iz\xc0\x00\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1y\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)\x8f\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2E\x00\x00\x00\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\xb5\x13^\x13\xcb\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n>V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xe4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe55\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5\xefo\xb8\x8f]\x14\x1d', 0x6)
pwritev(r0, &(0x7f0000000600)=[{&(0x7f0000000180)="10e4a3c418c14b48233ae3c202c14454027bca39511357f7000000000000", 0x1e}, {0x0}, {0x0}, {&(0x7f0000000480)="5327b62001931eecbef03e5324c6b3cf849c60556c902db8c0185dedd3c8f34cf4fb7373ce675f4a2fbbda7c143b98a3a1470e5d1437f84976ef8ddf40d9e327c7286668d919d9f8b82fffab62aeacb4ece0898d73fe343a344680881608edefdc88c47d47cecc27b55abd0788775c1630dbaa52a49a96fd5ebb9a77687f72b4d08228c8cdcaefb670b0b6961fcb2c6d8bb621d2666401d39ca58e35c4ec49a8721924b40f7492b5157aeae53438f9d4c701988ff0697558f9df80ff3eed50ff08e0fa2bcc52877651b16e8e3ceda366dcbae7982ca9c3f11a368738831b54cdc16952a0c596a77f4d372e0e4f8c8dc7a7287daef1eee18f7e9c38ef954bfbed44e2675b064c4eabe03624e594f87e54a35d8e718d7cde66b2e9417f05b2421e2e7616c1ea321d10e940354aa219285aa675c16e46fc1ec8c103af4b530146ea812fde604f230d5678cf1801", 0x14c}, {&(0x7f0000000200)="b93eee414941b23f7e236a513d8617bc6281d3b018a87b1ffb522034547f5646dffd32b668a062ef912bf5a197e32ca7db6cf716f67daf54fb5ef95d5505f6d67dc42c4eeacc54f1b90b36f6e9205469da4c37407584891e748eaaef6008b191c329ea83c6d68d85792e0000000000000053caba1870d9d9ca89b023ac43ccdcdcfa87c713ad96a3c347d319b9b75db353bd453f02a13494555ce22329d00ac4d0420dfb9efd378381ad2974144e8bb7ee1ae2ef2b4530bc64fb83a449cf4c4337269d49e099fa6135383d8a931850f8302e09fe92b5c309a6f70197fcc535", 0xdf}, {&(0x7f0000000300)}, {&(0x7f0000000380)="5016cf957341f1309660144f05a4c852b7c91d465959679f46274313d42623a941d53dda228a21cfe2d24324e88452b9a5826f74c9aa4fa5812d9b4d91a93f16302922ec7c1b3c24d380b5096f3f1ade3e646c935db9811d60cad83d8ce1fcf5062841d4", 0x64}], 0x7, 0x0, 0x0)
r1 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x2808080, &(0x7f0000000440)=ANY=[@ANYBLOB="696f636861727365743d6b6f69382d72752c6e6f6e756d7461696c3d302c756e695f786c6174653d302c73686f72746e616d653d77696e6e742c73686f72746e616d653d77696e39352c636f6465706167653d3835302c0072726f72733d72656d6f756e742d726f2c757466383d302c73686f72746e616d653d6d697865642c73686f72746e616d643d77696e39352c696f636861327384743d69736f383835392d31352c73686f72746e616d653d6c6f7765722c73686f72746e616d653d77696e39352c756e695f786c6174653d312c00"], 0x81, 0x2ba, &(0x7f0000000a40)="$eJzs3c+KI0UYAPCvJ51MRmWTgydZsEEPnoadfYIdZITFOSl90IuKmwWZhIUJBFbBuCfvgifBR/AdfAAvvoEHj4I39yC2JN35O524kTGr4+93ma+r6quuqq6ZgUBXPrw9uHjwaPjwya2fot1O4uBe3IunSXTjIGa+iIX2rQAA/uOeFkX8WpQiWlvbptP6olNe3T7YzwgBgOu2+v8fAPg/ePe9998+PT8/eyfL2hGDL0d5EhGDZJSX9acP45PoRy/uRCd+jyjmyvil++dnkWbZ7MOA0VHkEYMPfqiuT3+JmOafRCe6V/Pfun9+dpKV4vXBeJRP7jz52YwXkojTIik7uhudeDmiaEbVySL/bk1+5K1447VvqvH/0Yvj6MSPH8ej6MeDaReL/M9PsuzN4uvfPitnkEck41F+OG23UDT29lAAAAAAAAAAAAAAAAAAAAAAALjxjrO57vL5ObPTAI+P6+un5wM1as4Hqk74GS+dr3Mny7LZMT6jvBllfhqvpJE+18kDAAAAAAAAAAAAAAAAAADAv8Tw8acXH/X7vcuV4PtivaQmqN7oj6okXapKV6u291MTXHwXsXvWswTRqIbWT67cYjahZ+4w3dz4cLXk263TOarrJw42rWHaj3LwX+2+CK/uNMFJUPyNdZ7trskm2dK4EcPH7fpNsrQzj6rncjmcBkebNu1qUNQsXWNjVuua9ljrxV2yWn/ZZjLj5nwxV9u0J09yqaR5zb8pa5J/5O8PAAAAAAAAAAAAAAAAAACwsHjpN36+UvnkuQwJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPZu8f3/8yC66yXrwbhK7tWlrwWHl8Oa23b3PE0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABuuD8DAAD//6EYVj0=")
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000280)='./bus\x00', 0x3c9c9b, 0x0, 0x0, 0x0, &(0x7f0000000140))
ioctl$KVM_SET_GUEST_DEBUG_x86(0xffffffffffffffff, 0x4048ae9b, &(0x7f0000000300)={0x9f634221288b0807, 0x0, {[0x4, 0x3, 0x7fffdfff, 0x800000000005, 0x100000000, 0x9, 0xfffffffffffffffe, 0x2012]}})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
mount$incfs(&(0x7f00000007c0)='.\x00', &(0x7f0000000800)='./bus\x00', &(0x7f0000000840), 0x1004002, 0x0)
dup3(r0, r1, 0x80000)

