Extracting prog: 4m10.087559724s Minimizing prog: 26m19.484309837s Simplifying prog options: 0s Extracting C: 28.236296031s Simplifying C: 8m9.137783745s extracting reproducer from 1 programs testing a last program of every proc single: executing 1 programs separately with timeout 30s testing program (duration=30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:6 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$nilfs2-seccomp$SECCOMP_SET_MODE_FILTER_LISTENER-socket$unix-dup2-close_range-openat$cgroup_ro-openat$cgroup_ro-syz_mount_image$fuse-mknodat-write$binfmt_script-mmap-openat$cgroup_ro-ioctl$LOOP_SET_STATUS-socket$nl_generic-sendfile detailed listing: executing program 0: syz_mount_image$nilfs2(&(0x7f0000000ec0), &(0x7f0000000f00)='./file0\x00', 0x3210052, &(0x7f0000000840)={[{}, {@nodiscard}, {@norecovery}, {@order_strict}, {@nobarrier}, {@order_strict}, {@nodiscard}, {@order_relaxed}], [], 0x2c}, 0x3, 0xee9, &(0x7f0000000f40)="$eJzs3U9sHNUZAPA367+JTbwGCgZKSKEVgYIdkkhNb0GgHhGX3kEhoRGGooYeiPgTekBUQhQJ0UvFgYoLpVKK1EqgShXqqe2pVW89oV6oVKVSUA9tpMRVnPfs9Utedz2xZ727v5/07ds3b3a+b7yRMzOefRuAkdVafTx8eKEK4d1P33n05aeq31xedtfaGvtWH6vYa4cQJjr6Vba9z+OCi+dfOnattgoHVx9TPzx2bu21MyGEM2Ff+Cy0w0dLy19++N4j+z9+ffqWt04/88o27f6afD8AAGAYnf3T8t/u+8cfH5i/cHbv0TC1tjwdn7djfyYe9x+IB8rpeLkVNvarjug0ma03FqOVrTeWrTee5Rkv5JvItjNRWG+yS76xjmXX2k8AAAAYROm8th2q1uKGfqu1uHjlvP+yz+cmq8XnTi6fONWnQgEAAIDa/v3q6k23QgghhBBCCCHEtseudDLa62s2u74oxspcf647AAAAAKMrny/sKme2dqauta21e8t/7uHWtV8PW6Dpf//yD1b+D17zGwcAgPqG9Wgy7Vc6jk7zGOTzCI5lr9vs8X8r2874JusszSs4KPMNlurMf647Van+zb6P/VKqP58Pc6cq1Z/P07lTleqfariOukr1TzdcR12l+nc1XEddpfp3N1xHXaX6Zxquo65S/bMN11FXqf4bGq6jrlL9exquo65S/YNyW22p/nbDddRVqn++4TrqKtV/Y8N11FWq/6aG66irVP/NDdfRL3fGNv0c9mbjnefP+TndoJzjAQAAwKj7r/n/hBBCCCGGI9IfdPpdhxBCiB0Zr/b5+gMAAADQf+kycvrU+0qUxse6jI93GZ/oMj7ZZXyqyzgAAAAQwm/fOHHb29X65/yvdz68NG9Umn9ps/MY5fMRbjb/9c57dr35B2XeMgAAAEZL9Z3PLt3/6PsvzF84u/dox9nvpXi+m+YBHY/XBj6J/XRfwGzWr9I59NGNeVqF9fLrAzeUtvf4de4oAAAAjLB0/t4OVWux47y7HVqtxcX18/GFMFGdOLl8/EDsp+9n+cPcxNTl5Q81XDcAAADQu/Xz/Wuf/6fv8V0Ik9XicyeXT5y60p9dWz7R6rwuMLe+vOq8LtDOlh8sLD8U++n7O783t2t1+eKx7y8/tdU7DwAAACPi1Iunn3lyefn4DzzxxBNP1p70+zcTAACw1b744p2JHx6a/d2Vz/+vz3+XPv+/L/bbcW6/P8cV0n0C6XMAV31e/4mNeeZK6z2/cb12tt5YjKms7umO7YSO+QbT6+ZL+dobtzNZyDeT5ZvN8uXzFIxn66d8e7Ll+fyEab25bHk+D+N4lqPK8t8dAAAAoGzphWefXzr14ukHTz775NPHnz7+3KGDR7595MiBh7710NLqff1LnXf3AwAAAINo/abfflcCAAAAAAAAAAAAAAAAAAAAo6uJrxPr9z4CAADAqPvXqyGEM0KIQlz5Cszm877Zp7xCCCGEGOQY2wE1CCF2bKys5N80DwAAALC9Lp5/6Vhne5Uz1Zbmq7JtX4p5Uzv74F/nL0da5dzDG6+X7N7Sahh1Tf/7l3+w8n/w2tbmn05P2lea7r//Whs3cLRe3nuXfrHQmf/28R7z5/v/eL38+7P894be8q+8n+V/ol7++7L8u3vMf9X+P18v//0x/0Ls77+n1/wb3/+p2Kb92NVj/m9m+/9U6DV/tv/tHhNmHoj5AWAUtfpdwDZJRwnpOHom9tP+xsPNkN/9sNnj/1a2nfHrrnzjdtNx0K2xn46XZrO8Sc/1//Q/KysdP5e0vRtq1pkblLtKSvVv1fu43Ur1TzRcR12l+icbrqOuUv1TDddRV6n+6YbrqKtUf6/nof1Wqn9QriuX6p9puI66SvXPNlxHXaX6N/v/eL+U6t/TcB11leqfa7iOukr117ys1rhS/fMN11FXqf4bG66jrlL9NzVcR12l+m9uuI5+uSO2pfPhdP45F8dSv531p67xsxzWawsAAAAwaP5p/j8hhjMuP/a7BrGF0fFX7b7XIoQQoxJ37/F7VwgxTLF6Ezgja3s/zQzATuX3/2jz/o827/9o8/7z/6R7+Kusn4x1GR/vMj7RZXwyG8//vU51Gb8p2+5KlMZv7jL+lS7je7qM39plfKHL+G1dxm/vMn5Hl3EAAABGwy2xdX4IAAAAw+vlX37y5q/vfeL8/IWze4+GyavmnT8Q+1Pxb+tvxH4+730yEf/m/6PY/3lsfx/bv2fru/8EAAAAtl/6nhh//wcAAIDhlb6n1Pk/AAAADK/52Dr/BwAAgOF1Y2yd/wMAAMAQq6avvTi26brA3bHtdV4/AGDn+2ps74zt3tjeFduvxTYdB9wT2683VB8AsHV+9t0fH3m7Wp/v/1A2fjEuT+1Vzly5UlC1Ns7kvyu2u2P7jR7ryb8PoNf8yZ4e82xX/rnrzA8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADI/W6uPhwwtVCO9++s6jP5l88y+Xl921tsa+1ccq9tohhIm116XR9f6v4ooXz790rLO9FNsqHAxVqNaWh8fOrWWaCSGcCfvCZ6EdPlpa/vLD9x7Z//Hr07e8dfqZV7bxR7Bh/wAAAGAY/S8AAP//Tq4eGQ==") r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) r1 = socket$unix(0x1, 0x5, 0x0) r2 = dup2(r1, r0) close_range(r2, 0xffffffffffffffff, 0x0) r3 = openat$cgroup_ro(r2, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) r5 = syz_mount_image$fuse(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x2000000, &(0x7f0000000200)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x1000}, 0x2c, {}, 0x2c, {'group_id', 0x3d, 0xee00}, 0x2c, {[{@max_read={'max_read', 0x3d, 0x10}}, {@max_read={'max_read', 0x3d, 0x81ce}}, {@max_read={'max_read', 0x3d, 0x80}}, {@blksize={'blksize', 0x3d, 0x200}}, {@blksize={'blksize', 0x3d, 0x400}}, {@default_permissions}, {@default_permissions}], [{@appraise_type}, {@func={'func', 0x3d, 'BPRM_CHECK'}}, {@dont_appraise}, {@obj_role={'obj_role', 0x3d, 'barrier'}}, {@fsname={'fsname', 0x3d, '@-:]'}}]}}, 0x1, 0x0, &(0x7f0000000380)="87da355ec79c3e5efac4bc04c314e0d96fec18dab80dbd3d2d66") mknodat(r5, &(0x7f00000003c0)='./file0\x00', 0x200, 0x40) write$binfmt_script(r4, &(0x7f0000000180), 0xfea7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c02, &(0x7f00000000c0)={0x0, {}, 0x0, {}, 0x7fff, 0xa, 0x1f, 0x0, "330b6c03d420f15151cef6b232771609d9a4e1b0e03231d53d1ec48c530f963dac56a61f4f6e8370c95f6d8753ea588d7e88ce9fa7ba2723772523b072d87fbd", "2f4c71a83bb556356f0abe4877e4f2ba004d091b444d18fb604de0bae0b87689", [0xbb41, 0xb6f]}) r7 = socket$nl_generic(0x10, 0x3, 0x10) sendfile(r7, r6, 0x0, 0x100000002) program did not crash single: failed to extract reproducer single: executing 1 programs separately with timeout 1m40s testing program (duration=1m40s, {Threaded:true Repeat:true RepeatTimes:0 Procs:6 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$nilfs2-seccomp$SECCOMP_SET_MODE_FILTER_LISTENER-socket$unix-dup2-close_range-openat$cgroup_ro-openat$cgroup_ro-syz_mount_image$fuse-mknodat-write$binfmt_script-mmap-openat$cgroup_ro-ioctl$LOOP_SET_STATUS-socket$nl_generic-sendfile detailed listing: executing program 0: syz_mount_image$nilfs2(&(0x7f0000000ec0), &(0x7f0000000f00)='./file0\x00', 0x3210052, &(0x7f0000000840)={[{}, {@nodiscard}, {@norecovery}, {@order_strict}, {@nobarrier}, {@order_strict}, {@nodiscard}, {@order_relaxed}], [], 0x2c}, 0x3, 0xee9, &(0x7f0000000f40)="$eJzs3U9sHNUZAPA367+JTbwGCgZKSKEVgYIdkkhNb0GgHhGX3kEhoRGGooYeiPgTekBUQhQJ0UvFgYoLpVKK1EqgShXqqe2pVW89oV6oVKVSUA9tpMRVnPfs9Utedz2xZ727v5/07ds3b3a+b7yRMzOefRuAkdVafTx8eKEK4d1P33n05aeq31xedtfaGvtWH6vYa4cQJjr6Vba9z+OCi+dfOnattgoHVx9TPzx2bu21MyGEM2Ff+Cy0w0dLy19++N4j+z9+ffqWt04/88o27f6afD8AAGAYnf3T8t/u+8cfH5i/cHbv0TC1tjwdn7djfyYe9x+IB8rpeLkVNvarjug0ma03FqOVrTeWrTee5Rkv5JvItjNRWG+yS76xjmXX2k8AAAAYROm8th2q1uKGfqu1uHjlvP+yz+cmq8XnTi6fONWnQgEAAIDa/v3q6k23QgghhBBCCCHEtseudDLa62s2u74oxspcf647AAAAAKMrny/sKme2dqauta21e8t/7uHWtV8PW6Dpf//yD1b+D17zGwcAgPqG9Wgy7Vc6jk7zGOTzCI5lr9vs8X8r2874JusszSs4KPMNlurMf647Van+zb6P/VKqP58Pc6cq1Z/P07lTleqfariOukr1TzdcR12l+nc1XEddpfp3N1xHXaX6Zxquo65S/bMN11FXqf4bGq6jrlL9exquo65S/YNyW22p/nbDddRVqn++4TrqKtV/Y8N11FWq/6aG66irVP/NDdfRL3fGNv0c9mbjnefP+TndoJzjAQAAwKj7r/n/hBBCCCGGI9IfdPpdhxBCiB0Zr/b5+gMAAADQf+kycvrU+0qUxse6jI93GZ/oMj7ZZXyqyzgAAAAQwm/fOHHb29X65/yvdz68NG9Umn9ps/MY5fMRbjb/9c57dr35B2XeMgAAAEZL9Z3PLt3/6PsvzF84u/dox9nvpXi+m+YBHY/XBj6J/XRfwGzWr9I59NGNeVqF9fLrAzeUtvf4de4oAAAAjLB0/t4OVWux47y7HVqtxcX18/GFMFGdOLl8/EDsp+9n+cPcxNTl5Q81XDcAAADQu/Xz/Wuf/6fv8V0Ik9XicyeXT5y60p9dWz7R6rwuMLe+vOq8LtDOlh8sLD8U++n7O783t2t1+eKx7y8/tdU7DwAAACPi1Iunn3lyefn4DzzxxBNP1p70+zcTAACw1b744p2JHx6a/d2Vz/+vz3+XPv+/L/bbcW6/P8cV0n0C6XMAV31e/4mNeeZK6z2/cb12tt5YjKms7umO7YSO+QbT6+ZL+dobtzNZyDeT5ZvN8uXzFIxn66d8e7Ll+fyEab25bHk+D+N4lqPK8t8dAAAAoGzphWefXzr14ukHTz775NPHnz7+3KGDR7595MiBh7710NLqff1LnXf3AwAAAINo/abfflcCAAAAAAAAAAAAAAAAAAAAo6uJrxPr9z4CAADAqPvXqyGEM0KIQlz5Cszm877Zp7xCCCGEGOQY2wE1CCF2bKys5N80DwAAALC9Lp5/6Vhne5Uz1Zbmq7JtX4p5Uzv74F/nL0da5dzDG6+X7N7Sahh1Tf/7l3+w8n/w2tbmn05P2lea7r//Whs3cLRe3nuXfrHQmf/28R7z5/v/eL38+7P894be8q+8n+V/ol7++7L8u3vMf9X+P18v//0x/0Ls77+n1/wb3/+p2Kb92NVj/m9m+/9U6DV/tv/tHhNmHoj5AWAUtfpdwDZJRwnpOHom9tP+xsPNkN/9sNnj/1a2nfHrrnzjdtNx0K2xn46XZrO8Sc/1//Q/KysdP5e0vRtq1pkblLtKSvVv1fu43Ur1TzRcR12l+icbrqOuUv1TDddRV6n+6YbrqKtUf6/nof1Wqn9QriuX6p9puI66SvXPNlxHXaX6N/v/eL+U6t/TcB11leqfa7iOukr117ys1rhS/fMN11FXqf4bG66jrlL9NzVcR12l+m9uuI5+uSO2pfPhdP45F8dSv531p67xsxzWawsAAAAwaP5p/j8hhjMuP/a7BrGF0fFX7b7XIoQQoxJ37/F7VwgxTLF6Ezgja3s/zQzATuX3/2jz/o827/9o8/7z/6R7+Kusn4x1GR/vMj7RZXwyG8//vU51Gb8p2+5KlMZv7jL+lS7je7qM39plfKHL+G1dxm/vMn5Hl3EAAABGwy2xdX4IAAAAw+vlX37y5q/vfeL8/IWze4+GyavmnT8Q+1Pxb+tvxH4+730yEf/m/6PY/3lsfx/bv2fru/8EAAAAtl/6nhh//wcAAIDhlb6n1Pk/AAAADK/52Dr/BwAAgOF1Y2yd/wMAAMAQq6avvTi26brA3bHtdV4/AGDn+2ps74zt3tjeFduvxTYdB9wT2683VB8AsHV+9t0fH3m7Wp/v/1A2fjEuT+1Vzly5UlC1Ns7kvyu2u2P7jR7ryb8PoNf8yZ4e82xX/rnrzA8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADI/W6uPhwwtVCO9++s6jP5l88y+Xl921tsa+1ccq9tohhIm116XR9f6v4ooXz790rLO9FNsqHAxVqNaWh8fOrWWaCSGcCfvCZ6EdPlpa/vLD9x7Z//Hr07e8dfqZV7bxR7Bh/wAAAGAY/S8AAP//Tq4eGQ==") r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) r1 = socket$unix(0x1, 0x5, 0x0) r2 = dup2(r1, r0) close_range(r2, 0xffffffffffffffff, 0x0) r3 = openat$cgroup_ro(r2, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) r5 = syz_mount_image$fuse(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x2000000, &(0x7f0000000200)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x1000}, 0x2c, {}, 0x2c, {'group_id', 0x3d, 0xee00}, 0x2c, {[{@max_read={'max_read', 0x3d, 0x10}}, {@max_read={'max_read', 0x3d, 0x81ce}}, {@max_read={'max_read', 0x3d, 0x80}}, {@blksize={'blksize', 0x3d, 0x200}}, {@blksize={'blksize', 0x3d, 0x400}}, {@default_permissions}, {@default_permissions}], [{@appraise_type}, {@func={'func', 0x3d, 'BPRM_CHECK'}}, {@dont_appraise}, {@obj_role={'obj_role', 0x3d, 'barrier'}}, {@fsname={'fsname', 0x3d, '@-:]'}}]}}, 0x1, 0x0, &(0x7f0000000380)="87da355ec79c3e5efac4bc04c314e0d96fec18dab80dbd3d2d66") mknodat(r5, &(0x7f00000003c0)='./file0\x00', 0x200, 0x40) write$binfmt_script(r4, &(0x7f0000000180), 0xfea7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c02, &(0x7f00000000c0)={0x0, {}, 0x0, {}, 0x7fff, 0xa, 0x1f, 0x0, "330b6c03d420f15151cef6b232771609d9a4e1b0e03231d53d1ec48c530f963dac56a61f4f6e8370c95f6d8753ea588d7e88ce9fa7ba2723772523b072d87fbd", "2f4c71a83bb556356f0abe4877e4f2ba004d091b444d18fb604de0bae0b87689", [0xbb41, 0xb6f]}) r7 = socket$nl_generic(0x10, 0x3, 0x10) sendfile(r7, r6, 0x0, 0x100000002) program crashed: KASAN: use-after-free