Extracting prog: 33.337773714s
Minimizing prog: 47m36.249313906s
Simplifying prog options: 0s
Extracting C: 53.820362732s
Simplifying C: 10m48.720307243s


30 programs, timeouts [30s 1m40s 6m0s]
extracting reproducer from 30 programs
first checking the prog from the crash report
single: executing 1 programs separately with timeout 30s
testing program (duration=30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_emit_vhci-tgkill-syz_clone-socket$nl_generic-syz_genetlink_get_family_id$nl80211-sendmsg$NL80211_CMD_SET_TID_CONFIG-socket$nl_xfrm-sendmsg$nl_xfrm-prctl$PR_SET_TAGGED_ADDR_CTRL-syz_mount_image$ext4-socket$inet_udp-ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL-ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL-socket$inet_mptcp-setsockopt$inet_tcp_int-sendto$inet-openat$ptmx-ioctl$TIOCSETD-syz_open_procfs-fchdir-mount-inotify_init1-fcntl$setown-fcntl$getownex-syz_mount_image$udf-syz_open_procfs$pagemap-ioctl$PAGEMAP_SCAN-sendfile-syz_init_net_socket$bt_sco-bind$bt_sco
detailed listing:
executing program 0:
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="043e110b07"], 0xfc)
tgkill(0x0, 0x0, 0xf)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000800), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r2, @ANYBLOB="000200000000000061711110000008000300", @ANYRES32=0x0, @ANYBLOB="04001d80"], 0x20}, 0x1, 0x0, 0x0, 0x4040}, 0x4008081)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYBLOB="c400000019000100000000000000000000000000000000000000000000000000fc00000000000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000d480b92514d5e8000000000000000000000000000000000000000000000000004000000000000000000000000c0008ff6689d0f18d21984bae27349b3170062f340e28c0e2184fbc39bff232fc7ea117c714471ce62fa2a445dfbbe6d535e5ca5ced13b20ea2af43ae31881f67cda9267061dca64186e4c229ca6456f25343923f058fd7bb990eb661a642fa08fb00"/216], 0xc4}}, 0x0)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000080), 0x1, 0x478, &(0x7f0000000dc0)="$eJzs3c9vFFUcAPDvTH/w21ZEEQSsopH4o6Xlhxy8aDTxoImJHjCealsIslBDSyKEaPWAR0Pi3Xg08S/wpBejnky8arwaEmK4gCYma2Z3Bpb9ZVu3TMN+PsnAe/Pe7nvfmXm7b2Z2uwH0rbHsnyRia0T8GhEj9eydFcbq/928fmnmr+uXZpKoVt/8M6nVu3H90kxRtXjclnqmWs3zG9q0e/mdiOlKZe5cnp9YPPP+xMKFi8+dOjN9cu7k3NmpY8cOH9o7fHTqyCqiSlrWZHHd2P3h/J5dr7595fWZ41fe/fHrrNbWvLwxjl4Zq2/dtp7sdWMl29aQTgZL7Agr8k9EZLtrqDb+R2IgNt0qG4lXPim1c8Caqlar1Xbvz7mlKnAPS6LsHgDlKN7os/PfYrlLU4914dqL9ROgLO6b+VIvGYw0Ijbm50bb1qj9sYg4vvT3F9kSa3QdAgCg0bfZ/OfZdvO/NB5qqHdffg9lNCLuj4jtEfFAROyIiAcjanV3RsTDK2y/+Q5J6/wnvbqqwJYpm/+9kN/bunP+lxZVRgfy3LZa/EPJiVOVuYP5NjkQQxuy/GSXNr57+ZfPOpU1zv+yJWu/mAvm/bg62HSBbnZ6cfr/xNzo2scRuwfbxZ9EcRsniYhdEbF7lW2cevqrPZ3KmuLPNnNT/F304D5T9cuIp+r7fyma4i8kHe9PTj5/dOrIxMaozB2cKI6KVj/9fPmN1rX15//v/b+2sv2/ue3xX+/fUMRosjFi4cLF07X7tQsrb+Pyb592PKdZ7fE/nLxVSw/n6z6YXlw8NxkxnLzWun7q9mOLfFE/i//A/vbjf3vc3hKPRER2EO+NiH0R8Wje98ci4vGI2N8pwN93xg8vPfHeyuPvclW+h7L4Z7vs/+wlL0vd3v/NB8JSm6I7EwOnv/+mU/vL2/+Ha6kD+ZrlvP516U67IAAAAOCeltY+A5+k47fSaTo+Xv8M/47YnFbmFxafOTF//uxs/bPyozGUFle6Rhquh07m14aL/FRT/lB+3fjzgU21/PjMfGW27OChz23pMP4zfwyU3Ttgzfm+FvQv4x/6l/EP/cv4h/5l/EP/ajf+PyqhH8DdVxv/adm9AMpQG//n95XdDaAEzv+hfxn/0Jc6fjc+7Vwk0dPEpsh/CmGd9GeZiUjXRTfWWyKWInr3hHHh4unBZf8xi9Ulkmhb1P11o/UXNgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANanfwMAAP//0JjdTg==")
r4 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r4, 0x89f1, &(0x7f0000000440)={'sit0\x00', &(0x7f0000000400)={'syztnl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @broadcast}}}})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r4, 0x89f3, &(0x7f0000000940)={'syztnl0\x00', &(0x7f0000000140)={'ip_vti0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @loopback}}}})
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_int(r5, 0x6, 0x22, &(0x7f0000000000)=0x1, 0xfefb)
sendto$inet(r4, &(0x7f0000000640)="68e0112722e41f6e2687fe9503c1e9afd447faf9ea7339696f23641398d90d1c7a5e106df73991f23e6ad120e7e788aa4254c177c10ae607a63db6b4ac1efaef380752040884a80f94aa5b330b00000000000000e9192dff1d6a8a9cdeb809338f1167feb6a87cf63e2638cce6ff04204a3b5ca558837ea4bff2fe0e00d7907f0b7e127d452af73ad5d5389f2fe57a6f45580df5e204de69ee7bae351a056d59ddca5bbc345bf9f86ed144c92a0fe672ddb0494fa158e30048af185c35e9f0079ca7345ba61d233ba6b9b851df932a5dd459b68d3ff4d08d3a46125acb16158105885f3e5008661b1c70ceb430b847e533e3f9d36d8517e80db71e7c44f759e6cc6a65", 0x103, 0x24048091, &(0x7f0000000540)={0x2, 0x4ea7, @multicast1}, 0x10)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000400)=0xe)
r7 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r7)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r8 = inotify_init1(0x0)
fcntl$setown(r8, 0x8, r0)
fcntl$getownex(r8, 0x10, &(0x7f0000000140)={0x0, <r9=>0x0})