program did not crash
testing program (duration=45.217014642s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): memfd_create-pwritev-openat$selinux_policy-syz_mount_image$vfat-openat$kvm-ioctl$KVM_SET_GUEST_DEBUG_x86-ioctl$KVM_RUN-mount$incfs-dup3
detailed listing:
executing program 0:
r0 = memfd_create(&(0x7f0000000ac0)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89c\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9cJ\x02\x00\x00\x00\x00\x00\x00!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc9\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\xa4(V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9bP\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93iz\xc0\x00\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1y\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)\x8f\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2E\x00\x00\x00\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\xb5\x13^\x13\xcb\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n>V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xe4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe55\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5\xefo\xb8\x8f]\x14\x1d', 0x6)
pwritev(r0, &(0x7f0000000600)=[{&(0x7f0000000180)="10e4a3c418c14b48233ae3c202c14454027bca39511357f7000000000000", 0x1e}, {0x0}, {0x0}, {&(0x7f0000000480)="5327b62001931eecbef03e5324c6b3cf849c60556c902db8c0185dedd3c8f34cf4fb7373ce675f4a2fbbda7c143b98a3a1470e5d1437f84976ef8ddf40d9e327c7286668d919d9f8b82fffab62aeacb4ece0898d73fe343a344680881608edefdc88c47d47cecc27b55abd0788775c1630dbaa52a49a96fd5ebb9a77687f72b4d08228c8cdcaefb670b0b6961fcb2c6d8bb621d2666401d39ca58e35c4ec49a8721924b40f7492b5157aeae53438f9d4c701988ff0697558f9df80ff3eed50ff08e0fa2bcc52877651b16e8e3ceda366dcbae7982ca9c3f11a368738831b54cdc16952a0c596a77f4d372e0e4f8c8dc7a7287daef1eee18f7e9c38ef954bfbed44e2675b064c4eabe03624e594f87e54a35d8e718d7cde66b2e9417f05b2421e2e7616c1ea321d10e940354aa219285aa675c16e46fc1ec8c103af4b530146ea812fde604f230d5678cf1801", 0x14c}, {&(0x7f0000000200)="b93eee414941b23f7e236a513d8617bc6281d3b018a87b1ffb522034547f5646dffd32b668a062ef912bf5a197e32ca7db6cf716f67daf54fb5ef95d5505f6d67dc42c4eeacc54f1b90b36f6e9205469da4c37407584891e748eaaef6008b191c329ea83c6d68d85792e0000000000000053caba1870d9d9ca89b023ac43ccdcdcfa87c713ad96a3c347d319b9b75db353bd453f02a13494555ce22329d00ac4d0420dfb9efd378381ad2974144e8bb7ee1ae2ef2b4530bc64fb83a449cf4c4337269d49e099fa6135383d8a931850f8302e09fe92b5c309a6f70197fcc535", 0xdf}, {&(0x7f0000000300)}, {&(0x7f0000000380)="5016cf957341f1309660144f05a4c852b7c91d465959679f46274313d42623a941d53dda228a21cfe2d24324e88452b9a5826f74c9aa4fa5812d9b4d91a93f16302922ec7c1b3c24d380b5096f3f1ade3e646c935db9811d60cad83d8ce1fcf5062841d4", 0x64}], 0x7, 0x0, 0x0)
r1 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x2808080, &(0x7f0000000440)=ANY=[@ANYBLOB="696f636861727365743d6b6f69382d72752c6e6f6e756d7461696c3d302c756e695f786c6174653d302c73686f72746e616d653d77696e6e742c73686f72746e616d653d77696e39352c636f6465706167653d3835302c0072726f72733d72656d6f756e742d726f2c757466383d302c73686f72746e616d653d6d697865642c73686f72746e616d643d77696e39352c696f636861327384743d69736f383835392d31352c73686f72746e616d653d6c6f7765722c73686f72746e616d653d77696e39352c756e695f786c6174653d312c00"], 0x81, 0x2ba, &(0x7f0000000a40)="$eJzs3c+KI0UYAPCvJ51MRmWTgydZsEEPnoadfYIdZITFOSl90IuKmwWZhIUJBFbBuCfvgifBR/AdfAAvvoEHj4I39yC2JN35O524kTGr4+93ma+r6quuqq6ZgUBXPrw9uHjwaPjwya2fot1O4uBe3IunSXTjIGa+iIX2rQAA/uOeFkX8WpQiWlvbptP6olNe3T7YzwgBgOu2+v8fAPg/ePe9998+PT8/eyfL2hGDL0d5EhGDZJSX9acP45PoRy/uRCd+jyjmyvil++dnkWbZ7MOA0VHkEYMPfqiuT3+JmOafRCe6V/Pfun9+dpKV4vXBeJRP7jz52YwXkojTIik7uhudeDmiaEbVySL/bk1+5K1447VvqvH/0Yvj6MSPH8ej6MeDaReL/M9PsuzN4uvfPitnkEck41F+OG23UDT29lAAAAAAAAAAAAAAAAAAAAAAALjxjrO57vL5ObPTAI+P6+un5wM1as4Hqk74GS+dr3Mny7LZMT6jvBllfhqvpJE+18kDAAAAAAAAAAAAAAAAAADAv8Tw8acXH/X7vcuV4PtivaQmqN7oj6okXapKV6u291MTXHwXsXvWswTRqIbWT67cYjahZ+4w3dz4cLXk263TOarrJw42rWHaj3LwX+2+CK/uNMFJUPyNdZ7trskm2dK4EcPH7fpNsrQzj6rncjmcBkebNu1qUNQsXWNjVuua9ljrxV2yWn/ZZjLj5nwxV9u0J09yqaR5zb8pa5J/5O8PAAAAAAAAAAAAAAAAAACwsHjpN36+UvnkuQwJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPZu8f3/8yC66yXrwbhK7tWlrwWHl8Oa23b3PE0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABuuD8DAAD//6EYVj0=")
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x181403, 0x0)
ioctl$KVM_SET_GUEST_DEBUG_x86(0xffffffffffffffff, 0x4048ae9b, &(0x7f0000000300)={0x9f634221288b0807, 0x0, {[0x4, 0x3, 0x7fffdfff, 0x800000000005, 0x100000000, 0x9, 0xfffffffffffffffe, 0x2012]}})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
mount$incfs(&(0x7f00000007c0)='.\x00', &(0x7f0000000800)='./bus\x00', &(0x7f0000000840), 0x1004002, 0x0)
dup3(r0, r1, 0x80000)