Read in nilfs_find_entry single: successfully extracted reproducer found reproducer with 15 syscalls minimizing guilty program testing program (duration=2m3.659316054s, {Threaded:true Repeat:true RepeatTimes:0 Procs:6 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$nilfs2-seccomp$SECCOMP_SET_MODE_FILTER_LISTENER-socket$unix-dup2-close_range-openat$cgroup_ro-openat$cgroup_ro-syz_mount_image$fuse-mknodat-write$binfmt_script-mmap-openat$cgroup_ro-ioctl$LOOP_SET_STATUS-socket$nl_generic detailed listing: executing program 0: syz_mount_image$nilfs2(&(0x7f0000000ec0), &(0x7f0000000f00)='./file0\x00', 0x3210052, &(0x7f0000000840)={[{}, {@nodiscard}, {@norecovery}, {@order_strict}, {@nobarrier}, {@order_strict}, {@nodiscard}, {@order_relaxed}], [], 0x2c}, 0x3, 0xee9, &(0x7f0000000f40)="$eJzs3U9sHNUZAPA367+JTbwGCgZKSKEVgYIdkkhNb0GgHhGX3kEhoRGGooYeiPgTekBUQhQJ0UvFgYoLpVKK1EqgShXqqe2pVW89oV6oVKVSUA9tpMRVnPfs9Utedz2xZ727v5/07ds3b3a+b7yRMzOefRuAkdVafTx8eKEK4d1P33n05aeq31xedtfaGvtWH6vYa4cQJjr6Vba9z+OCi+dfOnattgoHVx9TPzx2bu21MyGEM2Ff+Cy0w0dLy19++N4j+z9+ffqWt04/88o27f6afD8AAGAYnf3T8t/u+8cfH5i/cHbv0TC1tjwdn7djfyYe9x+IB8rpeLkVNvarjug0ma03FqOVrTeWrTee5Rkv5JvItjNRWG+yS76xjmXX2k8AAAAYROm8th2q1uKGfqu1uHjlvP+yz+cmq8XnTi6fONWnQgEAAIDa/v3q6k23QgghhBBCCCHEtseudDLa62s2u74oxspcf647AAAAAKMrny/sKme2dqauta21e8t/7uHWtV8PW6Dpf//yD1b+D17zGwcAgPqG9Wgy7Vc6jk7zGOTzCI5lr9vs8X8r2874JusszSs4KPMNlurMf647Van+zb6P/VKqP58Pc6cq1Z/P07lTleqfariOukr1TzdcR12l+nc1XEddpfp3N1xHXaX6Zxquo65S/bMN11FXqf4bGq6jrlL9exquo65S/YNyW22p/nbDddRVqn++4TrqKtV/Y8N11FWq/6aG66irVP/NDdfRL3fGNv0c9mbjnefP+TndoJzjAQAAwKj7r/n/hBBCCCGGI9IfdPpdhxBCiB0Zr/b5+gMAAADQf+kycvrU+0qUxse6jI93GZ/oMj7ZZXyqyzgAAAAQwm/fOHHb29X65/yvdz68NG9Umn9ps/MY5fMRbjb/9c57dr35B2XeMgAAAEZL9Z3PLt3/6PsvzF84u/dox9nvpXi+m+YBHY/XBj6J/XRfwGzWr9I59NGNeVqF9fLrAzeUtvf4de4oAAAAjLB0/t4OVWux47y7HVqtxcX18/GFMFGdOLl8/EDsp+9n+cPcxNTl5Q81XDcAAADQu/Xz/Wuf/6fv8V0Ik9XicyeXT5y60p9dWz7R6rwuMLe+vOq8LtDOlh8sLD8U++n7O783t2t1+eKx7y8/tdU7DwAAACPi1Iunn3lyefn4DzzxxBNP1p70+zcTAACw1b744p2JHx6a/d2Vz/+vz3+XPv+/L/bbcW6/P8cV0n0C6XMAV31e/4mNeeZK6z2/cb12tt5YjKms7umO7YSO+QbT6+ZL+dobtzNZyDeT5ZvN8uXzFIxn66d8e7Ll+fyEab25bHk+D+N4lqPK8t8dAAAAoGzphWefXzr14ukHTz775NPHnz7+3KGDR7595MiBh7710NLqff1LnXf3AwAAAINo/abfflcCAAAAAAAAAAAAAAAAAAAAo6uJrxPr9z4CAADAqPvXqyGEM0KIQlz5Cszm877Zp7xCCCGEGOQY2wE1CCF2bKys5N80DwAAALC9Lp5/6Vhne5Uz1Zbmq7JtX4p5Uzv74F/nL0da5dzDG6+X7N7Sahh1Tf/7l3+w8n/w2tbmn05P2lea7r//Whs3cLRe3nuXfrHQmf/28R7z5/v/eL38+7P894be8q+8n+V/ol7++7L8u3vMf9X+P18v//0x/0Ls77+n1/wb3/+p2Kb92NVj/m9m+/9U6DV/tv/tHhNmHoj5AWAUtfpdwDZJRwnpOHom9tP+xsPNkN/9sNnj/1a2nfHrrnzjdtNx0K2xn46XZrO8Sc/1//Q/KysdP5e0vRtq1pkblLtKSvVv1fu43Ur1TzRcR12l+icbrqOuUv1TDddRV6n+6YbrqKtUf6/nof1Wqn9QriuX6p9puI66SvXPNlxHXaX6N/v/eL+U6t/TcB11leqfa7iOukr117ys1rhS/fMN11FXqf4bG66jrlL9NzVcR12l+m9uuI5+uSO2pfPhdP45F8dSv531p67xsxzWawsAAAAwaP5p/j8hhjMuP/a7BrGF0fFX7b7XIoQQoxJ37/F7VwgxTLF6Ezgja3s/zQzATuX3/2jz/o827/9o8/7z/6R7+Kusn4x1GR/vMj7RZXwyG8//vU51Gb8p2+5KlMZv7jL+lS7je7qM39plfKHL+G1dxm/vMn5Hl3EAAABGwy2xdX4IAAAAw+vlX37y5q/vfeL8/IWze4+GyavmnT8Q+1Pxb+tvxH4+730yEf/m/6PY/3lsfx/bv2fru/8EAAAAtl/6nhh//wcAAIDhlb6n1Pk/AAAADK/52Dr/BwAAgOF1Y2yd/wMAAMAQq6avvTi26brA3bHtdV4/AGDn+2ps74zt3tjeFduvxTYdB9wT2683VB8AsHV+9t0fH3m7Wp/v/1A2fjEuT+1Vzly5UlC1Ns7kvyu2u2P7jR7ryb8PoNf8yZ4e82xX/rnrzA8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADI/W6uPhwwtVCO9++s6jP5l88y+Xl921tsa+1ccq9tohhIm116XR9f6v4ooXz790rLO9FNsqHAxVqNaWh8fOrWWaCSGcCfvCZ6EdPlpa/vLD9x7Z//Hr07e8dfqZV7bxR7Bh/wAAAGAY/S8AAP//Tq4eGQ==") r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) r1 = socket$unix(0x1, 0x5, 0x0) r2 = dup2(r1, r0) close_range(r2, 0xffffffffffffffff, 0x0) r3 = openat$cgroup_ro(r2, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) r5 = syz_mount_image$fuse(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x2000000, &(0x7f0000000200)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x1000}, 0x2c, {}, 0x2c, {'group_id', 0x3d, 0xee00}, 0x2c, {[{@max_read={'max_read', 0x3d, 0x10}}, {@max_read={'max_read', 0x3d, 0x81ce}}, {@max_read={'max_read', 0x3d, 0x80}}, {@blksize={'blksize', 0x3d, 0x200}}, {@blksize={'blksize', 0x3d, 0x400}}, {@default_permissions}, {@default_permissions}], [{@appraise_type}, {@func={'func', 0x3d, 'BPRM_CHECK'}}, {@dont_appraise}, {@obj_role={'obj_role', 0x3d, 'barrier'}}, {@fsname={'fsname', 0x3d, '@-:]'}}]}}, 0x1, 0x0, &(0x7f0000000380)="87da355ec79c3e5efac4bc04c314e0d96fec18dab80dbd3d2d66") mknodat(r5, &(0x7f00000003c0)='./file0\x00', 0x200, 0x40) write$binfmt_script(r4, &(0x7f0000000180), 0xfea7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c02, &(0x7f00000000c0)={0x0, {}, 0x0, {}, 0x7fff, 0xa, 0x1f, 0x0, "330b6c03d420f15151cef6b232771609d9a4e1b0e03231d53d1ec48c530f963dac56a61f4f6e8370c95f6d8753ea588d7e88ce9fa7ba2723772523b072d87fbd", "2f4c71a83bb556356f0abe4877e4f2ba004d091b444d18fb604de0bae0b87689", [0xbb41, 0xb6f]}) socket$nl_generic(0x10, 0x3, 0x10) program crashed: KASAN: use-after-free Read in nilfs_find_entry testing program (duration=2m3.659316054s, {Threaded:true Repeat:true RepeatTimes:0 Procs:6 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$nilfs2-seccomp$SECCOMP_SET_MODE_FILTER_LISTENER-socket$unix-dup2-close_range-openat$cgroup_ro-openat$cgroup_ro-syz_mount_image$fuse-mknodat-write$binfmt_script-mmap-openat$cgroup_ro-ioctl$LOOP_SET_STATUS detailed listing: executing program 0: syz_mount_image$nilfs2(&(0x7f0000000ec0), &(0x7f0000000f00)='./file0\x00', 0x3210052, &(0x7f0000000840)={[{}, {@nodiscard}, {@norecovery}, {@order_strict}, {@nobarrier}, {@order_strict}, {@nodiscard}, {@order_relaxed}], [], 0x2c}, 0x3, 0xee9, &(0x7f0000000f40)="$eJzs3U9sHNUZAPA367+JTbwGCgZKSKEVgYIdkkhNb0GgHhGX3kEhoRGGooYeiPgTekBUQhQJ0UvFgYoLpVKK1EqgShXqqe2pVW89oV6oVKVSUA9tpMRVnPfs9Utedz2xZ727v5/07ds3b3a+b7yRMzOefRuAkdVafTx8eKEK4d1P33n05aeq31xedtfaGvtWH6vYa4cQJjr6Vba9z+OCi+dfOnattgoHVx9TPzx2bu21MyGEM2Ff+Cy0w0dLy19++N4j+z9+ffqWt04/88o27f6afD8AAGAYnf3T8t/u+8cfH5i/cHbv0TC1tjwdn7djfyYe9x+IB8rpeLkVNvarjug0ma03FqOVrTeWrTee5Rkv5JvItjNRWG+yS76xjmXX2k8AAAAYROm8th2q1uKGfqu1uHjlvP+yz+cmq8XnTi6fONWnQgEAAIDa/v3q6k23QgghhBBCCCHEtseudDLa62s2u74oxspcf647AAAAAKMrny/sKme2dqauta21e8t/7uHWtV8PW6Dpf//yD1b+D17zGwcAgPqG9Wgy7Vc6jk7zGOTzCI5lr9vs8X8r2874JusszSs4KPMNlurMf647Van+zb6P/VKqP58Pc6cq1Z/P07lTleqfariOukr1TzdcR12l+nc1XEddpfp3N1xHXaX6Zxquo65S/bMN11FXqf4bGq6jrlL9exquo65S/YNyW22p/nbDddRVqn++4TrqKtV/Y8N11FWq/6aG66irVP/NDdfRL3fGNv0c9mbjnefP+TndoJzjAQAAwKj7r/n/hBBCCCGGI9IfdPpdhxBCiB0Zr/b5+gMAAADQf+kycvrU+0qUxse6jI93GZ/oMj7ZZXyqyzgAAAAQwm/fOHHb29X65/yvdz68NG9Umn9ps/MY5fMRbjb/9c57dr35B2XeMgAAAEZL9Z3PLt3/6PsvzF84u/dox9nvpXi+m+YBHY/XBj6J/XRfwGzWr9I59NGNeVqF9fLrAzeUtvf4de4oAAAAjLB0/t4OVWux47y7HVqtxcX18/GFMFGdOLl8/EDsp+9n+cPcxNTl5Q81XDcAAADQu/Xz/Wuf/6fv8V0Ik9XicyeXT5y60p9dWz7R6rwuMLe+vOq8LtDOlh8sLD8U++n7O783t2t1+eKx7y8/tdU7DwAAACPi1Iunn3lyefn4DzzxxBNP1p70+zcTAACw1b744p2JHx6a/d2Vz/+vz3+XPv+/L/bbcW6/P8cV0n0C6XMAV31e/4mNeeZK6z2/cb12tt5YjKms7umO7YSO+QbT6+ZL+dobtzNZyDeT5ZvN8uXzFIxn66d8e7Ll+fyEab25bHk+D+N4lqPK8t8dAAAAoGzphWefXzr14ukHTz775NPHnz7+3KGDR7595MiBh7710NLqff1LnXf3AwAAAINo/abfflcCAAAAAAAAAAAAAAAAAAAAo6uJrxPr9z4CAADAqPvXqyGEM0KIQlz5Cszm877Zp7xCCCGEGOQY2wE1CCF2bKys5N80DwAAALC9Lp5/6Vhne5Uz1Zbmq7JtX4p5Uzv74F/nL0da5dzDG6+X7N7Sahh1Tf/7l3+w8n/w2tbmn05P2lea7r//Whs3cLRe3nuXfrHQmf/28R7z5/v/eL38+7P894be8q+8n+V/ol7++7L8u3vMf9X+P18v//0x/0Ls77+n1/wb3/+p2Kb92NVj/m9m+/9U6DV/tv/tHhNmHoj5AWAUtfpdwDZJRwnpOHom9tP+xsPNkN/9sNnj/1a2nfHrrnzjdtNx0K2xn46XZrO8Sc/1//Q/KysdP5e0vRtq1pkblLtKSvVv1fu43Ur1TzRcR12l+icbrqOuUv1TDddRV6n+6YbrqKtUf6/nof1Wqn9QriuX6p9puI66SvXPNlxHXaX6N/v/eL+U6t/TcB11leqfa7iOukr117ys1rhS/fMN11FXqf4bG66jrlL9NzVcR12l+m9uuI5+uSO2pfPhdP45F8dSv531p67xsxzWawsAAAAwaP5p/j8hhjMuP/a7BrGF0fFX7b7XIoQQoxJ37/F7VwgxTLF6Ezgja3s/zQzATuX3/2jz/o827/9o8/7z/6R7+Kusn4x1GR/vMj7RZXwyG8//vU51Gb8p2+5KlMZv7jL+lS7je7qM39plfKHL+G1dxm/vMn5Hl3EAAABGwy2xdX4IAAAAw+vlX37y5q/vfeL8/IWze4+GyavmnT8Q+1Pxb+tvxH4+730yEf/m/6PY/3lsfx/bv2fru/8EAAAAtl/6nhh//wcAAIDhlb6n1Pk/AAAADK/52Dr/BwAAgOF1Y2yd/wMAAMAQq6avvTi26brA3bHtdV4/AGDn+2ps74zt3tjeFduvxTYdB9wT2683VB8AsHV+9t0fH3m7Wp/v/1A2fjEuT+1Vzly5UlC1Ns7kvyu2u2P7jR7ryb8PoNf8yZ4e82xX/rnrzA8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADI/W6uPhwwtVCO9++s6jP5l88y+Xl921tsa+1ccq9tohhIm116XR9f6v4ooXz790rLO9FNsqHAxVqNaWh8fOrWWaCSGcCfvCZ6EdPlpa/vLD9x7Z//Hr07e8dfqZV7bxR7Bh/wAAAGAY/S8AAP//Tq4eGQ==") r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) r1 = socket$unix(0x1, 0x5, 0x0) r2 = dup2(r1, r0) close_range(r2, 0xffffffffffffffff, 0x0) r3 = openat$cgroup_ro(r2, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) r5 = syz_mount_image$fuse(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x2000000, &(0x7f0000000200)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x1000}, 0x2c, {}, 0x2c, {'group_id', 0x3d, 0xee00}, 0x2c, {[{@max_read={'max_read', 0x3d, 0x10}}, {@max_read={'max_read', 0x3d, 0x81ce}}, {@max_read={'max_read', 0x3d, 0x80}}, {@blksize={'blksize', 0x3d, 0x200}}, {@blksize={'blksize', 0x3d, 0x400}}, {@default_permissions}, {@default_permissions}], [{@appraise_type}, {@func={'func', 0x3d, 'BPRM_CHECK'}}, {@dont_appraise}, {@obj_role={'obj_role', 0x3d, 'barrier'}}, {@fsname={'fsname', 0x3d, '@-:]'}}]}}, 0x1, 0x0, &(0x7f0000000380)="87da355ec79c3e5efac4bc04c314e0d96fec18dab80dbd3d2d66") mknodat(r5, &(0x7f00000003c0)='./file0\x00', 0x200, 0x40) write$binfmt_script(r4, &(0x7f0000000180), 0xfea7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c02, &(0x7f00000000c0)={0x0, {}, 0x0, {}, 0x7fff, 0xa, 0x1f, 0x0, "330b6c03d420f15151cef6b232771609d9a4e1b0e03231d53d1ec48c530f963dac56a61f4f6e8370c95f6d8753ea588d7e88ce9fa7ba2723772523b072d87fbd", "2f4c71a83bb556356f0abe4877e4f2ba004d091b444d18fb604de0bae0b87689", [0xbb41, 0xb6f]}) program crashed: KASAN: use-after-free Read in nilfs_find_entry testing program (duration=2m3.659316054s, {Threaded:true Repeat:true RepeatTimes:0 Procs:6 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$nilfs2-seccomp$SECCOMP_SET_MODE_FILTER_LISTENER-socket$unix-dup2-close_range-openat$cgroup_ro-openat$cgroup_ro-syz_mount_image$fuse-mknodat-write$binfmt_script-mmap-openat$cgroup_ro