syz_mount_image$udf(&(0x7f00000019c0), &(0x7f0000000f40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xa00010, &(0x7f0000001180)=ANY=[@ANYBLOB, @ANYRESDEC=0x0, @ANYBLOB=',nostrict,anchor=00000000000000000004,gid=forget,longad,novrs,undelete,mode=00000000000000000000003,umask=00000000000000000000007,\x00'], 0x1, 0xc52, &(0x7f0000001a00)="$eJzs3U9sHNd9B/DfGy3FpdzWTOwqThoHm7ZIZcVy9S+mYhXuqqbZFpBlIhRzC8CVSKkLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBAhQIGMzsW3FJkQktiiIlfz629J2deW/mvZn1DC3ozQsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIOL3Xr10+kzaZsORA2gMAPBQXBn70umz2z3/AYDH1tWd/v8fAAAAAAAAAAAAAAA4LFIU8VSkmLuyliaqzx31y+2+23fGh0e2rzaQqppHqvLlr/qZs+fOf+HFoQvdvNye+Tn1H7RPxetjVy81Xpm9NTc/tbAwNdkYn2lfn52c2vUe9lp/q5PVCWjceuP25I0bC42zL5zbtPnO4Af9TxwfvDj03Klnu2XHh0dGxjaK1HvL1+67IR07jfA4GkWcihTPf/tHqRURRez9XNQf7rXfaqDqxMmqE+PDI1VHptutmcVy42j3RBQRjZ5Kze452v5aRK3vofZhZ82IpbL5ZYNPlt0bm2vNt65NTzVGW/OL7cX27Mxo6rS27E8jiriQIpYjYrX/3t31RRG1SPHNJ9fStfzWj+o8fL4aGLxzO4p97OMulO1s9EUsF4/ANTvE+qOI1yLFj989Edfzfaa613wu4rUyvxvxdpkvR6Tyi3E+4v1tvkc8mmpRxF+U1//iWpqs7gfd+8rlLzf+cObGbE/Z7n3lQz4f7rlTHNDzYWBLPhyH/N5UjyJa1R1/Ld3/DzsAAAAAAAAAAAAAAAAAPGgDUcQnI8Wr//7H1bjiqMalP3lx6PcHf7l3zPgzv2A/ZdkXImKp2N2Y3KN5YOBoGk3pgMcSf5TVo4g/yeP/vn7QjQEAAAAAAAAAAAAAAAAAAPhIK+KHkeKl906k5eidU7w9c7NxtXVtujMrbHfu3+6c6evr6+uN1MlmzomcSzmXc67kXM0ZRa7f39lRM3+eyLmUcznnSs7VnHEk18/ZzDmRcynncs6VnKs5o5br52zmnMi5lHM550rO1ZxxSObuBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4nBRRxE8jxTe+upYiRUQzYiI6udJ/0K0DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEr9qYjvRIrGHzTvrqtFRKr+7ThR/nY+mkfL/Hg0h8p8OZqXcraqrDW/fgDtZ2/6UhE/iBT99XfuXvB8/fs6n+5+DeLtr0UM5OVP1Tp5pLtx8IP+J44/eXFo5DPP7LSctmvAycvtmdt3GuPDIyNjPatr+egf71k3mI9bPJiuExELb771Rmt6emr+fhaOVgvlV+C+qj9yC6n2UemphWohaoeiGQfT903qB3WDYl+Vz//3I8Vvv/cf3Qd+5/lfj1/qfLr7hI+f/OnGTwMvbd3RLp//ta318vO/fKZv9/x/qmfdS/mnkb5aRH3x1lzf8Yj6wptvnWrfat2cujk1c/706S8ODX3x3Om+oxH1G+3pqZ6lB3K6AAAAAAAAAAAAAAAAAB6eVMTvRorWD9ZSIyLuVOO1Bi8OPXfq2SNxpBpvtWnc9utjVy81Xpm9NTc/tbAwNdkYn2lfn52c2u3h6tVwr/HhkX3pzC80sM/tH6i/Mjv35nz75h8tbrv9WP3StYXF+db17TfHQBQRzd41J6sGjw+PVI2ebrdmqqqj2w6m//D6UhH/GSmun2+kz+Z1efz/1hH+1fj/7mGXtu7oAY7//8yxjfF/H+spWh4zpSJ+Eil+6y+fic9W7TwW95yzXO5vI8XJC5/O5eJoWa7bhs57BTojA8uy/xsp/vGnm8t2x0M+tVH2zIc6uY+A8vo/GSm+8+ffil/P6za//2H7639s64726f0PT/esO7bpfQV77jr5+p+KFC8/9U78RrXm/3/u+z+679440Sm88X6Ofbr+v9qzbjAf9zcfVOcBAAAAAAAAAAAeYX2piL+LFN8bqaUX87rd/P2/ya072qe///WJnnWTe52vaJcLez6pAAAAAHBI9KUifhgpbi6+c3cM9ebx3z3jP39nY/zncNqytfpzvl+p3hvwIP/8r9dgPu7E3rsNAAAAAAAAAAAAAAAAAAAAh0pKRbyY51OfqMbzT+44n/pKpHj1v5/P5dLxslx3HvjB6vf6ldmZU5emp2frsdi6Nj3VGJtrXZ8q6z4dKdb+5tO5blHNr96db74zx/vGXOzzkWLk77tlO3Oxd+cmf3qj7Jmy7McixX/9w+ayeWrqPHd0VfZsWfavI8VX/nn7ssc3yp4ry34rUnz/K41u2WNl2e77UT+xUfaF67PFPlwVAAAAAAAAAAAAAAAAAAAAPmr6UhF/Fin+59by3bH8ef7/vp6Plbe/1jPf/xZ3qnn+B6v5/3davp/5/6v3CiztdFQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHg8pSjirUgxd2UtrfSXnzvql9tF3BkfHtm+2kCqah6pype/6mfOnjv/hReHLnTzcnvm9s71H7RPxutjVy81Xpm9NTc/tbAwNdkYn2lfn52c2vUe9lp/q5PVCWjceuP25I0bC42zL5zbtPnO4Af9TxwfvDj03Klnu2XHh0dGxnrK1Pru++j3SDusPxpF/FWkeP7bP0rf648oYu/nov5wr/1WA1UnTladGB8eqToy3W7NLJYbR7snooho9FRqds/RQ7gWe9KMWCqbXzb4ZNm9sbnWfOva9FRjtDW/2F5sz86Mpk5ry/40oogLKWI5Ilb7791dXxTxRqT45pNr6V/6I450z8Pnr4x96fTZndtR7GMfd6FsZ6MvYrnY+ZodPcD2PSr6o4h/ihQ/fvdE/Gt/RC06v+JzEa+V+d2It6NzvVP5xTgf8f423yMeTbUo4v/K639xLb3bX94PuveVy19OSxGzPWW795VH/vnwMB3y50k9ivh+dcdfS//mv2sAAAAAAAAAAAAAAACAQ6SIX4sUL713IlXjg++OKW7P3GxcbV2b7gzr6479646ZXl9fX2+kTjZzTuRcyrmccyXnas4ocv2czTLr6+sT+fNSzuWcKzlXc8aRXD9nM+dEzqWcyzlXcq7mjFqun7OZcyLnUs7lnCs5V3PGIRm7BwAAAAAAAAAAAAAAAAAAPF6K6p8U3/jqWlrv78wvPRGdXDEf6GPvZwEAAP//0Pr2Kw==")
r10 = syz_open_procfs$pagemap(r9, &(0x7f0000000580))
ioctl$PAGEMAP_SCAN(r10, 0xc0606610, &(0x7f0000000200)={0x60, 0x0, &(0x7f0000245000/0x2000)=nil, &(0x7f00004c7000/0x1000)=nil, 0x0, 0x0, 0x0, 0x1bb, 0x0, 0x0, 0x6a, 0x55})
sendfile(r6, 0xffffffffffffffff, 0x0, 0x7ffff000)
r11 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$bt_sco(r11, &(0x7f0000000000)={0x1f, @fixed}, 0x8)

program crashed: BUG: unable to handle kernel paging request in do_pagemap_cmd
single: successfully extracted reproducer
found reproducer with 30 syscalls
minimizing guilty program
testing program (duration=42.766832175s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_emit_vhci-tgkill-syz_clone-socket$nl_generic-syz_genetlink_get_family_id$nl80211-sendmsg$NL80211_CMD_SET_TID_CONFIG-socket$nl_xfrm-sendmsg$nl_xfrm-prctl$PR_SET_TAGGED_ADDR_CTRL-syz_mount_image$ext4-socket$inet_udp-ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL-ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL-socket$inet_mptcp-setsockopt$inet_tcp_int-sendto$inet-openat$ptmx-ioctl$TIOCSETD-syz_open_procfs-fchdir-mount-inotify_init1-fcntl$setown-fcntl$getownex-syz_mount_image$udf-syz_open_procfs$pagemap-ioctl$PAGEMAP_SCAN-sendfile-syz_init_net_socket$bt_sco
detailed listing:
executing program 0:
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="043e110b07"], 0xfc)
tgkill(0x0, 0x0, 0xf)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000800), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r2, @ANYBLOB="000200000000000061711110000008000300", @ANYRES32=0x0, @ANYBLOB="04001d80"], 0x20}, 0x1, 0x0, 0x0, 0x4040}, 0x4008081)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYBLOB="c400000019000100000000000000000000000000000000000000000000000000fc00000000000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000d480b92514d5e8000000000000000000000000000000000000000000000000004000000000000000000000000c0008ff6689d0f18d21984bae27349b3170062f340e28c0e2184fbc39bff232fc7ea117c714471ce62fa2a445dfbbe6d535e5ca5ced13b20ea2af43ae31881f67cda9267061dca64186e4c229ca6456f25343923f058fd7bb990eb661a642fa08fb00"/216], 0xc4}}, 0x0)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000080), 0x1, 