program did not crash
testing program (duration=45.217014642s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): memfd_create-pwritev-openat$selinux_policy-syz_mount_image$vfat-openat$kvm-ioctl$KVM_SET_GUEST_DEBUG_x86-ioctl$KVM_RUN-mount$incfs-dup3
detailed listing:
executing program 0:
r0 = memfd_create(&(0x7f0000000ac0)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89c\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9cJ\x02\x00\x00\x00\x00\x00\x00!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc9\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\xa4(V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9bP\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93iz\xc0\x00\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1y\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)\x8f\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2E\x00\x00\x00\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\xb5\x13^\x13\xcb\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n>V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xe4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe55\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5\xefo\xb8\x8f]\x14\x1d', 0x6)
pwritev(r0, &(0x7f0000000600)=[{&(0x7f0000000180)="10e4a3c418c14b48233ae3c202c14454027bca39511357f7000000000000", 0x1e}, {0x0}, {0x0}, {&(0x7f0000000480)="5327b62001931eecbef03e5324c6b3cf849c60556c902db8c0185dedd3c8f34cf4fb7373ce675f4a2fbbda7c143b98a3a1470e5d1437f84976ef8ddf40d9e327c7286668d919d9f8b82fffab62aeacb4ece0898d73fe343a344680881608edefdc88c47d47cecc27b55abd0788775c1630dbaa52a49a96fd5ebb9a77687f72b4d08228c8cdcaefb670b0b6961fcb2c6d8bb621d2666401d39ca58e35c4ec49a8721924b40f7492b5157aeae53438f9d4c701988ff0697558f9df80ff3eed50ff08e0fa2bcc52877651b16e8e3ceda366dcbae7982ca9c3f11a368738831b54cdc16952a0c596a77f4d372e0e4f8c8dc7a7287daef1eee18f7e9c38ef954bfbed44e2675b064c4eabe03624e594f87e54a35d8e718d7cde66b2e9417f05b2421e2e7616c1ea321d10e940354aa219285aa675c16e46fc1ec8c103af4b530146ea812fde604f230d5678cf1801", 0x14c}, {&(0x7f0000000200)="b93eee414941b23f7e236a513d8617bc6281d3b018a87b1ffb522034547f5646dffd32b668a062ef912bf5a197e32ca7db6cf716f67daf54fb5ef95d5505f6d67dc42c4eeacc54f1b90b36f6e9205469da4c37407584891e748eaaef6008b191c329ea83c6d68d85792e0000000000000053caba1870d9d9ca89b023ac43ccdcdcfa87c713ad96a3c347d319b9b75db353bd453f02a13494555ce22329d00ac4d0420dfb9efd378381ad2974144e8bb7ee1ae2ef2b4530bc64fb83a449cf4c4337269d49e099fa6135383d8a931850f8302e09fe92b5c309a6f70197fcc535", 0xdf}, {&(0x7f0000000300)}, {&(0x7f0000000380)="5016cf957341f1309660144f05a4c852b7c91d465959679f46274313d42623a941d53dda228a21cfe2d24324e88452b9a5826f74c9aa4fa5812d9b4d91a93f16302922ec7c1b3c24d380b5096f3f1ade3e646c935db9811d60cad83d8ce1fcf5062841d4", 0x64}], 0x7, 0x0, 0x0)
r1 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000280)='./bus\x00', 0x3c9c9b, 0x0, 0x0, 0x0, &(0x7f0000000140))
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x181403, 0x0)
ioctl$KVM_SET_GUEST_DEBUG_x86(0xffffffffffffffff, 0x4048ae9b, &(0x7f0000000300)={0x9f634221288b0807, 0x0, {[0x4, 0x3, 0x7fffdfff, 0x800000000005, 0x100000000, 0x9, 0xfffffffffffffffe, 0x2012]}})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
mount$incfs(&(0x7f00000007c0)='.\x00', &(0x7f0000000800)='./bus\x00', &(0x7f0000000840), 0x1004002, 0x0)
dup3(r0, r1, 0x80000)

program crashed: KASAN: null-ptr-deref Write in vfs_rmdir
testing program (duration=45.217014642s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): memfd_create-pwritev-syz_mount_image$vfat-openat$kvm-ioctl$KVM_SET_GUEST_DEBUG_x86-ioctl$KVM_RUN-mount$incfs-dup3
detailed listing:
executing program 0:
r0 = memfd_create(&(0x7f0000000ac0)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89c\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9cJ\x02\x00\x00\x00\x00\x00\x00!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc9\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\xa4(V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9bP\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93iz\xc0\x00\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1y\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)\x8f\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2E\x00\x00\x00\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\xb5\x13^\x13\xcb\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n>V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xe4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe55\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5\xefo\xb8\x8f]\x14\x1d', 0x6)
pwritev(r0, &(0x7f0000000600)=[{&(0x7f0000000180)="10e4a3c418c14b48233ae3c202c14454027bca39511357f7000000000000", 0x1e}, {0x0}, {0x0}, {&(0x7f0000000480)="5327b62001931eecbef03e5324c6b3cf849c60556c902db8c0185dedd3c8f34cf4fb7373ce675f4a2fbbda7c143b98a3a1470e5d1437f84976ef8ddf40d9e327c7286668d919d9f8b82fffab62aeacb4ece0898d73fe343a344680881608edefdc88c47d47cecc27b55abd0788775c1630dbaa52a49a96fd5ebb9a77687f72b4d08228c8cdcaefb670b0b6961fcb2c6d8bb621d2666401d39ca58e35c4ec49a8721924b40f7492b5157aeae53438f9d4c701988ff0697558f9df80ff3eed50ff08e0fa2bcc52877651b16e8e3ceda366dcbae7982ca9c3f11a368738831b54cdc16952a0c596a77f4d372e0e4f8c8dc7a7287daef1eee18f7e9c38ef954bfbed44e2675b064c4eabe03624e594f87e54a35d8e718d7cde66b2e9417f05b2421e2e7616c1ea321d10e940354aa219285aa675c16e46fc1ec8c103af4b530146ea812fde604f230d5678cf1801", 0x14c}, {&(0x7f0000000200)="b93eee414941b23f7e236a513d8617bc6281d3b018a87b1ffb522034547f5646dffd32b668a062ef912bf5a197e32ca7db6cf716f67daf54fb5ef95d5505f6d67dc42c4eeacc54f1b90b36f6e9205469da4c37407584891e748eaaef6008b191c329ea83c6d68d85792e0000000000000053caba1870d9d9ca89b023ac43ccdcdcfa87c713ad96a3c347d319b9b75db353bd453f02a13494555ce22329d00ac4d0420dfb9efd378381ad2974144e8bb7ee1ae2ef2b4530bc64fb83a449cf4c4337269d49e099fa6135383d8a931850f8302e09fe92b5c309a6f70197fcc535", 0xdf}, {&(0x7f0000000300)}, {&(0x7f0000000380)="5016cf957341f1309660144f05a4c852b7c91d465959679f46274313d42623a941d53dda228a21cfe2d24324e88452b9a5826f74c9aa4fa5812d9b4d91a93f16302922ec7c1b3c24d380b5096f3f1ade3e646c935db9811d60cad83d8ce1fcf5062841d4", 0x64}], 0x7, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000280)='./bus\x00', 0x3c9c9b, 0x0, 0x0, 0x0, &(0x7f0000000140))
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x181403, 0x0)
ioctl$KVM_SET_GUEST_DEBUG_x86(0xffffffffffffffff, 0x4048ae9b, &(0x7f0000000300)={0x9f634221288b0807, 0x0, {[0x4, 0x3, 0x7fffdfff, 0x800000000005, 0x100000000, 0x9, 0xfffffffffffffffe, 0x2012]}})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
mount$incfs(&(0x7f00000007c0)='.\x00', &(0x7f0000000800)='./bus\x00', &(0x7f0000000840), 0x1004002, 0x0)
dup3(r0, 0xffffffffffffffff, 0x80000)