detailed listing: executing program 0: syz_mount_image$nilfs2(&(0x7f0000000ec0), &(0x7f0000000f00)='./file0\x00', 0x3210052, &(0x7f0000000840)={[{}, {@nodiscard}, {@norecovery}, {@order_strict}, {@nobarrier}, {@order_strict}, {@nodiscard}, {@order_relaxed}], [], 0x2c}, 0x3, 0xee9, &(0x7f0000000f40)="$eJzs3U9sHNUZAPA367+JTbwGCgZKSKEVgYIdkkhNb0GgHhGX3kEhoRGGooYeiPgTekBUQhQJ0UvFgYoLpVKK1EqgShXqqe2pVW89oV6oVKVSUA9tpMRVnPfs9Utedz2xZ727v5/07ds3b3a+b7yRMzOefRuAkdVafTx8eKEK4d1P33n05aeq31xedtfaGvtWH6vYa4cQJjr6Vba9z+OCi+dfOnattgoHVx9TPzx2bu21MyGEM2Ff+Cy0w0dLy19++N4j+z9+ffqWt04/88o27f6afD8AAGAYnf3T8t/u+8cfH5i/cHbv0TC1tjwdn7djfyYe9x+IB8rpeLkVNvarjug0ma03FqOVrTeWrTee5Rkv5JvItjNRWG+yS76xjmXX2k8AAAAYROm8th2q1uKGfqu1uHjlvP+yz+cmq8XnTi6fONWnQgEAAIDa/v3q6k23QgghhBBCCCHEtseudDLa62s2u74oxspcf647AAAAAKMrny/sKme2dqauta21e8t/7uHWtV8PW6Dpf//yD1b+D17zGwcAgPqG9Wgy7Vc6jk7zGOTzCI5lr9vs8X8r2874JusszSs4KPMNlurMf647Van+zb6P/VKqP58Pc6cq1Z/P07lTleqfariOukr1TzdcR12l+nc1XEddpfp3N1xHXaX6Zxquo65S/bMN11FXqf4bGq6jrlL9exquo65S/YNyW22p/nbDddRVqn++4TrqKtV/Y8N11FWq/6aG66irVP/NDdfRL3fGNv0c9mbjnefP+TndoJzjAQAAwKj7r/n/hBBCCCGGI9IfdPpdhxBCiB0Zr/b5+gMAAADQf+kycvrU+0qUxse6jI93GZ/oMj7ZZXyqyzgAAAAQwm/fOHHb29X65/yvdz68NG9Umn9ps/MY5fMRbjb/9c57dr35B2XeMgAAAEZL9Z3PLt3/6PsvzF84u/dox9nvpXi+m+YBHY/XBj6J/XRfwGzWr9I59NGNeVqF9fLrAzeUtvf4de4oAAAAjLB0/t4OVWux47y7HVqtxcX18/GFMFGdOLl8/EDsp+9n+cPcxNTl5Q81XDcAAADQu/Xz/Wuf/6fv8V0Ik9XicyeXT5y60p9dWz7R6rwuMLe+vOq8LtDOlh8sLD8U++n7O783t2t1+eKx7y8/tdU7DwAAACPi1Iunn3lyefn4DzzxxBNP1p70+zcTAACw1b744p2JHx6a/d2Vz/+vz3+XPv+/L/bbcW6/P8cV0n0C6XMAV31e/4mNeeZK6z2/cb12tt5YjKms7umO7YSO+QbT6+ZL+dobtzNZyDeT5ZvN8uXzFIxn66d8e7Ll+fyEab25bHk+D+N4lqPK8t8dAAAAoGzphWefXzr14ukHTz775NPHnz7+3KGDR7595MiBh7710NLqff1LnXf3AwAAAINo/abfflcCAAAAAAAAAAAAAAAAAAAAo6uJrxPr9z4CAADAqPvXqyGEM0KIQlz5Cszm877Zp7xCCCGEGOQY2wE1CCF2bKys5N80DwAAALC9Lp5/6Vhne5Uz1Zbmq7JtX4p5Uzv74F/nL0da5dzDG6+X7N7Sahh1Tf/7l3+w8n/w2tbmn05P2lea7r//Whs3cLRe3nuXfrHQmf/28R7z5/v/eL38+7P894be8q+8n+V/ol7++7L8u3vMf9X+P18v//0x/0Ls77+n1/wb3/+p2Kb92NVj/m9m+/9U6DV/tv/tHhNmHoj5AWAUtfpdwDZJRwnpOHom9tP+xsPNkN/9sNnj/1a2nfHrrnzjdtNx0K2xn46XZrO8Sc/1//Q/KysdP5e0vRtq1pkblLtKSvVv1fu43Ur1TzRcR12l+icbrqOuUv1TDddRV6n+6YbrqKtUf6/nof1Wqn9QriuX6p9puI66SvXPNlxHXaX6N/v/eL+U6t/TcB11leqfa7iOukr117ys1rhS/fMN11FXqf4bG66jrlL9NzVcR12l+m9uuI5+uSO2pfPhdP45F8dSv531p67xsxzWawsAAAAwaP5p/j8hhjMuP/a7BrGF0fFX7b7XIoQQoxJ37/F7VwgxTLF6Ezgja3s/zQzATuX3/2jz/o827/9o8/7z/6R7+Kusn4x1GR/vMj7RZXwyG8//vU51Gb8p2+5KlMZv7jL+lS7je7qM39plfKHL+G1dxm/vMn5Hl3EAAABGwy2xdX4IAAAAw+vlX37y5q/vfeL8/IWze4+GyavmnT8Q+1Pxb+tvxH4+730yEf/m/6PY/3lsfx/bv2fru/8EAAAAtl/6nhh//wcAAIDhlb6n1Pk/AAAADK/52Dr/BwAAgOF1Y2yd/wMAAMAQq6avvTi26brA3bHtdV4/AGDn+2ps74zt3tjeFduvxTYdB9wT2683VB8AsHV+9t0fH3m7Wp/v/1A2fjEuT+1Vzly5UlC1Ns7kvyu2u2P7jR7ryb8PoNf8yZ4e82xX/rnrzA8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADI/W6uPhwwtVCO9++s6jP5l88y+Xl921tsa+1ccq9tohhIm116XR9f6v4ooXz790rLO9FNsqHAxVqNaWh8fOrWWaCSGcCfvCZ6EdPlpa/vLD9x7Z//Hr07e8dfqZV7bxR7Bh/wAAAGAY/S8AAP//Tq4eGQ==") r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) r1 = socket$unix(0x1, 0x5, 0x0) r2 = dup2(r1, r0) close_range(r2, 0xffffffffffffffff, 0x0) r3 = openat$cgroup_ro(r2, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) r5 = syz_mount_image$fuse(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x2000000, &(0x7f0000000200)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x1000}, 0x2c, {}, 0x2c, {'group_id', 0x3d, 0xee00}, 0x2c, {[{@max_read={'max_read', 0x3d, 0x10}}, {@max_read={'max_read', 0x3d, 0x81ce}}, {@max_read={'max_read', 0x3d, 0x80}}, {@blksize={'blksize', 0x3d, 0x200}}, {@blksize={'blksize', 0x3d, 0x400}}, {@default_permissions}, {@default_permissions}], [{@appraise_type}, {@func={'func', 0x3d, 'BPRM_CHECK'}}, {@dont_appraise}, {@obj_role={'obj_role', 0x3d, 'barrier'}}, {@fsname={'fsname', 0x3d, '@-:]'}}]}}, 0x1, 0x0, &(0x7f0000000380)="87da355ec79c3e5efac4bc04c314e0d96fec18dab80dbd3d2d66") mknodat(r5, &(0x7f00000003c0)='./file0\x00', 0x200, 0x40) write$binfmt_script(r4, &(0x7f0000000180), 0xfea7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) program crashed: KASAN: use-after-free Read in nilfs_find_entry testing program (duration=2m3.659316054s, {Threaded:true Repeat:true RepeatTimes:0 Procs:6 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$nilfs2-seccomp$SECCOMP_SET_MODE_FILTER_LISTENER-socket$unix-dup2-close_range-openat$cgroup_ro-openat$cgroup_ro-syz_mount_image$fuse-mknodat-write$binfmt_script-mmap detailed listing: executing program 0: syz_mount_image$nilfs2(&(0x7f0000000ec0), &(0x7f0000000f00)='./file0\x00', 0x3210052, &(0x7f0000000840)={[{}, {@nodiscard}, {@norecovery}, {@order_strict}, {@nobarrier}, {@order_strict}, {@nodiscard}, {@order_relaxed}], [], 0x2c}, 0x3, 0xee9, &(0x7f0000000f40)="$eJzs3U9sHNUZAPA367+JTbwGCgZKSKEVgYIdkkhNb0GgHhGX3kEhoRGGooYeiPgTekBUQhQJ0UvFgYoLpVKK1EqgShXqqe2pVW89oV6oVKVSUA9tpMRVnPfs9Utedz2xZ727v5/07ds3b3a+b7yRMzOefRuAkdVafTx8eKEK4d1P33n05aeq31xedtfaGvtWH6vYa4cQJjr6Vba9z+OCi+dfOnattgoHVx9TPzx2bu21MyGEM2Ff+Cy0w0dLy19++N4j+z9+ffqWt04/88o27f6afD8AAGAYnf3T8t/u+8cfH5i/cHbv0TC1tjwdn7djfyYe9x+IB8rpeLkVNvarjug0ma03FqOVrTeWrTee5Rkv5JvItjNRWG+yS76xjmXX2k8AAAAYROm8th2q1uKGfqu1uHjlvP+yz+cmq8XnTi6fONWnQgEAAIDa/v3q6k23QgghhBBCCCHEtseudDLa62s2u74oxspcf647AAAAAKMrny/sKme2dqauta21e8t/7uHWtV8PW6Dpf//yD1b+D17zGwcAgPqG9Wgy7Vc6jk7zGOTzCI5lr9vs8X8r2874JusszSs4KPMNlurMf647Van+zb6P/VKqP58Pc6cq1Z/P07lTleqfariOukr1TzdcR12l+nc1XEddpfp3N1xHXaX6Zxquo65S/bMN11FXqf4bGq6jrlL9exquo65S/YNyW22p/nbDddRVqn++4TrqKtV/Y8N11FWq/6aG66irVP/NDdfRL3fGNv0c9mbjnefP+TndoJzjAQAAwKj7r/n/hBBCCCGGI9IfdPpdhxBCiB0Zr/b5+gMAAADQf+kycvrU+0qUxse6jI93GZ/oMj7ZZXyqyzgAAAAQwm/fOHHb29X65/yvdz68NG9Umn9ps/MY5fMRbjb/9c57dr35B2XeMgAAAEZL9Z3PLt3/6PsvzF84u/dox9nvpXi+m+YBHY/XBj6J/XRfwGzWr9I59NGNeVqF9fLrAzeUtvf4de4oAAAAjLB0/t4OVWux47y7HVqtxcX18/GFMFGdOLl8/EDsp+9n+cPcxNTl5Q81XDcAAADQu/Xz/Wuf/6fv8V0Ik9XicyeXT5y60p9dWz7R6rwuMLe+vOq8LtDOlh8sLD8U++n7O783t2t1+eKx7y8/tdU7DwAAACPi1Iunn3lyefn4DzzxxBNP1p70+zcTAACw1b744p2JHx6a/d2Vz/+vz3+XPv+/L/bbcW6/P8cV0n0C6XMAV31e/4mNeeZK6z2/cb12tt5YjKms7umO7YSO+QbT6+ZL+dobtzNZyDeT5ZvN8uXzFIxn66d8e7Ll+fyEab25bHk+D+N4lqPK8t8dAAAAoGzphWefXzr14ukHTz775NPHnz7+3KGDR7595MiBh7710NLqff1LnXf3AwAAAINo/abfflcCAAAAAAAAAAAAAAAAAAAAo6uJrxPr9z4CAADAqPvXqyGEM0KIQlz5Cszm877Zp7xCCCGEGOQY2wE1CCF2bKys5N80DwAAALC9Lp5/6Vhne5Uz1Zbmq7JtX4p5Uzv74F/nL0da5dzDG6+X7N7Sahh1Tf/7l3+w8n/w2tbmn05P2lea7r//Whs3cLRe3nuXfrHQmf/28R7z5/v/eL38+7P894be8q+8n+V/ol7++7L8u3vMf9X+P18v//0x/0Ls77+n1/wb3/+p2Kb92NVj/m9m+/9U6DV/tv/tHhNmHoj5AWAUtfpdwDZJRwnpOHom9tP+xsPNkN/9sNnj/1a2nfHrrnzjdtNx0K2xn46XZrO8Sc/1//Q/KysdP5e0vRtq1pkblLtKSvVv1fu43Ur1TzRcR12l+icbrqOuUv1TDddRV6n+6YbrqKtUf6/nof1Wqn9QriuX6p9puI66SvXPNlxHXaX6N/v/eL+U6t/TcB11leqfa7iOukr117ys1rhS/fMN11FXqf4bG66jrlL9NzVcR12l+m9uuI5+uSO2pfPhdP45F8dSv531p67xsxzWawsAAAAwaP5p/j8hhjMuP/a7BrGF0fFX7b7XIoQQoxJ37/F7VwgxTLF6Ezgja3s/zQzATuX3/2jz/o827/9o8/7z/6R7+Kusn4x1GR/vMj7RZXwyG8//vU51Gb8p2+5KlMZv7jL+lS7je7qM39plfKHL+G1dxm/vMn5Hl3EAAABGwy2xdX4IAAAAw+vlX37y5q/vfeL8/IWze4+GyavmnT8Q+1Pxb+tvxH4+730yEf/m/6PY/3lsfx/bv2fru/8EAAAAtl/6nhh//wcAAIDhlb6n1Pk/AAAADK/52Dr/BwAAgOF1Y2yd/wMAAMAQq6avvTi26brA3bHtdV4/AGDn+2ps74zt3tjeFduvxTYdB9wT2683VB8AsHV+9t0fH3m7Wp/v/1A2fjEuT+1Vzly5UlC1Ns7kvyu2u2P7jR7ryb8PoNf8yZ4e82xX/rnrzA8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADI/W6uPhwwtVCO9++s6jP5l88y+Xl921tsa+1ccq9tohhIm116XR9f6v4ooXz790rLO9FNsqHAxVqNaWh8fOrWWaCSGcCfvCZ6EdPlpa/vLD9x7Z//Hr07e8dfqZV7bxR7Bh/wAAAGAY/S8AAP//Tq4eGQ==") r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) r1 = socket$unix(0x1, 0x5, 0x0) r2 = dup2(r1, r0) close_range(r2, 0xffffffffffffffff, 0x0) r3 = openat$cgroup_ro(r2, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) r5 = syz_mount_image$fuse(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x2000000, &(0x7f0000000200)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x1000}, 0x2c, {}, 0x2c, {'group_id', 0x3d, 0xee00}, 0x2c, {[{@max_read={'max_read', 0x3d, 0x10}}, {@max_read={'max_read', 0x3d, 0x81ce}}, {@max_read={'max_read', 0x3d, 0x80}}, {@blksize={'blksize', 0x3d, 0x200}}, {@blksize={'blksize', 0x3d, 0x400}}, {@default_permissions}, {@default_permissions}], [{@appraise_type}, {@func={'func', 0x3d, 'BPRM_CHECK'}}, {@dont_appraise}, {@obj_role={'obj_role', 0x3d, 'barrier'}}, {@fsname={'fsname', 0x3d, '@-:]'}}]}}, 0x1, 0x0, &(0x7f0000000380)="87da355ec79c3e5efac4bc04c314e0d96fec18dab80dbd3d2d66") mknodat(r5, &(0x7f00000003c0)='./file0\x00', 0x200, 0x40) write$binfmt_script(r4, &(0x7f0000000180), 0xfea7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0) program crashed: KASAN: use-after-free Read in nilfs_find_entry testing program (duration=2m3.659316054s, {Threaded:true Repeat:true RepeatTimes:0 Procs:6 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$nilfs2-seccomp$SECCOMP_SET_MODE_FILTER_LISTENER-socket$unix-dup2-close_range-openat$cgroup_ro-openat$cgroup_ro-syz_mount_image$fuse-mknodat-write$binfmt_script detailed listing: executing program 0: syz_mount_image$nilfs2(&(0x7f0000000ec0), &(0x7f0000000f00)='./file0\x00', 0x3210052, &(0x7f0000000840)={[{}, {@nodiscard}, {@norecovery}, {@order_strict}, {@nobarrier}, {@order_strict}, {@nodiscard}, {@order_relaxed}], [], 0x2c}, 0x3, 