Extracting prog: 3m20.36293148s
Minimizing prog: 28m25.432240756s
Simplifying prog options: 0s
Extracting C: 21.439292868s
Simplifying C: 6m29.484910089s


extracting reproducer from 36 programs
testing a last program of every proc
single: executing 11 programs separately with timeout 30s
testing program (duration=30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): sendmmsg$inet-socket$inet_tcp-socket$nl_generic-ioctl$sock_SIOCBRDELBR-ioctl$sock_SIOCBRDELBR-ioctl$ifreq_SIOCGIFINDEX_batadv_hard-sendmsg$nl_route
detailed listing:
executing program 0:
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000cc0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x4}}], 0x18}}], 0x1, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCBRDELBR(r1, 0x89a2, &(0x7f0000000200)='bridge0\x00')
ioctl$sock_SIOCBRDELBR(r0, 0x89a3, &(0x7f0000000200)='bridge0\x00')
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000040)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)=@ipv6_deladdrlabel={0xa0, 0x49, 0x0, 0x70bd29, 0x25dfdbfe, {0xa, 0x0, 0x10, 0x0, r2, 0x1}, [@IFAL_LABEL={0x8}, @IFAL_ADDRESS={0x14, 0x1, @local}, @IFAL_ADDRESS={0x14, 0x1, @mcast2}, @IFAL_ADDRESS={0x14, 0x1, @remote}, @IFAL_LABEL={0x8, 0x2, 0xc}, @IFAL_ADDRESS={0x14, 0x1, @private2={0xfc, 0x2, '\x00', 0x1}}, @IFAL_ADDRESS={0x14, 0x1, @dev={0xfe, 0x80, '\x00', 0x1e}}, @IFAL_LABEL={0x8, 0x2, 0x4}, @IFAL_LABEL={0x8}]}, 0xa0}, 0x1, 0x0, 0x0, 0x4000000}, 0x20000004)

program did not crash
testing program (duration=30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$vfat-open-io_setup-io_submit-setxattr$system_posix_acl-setxattr$incfs_size
detailed listing:
executing program 0:
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000200)='./file0\x00', 0x800, &(0x7f0000000180)=ANY=[@ANYRES8=0x0, @ANYRES16, @ANYRES64, @ANYRES16=0x0], 0x1, 0x36e, &(0x7f0000000c00)="$eJzs3c9rI2UYwPEnaZpMumyTgygK0ge96GVoq2c1yC6IAZfuRtwVhNntREPGpMyESERsPXkVb/4DgsseFzwsqP9AL97WixdP9iIIuog4Mr/SJJ00aTZL0/b7gTZP8r7PzPvmF88byJuD9776uFn3zLrVkayhkhEReSRSlqwkMtFFXlLsycuX/nz4/PWbt96uVKtXtlSvVm68sqmqq2s/fPJZMe72oCD75Q8OxPht/+n9Zw/+u/FRw9OGp612Ry293f61Y912bN1ueE1T9ZpjW56tjZZnu1F7O2qvO+2dnZ5are3LKzuu7XlqtXratHvaaWvH7an1odVoqWmaenklbbjnmDFDTu3u1pZVmfGEd2bMw7z94/v+Mc2uW7GWRMzikZba3Sc6LgAAsJBG6v9vkhqhLNl+QZmJ1wL5MB5eBgT1fxKH9X+wWDis/++98FPn0rv3V+P6/0E+rf5/9Zcof6j+D84+9/r/u5HrRyuiM2/3JJ0fq/7HYlgbfkX+frhijwX1f/Bq6K/ov3j/3noYUP8DAAAAAAAAAAAAAAAAAAAAAHAWPPL9ku/7peQy+Tv8CkF8Pbl23BeNceaMe/wL8Y4C/ecDzqXrN2+JEX5xL7cq4nzZrXVr0WXcnnRcl5L8Gz4fYtGGE3thowbK8qOz260txwlL4f+KiIojtmxIScpD+WF89a3qlQ2NRPnh+Xe7tUxuJcivSyPM35SSPJWev5man5eXXhzIN6UkP9+RtjiyHb+PJfmfb6i++U51JL8Y9kvz+pN9SAAAAAAAmDtT1YiXz+Xh9W+0fjdN1bT2YC0vg+vzo58P9NfX66nr81zpudzpzh0AAAAAgIvCy3/atBzHdr3e2KAok/oU4qONNOVkwpGDIDdFn6HgYRgsH9dnaWCG0x45H/+CxrTDcL2eTD3mJPirIKl3ZrKF61CTkX6vThkk85+is3HSh8D1siefu+16a8F4dKbpDATJx0bj+si1WY88Lkh2zp3U+Zmvv/17tlNk4l17B5teu29MmGkYZEZu2ZvwpP3D9yeOZzn93eL7WX5kBgAAAMCCSIr+opfc8sbpDggAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAtortukjQlOe44AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAovg/AAD//5h69bA=")
r0 = open(&(0x7f0000000780)='./bus\x00', 0x14507e, 0x0)
io_setup(0x7d, &(0x7f0000000600)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001d00)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x0, r0}])
setxattr$system_posix_acl(0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$incfs_size(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040), &(0x7f00000000c0)=0x6, 0x8, 0x0)

program did not crash
testing program (duration=30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_open_dev$loop-ioctl$BLKROTATIONAL-syz_open_dev$loop-ioctl$LOOP_CONFIGURE-openat$fuse-ioctl$sock_SIOCOUTQ-accept4$vsock_stream-listen-socket$inet_udplite-ioctl$sock_ipv6_tunnel_SIOCDELPRL-bpf$MAP_CREATE_RINGBUF-bpf$MAP_LOOKUP_ELEM-openat$selinux_mls-ioctl$sock_bt_hidp_HIDPGETCONNLIST-exit-sendto$inet_nvme_pdu-socket$key-connect$inet-socket$inet6_udplite-ioctl$sock_inet_SIOCSIFBRDADDR-ioctl$sock_inet_SIOCADDRT-syz_open_dev$vcsa-setsockopt$bt_l2cap_L2CAP_OPTIONS-prlimit64-read$msr-sendmsg$IPVS_CMD_SET_CONFIG-ioctl$BTRFS_IOC_QUOTA_CTL-preadv2-ioctl$int_in
detailed listing:
executing program 0:
r0 = syz_open_dev$loop(&(0x7f0000000000), 0x8000000000000001, 0x0)
ioctl$BLKROTATIONAL(r0, 0x127e, &(0x7f0000000040))
r1 = syz_open_dev$loop(&(0x7f0000000080), 0x5, 0x400)
ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f00000000c0)={r0, 0x3, {0x0, 0x0, 0x0, 0x172e8474, 0x0, 0x0, 0x4, 0x1f, 0x9, "4f54a64106441264d63e080f799640c0848e04ec07671bda72b638f960405638a8c50e4f32532f5f89407d4eae285505e711e9c3f0ff3f0270cb479c0c4fc796", "2696d37f8f6e88a6991eaf384ce46f3ee16e2ddf102ff52a0d44fd24e8c561b98f1413937e09e39f712a52bae501ed7ef4da98724d443abebd3698f074c62443", "e04e3a461c99691892fc190e5e94bd83e3a506d6c5a259259ab8f1c608548925", [0x7fb, 0x7]}})
openat$fuse(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
ioctl$sock_SIOCOUTQ(0xffffffffffffffff, 0x5411, &(0x7f0000000240))
r2 = accept4$vsock_stream(0xffffffffffffffff, &(0x7f0000000280)={0x28, 0x0, 0xffffffff}, 0x10, 0x80000)
listen(r2, 0x8)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_ipv6_tunnel_SIOCDELPRL(r3, 0x89f6, &(0x7f0000000300)={'sit0\x00', &(0x7f00000002c0)={@multicast1, 0x1, 0x0, 0x20, 0x0, [{@remote}, {@multicast1}]}})
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000340)={0x1b, 0x0, 0x0, 0x6, 0x0, 0x1, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3, 0x4, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000540)={r4, &(0x7f00000003c0)="ea2552e9004c518aa4d2a3c2c03b7385b05dc9809676a1a8d0400b60f9eb3e707240c64c08dbd77460502a5c0046f4ecfe2ff2e27ebb5d022d46e94ae6a2231d77ae3e3dc5785260b036a22a676cf029be77b62162b0b97c2c260ec2ec60eb14571c2bab5f928e5f865f3daff53d03db80369f69acbebdf25888bdbee0db55719db272cd04e9293fdb7e5b233e9bd984b268d1cef2068cea85790c8e7125bd4281ecc19448cdcf4b436977c5bb2a66c85a94f11e461bc0ea7a", &(0x7f0000000480)=""/175, 0x4}, 0x20)
r5 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0)
ioctl$sock_bt_hidp_HIDPGETCONNLIST(r5, 0x800448d2, &(0x7f0000000680)={0x1, &(0x7f00000005c0)=[{}]})
exit(0x5)
sendto$inet_nvme_pdu(r5, &(0x7f00000006c0)=@cmd={{0x4, 0xc}, {@common={0x18, 0x9, 0x7, 0xfff, [0x0, 0x5], 0x7, @ksgl={0x5, "9d132e", "b8a8ede3", 0x6}, @cdws={0x4, 0x7fff, 0x1, 0x6, 0x4, 0x159}}}}, 0x80, 0x0, 0x0, 0x0)
socket$key(0xf, 0x3, 0x2)
connect$inet(r5, &(0x7f0000000740)={0x2, 0x4e21, @broadcast}, 0x10)
r6 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_inet_SIOCSIFBRDADDR(r6, 0x891a, &(0x7f0000000780)={'veth1_to_team\x00', {0x2, 0x4e21, @local}})
ioctl$sock_inet_SIOCADDRT(r3, 0x890b, &(0x7f0000000800)={0x0, {0x2, 0x4e22, @multicast2}, {0x2, 0x4e24, @broadcast}, {0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0, 0x0, 0x0, 0x3, &(0x7f00000007c0)='veth0\x00', 0xfffffffffffffffa, 0x9, 0x81})
r7 = syz_open_dev$vcsa(&(0x7f0000000880), 0x4, 0x342100)
setsockopt$bt_l2cap_L2CAP_OPTIONS(r7, 0x6, 0x1, &(0x7f00000008c0)={0x9, 0x800, 0x7, 0x0, 0x4, 0x7, 0x6}, 0xc)
prlimit64(0x0, 0x2, 0x0, &(0x7f0000000980))
read$msr(0xffffffffffffffff, &(0x7f00000009c0)=""/95, 0x5f)
sendmsg$IPVS_CMD_SET_CONFIG(r7, &(0x7f0000000b40)={&(0x7f0000000a40)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000b00)={&(0x7f0000000a80)={0x5c, 0x0, 0x200, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x4}, @IPVS_CMD_ATTR_DEST={0x24, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0xe}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x6, 0xb, 0x2}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x2017}, @IPVS_DEST_ATTR_TUN_PORT={0x6, 0xe, 0x4e21}]}, @IPVS_CMD_ATTR_DEST={0x1c, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_PORT={0x6, 0x2, 0x4e24}, @IPVS_DEST_ATTR_TUN_PORT={0x6, 0xe, 0x4e24}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0xfffffffd}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x8000}, 0x4045)
ioctl$BTRFS_IOC_QUOTA_CTL(r3, 0xc0109428, &(0x7f0000000b80)={0x3, 0x80000001})
preadv2(r5, &(0x7f0000002f00)=[{&(0x7f0000000bc0)=""/230, 0xe6}, {&(0x7f0000000cc0)=""/4096, 0x1000}, {&(0x7f0000001cc0)=""/251, 0xfb}, {&(0x7f0000001dc0)=""/99, 0x63}, {&(0x7f0000001e40)=""/33, 0x21}, {&(0x7f0000001e80)=""/57, 0x39}, {&(0x7f0000001ec0)=""/62, 0x3e}, {&(0x7f0000001f00)=""/4096, 0x1000}], 0x8, 0xd0, 0x7, 0x1)
ioctl$int_in(r2, 0x5452, &(0x7f0000002f80)=0x51)

program did not crash
testing program (duration=30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): mkdirat-syz_mount_image$fuse-umount2-syz_mount_image$ext4-bpf$PROG_LOAD-utimes-lsetxattr$system_posix_acl-ioctl$KVM_SET_VCPU_EVENTS-openat$kvm-ioctl$KVM_CREATE_VM-socket$nl_netfilter-sendmsg$IPCTNL_MSG_EXP_GET-ioctl$KVM_CREATE_VCPU-ioctl$KVM_SET_USER_MEMORY_REGION-syz_kvm_setup_cpu$x86-bpf$PROG_LOAD-bpf$BPF_RAW_TRACEPOINT_OPEN-syz_mount_image$vfat-open$dir-mknodat$null-keyctl$KEYCTL_PKEY_SIGN-mount-syz_kvm_setup_cpu$x86-ioctl$KVM_REGISTER_COALESCED_MMIO-syz_mount_image$vfat-ioctl$KVM_NMI-ioctl$KVM_RUN-syz_mount_image$fuse-mount$overlay
detailed listing:
executing program 0:
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000004c0)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
umount2(0x0, 0xa)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x0, &(0x7f00000004c0)={[{@jqfmt_vfsv1}, {@auto_da_alloc}, {@barrier_val}, {@journal_ioprio}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@resuid}, {@nodelalloc}, {@acl}, {@noinit_itable}]}, 0xfc, 0x572, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hvSuj6TKadKx14PbgXnyRIYg4EP8A330c/gP+FQMdDBlFH0So3PSmy9qkv5aZbPl84Lbn5N7bc78593t7Tm5CAhhYx7IfhYiXI+KbJOJQy7pi5CuPrW63/PD6VLYksbLy6Z9JJPljze2T/PeBvPJSRPz6VcTJwsZ2a4tLs+VKJZ3P62P1uStjtcWlU5fmyjPpTHp5YnLyzFuTE+++83bXYn39/N/ff3L3wzNfH1/+7uf7h28ncTYO5uta43gCN1orx8r/5qXhOLtuw/EuNNZPkl4fALsylOf5cGTXgEMxlGc98Pz7MiJWgAGVyH8YUM1xQHNu36V58DPjwQerE6BG7COt8RdXXxuJvY250f7l5LGZUTbfHe1C+1kbv/xx53a2xOavQ+zbog6wIzduRsTpYnHj9T/Jr3+7d7rx4vHm1rcxaP9/oJfuZuOfN9qN/wpr459oM/450CZ3d2Pr/C/c70IzHWXjv/fajn/XLl2jQ3nthcaYbzi5eKmSno6IFyPiRAzvyeqb3c85s3xvpdO61vFftmTtN8eC+XHcL+55fJ/pcr0cESNPEnfTg5sRrxTbxZ+s9X/Spv+z5+P8Nts4mt55tdO6reN/ulZ+initbf8/uqOVbH5/cqxxPow1z4qN/rp19LdO7fc6/qz/928e/2jSer+2tvM2ftz7T9pp3W7P/5Hks0a5mQTXyvX6/HjESPLxxscnHu3brDe3z+I/cXzz61+78z+bfH2+zfhvHbnVcdN+6P/pHfX/zgv3Pvrih07tb6//32yUTuSP5Ne/9vJzZbsH+KTPHwAAAAAAAPSTQkQcjKRQWisXCqXS6vs7jsT+QqVaq5+8WF24PB2Nz8qOxnCheaf7UMv7Icbz98M26xPr6pMRcTgivh3a16iXpqqV6V4HDwAAAAAAAAAAAAAAAAAAAH3iQIfP/2d+H+r10QFPXeOLDfb0+iiAXtjyK/+78U1PQF/aMv+B55b8h8El/2FwyX8YXPIfBpf8h8El/2FwyX8AAAAAAAAAAAAAAAAAAAAAAAAAAADoqvPnzmXLyvLD61NZffrq4sJs9eqp6bQ2W5pbmCpNVeevlGaq1ZlKWpqqzm319yrV6pXxiVi4NlZPa/Wx2uLShbnqwuX6hUtz5Zn0Qjr8v0QFAAAAAAAAAAAAAAAAAAAAz5ba4tJsuVJJ5xU6Ft6PvjiMpxngql3tXuyXKBQ6FG7m3buzvXp4UQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdf4LAAD//++4Mnc=")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
utimes(&(0x7f0000000100)='./file0\x00', 0x0)
lsetxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f00000001c0)='system.posix_acl_default\x00', &(0x7f00000002c0)=ANY=[@ANYBLOB="02"], 0x4, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000000c0)=@x86={0x2, 0x80, 0xd5, 0x0, 0x1, 0x5, 0x7, 0x40, 0xd3, 0x1, 0x8, 0x3, 0x0, 0x40, 0x2, 0x4, 0x4, 0xc8, 0x5, '\x00', 0x7, 0x6})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_GET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x44, 0x1, 0x2, 0x5, 0x0, 0x0, {0xa, 0x0, 0x3}, [@CTA_EXPECT_MASTER={0x30, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private0={0xfc, 0x0, '\x00', 0x1}}, {0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x4}, 0x40040)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x8000000001)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3, 0x0, 0x4}, 0x18)
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000140)='./file0\x00', 0x800000, &(0x7f0000000440)={[{@shortname_lower}, {@shortname_winnt}, {@shortname_win95}, {@iocharset={'iocharset', 0x3d, 'macinuit'}}, {@shortname_mixed}, {@fat=@codepage={'codepage', 0x3d, '1255'}}, {@fat=@nocase}, {@fat=@check_strict}, {@rodir}, {@shortname_winnt}, {@iocharset={'iocharset', 0x3d, 'cp850'}}], [{@uid_eq}, {@uid_eq}]}, 0x1, 0x29f, &(0x7f0000000180)="$eJzs3U1rK1UcB+B/bnNvkguSLITLFaEjLnQV2oq4TZEKYkBRstCVxaYoTS20UNBF213xO+g3EF0KrgQX4lZwLYJUwY111UVlJE5aZ5oXW20a6X2eTU/POb+cc+YMM3TRk7ef3NxY29pZPz4+imq1FOVWtEonpWjEnZiLzEEAALfJSZrGb2lm1nMBAG6G9z8APHomvf9LB+d1r938zACAaflPf//fmcqUAIApe+PNt15ZbrdXXk+SasTm4W5nt5P9zNqX1+O96EU3FqIepxHpuYj9NE1ferm9spD0/dyI6ub+IL+/25kr5hejHo18/st6/7d+fjHJRCefvxv3B/kf7kc3lqIejxfHTwfjL43M34tnn86N34x6fPdObEUv1qKfzfKViNhbTJIXX21fyFf+6jfs+5vcHgAAAAAAAAAAAAAAAAAAAAAAbqlmcq5RPP8mO7+n2RzXnuXz5wPVTkefz7Mw8nyecjxRnu3aAQAAAAAAAAAAAAAAAAAA4P9i54MPN1Z7ve72pML733729VElC/xj58mF0mDcq6UOCzUvPFOcRu1yq7hQeOypnz4e1VSJylWvz78r3I2IfE0yGPKr+SkOel2Fb47effjczoPnx/WJcr7mo/5SC32yHXw4qPn0rKl8uQt+b/T988fg6IkRTb/WI8Z+YHXUDVkb7pzWsx0qxj8/K7R+H/rks1upu10bGr06/W2az9U8+KS1+sXej79cNj7hoZHOXftzCAAAAAAAAAAAAAAAAAAAyP9/+6xnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACz8/f3/1+1UIlCTXVs54NZrxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP4MAAD//wuTkgI=")
open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
keyctl$KEYCTL_PKEY_SIGN(0x1b, 0x0, 0x0, 0x0, 0x0)
mount(&(0x7f0000000000), &(0x7f0000000280)='./cgroup\x00', 0x0, 0x75809, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, 0x0}], 0x1, 0x24, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x2008804, &(0x7f0000000840)=ANY=[@ANYBLOB='flush,uni_xlate=1,nonumtail=0,rodir,iocharset=iso8859-14,nonumtail=0,utf8=1,umask=00000000000000000000013,uni_xlate=0,shortname=mixed,uni_xlate=0,shortname=win_xlate=1,nonumtail=0,dos1xfloppy,nonumtail=0,utf8=1,\x00\x00\x00\x00\x00\x00\x00', @ANYRES16, @ANYRESHEX, @ANYRES8], 0xdd, 0x2e5, &(0x7f0000000540)="$eJzs3U1rE0Ecx/F/kqZJWmt6EBFRGCqIIl2agDcPFmlBDChtI1hB2NqthmyTkg2FiNgeBK+ePfTgUQQRvHkR8dqLr8CnWy+9WbC4stndNE3WNa32yX4/h3a6M7+dyc6kD9N2s3Lp6WxxxtJ+2HVx8fRLVGJeeVHOf1j6fHr8/RH3Y6VGhycyWaWiInL74cuBd9Xem2+Ovk3Icv+dldXst+VTEyI/J+5LVBUsVbJtpaupcrkaccLTBauoKXXDNHTLUIWSZVSqXr0+ZRpqxizPzdWUXpru65mrGJal9FJNFY2aqpZVtVJT+j29UFKapqm+HkF9snzRtrpIWDD/Ys22ZdWZ+cSi2LYd0HrRL/hrI/F3g8V+0jL/oW3bFkdsJ0eG3bBmd3U8//j/uM//L8+Y/8Np/NbkteFcbmRMqaTI7JP5/Hzefe/Wf+qVgphiyNLYhcl1EbtBIs7b0au5kSFV1y9nZxe8/MJ83v3iMDzj5TOSdr5PacqLn8+4ebU5H5ee5nxW0nIsOJ/18xJtynfLuTNNeU3S8vGulMWUaXGyG/lHGaWuXM+19J+qtwMAAAAAAAAA4CDSVMPG/n2k8avelKYl6n/x0ahPOYeddm6Dxv76kKRlPXh/fihwf79LTnbt4QMHAAAAAOAQsWoPirppGpWdKcSep0K6iIuIUxB5POAMJvSEx70Rd9Z7t4i0V8XCu9hUSF10+3s15g1MdvJC/aOC/88aRd187VelJKhxdEsLYLA78Mond/UBSieNJbm9hZ3oeGm1FiLr/pETgW3syJ/PY+tm3D0iGzMYmrq8pafDbwvJ1gs1+NU9rxnySeN7Y4sPAAAAwAHS9IMTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYI9u6eZh/3/7NVeK9RHz7LdlaXyee+/4DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2Id+BQAA//+FlLca")
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})

program crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted
single: successfully extracted reproducer
found reproducer with 29 syscalls
minimizing guilty program
testing program (duration=32.57592754s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): mkdirat-syz_mount_image$fuse-umount2-syz_mount_image$ext4-bpf$PROG_LOAD-utimes-lsetxattr$system_posix_acl-ioctl$KVM_SET_VCPU_EVENTS-openat$kvm-ioctl$KVM_CREATE_VM-socket$nl_netfilter-sendmsg$IPCTNL_MSG_EXP_GET-ioctl$KVM_CREATE_VCPU-ioctl$KVM_SET_USER_MEMORY_REGION-syz_kvm_setup_cpu$x86-bpf$PROG_LOAD-bpf$BPF_RAW_TRACEPOINT_OPEN-syz_mount_image$vfat-open$dir-mknodat$null-keyctl$KEYCTL_PKEY_SIGN-mount-syz_kvm_setup_cpu$x86-ioctl$KVM_REGISTER_COALESCED_MMIO-syz_mount_image$vfat-ioctl$KVM_NMI-ioctl$KVM_RUN-syz_mount_image$fuse
detailed listing:
executing program 0:
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000004c0)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
umount2(0x0, 0xa)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x0, &(0x7f00000004c0)={[{@jqfmt_vfsv1}, {@auto_da_alloc}, {@barrier_val}, {@journal_ioprio}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@resuid}, {@nodelalloc}, {@acl}, {@noinit_itable}]}, 0xfc, 0x572, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hvSuj6TKadKx14PbgXnyRIYg4EP8A330c/gP+FQMdDBlFH0So3PSmy9qkv5aZbPl84Lbn5N7bc78593t7Tm5CAhhYx7IfhYiXI+KbJOJQy7pi5CuPrW63/PD6VLYksbLy6Z9JJPljze2T/PeBvPJSRPz6VcTJwsZ2a4tLs+VKJZ3P62P1uStjtcWlU5fmyjPpTHp5YnLyzFuTE+++83bXYn39/N/ff3L3wzNfH1/+7uf7h28ncTYO5uta43gCN1orx8r/5qXhOLtuw/EuNNZPkl4fALsylOf5cGTXgEMxlGc98Pz7MiJWgAGVyH8YUM1xQHNu36V58DPjwQerE6BG7COt8RdXXxuJvY250f7l5LGZUTbfHe1C+1kbv/xx53a2xOavQ+zbog6wIzduRsTpYnHj9T/Jr3+7d7rx4vHm1rcxaP9/oJfuZuOfN9qN/wpr459oM/450CZ3d2Pr/C/c70IzHWXjv/fajn/XLl2jQ3nthcaYbzi5eKmSno6IFyPiRAzvyeqb3c85s3xvpdO61vFftmTtN8eC+XHcL+55fJ/pcr0cESNPEnfTg5sRrxTbxZ+s9X/Spv+z5+P8Nts4mt55tdO6reN/ulZ+initbf8/uqOVbH5/cqxxPow1z4qN/rp19LdO7fc6/qz/928e/2jSer+2tvM2ftz7T9pp3W7P/5Hks0a5mQTXyvX6/HjESPLxxscnHu3brDe3z+I/cXzz61+78z+bfH2+zfhvHbnVcdN+6P/pHfX/zgv3Pvrih07tb6//32yUTuSP5Ne/9vJzZbsH+KTPHwAAAAAAAPSTQkQcjKRQWisXCqXS6vs7jsT+QqVaq5+8WF24PB2Nz8qOxnCheaf7UMv7Icbz98M26xPr6pMRcTgivh3a16iXpqqV6V4HDwAAAAAAAAAAAAAAAAAAAH3iQIfP/2d+H+r10QFPXeOLDfb0+iiAXtjyK/+78U1PQF/aMv+B55b8h8El/2FwyX8YXPIfBpf8h8El/2FwyX8AAAAAAAAAAAAAAAAAAAAAAAAAAADoqvPnzmXLyvLD61NZffrq4sJs9eqp6bQ2W5pbmCpNVeevlGaq1ZlKWpqqzm319yrV6pXxiVi4NlZPa/Wx2uLShbnqwuX6hUtz5Zn0Qjr8v0QFAAAAAAAAAAAAAAAAAAAAz5ba4tJsuVJJ5xU6Ft6PvjiMpxngql3tXuyXKBQ6FG7m3buzvXp4UQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdf4LAAD//++4Mnc=")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
utimes(&(0x7f0000000100)='./file0\x00', 0x0)
lsetxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f00000001c0)='system.posix_acl_default\x00', &(0x7f00000002c0)=ANY=[@ANYBLOB="02"], 0x4, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000000c0)=@x86={0x2, 0x80, 0xd5, 0x0, 0x1, 0x5, 0x7, 0x40, 0xd3, 0x1, 0x8, 0x3, 0x0, 0x40, 0x2, 0x4, 0x4, 0xc8, 0x5, '\x00', 0x7, 0x6})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_GET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x44, 0x1, 0x2, 0x5, 0x0, 0x0, {0xa, 0x0, 0x3}, [@CTA_EXPECT_MASTER={0x30, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private0={0xfc, 0x0, '\x00', 0x1}}, {0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x4}, 0x40040)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x8000000001)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3, 0x0, 0x4}, 0x18)
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000140)='./file0\x00', 0x800000, &(0x7f0000000440)={[{@shortname_lower}, {@shortname_winnt}, {@shortname_win95}, {@iocharset={'iocharset', 0x3d, 'macinuit'}}, {@shortname_mixed}, {@fat=@codepage={'codepage', 0x3d, '1255'}}, {@fat=@nocase}, {@fat=@check_strict}, {@rodir}, {@shortname_winnt}, {@iocharset={'iocharset', 0x3d, 'cp850'}}], [{@uid_eq}, {@uid_eq}]}, 0x1, 0x29f, &(0x7f0000000180)="$eJzs3U1rK1UcB+B/bnNvkguSLITLFaEjLnQV2oq4TZEKYkBRstCVxaYoTS20UNBF213xO+g3EF0KrgQX4lZwLYJUwY111UVlJE5aZ5oXW20a6X2eTU/POb+cc+YMM3TRk7ef3NxY29pZPz4+imq1FOVWtEonpWjEnZiLzEEAALfJSZrGb2lm1nMBAG6G9z8APHomvf9LB+d1r938zACAaflPf//fmcqUAIApe+PNt15ZbrdXXk+SasTm4W5nt5P9zNqX1+O96EU3FqIepxHpuYj9NE1ferm9spD0/dyI6ub+IL+/25kr5hejHo18/st6/7d+fjHJRCefvxv3B/kf7kc3lqIejxfHTwfjL43M34tnn86N34x6fPdObEUv1qKfzfKViNhbTJIXX21fyFf+6jfs+5vcHgAAAAAAAAAAAAAAAAAAAAAAbqlmcq5RPP8mO7+n2RzXnuXz5wPVTkefz7Mw8nyecjxRnu3aAQAAAAAAAAAAAAAAAAAA4P9i54MPN1Z7ve72pML733729VElC/xj58mF0mDcq6UOCzUvPFOcRu1yq7hQeOypnz4e1VSJylWvz78r3I2IfE0yGPKr+SkOel2Fb47effjczoPnx/WJcr7mo/5SC32yHXw4qPn0rKl8uQt+b/T988fg6IkRTb/WI8Z+YHXUDVkb7pzWsx0qxj8/K7R+H/rks1upu10bGr06/W2az9U8+KS1+sXej79cNj7hoZHOXftzCAAAAAAAAAAAAAAAAAAAyP9/+6xnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACz8/f3/1+1UIlCTXVs54NZrxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP4MAAD//wuTkgI=")
open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
keyctl$KEYCTL_PKEY_SIGN(0x1b, 0x0, 0x0, 0x0, 0x0)
mount(&(0x7f0000000000), &(0x7f0000000280)='./cgroup\x00', 0x0, 0x75809, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, 0x0}], 0x1, 0x24, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x2008804, &(0x7f0000000840)=ANY=[@ANYBLOB='flush,uni_xlate=1,nonumtail=0,rodir,iocharset=iso8859-14,nonumtail=0,utf8=1,umask=00000000000000000000013,uni_xlate=0,shortname=mixed,uni_xlate=0,shortname=win_xlate=1,nonumtail=0,dos1xfloppy,nonumtail=0,utf8=1,\x00\x00\x00\x00\x00\x00\x00', @ANYRES16, @ANYRESHEX, @ANYRES8], 0xdd, 0x2e5, &(0x7f0000000540)="$eJzs3U1rE0Ecx/F/kqZJWmt6EBFRGCqIIl2agDcPFmlBDChtI1hB2NqthmyTkg2FiNgeBK+ePfTgUQQRvHkR8dqLr8CnWy+9WbC4stndNE3WNa32yX4/h3a6M7+dyc6kD9N2s3Lp6WxxxtJ+2HVx8fRLVGJeeVHOf1j6fHr8/RH3Y6VGhycyWaWiInL74cuBd9Xem2+Ovk3Icv+dldXst+VTEyI/J+5LVBUsVbJtpaupcrkaccLTBauoKXXDNHTLUIWSZVSqXr0+ZRpqxizPzdWUXpru65mrGJal9FJNFY2aqpZVtVJT+j29UFKapqm+HkF9snzRtrpIWDD/Ys22ZdWZ+cSi2LYd0HrRL/hrI/F3g8V+0jL/oW3bFkdsJ0eG3bBmd3U8//j/uM//L8+Y/8Np/NbkteFcbmRMqaTI7JP5/Hzefe/Wf+qVgphiyNLYhcl1EbtBIs7b0au5kSFV1y9nZxe8/MJ83v3iMDzj5TOSdr5PacqLn8+4ebU5H5ee5nxW0nIsOJ/18xJtynfLuTNNeU3S8vGulMWUaXGyG/lHGaWuXM+19J+qtwMAAAAAAAAA4CDSVMPG/n2k8avelKYl6n/x0ahPOYeddm6Dxv76kKRlPXh/fihwf79LTnbt4QMHAAAAAOAQsWoPirppGpWdKcSep0K6iIuIUxB5POAMJvSEx70Rd9Z7t4i0V8XCu9hUSF10+3s15g1MdvJC/aOC/88aRd187VelJKhxdEsLYLA78Mond/UBSieNJbm9hZ3oeGm1FiLr/pETgW3syJ/PY+tm3D0iGzMYmrq8pafDbwvJ1gs1+NU9rxnySeN7Y4sPAAAAwAHS9IMTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYI9u6eZh/3/7NVeK9RHz7LdlaXyee+/4DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2Id+BQAA//+FlLca")
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

program crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted
testing program (duration=32.57592754s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): mkdirat-syz_mount_image$fuse-umount2-syz_mount_image$ext4-bpf$PROG_LOAD-utimes-lsetxattr$system_posix_acl-ioctl$KVM_SET_VCPU_EVENTS-openat$kvm-ioctl$KVM_CREATE_VM-socket$nl_netfilter-sendmsg$IPCTNL_MSG_EXP_GET-ioctl$KVM_CREATE_VCPU-ioctl$KVM_SET_USER_MEMORY_REGION-syz_kvm_setup_cpu$x86-bpf$PROG_LOAD-bpf$BPF_RAW_TRACEPOINT_OPEN-syz_mount_image$vfat-open$dir-mknodat$null-keyctl$KEYCTL_PKEY_SIGN-mount-syz_kvm_setup_cpu$x86-ioctl$KVM_REGISTER_COALESCED_MMIO-syz_mount_image$vfat-ioctl$KVM_NMI-ioctl$KVM_RUN
detailed listing:
executing program 0:
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000004c0)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
umount2(0x0, 0xa)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x0, &(0x7f00000004c0)={[{@jqfmt_vfsv1}, {@auto_da_alloc}, {@barrier_val}, {@journal_ioprio}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@resuid}, {@nodelalloc}, {@acl}, {@noinit_itable}]}, 0xfc, 0x572, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hvSuj6TKadKx14PbgXnyRIYg4EP8A330c/gP+FQMdDBlFH0So3PSmy9qkv5aZbPl84Lbn5N7bc78593t7Tm5CAhhYx7IfhYiXI+KbJOJQy7pi5CuPrW63/PD6VLYksbLy6Z9JJPljze2T/PeBvPJSRPz6VcTJwsZ2a4tLs+VKJZ3P62P1uStjtcWlU5fmyjPpTHp5YnLyzFuTE+++83bXYn39/N/ff3L3wzNfH1/+7uf7h28ncTYO5uta43gCN1orx8r/5qXhOLtuw/EuNNZPkl4fALsylOf5cGTXgEMxlGc98Pz7MiJWgAGVyH8YUM1xQHNu36V58DPjwQerE6BG7COt8RdXXxuJvY250f7l5LGZUTbfHe1C+1kbv/xx53a2xOavQ+zbog6wIzduRsTpYnHj9T/Jr3+7d7rx4vHm1rcxaP9/oJfuZuOfN9qN/wpr459oM/450CZ3d2Pr/C/c70IzHWXjv/fajn/XLl2jQ3nthcaYbzi5eKmSno6IFyPiRAzvyeqb3c85s3xvpdO61vFftmTtN8eC+XHcL+55fJ/pcr0cESNPEnfTg5sRrxTbxZ+s9X/Spv+z5+P8Nts4mt55tdO6reN/ulZ+initbf8/uqOVbH5/cqxxPow1z4qN/rp19LdO7fc6/qz/928e/2jSer+2tvM2ftz7T9pp3W7P/5Hks0a5mQTXyvX6/HjESPLxxscnHu3brDe3z+I/cXzz61+78z+bfH2+zfhvHbnVcdN+6P/pHfX/zgv3Pvrih07tb6//32yUTuSP5Ne/9vJzZbsH+KTPHwAAAAAAAPSTQkQcjKRQWisXCqXS6vs7jsT+QqVaq5+8WF24PB2Nz8qOxnCheaf7UMv7Icbz98M26xPr6pMRcTgivh3a16iXpqqV6V4HDwAAAAAAAAAAAAAAAAAAAH3iQIfP/2d+H+r10QFPXeOLDfb0+iiAXtjyK/+78U1PQF/aMv+B55b8h8El/2FwyX8YXPIfBpf8h8El/2FwyX8AAAAAAAAAAAAAAAAAAAAAAAAAAADoqvPnzmXLyvLD61NZffrq4sJs9eqp6bQ2W5pbmCpNVeevlGaq1ZlKWpqqzm319yrV6pXxiVi4NlZPa/Wx2uLShbnqwuX6hUtz5Zn0Qjr8v0QFAAAAAAAAAAAAAAAAAAAAz5ba4tJsuVJJ5xU6Ft6PvjiMpxngql3tXuyXKBQ6FG7m3buzvXp4UQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdf4LAAD//++4Mnc=")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
utimes(&(0x7f0000000100)='./file0\x00', 0x0)
lsetxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f00000001c0)='system.posix_acl_default\x00', &(0x7f00000002c0)=ANY=[@ANYBLOB="02"], 0x4, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000000c0)=@x86={0x2, 0x80, 0xd5, 0x0, 0x1, 0x5, 0x7, 0x40, 0xd3, 0x1, 0x8, 0x3, 0x0, 0x40, 0x2, 0x4, 0x4, 0xc8, 0x5, '\x00', 0x7, 0x6})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_GET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x44, 0x1, 0x2, 0x5, 0x0, 0x0, {0xa, 0x0, 0x3}, [@CTA_EXPECT_MASTER={0x30, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private0={0xfc, 0x0, '\x00', 0x1}}, {0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x4}, 0x40040)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x8000000001)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3, 0x0, 0x4}, 0x18)
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000140)='./file0\x00', 0x800000, &(0x7f0000000440)={[{@shortname_lower}, {@shortname_winnt}, {@shortname_win95}, {@iocharset={'iocharset', 0x3d, 'macinuit'}}, {@shortname_mixed}, {@fat=@codepage={'codepage', 0x3d, '1255'}}, {@fat=@nocase}, {@fat=@check_strict}, {@rodir}, {@shortname_winnt}, {@iocharset={'iocharset', 0x3d, 'cp850'}}], [{@uid_eq}, {@uid_eq}]}, 0x1, 0x29f, &(0x7f0000000180)="$eJzs3U1rK1UcB+B/bnNvkguSLITLFaEjLnQV2oq4TZEKYkBRstCVxaYoTS20UNBF213xO+g3EF0KrgQX4lZwLYJUwY111UVlJE5aZ5oXW20a6X2eTU/POb+cc+YMM3TRk7ef3NxY29pZPz4+imq1FOVWtEonpWjEnZiLzEEAALfJSZrGb2lm1nMBAG6G9z8APHomvf9LB+d1r938zACAaflPf//fmcqUAIApe+PNt15ZbrdXXk+SasTm4W5nt5P9zNqX1+O96EU3FqIepxHpuYj9NE1ferm9spD0/dyI6ub+IL+/25kr5hejHo18/st6/7d+fjHJRCefvxv3B/kf7kc3lqIejxfHTwfjL43M34tnn86N34x6fPdObEUv1qKfzfKViNhbTJIXX21fyFf+6jfs+5vcHgAAAAAAAAAAAAAAAAAAAAAAbqlmcq5RPP8mO7+n2RzXnuXz5wPVTkefz7Mw8nyecjxRnu3aAQAAAAAAAAAAAAAAAAAA4P9i54MPN1Z7ve72pML733729VElC/xj58mF0mDcq6UOCzUvPFOcRu1yq7hQeOypnz4e1VSJylWvz78r3I2IfE0yGPKr+SkOel2Fb47effjczoPnx/WJcr7mo/5SC32yHXw4qPn0rKl8uQt+b/T988fg6IkRTb/WI8Z+YHXUDVkb7pzWsx0qxj8/K7R+H/rks1upu10bGr06/W2az9U8+KS1+sXej79cNj7hoZHOXftzCAAAAAAAAAAAAAAAAAAAyP9/+6xnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACz8/f3/1+1UIlCTXVs54NZrxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP4MAAD//wuTkgI=")
open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
keyctl$KEYCTL_PKEY_SIGN(0x1b, 0x0, 0x0, 0x0, 0x0)
mount(&(0x7f0000000000), &(0x7f0000000280)='./cgroup\x00', 0x0, 0x75809, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, 0x0}], 0x1, 0x24, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x2008804, &(0x7f0000000840)=ANY=[@ANYBLOB='flush,uni_xlate=1,nonumtail=0,rodir,iocharset=iso8859-14,nonumtail=0,utf8=1,umask=00000000000000000000013,uni_xlate=0,shortname=mixed,uni_xlate=0,shortname=win_xlate=1,nonumtail=0,dos1xfloppy,nonumtail=0,utf8=1,\x00\x00\x00\x00\x00\x00\x00', @ANYRES16, @ANYRESHEX, @ANYRES8], 0xdd, 0x2e5, &(0x7f0000000540)="$eJzs3U1rE0Ecx/F/kqZJWmt6EBFRGCqIIl2agDcPFmlBDChtI1hB2NqthmyTkg2FiNgeBK+ePfTgUQQRvHkR8dqLr8CnWy+9WbC4stndNE3WNa32yX4/h3a6M7+dyc6kD9N2s3Lp6WxxxtJ+2HVx8fRLVGJeeVHOf1j6fHr8/RH3Y6VGhycyWaWiInL74cuBd9Xem2+Ovk3Icv+dldXst+VTEyI/J+5LVBUsVbJtpaupcrkaccLTBauoKXXDNHTLUIWSZVSqXr0+ZRpqxizPzdWUXpru65mrGJal9FJNFY2aqpZVtVJT+j29UFKapqm+HkF9snzRtrpIWDD/Ys22ZdWZ+cSi2LYd0HrRL/hrI/F3g8V+0jL/oW3bFkdsJ0eG3bBmd3U8//j/uM//L8+Y/8Np/NbkteFcbmRMqaTI7JP5/Hzefe/Wf+qVgphiyNLYhcl1EbtBIs7b0au5kSFV1y9nZxe8/MJ83v3iMDzj5TOSdr5PacqLn8+4ebU5H5ee5nxW0nIsOJ/18xJtynfLuTNNeU3S8vGulMWUaXGyG/lHGaWuXM+19J+qtwMAAAAAAAAA4CDSVMPG/n2k8avelKYl6n/x0ahPOYeddm6Dxv76kKRlPXh/fihwf79LTnbt4QMHAAAAAOAQsWoPirppGpWdKcSep0K6iIuIUxB5POAMJvSEx70Rd9Z7t4i0V8XCu9hUSF10+3s15g1MdvJC/aOC/88aRd187VelJKhxdEsLYLA78Mond/UBSieNJbm9hZ3oeGm1FiLr/pETgW3syJ/PY+tm3D0iGzMYmrq8pafDbwvJ1gs1+NU9rxnySeN7Y4sPAAAAwAHS9IMTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYI9u6eZh/3/7NVeK9RHz7LdlaXyee+/4DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2Id+BQAA//+FlLca")
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

program crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted
testing program (duration=32.57592754s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): mkdirat-syz_mount_image$fuse-umount2-syz_mount_image$ext4-bpf$PROG_LOAD-utimes-lsetxattr$system_posix_acl-ioctl$KVM_SET_VCPU_EVENTS-openat$kvm-ioctl$KVM_CREATE_VM-socket$nl_netfilter-sendmsg$IPCTNL_MSG_EXP_GET-ioctl$KVM_CREATE_VCPU-ioctl$KVM_SET_USER_MEMORY_REGION-syz_kvm_setup_cpu$x86-bpf$PROG_LOAD-bpf$BPF_RAW_TRACEPOINT_OPEN-syz_mount_image$vfat-open$dir-mknodat$null-keyctl$KEYCTL_PKEY_SIGN-mount-syz_kvm_setup_cpu$x86-ioctl$KVM_REGISTER_COALESCED_MMIO-syz_mount_image$vfat-ioctl$KVM_NMI
detailed listing:
executing program 0:
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000004c0)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
umount2(0x0, 0xa)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x0, &(0x7f00000004c0)={[{@jqfmt_vfsv1}, {@auto_da_alloc}, {@barrier_val}, {@journal_ioprio}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@resuid}, {@nodelalloc}, {@acl}, {@noinit_itable}]}, 0xfc, 0x572, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hvSuj6TKadKx14PbgXnyRIYg4EP8A330c/gP+FQMdDBlFH0So3PSmy9qkv5aZbPl84Lbn5N7bc78593t7Tm5CAhhYx7IfhYiXI+KbJOJQy7pi5CuPrW63/PD6VLYksbLy6Z9JJPljze2T/PeBvPJSRPz6VcTJwsZ2a4tLs+VKJZ3P62P1uStjtcWlU5fmyjPpTHp5YnLyzFuTE+++83bXYn39/N/ff3L3wzNfH1/+7uf7h28ncTYO5uta43gCN1orx8r/5qXhOLtuw/EuNNZPkl4fALsylOf5cGTXgEMxlGc98Pz7MiJWgAGVyH8YUM1xQHNu36V58DPjwQerE6BG7COt8RdXXxuJvY250f7l5LGZUTbfHe1C+1kbv/xx53a2xOavQ+zbog6wIzduRsTpYnHj9T/Jr3+7d7rx4vHm1rcxaP9/oJfuZuOfN9qN/wpr459oM/450CZ3d2Pr/C/c70IzHWXjv/fajn/XLl2jQ3nthcaYbzi5eKmSno6IFyPiRAzvyeqb3c85s3xvpdO61vFftmTtN8eC+XHcL+55fJ/pcr0cESNPEnfTg5sRrxTbxZ+s9X/Spv+z5+P8Nts4mt55tdO6reN/ulZ+initbf8/uqOVbH5/cqxxPow1z4qN/rp19LdO7fc6/qz/928e/2jSer+2tvM2ftz7T9pp3W7P/5Hks0a5mQTXyvX6/HjESPLxxscnHu3brDe3z+I/cXzz61+78z+bfH2+zfhvHbnVcdN+6P/pHfX/zgv3Pvrih07tb6//32yUTuSP5Ne/9vJzZbsH+KTPHwAAAAAAAPSTQkQcjKRQWisXCqXS6vs7jsT+QqVaq5+8WF24PB2Nz8qOxnCheaf7UMv7Icbz98M26xPr6pMRcTgivh3a16iXpqqV6V4HDwAAAAAAAAAAAAAAAAAAAH3iQIfP/2d+H+r10QFPXeOLDfb0+iiAXtjyK/+78U1PQF/aMv+B55b8h8El/2FwyX8YXPIfBpf8h8El/2FwyX8AAAAAAAAAAAAAAAAAAAAAAAAAAADoqvPnzmXLyvLD61NZffrq4sJs9eqp6bQ2W5pbmCpNVeevlGaq1ZlKWpqqzm319yrV6pXxiVi4NlZPa/Wx2uLShbnqwuX6hUtz5Zn0Qjr8v0QFAAAAAAAAAAAAAAAAAAAAz5ba4tJsuVJJ5xU6Ft6PvjiMpxngql3tXuyXKBQ6FG7m3buzvXp4UQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdf4LAAD//++4Mnc=")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
utimes(&(0x7f0000000100)='./file0\x00', 0x0)
lsetxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f00000001c0)='system.posix_acl_default\x00', &(0x7f00000002c0)=ANY=[@ANYBLOB="02"], 0x4, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000000c0)=@x86={0x2, 0x80, 0xd5, 0x0, 0x1, 0x5, 0x7, 0x40, 0xd3, 0x1, 0x8, 0x3, 0x0, 0x40, 0x2, 0x4, 0x4, 0xc8, 0x5, '\x00', 0x7, 0x6})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_GET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x44, 0x1, 0x2, 0x5, 0x0, 0x0, {0xa, 0x0, 0x3}, [@CTA_EXPECT_MASTER={0x30, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private0={0xfc, 0x0, '\x00', 0x1}}, {0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x4}, 0x40040)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x8000000001)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3, 0x0, 0x4}, 0x18)
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000140)='./file0\x00', 0x800000, &(0x7f0000000440)={[{@shortname_lower}, {@shortname_winnt}, {@shortname_win95}, {@iocharset={'iocharset', 0x3d, 'macinuit'}}, {@shortname_mixed}, {@fat=@codepage={'codepage', 0x3d, '1255'}}, {@fat=@nocase}, {@fat=@check_strict}, {@rodir}, {@shortname_winnt}, {@iocharset={'iocharset', 0x3d, 'cp850'}}], [{@uid_eq}, {@uid_eq}]}, 0x1, 0x29f, &(0x7f0000000180)="$eJzs3U1rK1UcB+B/bnNvkguSLITLFaEjLnQV2oq4TZEKYkBRstCVxaYoTS20UNBF213xO+g3EF0KrgQX4lZwLYJUwY111UVlJE5aZ5oXW20a6X2eTU/POb+cc+YMM3TRk7ef3NxY29pZPz4+imq1FOVWtEonpWjEnZiLzEEAALfJSZrGb2lm1nMBAG6G9z8APHomvf9LB+d1r938zACAaflPf//fmcqUAIApe+PNt15ZbrdXXk+SasTm4W5nt5P9zNqX1+O96EU3FqIepxHpuYj9NE1ferm9spD0/dyI6ub+IL+/25kr5hejHo18/st6/7d+fjHJRCefvxv3B/kf7kc3lqIejxfHTwfjL43M34tnn86N34x6fPdObEUv1qKfzfKViNhbTJIXX21fyFf+6jfs+5vcHgAAAAAAAAAAAAAAAAAAAAAAbqlmcq5RPP8mO7+n2RzXnuXz5wPVTkefz7Mw8nyecjxRnu3aAQAAAAAAAAAAAAAAAAAA4P9i54MPN1Z7ve72pML733729VElC/xj58mF0mDcq6UOCzUvPFOcRu1yq7hQeOypnz4e1VSJylWvz78r3I2IfE0yGPKr+SkOel2Fb47effjczoPnx/WJcr7mo/5SC32yHXw4qPn0rKl8uQt+b/T988fg6IkRTb/WI8Z+YHXUDVkb7pzWsx0qxj8/K7R+H/rks1upu10bGr06/W2az9U8+KS1+sXej79cNj7hoZHOXftzCAAAAAAAAAAAAAAAAAAAyP9/+6xnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACz8/f3/1+1UIlCTXVs54NZrxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP4MAAD//wuTkgI=")
open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
keyctl$KEYCTL_PKEY_SIGN(0x1b, 0x0, 0x0, 0x0, 0x0)
mount(&(0x7f0000000000), &(0x7f0000000280)='./cgroup\x00', 0x0, 0x75809, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, 0x0}], 0x1, 0x24, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x2008804, &(0x7f0000000840)=ANY=[@ANYBLOB='flush,uni_xlate=1,nonumtail=0,rodir,iocharset=iso8859-14,nonumtail=0,utf8=1,umask=00000000000000000000013,uni_xlate=0,shortname=mixed,uni_xlate=0,shortname=win_xlate=1,nonumtail=0,dos1xfloppy,nonumtail=0,utf8=1,\x00\x00\x00\x00\x00\x00\x00', @ANYRES16, @ANYRESHEX, @ANYRES8], 0xdd, 0x2e5, &(0x7f0000000540)="$eJzs3U1rE0Ecx/F/kqZJWmt6EBFRGCqIIl2agDcPFmlBDChtI1hB2NqthmyTkg2FiNgeBK+ePfTgUQQRvHkR8dqLr8CnWy+9WbC4stndNE3WNa32yX4/h3a6M7+dyc6kD9N2s3Lp6WxxxtJ+2HVx8fRLVGJeeVHOf1j6fHr8/RH3Y6VGhycyWaWiInL74cuBd9Xem2+Ovk3Icv+dldXst+VTEyI/J+5LVBUsVbJtpaupcrkaccLTBauoKXXDNHTLUIWSZVSqXr0+ZRpqxizPzdWUXpru65mrGJal9FJNFY2aqpZVtVJT+j29UFKapqm+HkF9snzRtrpIWDD/Ys22ZdWZ+cSi2LYd0HrRL/hrI/F3g8V+0jL/oW3bFkdsJ0eG3bBmd3U8//j/uM//L8+Y/8Np/NbkteFcbmRMqaTI7JP5/Hzefe/Wf+qVgphiyNLYhcl1EbtBIs7b0au5kSFV1y9nZxe8/MJ83v3iMDzj5TOSdr5PacqLn8+4ebU5H5ee5nxW0nIsOJ/18xJtynfLuTNNeU3S8vGulMWUaXGyG/lHGaWuXM+19J+qtwMAAAAAAAAA4CDSVMPG/n2k8avelKYl6n/x0ahPOYeddm6Dxv76kKRlPXh/fihwf79LTnbt4QMHAAAAAOAQsWoPirppGpWdKcSep0K6iIuIUxB5POAMJvSEx70Rd9Z7t4i0V8XCu9hUSF10+3s15g1MdvJC/aOC/88aRd187VelJKhxdEsLYLA78Mond/UBSieNJbm9hZ3oeGm1FiLr/pETgW3syJ/PY+tm3D0iGzMYmrq8pafDbwvJ1gs1+NU9rxnySeN7Y4sPAAAAwAHS9IMTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYI9u6eZh/3/7NVeK9RHz7LdlaXyee+/4DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2Id+BQAA//+FlLca")
ioctl$KVM_NMI(r2, 0xae9a)

program did not crash
testing program (duration=32.57592754s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): mkdirat-syz_mount_image$fuse-umount2-syz_mount_image$ext4-bpf$PROG_LOAD-utimes-lsetxattr$system_posix_acl-ioctl$KVM_SET_VCPU_EVENTS-openat$kvm-ioctl$KVM_CREATE_VM-socket$nl_netfilter-sendmsg$IPCTNL_MSG_EXP_GET-ioctl$KVM_CREATE_VCPU-ioctl$KVM_SET_USER_MEMORY_REGION-syz_kvm_setup_cpu$x86-bpf$PROG_LOAD-bpf$BPF_RAW_TRACEPOINT_OPEN-syz_mount_image$vfat-open$dir-mknodat$null-keyctl$KEYCTL_PKEY_SIGN-mount-syz_kvm_setup_cpu$x86-ioctl$KVM_REGISTER_COALESCED_MMIO-syz_mount_image$vfat-ioctl$KVM_RUN
detailed listing:
executing program 0:
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000004c0)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
umount2(0x0, 0xa)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x0, &(0x7f00000004c0)={[{@jqfmt_vfsv1}, {@auto_da_alloc}, {@barrier_val}, {@journal_ioprio}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@resuid}, {@nodelalloc}, {@acl}, {@noinit_itable}]}, 0xfc, 0x572, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hvSuj6TKadKx14PbgXnyRIYg4EP8A330c/gP+FQMdDBlFH0So3PSmy9qkv5aZbPl84Lbn5N7bc78593t7Tm5CAhhYx7IfhYiXI+KbJOJQy7pi5CuPrW63/PD6VLYksbLy6Z9JJPljze2T/PeBvPJSRPz6VcTJwsZ2a4tLs+VKJZ3P62P1uStjtcWlU5fmyjPpTHp5YnLyzFuTE+++83bXYn39/N/ff3L3wzNfH1/+7uf7h28ncTYO5uta43gCN1orx8r/5qXhOLtuw/EuNNZPkl4fALsylOf5cGTXgEMxlGc98Pz7MiJWgAGVyH8YUM1xQHNu36V58DPjwQerE6BG7COt8RdXXxuJvY250f7l5LGZUTbfHe1C+1kbv/xx53a2xOavQ+zbog6wIzduRsTpYnHj9T/Jr3+7d7rx4vHm1rcxaP9/oJfuZuOfN9qN/wpr459oM/450CZ3d2Pr/C/c70IzHWXjv/fajn/XLl2jQ3nthcaYbzi5eKmSno6IFyPiRAzvyeqb3c85s3xvpdO61vFftmTtN8eC+XHcL+55fJ/pcr0cESNPEnfTg5sRrxTbxZ+s9X/Spv+z5+P8Nts4mt55tdO6reN/ulZ+initbf8/uqOVbH5/cqxxPow1z4qN/rp19LdO7fc6/qz/928e/2jSer+2tvM2ftz7T9pp3W7P/5Hks0a5mQTXyvX6/HjESPLxxscnHu3brDe3z+I/cXzz61+78z+bfH2+zfhvHbnVcdN+6P/pHfX/zgv3Pvrih07tb6//32yUTuSP5Ne/9vJzZbsH+KTPHwAAAAAAAPSTQkQcjKRQWisXCqXS6vs7jsT+QqVaq5+8WF24PB2Nz8qOxnCheaf7UMv7Icbz98M26xPr6pMRcTgivh3a16iXpqqV6V4HDwAAAAAAAAAAAAAAAAAAAH3iQIfP/2d+H+r10QFPXeOLDfb0+iiAXtjyK/+78U1PQF/aMv+B55b8h8El/2FwyX8YXPIfBpf8h8El/2FwyX8AAAAAAAAAAAAAAAAAAAAAAAAAAADoqvPnzmXLyvLD61NZffrq4sJs9eqp6bQ2W5pbmCpNVeevlGaq1ZlKWpqqzm319yrV6pXxiVi4NlZPa/Wx2uLShbnqwuX6hUtz5Zn0Qjr8v0QFAAAAAAAAAAAAAAAAAAAAz5ba4tJsuVJJ5xU6Ft6PvjiMpxngql3tXuyXKBQ6FG7m3buzvXp4UQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdf4LAAD//++4Mnc=")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
utimes(&(0x7f0000000100)='./file0\x00', 0x0)
lsetxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f00000001c0)='system.posix_acl_default\x00', &(0x7f00000002c0)=ANY=[@ANYBLOB="02"], 0x4, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000000c0)=@x86={0x2, 0x80, 0xd5, 0x0, 0x1, 0x5, 0x7, 0x40, 0xd3, 0x1, 0x8, 0x3, 0x0, 0x40, 0x2, 0x4, 0x4, 0xc8, 0x5, '\x00', 0x7, 0x6})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_GET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x44, 0x1, 0x2, 0x5, 0x0, 0x0, {0xa, 0x0, 0x3}, [@CTA_EXPECT_MASTER={0x30, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private0={0xfc, 0x0, '\x00', 0x1}}, {0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x4}, 0x40040)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x8000000001)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3, 0x0, 0x4}, 0x18)
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000140)='./file0\x00', 0x800000, &(0x7f0000000440)={[{@shortname_lower}, {@shortname_winnt}, {@shortname_win95}, {@iocharset={'iocharset', 0x3d, 'macinuit'}}, {@shortname_mixed}, {@fat=@codepage={'codepage', 0x3d, '1255'}}, {@fat=@nocase}, {@fat=@check_strict}, {@rodir}, {@shortname_winnt}, {@iocharset={'iocharset', 0x3d, 'cp850'}}], [{@uid_eq}, {@uid_eq}]}, 0x1, 0x29f, &(0x7f0000000180)="$eJzs3U1rK1UcB+B/bnNvkguSLITLFaEjLnQV2oq4TZEKYkBRstCVxaYoTS20UNBF213xO+g3EF0KrgQX4lZwLYJUwY111UVlJE5aZ5oXW20a6X2eTU/POb+cc+YMM3TRk7ef3NxY29pZPz4+imq1FOVWtEonpWjEnZiLzEEAALfJSZrGb2lm1nMBAG6G9z8APHomvf9LB+d1r938zACAaflPf//fmcqUAIApe+PNt15ZbrdXXk+SasTm4W5nt5P9zNqX1+O96EU3FqIepxHpuYj9NE1ferm9spD0/dyI6ub+IL+/25kr5hejHo18/st6/7d+fjHJRCefvxv3B/kf7kc3lqIejxfHTwfjL43M34tnn86N34x6fPdObEUv1qKfzfKViNhbTJIXX21fyFf+6jfs+5vcHgAAAAAAAAAAAAAAAAAAAAAAbqlmcq5RPP8mO7+n2RzXnuXz5wPVTkefz7Mw8nyecjxRnu3aAQAAAAAAAAAAAAAAAAAA4P9i54MPN1Z7ve72pML733729VElC/xj58mF0mDcq6UOCzUvPFOcRu1yq7hQeOypnz4e1VSJylWvz78r3I2IfE0yGPKr+SkOel2Fb47effjczoPnx/WJcr7mo/5SC32yHXw4qPn0rKl8uQt+b/T988fg6IkRTb/WI8Z+YHXUDVkb7pzWsx0qxj8/K7R+H/rks1upu10bGr06/W2az9U8+KS1+sXej79cNj7hoZHOXftzCAAAAAAAAAAAAAAAAAAAyP9/+6xnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACz8/f3/1+1UIlCTXVs54NZrxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP4MAAD//wuTkgI=")
open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
keyctl$KEYCTL_PKEY_SIGN(0x1b, 0x0, 0x0, 0x0, 0x0)
mount(&(0x7f0000000000), &(0x7f0000000280)='./cgroup\x00', 0x0, 0x75809, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, 0x0}], 0x1, 0x24, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x2008804, &(0x7f0000000840)=ANY=[@ANYBLOB='flush,uni_xlate=1,nonumtail=0,rodir,iocharset=iso8859-14,nonumtail=0,utf8=1,umask=00000000000000000000013,uni_xlate=0,shortname=mixed,uni_xlate=0,shortname=win_xlate=1,nonumtail=0,dos1xfloppy,nonumtail=0,utf8=1,\x00\x00\x00\x00\x00\x00\x00', @ANYRES16, @ANYRESHEX, @ANYRES8], 0xdd, 0x2e5, &(0x7f0000000540)="$eJzs3U1rE0Ecx/F/kqZJWmt6EBFRGCqIIl2agDcPFmlBDChtI1hB2NqthmyTkg2FiNgeBK+ePfTgUQQRvHkR8dqLr8CnWy+9WbC4stndNE3WNa32yX4/h3a6M7+dyc6kD9N2s3Lp6WxxxtJ+2HVx8fRLVGJeeVHOf1j6fHr8/RH3Y6VGhycyWaWiInL74cuBd9Xem2+Ovk3Icv+dldXst+VTEyI/J+5LVBUsVbJtpaupcrkaccLTBauoKXXDNHTLUIWSZVSqXr0+ZRpqxizPzdWUXpru65mrGJal9FJNFY2aqpZVtVJT+j29UFKapqm+HkF9snzRtrpIWDD/Ys22ZdWZ+cSi2LYd0HrRL/hrI/F3g8V+0jL/oW3bFkdsJ0eG3bBmd3U8//j/uM//L8+Y/8Np/NbkteFcbmRMqaTI7JP5/Hzefe/Wf+qVgphiyNLYhcl1EbtBIs7b0au5kSFV1y9nZxe8/MJ83v3iMDzj5TOSdr5PacqLn8+4ebU5H5ee5nxW0nIsOJ/18xJtynfLuTNNeU3S8vGulMWUaXGyG/lHGaWuXM+19J+qtwMAAAAAAAAA4CDSVMPG/n2k8avelKYl6n/x0ahPOYeddm6Dxv76kKRlPXh/fihwf79LTnbt4QMHAAAAAOAQsWoPirppGpWdKcSep0K6iIuIUxB5POAMJvSEx70Rd9Z7t4i0V8XCu9hUSF10+3s15g1MdvJC/aOC/88aRd187VelJKhxdEsLYLA78Mond/UBSieNJbm9hZ3oeGm1FiLr/pETgW3syJ/PY+tm3D0iGzMYmrq8pafDbwvJ1gs1+NU9rxnySeN7Y4sPAAAAwAHS9IMTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYI9u6eZh/3/7NVeK9RHz7LdlaXyee+/4DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2Id+BQAA//+FlLca")
ioctl$KVM_RUN(r2, 0xae80, 0x0)

program crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted
testing program (duration=32.57592754s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): mkdirat-syz_mount_image$fuse-umount2-syz_mount_image$ext4-bpf$PROG_LOAD-utimes-lsetxattr$system_posix_acl-ioctl$KVM_SET_VCPU_EVENTS-openat$kvm-ioctl$KVM_CREATE_VM-socket$nl_netfilter-sendmsg$IPCTNL_MSG_EXP_GET-ioctl$KVM_CREATE_VCPU-ioctl$KVM_SET_USER_MEMORY_REGION-syz_kvm_setup_cpu$x86-bpf$PROG_LOAD-bpf$BPF_RAW_TRACEPOINT_OPEN-syz_mount_image$vfat-open$dir-mknodat$null-keyctl$KEYCTL_PKEY_SIGN-mount-syz_kvm_setup_cpu$x86-ioctl$KVM_REGISTER_COALESCED_MMIO-ioctl$KVM_RUN
detailed listing:
executing program 0:
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000004c0)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
umount2(0x0, 0xa)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x0, &(0x7f00000004c0)={[{@jqfmt_vfsv1}, {@auto_da_alloc}, {@barrier_val}, {@journal_ioprio}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@resuid}, {@nodelalloc}, {@acl}, {@noinit_itable}]}, 0xfc, 0x572, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hvSuj6TKadKx14PbgXnyRIYg4EP8A330c/gP+FQMdDBlFH0So3PSmy9qkv5aZbPl84Lbn5N7bc78593t7Tm5CAhhYx7IfhYiXI+KbJOJQy7pi5CuPrW63/PD6VLYksbLy6Z9JJPljze2T/PeBvPJSRPz6VcTJwsZ2a4tLs+VKJZ3P62P1uStjtcWlU5fmyjPpTHp5YnLyzFuTE+++83bXYn39/N/ff3L3wzNfH1/+7uf7h28ncTYO5uta43gCN1orx8r/5qXhOLtuw/EuNNZPkl4fALsylOf5cGTXgEMxlGc98Pz7MiJWgAGVyH8YUM1xQHNu36V58DPjwQerE6BG7COt8RdXXxuJvY250f7l5LGZUTbfHe1C+1kbv/xx53a2xOavQ+zbog6wIzduRsTpYnHj9T/Jr3+7d7rx4vHm1rcxaP9/oJfuZuOfN9qN/wpr459oM/450CZ3d2Pr/C/c70IzHWXjv/fajn/XLl2jQ3nthcaYbzi5eKmSno6IFyPiRAzvyeqb3c85s3xvpdO61vFftmTtN8eC+XHcL+55fJ/pcr0cESNPEnfTg5sRrxTbxZ+s9X/Spv+z5+P8Nts4mt55tdO6reN/ulZ+initbf8/uqOVbH5/cqxxPow1z4qN/rp19LdO7fc6/qz/928e/2jSer+2tvM2ftz7T9pp3W7P/5Hks0a5mQTXyvX6/HjESPLxxscnHu3brDe3z+I/cXzz61+78z+bfH2+zfhvHbnVcdN+6P/pHfX/zgv3Pvrih07tb6//32yUTuSP5Ne/9vJzZbsH+KTPHwAAAAAAAPSTQkQcjKRQWisXCqXS6vs7jsT+QqVaq5+8WF24PB2Nz8qOxnCheaf7UMv7Icbz98M26xPr6pMRcTgivh3a16iXpqqV6V4HDwAAAAAAAAAAAAAAAAAAAH3iQIfP/2d+H+r10QFPXeOLDfb0+iiAXtjyK/+78U1PQF/aMv+B55b8h8El/2FwyX8YXPIfBpf8h8El/2FwyX8AAAAAAAAAAAAAAAAAAAAAAAAAAADoqvPnzmXLyvLD61NZffrq4sJs9eqp6bQ2W5pbmCpNVeevlGaq1ZlKWpqqzm319yrV6pXxiVi4NlZPa/Wx2uLShbnqwuX6hUtz5Zn0Qjr8v0QFAAAAAAAAAAAAAAAAAAAAz5ba4tJsuVJJ5xU6Ft6PvjiMpxngql3tXuyXKBQ6FG7m3buzvXp4UQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdf4LAAD//++4Mnc=")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
utimes(&(0x7f0000000100)='./file0\x00', 0x0)
lsetxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f00000001c0)='system.posix_acl_default\x00', &(0x7f00000002c0)=ANY=[@ANYBLOB="02"], 0x4, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000000c0)=@x86={0x2, 0x80, 0xd5, 0x0, 0x1, 0x5, 0x7, 0x40, 0xd3, 0x1, 0x8, 0x3, 0x0, 0x40, 0x2, 0x4, 0x4, 0xc8, 0x5, '\x00', 0x7, 0x6})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_GET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x44, 0x1, 0x2, 0x5, 0x0, 0x0, {0xa, 0x0, 0x3}, [@CTA_EXPECT_MASTER={0x30, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private0={0xfc, 0x0, '\x00', 0x1}}, {0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x4}, 0x40040)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x8000000001)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3, 0x0, 0x4}, 0x18)
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000140)='./file0\x00', 0x800000, &(0x7f0000000440)={[{@shortname_lower}, {@shortname_winnt}, {@shortname_win95}, {@iocharset={'iocharset', 0x3d, 'macinuit'}}, {@shortname_mixed}, {@fat=@codepage={'codepage', 0x3d, '1255'}}, {@fat=@nocase}, {@fat=@check_strict}, {@rodir}, {@shortname_winnt}, {@iocharset={'iocharset', 0x3d, 'cp850'}}], [{@uid_eq}, {@uid_eq}]}, 0x1, 0x29f, &(0x7f0000000180)="$eJzs3U1rK1UcB+B/bnNvkguSLITLFaEjLnQV2oq4TZEKYkBRstCVxaYoTS20UNBF213xO+g3EF0KrgQX4lZwLYJUwY111UVlJE5aZ5oXW20a6X2eTU/POb+cc+YMM3TRk7ef3NxY29pZPz4+imq1FOVWtEonpWjEnZiLzEEAALfJSZrGb2lm1nMBAG6G9z8APHomvf9LB+d1r938zACAaflPf//fmcqUAIApe+PNt15ZbrdXXk+SasTm4W5nt5P9zNqX1+O96EU3FqIepxHpuYj9NE1ferm9spD0/dyI6ub+IL+/25kr5hejHo18/st6/7d+fjHJRCefvxv3B/kf7kc3lqIejxfHTwfjL43M34tnn86N34x6fPdObEUv1qKfzfKViNhbTJIXX21fyFf+6jfs+5vcHgAAAAAAAAAAAAAAAAAAAAAAbqlmcq5RPP8mO7+n2RzXnuXz5wPVTkefz7Mw8nyecjxRnu3aAQAAAAAAAAAAAAAAAAAA4P9i54MPN1Z7ve72pML733729VElC/xj58mF0mDcq6UOCzUvPFOcRu1yq7hQeOypnz4e1VSJylWvz78r3I2IfE0yGPKr+SkOel2Fb47effjczoPnx/WJcr7mo/5SC32yHXw4qPn0rKl8uQt+b/T988fg6IkRTb/WI8Z+YHXUDVkb7pzWsx0qxj8/K7R+H/rks1upu10bGr06/W2az9U8+KS1+sXej79cNj7hoZHOXftzCAAAAAAAAAAAAAAAAAAAyP9/+6xnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACz8/f3/1+1UIlCTXVs54NZrxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP4MAAD//wuTkgI=")
open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
keyctl$KEYCTL_PKEY_SIGN(0x1b, 0x0, 0x0, 0x0, 0x0)
mount(&(0x7f0000000000), &(0x7f0000000280)='./cgroup\x00', 0x0, 0x75809, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, 0x0}], 0x1, 0x24, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

program crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted
testing program (duration=32.57592754s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): mkdirat-syz_mount_image$fuse-umount2-syz_mount_image$ext4-bpf$PROG_LOAD-utimes-lsetxattr$system_posix_acl-ioctl$KVM_SET_VCPU_EVENTS-openat$kvm-ioctl$KVM_CREATE_VM-socket$nl_netfilter-sendmsg$IPCTNL_MSG_EXP_GET-ioctl$KVM_CREATE_VCPU-ioctl$KVM_SET_USER_MEMORY_REGION-syz_kvm_setup_cpu$x86-bpf$PROG_LOAD-bpf$BPF_RAW_TRACEPOINT_OPEN-syz_mount_image$vfat-open$dir-mknodat$null-keyctl$KEYCTL_PKEY_SIGN-mount-syz_kvm_setup_cpu$x86-ioctl$KVM_RUN
detailed listing:
executing program 0:
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000004c0)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
umount2(0x0, 0xa)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x0, &(0x7f00000004c0)={[{@jqfmt_vfsv1}, {@auto_da_alloc}, {@barrier_val}, {@journal_ioprio}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@resuid}, {@nodelalloc}, {@acl}, {@noinit_itable}]}, 0xfc, 0x572, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hvSuj6TKadKx14PbgXnyRIYg4EP8A330c/gP+FQMdDBlFH0So3PSmy9qkv5aZbPl84Lbn5N7bc78593t7Tm5CAhhYx7IfhYiXI+KbJOJQy7pi5CuPrW63/PD6VLYksbLy6Z9JJPljze2T/PeBvPJSRPz6VcTJwsZ2a4tLs+VKJZ3P62P1uStjtcWlU5fmyjPpTHp5YnLyzFuTE+++83bXYn39/N/ff3L3wzNfH1/+7uf7h28ncTYO5uta43gCN1orx8r/5qXhOLtuw/EuNNZPkl4fALsylOf5cGTXgEMxlGc98Pz7MiJWgAGVyH8YUM1xQHNu36V58DPjwQerE6BG7COt8RdXXxuJvY250f7l5LGZUTbfHe1C+1kbv/xx53a2xOavQ+zbog6wIzduRsTpYnHj9T/Jr3+7d7rx4vHm1rcxaP9/oJfuZuOfN9qN/wpr459oM/450CZ3d2Pr/C/c70IzHWXjv/fajn/XLl2jQ3nthcaYbzi5eKmSno6IFyPiRAzvyeqb3c85s3xvpdO61vFftmTtN8eC+XHcL+55fJ/pcr0cESNPEnfTg5sRrxTbxZ+s9X/Spv+z5+P8Nts4mt55tdO6reN/ulZ+initbf8/uqOVbH5/cqxxPow1z4qN/rp19LdO7fc6/qz/928e/2jSer+2tvM2ftz7T9pp3W7P/5Hks0a5mQTXyvX6/HjESPLxxscnHu3brDe3z+I/cXzz61+78z+bfH2+zfhvHbnVcdN+6P/pHfX/zgv3Pvrih07tb6//32yUTuSP5Ne/9vJzZbsH+KTPHwAAAAAAAPSTQkQcjKRQWisXCqXS6vs7jsT+QqVaq5+8WF24PB2Nz8qOxnCheaf7UMv7Icbz98M26xPr6pMRcTgivh3a16iXpqqV6V4HDwAAAAAAAAAAAAAAAAAAAH3iQIfP/2d+H+r10QFPXeOLDfb0+iiAXtjyK/+78U1PQF/aMv+B55b8h8El/2FwyX8YXPIfBpf8h8El/2FwyX8AAAAAAAAAAAAAAAAAAAAAAAAAAADoqvPnzmXLyvLD61NZffrq4sJs9eqp6bQ2W5pbmCpNVeevlGaq1ZlKWpqqzm319yrV6pXxiVi4NlZPa/Wx2uLShbnqwuX6hUtz5Zn0Qjr8v0QFAAAAAAAAAAAAAAAAAAAAz5ba4tJsuVJJ5xU6Ft6PvjiMpxngql3tXuyXKBQ6FG7m3buzvXp4UQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdf4LAAD//++4Mnc=")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
utimes(&(0x7f0000000100)='./file0\x00', 0x0)
lsetxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f00000001c0)='system.posix_acl_default\x00', &(0x7f00000002c0)=ANY=[@ANYBLOB="02"], 0x4, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000000c0)=@x86={0x2, 0x80, 0xd5, 0x0, 0x1, 0x5, 0x7, 0x40, 0xd3, 0x1, 0x8, 0x3, 0x0, 0x40, 0x2, 0x4, 0x4, 0xc8, 0x5, '\x00', 0x7, 0x6})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_GET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x44, 0x1, 0x2, 0x5, 0x0, 0x0, {0xa, 0x0, 0x3}, [@CTA_EXPECT_MASTER={0x30, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private0={0xfc, 0x0, '\x00', 0x1}}, {0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x4}, 0x40040)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x8000000001)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3, 0x0, 0x4}, 0x18)
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000140)='./file0\x00', 0x800000, &(0x7f0000000440)={[{@shortname_lower}, {@shortname_winnt}, {@shortname_win95}, {@iocharset={'iocharset', 0x3d, 'macinuit'}}, {@shortname_mixed}, {@fat=@codepage={'codepage', 0x3d, '1255'}}, {@fat=@nocase}, {@fat=@check_strict}, {@rodir}, {@shortname_winnt}, {@iocharset={'iocharset', 0x3d, 'cp850'}}], [{@uid_eq}, {@uid_eq}]}, 0x1, 0x29f, &(0x7f0000000180)="$eJzs3U1rK1UcB+B/bnNvkguSLITLFaEjLnQV2oq4TZEKYkBRstCVxaYoTS20UNBF213xO+g3EF0KrgQX4lZwLYJUwY111UVlJE5aZ5oXW20a6X2eTU/POb+cc+YMM3TRk7ef3NxY29pZPz4+imq1FOVWtEonpWjEnZiLzEEAALfJSZrGb2lm1nMBAG6G9z8APHomvf9LB+d1r938zACAaflPf//fmcqUAIApe+PNt15ZbrdXXk+SasTm4W5nt5P9zNqX1+O96EU3FqIepxHpuYj9NE1ferm9spD0/dyI6ub+IL+/25kr5hejHo18/st6/7d+fjHJRCefvxv3B/kf7kc3lqIejxfHTwfjL43M34tnn86N34x6fPdObEUv1qKfzfKViNhbTJIXX21fyFf+6jfs+5vcHgAAAAAAAAAAAAAAAAAAAAAAbqlmcq5RPP8mO7+n2RzXnuXz5wPVTkefz7Mw8nyecjxRnu3aAQAAAAAAAAAAAAAAAAAA4P9i54MPN1Z7ve72pML733729VElC/xj58mF0mDcq6UOCzUvPFOcRu1yq7hQeOypnz4e1VSJylWvz78r3I2IfE0yGPKr+SkOel2Fb47effjczoPnx/WJcr7mo/5SC32yHXw4qPn0rKl8uQt+b/T988fg6IkRTb/WI8Z+YHXUDVkb7pzWsx0qxj8/K7R+H/rks1upu10bGr06/W2az9U8+KS1+sXej79cNj7hoZHOXftzCAAAAAAAAAAAAAAAAAAAyP9/+6xnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACz8/f3/1+1UIlCTXVs54NZrxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP4MAAD//wuTkgI=")
open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
keyctl$KEYCTL_PKEY_SIGN(0x1b, 0x0, 0x0, 0x0, 0x0)
mount(&(0x7f0000000000), &(0x7f0000000280)='./cgroup\x00', 0x0, 0x75809, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, 0x0}], 0x1, 0x24, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

program crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted
testing program (duration=32.57592754s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): mkdirat-syz_mount_image$fuse-umount2-syz_mount_image$ext4-bpf$PROG_LOAD-utimes-lsetxattr$system_posix_acl-ioctl$KVM_SET_VCPU_EVENTS-openat$kvm-ioctl$KVM_CREATE_VM-socket$nl_netfilter-sendmsg$IPCTNL_MSG_EXP_GET-ioctl$KVM_CREATE_VCPU-ioctl$KVM_SET_USER_MEMORY_REGION-syz_kvm_setup_cpu$x86-bpf$PROG_LOAD-bpf$BPF_RAW_TRACEPOINT_OPEN-syz_mount_image$vfat-open$dir-mknodat$null-keyctl$KEYCTL_PKEY_SIGN-mount-ioctl$KVM_RUN
detailed listing:
executing program 0:
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000004c0)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
umount2(0x0, 0xa)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x0, &(0x7f00000004c0)={[{@jqfmt_vfsv1}, {@auto_da_alloc}, {@barrier_val}, {@journal_ioprio}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@resuid}, {@nodelalloc}, {@acl}, {@noinit_itable}]}, 0xfc, 0x572, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hvSuj6TKadKx14PbgXnyRIYg4EP8A330c/gP+FQMdDBlFH0So3PSmy9qkv5aZbPl84Lbn5N7bc78593t7Tm5CAhhYx7IfhYiXI+KbJOJQy7pi5CuPrW63/PD6VLYksbLy6Z9JJPljze2T/PeBvPJSRPz6VcTJwsZ2a4tLs+VKJZ3P62P1uStjtcWlU5fmyjPpTHp5YnLyzFuTE+++83bXYn39/N/ff3L3wzNfH1/+7uf7h28ncTYO5uta43gCN1orx8r/5qXhOLtuw/EuNNZPkl4fALsylOf5cGTXgEMxlGc98Pz7MiJWgAGVyH8YUM1xQHNu36V58DPjwQerE6BG7COt8RdXXxuJvY250f7l5LGZUTbfHe1C+1kbv/xx53a2xOavQ+zbog6wIzduRsTpYnHj9T/Jr3+7d7rx4vHm1rcxaP9/oJfuZuOfN9qN/wpr459oM/450CZ3d2Pr/C/c70IzHWXjv/fajn/XLl2jQ3nthcaYbzi5eKmSno6IFyPiRAzvyeqb3c85s3xvpdO61vFftmTtN8eC+XHcL+55fJ/pcr0cESNPEnfTg5sRrxTbxZ+s9X/Spv+z5+P8Nts4mt55tdO6reN/ulZ+initbf8/uqOVbH5/cqxxPow1z4qN/rp19LdO7fc6/qz/928e/2jSer+2tvM2ftz7T9pp3W7P/5Hks0a5mQTXyvX6/HjESPLxxscnHu3brDe3z+I/cXzz61+78z+bfH2+zfhvHbnVcdN+6P/pHfX/zgv3Pvrih07tb6//32yUTuSP5Ne/9vJzZbsH+KTPHwAAAAAAAPSTQkQcjKRQWisXCqXS6vs7jsT+QqVaq5+8WF24PB2Nz8qOxnCheaf7UMv7Icbz98M26xPr6pMRcTgivh3a16iXpqqV6V4HDwAAAAAAAAAAAAAAAAAAAH3iQIfP/2d+H+r10QFPXeOLDfb0+iiAXtjyK/+78U1PQF/aMv+B55b8h8El/2FwyX8YXPIfBpf8h8El/2FwyX8AAAAAAAAAAAAAAAAAAAAAAAAAAADoqvPnzmXLyvLD61NZffrq4sJs9eqp6bQ2W5pbmCpNVeevlGaq1ZlKWpqqzm319yrV6pXxiVi4NlZPa/Wx2uLShbnqwuX6hUtz5Zn0Qjr8v0QFAAAAAAAAAAAAAAAAAAAAz5ba4tJsuVJJ5xU6Ft6PvjiMpxngql3tXuyXKBQ6FG7m3buzvXp4UQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdf4LAAD//++4Mnc=")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
utimes(&(0x7f0000000100)='./file0\x00', 0x0)
lsetxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f00000001c0)='system.posix_acl_default\x00', &(0x7f00000002c0)=ANY=[@ANYBLOB="02"], 0x4, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000000c0)=@x86={0x2, 0x80, 0xd5, 0x0, 0x1, 0x5, 0x7, 0x40, 0xd3, 0x1, 0x8, 0x3, 0x0, 0x40, 0x2, 0x4, 0x4, 0xc8, 0x5, '\x00', 0x7, 0x6})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_GET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x44, 0x1, 0x2, 0x5, 0x0, 0x0, {0xa, 0x0, 0x3}, [@CTA_EXPECT_MASTER={0x30, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private0={0xfc, 0x0, '\x00', 0x1}}, {0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x4}, 0x40040)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x8000000001)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3, 0x0, 0x4}, 0x18)
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000140)='./file0\x00', 0x800000, &(0x7f0000000440)={[{@shortname_lower}, {@shortname_winnt}, {@shortname_win95}, {@iocharset={'iocharset', 0x3d, 'macinuit'}}, {@shortname_mixed}, {@fat=@codepage={'codepage', 0x3d, '1255'}}, {@fat=@nocase}, {@fat=@check_strict}, {@rodir}, {@shortname_winnt}, {@iocharset={'iocharset', 0x3d, 'cp850'}}], [{@uid_eq}, {@uid_eq}]}, 0x1, 0x29f, &(0x7f0000000180)="$eJzs3U1rK1UcB+B/bnNvkguSLITLFaEjLnQV2oq4TZEKYkBRstCVxaYoTS20UNBF213xO+g3EF0KrgQX4lZwLYJUwY111UVlJE5aZ5oXW20a6X2eTU/POb+cc+YMM3TRk7ef3NxY29pZPz4+imq1FOVWtEonpWjEnZiLzEEAALfJSZrGb2lm1nMBAG6G9z8APHomvf9LB+d1r938zACAaflPf//fmcqUAIApe+PNt15ZbrdXXk+SasTm4W5nt5P9zNqX1+O96EU3FqIepxHpuYj9NE1ferm9spD0/dyI6ub+IL+/25kr5hejHo18/st6/7d+fjHJRCefvxv3B/kf7kc3lqIejxfHTwfjL43M34tnn86N34x6fPdObEUv1qKfzfKViNhbTJIXX21fyFf+6jfs+5vcHgAAAAAAAAAAAAAAAAAAAAAAbqlmcq5RPP8mO7+n2RzXnuXz5wPVTkefz7Mw8nyecjxRnu3aAQAAAAAAAAAAAAAAAAAA4P9i54MPN1Z7ve72pML733729VElC/xj58mF0mDcq6UOCzUvPFOcRu1yq7hQeOypnz4e1VSJylWvz78r3I2IfE0yGPKr+SkOel2Fb47effjczoPnx/WJcr7mo/5SC32yHXw4qPn0rKl8uQt+b/T988fg6IkRTb/WI8Z+YHXUDVkb7pzWsx0qxj8/K7R+H/rks1upu10bGr06/W2az9U8+KS1+sXej79cNj7hoZHOXftzCAAAAAAAAAAAAAAAAAAAyP9/+6xnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACz8/f3/1+1UIlCTXVs54NZrxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP4MAAD//wuTkgI=")
open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
keyctl$KEYCTL_PKEY_SIGN(0x1b, 0x0, 0x0, 0x0, 0x0)
mount(&(0x7f0000000000), &(0x7f0000000280)='./cgroup\x00', 0x0, 0x75809, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

program crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted
testing program (duration=32.57592754s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): mkdirat-syz_mount_image$fuse-umount2-syz_mount_image$ext4-bpf$PROG_LOAD-utimes-lsetxattr$system_posix_acl-ioctl$KVM_SET_VCPU_EVENTS-openat$kvm-ioctl$KVM_CREATE_VM-socket$nl_netfilter-sendmsg$IPCTNL_MSG_EXP_GET-ioctl$KVM_CREATE_VCPU-ioctl$KVM_SET_USER_MEMORY_REGION-syz_kvm_setup_cpu$x86-bpf$PROG_LOAD-bpf$BPF_RAW_TRACEPOINT_OPEN-syz_mount_image$vfat-open$dir-mknodat$null-keyctl$KEYCTL_PKEY_SIGN-ioctl$KVM_RUN
detailed listing:
executing program 0:
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000004c0)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
umount2(0x0, 0xa)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x0, &(0x7f00000004c0)={[{@jqfmt_vfsv1}, {@auto_da_alloc}, {@barrier_val}, {@journal_ioprio}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@resuid}, {@nodelalloc}, {@acl}, {@noinit_itable}]}, 0xfc, 0x572, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hvSuj6TKadKx14PbgXnyRIYg4EP8A330c/gP+FQMdDBlFH0So3PSmy9qkv5aZbPl84Lbn5N7bc78593t7Tm5CAhhYx7IfhYiXI+KbJOJQy7pi5CuPrW63/PD6VLYksbLy6Z9JJPljze2T/PeBvPJSRPz6VcTJwsZ2a4tLs+VKJZ3P62P1uStjtcWlU5fmyjPpTHp5YnLyzFuTE+++83bXYn39/N/ff3L3wzNfH1/+7uf7h28ncTYO5uta43gCN1orx8r/5qXhOLtuw/EuNNZPkl4fALsylOf5cGTXgEMxlGc98Pz7MiJWgAGVyH8YUM1xQHNu36V58DPjwQerE6BG7COt8RdXXxuJvY250f7l5LGZUTbfHe1C+1kbv/xx53a2xOavQ+zbog6wIzduRsTpYnHj9T/Jr3+7d7rx4vHm1rcxaP9/oJfuZuOfN9qN/wpr459oM/450CZ3d2Pr/C/c70IzHWXjv/fajn/XLl2jQ3nthcaYbzi5eKmSno6IFyPiRAzvyeqb3c85s3xvpdO61vFftmTtN8eC+XHcL+55fJ/pcr0cESNPEnfTg5sRrxTbxZ+s9X/Spv+z5+P8Nts4mt55tdO6reN/ulZ+initbf8/uqOVbH5/cqxxPow1z4qN/rp19LdO7fc6/qz/928e/2jSer+2tvM2ftz7T9pp3W7P/5Hks0a5mQTXyvX6/HjESPLxxscnHu3brDe3z+I/cXzz61+78z+bfH2+zfhvHbnVcdN+6P/pHfX/zgv3Pvrih07tb6//32yUTuSP5Ne/9vJzZbsH+KTPHwAAAAAAAPSTQkQcjKRQWisXCqXS6vs7jsT+QqVaq5+8WF24PB2Nz8qOxnCheaf7UMv7Icbz98M26xPr6pMRcTgivh3a16iXpqqV6V4HDwAAAAAAAAAAAAAAAAAAAH3iQIfP/2d+H+r10QFPXeOLDfb0+iiAXtjyK/+78U1PQF/aMv+B55b8h8El/2FwyX8YXPIfBpf8h8El/2FwyX8AAAAAAAAAAAAAAAAAAAAAAAAAAADoqvPnzmXLyvLD61NZffrq4sJs9eqp6bQ2W5pbmCpNVeevlGaq1ZlKWpqqzm319yrV6pXxiVi4NlZPa/Wx2uLShbnqwuX6hUtz5Zn0Qjr8v0QFAAAAAAAAAAAAAAAAAAAAz5ba4tJsuVJJ5xU6Ft6PvjiMpxngql3tXuyXKBQ6FG7m3buzvXp4UQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdf4LAAD//++4Mnc=")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
utimes(&(0x7f0000000100)='./file0\x00', 0x0)
lsetxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f00000001c0)='system.posix_acl_default\x00', &(0x7f00000002c0)=ANY=[@ANYBLOB="02"], 0x4, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000000c0)=@x86={0x2, 0x80, 0xd5, 0x0, 0x1, 0x5, 0x7, 0x40, 0xd3, 0x1, 0x8, 0x3, 0x0, 0x40, 0x2, 0x4, 0x4, 0xc8, 0x5, '\x00', 0x7, 0x6})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_GET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x44, 0x1, 0x2, 0x5, 0x0, 0x0, {0xa, 0x0, 0x3}, [@CTA_EXPECT_MASTER={0x30, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private0={0xfc, 0x0, '\x00', 0x1}}, {0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x4}, 0x40040)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x8000000001)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3, 0x0, 0x4}, 0x18)
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000140)='./file0\x00', 0x800000, &(0x7f0000000440)={[{@shortname_lower}, {@shortname_winnt}, {@shortname_win95}, {@iocharset={'iocharset', 0x3d, 'macinuit'}}, {@shortname_mixed}, {@fat=@codepage={'codepage', 0x3d, '1255'}}, {@fat=@nocase}, {@fat=@check_strict}, {@rodir}, {@shortname_winnt}, {@iocharset={'iocharset', 0x3d, 'cp850'}}], [{@uid_eq}, {@uid_eq}]}, 0x1, 0x29f, &(0x7f0000000180)="$eJzs3U1rK1UcB+B/bnNvkguSLITLFaEjLnQV2oq4TZEKYkBRstCVxaYoTS20UNBF213xO+g3EF0KrgQX4lZwLYJUwY111UVlJE5aZ5oXW20a6X2eTU/POb+cc+YMM3TRk7ef3NxY29pZPz4+imq1FOVWtEonpWjEnZiLzEEAALfJSZrGb2lm1nMBAG6G9z8APHomvf9LB+d1r938zACAaflPf//fmcqUAIApe+PNt15ZbrdXXk+SasTm4W5nt5P9zNqX1+O96EU3FqIepxHpuYj9NE1ferm9spD0/dyI6ub+IL+/25kr5hejHo18/st6/7d+fjHJRCefvxv3B/kf7kc3lqIejxfHTwfjL43M34tnn86N34x6fPdObEUv1qKfzfKViNhbTJIXX21fyFf+6jfs+5vcHgAAAAAAAAAAAAAAAAAAAAAAbqlmcq5RPP8mO7+n2RzXnuXz5wPVTkefz7Mw8nyecjxRnu3aAQAAAAAAAAAAAAAAAAAA4P9i54MPN1Z7ve72pML733729VElC/xj58mF0mDcq6UOCzUvPFOcRu1yq7hQeOypnz4e1VSJylWvz78r3I2IfE0yGPKr+SkOel2Fb47effjczoPnx/WJcr7mo/5SC32yHXw4qPn0rKl8uQt+b/T988fg6IkRTb/WI8Z+YHXUDVkb7pzWsx0qxj8/K7R+H/rks1upu10bGr06/W2az9U8+KS1+sXej79cNj7hoZHOXftzCAAAAAAAAAAAAAAAAAAAyP9/+6xnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACz8/f3/1+1UIlCTXVs54NZrxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP4MAAD//wuTkgI=")
open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
keyctl$KEYCTL_PKEY_SIGN(0x1b, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

program crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted
testing program (duration=32.57592754s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): mkdirat-syz_mount_image$fuse-umount2-syz_mount_image$ext4-bpf$PROG_LOAD-utimes-lsetxattr$system_posix_acl-ioctl$KVM_SET_VCPU_EVENTS-openat$kvm-ioctl$KVM_CREATE_VM-socket$nl_netfilter-sendmsg$IPCTNL_MSG_EXP_GET-ioctl$KVM_CREATE_VCPU-ioctl$KVM_SET_USER_MEMORY_REGION-syz_kvm_setup_cpu$x86-bpf$PROG_LOAD-bpf$BPF_RAW_TRACEPOINT_OPEN-syz_mount_image$vfat-open$dir-mknodat$null-ioctl$KVM_RUN
detailed listing:
executing program 0:
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000004c0)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
umount2(0x0, 0xa)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x0, &(0x7f00000004c0)={[{@jqfmt_vfsv1}, {@auto_da_alloc}, {@barrier_val}, {@journal_ioprio}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@resuid}, {@nodelalloc}, {@acl}, {@noinit_itable}]}, 0xfc, 0x572, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hvSuj6TKadKx14PbgXnyRIYg4EP8A330c/gP+FQMdDBlFH0So3PSmy9qkv5aZbPl84Lbn5N7bc78593t7Tm5CAhhYx7IfhYiXI+KbJOJQy7pi5CuPrW63/PD6VLYksbLy6Z9JJPljze2T/PeBvPJSRPz6VcTJwsZ2a4tLs+VKJZ3P62P1uStjtcWlU5fmyjPpTHp5YnLyzFuTE+++83bXYn39/N/ff3L3wzNfH1/+7uf7h28ncTYO5uta43gCN1orx8r/5qXhOLtuw/EuNNZPkl4fALsylOf5cGTXgEMxlGc98Pz7MiJWgAGVyH8YUM1xQHNu36V58DPjwQerE6BG7COt8RdXXxuJvY250f7l5LGZUTbfHe1C+1kbv/xx53a2xOavQ+zbog6wIzduRsTpYnHj9T/Jr3+7d7rx4vHm1rcxaP9/oJfuZuOfN9qN/wpr459oM/450CZ3d2Pr/C/c70IzHWXjv/fajn/XLl2jQ3nthcaYbzi5eKmSno6IFyPiRAzvyeqb3c85s3xvpdO61vFftmTtN8eC+XHcL+55fJ/pcr0cESNPEnfTg5sRrxTbxZ+s9X/Spv+z5+P8Nts4mt55tdO6reN/ulZ+initbf8/uqOVbH5/cqxxPow1z4qN/rp19LdO7fc6/qz/928e/2jSer+2tvM2ftz7T9pp3W7P/5Hks0a5mQTXyvX6/HjESPLxxscnHu3brDe3z+I/cXzz61+78z+bfH2+zfhvHbnVcdN+6P/pHfX/zgv3Pvrih07tb6//32yUTuSP5Ne/9vJzZbsH+KTPHwAAAAAAAPSTQkQcjKRQWisXCqXS6vs7jsT+QqVaq5+8WF24PB2Nz8qOxnCheaf7UMv7Icbz98M26xPr6pMRcTgivh3a16iXpqqV6V4HDwAAAAAAAAAAAAAAAAAAAH3iQIfP/2d+H+r10QFPXeOLDfb0+iiAXtjyK/+78U1PQF/aMv+B55b8h8El/2FwyX8YXPIfBpf8h8El/2FwyX8AAAAAAAAAAAAAAAAAAAAAAAAAAADoqvPnzmXLyvLD61NZffrq4sJs9eqp6bQ2W5pbmCpNVeevlGaq1ZlKWpqqzm319yrV6pXxiVi4NlZPa/Wx2uLShbnqwuX6hUtz5Zn0Qjr8v0QFAAAAAAAAAAAAAAAAAAAAz5ba4tJsuVJJ5xU6Ft6PvjiMpxngql3tXuyXKBQ6FG7m3buzvXp4UQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdf4LAAD//++4Mnc=")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
utimes(&(0x7f0000000100)='./file0\x00', 0x0)
lsetxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f00000001c0)='system.posix_acl_default\x00', &(0x7f00000002c0)=ANY=[@ANYBLOB="02"], 0x4, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000000c0)=@x86={0x2, 0x80, 0xd5, 0x0, 0x1, 0x5, 0x7, 0x40, 0xd3, 0x1, 0x8, 0x3, 0x0, 0x40, 0x2, 0x4, 0x4, 0xc8, 0x5, '\x00', 0x7, 0x6})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_GET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x44, 0x1, 0x2, 0x5, 0x0, 0x0, {0xa, 0x0, 0x3}, [@CTA_EXPECT_MASTER={0x30, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private0={0xfc, 0x0, '\x00', 0x1}}, {0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x4}, 0x40040)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x8000000001)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3, 0x0, 0x4}, 0x18)
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000140)='./file0\x00', 0x800000, &(0x7f0000000440)={[{@shortname_lower}, {@shortname_winnt}, {@shortname_win95}, {@iocharset={'iocharset', 0x3d, 'macinuit'}}, {@shortname_mixed}, {@fat=@codepage={'codepage', 0x3d, '1255'}}, {@fat=@nocase}, {@fat=@check_strict}, {@rodir}, {@shortname_winnt}, {@iocharset={'iocharset', 0x3d, 'cp850'}}], [{@uid_eq}, {@uid_eq}]}, 0x1, 0x29f, &(0x7f0000000180)="$eJzs3U1rK1UcB+B/bnNvkguSLITLFaEjLnQV2oq4TZEKYkBRstCVxaYoTS20UNBF213xO+g3EF0KrgQX4lZwLYJUwY111UVlJE5aZ5oXW20a6X2eTU/POb+cc+YMM3TRk7ef3NxY29pZPz4+imq1FOVWtEonpWjEnZiLzEEAALfJSZrGb2lm1nMBAG6G9z8APHomvf9LB+d1r938zACAaflPf//fmcqUAIApe+PNt15ZbrdXXk+SasTm4W5nt5P9zNqX1+O96EU3FqIepxHpuYj9NE1ferm9spD0/dyI6ub+IL+/25kr5hejHo18/st6/7d+fjHJRCefvxv3B/kf7kc3lqIejxfHTwfjL43M34tnn86N34x6fPdObEUv1qKfzfKViNhbTJIXX21fyFf+6jfs+5vcHgAAAAAAAAAAAAAAAAAAAAAAbqlmcq5RPP8mO7+n2RzXnuXz5wPVTkefz7Mw8nyecjxRnu3aAQAAAAAAAAAAAAAAAAAA4P9i54MPN1Z7ve72pML733729VElC/xj58mF0mDcq6UOCzUvPFOcRu1yq7hQeOypnz4e1VSJylWvz78r3I2IfE0yGPKr+SkOel2Fb47effjczoPnx/WJcr7mo/5SC32yHXw4qPn0rKl8uQt+b/T988fg6IkRTb/WI8Z+YHXUDVkb7pzWsx0qxj8/K7R+H/rks1upu10bGr06/W2az9U8+KS1+sXej79cNj7hoZHOXftzCAAAAAAAAAAAAAAAAAAAyP9/+6xnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACz8/f3/1+1UIlCTXVs54NZrxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP4MAAD//wuTkgI=")
open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

program crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted
testing program (duration=32.57592754s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): mkdirat-syz_mount_image$fuse-umount2-syz_mount_image$ext4-bpf$PROG_LOAD-utimes-lsetxattr$system_posix_acl-ioctl$KVM_SET_VCPU_EVENTS-openat$kvm-ioctl$KVM_CREATE_VM-socket$nl_netfilter-sendmsg$IPCTNL_MSG_EXP_GET-ioctl$KVM_CREATE_VCPU-ioctl$KVM_SET_USER_MEMORY_REGION-syz_kvm_setup_cpu$x86-bpf$PROG_LOAD-bpf$BPF_RAW_TRACEPOINT_OPEN-syz_mount_image$vfat-open$dir-ioctl$KVM_RUN
detailed listing:
executing program 0:
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000004c0)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
umount2(0x0, 0xa)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x0, &(0x7f00000004c0)={[{@jqfmt_vfsv1}, {@auto_da_alloc}, {@barrier_val}, {@journal_ioprio}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@resuid}, {@nodelalloc}, {@acl}, {@noinit_itable}]}, 0xfc, 0x572, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hvSuj6TKadKx14PbgXnyRIYg4EP8A330c/gP+FQMdDBlFH0So3PSmy9qkv5aZbPl84Lbn5N7bc78593t7Tm5CAhhYx7IfhYiXI+KbJOJQy7pi5CuPrW63/PD6VLYksbLy6Z9JJPljze2T/PeBvPJSRPz6VcTJwsZ2a4tLs+VKJZ3P62P1uStjtcWlU5fmyjPpTHp5YnLyzFuTE+++83bXYn39/N/ff3L3wzNfH1/+7uf7h28ncTYO5uta43gCN1orx8r/5qXhOLtuw/EuNNZPkl4fALsylOf5cGTXgEMxlGc98Pz7MiJWgAGVyH8YUM1xQHNu36V58DPjwQerE6BG7COt8RdXXxuJvY250f7l5LGZUTbfHe1C+1kbv/xx53a2xOavQ+zbog6wIzduRsTpYnHj9T/Jr3+7d7rx4vHm1rcxaP9/oJfuZuOfN9qN/wpr459oM/450CZ3d2Pr/C/c70IzHWXjv/fajn/XLl2jQ3nthcaYbzi5eKmSno6IFyPiRAzvyeqb3c85s3xvpdO61vFftmTtN8eC+XHcL+55fJ/pcr0cESNPEnfTg5sRrxTbxZ+s9X/Spv+z5+P8Nts4mt55tdO6reN/ulZ+initbf8/uqOVbH5/cqxxPow1z4qN/rp19LdO7fc6/qz/928e/2jSer+2tvM2ftz7T9pp3W7P/5Hks0a5mQTXyvX6/HjESPLxxscnHu3brDe3z+I/cXzz61+78z+bfH2+zfhvHbnVcdN+6P/pHfX/zgv3Pvrih07tb6//32yUTuSP5Ne/9vJzZbsH+KTPHwAAAAAAAPSTQkQcjKRQWisXCqXS6vs7jsT+QqVaq5+8WF24PB2Nz8qOxnCheaf7UMv7Icbz98M26xPr6pMRcTgivh3a16iXpqqV6V4HDwAAAAAAAAAAAAAAAAAAAH3iQIfP/2d+H+r10QFPXeOLDfb0+iiAXtjyK/+78U1PQF/aMv+B55b8h8El/2FwyX8YXPIfBpf8h8El/2FwyX8AAAAAAAAAAAAAAAAAAAAAAAAAAADoqvPnzmXLyvLD61NZffrq4sJs9eqp6bQ2W5pbmCpNVeevlGaq1ZlKWpqqzm319yrV6pXxiVi4NlZPa/Wx2uLShbnqwuX6hUtz5Zn0Qjr8v0QFAAAAAAAAAAAAAAAAAAAAz5ba4tJsuVJJ5xU6Ft6PvjiMpxngql3tXuyXKBQ6FG7m3buzvXp4UQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdf4LAAD//++4Mnc=")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
utimes(&(0x7f0000000100)='./file0\x00', 0x0)
lsetxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f00000001c0)='system.posix_acl_default\x00', &(0x7f00000002c0)=ANY=[@ANYBLOB="02"], 0x4, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000000c0)=@x86={0x2, 0x80, 0xd5, 0x0, 0x1, 0x5, 0x7, 0x40, 0xd3, 0x1, 0x8, 0x3, 0x0, 0x40, 0x2, 0x4, 0x4, 0xc8, 0x5, '\x00', 0x7, 0x6})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_GET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x44, 0x1, 0x2, 0x5, 0x0, 0x0, {0xa, 0x0, 0x3}, [@CTA_EXPECT_MASTER={0x30, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private0={0xfc, 0x0, '\x00', 0x1}}, {0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x4}, 0x40040)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x8000000001)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3, 0x0, 0x4}, 0x18)
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000140)='./file0\x00', 0x800000, &(0x7f0000000440)={[{@shortname_lower}, {@shortname_winnt}, {@shortname_win95}, {@iocharset={'iocharset', 0x3d, 'macinuit'}}, {@shortname_mixed}, {@fat=@codepage={'codepage', 0x3d, '1255'}}, {@fat=@nocase}, {@fat=@check_strict}, {@rodir}, {@shortname_winnt}, {@iocharset={'iocharset', 0x3d, 'cp850'}}], [{@uid_eq}, {@uid_eq}]}, 0x1, 0x29f, &(0x7f0000000180)="$eJzs3U1rK1UcB+B/bnNvkguSLITLFaEjLnQV2oq4TZEKYkBRstCVxaYoTS20UNBF213xO+g3EF0KrgQX4lZwLYJUwY111UVlJE5aZ5oXW20a6X2eTU/POb+cc+YMM3TRk7ef3NxY29pZPz4+imq1FOVWtEonpWjEnZiLzEEAALfJSZrGb2lm1nMBAG6G9z8APHomvf9LB+d1r938zACAaflPf//fmcqUAIApe+PNt15ZbrdXXk+SasTm4W5nt5P9zNqX1+O96EU3FqIepxHpuYj9NE1ferm9spD0/dyI6ub+IL+/25kr5hejHo18/st6/7d+fjHJRCefvxv3B/kf7kc3lqIejxfHTwfjL43M34tnn86N34x6fPdObEUv1qKfzfKViNhbTJIXX21fyFf+6jfs+5vcHgAAAAAAAAAAAAAAAAAAAAAAbqlmcq5RPP8mO7+n2RzXnuXz5wPVTkefz7Mw8nyecjxRnu3aAQAAAAAAAAAAAAAAAAAA4P9i54MPN1Z7ve72pML733729VElC/xj58mF0mDcq6UOCzUvPFOcRu1yq7hQeOypnz4e1VSJylWvz78r3I2IfE0yGPKr+SkOel2Fb47effjczoPnx/WJcr7mo/5SC32yHXw4qPn0rKl8uQt+b/T988fg6IkRTb/WI8Z+YHXUDVkb7pzWsx0qxj8/K7R+H/rks1upu10bGr06/W2az9U8+KS1+sXej79cNj7hoZHOXftzCAAAAAAAAAAAAAAAAAAAyP9/+6xnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACz8/f3/1+1UIlCTXVs54NZrxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP4MAAD//wuTkgI=")
open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

program crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted
testing program (duration=32.57592754s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): mkdirat-syz_mount_image$fuse-umount2-syz_mount_image$ext4-bpf$PROG_LOAD-utimes-lsetxattr$system_posix_acl-ioctl$KVM_SET_VCPU_EVENTS-openat$kvm-ioctl$KVM_CREATE_VM-socket$nl_netfilter-sendmsg$IPCTNL_MSG_EXP_GET-ioctl$KVM_CREATE_VCPU-ioctl$KVM_SET_USER_MEMORY_REGION-syz_kvm_setup_cpu$x86-bpf$PROG_LOAD-bpf$BPF_RAW_TRACEPOINT_OPEN-syz_mount_image$vfat-ioctl$KVM_RUN
detailed listing:
executing program 0:
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000004c0)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
umount2(0x0, 0xa)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x0, &(0x7f00000004c0)={[{@jqfmt_vfsv1}, {@auto_da_alloc}, {@barrier_val}, {@journal_ioprio}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@resuid}, {@nodelalloc}, {@acl}, {@noinit_itable}]}, 0xfc, 0x572, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hvSuj6TKadKx14PbgXnyRIYg4EP8A330c/gP+FQMdDBlFH0So3PSmy9qkv5aZbPl84Lbn5N7bc78593t7Tm5CAhhYx7IfhYiXI+KbJOJQy7pi5CuPrW63/PD6VLYksbLy6Z9JJPljze2T/PeBvPJSRPz6VcTJwsZ2a4tLs+VKJZ3P62P1uStjtcWlU5fmyjPpTHp5YnLyzFuTE+++83bXYn39/N/ff3L3wzNfH1/+7uf7h28ncTYO5uta43gCN1orx8r/5qXhOLtuw/EuNNZPkl4fALsylOf5cGTXgEMxlGc98Pz7MiJWgAGVyH8YUM1xQHNu36V58DPjwQerE6BG7COt8RdXXxuJvY250f7l5LGZUTbfHe1C+1kbv/xx53a2xOavQ+zbog6wIzduRsTpYnHj9T/Jr3+7d7rx4vHm1rcxaP9/oJfuZuOfN9qN/wpr459oM/450CZ3d2Pr/C/c70IzHWXjv/fajn/XLl2jQ3nthcaYbzi5eKmSno6IFyPiRAzvyeqb3c85s3xvpdO61vFftmTtN8eC+XHcL+55fJ/pcr0cESNPEnfTg5sRrxTbxZ+s9X/Spv+z5+P8Nts4mt55tdO6reN/ulZ+initbf8/uqOVbH5/cqxxPow1z4qN/rp19LdO7fc6/qz/928e/2jSer+2tvM2ftz7T9pp3W7P/5Hks0a5mQTXyvX6/HjESPLxxscnHu3brDe3z+I/cXzz61+78z+bfH2+zfhvHbnVcdN+6P/pHfX/zgv3Pvrih07tb6//32yUTuSP5Ne/9vJzZbsH+KTPHwAAAAAAAPSTQkQcjKRQWisXCqXS6vs7jsT+QqVaq5+8WF24PB2Nz8qOxnCheaf7UMv7Icbz98M26xPr6pMRcTgivh3a16iXpqqV6V4HDwAAAAAAAAAAAAAAAAAAAH3iQIfP/2d+H+r10QFPXeOLDfb0+iiAXtjyK/+78U1PQF/aMv+B55b8h8El/2FwyX8YXPIfBpf8h8El/2FwyX8AAAAAAAAAAAAAAAAAAAAAAAAAAADoqvPnzmXLyvLD61NZffrq4sJs9eqp6bQ2W5pbmCpNVeevlGaq1ZlKWpqqzm319yrV6pXxiVi4NlZPa/Wx2uLShbnqwuX6hUtz5Zn0Qjr8v0QFAAAAAAAAAAAAAAAAAAAAz5ba4tJsuVJJ5xU6Ft6PvjiMpxngql3tXuyXKBQ6FG7m3buzvXp4UQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdf4LAAD//++4Mnc=")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
utimes(&(0x7f0000000100)='./file0\x00', 0x0)
lsetxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f00000001c0)='system.posix_acl_default\x00', &(0x7f00000002c0)=ANY=[@ANYBLOB="02"], 0x4, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000000c0)=@x86={0x2, 0x80, 0xd5, 0x0, 0x1, 0x5, 0x7, 0x40, 0xd3, 0x1, 0x8, 0x3, 0x0, 0x40, 0x2, 0x4, 0x4, 0xc8, 0x5, '\x00', 0x7, 0x6})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_GET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x44, 0x1, 0x2, 0x5, 0x0, 0x0, {0xa, 0x0, 0x3}, [@CTA_EXPECT_MASTER={0x30, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private0={0xfc, 0x0, '\x00', 0x1}}, {0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x4}, 0x40040)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x8000000001)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3, 0x0, 0x4}, 0x18)
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000140)='./file0\x00', 0x800000, &(0x7f0000000440)={[{@shortname_lower}, {@shortname_winnt}, {@shortname_win95}, {@iocharset={'iocharset', 0x3d, 'macinuit'}}, {@shortname_mixed}, {@fat=@codepage={'codepage', 0x3d, '1255'}}, {@fat=@nocase}, {@fat=@check_strict}, {@rodir}, {@shortname_winnt}, {@iocharset={'iocharset', 0x3d, 'cp850'}}], [{@uid_eq}, {@uid_eq}]}, 0x1, 0x29f, &(0x7f0000000180)="$eJzs3U1rK1UcB+B/bnNvkguSLITLFaEjLnQV2oq4TZEKYkBRstCVxaYoTS20UNBF213xO+g3EF0KrgQX4lZwLYJUwY111UVlJE5aZ5oXW20a6X2eTU/POb+cc+YMM3TRk7ef3NxY29pZPz4+imq1FOVWtEonpWjEnZiLzEEAALfJSZrGb2lm1nMBAG6G9z8APHomvf9LB+d1r938zACAaflPf//fmcqUAIApe+PNt15ZbrdXXk+SasTm4W5nt5P9zNqX1+O96EU3FqIepxHpuYj9NE1ferm9spD0/dyI6ub+IL+/25kr5hejHo18/st6/7d+fjHJRCefvxv3B/kf7kc3lqIejxfHTwfjL43M34tnn86N34x6fPdObEUv1qKfzfKViNhbTJIXX21fyFf+6jfs+5vcHgAAAAAAAAAAAAAAAAAAAAAAbqlmcq5RPP8mO7+n2RzXnuXz5wPVTkefz7Mw8nyecjxRnu3aAQAAAAAAAAAAAAAAAAAA4P9i54MPN1Z7ve72pML733729VElC/xj58mF0mDcq6UOCzUvPFOcRu1yq7hQeOypnz4e1VSJylWvz78r3I2IfE0yGPKr+SkOel2Fb47effjczoPnx/WJcr7mo/5SC32yHXw4qPn0rKl8uQt+b/T988fg6IkRTb/WI8Z+YHXUDVkb7pzWsx0qxj8/K7R+H/rks1upu10bGr06/W2az9U8+KS1+sXej79cNj7hoZHOXftzCAAAAAAAAAAAAAAAAAAAyP9/+6xnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACz8/f3/1+1UIlCTXVs54NZrxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP4MAAD//wuTkgI=")
ioctl$KVM_RUN(r2, 0xae80, 0x0)

program crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted
testing program (duration=32.57592754s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): mkdirat-syz_mount_image$fuse-umount2-syz_mount_image$ext4-bpf$PROG_LOAD-utimes-lsetxattr$system_posix_acl-ioctl$KVM_SET_VCPU_EVENTS-openat$kvm-ioctl$KVM_CREATE_VM-socket$nl_netfilter-sendmsg$IPCTNL_MSG_EXP_GET-ioctl$KVM_CREATE_VCPU-ioctl$KVM_SET_USER_MEMORY_REGION-syz_kvm_setup_cpu$x86-bpf$PROG_LOAD-bpf$BPF_RAW_TRACEPOINT_OPEN-ioctl$KVM_RUN
detailed listing:
executing program 0:
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000004c0)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
umount2(0x0, 0xa)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x0, &(0x7f00000004c0)={[{@jqfmt_vfsv1}, {@auto_da_alloc}, {@barrier_val}, {@journal_ioprio}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@resuid}, {@nodelalloc}, {@acl}, {@noinit_itable}]}, 0xfc, 0x572, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hvSuj6TKadKx14PbgXnyRIYg4EP8A330c/gP+FQMdDBlFH0So3PSmy9qkv5aZbPl84Lbn5N7bc78593t7Tm5CAhhYx7IfhYiXI+KbJOJQy7pi5CuPrW63/PD6VLYksbLy6Z9JJPljze2T/PeBvPJSRPz6VcTJwsZ2a4tLs+VKJZ3P62P1uStjtcWlU5fmyjPpTHp5YnLyzFuTE+++83bXYn39/N/ff3L3wzNfH1/+7uf7h28ncTYO5uta43gCN1orx8r/5qXhOLtuw/EuNNZPkl4fALsylOf5cGTXgEMxlGc98Pz7MiJWgAGVyH8YUM1xQHNu36V58DPjwQerE6BG7COt8RdXXxuJvY250f7l5LGZUTbfHe1C+1kbv/xx53a2xOavQ+zbog6wIzduRsTpYnHj9T/Jr3+7d7rx4vHm1rcxaP9/oJfuZuOfN9qN/wpr459oM/450CZ3d2Pr/C/c70IzHWXjv/fajn/XLl2jQ3nthcaYbzi5eKmSno6IFyPiRAzvyeqb3c85s3xvpdO61vFftmTtN8eC+XHcL+55fJ/pcr0cESNPEnfTg5sRrxTbxZ+s9X/Spv+z5+P8Nts4mt55tdO6reN/ulZ+initbf8/uqOVbH5/cqxxPow1z4qN/rp19LdO7fc6/qz/928e/2jSer+2tvM2ftz7T9pp3W7P/5Hks0a5mQTXyvX6/HjESPLxxscnHu3brDe3z+I/cXzz61+78z+bfH2+zfhvHbnVcdN+6P/pHfX/zgv3Pvrih07tb6//32yUTuSP5Ne/9vJzZbsH+KTPHwAAAAAAAPSTQkQcjKRQWisXCqXS6vs7jsT+QqVaq5+8WF24PB2Nz8qOxnCheaf7UMv7Icbz98M26xPr6pMRcTgivh3a16iXpqqV6V4HDwAAAAAAAAAAAAAAAAAAAH3iQIfP/2d+H+r10QFPXeOLDfb0+iiAXtjyK/+78U1PQF/aMv+B55b8h8El/2FwyX8YXPIfBpf8h8El/2FwyX8AAAAAAAAAAAAAAAAAAAAAAAAAAADoqvPnzmXLyvLD61NZffrq4sJs9eqp6bQ2W5pbmCpNVeevlGaq1ZlKWpqqzm319yrV6pXxiVi4NlZPa/Wx2uLShbnqwuX6hUtz5Zn0Qjr8v0QFAAAAAAAAAAAAAAAAAAAAz5ba4tJsuVJJ5xU6Ft6PvjiMpxngql3tXuyXKBQ6FG7m3buzvXp4UQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdf4LAAD//++4Mnc=")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
utimes(&(0x7f0000000100)='./file0\x00', 0x0)
lsetxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f00000001c0)='system.posix_acl_default\x00', &(0x7f00000002c0)=ANY=[@ANYBLOB="02"], 0x4, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000000c0)=@x86={0x2, 0x80, 0xd5, 0x0, 0x1, 0x5, 0x7, 0x40, 0xd3, 0x1, 0x8, 0x3, 0x0, 0x40, 0x2, 0x4, 0x4, 0xc8, 0x5, '\x00', 0x7, 0x6})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_GET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x44, 0x1, 0x2, 0x5, 0x0, 0x0, {0xa, 0x0, 0x3}, [@CTA_EXPECT_MASTER={0x30, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private0={0xfc, 0x0, '\x00', 0x1}}, {0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x4}, 0x40040)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x8000000001)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3, 0x0, 0x4}, 0x18)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

program crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted
testing program (duration=32.57592754s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): mkdirat-syz_mount_image$fuse-umount2-syz_mount_image$ext4-bpf$PROG_LOAD-utimes-lsetxattr$system_posix_acl-ioctl$KVM_SET_VCPU_EVENTS-openat$kvm-ioctl$KVM_CREATE_VM-socket$nl_netfilter-sendmsg$IPCTNL_MSG_EXP_GET-ioctl$KVM_CREATE_VCPU-ioctl$KVM_SET_USER_MEMORY_REGION-syz_kvm_setup_cpu$x86-bpf$PROG_LOAD-ioctl$KVM_RUN
detailed listing:
executing program 0:
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000004c0)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
umount2(0x0, 0xa)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x0, &(0x7f00000004c0)={[{@jqfmt_vfsv1}, {@auto_da_alloc}, {@barrier_val}, {@journal_ioprio}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@resuid}, {@nodelalloc}, {@acl}, {@noinit_itable}]}, 0xfc, 0x572, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hvSuj6TKadKx14PbgXnyRIYg4EP8A330c/gP+FQMdDBlFH0So3PSmy9qkv5aZbPl84Lbn5N7bc78593t7Tm5CAhhYx7IfhYiXI+KbJOJQy7pi5CuPrW63/PD6VLYksbLy6Z9JJPljze2T/PeBvPJSRPz6VcTJwsZ2a4tLs+VKJZ3P62P1uStjtcWlU5fmyjPpTHp5YnLyzFuTE+++83bXYn39/N/ff3L3wzNfH1/+7uf7h28ncTYO5uta43gCN1orx8r/5qXhOLtuw/EuNNZPkl4fALsylOf5cGTXgEMxlGc98Pz7MiJWgAGVyH8YUM1xQHNu36V58DPjwQerE6BG7COt8RdXXxuJvY250f7l5LGZUTbfHe1C+1kbv/xx53a2xOavQ+zbog6wIzduRsTpYnHj9T/Jr3+7d7rx4vHm1rcxaP9/oJfuZuOfN9qN/wpr459oM/450CZ3d2Pr/C/c70IzHWXjv/fajn/XLl2jQ3nthcaYbzi5eKmSno6IFyPiRAzvyeqb3c85s3xvpdO61vFftmTtN8eC+XHcL+55fJ/pcr0cESNPEnfTg5sRrxTbxZ+s9X/Spv+z5+P8Nts4mt55tdO6reN/ulZ+initbf8/uqOVbH5/cqxxPow1z4qN/rp19LdO7fc6/qz/928e/2jSer+2tvM2ftz7T9pp3W7P/5Hks0a5mQTXyvX6/HjESPLxxscnHu3brDe3z+I/cXzz61+78z+bfH2+zfhvHbnVcdN+6P/pHfX/zgv3Pvrih07tb6//32yUTuSP5Ne/9vJzZbsH+KTPHwAAAAAAAPSTQkQcjKRQWisXCqXS6vs7jsT+QqVaq5+8WF24PB2Nz8qOxnCheaf7UMv7Icbz98M26xPr6pMRcTgivh3a16iXpqqV6V4HDwAAAAAAAAAAAAAAAAAAAH3iQIfP/2d+H+r10QFPXeOLDfb0+iiAXtjyK/+78U1PQF/aMv+B55b8h8El/2FwyX8YXPIfBpf8h8El/2FwyX8AAAAAAAAAAAAAAAAAAAAAAAAAAADoqvPnzmXLyvLD61NZffrq4sJs9eqp6bQ2W5pbmCpNVeevlGaq1ZlKWpqqzm319yrV6pXxiVi4NlZPa/Wx2uLShbnqwuX6hUtz5Zn0Qjr8v0QFAAAAAAAAAAAAAAAAAAAAz5ba4tJsuVJJ5xU6Ft6PvjiMpxngql3tXuyXKBQ6FG7m3buzvXp4UQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdf4LAAD//++4Mnc=")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
utimes(&(0x7f0000000100)='./file0\x00', 0x0)
lsetxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f00000001c0)='system.posix_acl_default\x00', &(0x7f00000002c0)=ANY=[@ANYBLOB="02"], 0x4, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000000c0)=@x86={0x2, 0x80, 0xd5, 0x0, 0x1, 0x5, 0x7, 0x40, 0xd3, 0x1, 0x8, 0x3, 0x0, 0x40, 0x2, 0x4, 0x4, 0xc8, 0x5, '\x00', 0x7, 0x6})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_GET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x44, 0x1, 0x2, 0x5, 0x0, 0x0, {0xa, 0x0, 0x3}, [@CTA_EXPECT_MASTER={0x30, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private0={0xfc, 0x0, '\x00', 0x1}}, {0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x4}, 0x40040)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x8000000001)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

program crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted
testing program (duration=32.57592754s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): mkdirat-syz_mount_image$fuse-umount2-syz_mount_image$ext4-bpf$PROG_LOAD-utimes-lsetxattr$system_posix_acl-ioctl$KVM_SET_VCPU_EVENTS-openat$kvm-ioctl$KVM_CREATE_VM-socket$nl_netfilter-sendmsg$IPCTNL_MSG_EXP_GET-ioctl$KVM_CREATE_VCPU-ioctl$KVM_SET_USER_MEMORY_REGION-syz_kvm_setup_cpu$x86-ioctl$KVM_RUN
detailed listing:
executing program 0:
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000004c0)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
umount2(0x0, 0xa)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x0, &(0x7f00000004c0)={[{@jqfmt_vfsv1}, {@auto_da_alloc}, {@barrier_val}, {@journal_ioprio}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@resuid}, {@nodelalloc}, {@acl}, {@noinit_itable}]}, 0xfc, 0x572, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hvSuj6TKadKx14PbgXnyRIYg4EP8A330c/gP+FQMdDBlFH0So3PSmy9qkv5aZbPl84Lbn5N7bc78593t7Tm5CAhhYx7IfhYiXI+KbJOJQy7pi5CuPrW63/PD6VLYksbLy6Z9JJPljze2T/PeBvPJSRPz6VcTJwsZ2a4tLs+VKJZ3P62P1uStjtcWlU5fmyjPpTHp5YnLyzFuTE+++83bXYn39/N/ff3L3wzNfH1/+7uf7h28ncTYO5uta43gCN1orx8r/5qXhOLtuw/EuNNZPkl4fALsylOf5cGTXgEMxlGc98Pz7MiJWgAGVyH8YUM1xQHNu36V58DPjwQerE6BG7COt8RdXXxuJvY250f7l5LGZUTbfHe1C+1kbv/xx53a2xOavQ+zbog6wIzduRsTpYnHj9T/Jr3+7d7rx4vHm1rcxaP9/oJfuZuOfN9qN/wpr459oM/450CZ3d2Pr/C/c70IzHWXjv/fajn/XLl2jQ3nthcaYbzi5eKmSno6IFyPiRAzvyeqb3c85s3xvpdO61vFftmTtN8eC+XHcL+55fJ/pcr0cESNPEnfTg5sRrxTbxZ+s9X/Spv+z5+P8Nts4mt55tdO6reN/ulZ+initbf8/uqOVbH5/cqxxPow1z4qN/rp19LdO7fc6/qz/928e/2jSer+2tvM2ftz7T9pp3W7P/5Hks0a5mQTXyvX6/HjESPLxxscnHu3brDe3z+I/cXzz61+78z+bfH2+zfhvHbnVcdN+6P/pHfX/zgv3Pvrih07tb6//32yUTuSP5Ne/9vJzZbsH+KTPHwAAAAAAAPSTQkQcjKRQWisXCqXS6vs7jsT+QqVaq5+8WF24PB2Nz8qOxnCheaf7UMv7Icbz98M26xPr6pMRcTgivh3a16iXpqqV6V4HDwAAAAAAAAAAAAAAAAAAAH3iQIfP/2d+H+r10QFPXeOLDfb0+iiAXtjyK/+78U1PQF/aMv+B55b8h8El/2FwyX8YXPIfBpf8h8El/2FwyX8AAAAAAAAAAAAAAAAAAAAAAAAAAADoqvPnzmXLyvLD61NZffrq4sJs9eqp6bQ2W5pbmCpNVeevlGaq1ZlKWpqqzm319yrV6pXxiVi4NlZPa/Wx2uLShbnqwuX6hUtz5Zn0Qjr8v0QFAAAAAAAAAAAAAAAAAAAAz5ba4tJsuVJJ5xU6Ft6PvjiMpxngql3tXuyXKBQ6FG7m3buzvXp4UQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdf4LAAD//++4Mnc=")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
utimes(&(0x7f0000000100)='./file0\x00', 0x0)
lsetxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f00000001c0)='system.posix_acl_default\x00', &(0x7f00000002c0)=ANY=[@ANYBLOB="02"], 0x4, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000000c0)=@x86={0x2, 0x80, 0xd5, 0x0, 0x1, 0x5, 0x7, 0x40, 0xd3, 0x1, 0x8, 0x3, 0x0, 0x40, 0x2, 0x4, 0x4, 0xc8, 0x5, '\x00', 0x7, 0x6})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_GET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x44, 0x1, 0x2, 0x5, 0x0, 0x0, {0xa, 0x0, 0x3}, [@CTA_EXPECT_MASTER={0x30, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private0={0xfc, 0x0, '\x00', 0x1}}, {0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x4}, 0x40040)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x8000000001)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

program crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted
testing program (duration=32.57592754s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): mkdirat-syz_mount_image$fuse-umount2-syz_mount_image$ext4-bpf$PROG_LOAD-utimes-lsetxattr$system_posix_acl-ioctl$KVM_SET_VCPU_EVENTS-openat$kvm-ioctl$KVM_CREATE_VM-socket$nl_netfilter-sendmsg$IPCTNL_MSG_EXP_GET-ioctl$KVM_CREATE_VCPU-ioctl$KVM_SET_USER_MEMORY_REGION-ioctl$KVM_RUN
detailed listing:
executing program 0:
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000004c0)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
umount2(0x0, 0xa)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x0, &(0x7f00000004c0)={[{@jqfmt_vfsv1}, {@auto_da_alloc}, {@barrier_val}, {@journal_ioprio}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@resuid}, {@nodelalloc}, {@acl}, {@noinit_itable}]}, 0xfc, 0x572, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hvSuj6TKadKx14PbgXnyRIYg4EP8A330c/gP+FQMdDBlFH0So3PSmy9qkv5aZbPl84Lbn5N7bc78593t7Tm5CAhhYx7IfhYiXI+KbJOJQy7pi5CuPrW63/PD6VLYksbLy6Z9JJPljze2T/PeBvPJSRPz6VcTJwsZ2a4tLs+VKJZ3P62P1uStjtcWlU5fmyjPpTHp5YnLyzFuTE+++83bXYn39/N/ff3L3wzNfH1/+7uf7h28ncTYO5uta43gCN1orx8r/5qXhOLtuw/EuNNZPkl4fALsylOf5cGTXgEMxlGc98Pz7MiJWgAGVyH8YUM1xQHNu36V58DPjwQerE6BG7COt8RdXXxuJvY250f7l5LGZUTbfHe1C+1kbv/xx53a2xOavQ+zbog6wIzduRsTpYnHj9T/Jr3+7d7rx4vHm1rcxaP9/oJfuZuOfN9qN/wpr459oM/450CZ3d2Pr/C/c70IzHWXjv/fajn/XLl2jQ3nthcaYbzi5eKmSno6IFyPiRAzvyeqb3c85s3xvpdO61vFftmTtN8eC+XHcL+55fJ/pcr0cESNPEnfTg5sRrxTbxZ+s9X/Spv+z5+P8Nts4mt55tdO6reN/ulZ+initbf8/uqOVbH5/cqxxPow1z4qN/rp19LdO7fc6/qz/928e/2jSer+2tvM2ftz7T9pp3W7P/5Hks0a5mQTXyvX6/HjESPLxxscnHu3brDe3z+I/cXzz61+78z+bfH2+zfhvHbnVcdN+6P/pHfX/zgv3Pvrih07tb6//32yUTuSP5Ne/9vJzZbsH+KTPHwAAAAAAAPSTQkQcjKRQWisXCqXS6vs7jsT+QqVaq5+8WF24PB2Nz8qOxnCheaf7UMv7Icbz98M26xPr6pMRcTgivh3a16iXpqqV6V4HDwAAAAAAAAAAAAAAAAAAAH3iQIfP/2d+H+r10QFPXeOLDfb0+iiAXtjyK/+78U1PQF/aMv+B55b8h8El/2FwyX8YXPIfBpf8h8El/2FwyX8AAAAAAAAAAAAAAAAAAAAAAAAAAADoqvPnzmXLyvLD61NZffrq4sJs9eqp6bQ2W5pbmCpNVeevlGaq1ZlKWpqqzm319yrV6pXxiVi4NlZPa/Wx2uLShbnqwuX6hUtz5Zn0Qjr8v0QFAAAAAAAAAAAAAAAAAAAAz5ba4tJsuVJJ5xU6Ft6PvjiMpxngql3tXuyXKBQ6FG7m3buzvXp4UQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdf4LAAD//++4Mnc=")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
utimes(&(0x7f0000000100)='./file0\x00', 0x0)
lsetxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f00000001c0)='system.posix_acl_default\x00', &(0x7f00000002c0)=ANY=[@ANYBLOB="02"], 0x4, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000000c0)=@x86={0x2, 0x80, 0xd5, 0x0, 0x1, 0x5, 0x7, 0x40, 0xd3, 0x1, 0x8, 0x3, 0x0, 0x40, 0x2, 0x4, 0x4, 0xc8, 0x5, '\x00', 0x7, 0x6})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_GET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x44, 0x1, 0x2, 0x5, 0x0, 0x0, {0xa, 0x0, 0x3}, [@CTA_EXPECT_MASTER={0x30, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private0={0xfc, 0x0, '\x00', 0x1}}, {0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x4}, 0x40040)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x8000000001)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

program crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted
testing program (duration=32.57592754s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): mkdirat-syz_mount_image$fuse-umount2-syz_mount_image$ext4-bpf$PROG_LOAD-utimes-lsetxattr$system_posix_acl-ioctl$KVM_SET_VCPU_EVENTS-openat$kvm-ioctl$KVM_CREATE_VM-socket$nl_netfilter-sendmsg$IPCTNL_MSG_EXP_GET-ioctl$KVM_CREATE_VCPU-ioctl$KVM_RUN
detailed listing:
executing program 0:
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000004c0)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
umount2(0x0, 0xa)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x0, &(0x7f00000004c0)={[{@jqfmt_vfsv1}, {@auto_da_alloc}, {@barrier_val}, {@journal_ioprio}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@resuid}, {@nodelalloc}, {@acl}, {@noinit_itable}]}, 0xfc, 0x572, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hvSuj6TKadKx14PbgXnyRIYg4EP8A330c/gP+FQMdDBlFH0So3PSmy9qkv5aZbPl84Lbn5N7bc78593t7Tm5CAhhYx7IfhYiXI+KbJOJQy7pi5CuPrW63/PD6VLYksbLy6Z9JJPljze2T/PeBvPJSRPz6VcTJwsZ2a4tLs+VKJZ3P62P1uStjtcWlU5fmyjPpTHp5YnLyzFuTE+++83bXYn39/N/ff3L3wzNfH1/+7uf7h28ncTYO5uta43gCN1orx8r/5qXhOLtuw/EuNNZPkl4fALsylOf5cGTXgEMxlGc98Pz7MiJWgAGVyH8YUM1xQHNu36V58DPjwQerE6BG7COt8RdXXxuJvY250f7l5LGZUTbfHe1C+1kbv/xx53a2xOavQ+zbog6wIzduRsTpYnHj9T/Jr3+7d7rx4vHm1rcxaP9/oJfuZuOfN9qN/wpr459oM/450CZ3d2Pr/C/c70IzHWXjv/fajn/XLl2jQ3nthcaYbzi5eKmSno6IFyPiRAzvyeqb3c85s3xvpdO61vFftmTtN8eC+XHcL+55fJ/pcr0cESNPEnfTg5sRrxTbxZ+s9X/Spv+z5+P8Nts4mt55tdO6reN/ulZ+initbf8/uqOVbH5/cqxxPow1z4qN/rp19LdO7fc6/qz/928e/2jSer+2tvM2ftz7T9pp3W7P/5Hks0a5mQTXyvX6/HjESPLxxscnHu3brDe3z+I/cXzz61+78z+bfH2+zfhvHbnVcdN+6P/pHfX/zgv3Pvrih07tb6//32yUTuSP5Ne/9vJzZbsH+KTPHwAAAAAAAPSTQkQcjKRQWisXCqXS6vs7jsT+QqVaq5+8WF24PB2Nz8qOxnCheaf7UMv7Icbz98M26xPr6pMRcTgivh3a16iXpqqV6V4HDwAAAAAAAAAAAAAAAAAAAH3iQIfP/2d+H+r10QFPXeOLDfb0+iiAXtjyK/+78U1PQF/aMv+B55b8h8El/2FwyX8YXPIfBpf8h8El/2FwyX8AAAAAAAAAAAAAAAAAAAAAAAAAAADoqvPnzmXLyvLD61NZffrq4sJs9eqp6bQ2W5pbmCpNVeevlGaq1ZlKWpqqzm319yrV6pXxiVi4NlZPa/Wx2uLShbnqwuX6hUtz5Zn0Qjr8v0QFAAAAAAAAAAAAAAAAAAAAz5ba4tJsuVJJ5xU6Ft6PvjiMpxngql3tXuyXKBQ6FG7m3buzvXp4UQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdf4LAAD//++4Mnc=")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
utimes(&(0x7f0000000100)='./file0\x00', 0x0)
lsetxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f00000001c0)='system.posix_acl_default\x00', &(0x7f00000002c0)=ANY=[@ANYBLOB="02"], 0x4, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000000c0)=@x86={0x2, 0x80, 0xd5, 0x0, 0x1, 0x5, 0x7, 0x40, 0xd3, 0x1, 0x8, 0x3, 0x0, 0x40, 0x2, 0x4, 0x4, 0xc8, 0x5, '\x00', 0x7, 0x6})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_GET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x44, 0x1, 0x2, 0x5, 0x0, 0x0, {0xa, 0x0, 0x3}, [@CTA_EXPECT_MASTER={0x30, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private0={0xfc, 0x0, '\x00', 0x1}}, {0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x4}, 0x40040)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x8000000001)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