program crashed: KASAN: null-ptr-deref Write in vfs_rmdir
testing program (duration=45.217014642s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): memfd_create-syz_mount_image$vfat-openat$kvm-ioctl$KVM_SET_GUEST_DEBUG_x86-ioctl$KVM_RUN-mount$incfs-dup3
detailed listing:
executing program 0:
r0 = memfd_create(&(0x7f0000000ac0)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89c\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9cJ\x02\x00\x00\x00\x00\x00\x00!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc9\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\xa4(V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9bP\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93iz\xc0\x00\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1y\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)\x8f\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2E\x00\x00\x00\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\xb5\x13^\x13\xcb\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n>V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xe4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe55\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5\xefo\xb8\x8f]\x14\x1d', 0x6)
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000280)='./bus\x00', 0x3c9c9b, 0x0, 0x0, 0x0, &(0x7f0000000140))
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x181403, 0x0)
ioctl$KVM_SET_GUEST_DEBUG_x86(0xffffffffffffffff, 0x4048ae9b, &(0x7f0000000300)={0x9f634221288b0807, 0x0, {[0x4, 0x3, 0x7fffdfff, 0x800000000005, 0x100000000, 0x9, 0xfffffffffffffffe, 0x2012]}})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
mount$incfs(&(0x7f00000007c0)='.\x00', &(0x7f0000000800)='./bus\x00', &(0x7f0000000840), 0x1004002, 0x0)
dup3(r0, 0xffffffffffffffff, 0x80000)

program crashed: KASAN: null-ptr-deref Write in vfs_rmdir
testing program (duration=45.217014642s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$vfat-openat$kvm-ioctl$KVM_SET_GUEST_DEBUG_x86-ioctl$KVM_RUN-mount$incfs-dup3
detailed listing:
executing program 0:
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000280)='./bus\x00', 0x3c9c9b, 0x0, 0x0, 0x0, &(0x7f0000000140))
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x181403, 0x0)
ioctl$KVM_SET_GUEST_DEBUG_x86(0xffffffffffffffff, 0x4048ae9b, &(0x7f0000000300)={0x9f634221288b0807, 0x0, {[0x4, 0x3, 0x7fffdfff, 0x800000000005, 0x100000000, 0x9, 0xfffffffffffffffe, 0x2012]}})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
mount$incfs(&(0x7f00000007c0)='.\x00', &(0x7f0000000800)='./bus\x00', &(0x7f0000000840), 0x1004002, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x80000)

program crashed: KASAN: null-ptr-deref Write in vfs_rmdir
testing program (duration=45.217014642s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$vfat-openat$kvm-ioctl$KVM_SET_GUEST_DEBUG_x86-ioctl$KVM_RUN-mount$incfs-dup3
detailed listing:
executing program 0:
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000280)='./bus\x00', 0x3c9c9b, 0x0, 0x0, 0x0, &(0x7f0000000140))
openat$kvm(0xffffffffffffff9c, 0x0, 0x181403, 0x0)
ioctl$KVM_SET_GUEST_DEBUG_x86(0xffffffffffffffff, 0x4048ae9b, &(0x7f0000000300)={0x9f634221288b0807, 0x0, {[0x4, 0x3, 0x7fffdfff, 0x800000000005, 0x100000000, 0x9, 0xfffffffffffffffe, 0x2012]}})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
mount$incfs(&(0x7f00000007c0)='.\x00', &(0x7f0000000800)='./bus\x00', &(0x7f0000000840), 0x1004002, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x80000)

program crashed: KASAN: null-ptr-deref Write in vfs_rmdir
testing program (duration=45.217014642s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$vfat-openat$kvm-ioctl$KVM_SET_GUEST_DEBUG_x86-ioctl$KVM_RUN-mount$incfs-dup3
detailed listing:
executing program 0:
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000280)='./bus\x00', 0x3c9c9b, 0x0, 0x0, 0x0, &(0x7f0000000140))
openat$kvm(0xffffffffffffff9c, 0x0, 0x181403, 0x0)
ioctl$KVM_SET_GUEST_DEBUG_x86(0xffffffffffffffff, 0x4048ae9b, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
mount$incfs(&(0x7f00000007c0)='.\x00', &(0x7f0000000800)='./bus\x00', &(0x7f0000000840), 0x1004002, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x80000)

program crashed: KASAN: null-ptr-deref Write in vfs_rmdir
testing program (duration=45.217014642s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$vfat-openat$kvm-ioctl$KVM_SET_GUEST_DEBUG_x86-ioctl$KVM_RUN-mount$incfs-dup3
detailed listing:
executing program 0:
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000280)='./bus\x00', 0x3c9c9b, 0x0, 0x0, 0x0, &(0x7f0000000140))
openat$kvm(0xffffffffffffff9c, 0x0, 0x181403, 0x0)
ioctl$KVM_SET_GUEST_DEBUG_x86(0xffffffffffffffff, 0x4048ae9b, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
mount$incfs(0x0, &(0x7f0000000800)='./bus\x00', &(0x7f0000000840), 0x1004002, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x80000)