0x478, &(0x7f0000000dc0)="$eJzs3c9vFFUcAPDvTH/w21ZEEQSsopH4o6Xlhxy8aDTxoImJHjCealsIslBDSyKEaPWAR0Pi3Xg08S/wpBejnky8arwaEmK4gCYma2Z3Bpb9ZVu3TMN+PsnAe/Pe7nvfmXm7b2Z2uwH0rbHsnyRia0T8GhEj9eydFcbq/928fmnmr+uXZpKoVt/8M6nVu3H90kxRtXjclnqmWs3zG9q0e/mdiOlKZe5cnp9YPPP+xMKFi8+dOjN9cu7k3NmpY8cOH9o7fHTqyCqiSlrWZHHd2P3h/J5dr7595fWZ41fe/fHrrNbWvLwxjl4Zq2/dtp7sdWMl29aQTgZL7Agr8k9EZLtrqDb+R2IgNt0qG4lXPim1c8Caqlar1Xbvz7mlKnAPS6LsHgDlKN7os/PfYrlLU4914dqL9ROgLO6b+VIvGYw0Ijbm50bb1qj9sYg4vvT3F9kSa3QdAgCg0bfZ/OfZdvO/NB5qqHdffg9lNCLuj4jtEfFAROyIiAcjanV3RsTDK2y/+Q5J6/wnvbqqwJYpm/+9kN/bunP+lxZVRgfy3LZa/EPJiVOVuYP5NjkQQxuy/GSXNr57+ZfPOpU1zv+yJWu/mAvm/bg62HSBbnZ6cfr/xNzo2scRuwfbxZ9EcRsniYhdEbF7lW2cevqrPZ3KmuLPNnNT/F304D5T9cuIp+r7fyma4i8kHe9PTj5/dOrIxMaozB2cKI6KVj/9fPmN1rX15//v/b+2sv2/ue3xX+/fUMRosjFi4cLF07X7tQsrb+Pyb592PKdZ7fE/nLxVSw/n6z6YXlw8NxkxnLzWun7q9mOLfFE/i//A/vbjf3vc3hKPRER2EO+NiH0R8Wje98ci4vGI2N8pwN93xg8vPfHeyuPvclW+h7L4Z7vs/+wlL0vd3v/NB8JSm6I7EwOnv/+mU/vL2/+Ha6kD+ZrlvP516U67IAAAAOCeltY+A5+k47fSaTo+Xv8M/47YnFbmFxafOTF//uxs/bPyozGUFle6Rhquh07m14aL/FRT/lB+3fjzgU21/PjMfGW27OChz23pMP4zfwyU3Ttgzfm+FvQv4x/6l/EP/cv4h/5l/EP/ajf+PyqhH8DdVxv/adm9AMpQG//n95XdDaAEzv+hfxn/0Jc6fjc+7Vwk0dPEpsh/CmGd9GeZiUjXRTfWWyKWInr3hHHh4unBZf8xi9Ulkmhb1P11o/UXNgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANanfwMAAP//0JjdTg==")
r4 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r4, 0x89f1, &(0x7f0000000440)={'sit0\x00', &(0x7f0000000400)={'syztnl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @broadcast}}}})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r4, 0x89f3, &(0x7f0000000940)={'syztnl0\x00', &(0x7f0000000140)={'ip_vti0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @loopback}}}})
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_int(r5, 0x6, 0x22, &(0x7f0000000000)=0x1, 0xfefb)
sendto$inet(r4, &(0x7f0000000640)="68e0112722e41f6e2687fe9503c1e9afd447faf9ea7339696f23641398d90d1c7a5e106df73991f23e6ad120e7e788aa4254c177c10ae607a63db6b4ac1efaef380752040884a80f94aa5b330b00000000000000e9192dff1d6a8a9cdeb809338f1167feb6a87cf63e2638cce6ff04204a3b5ca558837ea4bff2fe0e00d7907f0b7e127d452af73ad5d5389f2fe57a6f45580df5e204de69ee7bae351a056d59ddca5bbc345bf9f86ed144c92a0fe672ddb0494fa158e30048af185c35e9f0079ca7345ba61d233ba6b9b851df932a5dd459b68d3ff4d08d3a46125acb16158105885f3e5008661b1c70ceb430b847e533e3f9d36d8517e80db71e7c44f759e6cc6a65", 0x103, 0x24048091, &(0x7f0000000540)={0x2, 0x4ea7, @multicast1}, 0x10)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000400)=0xe)
r7 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r7)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r8 = inotify_init1(0x0)
fcntl$setown(r8, 0x8, r0)
fcntl$getownex(r8, 0x10, &(0x7f0000000140)={0x0, <r9=>0x0})
syz_mount_image$udf(&(0x7f00000019c0), &(0x7f0000000f40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xa00010, &(0x7f0000001180)=ANY=[@ANYBLOB, @ANYRESDEC=0x0, @ANYBLOB=',nostrict,anchor=00000000000000000004,gid=forget,longad,novrs,undelete,mode=00000000000000000000003,umask=00000000000000000000007,\x00'], 0x1, 0xc52, &(0x7f0000001a00)="$eJzs3U9sHNd9B/DfGy3FpdzWTOwqThoHm7ZIZcVy9S+mYhXuqqbZFpBlIhRzC8CVSKkLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBAhQIGMzsW3FJkQktiiIlfz629J2deW/mvZn1DC3ozQsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIOL3Xr10+kzaZsORA2gMAPBQXBn70umz2z3/AYDH1tWd/v8fAAAAAAAAAAAAAAA4LFIU8VSkmLuyliaqzx31y+2+23fGh0e2rzaQqppHqvLlr/qZs+fOf+HFoQvdvNye+Tn1H7RPxetjVy81Xpm9NTc/tbAwNdkYn2lfn52c2vUe9lp/q5PVCWjceuP25I0bC42zL5zbtPnO4Af9TxwfvDj03Klnu2XHh0dGxjaK1HvL1+67IR07jfA4GkWcihTPf/tHqRURRez9XNQf7rXfaqDqxMmqE+PDI1VHptutmcVy42j3RBQRjZ5Kze452v5aRK3vofZhZ82IpbL5ZYNPlt0bm2vNt65NTzVGW/OL7cX27Mxo6rS27E8jiriQIpYjYrX/3t31RRG1SPHNJ9fStfzWj+o8fL4aGLxzO4p97OMulO1s9EUsF4/ANTvE+qOI1yLFj989Edfzfaa613wu4rUyvxvxdpkvR6Tyi3E+4v1tvkc8mmpRxF+U1//iWpqs7gfd+8rlLzf+cObGbE/Z7n3lQz4f7rlTHNDzYWBLPhyH/N5UjyJa1R1/Ld3/DzsAAAAAAAAAAAAAAAAAPGgDUcQnI8Wr//7H1bjiqMalP3lx6PcHf7l3zPgzv2A/ZdkXImKp2N2Y3KN5YOBoGk3pgMcSf5TVo4g/yeP/vn7QjQEAAAAAAAAAAAAAAAAAAPhIK+KHkeKl906k5eidU7w9c7NxtXVtujMrbHfu3+6c6evr6+uN1MlmzomcSzmXc67kXM0ZRa7f39lRM3+eyLmUcznnSs7VnHEk18/ZzDmRcynncs6VnKs5o5br52zmnMi5lHM550rO1ZxxSObuBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4nBRRxE8jxTe+upYiRUQzYiI6udJ/0K0DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEr9qYjvRIrGHzTvrqtFRKr+7ThR/nY+mkfL/Hg0h8p8OZqXcraqrDW/fgDtZ2/6UhE/iBT99XfuXvB8/fs6n+5+DeLtr0UM5OVP1Tp5pLtx8IP+J44/eXFo5DPP7LSctmvAycvtmdt3GuPDIyNjPatr+egf71k3mI9bPJiuExELb771Rmt6emr+fhaOVgvlV+C+qj9yC6n2UemphWohaoeiGQfT903qB3WDYl+Vz//3I8Vvv/cf3Qd+5/lfj1/qfLr7hI+f/OnGTwMvbd3RLp//ta318vO/fKZv9/x/qmfdS/mnkb5aRH3x1lzf8Yj6wptvnWrfat2cujk1c/706S8ODX3x3Om+oxH1G+3pqZ6lB3K6AAAAAAAAAAAAAAAAAB6eVMTvRorWD9ZSIyLuVOO1Bi8OPXfq2SNxpBpvtWnc9utjVy81Xpm9NTc/tbAwNdkYn2lfn52c2u3h6tVwr/HhkX3pzC80sM/tH6i/Mjv35nz75h8tbrv9WP3StYXF+db17TfHQBQRzd41J6sGjw+PVI2ebrdmqqqj2w6m//D6UhH/GSmun2+kz+Z1efz/1hH+1fj/7mGXtu7oAY7//8yxjfF/H+spWh4zpSJ+Eil+6y+fic9W7TwW95yzXO5vI8XJC5/O5eJoWa7bhs57BTojA8uy/xsp/vGnm8t2x0M+tVH2zIc6uY+A8vo/GSm+8+ffil/P6za//2H7639s64726f0PT/esO7bpfQV77jr5+p+KFC8/9U78RrXm/3/u+z+679440Sm88X6Ofbr+v9qzbjAf9zcfVOcBAAAAAAAAAAAeYX2piL+LFN8bqaUX87rd/P2/ya072qe///WJnnWTe52vaJcLez6pAAAAAHBI9KUifhgpbi6+c3cM9ebx3z3jP39nY/zncNqytfpzvl+p3hvwIP/8r9dgPu7E3rsNAAAAAAAAAAAAAAAAAAAAh0pKRbyY51OfqMbzT+44n/pKpHj1v5/P5dLxslx3HvjB6vf6ldmZU5emp2frsdi6Nj3VGJtrXZ8q6z4dKdb+5tO5blHNr96db74zx/vGXOzzkWLk77tlO3Oxd+cmf3qj7Jmy7McixX/9w+ayeWrqPHd0VfZsWfavI8VX/nn7ssc3yp4ry34rUnz/K41u2WNl2e77UT+xUfaF67PFPlwVAAAAAAAAAAAAAAAAAAAAPmr6UhF/Fin+59by3bH8ef7/vp6Plbe/1jPf/xZ3qnn+B6v5/3davp/5/6v3CiztdFQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHg8pSjirUgxd2UtrfSXnzvql9tF3BkfHtm+2kCqah6pype/6mfOnjv/hReHLnTzcnvm9s71H7RPxutjVy81Xpm9NTc/tbAwNdkYn2lfn52c2vUe9lp/q5PVCWjceuP25I0bC42zL5zbtPnO4Af9TxwfvDj03Klnu2XHh0dGxnrK1Pru++j3SDusPxpF/FWkeP7bP0rf648oYu/nov5wr/1WA1UnTladGB8eqToy3W7NLJYbR7snooho9FRqds/RQ7gWe9KMWCqbXzb4ZNm9sbnWfOva9FRjtDW/2F5sz86Mpk5ry/40oogLKWI5Ilb7791dXxTxRqT45pNr6V/6I450z8Pnr4x96fTZndtR7GMfd6FsZ6MvYrnY+ZodPcD2PSr6o4h/ihQ/fvdE/Gt/RC06v+JzEa+V+d2It6NzvVP5xTgf8f423yMeTbUo4v/K639xLb3bX94PuveVy19OSxGzPWW795VH/vnwMB3y50k9ivh+dcdfS//mv2sAAAAAAAAAAAAAAACAQ6SIX4sUL713IlXjg++OKW7P3GxcbV2b7gzr6479646ZXl9fX2+kTjZzTuRcyrmccyXnas4ocv2czTLr6+sT+fNSzuWcKzlXc8aRXD9nM+dEzqWcyzlXcq7mjFqun7OZcyLnUs7lnCs5V3PGIRm7BwAAAAAAAAAAAAAAAAAAPF6K6p8U3/jqWlrv78wvPRGdXDEf6GPvZwEAAP//0Pr2Kw==")