0xee9, &(0x7f0000000f40)="$eJzs3U9sHNUZAPA367+JTbwGCgZKSKEVgYIdkkhNb0GgHhGX3kEhoRGGooYeiPgTekBUQhQJ0UvFgYoLpVKK1EqgShXqqe2pVW89oV6oVKVSUA9tpMRVnPfs9Utedz2xZ727v5/07ds3b3a+b7yRMzOefRuAkdVafTx8eKEK4d1P33n05aeq31xedtfaGvtWH6vYa4cQJjr6Vba9z+OCi+dfOnattgoHVx9TPzx2bu21MyGEM2Ff+Cy0w0dLy19++N4j+z9+ffqWt04/88o27f6afD8AAGAYnf3T8t/u+8cfH5i/cHbv0TC1tjwdn7djfyYe9x+IB8rpeLkVNvarjug0ma03FqOVrTeWrTee5Rkv5JvItjNRWG+yS76xjmXX2k8AAAAYROm8th2q1uKGfqu1uHjlvP+yz+cmq8XnTi6fONWnQgEAAIDa/v3q6k23QgghhBBCCCHEtseudDLa62s2u74oxspcf647AAAAAKMrny/sKme2dqauta21e8t/7uHWtV8PW6Dpf//yD1b+D17zGwcAgPqG9Wgy7Vc6jk7zGOTzCI5lr9vs8X8r2874JusszSs4KPMNlurMf647Van+zb6P/VKqP58Pc6cq1Z/P07lTleqfariOukr1TzdcR12l+nc1XEddpfp3N1xHXaX6Zxquo65S/bMN11FXqf4bGq6jrlL9exquo65S/YNyW22p/nbDddRVqn++4TrqKtV/Y8N11FWq/6aG66irVP/NDdfRL3fGNv0c9mbjnefP+TndoJzjAQAAwKj7r/n/hBBCCCGGI9IfdPpdhxBCiB0Zr/b5+gMAAADQf+kycvrU+0qUxse6jI93GZ/oMj7ZZXyqyzgAAAAQwm/fOHHb29X65/yvdz68NG9Umn9ps/MY5fMRbjb/9c57dr35B2XeMgAAAEZL9Z3PLt3/6PsvzF84u/dox9nvpXi+m+YBHY/XBj6J/XRfwGzWr9I59NGNeVqF9fLrAzeUtvf4de4oAAAAjLB0/t4OVWux47y7HVqtxcX18/GFMFGdOLl8/EDsp+9n+cPcxNTl5Q81XDcAAADQu/Xz/Wuf/6fv8V0Ik9XicyeXT5y60p9dWz7R6rwuMLe+vOq8LtDOlh8sLD8U++n7O783t2t1+eKx7y8/tdU7DwAAACPi1Iunn3lyefn4DzzxxBNP1p70+zcTAACw1b744p2JHx6a/d2Vz/+vz3+XPv+/L/bbcW6/P8cV0n0C6XMAV31e/4mNeeZK6z2/cb12tt5YjKms7umO7YSO+QbT6+ZL+dobtzNZyDeT5ZvN8uXzFIxn66d8e7Ll+fyEab25bHk+D+N4lqPK8t8dAAAAoGzphWefXzr14ukHTz775NPHnz7+3KGDR7595MiBh7710NLqff1LnXf3AwAAAINo/abfflcCAAAAAAAAAAAAAAAAAAAAo6uJrxPr9z4CAADAqPvXqyGEM0KIQlz5Cszm877Zp7xCCCGEGOQY2wE1CCF2bKys5N80DwAAALC9Lp5/6Vhne5Uz1Zbmq7JtX4p5Uzv74F/nL0da5dzDG6+X7N7Sahh1Tf/7l3+w8n/w2tbmn05P2lea7r//Whs3cLRe3nuXfrHQmf/28R7z5/v/eL38+7P894be8q+8n+V/ol7++7L8u3vMf9X+P18v//0x/0Ls77+n1/wb3/+p2Kb92NVj/m9m+/9U6DV/tv/tHhNmHoj5AWAUtfpdwDZJRwnpOHom9tP+xsPNkN/9sNnj/1a2nfHrrnzjdtNx0K2xn46XZrO8Sc/1//Q/KysdP5e0vRtq1pkblLtKSvVv1fu43Ur1TzRcR12l+icbrqOuUv1TDddRV6n+6YbrqKtUf6/nof1Wqn9QriuX6p9puI66SvXPNlxHXaX6N/v/eL+U6t/TcB11leqfa7iOukr117ys1rhS/fMN11FXqf4bG66jrlL9NzVcR12l+m9uuI5+uSO2pfPhdP45F8dSv531p67xsxzWawsAAAAwaP5p/j8hhjMuP/a7BrGF0fFX7b7XIoQQoxJ37/F7VwgxTLF6Ezgja3s/zQzATuX3/2jz/o827/9o8/7z/6R7+Kusn4x1GR/vMj7RZXwyG8//vU51Gb8p2+5KlMZv7jL+lS7je7qM39plfKHL+G1dxm/vMn5Hl3EAAABGwy2xdX4IAAAAw+vlX37y5q/vfeL8/IWze4+GyavmnT8Q+1Pxb+tvxH4+730yEf/m/6PY/3lsfx/bv2fru/8EAAAAtl/6nhh//wcAAIDhlb6n1Pk/AAAADK/52Dr/BwAAgOF1Y2yd/wMAAMAQq6avvTi26brA3bHtdV4/AGDn+2ps74zt3tjeFduvxTYdB9wT2683VB8AsHV+9t0fH3m7Wp/v/1A2fjEuT+1Vzly5UlC1Ns7kvyu2u2P7jR7ryb8PoNf8yZ4e82xX/rnrzA8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADI/W6uPhwwtVCO9++s6jP5l88y+Xl921tsa+1ccq9tohhIm116XR9f6v4ooXz790rLO9FNsqHAxVqNaWh8fOrWWaCSGcCfvCZ6EdPlpa/vLD9x7Z//Hr07e8dfqZV7bxR7Bh/wAAAGAY/S8AAP//Tq4eGQ==") r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) r1 = socket$unix(0x1, 0x5, 0x0) r2 = dup2(r1, r0) close_range(r2, 0xffffffffffffffff, 0x0) r3 = openat$cgroup_ro(r2, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) r5 = syz_mount_image$fuse(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x2000000, &(0x7f0000000200)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x1000}, 0x2c, {}, 0x2c, {'group_id', 0x3d, 0xee00}, 0x2c, {[{@max_read={'max_read', 0x3d, 0x10}}, {@max_read={'max_read', 0x3d, 0x81ce}}, {@max_read={'max_read', 0x3d, 0x80}}, {@blksize={'blksize', 0x3d, 0x200}}, {@blksize={'blksize', 0x3d, 0x400}}, {@default_permissions}, {@default_permissions}], [{@appraise_type}, {@func={'func', 0x3d, 'BPRM_CHECK'}}, {@dont_appraise}, {@obj_role={'obj_role', 0x3d, 'barrier'}}, {@fsname={'fsname', 0x3d, '@-:]'}}]}}, 0x1, 0x0, &(0x7f0000000380)="87da355ec79c3e5efac4bc04c314e0d96fec18dab80dbd3d2d66") mknodat(r5, &(0x7f00000003c0)='./file0\x00', 0x200, 0x40) write$binfmt_script(r4, &(0x7f0000000180), 0xfea7) program crashed: KASAN: use-after-free Read in nilfs_find_entry testing program (duration=2m3.659316054s, {Threaded:true Repeat:true RepeatTimes:0 Procs:6 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$nilfs2-seccomp$SECCOMP_SET_MODE_FILTER_LISTENER-socket$unix-dup2-close_range-openat$cgroup_ro-openat$cgroup_ro-syz_mount_image$fuse-mknodat detailed listing: executing program 0: syz_mount_image$nilfs2(&(0x7f0000000ec0), &(0x7f0000000f00)='./file0\x00', 0x3210052, &(0x7f0000000840)={[{}, {@nodiscard}, {@norecovery}, {@order_strict}, {@nobarrier}, {@order_strict}, {@nodiscard}, {@order_relaxed}], [], 0x2c}, 0x3, 0xee9, &(0x7f0000000f40)="$eJzs3U9sHNUZAPA367+JTbwGCgZKSKEVgYIdkkhNb0GgHhGX3kEhoRGGooYeiPgTekBUQhQJ0UvFgYoLpVKK1EqgShXqqe2pVW89oV6oVKVSUA9tpMRVnPfs9Utedz2xZ727v5/07ds3b3a+b7yRMzOefRuAkdVafTx8eKEK4d1P33n05aeq31xedtfaGvtWH6vYa4cQJjr6Vba9z+OCi+dfOnattgoHVx9TPzx2bu21MyGEM2Ff+Cy0w0dLy19++N4j+z9+ffqWt04/88o27f6afD8AAGAYnf3T8t/u+8cfH5i/cHbv0TC1tjwdn7djfyYe9x+IB8rpeLkVNvarjug0ma03FqOVrTeWrTee5Rkv5JvItjNRWG+yS76xjmXX2k8AAAAYROm8th2q1uKGfqu1uHjlvP+yz+cmq8XnTi6fONWnQgEAAIDa/v3q6k23QgghhBBCCCHEtseudDLa62s2u74oxspcf647AAAAAKMrny/sKme2dqauta21e8t/7uHWtV8PW6Dpf//yD1b+D17zGwcAgPqG9Wgy7Vc6jk7zGOTzCI5lr9vs8X8r2874JusszSs4KPMNlurMf647Van+zb6P/VKqP58Pc6cq1Z/P07lTleqfariOukr1TzdcR12l+nc1XEddpfp3N1xHXaX6Zxquo65S/bMN11FXqf4bGq6jrlL9exquo65S/YNyW22p/nbDddRVqn++4TrqKtV/Y8N11FWq/6aG66irVP/NDdfRL3fGNv0c9mbjnefP+TndoJzjAQAAwKj7r/n/hBBCCCGGI9IfdPpdhxBCiB0Zr/b5+gMAAADQf+kycvrU+0qUxse6jI93GZ/oMj7ZZXyqyzgAAAAQwm/fOHHb29X65/yvdz68NG9Umn9ps/MY5fMRbjb/9c57dr35B2XeMgAAAEZL9Z3PLt3/6PsvzF84u/dox9nvpXi+m+YBHY/XBj6J/XRfwGzWr9I59NGNeVqF9fLrAzeUtvf4de4oAAAAjLB0/t4OVWux47y7HVqtxcX18/GFMFGdOLl8/EDsp+9n+cPcxNTl5Q81XDcAAADQu/Xz/Wuf/6fv8V0Ik9XicyeXT5y60p9dWz7R6rwuMLe+vOq8LtDOlh8sLD8U++n7O783t2t1+eKx7y8/tdU7DwAAACPi1Iunn3lyefn4DzzxxBNP1p70+zcTAACw1b744p2JHx6a/d2Vz/+vz3+XPv+/L/bbcW6/P8cV0n0C6XMAV31e/4mNeeZK6z2/cb12tt5YjKms7umO7YSO+QbT6+ZL+dobtzNZyDeT5ZvN8uXzFIxn66d8e7Ll+fyEab25bHk+D+N4lqPK8t8dAAAAoGzphWefXzr14ukHTz775NPHnz7+3KGDR7595MiBh7710NLqff1LnXf3AwAAAINo/abfflcCAAAAAAAAAAAAAAAAAAAAo6uJrxPr9z4CAADAqPvXqyGEM0KIQlz5Cszm877Zp7xCCCGEGOQY2wE1CCF2bKys5N80DwAAALC9Lp5/6Vhne5Uz1Zbmq7JtX4p5Uzv74F/nL0da5dzDG6+X7N7Sahh1Tf/7l3+w8n/w2tbmn05P2lea7r//Whs3cLRe3nuXfrHQmf/28R7z5/v/eL38+7P894be8q+8n+V/ol7++7L8u3vMf9X+P18v//0x/0Ls77+n1/wb3/+p2Kb92NVj/m9m+/9U6DV/tv/tHhNmHoj5AWAUtfpdwDZJRwnpOHom9tP+xsPNkN/9sNnj/1a2nfHrrnzjdtNx0K2xn46XZrO8Sc/1//Q/KysdP5e0vRtq1pkblLtKSvVv1fu43Ur1TzRcR12l+icbrqOuUv1TDddRV6n+6YbrqKtUf6/nof1Wqn9QriuX6p9puI66SvXPNlxHXaX6N/v/eL+U6t/TcB11leqfa7iOukr117ys1rhS/fMN11FXqf4bG66jrlL9NzVcR12l+m9uuI5+uSO2pfPhdP45F8dSv531p67xsxzWawsAAAAwaP5p/j8hhjMuP/a7BrGF0fFX7b7XIoQQoxJ37/F7VwgxTLF6Ezgja3s/zQzATuX3/2jz/o827/9o8/7z/6R7+Kusn4x1GR/vMj7RZXwyG8//vU51Gb8p2+5KlMZv7jL+lS7je7qM39plfKHL+G1dxm/vMn5Hl3EAAABGwy2xdX4IAAAAw+vlX37y5q/vfeL8/IWze4+GyavmnT8Q+1Pxb+tvxH4+730yEf/m/6PY/3lsfx/bv2fru/8EAAAAtl/6nhh//wcAAIDhlb6n1Pk/AAAADK/52Dr/BwAAgOF1Y2yd/wMAAMAQq6avvTi26brA3bHtdV4/AGDn+2ps74zt3tjeFduvxTYdB9wT2683VB8AsHV+9t0fH3m7Wp/v/1A2fjEuT+1Vzly5UlC1Ns7kvyu2u2P7jR7ryb8PoNf8yZ4e82xX/rnrzA8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADI/W6uPhwwtVCO9++s6jP5l88y+Xl921tsa+1ccq9tohhIm116XR9f6v4ooXz790rLO9FNsqHAxVqNaWh8fOrWWaCSGcCfvCZ6EdPlpa/vLD9x7Z//Hr07e8dfqZV7bxR7Bh/wAAAGAY/S8AAP//Tq4eGQ==") r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) r1 = socket$unix(0x1, 0x5, 0x0) r2 = dup2(r1, r0) close_range(r2, 0xffffffffffffffff, 0x0) r3 = openat$cgroup_ro(r2, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) r4 = syz_mount_image$fuse(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x2000000, &(0x7f0000000200)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x1000}, 0x2c, {}, 0x2c, {'group_id', 0x3d, 0xee00}, 0x2c, {[{@max_read={'max_read', 0x3d, 0x10}}, {@max_read={'max_read', 0x3d, 0x81ce}}, {@max_read={'max_read', 0x3d, 0x80}}, {@blksize={'blksize', 0x3d, 0x200}}, {@blksize={'blksize', 0x3d, 0x400}}, {@default_permissions}, {@default_permissions}], [{@appraise_type}, {@func={'func', 0x3d, 'BPRM_CHECK'}}, {@dont_appraise}, {@obj_role={'obj_role', 0x3d, 'barrier'}}, {@fsname={'fsname', 0x3d, '@-:]'}}]}}, 0x1, 0x0, &(0x7f0000000380)="87da355ec79c3e5efac4bc04c314e0d96fec18dab80dbd3d2d66") mknodat(r4, &(0x7f00000003c0)='./file0\x00', 0x200, 0x40) program crashed: KASAN: use-after-free Read in nilfs_find_entry testing program (duration=2m3.659316054s, {Threaded:true Repeat:true RepeatTimes:0 Procs:6 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$nilfs2-seccomp$SECCOMP_SET_MODE_FILTER_LISTENER-socket$unix-dup2-close_range-openat$cgroup_ro-openat$cgroup_ro-syz_mount_image$fuse detailed listing: executing program 0: syz_mount_image$nilfs2(&(0x7f0000000ec0), &(0x7f0000000f00)='./file0\x00', 0x3210052, &(0x7f0000000840)={[{}, {@nodiscard}, {@norecovery}, {@order_strict}, {@nobarrier}, {@order_strict}, {@nodiscard}, {@order_relaxed}], [], 0x2c}, 0x3, 0xee9, &(0x7f0000000f40)="$eJzs3U9sHNUZAPA367+JTbwGCgZKSKEVgYIdkkhNb0GgHhGX3kEhoRGGooYeiPgTekBUQhQJ0UvFgYoLpVKK1EqgShXqqe2pVW89oV6oVKVSUA9tpMRVnPfs9Utedz2xZ727v5/07ds3b3a+b7yRMzOefRuAkdVafTx8eKEK4d1P33n05aeq31xedtfaGvtWH6vYa4cQJjr6Vba9z+OCi+dfOnattgoHVx9TPzx2bu21MyGEM2Ff+Cy0w0dLy19++N4j+z9+ffqWt04/88o27f6afD8AAGAYnf3T8t/u+8cfH5i/cHbv0TC1tjwdn7djfyYe9x+IB8rpeLkVNvarjug0ma03FqOVrTeWrTee5Rkv5JvItjNRWG+yS76xjmXX2k8AAAAYROm8th2q1uKGfqu1uHjlvP+yz+cmq8XnTi6fONWnQgEAAIDa/v3q6k23QgghhBBCCCHEtseudDLa62s2u74oxspcf647AAAAAKMrny/sKme2dqauta21e8t/7uHWtV8PW6Dpf//yD1b+D17zGwcAgPqG9Wgy7Vc6jk7zGOTzCI5lr9vs8X8r2874JusszSs4KPMNlurMf647Van+zb6P/VKqP58Pc6cq1Z/P07lTleqfariOukr1TzdcR12l+nc1XEddpfp3N1xHXaX6Zxquo65S/bMN11FXqf4bGq6jrlL9exquo65S/YNyW22p/nbDddRVqn++4TrqKtV/Y8N11FWq/6aG66irVP/NDdfRL3fGNv0c9mbjnefP+TndoJzjAQAAwKj7r/n/hBBCCCGGI9IfdPpdhxBCiB0Zr/b5+gMAAADQf+kycvrU+0qUxse6jI93GZ/oMj7ZZXyqyzgAAAAQwm/fOHHb29X65/yvdz68NG9Umn9ps/MY5fMRbjb/9c57dr35B2XeMgAAAEZL9Z3PLt3/6PsvzF84u/dox9nvpXi+m+YBHY/XBj6J/XRfwGzWr9I59NGNeVqF9fLrAzeUtvf4de4oAAAAjLB0/t4OVWux47y7HVqtxcX18/GFMFGdOLl8/EDsp+9n+cPcxNTl5Q81XDcAAADQu/Xz/Wuf/6fv8V0Ik9XicyeXT5y60p9dWz7R6rwuMLe+vOq8LtDOlh8sLD8U++n7O783t2t1+eKx7y8/tdU7DwAAACPi1Iunn3lyefn4DzzxxBNP1p70+zcTAACw1b744p2JHx6a/d2Vz/+vz3+XPv+/L/bbcW6/P8cV0n0C6XMAV31e/4mNeeZK6z2/cb12tt5YjKms7umO7YSO+QbT6+ZL+dobtzNZyDeT5ZvN8uXzFIxn66d8e7Ll+fyEab25bHk+D+N4lqPK8t8dAAAAoGzphWefXzr14ukHTz775NPHnz7+3KGDR7595MiBh7710NLqff1LnXf3AwAAAINo/abfflcCAAAAAAAAAAAAAAAAAAAAo6uJrxPr9z4CAADAqPvXqyGEM0KIQlz5Cszm877Zp7xCCCGEGOQY2wE1CCF2bKys5N80DwAAALC9Lp5/6Vhne5Uz1Zbmq7JtX4p5Uzv74F/nL0da5dzDG6+X7N7Sahh1Tf/7l3+w8n/w2tbmn05P2lea7r//Whs3cLRe3nuXfrHQmf/28R7z5/v/eL38+7P894be8q+8n+V/ol7++7L8u3vMf9X+P18v//0x/0Ls77+n1/wb3/+p2Kb92NVj/m9m+/9U6DV/tv/tHhNmHoj5AWAUtfpdwDZJRwnpOHom9tP+xsPNkN/9sNnj/1a2nfHrrnzjdtNx0K2xn46XZrO8Sc/1//Q/KysdP5e0vRtq1pkblLtKSvVv1fu43Ur1TzRcR12l+icbrqOuUv1TDddRV6n+6YbrqKtUf6/nof1Wqn9QriuX6p9puI66SvXPNlxHXaX6N/v/eL+U6t/TcB11leqfa7iOukr117ys1rhS/fMN11FXqf4bG66jrlL9NzVcR12l+m9uuI5+uSO2pfPhdP45F8dSv531p67xsxzWawsAAAAwaP5p/j8hhjMuP/a7BrGF0fFX7b7XIoQQoxJ37/F7VwgxTLF6Ezgja3s/zQzATuX3/2jz/o827/9o8/7z/6R7+Kusn4x1GR/vMj7RZXwyG8//vU51Gb8p2+5KlMZv7jL+lS7je7qM39plfKHL+G1dxm/vMn5Hl3EAAABGwy2xdX4IAAAAw+vlX37y5q/vfeL8/IWze4+GyavmnT8Q+1Pxb+tvxH4+730yEf/m/6PY/3lsfx/bv2fru/8EAAAAtl/6nhh//wcAAIDhlb6n1Pk/AAAADK/52Dr/BwAAgOF1Y2yd/wMAAMAQq6avvTi26brA3bHtdV4/AGDn+2ps74zt3tjeFduvxTYdB9wT2683VB8AsHV+9t0fH3m7Wp/v/1A2fjEuT+1Vzly5UlC1Ns7kvyu2u2P7jR7ryb8PoNf8yZ4e82xX/rnrzA8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADI/W6uPhwwtVCO9++s6jP5l88y+Xl921tsa+1ccq9tohhIm116XR9f6v4ooXz790rLO9FNsqHAxVqNaWh8fOrWWaCSGcCfvCZ6EdPlpa/vLD9x7Z//Hr07e8dfqZV7bxR7Bh/wAAAGAY/S8AAP//Tq4eGQ==") r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) r1 = socket$unix(0x1, 0x5, 0x0) r2 = dup2(r1, r0) close_range(r2, 0xffffffffffffffff, 0x0) r3 = openat$cgroup_ro(r2, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) syz_mount_image$fuse(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x2000000, &(0x7f0000000200)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x1000}, 0x2c, {}, 0x2c, {'group_id', 0x3d, 0xee00}, 0x2c, {[{@max_read={'max_read', 0x3d, 0x10}}, {@max_read={'max_read', 0x3d, 0x81ce}}, {@max_read={'max_read', 0x3d, 0x80}}, {@blksize={'blksize', 0x3d, 0x200}}, {@blksize={'blksize', 0x3d, 0x400}}, {@default_permissions}, {@default_permissions}], [{@appraise_type}, {@func={'func', 0x3d, 'BPRM_CHECK'}}, {@dont_appraise}, {@obj_role={'obj_role', 0x3d, 'barrier'}}, {@fsname={'fsname', 0x3d, '@-:]'}}]}}, 0x1, 0x0, &(0x7f0000000380)="87da355ec79c3e5efac4bc04c314e0d96fec18dab80dbd3d2d66") program crashed: KASAN: use-after-free Read in nilfs_find_entry testing program (duration=2m3.659316054s, {Threaded:true Repeat:true RepeatTimes:0 Procs:6 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$nilfs2-seccomp$SECCOMP_SET_MODE_FILTER_LISTENER-socket$unix-dup2-close_range-openat$cgroup_ro-openat$cgroup_ro detailed listing: executing program 0: syz_mount_image$nilfs2(&(0x7f0000000ec0), &(0x7f0000000f00)='./file0\x00', 0x3210052, &(0x7f0000000840)={[{}, {@nodiscard}, {@norecovery}, {@order_strict}, {@nobarrier}, {@order_strict}, {@nodiscard}, {@order_relaxed}], [], 0x2c}, 0x3, 0xee9, &(0x7f0000000f40)="$eJzs3U9sHNUZAPA367+JTbwGCgZKSKEVgYIdkkhNb0GgHhGX3kEhoRGGooYeiPgTekBUQhQJ0UvFgYoLpVKK1EqgShXqqe2pVW89oV6oVKVSUA9tpMRVnPfs9Utedz2xZ727v5/07ds3b3a+b7yRMzOefRuAkdVafTx8eKEK4d1P33n05aeq31xedtfaGvtWH6vYa4cQJjr6Vba9z+OCi+dfOnattgoHVx9TPzx2bu21MyGEM2Ff+Cy0w0dLy19++N4j+z9+ffqWt04/88o27f6afD8AAGAYnf3T8t/u+8cfH5i/cHbv0TC1tjwdn7djfyYe9x+IB8rpeLkVNvarjug0ma03FqOVrTeWrTee5Rkv5JvItjNRWG+yS76xjmXX2k8AAAAYROm8th2q1uKGfqu1uHjlvP+yz+cmq8XnTi6fONWnQgEAAIDa/v3q6k23QgghhBBCCCHEtseudDLa62s2u74oxspcf647AAAAAKMrny/sKme2dqauta21e8t/7uHWtV8PW6Dpf//yD1b+D17zGwcAgPqG9Wgy7Vc6jk7zGOTzCI5lr9vs8X8r2874JusszSs4KPMNlurMf647Van+zb6P/VKqP58Pc6cq1Z/P07lTleqfariOukr1TzdcR12l+nc1XEddpfp3N1xHXaX6Zxquo65S/bMN11FXqf4bGq6jrlL9exquo65S/YNyW22p/nbDddRVqn++4TrqKtV/Y8N11FWq/6aG66irVP/NDdfRL3fGNv0c9mbjnefP+TndoJzjAQAAwKj7r/n/hBBCCCGGI9IfdPpdhxBCiB0Zr/b5+gMAAADQf+kycvrU+0qUxse6jI93GZ/oMj7ZZXyqyzgAAAAQwm/fOHHb29X65/yvdz68NG9Umn9ps/MY5fMRbjb/9c57dr35B2XeMgAAAEZL9Z3PLt3/6PsvzF84u/dox9nvpXi+m+YBHY/XBj6J/XRfwGzWr9I59NGNeVqF9fLrAzeUtvf4de4oAAAAjLB0/t4OVWux47y7HVqtxcX18/GFMFGdOLl8/EDsp+9n+cPcxNTl5Q81XDcAAADQu/Xz/Wuf/6fv8V0Ik9XicyeXT5y60p9dWz7R6rwuMLe+vOq8LtDOlh8sLD8U++n7O783t2t1+eKx7y8/tdU7DwAAACPi1Iunn3lyefn4DzzxxBNP1p70+zcTAACw1b744p2JHx6a/d2Vz/+vz3+XPv+/L/bbcW6/P8cV0n0C6XMAV31e/4mNeeZK6z2/cb12tt5YjKms7umO7YSO+QbT6+ZL+dobtzNZyDeT5ZvN8uXzFIxn66d8e7Ll+fyEab25bHk+D+N4lqPK8t8dAAAAoGzphWefXzr14ukHTz775NPHnz7+3KGDR7595MiBh7710NLqff1LnXf3AwAAAINo/abfflcCAAAAAAAAAAAAAAAAAAAAo6uJrxPr9z4CAADAqPvXqyGEM0KIQlz5Cszm877Zp7xCCCGEGOQY2wE1CCF2bKys5N80DwAAALC9Lp5/6Vhne5Uz1Zbmq7JtX4p5Uzv74F/nL0da5dzDG6+X7N7Sahh1Tf/7l3+w8n/w2tbmn05P2lea7r//Whs3cLRe3nuXfrHQmf/28R7z5/v/eL38+7P894be8q+8n+V/ol7++7L8u3vMf9X+P18v//0x/0Ls77+n1/wb3/+p2Kb92NVj/m9m+/9U6DV/tv/tHhNmHoj5AWAUtfpdwDZJRwnpOHom9tP+xsPNkN/9sNnj/1a2nfHrrnzjdtNx0K2xn46XZrO8Sc/1//Q/KysdP5e0vRtq1pkblLtKSvVv1fu43Ur1TzRcR12l+icbrqOuUv1TDddRV6n+6YbrqKtUf6/nof1Wqn9QriuX6p9puI66SvXPNlxHXaX6N/v/eL+U6t/TcB11leqfa7iOukr117ys1rhS/fMN11FXqf4bG66jrlL9NzVcR12l+m9uuI5+uSO2pfPhdP45F8dSv531p67xsxzWawsAAAAwaP5p/j8hhjMuP/a7BrGF0fFX7b7XIoQQoxJ37/F7VwgxTLF6Ezgja3s/zQzATuX3/2jz/o827/9o8/7z/6R7+Kusn4x1GR/vMj7RZXwyG8//vU51Gb8p2+5KlMZv7jL+lS7je7qM39plfKHL+G1dxm/vMn5Hl3EAAABGwy2xdX4IAAAAw+vlX37y5q/vfeL8/IWze4+GyavmnT8Q+1Pxb+tvxH4+730yEf/m/6PY/3lsfx/bv2fru/8EAAAAtl/6nhh//wcAAIDhlb6n1Pk/AAAADK/52Dr/BwAAgOF1Y2yd/wMAAMAQq6avvTi26brA3bHtdV4/AGDn+2ps74zt3tjeFduvxTYdB9wT2683VB8AsHV+9t0fH3m7Wp/v/1A2fjEuT+1Vzly5UlC1Ns7kvyu2u2P7jR7ryb8PoNf8yZ4e82xX/rnrzA8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADI/W6uPhwwtVCO9++s6jP5l88y+Xl921tsa+1ccq9tohhIm116XR9f6v4ooXz790rLO9FNsqHAxVqNaWh8fOrWWaCSGcCfvCZ6EdPlpa/vLD9x7Z//Hr07e8dfqZV7bxR7Bh/wAAAGAY/S8AAP//Tq4eGQ==") r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) r1 = socket$unix(0x1, 0x5, 0x0) r2 = dup2(r1, r0) close_range(r2, 0xffffffffffffffff, 0x0) openat$cgroup_ro(r2, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) program crashed: KASAN: use-after-free Read in nilfs_find_entry testing program (duration=2m3.659316054s, {Threaded:true Repeat:true RepeatTimes:0 Procs:6 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$nilfs2-seccomp$SECCOMP_SET_MODE_FILTER_LISTENER-socket$unix-dup2-close_range-openat$cgroup_ro detailed listing: executing program 0: syz_mount_image$nilfs2(&(0x7f0000000ec0), &(0x7f0000000f00)='./file0\x00', 0x3210052, &(0x7f0000000840)={[{}, {@nodiscard}, {@norecovery}, {@order_strict}, {@nobarrier}, {@order_strict}, {@nodiscard}, {@order_relaxed}], [], 0x2c}, 0x3, 0xee9, &(0x7f0000000f40)="$eJzs3U9sHNUZAPA367+JTbwGCgZKSKEVgYIdkkhNb0GgHhGX3kEhoRGGooYeiPgTekBUQhQJ0UvFgYoLpVKK1EqgShXqqe2pVW89oV6oVKVSUA9tpMRVnPfs9Utedz2xZ727v5/07ds3b3a+b7yRMzOefRuAkdVafTx8eKEK4d1P33n05aeq31xedtfaGvtWH6vYa4cQJjr6Vba9z+OCi+dfOnattgoHVx9TPzx2bu21MyGEM2Ff+Cy0w0dLy19++N4j+z9+ffqWt04/88o27f6afD8AAGAYnf3T8t/u+8cfH5i/cHbv0TC1tjwdn7djfyYe9x+IB8rpeLkVNvarjug0ma03FqOVrTeWrTee5Rkv5JvItjNRWG+yS76xjmXX2k8AAAAYROm8th2q1uKGfqu1uHjlvP+yz+cmq8XnTi6fONWnQgEAAIDa/v3q6k23QgghhBBCCCHEtseudDLa62s2u74oxspcf647AAAAAKMrny/sKme2dqauta21e8t/7uHWtV8PW6Dpf//yD1b+D17zGwcAgPqG9Wgy7Vc6jk7zGOTzCI5lr9vs8X8r2874JusszSs4KPMNlurMf647Van+zb6P/VKqP58Pc6cq1Z/P07lTleqfariOukr1TzdcR12l+nc1XEddpfp3N1xHXaX6Zxquo65S/bMN11FXqf4bGq6jrlL9exquo65S/YNyW22p/nbDddRVqn++4TrqKtV/Y8N11FWq/6aG66irVP/NDdfRL3fGNv0c9mbjnefP+TndoJzjAQAAwKj7r/n/hBBCCCGGI9IfdPpdhxBCiB0Zr/b5+gMAAADQf+kycvrU+0qUxse6jI93GZ/oMj7ZZXyqyzgAAAAQwm/fOHHb29X65/yvdz68NG9Umn9ps/MY5fMRbjb/9c57dr35B2XeMgAAAEZL9Z3PLt3/6PsvzF84u/dox9nvpXi+m+YBHY/XBj6J/XRfwGzWr9I59NGNeVqF9fLrAzeUtvf4de4oAAAAjLB0/t4OVWux47y7HVqtxcX18/GFMFGdOLl8/EDsp+9n+cPcxNTl5Q81XDcAAADQu/Xz/Wuf/6fv8V0Ik9XicyeXT5y60p9dWz7R6rwuMLe+vOq8LtDOlh8sLD8U++n7O783t2t1+eKx7y8/tdU7DwAAACPi1Iunn3lyefn4DzzxxBNP1p70+zcTAACw1b744p2JHx6a/d2Vz/+vz3+XPv+/L/bbcW6/P8cV0n0C6XMAV31e/4mNeeZK6z2/cb12tt5YjKms7umO7YSO+QbT6+ZL+dobtzNZyDeT5ZvN8uXzFIxn66d8e7Ll+fyEab25bHk+D+N4lqPK8t8dAAAAoGzphWefXzr14ukHTz775NPHnz7+3KGDR7595MiBh7710NLqff1LnXf3AwAAAINo/abfflcCAAAAAAAAAAAAAAAAAAAAo6uJrxPr9z4CAADAqPvXqyGEM0KIQlz5Cszm877Zp7xCCCGEGOQY2wE1CCF2bKys5N80DwAAALC9Lp5/6Vhne5Uz1Zbmq7JtX4p5Uzv74F/nL0da5dzDG6+X7N7Sahh1Tf/7l3+w8n/w2tbmn05P2lea7r//Whs3cLRe3nuXfrHQmf/28R7z5/v/eL38+7P894be8q+8n+V/ol7++7L8u3vMf9X+P18v//0x/0Ls77+n1/wb3/+p2Kb92NVj/m9m+/9U6DV/tv/tHhNmHoj5AWAUtfpdwDZJRwnpOHom9tP+xsPNkN/9sNnj/1a2nfHrrnzjdtNx0K2xn46XZrO8Sc/1//Q/KysdP5e0vRtq1pkblLtKSvVv1fu43Ur1TzRcR12l+icbrqOuUv1TDddRV6n+6YbrqKtUf6/nof1Wqn9QriuX6p9puI66SvXPNlxHXaX6N/v/eL+U6t/TcB11leqfa7iOukr117ys1rhS/fMN11FXqf4bG66jrlL9NzVcR12l+m9uuI5+uSO2pfPhdP45F8dSv531p67xsxzWawsAAAAwaP5p/j8hhjMuP/a7BrGF0fFX7b7XIoQQoxJ37/F7VwgxTLF6Ezgja3s/zQzATuX3/2jz/o827/9o8/7z/6R7+Kusn4x1GR/vMj7RZXwyG8//vU51Gb8p2+5KlMZv7jL+lS7je7qM39plfKHL+G1dxm/vMn5Hl3EAAABGwy2xdX4IAAAAw+vlX37y5q/vfeL8/IWze4+GyavmnT8Q+1Pxb+tvxH4+730yEf/m/6PY/3lsfx/bv2fru/8EAAAAtl/6nhh//wcAAIDhlb6n1Pk/AAAADK/52Dr/BwAAgOF1Y2yd/wMAAMAQq6avvTi26brA3bHtdV4/AGDn+2ps74zt3tjeFduvxTYdB9wT2683VB8AsHV+9t0fH3m7Wp/v/1A2fjEuT+1Vzly5UlC1Ns7kvyu2u2P7jR7ryb8PoNf8yZ4e82xX/rnrzA8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADI/W6uPhwwtVCO9++s6jP5l88y+Xl921tsa+1ccq9tohhIm116XR9f6v4ooXz790rLO9FNsqHAxVqNaWh8fOrWWaCSGcCfvCZ6EdPlpa/vLD9x7Z//Hr07e8dfqZV7bxR7Bh/wAAAGAY/S8AAP//Tq4eGQ==") r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) r1 = socket$unix(0x1, 0x5, 0x0) r2 = dup2(r1, r0) close_range(r2, 0xffffffffffffffff, 0x0) openat$cgroup_ro(r2, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) program did not crash testing program (duration=2m3.659316054s, {Threaded:true Repeat:true RepeatTimes:0 Procs:6 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$nilfs2-seccomp$SECCOMP_SET_MODE_FILTER_LISTENER-socket$unix-dup2-close_range-openat$cgroup_ro detailed listing: executing program 0: syz_mount_image$nilfs2(&(0x7f0000000ec0), &(0x7f0000000f00)='./file0\x00', 0x3210052, &(0x7f0000000840)={[{}, {@nodiscard}, {@norecovery}, {@order_strict}, {@nobarrier}, {@order_strict}, {@nodiscard}, {@order_relaxed}], [], 0x2c}, 0x3, 