program did not crash
testing program (duration=45.217014642s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$vfat-openat$kvm-ioctl$KVM_SET_GUEST_DEBUG_x86-ioctl$KVM_RUN-mount$incfs-dup3
detailed listing:
executing program 0:
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000280)='./bus\x00', 0x3c9c9b, 0x0, 0x0, 0x0, &(0x7f0000000140))
openat$kvm(0xffffffffffffff9c, 0x0, 0x181403, 0x0)
ioctl$KVM_SET_GUEST_DEBUG_x86(0xffffffffffffffff, 0x4048ae9b, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
mount$incfs(&(0x7f00000007c0)='.\x00', 0x0, &(0x7f0000000840), 0x1004002, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x80000)

program did not crash
testing program (duration=45.217014642s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$vfat-openat$kvm-ioctl$KVM_SET_GUEST_DEBUG_x86-ioctl$KVM_RUN-mount$incfs-dup3
detailed listing:
executing program 0:
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000280)='./bus\x00', 0x3c9c9b, 0x0, 0x0, 0x0, &(0x7f0000000140))
openat$kvm(0xffffffffffffff9c, 0x0, 0x181403, 0x0)
ioctl$KVM_SET_GUEST_DEBUG_x86(0xffffffffffffffff, 0x4048ae9b, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
mount$incfs(&(0x7f00000007c0)='.\x00', &(0x7f0000000800)='./bus\x00', 0x0, 0x1004002, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x80000)

program did not crash
extracting C reproducer
testing compiled C program (duration=45.217014642s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$vfat-openat$kvm-ioctl$KVM_SET_GUEST_DEBUG_x86-ioctl$KVM_RUN-mount$incfs-dup3
program crashed: KASAN: null-ptr-deref Write in vfs_rmdir
simplifying C reproducer
testing compiled C program (duration=45.217014642s, {Threaded:false Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$vfat-openat$kvm-ioctl$KVM_SET_GUEST_DEBUG_x86-ioctl$KVM_RUN-mount$incfs-dup3
program crashed: KASAN: null-ptr-deref Write in vfs_rmdir
testing compiled C program (duration=45.217014642s, {Threaded:false Repeat:false RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:false Cgroups:false BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$vfat-openat$kvm-ioctl$KVM_SET_GUEST_DEBUG_x86-ioctl$KVM_RUN-mount$incfs-dup3
program did not crash
testing compiled C program (duration=45.217014642s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$vfat-openat$kvm-ioctl$KVM_SET_GUEST_DEBUG_x86-ioctl$KVM_RUN-mount$incfs-dup3
program crashed: KASAN: null-ptr-deref Write in vfs_rmdir
testing compiled C program (duration=45.217014642s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:false UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$vfat-openat$kvm-ioctl$KVM_SET_GUEST_DEBUG_x86-ioctl$KVM_RUN-mount$incfs-dup3
program did not crash
testing compiled C program (duration=45.217014642s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$vfat-openat$kvm-ioctl$KVM_SET_GUEST_DEBUG_x86-ioctl$KVM_RUN-mount$incfs-dup3
program crashed: KASAN: null-ptr-deref Write in vfs_rmdir
testing compiled C program (duration=45.217014642s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$vfat-openat$kvm-ioctl$KVM_SET_GUEST_DEBUG_x86-ioctl$KVM_RUN-mount$incfs-dup3
program crashed: KASAN: null-ptr-deref Write in vfs_rmdir
testing compiled C program (duration=45.217014642s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$vfat-openat$kvm-ioctl$KVM_SET_GUEST_DEBUG_x86-ioctl$KVM_RUN-mount$incfs-dup3
program crashed: KASAN: null-ptr-deref Write in vfs_rmdir
testing compiled C program (duration=45.217014642s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$vfat-openat$kvm-ioctl$KVM_SET_GUEST_DEBUG_x86-ioctl$KVM_RUN-mount$incfs-dup3
program crashed: KASAN: null-ptr-deref Write in vfs_rmdir
testing compiled C program (duration=45.217014642s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$vfat-openat$kvm-ioctl$KVM_SET_GUEST_DEBUG_x86-ioctl$KVM_RUN-mount$incfs-dup3
program crashed: KASAN: null-ptr-deref Write in vfs_rmdir
testing compiled C program (duration=45.217014642s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$vfat-openat$kvm-ioctl$KVM_SET_GUEST_DEBUG_x86-ioctl$KVM_RUN-mount$incfs-dup3
program crashed: KASAN: null-ptr-deref Write in vfs_rmdir
testing compiled C program (duration=45.217014642s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:false HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$vfat-openat$kvm-ioctl$KVM_SET_GUEST_DEBUG_x86-ioctl$KVM_RUN-mount$incfs-dup3
program did not crash
testing compiled C program (duration=45.217014642s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:false Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$vfat-openat$kvm-ioctl$KVM_SET_GUEST_DEBUG_x86-ioctl$KVM_RUN-mount$incfs-dup3
program did not crash
testing compiled C program (duration=45.217014642s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$vfat-openat$kvm-ioctl$KVM_SET_GUEST_DEBUG_x86-ioctl$KVM_RUN-mount$incfs-dup3
program crashed: KASAN: null-ptr-deref Write in vfs_rmdir
testing compiled C program (duration=45.217014642s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$vfat-openat$kvm-ioctl$KVM_SET_GUEST_DEBUG_x86-ioctl$KVM_RUN-mount$incfs-dup3
program crashed: KASAN: null-ptr-deref Write in vfs_rmdir
testing program (duration=45.217014642s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$vfat-openat$kvm-ioctl$KVM_SET_GUEST_DEBUG_x86-ioctl$KVM_RUN-mount$incfs-dup3
detailed listing:
executing program 0:
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000280)='./bus\x00', 0x3c9c9b, 0x0, 0x0, 0x0, &(0x7f0000000140))
openat$kvm(0xffffffffffffff9c, 0x0, 0x181403, 0x0)
ioctl$KVM_SET_GUEST_DEBUG_x86(0xffffffffffffffff, 0x4048ae9b, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
mount$incfs(&(0x7f00000007c0)='.\x00', &(0x7f0000000800)='./bus\x00', &(0x7f0000000840), 0x1004002, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x80000)

program crashed: KASAN: null-ptr-deref Write in vfs_rmdir
validation run: crashed=true
testing program (duration=45.217014642s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$vfat-openat$kvm-ioctl$KVM_SET_GUEST_DEBUG_x86-ioctl$KVM_RUN-mount$incfs-dup3
detailed listing:
executing program 0:
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000280)='./bus\x00', 0x3c9c9b, 0x0, 0x0, 0x0, &(0x7f0000000140))
openat$kvm(0xffffffffffffff9c, 0x0, 0x181403, 0x0)
ioctl$KVM_SET_GUEST_DEBUG_x86(0xffffffffffffffff, 0x4048ae9b, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
mount$incfs(&(0x7f00000007c0)='.\x00', &(0x7f0000000800)='./bus\x00', &(0x7f0000000840), 0x1004002, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x80000)