r10 = syz_open_procfs$pagemap(r9, &(0x7f0000000580))
ioctl$PAGEMAP_SCAN(r10, 0xc0606610, &(0x7f0000000200)={0x60, 0x0, &(0x7f0000245000/0x2000)=nil, &(0x7f00004c7000/0x1000)=nil, 0x0, 0x0, 0x0, 0x1bb, 0x0, 0x0, 0x6a, 0x55})
sendfile(r6, 0xffffffffffffffff, 0x0, 0x7ffff000)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)

program crashed: BUG: unable to handle kernel paging request in do_pagemap_cmd
testing program (duration=42.766832175s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_emit_vhci-tgkill-syz_clone-socket$nl_generic-syz_genetlink_get_family_id$nl80211-sendmsg$NL80211_CMD_SET_TID_CONFIG-socket$nl_xfrm-sendmsg$nl_xfrm-prctl$PR_SET_TAGGED_ADDR_CTRL-syz_mount_image$ext4-socket$inet_udp-ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL-ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL-socket$inet_mptcp-setsockopt$inet_tcp_int-sendto$inet-openat$ptmx-ioctl$TIOCSETD-syz_open_procfs-fchdir-mount-inotify_init1-fcntl$setown-fcntl$getownex-syz_mount_image$udf-syz_open_procfs$pagemap-ioctl$PAGEMAP_SCAN-sendfile
detailed listing:
executing program 0:
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="043e110b07"], 0xfc)
tgkill(0x0, 0x0, 0xf)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000800), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r2, @ANYBLOB="000200000000000061711110000008000300", @ANYRES32=0x0, @ANYBLOB="04001d80"], 0x20}, 0x1, 0x0, 0x0, 0x4040}, 0x4008081)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYBLOB="c400000019000100000000000000000000000000000000000000000000000000fc00000000000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000d480b92514d5e8000000000000000000000000000000000000000000000000004000000000000000000000000c0008ff6689d0f18d21984bae27349b3170062f340e28c0e2184fbc39bff232fc7ea117c714471ce62fa2a445dfbbe6d535e5ca5ced13b20ea2af43ae31881f67cda9267061dca64186e4c229ca6456f25343923f058fd7bb990eb661a642fa08fb00"/216], 0xc4}}, 0x0)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000080), 0x1, 0x478, &(0x7f0000000dc0)="$eJzs3c9vFFUcAPDvTH/w21ZEEQSsopH4o6Xlhxy8aDTxoImJHjCealsIslBDSyKEaPWAR0Pi3Xg08S/wpBejnky8arwaEmK4gCYma2Z3Bpb9ZVu3TMN+PsnAe/Pe7nvfmXm7b2Z2uwH0rbHsnyRia0T8GhEj9eydFcbq/928fmnmr+uXZpKoVt/8M6nVu3H90kxRtXjclnqmWs3zG9q0e/mdiOlKZe5cnp9YPPP+xMKFi8+dOjN9cu7k3NmpY8cOH9o7fHTqyCqiSlrWZHHd2P3h/J5dr7595fWZ41fe/fHrrNbWvLwxjl4Zq2/dtp7sdWMl29aQTgZL7Agr8k9EZLtrqDb+R2IgNt0qG4lXPim1c8Caqlar1Xbvz7mlKnAPS6LsHgDlKN7os/PfYrlLU4914dqL9ROgLO6b+VIvGYw0Ijbm50bb1qj9sYg4vvT3F9kSa3QdAgCg0bfZ/OfZdvO/NB5qqHdffg9lNCLuj4jtEfFAROyIiAcjanV3RsTDK2y/+Q5J6/wnvbqqwJYpm/+9kN/bunP+lxZVRgfy3LZa/EPJiVOVuYP5NjkQQxuy/GSXNr57+ZfPOpU1zv+yJWu/mAvm/bg62HSBbnZ6cfr/xNzo2scRuwfbxZ9EcRsniYhdEbF7lW2cevqrPZ3KmuLPNnNT/F304D5T9cuIp+r7fyma4i8kHe9PTj5/dOrIxMaozB2cKI6KVj/9fPmN1rX15//v/b+2sv2/ue3xX+/fUMRosjFi4cLF07X7tQsrb+Pyb592PKdZ7fE/nLxVSw/n6z6YXlw8NxkxnLzWun7q9mOLfFE/i//A/vbjf3vc3hKPRER2EO+NiH0R8Wje98ci4vGI2N8pwN93xg8vPfHeyuPvclW+h7L4Z7vs/+wlL0vd3v/NB8JSm6I7EwOnv/+mU/vL2/+Ha6kD+ZrlvP516U67IAAAAOCeltY+A5+k47fSaTo+Xv8M/47YnFbmFxafOTF//uxs/bPyozGUFle6Rhquh07m14aL/FRT/lB+3fjzgU21/PjMfGW27OChz23pMP4zfwyU3Ttgzfm+FvQv4x/6l/EP/cv4h/5l/EP/ajf+PyqhH8DdVxv/adm9AMpQG//n95XdDaAEzv+hfxn/0Jc6fjc+7Vwk0dPEpsh/CmGd9GeZiUjXRTfWWyKWInr3hHHh4unBZf8xi9Ulkmhb1P11o/UXNgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANanfwMAAP//0JjdTg==")
r4 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r4, 0x89f1, &(0x7f0000000440)={'sit0\x00', &(0x7f0000000400)={'syztnl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @broadcast}}}})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r4, 0x89f3, &(0x7f0000000940)={'syztnl0\x00', &(0x7f0000000140)={'ip_vti0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @loopback}}}})
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_int(r5, 0x6, 0x22, &(0x7f0000000000)=0x1, 0xfefb)
sendto$inet(r4, &(0x7f0000000640)="68e0112722e41f6e2687fe9503c1e9afd447faf9ea7339696f23641398d90d1c7a5e106df73991f23e6ad120e7e788aa4254c177c10ae607a63db6b4ac1efaef380752040884a80f94aa5b330b00000000000000e9192dff1d6a8a9cdeb809338f1167feb6a87cf63e2638cce6ff04204a3b5ca558837ea4bff2fe0e00d7907f0b7e127d452af73ad5d5389f2fe57a6f45580df5e204de69ee7bae351a056d59ddca5bbc345bf9f86ed144c92a0fe672ddb0494fa158e30048af185c35e9f0079ca7345ba61d233ba6b9b851df932a5dd459b68d3ff4d08d3a46125acb16158105885f3e5008661b1c70ceb430b847e533e3f9d36d8517e80db71e7c44f759e6cc6a65", 0x103, 0x24048091, &(0x7f0000000540)={0x2, 0x4ea7, @multicast1}, 0x10)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000400)=0xe)
r7 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r7)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r8 = inotify_init1(0x0)
fcntl$setown(r8, 0x8, r0)
fcntl$getownex(r8, 0x10, &(0x7f0000000140)={0x0, <r9=>0x0})