0xee9, &(0x7f0000000f40)="$eJzs3U9sHNUZAPA367+JTbwGCgZKSKEVgYIdkkhNb0GgHhGX3kEhoRGGooYeiPgTekBUQhQJ0UvFgYoLpVKK1EqgShXqqe2pVW89oV6oVKVSUA9tpMRVnPfs9Utedz2xZ727v5/07ds3b3a+b7yRMzOefRuAkdVafTx8eKEK4d1P33n05aeq31xedtfaGvtWH6vYa4cQJjr6Vba9z+OCi+dfOnattgoHVx9TPzx2bu21MyGEM2Ff+Cy0w0dLy19++N4j+z9+ffqWt04/88o27f6afD8AAGAYnf3T8t/u+8cfH5i/cHbv0TC1tjwdn7djfyYe9x+IB8rpeLkVNvarjug0ma03FqOVrTeWrTee5Rkv5JvItjNRWG+yS76xjmXX2k8AAAAYROm8th2q1uKGfqu1uHjlvP+yz+cmq8XnTi6fONWnQgEAAIDa/v3q6k23QgghhBBCCCHEtseudDLa62s2u74oxspcf647AAAAAKMrny/sKme2dqauta21e8t/7uHWtV8PW6Dpf//yD1b+D17zGwcAgPqG9Wgy7Vc6jk7zGOTzCI5lr9vs8X8r2874JusszSs4KPMNlurMf647Van+zb6P/VKqP58Pc6cq1Z/P07lTleqfariOukr1TzdcR12l+nc1XEddpfp3N1xHXaX6Zxquo65S/bMN11FXqf4bGq6jrlL9exquo65S/YNyW22p/nbDddRVqn++4TrqKtV/Y8N11FWq/6aG66irVP/NDdfRL3fGNv0c9mbjnefP+TndoJzjAQAAwKj7r/n/hBBCCCGGI9IfdPpdhxBCiB0Zr/b5+gMAAADQf+kycvrU+0qUxse6jI93GZ/oMj7ZZXyqyzgAAAAQwm/fOHHb29X65/yvdz68NG9Umn9ps/MY5fMRbjb/9c57dr35B2XeMgAAAEZL9Z3PLt3/6PsvzF84u/dox9nvpXi+m+YBHY/XBj6J/XRfwGzWr9I59NGNeVqF9fLrAzeUtvf4de4oAAAAjLB0/t4OVWux47y7HVqtxcX18/GFMFGdOLl8/EDsp+9n+cPcxNTl5Q81XDcAAADQu/Xz/Wuf/6fv8V0Ik9XicyeXT5y60p9dWz7R6rwuMLe+vOq8LtDOlh8sLD8U++n7O783t2t1+eKx7y8/tdU7DwAAACPi1Iunn3lyefn4DzzxxBNP1p70+zcTAACw1b744p2JHx6a/d2Vz/+vz3+XPv+/L/bbcW6/P8cV0n0C6XMAV31e/4mNeeZK6z2/cb12tt5YjKms7umO7YSO+QbT6+ZL+dobtzNZyDeT5ZvN8uXzFIxn66d8e7Ll+fyEab25bHk+D+N4lqPK8t8dAAAAoGzphWefXzr14ukHTz775NPHnz7+3KGDR7595MiBh7710NLqff1LnXf3AwAAAINo/abfflcCAAAAAAAAAAAAAAAAAAAAo6uJrxPr9z4CAADAqPvXqyGEM0KIQlz5Cszm877Zp7xCCCGEGOQY2wE1CCF2bKys5N80DwAAALC9Lp5/6Vhne5Uz1Zbmq7JtX4p5Uzv74F/nL0da5dzDG6+X7N7Sahh1Tf/7l3+w8n/w2tbmn05P2lea7r//Whs3cLRe3nuXfrHQmf/28R7z5/v/eL38+7P894be8q+8n+V/ol7++7L8u3vMf9X+P18v//0x/0Ls77+n1/wb3/+p2Kb92NVj/m9m+/9U6DV/tv/tHhNmHoj5AWAUtfpdwDZJRwnpOHom9tP+xsPNkN/9sNnj/1a2nfHrrnzjdtNx0K2xn46XZrO8Sc/1//Q/KysdP5e0vRtq1pkblLtKSvVv1fu43Ur1TzRcR12l+icbrqOuUv1TDddRV6n+6YbrqKtUf6/nof1Wqn9QriuX6p9puI66SvXPNlxHXaX6N/v/eL+U6t/TcB11leqfa7iOukr117ys1rhS/fMN11FXqf4bG66jrlL9NzVcR12l+m9uuI5+uSO2pfPhdP45F8dSv531p67xsxzWawsAAAAwaP5p/j8hhjMuP/a7BrGF0fFX7b7XIoQQoxJ37/F7VwgxTLF6Ezgja3s/zQzATuX3/2jz/o827/9o8/7z/6R7+Kusn4x1GR/vMj7RZXwyG8//vU51Gb8p2+5KlMZv7jL+lS7je7qM39plfKHL+G1dxm/vMn5Hl3EAAABGwy2xdX4IAAAAw+vlX37y5q/vfeL8/IWze4+GyavmnT8Q+1Pxb+tvxH4+730yEf/m/6PY/3lsfx/bv2fru/8EAAAAtl/6nhh//wcAAIDhlb6n1Pk/AAAADK/52Dr/BwAAgOF1Y2yd/wMAAMAQq6avvTi26brA3bHtdV4/AGDn+2ps74zt3tjeFduvxTYdB9wT2683VB8AsHV+9t0fH3m7Wp/v/1A2fjEuT+1Vzly5UlC1Ns7kvyu2u2P7jR7ryb8PoNf8yZ4e82xX/rnrzA8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADI/W6uPhwwtVCO9++s6jP5l88y+Xl921tsa+1ccq9tohhIm116XR9f6v4ooXz790rLO9FNsqHAxVqNaWh8fOrWWaCSGcCfvCZ6EdPlpa/vLD9x7Z//Hr07e8dfqZV7bxR7Bh/wAAAGAY/S8AAP//Tq4eGQ==") r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) r1 = socket$unix(0x1, 0x5, 0x0) r2 = dup2(r1, r0) close_range(r2, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) program crashed: KASAN: use-after-free Read in nilfs_find_entry testing program (duration=2m3.659316054s, {Threaded:true Repeat:true RepeatTimes:0 Procs:6 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$nilfs2-seccomp$SECCOMP_SET_MODE_FILTER_LISTENER-socket$unix-dup2-openat$cgroup_ro detailed listing: executing program 0: syz_mount_image$nilfs2(&(0x7f0000000ec0), &(0x7f0000000f00)='./file0\x00', 0x3210052, &(0x7f0000000840)={[{}, {@nodiscard}, {@norecovery}, {@order_strict}, {@nobarrier}, {@order_strict}, {@nodiscard}, {@order_relaxed}], [], 0x2c}, 0x3, 0xee9, &(0x7f0000000f40)="$eJzs3U9sHNUZAPA367+JTbwGCgZKSKEVgYIdkkhNb0GgHhGX3kEhoRGGooYeiPgTekBUQhQJ0UvFgYoLpVKK1EqgShXqqe2pVW89oV6oVKVSUA9tpMRVnPfs9Utedz2xZ727v5/07ds3b3a+b7yRMzOefRuAkdVafTx8eKEK4d1P33n05aeq31xedtfaGvtWH6vYa4cQJjr6Vba9z+OCi+dfOnattgoHVx9TPzx2bu21MyGEM2Ff+Cy0w0dLy19++N4j+z9+ffqWt04/88o27f6afD8AAGAYnf3T8t/u+8cfH5i/cHbv0TC1tjwdn7djfyYe9x+IB8rpeLkVNvarjug0ma03FqOVrTeWrTee5Rkv5JvItjNRWG+yS76xjmXX2k8AAAAYROm8th2q1uKGfqu1uHjlvP+yz+cmq8XnTi6fONWnQgEAAIDa/v3q6k23QgghhBBCCCHEtseudDLa62s2u74oxspcf647AAAAAKMrny/sKme2dqauta21e8t/7uHWtV8PW6Dpf//yD1b+D17zGwcAgPqG9Wgy7Vc6jk7zGOTzCI5lr9vs8X8r2874JusszSs4KPMNlurMf647Van+zb6P/VKqP58Pc6cq1Z/P07lTleqfariOukr1TzdcR12l+nc1XEddpfp3N1xHXaX6Zxquo65S/bMN11FXqf4bGq6jrlL9exquo65S/YNyW22p/nbDddRVqn++4TrqKtV/Y8N11FWq/6aG66irVP/NDdfRL3fGNv0c9mbjnefP+TndoJzjAQAAwKj7r/n/hBBCCCGGI9IfdPpdhxBCiB0Zr/b5+gMAAADQf+kycvrU+0qUxse6jI93GZ/oMj7ZZXyqyzgAAAAQwm/fOHHb29X65/yvdz68NG9Umn9ps/MY5fMRbjb/9c57dr35B2XeMgAAAEZL9Z3PLt3/6PsvzF84u/dox9nvpXi+m+YBHY/XBj6J/XRfwGzWr9I59NGNeVqF9fLrAzeUtvf4de4oAAAAjLB0/t4OVWux47y7HVqtxcX18/GFMFGdOLl8/EDsp+9n+cPcxNTl5Q81XDcAAADQu/Xz/Wuf/6fv8V0Ik9XicyeXT5y60p9dWz7R6rwuMLe+vOq8LtDOlh8sLD8U++n7O783t2t1+eKx7y8/tdU7DwAAACPi1Iunn3lyefn4DzzxxBNP1p70+zcTAACw1b744p2JHx6a/d2Vz/+vz3+XPv+/L/bbcW6/P8cV0n0C6XMAV31e/4mNeeZK6z2/cb12tt5YjKms7umO7YSO+QbT6+ZL+dobtzNZyDeT5ZvN8uXzFIxn66d8e7Ll+fyEab25bHk+D+N4lqPK8t8dAAAAoGzphWefXzr14ukHTz775NPHnz7+3KGDR7595MiBh7710NLqff1LnXf3AwAAAINo/abfflcCAAAAAAAAAAAAAAAAAAAAo6uJrxPr9z4CAADAqPvXqyGEM0KIQlz5Cszm877Zp7xCCCGEGOQY2wE1CCF2bKys5N80DwAAALC9Lp5/6Vhne5Uz1Zbmq7JtX4p5Uzv74F/nL0da5dzDG6+X7N7Sahh1Tf/7l3+w8n/w2tbmn05P2lea7r//Whs3cLRe3nuXfrHQmf/28R7z5/v/eL38+7P894be8q+8n+V/ol7++7L8u3vMf9X+P18v//0x/0Ls77+n1/wb3/+p2Kb92NVj/m9m+/9U6DV/tv/tHhNmHoj5AWAUtfpdwDZJRwnpOHom9tP+xsPNkN/9sNnj/1a2nfHrrnzjdtNx0K2xn46XZrO8Sc/1//Q/KysdP5e0vRtq1pkblLtKSvVv1fu43Ur1TzRcR12l+icbrqOuUv1TDddRV6n+6YbrqKtUf6/nof1Wqn9QriuX6p9puI66SvXPNlxHXaX6N/v/eL+U6t/TcB11leqfa7iOukr117ys1rhS/fMN11FXqf4bG66jrlL9NzVcR12l+m9uuI5+uSO2pfPhdP45F8dSv531p67xsxzWawsAAAAwaP5p/j8hhjMuP/a7BrGF0fFX7b7XIoQQoxJ37/F7VwgxTLF6Ezgja3s/zQzATuX3/2jz/o827/9o8/7z/6R7+Kusn4x1GR/vMj7RZXwyG8//vU51Gb8p2+5KlMZv7jL+lS7je7qM39plfKHL+G1dxm/vMn5Hl3EAAABGwy2xdX4IAAAAw+vlX37y5q/vfeL8/IWze4+GyavmnT8Q+1Pxb+tvxH4+730yEf/m/6PY/3lsfx/bv2fru/8EAAAAtl/6nhh//wcAAIDhlb6n1Pk/AAAADK/52Dr/BwAAgOF1Y2yd/wMAAMAQq6avvTi26brA3bHtdV4/AGDn+2ps74zt3tjeFduvxTYdB9wT2683VB8AsHV+9t0fH3m7Wp/v/1A2fjEuT+1Vzly5UlC1Ns7kvyu2u2P7jR7ryb8PoNf8yZ4e82xX/rnrzA8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADI/W6uPhwwtVCO9++s6jP5l88y+Xl921tsa+1ccq9tohhIm116XR9f6v4ooXz790rLO9FNsqHAxVqNaWh8fOrWWaCSGcCfvCZ6EdPlpa/vLD9x7Z//Hr07e8dfqZV7bxR7Bh/wAAAGAY/S8AAP//Tq4eGQ==") r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) r1 = socket$unix(0x1, 0x5, 0x0) dup2(r1, r0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) program crashed: KASAN: use-after-free Read in nilfs_find_entry testing program (duration=2m3.659316054s, {Threaded:true Repeat:true RepeatTimes:0 Procs:6 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$nilfs2-seccomp$SECCOMP_SET_MODE_FILTER_LISTENER-socket$unix-openat$cgroup_ro detailed listing: executing program 0: syz_mount_image$nilfs2(&(0x7f0000000ec0), &(0x7f0000000f00)='./file0\x00', 0x3210052, &(0x7f0000000840)={[{}, {@nodiscard}, {@norecovery}, {@order_strict}, {@nobarrier}, {@order_strict}, {@nodiscard}, {@order_relaxed}], [], 0x2c}, 0x3, 0xee9, &(0x7f0000000f40)="$eJzs3U9sHNUZAPA367+JTbwGCgZKSKEVgYIdkkhNb0GgHhGX3kEhoRGGooYeiPgTekBUQhQJ0UvFgYoLpVKK1EqgShXqqe2pVW89oV6oVKVSUA9tpMRVnPfs9Utedz2xZ727v5/07ds3b3a+b7yRMzOefRuAkdVafTx8eKEK4d1P33n05aeq31xedtfaGvtWH6vYa4cQJjr6Vba9z+OCi+dfOnattgoHVx9TPzx2bu21MyGEM2Ff+Cy0w0dLy19++N4j+z9+ffqWt04/88o27f6afD8AAGAYnf3T8t/u+8cfH5i/cHbv0TC1tjwdn7djfyYe9x+IB8rpeLkVNvarjug0ma03FqOVrTeWrTee5Rkv5JvItjNRWG+yS76xjmXX2k8AAAAYROm8th2q1uKGfqu1uHjlvP+yz+cmq8XnTi6fONWnQgEAAIDa/v3q6k23QgghhBBCCCHEtseudDLa62s2u74oxspcf647AAAAAKMrny/sKme2dqauta21e8t/7uHWtV8PW6Dpf//yD1b+D17zGwcAgPqG9Wgy7Vc6jk7zGOTzCI5lr9vs8X8r2874JusszSs4KPMNlurMf647Van+zb6P/VKqP58Pc6cq1Z/P07lTleqfariOukr1TzdcR12l+nc1XEddpfp3N1xHXaX6Zxquo65S/bMN11FXqf4bGq6jrlL9exquo65S/YNyW22p/nbDddRVqn++4TrqKtV/Y8N11FWq/6aG66irVP/NDdfRL3fGNv0c9mbjnefP+TndoJzjAQAAwKj7r/n/hBBCCCGGI9IfdPpdhxBCiB0Zr/b5+gMAAADQf+kycvrU+0qUxse6jI93GZ/oMj7ZZXyqyzgAAAAQwm/fOHHb29X65/yvdz68NG9Umn9ps/MY5fMRbjb/9c57dr35B2XeMgAAAEZL9Z3PLt3/6PsvzF84u/dox9nvpXi+m+YBHY/XBj6J/XRfwGzWr9I59NGNeVqF9fLrAzeUtvf4de4oAAAAjLB0/t4OVWux47y7HVqtxcX18/GFMFGdOLl8/EDsp+9n+cPcxNTl5Q81XDcAAADQu/Xz/Wuf/6fv8V0Ik9XicyeXT5y60p9dWz7R6rwuMLe+vOq8LtDOlh8sLD8U++n7O783t2t1+eKx7y8/tdU7DwAAACPi1Iunn3lyefn4DzzxxBNP1p70+zcTAACw1b744p2JHx6a/d2Vz/+vz3+XPv+/L/bbcW6/P8cV0n0C6XMAV31e/4mNeeZK6z2/cb12tt5YjKms7umO7YSO+QbT6+ZL+dobtzNZyDeT5ZvN8uXzFIxn66d8e7Ll+fyEab25bHk+D+N4lqPK8t8dAAAAoGzphWefXzr14ukHTz775NPHnz7+3KGDR7595MiBh7710NLqff1LnXf3AwAAAINo/abfflcCAAAAAAAAAAAAAAAAAAAAo6uJrxPr9z4CAADAqPvXqyGEM0KIQlz5Cszm877Zp7xCCCGEGOQY2wE1CCF2bKys5N80DwAAALC9Lp5/6Vhne5Uz1Zbmq7JtX4p5Uzv74F/nL0da5dzDG6+X7N7Sahh1Tf/7l3+w8n/w2tbmn05P2lea7r//Whs3cLRe3nuXfrHQmf/28R7z5/v/eL38+7P894be8q+8n+V/ol7++7L8u3vMf9X+P18v//0x/0Ls77+n1/wb3/+p2Kb92NVj/m9m+/9U6DV/tv/tHhNmHoj5AWAUtfpdwDZJRwnpOHom9tP+xsPNkN/9sNnj/1a2nfHrrnzjdtNx0K2xn46XZrO8Sc/1//Q/KysdP5e0vRtq1pkblLtKSvVv1fu43Ur1TzRcR12l+icbrqOuUv1TDddRV6n+6YbrqKtUf6/nof1Wqn9QriuX6p9puI66SvXPNlxHXaX6N/v/eL+U6t/TcB11leqfa7iOukr117ys1rhS/fMN11FXqf4bG66jrlL9NzVcR12l+m9uuI5+uSO2pfPhdP45F8dSv531p67xsxzWawsAAAAwaP5p/j8hhjMuP/a7BrGF0fFX7b7XIoQQoxJ37/F7VwgxTLF6Ezgja3s/zQzATuX3/2jz/o827/9o8/7z/6R7+Kusn4x1GR/vMj7RZXwyG8//vU51Gb8p2+5KlMZv7jL+lS7je7qM39plfKHL+G1dxm/vMn5Hl3EAAABGwy2xdX4IAAAAw+vlX37y5q/vfeL8/IWze4+GyavmnT8Q+1Pxb+tvxH4+730yEf/m/6PY/3lsfx/bv2fru/8EAAAAtl/6nhh//wcAAIDhlb6n1Pk/AAAADK/52Dr/BwAAgOF1Y2yd/wMAAMAQq6avvTi26brA3bHtdV4/AGDn+2ps74zt3tjeFduvxTYdB9wT2683VB8AsHV+9t0fH3m7Wp/v/1A2fjEuT+1Vzly5UlC1Ns7kvyu2u2P7jR7ryb8PoNf8yZ4e82xX/rnrzA8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADI/W6uPhwwtVCO9++s6jP5l88y+Xl921tsa+1ccq9tohhIm116XR9f6v4ooXz790rLO9FNsqHAxVqNaWh8fOrWWaCSGcCfvCZ6EdPlpa/vLD9x7Z//Hr07e8dfqZV7bxR7Bh/wAAAGAY/S8AAP//Tq4eGQ==") seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) socket$unix(0x1, 0x5, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) program crashed: KASAN: use-after-free Read in nilfs_find_entry testing program (duration=2m3.659316054s, {Threaded:true Repeat:true RepeatTimes:0 Procs:6 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$nilfs2-seccomp$SECCOMP_SET_MODE_FILTER_LISTENER-openat$cgroup_ro detailed listing: executing program 0: syz_mount_image$nilfs2(&(0x7f0000000ec0), &(0x7f0000000f00)='./file0\x00', 0x3210052, &(0x7f0000000840)={[{}, {@nodiscard}, {@norecovery}, {@order_strict}, {@nobarrier}, {@order_strict}, {@nodiscard}, {@order_relaxed}], [], 0x2c}, 0x3, 