program crashed: KASAN: null-ptr-deref Write in vfs_rmdir
validation run: crashed=true
testing program (duration=45.217014642s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$vfat-openat$kvm-ioctl$KVM_SET_GUEST_DEBUG_x86-ioctl$KVM_RUN-mount$incfs-dup3
detailed listing:
executing program 0:
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000280)='./bus\x00', 0x3c9c9b, 0x0, 0x0, 0x0, &(0x7f0000000140))
openat$kvm(0xffffffffffffff9c, 0x0, 0x181403, 0x0)
ioctl$KVM_SET_GUEST_DEBUG_x86(0xffffffffffffffff, 0x4048ae9b, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
mount$incfs(&(0x7f00000007c0)='.\x00', &(0x7f0000000800)='./bus\x00', &(0x7f0000000840), 0x1004002, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x80000)

program crashed: KASAN: null-ptr-deref Write in vfs_rmdir
validation run: crashed=true
reproducing took 43m59.991700305s
repro crashed as (corrupted=false):
RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffed684fe00
RBP: 00007ffed684fe00 R08: 00007ffed6850e00 R09: 00000000ffffffff
R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffed6850e90
R13: 00007f724a1cf048 R14: 0000000000006e80 R15: 00007ffed6850ed0
---[ end trace d56719de1705cdff ]---
==================================================================
BUG: KASAN: null-ptr-deref in instrument_atomic_read_write include/linux/instrumented.h:101 [inline]
BUG: KASAN: null-ptr-deref in atomic_inc_return include/asm-generic/atomic-instrumented.h:250 [inline]
BUG: KASAN: null-ptr-deref in ihold+0x20/0x60 fs/inode.c:423
Write of size 4 at addr 0000000000000170 by task syz-executor/353

CPU: 0 PID: 353 Comm: syz-executor Tainted: G        W         syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
Call Trace:
 __dump_stack+0x21/0x24 lib/dump_stack.c:77
 dump_stack_lvl+0x1a7/0x208 lib/dump_stack.c:118
 __kasan_report mm/kasan/report.c:439 [inline]
 kasan_report+0xd8/0x130 mm/kasan/report.c:452
 check_region_inline mm/kasan/generic.c:-1 [inline]
 kasan_check_range+0x249/0x2a0 mm/kasan/generic.c:189
 __kasan_check_write+0x14/0x20 mm/kasan/shadow.c:37
 instrument_atomic_read_write include/linux/instrumented.h:101 [inline]
 atomic_inc_return include/asm-generic/atomic-instrumented.h:250 [inline]
 ihold+0x20/0x60 fs/inode.c:423
 d_delete_notify include/linux/fsnotify.h:264 [inline]
 vfs_rmdir+0x247/0x3e0 fs/namei.c:3873
 incfs_kill_sb+0xfe/0x210 fs/incfs/vfs.c:1973
 deactivate_locked_super+0xa0/0x100 fs/super.c:335
 deactivate_super+0xaf/0xe0 fs/super.c:366
 cleanup_mnt+0x45b/0x510 fs/namespace.c:1123
 __cleanup_mnt+0x19/0x20 fs/namespace.c:1130
 task_work_run+0x127/0x190 kernel/task_work.c:189
 tracehook_notify_resume include/linux/tracehook.h:188 [inline]
 exit_to_user_mode_loop+0xcb/0xe0 kernel/entry/common.c:172
 exit_to_user_mode_prepare+0x76/0xa0 kernel/entry/common.c:199
 syscall_exit_to_user_mode+0x1d/0x40 kernel/entry/common.c:274
 do_syscall_64+0x3d/0x40 arch/x86/entry/common.c:56
 entry_SYSCALL_64_after_hwframe+0x61/0xcb
RIP: 0033:0x7f724a13aa57
Code: a2 c7 05 9c fc 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
RSP: 002b:00007ffed684fd48 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f724a13aa57
RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffed684fe00
RBP: 00007ffed684fe00 R08: 00007ffed6850e00 R09: 00000000ffffffff
R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffed6850e90
R13: 00007f724a1cf048 R14: 0000000000006e80 R15: 00007ffed6850ed0
==================================================================
BUG: kernel NULL pointer dereference, address: 0000000000000170
#PF: supervisor write access in kernel mode
#PF: error_code(0x0002) - not-present page
PGD 11085c067 P4D 11085c067 PUD 0 
Oops: 0002 [#1] PREEMPT SMP KASAN
CPU: 0 PID: 353 Comm: syz-executor Tainted: G    B   W         syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
RIP: 0010:arch_atomic_add_return arch/x86/include/asm/atomic.h:165 [inline]
RIP: 0010:arch_atomic_inc_return include/linux/atomic-arch-fallback.h:286 [inline]