syz_mount_image$udf(&(0x7f00000019c0), &(0x7f0000000f40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xa00010, &(0x7f0000001180)=ANY=[@ANYBLOB, @ANYRESDEC=0x0, @ANYBLOB=',nostrict,anchor=00000000000000000004,gid=forget,longad,novrs,undelete,mode=00000000000000000000003,umask=00000000000000000000007,\x00'], 0x1, 0xc52, &(0x7f0000001a00)="$eJzs3U9sHNd9B/DfGy3FpdzWTOwqThoHm7ZIZcVy9S+mYhXuqqbZFpBlIhRzC8CVSKkLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBAhQIGMzsW3FJkQktiiIlfz629J2deW/mvZn1DC3ozQsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIOL3Xr10+kzaZsORA2gMAPBQXBn70umz2z3/AYDH1tWd/v8fAAAAAAAAAAAAAAA4LFIU8VSkmLuyliaqzx31y+2+23fGh0e2rzaQqppHqvLlr/qZs+fOf+HFoQvdvNye+Tn1H7RPxetjVy81Xpm9NTc/tbAwNdkYn2lfn52c2vUe9lp/q5PVCWjceuP25I0bC42zL5zbtPnO4Af9TxwfvDj03Klnu2XHh0dGxjaK1HvL1+67IR07jfA4GkWcihTPf/tHqRURRez9XNQf7rXfaqDqxMmqE+PDI1VHptutmcVy42j3RBQRjZ5Kze452v5aRK3vofZhZ82IpbL5ZYNPlt0bm2vNt65NTzVGW/OL7cX27Mxo6rS27E8jiriQIpYjYrX/3t31RRG1SPHNJ9fStfzWj+o8fL4aGLxzO4p97OMulO1s9EUsF4/ANTvE+qOI1yLFj989Edfzfaa613wu4rUyvxvxdpkvR6Tyi3E+4v1tvkc8mmpRxF+U1//iWpqs7gfd+8rlLzf+cObGbE/Z7n3lQz4f7rlTHNDzYWBLPhyH/N5UjyJa1R1/Ld3/DzsAAAAAAAAAAAAAAAAAPGgDUcQnI8Wr//7H1bjiqMalP3lx6PcHf7l3zPgzv2A/ZdkXImKp2N2Y3KN5YOBoGk3pgMcSf5TVo4g/yeP/vn7QjQEAAAAAAAAAAAAAAAAAAPhIK+KHkeKl906k5eidU7w9c7NxtXVtujMrbHfu3+6c6evr6+uN1MlmzomcSzmXc67kXM0ZRa7f39lRM3+eyLmUcznnSs7VnHEk18/ZzDmRcynncs6VnKs5o5br52zmnMi5lHM550rO1ZxxSObuBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4nBRRxE8jxTe+upYiRUQzYiI6udJ/0K0DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEr9qYjvRIrGHzTvrqtFRKr+7ThR/nY+mkfL/Hg0h8p8OZqXcraqrDW/fgDtZ2/6UhE/iBT99XfuXvB8/fs6n+5+DeLtr0UM5OVP1Tp5pLtx8IP+J44/eXFo5DPP7LSctmvAycvtmdt3GuPDIyNjPatr+egf71k3mI9bPJiuExELb771Rmt6emr+fhaOVgvlV+C+qj9yC6n2UemphWohaoeiGQfT903qB3WDYl+Vz//3I8Vvv/cf3Qd+5/lfj1/qfLr7hI+f/OnGTwMvbd3RLp//ta318vO/fKZv9/x/qmfdS/mnkb5aRH3x1lzf8Yj6wptvnWrfat2cujk1c/706S8ODX3x3Om+oxH1G+3pqZ6lB3K6AAAAAAAAAAAAAAAAAB6eVMTvRorWD9ZSIyLuVOO1Bi8OPXfq2SNxpBpvtWnc9utjVy81Xpm9NTc/tbAwNdkYn2lfn52c2u3h6tVwr/HhkX3pzC80sM/tH6i/Mjv35nz75h8tbrv9WP3StYXF+db17TfHQBQRzd41J6sGjw+PVI2ebrdmqqqj2w6m//D6UhH/GSmun2+kz+Z1efz/1hH+1fj/7mGXtu7oAY7//8yxjfF/H+spWh4zpSJ+Eil+6y+fic9W7TwW95yzXO5vI8XJC5/O5eJoWa7bhs57BTojA8uy/xsp/vGnm8t2x0M+tVH2zIc6uY+A8vo/GSm+8+ffil/P6za//2H7639s64726f0PT/esO7bpfQV77jr5+p+KFC8/9U78RrXm/3/u+z+679440Sm88X6Ofbr+v9qzbjAf9zcfVOcBAAAAAAAAAAAeYX2piL+LFN8bqaUX87rd/P2/ya072qe///WJnnWTe52vaJcLez6pAAAAAHBI9KUifhgpbi6+c3cM9ebx3z3jP39nY/zncNqytfpzvl+p3hvwIP/8r9dgPu7E3rsNAAAAAAAAAAAAAAAAAAAAh0pKRbyY51OfqMbzT+44n/pKpHj1v5/P5dLxslx3HvjB6vf6ldmZU5emp2frsdi6Nj3VGJtrXZ8q6z4dKdb+5tO5blHNr96db74zx/vGXOzzkWLk77tlO3Oxd+cmf3qj7Jmy7McixX/9w+ayeWrqPHd0VfZsWfavI8VX/nn7ssc3yp4ry34rUnz/K41u2WNl2e77UT+xUfaF67PFPlwVAAAAAAAAAAAAAAAAAAAAPmr6UhF/Fin+59by3bH8ef7/vp6Plbe/1jPf/xZ3qnn+B6v5/3davp/5/6v3CiztdFQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHg8pSjirUgxd2UtrfSXnzvql9tF3BkfHtm+2kCqah6pype/6mfOnjv/hReHLnTzcnvm9s71H7RPxutjVy81Xpm9NTc/tbAwNdkYn2lfn52c2vUe9lp/q5PVCWjceuP25I0bC42zL5zbtPnO4Af9TxwfvDj03Klnu2XHh0dGxnrK1Pru++j3SDusPxpF/FWkeP7bP0rf648oYu/nov5wr/1WA1UnTladGB8eqToy3W7NLJYbR7snooho9FRqds/RQ7gWe9KMWCqbXzb4ZNm9sbnWfOva9FRjtDW/2F5sz86Mpk5ry/40oogLKWI5Ilb7791dXxTxRqT45pNr6V/6I450z8Pnr4x96fTZndtR7GMfd6FsZ6MvYrnY+ZodPcD2PSr6o4h/ihQ/fvdE/Gt/RC06v+JzEa+V+d2It6NzvVP5xTgf8f423yMeTbUo4v/K639xLb3bX94PuveVy19OSxGzPWW795VH/vnwMB3y50k9ivh+dcdfS//mv2sAAAAAAAAAAAAAAACAQ6SIX4sUL713IlXjg++OKW7P3GxcbV2b7gzr6479646ZXl9fX2+kTjZzTuRcyrmccyXnas4ocv2czTLr6+sT+fNSzuWcKzlXc8aRXD9nM+dEzqWcyzlXcq7mjFqun7OZcyLnUs7lnCs5V3PGIRm7BwAAAAAAAAAAAAAAAAAAPF6K6p8U3/jqWlrv78wvPRGdXDEf6GPvZwEAAP//0Pr2Kw==")
r10 = syz_open_procfs$pagemap(r9, &(0x7f0000000580))
ioctl$PAGEMAP_SCAN(r10, 0xc0606610, &(0x7f0000000200)={0x60, 0x0, &(0x7f0000245000/0x2000)=nil, &(0x7f00004c7000/0x1000)=nil, 0x0, 0x0, 0x0, 0x1bb, 0x0, 0x0, 0x6a, 0x55})
sendfile(r6, 0xffffffffffffffff, 0x0, 0x7ffff000)

program crashed: BUG: unable to handle kernel paging request in do_pagemap_cmd
testing program (duration=42.766832175s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_emit_vhci-tgkill-syz_clone-socket$nl_generic-syz_genetlink_get_family_id$nl80211-sendmsg$NL80211_CMD_SET_TID_CONFIG-socket$nl_xfrm-sendmsg$nl_xfrm-prctl$PR_SET_TAGGED_ADDR_CTRL-syz_mount_image$ext4-socket$inet_udp-ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL-ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL-socket$inet_mptcp-setsockopt$inet_tcp_int-sendto$inet-openat$ptmx-ioctl$TIOCSETD-syz_open_procfs-fchdir-mount-inotify_init1-fcntl$setown-fcntl$getownex-syz_mount_image$udf-syz_open_procfs$pagemap-ioctl$PAGEMAP_SCAN
detailed listing:
executing program 0:
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="043e110b07"], 0xfc)
tgkill(0x0, 0x0, 0xf)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000800), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r2, @ANYBLOB="000200000000000061711110000008000300", @ANYRES32=0x0, @ANYBLOB="04001d80"], 0x20}, 0x1, 0x0, 0x0, 0x4040}, 0x4008081)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYBLOB="c400000019000100000000000000000000000000000000000000000000000000fc00000000000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000d480b92514d5e8000000000000000000000000000000000000000000000000004000000000000000000000000c0008ff6689d0f18d21984bae27349b3170062f340e28c0e2184fbc39bff232fc7ea117c714471ce62fa2a445dfbbe6d535e5ca5ced13b20ea2af43ae31881f67cda9267061dca64186e4c229ca6456f25343923f058fd7bb990eb661a642fa08fb00"/216], 0xc4}}, 0x0)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000080), 0x1, 