program did not crash
testing program (duration=32.57592754s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): mkdirat-syz_mount_image$fuse-umount2-syz_mount_image$ext4-bpf$PROG_LOAD-utimes-lsetxattr$system_posix_acl-ioctl$KVM_SET_VCPU_EVENTS-openat$kvm-ioctl$KVM_CREATE_VM-socket$nl_netfilter-sendmsg$IPCTNL_MSG_EXP_GET-ioctl$KVM_SET_USER_MEMORY_REGION-ioctl$KVM_RUN
detailed listing:
executing program 0:
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000004c0)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
umount2(0x0, 0xa)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x0, &(0x7f00000004c0)={[{@jqfmt_vfsv1}, {@auto_da_alloc}, {@barrier_val}, {@journal_ioprio}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@resuid}, {@nodelalloc}, {@acl}, {@noinit_itable}]}, 0xfc, 0x572, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hvSuj6TKadKx14PbgXnyRIYg4EP8A330c/gP+FQMdDBlFH0So3PSmy9qkv5aZbPl84Lbn5N7bc78593t7Tm5CAhhYx7IfhYiXI+KbJOJQy7pi5CuPrW63/PD6VLYksbLy6Z9JJPljze2T/PeBvPJSRPz6VcTJwsZ2a4tLs+VKJZ3P62P1uStjtcWlU5fmyjPpTHp5YnLyzFuTE+++83bXYn39/N/ff3L3wzNfH1/+7uf7h28ncTYO5uta43gCN1orx8r/5qXhOLtuw/EuNNZPkl4fALsylOf5cGTXgEMxlGc98Pz7MiJWgAGVyH8YUM1xQHNu36V58DPjwQerE6BG7COt8RdXXxuJvY250f7l5LGZUTbfHe1C+1kbv/xx53a2xOavQ+zbog6wIzduRsTpYnHj9T/Jr3+7d7rx4vHm1rcxaP9/oJfuZuOfN9qN/wpr459oM/450CZ3d2Pr/C/c70IzHWXjv/fajn/XLl2jQ3nthcaYbzi5eKmSno6IFyPiRAzvyeqb3c85s3xvpdO61vFftmTtN8eC+XHcL+55fJ/pcr0cESNPEnfTg5sRrxTbxZ+s9X/Spv+z5+P8Nts4mt55tdO6reN/ulZ+initbf8/uqOVbH5/cqxxPow1z4qN/rp19LdO7fc6/qz/928e/2jSer+2tvM2ftz7T9pp3W7P/5Hks0a5mQTXyvX6/HjESPLxxscnHu3brDe3z+I/cXzz61+78z+bfH2+zfhvHbnVcdN+6P/pHfX/zgv3Pvrih07tb6//32yUTuSP5Ne/9vJzZbsH+KTPHwAAAAAAAPSTQkQcjKRQWisXCqXS6vs7jsT+QqVaq5+8WF24PB2Nz8qOxnCheaf7UMv7Icbz98M26xPr6pMRcTgivh3a16iXpqqV6V4HDwAAAAAAAAAAAAAAAAAAAH3iQIfP/2d+H+r10QFPXeOLDfb0+iiAXtjyK/+78U1PQF/aMv+B55b8h8El/2FwyX8YXPIfBpf8h8El/2FwyX8AAAAAAAAAAAAAAAAAAAAAAAAAAADoqvPnzmXLyvLD61NZffrq4sJs9eqp6bQ2W5pbmCpNVeevlGaq1ZlKWpqqzm319yrV6pXxiVi4NlZPa/Wx2uLShbnqwuX6hUtz5Zn0Qjr8v0QFAAAAAAAAAAAAAAAAAAAAz5ba4tJsuVJJ5xU6Ft6PvjiMpxngql3tXuyXKBQ6FG7m3buzvXp4UQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdf4LAAD//++4Mnc=")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
utimes(&(0x7f0000000100)='./file0\x00', 0x0)
lsetxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f00000001c0)='system.posix_acl_default\x00', &(0x7f00000002c0)=ANY=[@ANYBLOB="02"], 0x4, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000000c0)=@x86={0x2, 0x80, 0xd5, 0x0, 0x1, 0x5, 0x7, 0x40, 0xd3, 0x1, 0x8, 0x3, 0x0, 0x40, 0x2, 0x4, 0x4, 0xc8, 0x5, '\x00', 0x7, 0x6})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_GET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x44, 0x1, 0x2, 0x5, 0x0, 0x0, {0xa, 0x0, 0x3}, [@CTA_EXPECT_MASTER={0x30, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private0={0xfc, 0x0, '\x00', 0x1}}, {0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x4}, 0x40040)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

program did not crash
testing program (duration=32.57592754s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): mkdirat-syz_mount_image$fuse-umount2-syz_mount_image$ext4-bpf$PROG_LOAD-utimes-lsetxattr$system_posix_acl-ioctl$KVM_SET_VCPU_EVENTS-openat$kvm-ioctl$KVM_CREATE_VM-socket$nl_netfilter-ioctl$KVM_CREATE_VCPU-ioctl$KVM_SET_USER_MEMORY_REGION-ioctl$KVM_RUN
detailed listing:
executing program 0:
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000004c0)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
umount2(0x0, 0xa)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x0, &(0x7f00000004c0)={[{@jqfmt_vfsv1}, {@auto_da_alloc}, {@barrier_val}, {@journal_ioprio}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@resuid}, {@nodelalloc}, {@acl}, {@noinit_itable}]}, 0xfc, 0x572, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hvSuj6TKadKx14PbgXnyRIYg4EP8A330c/gP+FQMdDBlFH0So3PSmy9qkv5aZbPl84Lbn5N7bc78593t7Tm5CAhhYx7IfhYiXI+KbJOJQy7pi5CuPrW63/PD6VLYksbLy6Z9JJPljze2T/PeBvPJSRPz6VcTJwsZ2a4tLs+VKJZ3P62P1uStjtcWlU5fmyjPpTHp5YnLyzFuTE+++83bXYn39/N/ff3L3wzNfH1/+7uf7h28ncTYO5uta43gCN1orx8r/5qXhOLtuw/EuNNZPkl4fALsylOf5cGTXgEMxlGc98Pz7MiJWgAGVyH8YUM1xQHNu36V58DPjwQerE6BG7COt8RdXXxuJvY250f7l5LGZUTbfHe1C+1kbv/xx53a2xOavQ+zbog6wIzduRsTpYnHj9T/Jr3+7d7rx4vHm1rcxaP9/oJfuZuOfN9qN/wpr459oM/450CZ3d2Pr/C/c70IzHWXjv/fajn/XLl2jQ3nthcaYbzi5eKmSno6IFyPiRAzvyeqb3c85s3xvpdO61vFftmTtN8eC+XHcL+55fJ/pcr0cESNPEnfTg5sRrxTbxZ+s9X/Spv+z5+P8Nts4mt55tdO6reN/ulZ+initbf8/uqOVbH5/cqxxPow1z4qN/rp19LdO7fc6/qz/928e/2jSer+2tvM2ftz7T9pp3W7P/5Hks0a5mQTXyvX6/HjESPLxxscnHu3brDe3z+I/cXzz61+78z+bfH2+zfhvHbnVcdN+6P/pHfX/zgv3Pvrih07tb6//32yUTuSP5Ne/9vJzZbsH+KTPHwAAAAAAAPSTQkQcjKRQWisXCqXS6vs7jsT+QqVaq5+8WF24PB2Nz8qOxnCheaf7UMv7Icbz98M26xPr6pMRcTgivh3a16iXpqqV6V4HDwAAAAAAAAAAAAAAAAAAAH3iQIfP/2d+H+r10QFPXeOLDfb0+iiAXtjyK/+78U1PQF/aMv+B55b8h8El/2FwyX8YXPIfBpf8h8El/2FwyX8AAAAAAAAAAAAAAAAAAAAAAAAAAADoqvPnzmXLyvLD61NZffrq4sJs9eqp6bQ2W5pbmCpNVeevlGaq1ZlKWpqqzm319yrV6pXxiVi4NlZPa/Wx2uLShbnqwuX6hUtz5Zn0Qjr8v0QFAAAAAAAAAAAAAAAAAAAAz5ba4tJsuVJJ5xU6Ft6PvjiMpxngql3tXuyXKBQ6FG7m3buzvXp4UQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdf4LAAD//++4Mnc=")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
utimes(&(0x7f0000000100)='./file0\x00', 0x0)
lsetxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f00000001c0)='system.posix_acl_default\x00', &(0x7f00000002c0)=ANY=[@ANYBLOB="02"], 0x4, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000000c0)=@x86={0x2, 0x80, 0xd5, 0x0, 0x1, 0x5, 0x7, 0x40, 0xd3, 0x1, 0x8, 0x3, 0x0, 0x40, 0x2, 0x4, 0x4, 0xc8, 0x5, '\x00', 0x7, 0x6})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x8000000001)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

program crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted
testing program (duration=32.57592754s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): mkdirat-syz_mount_image$fuse-umount2-syz_mount_image$ext4-bpf$PROG_LOAD-utimes-lsetxattr$system_posix_acl-ioctl$KVM_SET_VCPU_EVENTS-openat$kvm-ioctl$KVM_CREATE_VM-ioctl$KVM_CREATE_VCPU-ioctl$KVM_SET_USER_MEMORY_REGION-ioctl$KVM_RUN
detailed listing:
executing program 0:
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000004c0)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
umount2(0x0, 0xa)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x0, &(0x7f00000004c0)={[{@jqfmt_vfsv1}, {@auto_da_alloc}, {@barrier_val}, {@journal_ioprio}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@resuid}, {@nodelalloc}, {@acl}, {@noinit_itable}]}, 0xfc, 0x572, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hvSuj6TKadKx14PbgXnyRIYg4EP8A330c/gP+FQMdDBlFH0So3PSmy9qkv5aZbPl84Lbn5N7bc78593t7Tm5CAhhYx7IfhYiXI+KbJOJQy7pi5CuPrW63/PD6VLYksbLy6Z9JJPljze2T/PeBvPJSRPz6VcTJwsZ2a4tLs+VKJZ3P62P1uStjtcWlU5fmyjPpTHp5YnLyzFuTE+++83bXYn39/N/ff3L3wzNfH1/+7uf7h28ncTYO5uta43gCN1orx8r/5qXhOLtuw/EuNNZPkl4fALsylOf5cGTXgEMxlGc98Pz7MiJWgAGVyH8YUM1xQHNu36V58DPjwQerE6BG7COt8RdXXxuJvY250f7l5LGZUTbfHe1C+1kbv/xx53a2xOavQ+zbog6wIzduRsTpYnHj9T/Jr3+7d7rx4vHm1rcxaP9/oJfuZuOfN9qN/wpr459oM/450CZ3d2Pr/C/c70IzHWXjv/fajn/XLl2jQ3nthcaYbzi5eKmSno6IFyPiRAzvyeqb3c85s3xvpdO61vFftmTtN8eC+XHcL+55fJ/pcr0cESNPEnfTg5sRrxTbxZ+s9X/Spv+z5+P8Nts4mt55tdO6reN/ulZ+initbf8/uqOVbH5/cqxxPow1z4qN/rp19LdO7fc6/qz/928e/2jSer+2tvM2ftz7T9pp3W7P/5Hks0a5mQTXyvX6/HjESPLxxscnHu3brDe3z+I/cXzz61+78z+bfH2+zfhvHbnVcdN+6P/pHfX/zgv3Pvrih07tb6//32yUTuSP5Ne/9vJzZbsH+KTPHwAAAAAAAPSTQkQcjKRQWisXCqXS6vs7jsT+QqVaq5+8WF24PB2Nz8qOxnCheaf7UMv7Icbz98M26xPr6pMRcTgivh3a16iXpqqV6V4HDwAAAAAAAAAAAAAAAAAAAH3iQIfP/2d+H+r10QFPXeOLDfb0+iiAXtjyK/+78U1PQF/aMv+B55b8h8El/2FwyX8YXPIfBpf8h8El/2FwyX8AAAAAAAAAAAAAAAAAAAAAAAAAAADoqvPnzmXLyvLD61NZffrq4sJs9eqp6bQ2W5pbmCpNVeevlGaq1ZlKWpqqzm319yrV6pXxiVi4NlZPa/Wx2uLShbnqwuX6hUtz5Zn0Qjr8v0QFAAAAAAAAAAAAAAAAAAAAz5ba4tJsuVJJ5xU6Ft6PvjiMpxngql3tXuyXKBQ6FG7m3buzvXp4UQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdf4LAAD//++4Mnc=")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
utimes(&(0x7f0000000100)='./file0\x00', 0x0)
lsetxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f00000001c0)='system.posix_acl_default\x00', &(0x7f00000002c0)=ANY=[@ANYBLOB="02"], 0x4, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000000c0)=@x86={0x2, 0x80, 0xd5, 0x0, 0x1, 0x5, 0x7, 0x40, 0xd3, 0x1, 0x8, 0x3, 0x0, 0x40, 0x2, 0x4, 0x4, 0xc8, 0x5, '\x00', 0x7, 0x6})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x8000000001)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

program crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted
testing program (duration=32.57592754s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): mkdirat-syz_mount_image$fuse-umount2-syz_mount_image$ext4-bpf$PROG_LOAD-utimes-lsetxattr$system_posix_acl-ioctl$KVM_SET_VCPU_EVENTS-openat$kvm-ioctl$KVM_CREATE_VCPU-ioctl$KVM_SET_USER_MEMORY_REGION-ioctl$KVM_RUN
detailed listing:
executing program 0:
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000004c0)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
umount2(0x0, 0xa)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x0, &(0x7f00000004c0)={[{@jqfmt_vfsv1}, {@auto_da_alloc}, {@barrier_val}, {@journal_ioprio}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@resuid}, {@nodelalloc}, {@acl}, {@noinit_itable}]}, 0xfc, 0x572, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hvSuj6TKadKx14PbgXnyRIYg4EP8A330c/gP+FQMdDBlFH0So3PSmy9qkv5aZbPl84Lbn5N7bc78593t7Tm5CAhhYx7IfhYiXI+KbJOJQy7pi5CuPrW63/PD6VLYksbLy6Z9JJPljze2T/PeBvPJSRPz6VcTJwsZ2a4tLs+VKJZ3P62P1uStjtcWlU5fmyjPpTHp5YnLyzFuTE+++83bXYn39/N/ff3L3wzNfH1/+7uf7h28ncTYO5uta43gCN1orx8r/5qXhOLtuw/EuNNZPkl4fALsylOf5cGTXgEMxlGc98Pz7MiJWgAGVyH8YUM1xQHNu36V58DPjwQerE6BG7COt8RdXXxuJvY250f7l5LGZUTbfHe1C+1kbv/xx53a2xOavQ+zbog6wIzduRsTpYnHj9T/Jr3+7d7rx4vHm1rcxaP9/oJfuZuOfN9qN/wpr459oM/450CZ3d2Pr/C/c70IzHWXjv/fajn/XLl2jQ3nthcaYbzi5eKmSno6IFyPiRAzvyeqb3c85s3xvpdO61vFftmTtN8eC+XHcL+55fJ/pcr0cESNPEnfTg5sRrxTbxZ+s9X/Spv+z5+P8Nts4mt55tdO6reN/ulZ+initbf8/uqOVbH5/cqxxPow1z4qN/rp19LdO7fc6/qz/928e/2jSer+2tvM2ftz7T9pp3W7P/5Hks0a5mQTXyvX6/HjESPLxxscnHu3brDe3z+I/cXzz61+78z+bfH2+zfhvHbnVcdN+6P/pHfX/zgv3Pvrih07tb6//32yUTuSP5Ne/9vJzZbsH+KTPHwAAAAAAAPSTQkQcjKRQWisXCqXS6vs7jsT+QqVaq5+8WF24PB2Nz8qOxnCheaf7UMv7Icbz98M26xPr6pMRcTgivh3a16iXpqqV6V4HDwAAAAAAAAAAAAAAAAAAAH3iQIfP/2d+H+r10QFPXeOLDfb0+iiAXtjyK/+78U1PQF/aMv+B55b8h8El/2FwyX8YXPIfBpf8h8El/2FwyX8AAAAAAAAAAAAAAAAAAAAAAAAAAADoqvPnzmXLyvLD61NZffrq4sJs9eqp6bQ2W5pbmCpNVeevlGaq1ZlKWpqqzm319yrV6pXxiVi4NlZPa/Wx2uLShbnqwuX6hUtz5Zn0Qjr8v0QFAAAAAAAAAAAAAAAAAAAAz5ba4tJsuVJJ5xU6Ft6PvjiMpxngql3tXuyXKBQ6FG7m3buzvXp4UQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdf4LAAD//++4Mnc=")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
utimes(&(0x7f0000000100)='./file0\x00', 0x0)
lsetxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f00000001c0)='system.posix_acl_default\x00', &(0x7f00000002c0)=ANY=[@ANYBLOB="02"], 0x4, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000000c0)=@x86={0x2, 0x80, 0xd5, 0x0, 0x1, 0x5, 0x7, 0x40, 0xd3, 0x1, 0x8, 0x3, 0x0, 0x40, 0x2, 0x4, 0x4, 0xc8, 0x5, '\x00', 0x7, 0x6})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x8000000001)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r0, 0xae80, 0x0)

program did not crash
testing program (duration=32.57592754s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): mkdirat-syz_mount_image$fuse-umount2-syz_mount_image$ext4-bpf$PROG_LOAD-utimes-lsetxattr$system_posix_acl-ioctl$KVM_SET_VCPU_EVENTS-ioctl$KVM_CREATE_VM-ioctl$KVM_CREATE_VCPU-ioctl$KVM_SET_USER_MEMORY_REGION-ioctl$KVM_RUN
detailed listing:
executing program 0:
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000004c0)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
umount2(0x0, 0xa)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x0, &(0x7f00000004c0)={[{@jqfmt_vfsv1}, {@auto_da_alloc}, {@barrier_val}, {@journal_ioprio}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@resuid}, {@nodelalloc}, {@acl}, {@noinit_itable}]}, 0xfc, 0x572, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hvSuj6TKadKx14PbgXnyRIYg4EP8A330c/gP+FQMdDBlFH0So3PSmy9qkv5aZbPl84Lbn5N7bc78593t7Tm5CAhhYx7IfhYiXI+KbJOJQy7pi5CuPrW63/PD6VLYksbLy6Z9JJPljze2T/PeBvPJSRPz6VcTJwsZ2a4tLs+VKJZ3P62P1uStjtcWlU5fmyjPpTHp5YnLyzFuTE+++83bXYn39/N/ff3L3wzNfH1/+7uf7h28ncTYO5uta43gCN1orx8r/5qXhOLtuw/EuNNZPkl4fALsylOf5cGTXgEMxlGc98Pz7MiJWgAGVyH8YUM1xQHNu36V58DPjwQerE6BG7COt8RdXXxuJvY250f7l5LGZUTbfHe1C+1kbv/xx53a2xOavQ+zbog6wIzduRsTpYnHj9T/Jr3+7d7rx4vHm1rcxaP9/oJfuZuOfN9qN/wpr459oM/450CZ3d2Pr/C/c70IzHWXjv/fajn/XLl2jQ3nthcaYbzi5eKmSno6IFyPiRAzvyeqb3c85s3xvpdO61vFftmTtN8eC+XHcL+55fJ/pcr0cESNPEnfTg5sRrxTbxZ+s9X/Spv+z5+P8Nts4mt55tdO6reN/ulZ+initbf8/uqOVbH5/cqxxPow1z4qN/rp19LdO7fc6/qz/928e/2jSer+2tvM2ftz7T9pp3W7P/5Hks0a5mQTXyvX6/HjESPLxxscnHu3brDe3z+I/cXzz61+78z+bfH2+zfhvHbnVcdN+6P/pHfX/zgv3Pvrih07tb6//32yUTuSP5Ne/9vJzZbsH+KTPHwAAAAAAAPSTQkQcjKRQWisXCqXS6vs7jsT+QqVaq5+8WF24PB2Nz8qOxnCheaf7UMv7Icbz98M26xPr6pMRcTgivh3a16iXpqqV6V4HDwAAAAAAAAAAAAAAAAAAAH3iQIfP/2d+H+r10QFPXeOLDfb0+iiAXtjyK/+78U1PQF/aMv+B55b8h8El/2FwyX8YXPIfBpf8h8El/2FwyX8AAAAAAAAAAAAAAAAAAAAAAAAAAADoqvPnzmXLyvLD61NZffrq4sJs9eqp6bQ2W5pbmCpNVeevlGaq1ZlKWpqqzm319yrV6pXxiVi4NlZPa/Wx2uLShbnqwuX6hUtz5Zn0Qjr8v0QFAAAAAAAAAAAAAAAAAAAAz5ba4tJsuVJJ5xU6Ft6PvjiMpxngql3tXuyXKBQ6FG7m3buzvXp4UQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdf4LAAD//++4Mnc=")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
utimes(&(0x7f0000000100)='./file0\x00', 0x0)
lsetxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f00000001c0)='system.posix_acl_default\x00', &(0x7f00000002c0)=ANY=[@ANYBLOB="02"], 0x4, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000000c0)=@x86={0x2, 0x80, 0xd5, 0x0, 0x1, 0x5, 0x7, 0x40, 0xd3, 0x1, 0x8, 0x3, 0x0, 0x40, 0x2, 0x4, 0x4, 0xc8, 0x5, '\x00', 0x7, 0x6})
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x8000000001)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r1, 0xae80, 0x0)