RIP: 0010:atomic_inc_return include/asm-generic/atomic-instrumented.h:251 [inline]
RIP: 0010:ihold+0x26/0x60 fs/inode.c:423
Code: 00 00 00 00 55 48 89 e5 41 56 53 48 89 fb e8 f1 66 b7 ff 48 8d bb 70 01 00 00 be 04 00 00 00 e8 00 e9 f1 ff 41 be 01 00 00 00 <f0> 44 0f c1 b3 70 01 00 00 41 ff c6 bf 02 00 00 00 44 89 f6 e8 71
RSP: 0018:ffffc90000b97d10 EFLAGS: 00010246
RAX: ffff88810c53cf00 RBX: 0000000000000000 RCX: 0000000000000286
RDX: 0000000000000000 RSI: 0000000000000002 RDI: 00000000ffffffff
RBP: ffffc90000b97d20 R08: 0000000000000003 R09: 0000000000000004
R10: dffffc0000000000 R11: fffffbfff0dcf648 R12: 1ffff11021a7d938
R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000000
FS:  000055555ca27500(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000000170 CR3: 000000012a8d2000 CR4: 00000000003506b0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 d_delete_notify include/linux/fsnotify.h:264 [inline]
 vfs_rmdir+0x247/0x3e0 fs/namei.c:3873
 incfs_kill_sb+0xfe/0x210 fs/incfs/vfs.c:1973
 deactivate_locked_super+0xa0/0x100 fs/super.c:335
 deactivate_super+0xaf/0xe0 fs/super.c:366
 cleanup_mnt+0x45b/0x510 fs/namespace.c:1123
 __cleanup_mnt+0x19/0x20 fs/namespace.c:1130
 task_work_run+0x127/0x190 kernel/task_work.c:189
 tracehook_notify_resume include/linux/tracehook.h:188 [inline]
 exit_to_user_mode_loop+0xcb/0xe0 kernel/entry/common.c:172
 exit_to_user_mode_prepare+0x76/0xa0 kernel/entry/common.c:199
 syscall_exit_to_user_mode+0x1d/0x40 kernel/entry/common.c:274
 do_syscall_64+0x3d/0x40 arch/x86/entry/common.c:56
 entry_SYSCALL_64_after_hwframe+0x61/0xcb
RIP: 0033:0x7f724a13aa57
Code: a2 c7 05 9c fc 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
RSP: 002b:00007ffed684fd48 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f724a13aa57
RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffed684fe00
RBP: 00007ffed684fe00 R08: 00007ffed6850e00 R09: 00000000ffffffff
R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffed6850e90
R13: 00007f724a1cf048 R14: 0000000000006e80 R15: 00007ffed6850ed0
Modules linked in:
CR2: 0000000000000170
---[ end trace d56719de1705ce00 ]---
RIP: 0010:arch_atomic_add_return arch/x86/include/asm/atomic.h:165 [inline]
RIP: 0010:arch_atomic_inc_return include/linux/atomic-arch-fallback.h:286 [inline]
RIP: 0010:atomic_inc_return include/asm-generic/atomic-instrumented.h:251 [inline]
RIP: 0010:ihold+0x26/0x60 fs/inode.c:423
Code: 00 00 00 00 55 48 89 e5 41 56 53 48 89 fb e8 f1 66 b7 ff 48 8d bb 70 01 00 00 be 04 00 00 00 e8 00 e9 f1 ff 41 be 01 00 00 00 <f0> 44 0f c1 b3 70 01 00 00 41 ff c6 bf 02 00 00 00 44 89 f6 e8 71
RSP: 0018:ffffc90000b97d10 EFLAGS: 00010246
RAX: ffff88810c53cf00 RBX: 0000000000000000 RCX: 0000000000000286
RDX: 0000000000000000 RSI: 0000000000000002 RDI: 00000000ffffffff
RBP: ffffc90000b97d20 R08: 0000000000000003 R09: 0000000000000004
R10: dffffc0000000000 R11: fffffbfff0dcf648 R12: 1ffff11021a7d938
R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000000
FS:  000055555ca27500(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000000170 CR3: 000000012a8d2000 CR4: 00000000003506b0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
----------------
Code disassembly (best guess):
   0:	00 00                	add    %al,(%rax)
   2:	00 00                	add    %al,(%rax)
   4:	55                   	push   %rbp
   5:	48 89 e5             	mov    %rsp,%rbp
   8:	41 56                	push   %r14
   a:	53                   	push   %rbx
   b:	48 89 fb             	mov    %rdi,%rbx
   e:	e8 f1 66 b7 ff       	call   0xffb76704
  13:	48 8d bb 70 01 00 00 	lea    0x170(%rbx),%rdi
  1a:	be 04 00 00 00       	mov    $0x4,%esi
  1f:	e8 00 e9 f1 ff       	call   0xfff1e924
  24:	41 be 01 00 00 00    	mov    $0x1,%r14d
* 2a:	f0 44 0f c1 b3 70 01 	lock xadd %r14d,0x170(%rbx) <-- trapping instruction
  31:	00 00
  33:	41 ff c6             	inc    %r14d
  36:	bf 02 00 00 00       	mov    $0x2,%edi
  3b:	44 89 f6             	mov    %r14d,%esi
  3e:	e8                   	.byte 0xe8
  3f:	71                   	.byte 0x71