0x478, &(0x7f0000000dc0)="$eJzs3c9vFFUcAPDvTH/w21ZEEQSsopH4o6Xlhxy8aDTxoImJHjCealsIslBDSyKEaPWAR0Pi3Xg08S/wpBejnky8arwaEmK4gCYma2Z3Bpb9ZVu3TMN+PsnAe/Pe7nvfmXm7b2Z2uwH0rbHsnyRia0T8GhEj9eydFcbq/928fmnmr+uXZpKoVt/8M6nVu3H90kxRtXjclnqmWs3zG9q0e/mdiOlKZe5cnp9YPPP+xMKFi8+dOjN9cu7k3NmpY8cOH9o7fHTqyCqiSlrWZHHd2P3h/J5dr7595fWZ41fe/fHrrNbWvLwxjl4Zq2/dtp7sdWMl29aQTgZL7Agr8k9EZLtrqDb+R2IgNt0qG4lXPim1c8Caqlar1Xbvz7mlKnAPS6LsHgDlKN7os/PfYrlLU4914dqL9ROgLO6b+VIvGYw0Ijbm50bb1qj9sYg4vvT3F9kSa3QdAgCg0bfZ/OfZdvO/NB5qqHdffg9lNCLuj4jtEfFAROyIiAcjanV3RsTDK2y/+Q5J6/wnvbqqwJYpm/+9kN/bunP+lxZVRgfy3LZa/EPJiVOVuYP5NjkQQxuy/GSXNr57+ZfPOpU1zv+yJWu/mAvm/bg62HSBbnZ6cfr/xNzo2scRuwfbxZ9EcRsniYhdEbF7lW2cevqrPZ3KmuLPNnNT/F304D5T9cuIp+r7fyma4i8kHe9PTj5/dOrIxMaozB2cKI6KVj/9fPmN1rX15//v/b+2sv2/ue3xX+/fUMRosjFi4cLF07X7tQsrb+Pyb592PKdZ7fE/nLxVSw/n6z6YXlw8NxkxnLzWun7q9mOLfFE/i//A/vbjf3vc3hKPRER2EO+NiH0R8Wje98ci4vGI2N8pwN93xg8vPfHeyuPvclW+h7L4Z7vs/+wlL0vd3v/NB8JSm6I7EwOnv/+mU/vL2/+Ha6kD+ZrlvP516U67IAAAAOCeltY+A5+k47fSaTo+Xv8M/47YnFbmFxafOTF//uxs/bPyozGUFle6Rhquh07m14aL/FRT/lB+3fjzgU21/PjMfGW27OChz23pMP4zfwyU3Ttgzfm+FvQv4x/6l/EP/cv4h/5l/EP/ajf+PyqhH8DdVxv/adm9AMpQG//n95XdDaAEzv+hfxn/0Jc6fjc+7Vwk0dPEpsh/CmGd9GeZiUjXRTfWWyKWInr3hHHh4unBZf8xi9Ulkmhb1P11o/UXNgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANanfwMAAP//0JjdTg==")
r4 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r4, 0x89f1, &(0x7f0000000440)={'sit0\x00', &(0x7f0000000400)={'syztnl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @broadcast}}}})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r4, 0x89f3, &(0x7f0000000940)={'syztnl0\x00', &(0x7f0000000140)={'ip_vti0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @loopback}}}})
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_int(r5, 0x6, 0x22, &(0x7f0000000000)=0x1, 0xfefb)
sendto$inet(r4, &(0x7f0000000640)="68e0112722e41f6e2687fe9503c1e9afd447faf9ea7339696f23641398d90d1c7a5e106df73991f23e6ad120e7e788aa4254c177c10ae607a63db6b4ac1efaef380752040884a80f94aa5b330b00000000000000e9192dff1d6a8a9cdeb809338f1167feb6a87cf63e2638cce6ff04204a3b5ca558837ea4bff2fe0e00d7907f0b7e127d452af73ad5d5389f2fe57a6f45580df5e204de69ee7bae351a056d59ddca5bbc345bf9f86ed144c92a0fe672ddb0494fa158e30048af185c35e9f0079ca7345ba61d233ba6b9b851df932a5dd459b68d3ff4d08d3a46125acb16158105885f3e5008661b1c70ceb430b847e533e3f9d36d8517e80db71e7c44f759e6cc6a65", 0x103, 0x24048091, &(0x7f0000000540)={0x2, 0x4ea7, @multicast1}, 0x10)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000400)=0xe)
r7 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r7)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r8 = inotify_init1(0x0)
fcntl$setown(r8, 0x8, r0)
fcntl$getownex(r8, 0x10, &(0x7f0000000140)={0x0, <r9=>0x0})
syz_mount_image$udf(&(0x7f00000019c0), &(0x7f0000000f40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xa00010, &(0x7f0000001180)=ANY=[@ANYBLOB, @ANYRESDEC=0x0, @ANYBLOB=',nostrict,anchor=00000000000000000004,gid=forget,longad,novrs,undelete,mode=00000000000000000000003,umask=00000000000000000000007,\x00'], 0x1, 0xc52, &(0x7f0000001a00)="$eJzs3U9sHNd9B/DfGy3FpdzWTOwqThoHm7ZIZcVy9S+mYhXuqqbZFpBlIhRzC8CVSKkLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBAhQIGMzsW3FJkQktiiIlfz629J2deW/mvZn1DC3ozQsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIOL3Xr10+kzaZsORA2gMAPBQXBn70umz2z3/AYDH1tWd/v8fAAAAAAAAAAAAAAA4LFIU8VSkmLuyliaqzx31y+2+23fGh0e2rzaQqppHqvLlr/qZs+fOf+HFoQvdvNye+Tn1H7RPxetjVy81Xpm9NTc/tbAwNdkYn2lfn52c2vUe9lp/q5PVCWjceuP25I0bC42zL5zbtPnO4Af9TxwfvDj03Klnu2XHh0dGxjaK1HvL1+67IR07jfA4GkWcihTPf/tHqRURRez9XNQf7rXfaqDqxMmqE+PDI1VHptutmcVy42j3RBQRjZ5Kze452v5aRK3vofZhZ82IpbL5ZYNPlt0bm2vNt65NTzVGW/OL7cX27Mxo6rS27E8jiriQIpYjYrX/3t31RRG1SPHNJ9fStfzWj+o8fL4aGLxzO4p97OMulO1s9EUsF4/ANTvE+qOI1yLFj989Edfzfaa613wu4rUyvxvxdpkvR6Tyi3E+4v1tvkc8mmpRxF+U1//iWpqs7gfd+8rlLzf+cObGbE/Z7n3lQz4f7rlTHNDzYWBLPhyH/N5UjyJa1R1/Ld3/DzsAAAAAAAAAAAAAAAAAPGgDUcQnI8Wr//7H1bjiqMalP3lx6PcHf7l3zPgzv2A/ZdkXImKp2N2Y3KN5YOBoGk3pgMcSf5TVo4g/yeP/vn7QjQEAAAAAAAAAAAAAAAAAAPhIK+KHkeKl906k5eidU7w9c7NxtXVtujMrbHfu3+6c6evr6+uN1MlmzomcSzmXc67kXM0ZRa7f39lRM3+eyLmUcznnSs7VnHEk18/ZzDmRcynncs6VnKs5o5br52zmnMi5lHM550rO1ZxxSObuBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4nBRRxE8jxTe+upYiRUQzYiI6udJ/0K0DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEr9qYjvRIrGHzTvrqtFRKr+7ThR/nY+mkfL/Hg0h8p8OZqXcraqrDW/fgDtZ2/6UhE/iBT99XfuXvB8/fs6n+5+DeLtr0UM5OVP1Tp5pLtx8IP+J44/eXFo5DPP7LSctmvAycvtmdt3GuPDIyNjPatr+egf71k3mI9bPJiuExELb771Rmt6emr+fhaOVgvlV+C+qj9yC6n2UemphWohaoeiGQfT903qB3WDYl+Vz//3I8Vvv/cf3Qd+5/lfj1/qfLr7hI+f/OnGTwMvbd3RLp//ta318vO/fKZv9/x/qmfdS/mnkb5aRH3x1lzf8Yj6wptvnWrfat2cujk1c/706S8ODX3x3Om+oxH1G+3pqZ6lB3K6AAAAAAAAAAAAAAAAAB6eVMTvRorWD9ZSIyLuVOO1Bi8OPXfq2SNxpBpvtWnc9utjVy81Xpm9NTc/tbAwNdkYn2lfn52c2u3h6tVwr/HhkX3pzC80sM/tH6i/Mjv35nz75h8tbrv9WP3StYXF+db17TfHQBQRzd41J6sGjw+PVI2ebrdmqqqj2w6m//D6UhH/GSmun2+kz+Z1efz/1hH+1fj/7mGXtu7oAY7//8yxjfF/H+spWh4zpSJ+Eil+6y+fic9W7TwW95yzXO5vI8XJC5/O5eJoWa7bhs57BTojA8uy/xsp/vGnm8t2x0M+tVH2zIc6uY+A8vo/GSm+8+ffil/P6za//2H7639s64726f0PT/esO7bpfQV77jr5+p+KFC8/9U78RrXm/3/u+z+679440Sm88X6Ofbr+v9qzbjAf9zcfVOcBAAAAAAAAAAAeYX2piL+LFN8bqaUX87rd/P2/ya072qe///WJnnWTe52vaJcLez6pAAAAAHBI9KUifhgpbi6+c3cM9ebx3z3jP39nY/zncNqytfpzvl+p3hvwIP/8r9dgPu7E3rsNAAAAAAAAAAAAAAAAAAAAh0pKRbyY51OfqMbzT+44n/pKpHj1v5/P5dLxslx3HvjB6vf6ldmZU5emp2frsdi6Nj3VGJtrXZ8q6z4dKdb+5tO5blHNr96db74zx/vGXOzzkWLk77tlO3Oxd+cmf3qj7Jmy7McixX/9w+ayeWrqPHd0VfZsWfavI8VX/nn7ssc3yp4ry34rUnz/K41u2WNl2e77UT+xUfaF67PFPlwVAAAAAAAAAAAAAAAAAAAAPmr6UhF/Fin+59by3bH8ef7/vp6Plbe/1jPf/xZ3qnn+B6v5/3davp/5/6v3CiztdFQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHg8pSjirUgxd2UtrfSXnzvql9tF3BkfHtm+2kCqah6pype/6mfOnjv/hReHLnTzcnvm9s71H7RPxutjVy81Xpm9NTc/tbAwNdkYn2lfn52c2vUe9lp/q5PVCWjceuP25I0bC42zL5zbtPnO4Af9TxwfvDj03Klnu2XHh0dGxnrK1Pru++j3SDusPxpF/FWkeP7bP0rf648oYu/nov5wr/1WA1UnTladGB8eqToy3W7NLJYbR7snooho9FRqds/RQ7gWe9KMWCqbXzb4ZNm9sbnWfOva9FRjtDW/2F5sz86Mpk5ry/40oogLKWI5Ilb7791dXxTxRqT45pNr6V/6I450z8Pnr4x96fTZndtR7GMfd6FsZ6MvYrnY+ZodPcD2PSr6o4h/ihQ/fvdE/Gt/RC06v+JzEa+V+d2It6NzvVP5xTgf8f423yMeTbUo4v/K639xLb3bX94PuveVy19OSxGzPWW795VH/vnwMB3y50k9ivh+dcdfS//mv2sAAAAAAAAAAAAAAACAQ6SIX4sUL713IlXjg++OKW7P3GxcbV2b7gzr6479646ZXl9fX2+kTjZzTuRcyrmccyXnas4ocv2czTLr6+sT+fNSzuWcKzlXc8aRXD9nM+dEzqWcyzlXcq7mjFqun7OZcyLnUs7lnCs5V3PGIRm7BwAAAAAAAAAAAAAAAAAAPF6K6p8U3/jqWlrv78wvPRGdXDEf6GPvZwEAAP//0Pr2Kw==")