0xee9, &(0x7f0000000f40)="$eJzs3U9sHNUZAPA367+JTbwGCgZKSKEVgYIdkkhNb0GgHhGX3kEhoRGGooYeiPgTekBUQhQJ0UvFgYoLpVKK1EqgShXqqe2pVW89oV6oVKVSUA9tpMRVnPfs9Utedz2xZ727v5/07ds3b3a+b7yRMzOefRuAkdVafTx8eKEK4d1P33n05aeq31xedtfaGvtWH6vYa4cQJjr6Vba9z+OCi+dfOnattgoHVx9TPzx2bu21MyGEM2Ff+Cy0w0dLy19++N4j+z9+ffqWt04/88o27f6afD8AAGAYnf3T8t/u+8cfH5i/cHbv0TC1tjwdn7djfyYe9x+IB8rpeLkVNvarjug0ma03FqOVrTeWrTee5Rkv5JvItjNRWG+yS76xjmXX2k8AAAAYROm8th2q1uKGfqu1uHjlvP+yz+cmq8XnTi6fONWnQgEAAIDa/v3q6k23QgghhBBCCCHEtseudDLa62s2u74oxspcf647AAAAAKMrny/sKme2dqauta21e8t/7uHWtV8PW6Dpf//yD1b+D17zGwcAgPqG9Wgy7Vc6jk7zGOTzCI5lr9vs8X8r2874JusszSs4KPMNlurMf647Van+zb6P/VKqP58Pc6cq1Z/P07lTleqfariOukr1TzdcR12l+nc1XEddpfp3N1xHXaX6Zxquo65S/bMN11FXqf4bGq6jrlL9exquo65S/YNyW22p/nbDddRVqn++4TrqKtV/Y8N11FWq/6aG66irVP/NDdfRL3fGNv0c9mbjnefP+TndoJzjAQAAwKj7r/n/hBBCCCGGI9IfdPpdhxBCiB0Zr/b5+gMAAADQf+kycvrU+0qUxse6jI93GZ/oMj7ZZXyqyzgAAAAQwm/fOHHb29X65/yvdz68NG9Umn9ps/MY5fMRbjb/9c57dr35B2XeMgAAAEZL9Z3PLt3/6PsvzF84u/dox9nvpXi+m+YBHY/XBj6J/XRfwGzWr9I59NGNeVqF9fLrAzeUtvf4de4oAAAAjLB0/t4OVWux47y7HVqtxcX18/GFMFGdOLl8/EDsp+9n+cPcxNTl5Q81XDcAAADQu/Xz/Wuf/6fv8V0Ik9XicyeXT5y60p9dWz7R6rwuMLe+vOq8LtDOlh8sLD8U++n7O783t2t1+eKx7y8/tdU7DwAAACPi1Iunn3lyefn4DzzxxBNP1p70+zcTAACw1b744p2JHx6a/d2Vz/+vz3+XPv+/L/bbcW6/P8cV0n0C6XMAV31e/4mNeeZK6z2/cb12tt5YjKms7umO7YSO+QbT6+ZL+dobtzNZyDeT5ZvN8uXzFIxn66d8e7Ll+fyEab25bHk+D+N4lqPK8t8dAAAAoGzphWefXzr14ukHTz775NPHnz7+3KGDR7595MiBh7710NLqff1LnXf3AwAAAINo/abfflcCAAAAAAAAAAAAAAAAAAAAo6uJrxPr9z4CAADAqPvXqyGEM0KIQlz5Cszm877Zp7xCCCGEGOQY2wE1CCF2bKys5N80DwAAALC9Lp5/6Vhne5Uz1Zbmq7JtX4p5Uzv74F/nL0da5dzDG6+X7N7Sahh1Tf/7l3+w8n/w2tbmn05P2lea7r//Whs3cLRe3nuXfrHQmf/28R7z5/v/eL38+7P894be8q+8n+V/ol7++7L8u3vMf9X+P18v//0x/0Ls77+n1/wb3/+p2Kb92NVj/m9m+/9U6DV/tv/tHhNmHoj5AWAUtfpdwDZJRwnpOHom9tP+xsPNkN/9sNnj/1a2nfHrrnzjdtNx0K2xn46XZrO8Sc/1//Q/KysdP5e0vRtq1pkblLtKSvVv1fu43Ur1TzRcR12l+icbrqOuUv1TDddRV6n+6YbrqKtUf6/nof1Wqn9QriuX6p9puI66SvXPNlxHXaX6N/v/eL+U6t/TcB11leqfa7iOukr117ys1rhS/fMN11FXqf4bG66jrlL9NzVcR12l+m9uuI5+uSO2pfPhdP45F8dSv531p67xsxzWawsAAAAwaP5p/j8hhjMuP/a7BrGF0fFX7b7XIoQQoxJ37/F7VwgxTLF6Ezgja3s/zQzATuX3/2jz/o827/9o8/7z/6R7+Kusn4x1GR/vMj7RZXwyG8//vU51Gb8p2+5KlMZv7jL+lS7je7qM39plfKHL+G1dxm/vMn5Hl3EAAABGwy2xdX4IAAAAw+vlX37y5q/vfeL8/IWze4+GyavmnT8Q+1Pxb+tvxH4+730yEf/m/6PY/3lsfx/bv2fru/8EAAAAtl/6nhh//wcAAIDhlb6n1Pk/AAAADK/52Dr/BwAAgOF1Y2yd/wMAAMAQq6avvTi26brA3bHtdV4/AGDn+2ps74zt3tjeFduvxTYdB9wT2683VB8AsHV+9t0fH3m7Wp/v/1A2fjEuT+1Vzly5UlC1Ns7kvyu2u2P7jR7ryb8PoNf8yZ4e82xX/rnrzA8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADI/W6uPhwwtVCO9++s6jP5l88y+Xl921tsa+1ccq9tohhIm116XR9f6v4ooXz790rLO9FNsqHAxVqNaWh8fOrWWaCSGcCfvCZ6EdPlpa/vLD9x7Z//Hr07e8dfqZV7bxR7Bh/wAAAGAY/S8AAP//Tq4eGQ==") seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) program crashed: KASAN: use-after-free Read in nilfs_find_entry testing program (duration=2m3.659316054s, {Threaded:true Repeat:true RepeatTimes:0 Procs:6 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$nilfs2-openat$cgroup_ro detailed listing: executing program 0: syz_mount_image$nilfs2(&(0x7f0000000ec0), &(0x7f0000000f00)='./file0\x00', 0x3210052, &(0x7f0000000840)={[{}, {@nodiscard}, {@norecovery}, {@order_strict}, {@nobarrier}, {@order_strict}, {@nodiscard}, {@order_relaxed}], [], 0x2c}, 0x3, 0xee9, &(0x7f0000000f40)="$eJzs3U9sHNUZAPA367+JTbwGCgZKSKEVgYIdkkhNb0GgHhGX3kEhoRGGooYeiPgTekBUQhQJ0UvFgYoLpVKK1EqgShXqqe2pVW89oV6oVKVSUA9tpMRVnPfs9Utedz2xZ727v5/07ds3b3a+b7yRMzOefRuAkdVafTx8eKEK4d1P33n05aeq31xedtfaGvtWH6vYa4cQJjr6Vba9z+OCi+dfOnattgoHVx9TPzx2bu21MyGEM2Ff+Cy0w0dLy19++N4j+z9+ffqWt04/88o27f6afD8AAGAYnf3T8t/u+8cfH5i/cHbv0TC1tjwdn7djfyYe9x+IB8rpeLkVNvarjug0ma03FqOVrTeWrTee5Rkv5JvItjNRWG+yS76xjmXX2k8AAAAYROm8th2q1uKGfqu1uHjlvP+yz+cmq8XnTi6fONWnQgEAAIDa/v3q6k23QgghhBBCCCHEtseudDLa62s2u74oxspcf647AAAAAKMrny/sKme2dqauta21e8t/7uHWtV8PW6Dpf//yD1b+D17zGwcAgPqG9Wgy7Vc6jk7zGOTzCI5lr9vs8X8r2874JusszSs4KPMNlurMf647Van+zb6P/VKqP58Pc6cq1Z/P07lTleqfariOukr1TzdcR12l+nc1XEddpfp3N1xHXaX6Zxquo65S/bMN11FXqf4bGq6jrlL9exquo65S/YNyW22p/nbDddRVqn++4TrqKtV/Y8N11FWq/6aG66irVP/NDdfRL3fGNv0c9mbjnefP+TndoJzjAQAAwKj7r/n/hBBCCCGGI9IfdPpdhxBCiB0Zr/b5+gMAAADQf+kycvrU+0qUxse6jI93GZ/oMj7ZZXyqyzgAAAAQwm/fOHHb29X65/yvdz68NG9Umn9ps/MY5fMRbjb/9c57dr35B2XeMgAAAEZL9Z3PLt3/6PsvzF84u/dox9nvpXi+m+YBHY/XBj6J/XRfwGzWr9I59NGNeVqF9fLrAzeUtvf4de4oAAAAjLB0/t4OVWux47y7HVqtxcX18/GFMFGdOLl8/EDsp+9n+cPcxNTl5Q81XDcAAADQu/Xz/Wuf/6fv8V0Ik9XicyeXT5y60p9dWz7R6rwuMLe+vOq8LtDOlh8sLD8U++n7O783t2t1+eKx7y8/tdU7DwAAACPi1Iunn3lyefn4DzzxxBNP1p70+zcTAACw1b744p2JHx6a/d2Vz/+vz3+XPv+/L/bbcW6/P8cV0n0C6XMAV31e/4mNeeZK6z2/cb12tt5YjKms7umO7YSO+QbT6+ZL+dobtzNZyDeT5ZvN8uXzFIxn66d8e7Ll+fyEab25bHk+D+N4lqPK8t8dAAAAoGzphWefXzr14ukHTz775NPHnz7+3KGDR7595MiBh7710NLqff1LnXf3AwAAAINo/abfflcCAAAAAAAAAAAAAAAAAAAAo6uJrxPr9z4CAADAqPvXqyGEM0KIQlz5Cszm877Zp7xCCCGEGOQY2wE1CCF2bKys5N80DwAAALC9Lp5/6Vhne5Uz1Zbmq7JtX4p5Uzv74F/nL0da5dzDG6+X7N7Sahh1Tf/7l3+w8n/w2tbmn05P2lea7r//Whs3cLRe3nuXfrHQmf/28R7z5/v/eL38+7P894be8q+8n+V/ol7++7L8u3vMf9X+P18v//0x/0Ls77+n1/wb3/+p2Kb92NVj/m9m+/9U6DV/tv/tHhNmHoj5AWAUtfpdwDZJRwnpOHom9tP+xsPNkN/9sNnj/1a2nfHrrnzjdtNx0K2xn46XZrO8Sc/1//Q/KysdP5e0vRtq1pkblLtKSvVv1fu43Ur1TzRcR12l+icbrqOuUv1TDddRV6n+6YbrqKtUf6/nof1Wqn9QriuX6p9puI66SvXPNlxHXaX6N/v/eL+U6t/TcB11leqfa7iOukr117ys1rhS/fMN11FXqf4bG66jrlL9NzVcR12l+m9uuI5+uSO2pfPhdP45F8dSv531p67xsxzWawsAAAAwaP5p/j8hhjMuP/a7BrGF0fFX7b7XIoQQoxJ37/F7VwgxTLF6Ezgja3s/zQzATuX3/2jz/o827/9o8/7z/6R7+Kusn4x1GR/vMj7RZXwyG8//vU51Gb8p2+5KlMZv7jL+lS7je7qM39plfKHL+G1dxm/vMn5Hl3EAAABGwy2xdX4IAAAAw+vlX37y5q/vfeL8/IWze4+GyavmnT8Q+1Pxb+tvxH4+730yEf/m/6PY/3lsfx/bv2fru/8EAAAAtl/6nhh//wcAAIDhlb6n1Pk/AAAADK/52Dr/BwAAgOF1Y2yd/wMAAMAQq6avvTi26brA3bHtdV4/AGDn+2ps74zt3tjeFduvxTYdB9wT2683VB8AsHV+9t0fH3m7Wp/v/1A2fjEuT+1Vzly5UlC1Ns7kvyu2u2P7jR7ryb8PoNf8yZ4e82xX/rnrzA8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADI/W6uPhwwtVCO9++s6jP5l88y+Xl921tsa+1ccq9tohhIm116XR9f6v4ooXz790rLO9FNsqHAxVqNaWh8fOrWWaCSGcCfvCZ6EdPlpa/vLD9x7Z//Hr07e8dfqZV7bxR7Bh/wAAAGAY/S8AAP//Tq4eGQ==") openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) program crashed: KASAN: use-after-free Read in nilfs_find_entry testing program (duration=2m3.659316054s, {Threaded:true Repeat:true RepeatTimes:0 Procs:6 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$cgroup_ro detailed listing: executing program 0: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) program did not crash testing program (duration=2m3.659316054s, {Threaded:true Repeat:true RepeatTimes:0 Procs:6 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$nilfs2-openat$cgroup_ro detailed listing: executing program 0: syz_mount_image$nilfs2(&(0x7f0000000ec0), &(0x7f0000000f00)='./file0\x00', 0x3210052, &(0x7f0000000840)={[{}, {@nodiscard}, {@norecovery}, {@order_strict}, {@nobarrier}, {@order_strict}, {@nodiscard}, {@order_relaxed}], [], 0x2c}, 0x3, 0xee9, &(0x7f0000000f40)="$eJzs3U9sHNUZAPA367+JTbwGCgZKSKEVgYIdkkhNb0GgHhGX3kEhoRGGooYeiPgTekBUQhQJ0UvFgYoLpVKK1EqgShXqqe2pVW89oV6oVKVSUA9tpMRVnPfs9Utedz2xZ727v5/07ds3b3a+b7yRMzOefRuAkdVafTx8eKEK4d1P33n05aeq31xedtfaGvtWH6vYa4cQJjr6Vba9z+OCi+dfOnattgoHVx9TPzx2bu21MyGEM2Ff+Cy0w0dLy19++N4j+z9+ffqWt04/88o27f6afD8AAGAYnf3T8t/u+8cfH5i/cHbv0TC1tjwdn7djfyYe9x+IB8rpeLkVNvarjug0ma03FqOVrTeWrTee5Rkv5JvItjNRWG+yS76xjmXX2k8AAAAYROm8th2q1uKGfqu1uHjlvP+yz+cmq8XnTi6fONWnQgEAAIDa/v3q6k23QgghhBBCCCHEtseudDLa62s2u74oxspcf647AAAAAKMrny/sKme2dqauta21e8t/7uHWtV8PW6Dpf//yD1b+D17zGwcAgPqG9Wgy7Vc6jk7zGOTzCI5lr9vs8X8r2874JusszSs4KPMNlurMf647Van+zb6P/VKqP58Pc6cq1Z/P07lTleqfariOukr1TzdcR12l+nc1XEddpfp3N1xHXaX6Zxquo65S/bMN11FXqf4bGq6jrlL9exquo65S/YNyW22p/nbDddRVqn++4TrqKtV/Y8N11FWq/6aG66irVP/NDdfRL3fGNv0c9mbjnefP+TndoJzjAQAAwKj7r/n/hBBCCCGGI9IfdPpdhxBCiB0Zr/b5+gMAAADQf+kycvrU+0qUxse6jI93GZ/oMj7ZZXyqyzgAAAAQwm/fOHHb29X65/yvdz68NG9Umn9ps/MY5fMRbjb/9c57dr35B2XeMgAAAEZL9Z3PLt3/6PsvzF84u/dox9nvpXi+m+YBHY/XBj6J/XRfwGzWr9I59NGNeVqF9fLrAzeUtvf4de4oAAAAjLB0/t4OVWux47y7HVqtxcX18/GFMFGdOLl8/EDsp+9n+cPcxNTl5Q81XDcAAADQu/Xz/Wuf/6fv8V0Ik9XicyeXT5y60p9dWz7R6rwuMLe+vOq8LtDOlh8sLD8U++n7O783t2t1+eKx7y8/tdU7DwAAACPi1Iunn3lyefn4DzzxxBNP1p70+zcTAACw1b744p2JHx6a/d2Vz/+vz3+XPv+/L/bbcW6/P8cV0n0C6XMAV31e/4mNeeZK6z2/cb12tt5YjKms7umO7YSO+QbT6+ZL+dobtzNZyDeT5ZvN8uXzFIxn66d8e7Ll+fyEab25bHk+D+N4lqPK8t8dAAAAoGzphWefXzr14ukHTz775NPHnz7+3KGDR7595MiBh7710NLqff1LnXf3AwAAAINo/abfflcCAAAAAAAAAAAAAAAAAAAAo6uJrxPr9z4CAADAqPvXqyGEM0KIQlz5Cszm877Zp7xCCCGEGOQY2wE1CCF2bKys5N80DwAAALC9Lp5/6Vhne5Uz1Zbmq7JtX4p5Uzv74F/nL0da5dzDG6+X7N7Sahh1Tf/7l3+w8n/w2tbmn05P2lea7r//Whs3cLRe3nuXfrHQmf/28R7z5/v/eL38+7P894be8q+8n+V/ol7++7L8u3vMf9X+P18v//0x/0Ls77+n1/wb3/+p2Kb92NVj/m9m+/9U6DV/tv/tHhNmHoj5AWAUtfpdwDZJRwnpOHom9tP+xsPNkN/9sNnj/1a2nfHrrnzjdtNx0K2xn46XZrO8Sc/1//Q/KysdP5e0vRtq1pkblLtKSvVv1fu43Ur1TzRcR12l+icbrqOuUv1TDddRV6n+6YbrqKtUf6/nof1Wqn9QriuX6p9puI66SvXPNlxHXaX6N/v/eL+U6t/TcB11leqfa7iOukr117ys1rhS/fMN11FXqf4bG66jrlL9NzVcR12l+m9uuI5+uSO2pfPhdP45F8dSv531p67xsxzWawsAAAAwaP5p/j8hhjMuP/a7BrGF0fFX7b7XIoQQoxJ37/F7VwgxTLF6Ezgja3s/zQzATuX3/2jz/o827/9o8/7z/6R7+Kusn4x1GR/vMj7RZXwyG8//vU51Gb8p2+5KlMZv7jL+lS7je7qM39plfKHL+G1dxm/vMn5Hl3EAAABGwy2xdX4IAAAAw+vlX37y5q/vfeL8/IWze4+GyavmnT8Q+1Pxb+tvxH4+730yEf/m/6PY/3lsfx/bv2fru/8EAAAAtl/6nhh//wcAAIDhlb6n1Pk/AAAADK/52Dr/BwAAgOF1Y2yd/wMAAMAQq6avvTi26brA3bHtdV4/AGDn+2ps74zt3tjeFduvxTYdB9wT2683VB8AsHV+9t0fH3m7Wp/v/1A2fjEuT+1Vzly5UlC1Ns7kvyu2u2P7jR7ryb8PoNf8yZ4e82xX/rnrzA8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADI/W6uPhwwtVCO9++s6jP5l88y+Xl921tsa+1ccq9tohhIm116XR9f6v4ooXz790rLO9FNsqHAxVqNaWh8fOrWWaCSGcCfvCZ6EdPlpa/vLD9x7Z//Hr07e8dfqZV7bxR7Bh/wAAAGAY/S8AAP//Tq4eGQ==") openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) program did not crash extracting C reproducer testing compiled C program (duration=2m3.659316054s, {Threaded:true Repeat:true RepeatTimes:0 Procs:6 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$nilfs2-openat$cgroup_ro program crashed: KASAN: use-after-free Read in nilfs_find_entry simplifying C reproducer testing compiled C program (duration=2m3.659316054s, {Threaded:false Repeat:true RepeatTimes:0 Procs:6 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$nilfs2-openat$cgroup_ro program crashed: KASAN: use-after-free Read in nilfs_find_entry testing compiled C program (duration=2m3.659316054s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$nilfs2-openat$cgroup_ro program crashed: KASAN: use-after-free Read in nilfs_find_entry testing compiled C program (duration=2m3.659316054s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:true Sysctl:true Swap:false UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$nilfs2-openat$cgroup_ro program crashed: KASAN: use-after-free Read in nilfs_find_entry testing compiled C program (duration=2m3.659316054s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:false UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$nilfs2-openat$cgroup_ro program crashed: KASAN: use-after-free Read in nilfs_find_entry testing compiled C program (duration=2m3.659316054s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:false