final repro crashed as (corrupted=false):
RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffed684fe00
RBP: 00007ffed684fe00 R08: 00007ffed6850e00 R09: 00000000ffffffff
R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffed6850e90
R13: 00007f724a1cf048 R14: 0000000000006e80 R15: 00007ffed6850ed0
---[ end trace d56719de1705cdff ]---
==================================================================
BUG: KASAN: null-ptr-deref in instrument_atomic_read_write include/linux/instrumented.h:101 [inline]
BUG: KASAN: null-ptr-deref in atomic_inc_return include/asm-generic/atomic-instrumented.h:250 [inline]
BUG: KASAN: null-ptr-deref in ihold+0x20/0x60 fs/inode.c:423
Write of size 4 at addr 0000000000000170 by task syz-executor/353

CPU: 0 PID: 353 Comm: syz-executor Tainted: G        W         syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
Call Trace:
 __dump_stack+0x21/0x24 lib/dump_stack.c:77
 dump_stack_lvl+0x1a7/0x208 lib/dump_stack.c:118
 __kasan_report mm/kasan/report.c:439 [inline]
 kasan_report+0xd8/0x130 mm/kasan/report.c:452
 check_region_inline mm/kasan/generic.c:-1 [inline]
 kasan_check_range+0x249/0x2a0 mm/kasan/generic.c:189
 __kasan_check_write+0x14/0x20 mm/kasan/shadow.c:37
 instrument_atomic_read_write include/linux/instrumented.h:101 [inline]
 atomic_inc_return include/asm-generic/atomic-instrumented.h:250 [inline]
 ihold+0x20/0x60 fs/inode.c:423
 d_delete_notify include/linux/fsnotify.h:264 [inline]
 vfs_rmdir+0x247/0x3e0 fs/namei.c:3873
 incfs_kill_sb+0xfe/0x210 fs/incfs/vfs.c:1973
 deactivate_locked_super+0xa0/0x100 fs/super.c:335
 deactivate_super+0xaf/0xe0 fs/super.c:366
 cleanup_mnt+0x45b/0x510 fs/namespace.c:1123
 __cleanup_mnt+0x19/0x20 fs/namespace.c:1130
 task_work_run+0x127/0x190 kernel/task_work.c:189
 tracehook_notify_resume include/linux/tracehook.h:188 [inline]
 exit_to_user_mode_loop+0xcb/0xe0 kernel/entry/common.c:172
 exit_to_user_mode_prepare+0x76/0xa0 kernel/entry/common.c:199
 syscall_exit_to_user_mode+0x1d/0x40 kernel/entry/common.c:274
 do_syscall_64+0x3d/0x40 arch/x86/entry/common.c:56
 entry_SYSCALL_64_after_hwframe+0x61/0xcb
RIP: 0033:0x7f724a13aa57
Code: a2 c7 05 9c fc 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
RSP: 002b:00007ffed684fd48 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f724a13aa57
RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffed684fe00
RBP: 00007ffed684fe00 R08: 00007ffed6850e00 R09: 00000000ffffffff
R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffed6850e90
R13: 00007f724a1cf048 R14: 0000000000006e80 R15: 00007ffed6850ed0
==================================================================
BUG: kernel NULL pointer dereference, address: 0000000000000170
#PF: supervisor write access in kernel mode
#PF: error_code(0x0002) - not-present page
PGD 11085c067 P4D 11085c067 PUD 0 
Oops: 0002 [#1] PREEMPT SMP KASAN
CPU: 0 PID: 353 Comm: syz-executor Tainted: G    B   W         syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
RIP: 0010:arch_atomic_add_return arch/x86/include/asm/atomic.h:165 [inline]
RIP: 0010:arch_atomic_inc_return include/linux/atomic-arch-fallback.h:286 [inline]
RIP: 0010:atomic_inc_return include/asm-generic/atomic-instrumented.h:251 [inline]
RIP: 0010:ihold+0x26/0x60 fs/inode.c:423
Code: 00 00 00 00 55 48 89 e5 41 56 53 48 89 fb e8 f1 66 b7 ff 48 8d bb 70 01 00 00 be 04 00 00 00 e8 00 e9 f1 ff 41 be 01 00 00 00 <f0> 44 0f c1 b3 70 01 00 00 41 ff c6 bf 02 00 00 00 44 89 f6 e8 71
RSP: 0018:ffffc90000b97d10 EFLAGS: 00010246
RAX: ffff88810c53cf00 RBX: 0000000000000000 RCX: 0000000000000286
RDX: 0000000000000000 RSI: 0000000000000002 RDI: 00000000ffffffff
RBP: ffffc90000b97d20 R08: 0000000000000003 R09: 0000000000000004
R10: dffffc0000000000 R11: fffffbfff0dcf648 R12: 1ffff11021a7d938
R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000000
FS:  000055555ca27500(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000000170 CR3: 000000012a8d2000 CR4: 00000000003506b0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 d_delete_notify include/linux/fsnotify.h:264 [inline]
 vfs_rmdir+0x247/0x3e0 fs/namei.c:3873
 incfs_kill_sb+0xfe/0x210 fs/incfs/vfs.c:1973
 deactivate_locked_super+0xa0/0x100 fs/super.c:335
 deactivate_super+0xaf/0xe0 fs/super.c:366
 cleanup_mnt+0x45b/0x510 fs/namespace.c:1123
 __cleanup_mnt+0x19/0x20 fs/namespace.c:1130
 task_work_run+0x127/0x190 kernel/task_work.c:189
 tracehook_notify_resume include/linux/tracehook.h:188 [inline]
 exit_to_user_mode_loop+0xcb/0xe0 kernel/entry/common.c:172
 exit_to_user_mode_prepare+0x76/0xa0 kernel/entry/common.c:199
 syscall_exit_to_user_mode+0x1d/0x40 kernel/entry/common.c:274
 do_syscall_64+0x3d/0x40 arch/x86/entry/common.c:56
 entry_SYSCALL_64_after_hwframe+0x61/0xcb
RIP: 0033:0x7f724a13aa57
Code: a2 c7 05 9c fc 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
RSP: 002b:00007ffed684fd48 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f724a13aa57
RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffed684fe00
RBP: 00007ffed684fe00 R08: 00007ffed6850e00 R09: 00000000ffffffff
R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffed6850e90
R13: 00007f724a1cf048 R14: 0000000000006e80 R15: 00007ffed6850ed0
Modules linked in:
CR2: 0000000000000170
---[ end trace d56719de1705ce00 ]---
RIP: 0010:arch_atomic_add_return arch/x86/include/asm/atomic.h:165 [inline]
RIP: 0010:arch_atomic_inc_return include/linux/atomic-arch-fallback.h:286 [inline]
RIP: 0010:atomic_inc_return include/asm-generic/atomic-instrumented.h:251 [inline]
RIP: 0010:ihold+0x26/0x60 fs/inode.c:423
Code: 00 00 00 00 55 48 89 e5 41 56 53 48 89 fb e8 f1 66 b7 ff 48 8d bb 70 01 00 00 be 04 00 00 00 e8 00 e9 f1 ff 41 be 01 00 00 00 <f0> 44 0f c1 b3 70 01 00 00 41 ff c6 bf 02 00 00 00 44 89 f6 e8 71
RSP: 0018:ffffc90000b97d10 EFLAGS: 00010246
RAX: ffff88810c53cf00 RBX: 0000000000000000 RCX: 0000000000000286
RDX: 0000000000000000 RSI: 0000000000000002 RDI: 00000000ffffffff
RBP: ffffc90000b97d20 R08: 0000000000000003 R09: 0000000000000004
R10: dffffc0000000000 R11: fffffbfff0dcf648 R12: 1ffff11021a7d938
R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000000
FS:  000055555ca27500(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000000170 CR3: 000000012a8d2000 CR4: 00000000003506b0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
----------------
Code disassembly (best guess):
   0:	00 00                	add    %al,(%rax)
   2:	00 00                	add    %al,(%rax)
   4:	55                   	push   %rbp
   5:	48 89 e5             	mov    %rsp,%rbp
   8:	41 56                	push   %r14
   a:	53                   	push   %rbx
   b:	48 89 fb             	mov    %rdi,%rbx
   e:	e8 f1 66 b7 ff       	call   0xffb76704
  13:	48 8d bb 70 01 00 00 	lea    0x170(%rbx),%rdi
  1a:	be 04 00 00 00       	mov    $0x4,%esi
  1f:	e8 00 e9 f1 ff       	call   0xfff1e924
  24:	41 be 01 00 00 00    	mov    $0x1,%r14d
* 2a:	f0 44 0f c1 b3 70 01 	lock xadd %r14d,0x170(%rbx) <-- trapping instruction
  31:	00 00
  33:	41 ff c6             	inc    %r14d
  36:	bf 02 00 00 00       	mov    $0x2,%edi
  3b:	44 89 f6             	mov    %r14d,%esi
  3e:	e8                   	.byte 0xe8
  3f:	71                   	.byte 0x71