r10 = syz_open_procfs$pagemap(r9, &(0x7f0000000580))
ioctl$PAGEMAP_SCAN(r10, 0xc0606610, &(0x7f0000000200)={0x60, 0x0, &(0x7f0000245000/0x2000)=nil, &(0x7f00004c7000/0x1000)=nil, 0x0, 0x0, 0x0, 0x1bb, 0x0, 0x0, 0x6a, 0x55})

program crashed: BUG: unable to handle kernel paging request in do_pagemap_cmd
testing program (duration=42.766832175s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_emit_vhci-tgkill-syz_clone-socket$nl_generic-syz_genetlink_get_family_id$nl80211-sendmsg$NL80211_CMD_SET_TID_CONFIG-socket$nl_xfrm-sendmsg$nl_xfrm-prctl$PR_SET_TAGGED_ADDR_CTRL-syz_mount_image$ext4-socket$inet_udp-ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL-ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL-socket$inet_mptcp-setsockopt$inet_tcp_int-sendto$inet-openat$ptmx-ioctl$TIOCSETD-syz_open_procfs-fchdir-mount-inotify_init1-fcntl$setown-fcntl$getownex-syz_mount_image$udf-syz_open_procfs$pagemap
detailed listing:
executing program 0:
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="043e110b07"], 0xfc)
tgkill(0x0, 0x0, 0xf)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000800), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r2, @ANYBLOB="000200000000000061711110000008000300", @ANYRES32=0x0, @ANYBLOB="04001d80"], 0x20}, 0x1, 0x0, 0x0, 0x4040}, 0x4008081)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYBLOB="c400000019000100000000000000000000000000000000000000000000000000fc00000000000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000d480b92514d5e8000000000000000000000000000000000000000000000000004000000000000000000000000c0008ff6689d0f18d21984bae27349b3170062f340e28c0e2184fbc39bff232fc7ea117c714471ce62fa2a445dfbbe6d535e5ca5ced13b20ea2af43ae31881f67cda9267061dca64186e4c229ca6456f25343923f058fd7bb990eb661a642fa08fb00"/216], 0xc4}}, 0x0)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000080), 0x1, 0x478, &(0x7f0000000dc0)="$eJzs3c9vFFUcAPDvTH/w21ZEEQSsopH4o6Xlhxy8aDTxoImJHjCealsIslBDSyKEaPWAR0Pi3Xg08S/wpBejnky8arwaEmK4gCYma2Z3Bpb9ZVu3TMN+PsnAe/Pe7nvfmXm7b2Z2uwH0rbHsnyRia0T8GhEj9eydFcbq/928fmnmr+uXZpKoVt/8M6nVu3H90kxRtXjclnqmWs3zG9q0e/mdiOlKZe5cnp9YPPP+xMKFi8+dOjN9cu7k3NmpY8cOH9o7fHTqyCqiSlrWZHHd2P3h/J5dr7595fWZ41fe/fHrrNbWvLwxjl4Zq2/dtp7sdWMl29aQTgZL7Agr8k9EZLtrqDb+R2IgNt0qG4lXPim1c8Caqlar1Xbvz7mlKnAPS6LsHgDlKN7os/PfYrlLU4914dqL9ROgLO6b+VIvGYw0Ijbm50bb1qj9sYg4vvT3F9kSa3QdAgCg0bfZ/OfZdvO/NB5qqHdffg9lNCLuj4jtEfFAROyIiAcjanV3RsTDK2y/+Q5J6/wnvbqqwJYpm/+9kN/bunP+lxZVRgfy3LZa/EPJiVOVuYP5NjkQQxuy/GSXNr57+ZfPOpU1zv+yJWu/mAvm/bg62HSBbnZ6cfr/xNzo2scRuwfbxZ9EcRsniYhdEbF7lW2cevqrPZ3KmuLPNnNT/F304D5T9cuIp+r7fyma4i8kHe9PTj5/dOrIxMaozB2cKI6KVj/9fPmN1rX15//v/b+2sv2/ue3xX+/fUMRosjFi4cLF07X7tQsrb+Pyb592PKdZ7fE/nLxVSw/n6z6YXlw8NxkxnLzWun7q9mOLfFE/i//A/vbjf3vc3hKPRER2EO+NiH0R8Wje98ci4vGI2N8pwN93xg8vPfHeyuPvclW+h7L4Z7vs/+wlL0vd3v/NB8JSm6I7EwOnv/+mU/vL2/+Ha6kD+ZrlvP516U67IAAAAOCeltY+A5+k47fSaTo+Xv8M/47YnFbmFxafOTF//uxs/bPyozGUFle6Rhquh07m14aL/FRT/lB+3fjzgU21/PjMfGW27OChz23pMP4zfwyU3Ttgzfm+FvQv4x/6l/EP/cv4h/5l/EP/ajf+PyqhH8DdVxv/adm9AMpQG//n95XdDaAEzv+hfxn/0Jc6fjc+7Vwk0dPEpsh/CmGd9GeZiUjXRTfWWyKWInr3hHHh4unBZf8xi9Ulkmhb1P11o/UXNgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANanfwMAAP//0JjdTg==")
r4 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r4, 0x89f1, &(0x7f0000000440)={'sit0\x00', &(0x7f0000000400)={'syztnl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @broadcast}}}})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r4, 0x89f3, &(0x7f0000000940)={'syztnl0\x00', &(0x7f0000000140)={'ip_vti0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @loopback}}}})
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_int(r5, 0x6, 0x22, &(0x7f0000000000)=0x1, 0xfefb)
sendto$inet(r4, &(0x7f0000000640)="68e0112722e41f6e2687fe9503c1e9afd447faf9ea7339696f23641398d90d1c7a5e106df73991f23e6ad120e7e788aa4254c177c10ae607a63db6b4ac1efaef380752040884a80f94aa5b330b00000000000000e9192dff1d6a8a9cdeb809338f1167feb6a87cf63e2638cce6ff04204a3b5ca558837ea4bff2fe0e00d7907f0b7e127d452af73ad5d5389f2fe57a6f45580df5e204de69ee7bae351a056d59ddca5bbc345bf9f86ed144c92a0fe672ddb0494fa158e30048af185c35e9f0079ca7345ba61d233ba6b9b851df932a5dd459b68d3ff4d08d3a46125acb16158105885f3e5008661b1c70ceb430b847e533e3f9d36d8517e80db71e7c44f759e6cc6a65", 0x103, 0x24048091, &(0x7f0000000540)={0x2, 0x4ea7, @multicast1}, 0x10)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000400)=0xe)
r7 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r7)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r8 = inotify_init1(0x0)
fcntl$setown(r8, 0x8, r0)
fcntl$getownex(r8, 0x10, &(0x7f0000000140)={0x0, <r9=>0x0})