program did not crash
testing program (duration=32.57592754s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): mkdirat-syz_mount_image$fuse-umount2-syz_mount_image$ext4-bpf$PROG_LOAD-utimes-lsetxattr$system_posix_acl-openat$kvm-ioctl$KVM_CREATE_VM-ioctl$KVM_CREATE_VCPU-ioctl$KVM_SET_USER_MEMORY_REGION-ioctl$KVM_RUN
detailed listing:
executing program 0:
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000004c0)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
umount2(0x0, 0xa)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x0, &(0x7f00000004c0)={[{@jqfmt_vfsv1}, {@auto_da_alloc}, {@barrier_val}, {@journal_ioprio}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@resuid}, {@nodelalloc}, {@acl}, {@noinit_itable}]}, 0xfc, 0x572, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hvSuj6TKadKx14PbgXnyRIYg4EP8A330c/gP+FQMdDBlFH0So3PSmy9qkv5aZbPl84Lbn5N7bc78593t7Tm5CAhhYx7IfhYiXI+KbJOJQy7pi5CuPrW63/PD6VLYksbLy6Z9JJPljze2T/PeBvPJSRPz6VcTJwsZ2a4tLs+VKJZ3P62P1uStjtcWlU5fmyjPpTHp5YnLyzFuTE+++83bXYn39/N/ff3L3wzNfH1/+7uf7h28ncTYO5uta43gCN1orx8r/5qXhOLtuw/EuNNZPkl4fALsylOf5cGTXgEMxlGc98Pz7MiJWgAGVyH8YUM1xQHNu36V58DPjwQerE6BG7COt8RdXXxuJvY250f7l5LGZUTbfHe1C+1kbv/xx53a2xOavQ+zbog6wIzduRsTpYnHj9T/Jr3+7d7rx4vHm1rcxaP9/oJfuZuOfN9qN/wpr459oM/450CZ3d2Pr/C/c70IzHWXjv/fajn/XLl2jQ3nthcaYbzi5eKmSno6IFyPiRAzvyeqb3c85s3xvpdO61vFftmTtN8eC+XHcL+55fJ/pcr0cESNPEnfTg5sRrxTbxZ+s9X/Spv+z5+P8Nts4mt55tdO6reN/ulZ+initbf8/uqOVbH5/cqxxPow1z4qN/rp19LdO7fc6/qz/928e/2jSer+2tvM2ftz7T9pp3W7P/5Hks0a5mQTXyvX6/HjESPLxxscnHu3brDe3z+I/cXzz61+78z+bfH2+zfhvHbnVcdN+6P/pHfX/zgv3Pvrih07tb6//32yUTuSP5Ne/9vJzZbsH+KTPHwAAAAAAAPSTQkQcjKRQWisXCqXS6vs7jsT+QqVaq5+8WF24PB2Nz8qOxnCheaf7UMv7Icbz98M26xPr6pMRcTgivh3a16iXpqqV6V4HDwAAAAAAAAAAAAAAAAAAAH3iQIfP/2d+H+r10QFPXeOLDfb0+iiAXtjyK/+78U1PQF/aMv+B55b8h8El/2FwyX8YXPIfBpf8h8El/2FwyX8AAAAAAAAAAAAAAAAAAAAAAAAAAADoqvPnzmXLyvLD61NZffrq4sJs9eqp6bQ2W5pbmCpNVeevlGaq1ZlKWpqqzm319yrV6pXxiVi4NlZPa/Wx2uLShbnqwuX6hUtz5Zn0Qjr8v0QFAAAAAAAAAAAAAAAAAAAAz5ba4tJsuVJJ5xU6Ft6PvjiMpxngql3tXuyXKBQ6FG7m3buzvXp4UQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdf4LAAD//++4Mnc=")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
utimes(&(0x7f0000000100)='./file0\x00', 0x0)
lsetxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f00000001c0)='system.posix_acl_default\x00', &(0x7f00000002c0)=ANY=[@ANYBLOB="02"], 0x4, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x8000000001)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

program crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted
testing program (duration=32.57592754s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): mkdirat-syz_mount_image$fuse-umount2-syz_mount_image$ext4-bpf$PROG_LOAD-utimes-openat$kvm-ioctl$KVM_CREATE_VM-ioctl$KVM_CREATE_VCPU-ioctl$KVM_SET_USER_MEMORY_REGION-ioctl$KVM_RUN
detailed listing:
executing program 0:
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000004c0)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
umount2(0x0, 0xa)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x0, &(0x7f00000004c0)={[{@jqfmt_vfsv1}, {@auto_da_alloc}, {@barrier_val}, {@journal_ioprio}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@resuid}, {@nodelalloc}, {@acl}, {@noinit_itable}]}, 0xfc, 0x572, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hvSuj6TKadKx14PbgXnyRIYg4EP8A330c/gP+FQMdDBlFH0So3PSmy9qkv5aZbPl84Lbn5N7bc78593t7Tm5CAhhYx7IfhYiXI+KbJOJQy7pi5CuPrW63/PD6VLYksbLy6Z9JJPljze2T/PeBvPJSRPz6VcTJwsZ2a4tLs+VKJZ3P62P1uStjtcWlU5fmyjPpTHp5YnLyzFuTE+++83bXYn39/N/ff3L3wzNfH1/+7uf7h28ncTYO5uta43gCN1orx8r/5qXhOLtuw/EuNNZPkl4fALsylOf5cGTXgEMxlGc98Pz7MiJWgAGVyH8YUM1xQHNu36V58DPjwQerE6BG7COt8RdXXxuJvY250f7l5LGZUTbfHe1C+1kbv/xx53a2xOavQ+zbog6wIzduRsTpYnHj9T/Jr3+7d7rx4vHm1rcxaP9/oJfuZuOfN9qN/wpr459oM/450CZ3d2Pr/C/c70IzHWXjv/fajn/XLl2jQ3nthcaYbzi5eKmSno6IFyPiRAzvyeqb3c85s3xvpdO61vFftmTtN8eC+XHcL+55fJ/pcr0cESNPEnfTg5sRrxTbxZ+s9X/Spv+z5+P8Nts4mt55tdO6reN/ulZ+initbf8/uqOVbH5/cqxxPow1z4qN/rp19LdO7fc6/qz/928e/2jSer+2tvM2ftz7T9pp3W7P/5Hks0a5mQTXyvX6/HjESPLxxscnHu3brDe3z+I/cXzz61+78z+bfH2+zfhvHbnVcdN+6P/pHfX/zgv3Pvrih07tb6//32yUTuSP5Ne/9vJzZbsH+KTPHwAAAAAAAPSTQkQcjKRQWisXCqXS6vs7jsT+QqVaq5+8WF24PB2Nz8qOxnCheaf7UMv7Icbz98M26xPr6pMRcTgivh3a16iXpqqV6V4HDwAAAAAAAAAAAAAAAAAAAH3iQIfP/2d+H+r10QFPXeOLDfb0+iiAXtjyK/+78U1PQF/aMv+B55b8h8El/2FwyX8YXPIfBpf8h8El/2FwyX8AAAAAAAAAAAAAAAAAAAAAAAAAAADoqvPnzmXLyvLD61NZffrq4sJs9eqp6bQ2W5pbmCpNVeevlGaq1ZlKWpqqzm319yrV6pXxiVi4NlZPa/Wx2uLShbnqwuX6hUtz5Zn0Qjr8v0QFAAAAAAAAAAAAAAAAAAAAz5ba4tJsuVJJ5xU6Ft6PvjiMpxngql3tXuyXKBQ6FG7m3buzvXp4UQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdf4LAAD//++4Mnc=")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
utimes(&(0x7f0000000100)='./file0\x00', 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x8000000001)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

program crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted
testing program (duration=32.57592754s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): mkdirat-syz_mount_image$fuse-umount2-syz_mount_image$ext4-bpf$PROG_LOAD-openat$kvm-ioctl$KVM_CREATE_VM-ioctl$KVM_CREATE_VCPU-ioctl$KVM_SET_USER_MEMORY_REGION-ioctl$KVM_RUN
detailed listing:
executing program 0:
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000004c0)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
umount2(0x0, 0xa)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x0, &(0x7f00000004c0)={[{@jqfmt_vfsv1}, {@auto_da_alloc}, {@barrier_val}, {@journal_ioprio}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@resuid}, {@nodelalloc}, {@acl}, {@noinit_itable}]}, 0xfc, 0x572, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hvSuj6TKadKx14PbgXnyRIYg4EP8A330c/gP+FQMdDBlFH0So3PSmy9qkv5aZbPl84Lbn5N7bc78593t7Tm5CAhhYx7IfhYiXI+KbJOJQy7pi5CuPrW63/PD6VLYksbLy6Z9JJPljze2T/PeBvPJSRPz6VcTJwsZ2a4tLs+VKJZ3P62P1uStjtcWlU5fmyjPpTHp5YnLyzFuTE+++83bXYn39/N/ff3L3wzNfH1/+7uf7h28ncTYO5uta43gCN1orx8r/5qXhOLtuw/EuNNZPkl4fALsylOf5cGTXgEMxlGc98Pz7MiJWgAGVyH8YUM1xQHNu36V58DPjwQerE6BG7COt8RdXXxuJvY250f7l5LGZUTbfHe1C+1kbv/xx53a2xOavQ+zbog6wIzduRsTpYnHj9T/Jr3+7d7rx4vHm1rcxaP9/oJfuZuOfN9qN/wpr459oM/450CZ3d2Pr/C/c70IzHWXjv/fajn/XLl2jQ3nthcaYbzi5eKmSno6IFyPiRAzvyeqb3c85s3xvpdO61vFftmTtN8eC+XHcL+55fJ/pcr0cESNPEnfTg5sRrxTbxZ+s9X/Spv+z5+P8Nts4mt55tdO6reN/ulZ+initbf8/uqOVbH5/cqxxPow1z4qN/rp19LdO7fc6/qz/928e/2jSer+2tvM2ftz7T9pp3W7P/5Hks0a5mQTXyvX6/HjESPLxxscnHu3brDe3z+I/cXzz61+78z+bfH2+zfhvHbnVcdN+6P/pHfX/zgv3Pvrih07tb6//32yUTuSP5Ne/9vJzZbsH+KTPHwAAAAAAAPSTQkQcjKRQWisXCqXS6vs7jsT+QqVaq5+8WF24PB2Nz8qOxnCheaf7UMv7Icbz98M26xPr6pMRcTgivh3a16iXpqqV6V4HDwAAAAAAAAAAAAAAAAAAAH3iQIfP/2d+H+r10QFPXeOLDfb0+iiAXtjyK/+78U1PQF/aMv+B55b8h8El/2FwyX8YXPIfBpf8h8El/2FwyX8AAAAAAAAAAAAAAAAAAAAAAAAAAADoqvPnzmXLyvLD61NZffrq4sJs9eqp6bQ2W5pbmCpNVeevlGaq1ZlKWpqqzm319yrV6pXxiVi4NlZPa/Wx2uLShbnqwuX6hUtz5Zn0Qjr8v0QFAAAAAAAAAAAAAAAAAAAAz5ba4tJsuVJJ5xU6Ft6PvjiMpxngql3tXuyXKBQ6FG7m3buzvXp4UQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdf4LAAD//++4Mnc=")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x8000000001)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

program crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted
testing program (duration=32.57592754s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): mkdirat-syz_mount_image$fuse-umount2-syz_mount_image$ext4-openat$kvm-ioctl$KVM_CREATE_VM-ioctl$KVM_CREATE_VCPU-ioctl$KVM_SET_USER_MEMORY_REGION-ioctl$KVM_RUN
detailed listing:
executing program 0:
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000004c0)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
umount2(0x0, 0xa)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x0, &(0x7f00000004c0)={[{@jqfmt_vfsv1}, {@auto_da_alloc}, {@barrier_val}, {@journal_ioprio}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@resuid}, {@nodelalloc}, {@acl}, {@noinit_itable}]}, 0xfc, 0x572, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hvSuj6TKadKx14PbgXnyRIYg4EP8A330c/gP+FQMdDBlFH0So3PSmy9qkv5aZbPl84Lbn5N7bc78593t7Tm5CAhhYx7IfhYiXI+KbJOJQy7pi5CuPrW63/PD6VLYksbLy6Z9JJPljze2T/PeBvPJSRPz6VcTJwsZ2a4tLs+VKJZ3P62P1uStjtcWlU5fmyjPpTHp5YnLyzFuTE+++83bXYn39/N/ff3L3wzNfH1/+7uf7h28ncTYO5uta43gCN1orx8r/5qXhOLtuw/EuNNZPkl4fALsylOf5cGTXgEMxlGc98Pz7MiJWgAGVyH8YUM1xQHNu36V58DPjwQerE6BG7COt8RdXXxuJvY250f7l5LGZUTbfHe1C+1kbv/xx53a2xOavQ+zbog6wIzduRsTpYnHj9T/Jr3+7d7rx4vHm1rcxaP9/oJfuZuOfN9qN/wpr459oM/450CZ3d2Pr/C/c70IzHWXjv/fajn/XLl2jQ3nthcaYbzi5eKmSno6IFyPiRAzvyeqb3c85s3xvpdO61vFftmTtN8eC+XHcL+55fJ/pcr0cESNPEnfTg5sRrxTbxZ+s9X/Spv+z5+P8Nts4mt55tdO6reN/ulZ+initbf8/uqOVbH5/cqxxPow1z4qN/rp19LdO7fc6/qz/928e/2jSer+2tvM2ftz7T9pp3W7P/5Hks0a5mQTXyvX6/HjESPLxxscnHu3brDe3z+I/cXzz61+78z+bfH2+zfhvHbnVcdN+6P/pHfX/zgv3Pvrih07tb6//32yUTuSP5Ne/9vJzZbsH+KTPHwAAAAAAAPSTQkQcjKRQWisXCqXS6vs7jsT+QqVaq5+8WF24PB2Nz8qOxnCheaf7UMv7Icbz98M26xPr6pMRcTgivh3a16iXpqqV6V4HDwAAAAAAAAAAAAAAAAAAAH3iQIfP/2d+H+r10QFPXeOLDfb0+iiAXtjyK/+78U1PQF/aMv+B55b8h8El/2FwyX8YXPIfBpf8h8El/2FwyX8AAAAAAAAAAAAAAAAAAAAAAAAAAADoqvPnzmXLyvLD61NZffrq4sJs9eqp6bQ2W5pbmCpNVeevlGaq1ZlKWpqqzm319yrV6pXxiVi4NlZPa/Wx2uLShbnqwuX6hUtz5Zn0Qjr8v0QFAAAAAAAAAAAAAAAAAAAAz5ba4tJsuVJJ5xU6Ft6PvjiMpxngql3tXuyXKBQ6FG7m3buzvXp4UQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdf4LAAD//++4Mnc=")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x8000000001)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

program crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted
testing program (duration=32.57592754s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): mkdirat-syz_mount_image$fuse-umount2-openat$kvm-ioctl$KVM_CREATE_VM-ioctl$KVM_CREATE_VCPU-ioctl$KVM_SET_USER_MEMORY_REGION-ioctl$KVM_RUN
detailed listing:
executing program 0:
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000004c0)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
umount2(0x0, 0xa)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x8000000001)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

program crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted
testing program (duration=32.57592754s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): mkdirat-syz_mount_image$fuse-openat$kvm-ioctl$KVM_CREATE_VM-ioctl$KVM_CREATE_VCPU-ioctl$KVM_SET_USER_MEMORY_REGION-ioctl$KVM_RUN
detailed listing:
executing program 0:
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000004c0)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x8000000001)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

program crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted
testing program (duration=32.57592754s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): mkdirat-openat$kvm-ioctl$KVM_CREATE_VM-ioctl$KVM_CREATE_VCPU-ioctl$KVM_SET_USER_MEMORY_REGION-ioctl$KVM_RUN
detailed listing:
executing program 0:
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x8000000001)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

program crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted
testing program (duration=32.57592754s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-ioctl$KVM_CREATE_VM-ioctl$KVM_CREATE_VCPU-ioctl$KVM_SET_USER_MEMORY_REGION-ioctl$KVM_RUN
detailed listing:
executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x8000000001)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

program crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted
testing program (duration=32.57592754s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-ioctl$KVM_CREATE_VM-ioctl$KVM_CREATE_VCPU-ioctl$KVM_SET_USER_MEMORY_REGION-ioctl$KVM_RUN
detailed listing:
executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x8000000001)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

program did not crash
testing program (duration=32.57592754s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-ioctl$KVM_CREATE_VM-ioctl$KVM_CREATE_VCPU-ioctl$KVM_SET_USER_MEMORY_REGION-ioctl$KVM_RUN
detailed listing:
executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x8000000001)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

program did not crash
extracting C reproducer
testing compiled C program (duration=32.57592754s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-ioctl$KVM_CREATE_VM-ioctl$KVM_CREATE_VCPU-ioctl$KVM_SET_USER_MEMORY_REGION-ioctl$KVM_RUN
program crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted
simplifying C reproducer
testing compiled C program (duration=32.57592754s, {Threaded:false Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-ioctl$KVM_CREATE_VM-ioctl$KVM_CREATE_VCPU-ioctl$KVM_SET_USER_MEMORY_REGION-ioctl$KVM_RUN
program crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted
testing compiled C program (duration=32.57592754s, {Threaded:false Repeat:false RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:false Cgroups:false BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-ioctl$KVM_CREATE_VM-ioctl$KVM_CREATE_VCPU-ioctl$KVM_SET_USER_MEMORY_REGION-ioctl$KVM_RUN
program did not crash
testing compiled C program (duration=32.57592754s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-ioctl$KVM_CREATE_VM-ioctl$KVM_CREATE_VCPU-ioctl$KVM_SET_USER_MEMORY_REGION-ioctl$KVM_RUN
program crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted
testing compiled C program (duration=32.57592754s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:false UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-ioctl$KVM_CREATE_VM-ioctl$KVM_CREATE_VCPU-ioctl$KVM_SET_USER_MEMORY_REGION-ioctl$KVM_RUN
program crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted
testing compiled C program (duration=32.57592754s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:false UseTmpDir:false HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-ioctl$KVM_CREATE_VM-ioctl$KVM_CREATE_VCPU-ioctl$KVM_SET_USER_MEMORY_REGION-ioctl$KVM_RUN
program crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted
testing compiled C program (duration=32.57592754s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:false UseTmpDir:false HandleSegv:false Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-ioctl$KVM_CREATE_VM-ioctl$KVM_CREATE_VCPU-ioctl$KVM_SET_USER_MEMORY_REGION-ioctl$KVM_RUN
program crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted
testing compiled C program (duration=32.57592754s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:false HandleSegv:false Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-ioctl$KVM_CREATE_VM-ioctl$KVM_CREATE_VCPU-ioctl$KVM_SET_USER_MEMORY_REGION-ioctl$KVM_RUN
program crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted
reproducing took 38m36.719404314s
repro crashed as (corrupted=true):
BUG: kernel NULL pointer dereference, address: 0000000000000086
#PF: supervisor instruction fetch in kernel mode
#PF: error_code(0x0010) - not-present page
PGD 0 P4D 0 
Oops: 0010 [#1] PREEMPT SMP KASAN
CPU: 1 PID: 352 Comm: syz-executor415 Not tainted 5.4.290-syzkaller-00002-g41adfeb3d639 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
RIP: 0010:0x86
Code: Bad RIP value.
RSP: 0018:ffff8881eeca7308 EFLAGS: 00010086
RAX: ffff8881eeca7338 RBX: dffffc0000000000 RCX: ffff8881f0d94ec0
RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
RBP: 0000000000000ec0 R08: ffffffff8231cd01 R09: ffffffff811c8f95
R10: ffff8881f0d94ec0 R11: 0000000000000002 R12: ffffffff84601550
R13: fffffe0000000ec8 R14: ffff8881ef2a8000 R15: fffffe0000000ecb
FS:  000055556b5e7380(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000000000000005c CR3: 00000001de12c000 CR4: 00000000003426a0
Call Trace:
Modules linked in:
CR2: 0000000000000086
---[ end trace 258e5620790368cb ]---
RIP: 0010:0x86
Code: Bad RIP value.
RSP: 0018:ffff8881eeca7308 EFLAGS: 00010086
RAX: ffff8881eeca7338 RBX: dffffc0000000000 RCX: ffff8881f0d94ec0
RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
RBP: 0000000000000ec0 R08: ffffffff8231cd01 R09: ffffffff811c8f95
R10: ffff8881f0d94ec0 R11: 0000000000000002 R12: ffffffff84601550
R13: fffffe0000000ec8 R14: ffff8881ef2a8000 R15: fffffe0000000ecb
FS:  000055556b5e7380(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000000000000005c CR3: 00000001de12c000 CR4: 00000000003426a0

report is corrupted, running repro again
testing compiled C program (duration=32.57592754s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:false HandleSegv:false Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-ioctl$KVM_CREATE_VM-ioctl$KVM_CREATE_VCPU-ioctl$KVM_SET_USER_MEMORY_REGION-ioctl$KVM_RUN
program crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted
report is corrupted, running repro again
testing compiled C program (duration=32.57592754s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:false HandleSegv:false Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-ioctl$KVM_CREATE_VM-ioctl$KVM_CREATE_VCPU-ioctl$KVM_SET_USER_MEMORY_REGION-ioctl$KVM_RUN
program crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted
report is corrupted, running repro again
testing compiled C program (duration=32.57592754s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:false HandleSegv:false Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-ioctl$KVM_CREATE_VM-ioctl$KVM_CREATE_VCPU-ioctl$KVM_SET_USER_MEMORY_REGION-ioctl$KVM_RUN
program crashed: BUG: unable to handle kernel NULL pointer dereference in corrupted
final repro crashed as (corrupted=true):
BUG: kernel NULL pointer dereference, address: 0000000000000086
#PF: supervisor instruction fetch in kernel mode
#PF: error_code(0x0010) - not-present page
PGD 0 P4D 0 
Oops: 0010 [#1] PREEMPT SMP KASAN
CPU: 1 PID: 378 Comm: syz-executor110 Not tainted 5.4.290-syzkaller-00002-g41adfeb3d639 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
RIP: 0010:0x86
Code: Bad RIP value.
RSP: 0018:ffff8881eeb87308 EFLAGS: 00010086
RAX: ffff8881eeb87338 RBX: dffffc0000000000 RCX: ffff8881f0da4ec0
RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
RBP: 0000000000000ec0 R08: ffffffff8231cd01 R09: ffffffff811c8f95
R10: ffff8881f0da4ec0 R11: 0000000000000002 R12: ffffffff84601550
R13: fffffe0000000ec8 R14: ffff8881eea10000 R15: fffffe0000000ecb
FS:  00005555938ac380(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000000000000005c CR3: 00000001ef3da000 CR4: 00000000003426a0
Call Trace:
Modules linked in:
CR2: 0000000000000086
---[ end trace 9d79fe315b5867a9 ]---
RIP: 0010:0x86
Code: Bad RIP value.
RSP: 0018:ffff8881eeb87308 EFLAGS: 00010086
RAX: ffff8881eeb87338 RBX: dffffc0000000000 RCX: ffff8881f0da4ec0
RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
RBP: 0000000000000ec0 R08: ffffffff8231cd01 R09: ffffffff811c8f95
R10: ffff8881f0da4ec0 R11: 0000000000000002 R12: ffffffff84601550
R13: fffffe0000000ec8 R14: ffff8881eea10000 R15: fffffe0000000ecb
FS:  00005555938ac380(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000000000000005c CR3: 00000001ef3da000 CR4: 00000000003426a0