UseTmpDir:false HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$nilfs2-openat$cgroup_ro program did not crash testing compiled C program (duration=2m3.659316054s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:false UseTmpDir:true HandleSegv:false Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$nilfs2-openat$cgroup_ro program crashed: KASAN: use-after-free Read in nilfs_find_entry testing compiled C program (duration=2m3.659316054s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:true HandleSegv:false Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$nilfs2-openat$cgroup_ro program crashed: KASAN: use-after-free Read in nilfs_find_entry reproducing took 39m6.945971817s repro crashed as (corrupted=false): ======================================================= ================================================================== BUG: KASAN: use-after-free in nilfs_find_entry+0x29c/0x660 fs/nilfs2/dir.c:321 Read of size 2 at addr ffff888044d2a008 by task syz-executor345/5329 CPU: 0 UID: 0 PID: 5329 Comm: syz-executor345 Not tainted 6.12.0-rc6-syzkaller-00169-g906bd684e4b1 #0 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 Call Trace: __dump_stack lib/dump_stack.c:94 [inline] dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120 print_address_description mm/kasan/report.c:377 [inline] print_report+0x169/0x550 mm/kasan/report.c:488 kasan_report+0x143/0x180 mm/kasan/report.c:601 nilfs_find_entry+0x29c/0x660 fs/nilfs2/dir.c:321 nilfs_inode_by_name+0xad/0x240 fs/nilfs2/dir.c:394 nilfs_lookup+0xed/0x210 fs/nilfs2/namei.c:63 lookup_open fs/namei.c:3573 [inline] open_last_lookups fs/namei.c:3694 [inline] path_openat+0x11a7/0x3590 fs/namei.c:3930 do_filp_open+0x235/0x490 fs/namei.c:3960 do_sys_openat2+0x13e/0x1d0 fs/open.c:1415 do_sys_open fs/open.c:1430 [inline] __do_sys_openat fs/open.c:1446 [inline] __se_sys_openat fs/open.c:1441 [inline] __x64_sys_openat+0x247/0x2a0 fs/open.c:1441 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7fd82768f229 Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007ffc63f86648 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007fd82768f229 RDX: 000000000000275a RSI: 0000000020000080 RDI: 00000000ffffff9c RBP: 0000000000000000 R08: 0000000000000ee3 R09: 00007ffc63f86680 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 R13: 0000000000000000 R14: 431bde82d7b634db R15: 00007ffc63f866a0 The buggy address belongs to the physical page: page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x7f6860690 pfn:0x44d2a flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff) raw: 04fff00000000000 ffffea0001134ac8 ffff88801fc44cb0 0000000000000000 raw: 00000007f6860690 0000000000000000 00000000ffffffff 0000000000000000 page dumped because: kasan: bad access detected page_owner tracks the page as freed page last allocated via order 0, migratetype Movable, gfp_mask 0x140dca(GFP_HIGHUSER_MOVABLE|__GFP_COMP|__GFP_ZERO), pid 5317, tgid 5317 (sshd), ts 126612213045, free_ts 126969955636 set_page_owner include/linux/page_owner.h:32 [inline] post_alloc_hook+0x1f3/0x230 mm/page_alloc.c:1537 prep_new_page mm/page_alloc.c:1545 [inline] get_page_from_freelist+0x303f/0x3190 mm/page_alloc.c:3457 __alloc_pages_noprof+0x292/0x710 mm/page_alloc.c:4733 alloc_pages_mpol_noprof+0x3e8/0x680 mm/mempolicy.c:2265 folio_alloc_mpol_noprof mm/mempolicy.c:2283 [inline] vma_alloc_folio_noprof+0x12e/0x230 mm/mempolicy.c:2314 folio_prealloc+0x31/0x170 alloc_anon_folio mm/memory.c:4727 [inline] do_anonymous_page mm/memory.c:4784 [inline] do_pte_missing mm/memory.c:3963 [inline] handle_pte_fault+0x24dd/0x6820 mm/memory.c:5766 __handle_mm_fault mm/memory.c:5909 [inline] handle_mm_fault+0x1106/0x1bb0 mm/memory.c:6077 do_user_addr_fault arch/x86/mm/fault.c:1338 [inline] handle_page_fault arch/x86/mm/fault.c:1481 [inline] exc_page_fault+0x459/0x8c0 arch/x86/mm/fault.c:1539 asm_exc_page_fault+0x26/0x30 arch/x86/include/asm/idtentry.h:623 page last free pid 5317 tgid 5317 stack trace: reset_page_owner include/linux/page_owner.h:25 [inline] free_pages_prepare mm/page_alloc.c:1108 [inline] free_unref_folios+0xf12/0x18d0 mm/page_alloc.c:2686 folios_put_refs+0x76c/0x860 mm/swap.c:1007 free_pages_and_swap_cache+0x2ea/0x690 mm/swap_state.c:332 __tlb_batch_free_encoded_pages mm/mmu_gather.c:136 [inline] tlb_batch_pages_flush mm/mmu_gather.c:149 [inline] tlb_flush_mmu_free mm/mmu_gather.c:366 [inline] tlb_flush_mmu+0x3a3/0x680 mm/mmu_gather.c:373 tlb_finish_mmu+0xd4/0x200 mm/mmu_gather.c:465 vms_clear_ptes+0x437/0x530 mm/vma.c:1103 vms_complete_munmap_vmas+0x208/0x910 mm/vma.c:1147 do_vmi_align_munmap+0x613/0x730 mm/vma.c:1356 do_vmi_munmap+0x24e/0x2d0 mm/vma.c:1404 __vm_munmap+0x24c/0x480 mm/mmap.c:1613 __do_sys_munmap mm/mmap.c:1630 [inline] __se_sys_munmap mm/mmap.c:1627 [inline] __x64_sys_munmap+0x60/0x70 mm/mmap.c:1627 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f Memory state around the buggy address: ffff888044d29f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ffff888044d29f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 >ffff888044d2a000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ^ ffff888044d2a080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ffff888044d2a100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ================================================================== final repro crashed as (corrupted=false): ======================================================= ================================================================== BUG: KASAN: use-after-free in nilfs_find_entry+0x29c/0x660 fs/nilfs2/dir.c:321 Read of size 2 at addr ffff888044d2a008 by task syz-executor345/5329 CPU: 0 UID: 0 PID: 5329 Comm: syz-executor345 Not tainted 6.12.0-rc6-syzkaller-00169-g906bd684e4b1 #0 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 Call Trace: __dump_stack lib/dump_stack.c:94 [inline] dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120 print_address_description mm/kasan/report.c:377 [inline] print_report+0x169/0x550 mm/kasan/report.c:488 kasan_report+0x143/0x180 mm/kasan/report.c:601 nilfs_find_entry+0x29c/0x660 fs/nilfs2/dir.c:321 nilfs_inode_by_name+0xad/0x240 fs/nilfs2/dir.c:394 nilfs_lookup+0xed/0x210 fs/nilfs2/namei.c:63 lookup_open fs/namei.c:3573 [inline] open_last_lookups fs/namei.c:3694 [inline] path_openat+0x11a7/0x3590 fs/namei.c:3930 do_filp_open+0x235/0x490 fs/namei.c:3960 do_sys_openat2+0x13e/0x1d0 fs/open.c:1415 do_sys_open fs/open.c:1430 [inline] __do_sys_openat fs/open.c:1446 [inline] __se_sys_openat fs/open.c:1441 [inline] __x64_sys_openat+0x247/0x2a0 fs/open.c:1441 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7fd82768f229 Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007ffc63f86648 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007fd82768f229 RDX: 000000000000275a RSI: 0000000020000080 RDI: 00000000ffffff9c RBP: 0000000000000000 R08: 0000000000000ee3 R09: 00007ffc63f86680 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 R13: 0000000000000000 R14: 431bde82d7b634db R15: 00007ffc63f866a0 The buggy address belongs to the physical page: page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x7f6860690 pfn:0x44d2a flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff) raw: 04fff00000000000 ffffea0001134ac8 ffff88801fc44cb0 0000000000000000 raw: 00000007f6860690 0000000000000000 00000000ffffffff 0000000000000000 page dumped because: kasan: bad access detected page_owner tracks the page as freed page last allocated via order 0, migratetype Movable, gfp_mask 0x140dca(GFP_HIGHUSER_MOVABLE|__GFP_COMP|__GFP_ZERO), pid 5317, tgid 5317 (sshd), ts 126612213045, free_ts 126969955636 set_page_owner include/linux/page_owner.h:32 [inline] post_alloc_hook+0x1f3/0x230 mm/page_alloc.c:1537 prep_new_page mm/page_alloc.c:1545 [inline] get_page_from_freelist+0x303f/0x3190 mm/page_alloc.c:3457 __alloc_pages_noprof+0x292/0x710 mm/page_alloc.c:4733 alloc_pages_mpol_noprof+0x3e8/0x680 mm/mempolicy.c:2265 folio_alloc_mpol_noprof mm/mempolicy.c:2283 [inline] vma_alloc_folio_noprof+0x12e/0x230 mm/mempolicy.c:2314 folio_prealloc+0x31/0x170 alloc_anon_folio mm/memory.c:4727 [inline] do_anonymous_page mm/memory.c:4784 [inline] do_pte_missing mm/memory.c:3963 [inline] handle_pte_fault+0x24dd/0x6820 mm/memory.c:5766 __handle_mm_fault mm/memory.c:5909 [inline] handle_mm_fault+0x1106/0x1bb0 mm/memory.c:6077 do_user_addr_fault arch/x86/mm/fault.c:1338 [inline] handle_page_fault arch/x86/mm/fault.c:1481 [inline] exc_page_fault+0x459/0x8c0 arch/x86/mm/fault.c:1539 asm_exc_page_fault+0x26/0x30 arch/x86/include/asm/idtentry.h:623 page last free pid 5317 tgid 5317 stack trace: reset_page_owner include/linux/page_owner.h:25 [inline] free_pages_prepare mm/page_alloc.c:1108 [inline] free_unref_folios+0xf12/0x18d0 mm/page_alloc.c:2686 folios_put_refs+0x76c/0x860 mm/swap.c:1007 free_pages_and_swap_cache+0x2ea/0x690 mm/swap_state.c:332 __tlb_batch_free_encoded_pages mm/mmu_gather.c:136 [inline] tlb_batch_pages_flush mm/mmu_gather.c:149 [inline] tlb_flush_mmu_free mm/mmu_gather.c:366 [inline] tlb_flush_mmu+0x3a3/0x680 mm/mmu_gather.c:373 tlb_finish_mmu+0xd4/0x200 mm/mmu_gather.c:465 vms_clear_ptes+0x437/0x530 mm/vma.c:1103 vms_complete_munmap_vmas+0x208/0x910 mm/vma.c:1147 do_vmi_align_munmap+0x613/0x730 mm/vma.c:1356 do_vmi_munmap+0x24e/0x2d0 mm/vma.c:1404 __vm_munmap+0x24c/0x480 mm/mmap.c:1613 __do_sys_munmap mm/mmap.c:1630 [inline] __se_sys_munmap mm/mmap.c:1627 [inline] __x64_sys_munmap+0x60/0x70 mm/mmap.c:1627 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f Memory state around the buggy address: ffff888044d29f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ffff888044d29f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 >ffff888044d2a000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ^ ffff888044d2a080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ffff888044d2a100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ==================================================================