syz_mount_image$udf(&(0x7f00000019c0), &(0x7f0000000f40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xa00010, &(0x7f0000001180)=ANY=[@ANYBLOB, @ANYRESDEC=0x0, @ANYBLOB=',nostrict,anchor=00000000000000000004,gid=forget,longad,novrs,undelete,mode=00000000000000000000003,umask=00000000000000000000007,\x00'], 0x1, 0xc52, &(0x7f0000001a00)="$eJzs3U9sHNd9B/DfGy3FpdzWTOwqThoHm7ZIZcVy9S+mYhXuqqbZFpBlIhRzC8CVSKkLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBAhQIGMzsW3FJkQktiiIlfz629J2deW/mvZn1DC3ozQsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIOL3Xr10+kzaZsORA2gMAPBQXBn70umz2z3/AYDH1tWd/v8fAAAAAAAAAAAAAAA4LFIU8VSkmLuyliaqzx31y+2+23fGh0e2rzaQqppHqvLlr/qZs+fOf+HFoQvdvNye+Tn1H7RPxetjVy81Xpm9NTc/tbAwNdkYn2lfn52c2vUe9lp/q5PVCWjceuP25I0bC42zL5zbtPnO4Af9TxwfvDj03Klnu2XHh0dGxjaK1HvL1+67IR07jfA4GkWcihTPf/tHqRURRez9XNQf7rXfaqDqxMmqE+PDI1VHptutmcVy42j3RBQRjZ5Kze452v5aRK3vofZhZ82IpbL5ZYNPlt0bm2vNt65NTzVGW/OL7cX27Mxo6rS27E8jiriQIpYjYrX/3t31RRG1SPHNJ9fStfzWj+o8fL4aGLxzO4p97OMulO1s9EUsF4/ANTvE+qOI1yLFj989Edfzfaa613wu4rUyvxvxdpkvR6Tyi3E+4v1tvkc8mmpRxF+U1//iWpqs7gfd+8rlLzf+cObGbE/Z7n3lQz4f7rlTHNDzYWBLPhyH/N5UjyJa1R1/Ld3/DzsAAAAAAAAAAAAAAAAAPGgDUcQnI8Wr//7H1bjiqMalP3lx6PcHf7l3zPgzv2A/ZdkXImKp2N2Y3KN5YOBoGk3pgMcSf5TVo4g/yeP/vn7QjQEAAAAAAAAAAAAAAAAAAPhIK+KHkeKl906k5eidU7w9c7NxtXVtujMrbHfu3+6c6evr6+uN1MlmzomcSzmXc67kXM0ZRa7f39lRM3+eyLmUcznnSs7VnHEk18/ZzDmRcynncs6VnKs5o5br52zmnMi5lHM550rO1ZxxSObuBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4nBRRxE8jxTe+upYiRUQzYiI6udJ/0K0DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEr9qYjvRIrGHzTvrqtFRKr+7ThR/nY+mkfL/Hg0h8p8OZqXcraqrDW/fgDtZ2/6UhE/iBT99XfuXvB8/fs6n+5+DeLtr0UM5OVP1Tp5pLtx8IP+J44/eXFo5DPP7LSctmvAycvtmdt3GuPDIyNjPatr+egf71k3mI9bPJiuExELb771Rmt6emr+fhaOVgvlV+C+qj9yC6n2UemphWohaoeiGQfT903qB3WDYl+Vz//3I8Vvv/cf3Qd+5/lfj1/qfLr7hI+f/OnGTwMvbd3RLp//ta318vO/fKZv9/x/qmfdS/mnkb5aRH3x1lzf8Yj6wptvnWrfat2cujk1c/706S8ODX3x3Om+oxH1G+3pqZ6lB3K6AAAAAAAAAAAAAAAAAB6eVMTvRorWD9ZSIyLuVOO1Bi8OPXfq2SNxpBpvtWnc9utjVy81Xpm9NTc/tbAwNdkYn2lfn52c2u3h6tVwr/HhkX3pzC80sM/tH6i/Mjv35nz75h8tbrv9WP3StYXF+db17TfHQBQRzd41J6sGjw+PVI2ebrdmqqqj2w6m//D6UhH/GSmun2+kz+Z1efz/1hH+1fj/7mGXtu7oAY7//8yxjfF/H+spWh4zpSJ+Eil+6y+fic9W7TwW95yzXO5vI8XJC5/O5eJoWa7bhs57BTojA8uy/xsp/vGnm8t2x0M+tVH2zIc6uY+A8vo/GSm+8+ffil/P6za//2H7639s64726f0PT/esO7bpfQV77jr5+p+KFC8/9U78RrXm/3/u+z+679440Sm88X6Ofbr+v9qzbjAf9zcfVOcBAAAAAAAAAAAeYX2piL+LFN8bqaUX87rd/P2/ya072qe///WJnnWTe52vaJcLez6pAAAAAHBI9KUifhgpbi6+c3cM9ebx3z3jP39nY/zncNqytfpzvl+p3hvwIP/8r9dgPu7E3rsNAAAAAAAAAAAAAAAAAAAAh0pKRbyY51OfqMbzT+44n/pKpHj1v5/P5dLxslx3HvjB6vf6ldmZU5emp2frsdi6Nj3VGJtrXZ8q6z4dKdb+5tO5blHNr96db74zx/vGXOzzkWLk77tlO3Oxd+cmf3qj7Jmy7McixX/9w+ayeWrqPHd0VfZsWfavI8VX/nn7ssc3yp4ry34rUnz/K41u2WNl2e77UT+xUfaF67PFPlwVAAAAAAAAAAAAAAAAAAAAPmr6UhF/Fin+59by3bH8ef7/vp6Plbe/1jPf/xZ3qnn+B6v5/3davp/5/6v3CiztdFQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHg8pSjirUgxd2UtrfSXnzvql9tF3BkfHtm+2kCqah6pype/6mfOnjv/hReHLnTzcnvm9s71H7RPxutjVy81Xpm9NTc/tbAwNdkYn2lfn52c2vUe9lp/q5PVCWjceuP25I0bC42zL5zbtPnO4Af9TxwfvDj03Klnu2XHh0dGxnrK1Pru++j3SDusPxpF/FWkeP7bP0rf648oYu/nov5wr/1WA1UnTladGB8eqToy3W7NLJYbR7snooho9FRqds/RQ7gWe9KMWCqbXzb4ZNm9sbnWfOva9FRjtDW/2F5sz86Mpk5ry/40oogLKWI5Ilb7791dXxTxRqT45pNr6V/6I450z8Pnr4x96fTZndtR7GMfd6FsZ6MvYrnY+ZodPcD2PSr6o4h/ihQ/fvdE/Gt/RC06v+JzEa+V+d2It6NzvVP5xTgf8f423yMeTbUo4v/K639xLb3bX94PuveVy19OSxGzPWW795VH/vnwMB3y50k9ivh+dcdfS//mv2sAAAAAAAAAAAAAAACAQ6SIX4sUL713IlXjg++OKW7P3GxcbV2b7gzr6479646ZXl9fX2+kTjZzTuRcyrmccyXnas4ocv2czTLr6+sT+fNSzuWcKzlXc8aRXD9nM+dEzqWcyzlXcq7mjFqun7OZcyLnUs7lnCs5V3PGIRm7BwAAAAAAAAAAAAAAAAAAPF6K6p8U3/jqWlrv78wvPRGdXDEf6GPvZwEAAP//0Pr2Kw==")
syz_open_procfs$pagemap(r9, &(0x7f0000000580))

program did not crash
testing program (duration=42.766832175s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_emit_vhci-tgkill-syz_clone-socket$nl_generic-syz_genetlink_get_family_id$nl80211-sendmsg$NL80211_CMD_SET_TID_CONFIG-socket$nl_xfrm-sendmsg$nl_xfrm-prctl$PR_SET_TAGGED_ADDR_CTRL-syz_mount_image$ext4-socket$inet_udp-ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL-ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL-socket$inet_mptcp-setsockopt$inet_tcp_int-sendto$inet-openat$ptmx-ioctl$TIOCSETD-syz_open_procfs-fchdir-mount-inotify_init1-fcntl$setown-fcntl$getownex-syz_mount_image$udf-ioctl$PAGEMAP_SCAN
detailed listing:
executing program 0:
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="043e110b07"], 0xfc)
tgkill(0x0, 0x0, 0xf)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000800), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r2, @ANYBLOB="000200000000000061711110000008000300", @ANYRES32=0x0, @ANYBLOB="04001d80"], 0x20}, 0x1, 0x0, 0x0, 0x4040}, 0x4008081)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYBLOB="c400000019000100000000000000000000000000000000000000000000000000fc00000000000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000d480b92514d5e8000000000000000000000000000000000000000000000000004000000000000000000000000c0008ff6689d0f18d21984bae27349b3170062f340e28c0e2184fbc39bff232fc7ea117c714471ce62fa2a445dfbbe6d535e5ca5ced13b20ea2af43ae31881f67cda9267061dca64186e4c229ca6456f25343923f058fd7bb990eb661a642fa08fb00"/216], 0xc4}}, 0x0)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000080), 0x1, 0x478, &(0x7f0000000dc0)="$eJzs3c9vFFUcAPDvTH/w21ZEEQSsopH4o6Xlhxy8aDTxoImJHjCealsIslBDSyKEaPWAR0Pi3Xg08S/wpBejnky8arwaEmK4gCYma2Z3Bpb9ZVu3TMN+PsnAe/Pe7nvfmXm7b2Z2uwH0rbHsnyRia0T8GhEj9eydFcbq/928fmnmr+uXZpKoVt/8M6nVu3H90kxRtXjclnqmWs3zG9q0e/mdiOlKZe5cnp9YPPP+xMKFi8+dOjN9cu7k3NmpY8cOH9o7fHTqyCqiSlrWZHHd2P3h/J5dr7595fWZ41fe/fHrrNbWvLwxjl4Zq2/dtp7sdWMl29aQTgZL7Agr8k9EZLtrqDb+R2IgNt0qG4lXPim1c8Caqlar1Xbvz7mlKnAPS6LsHgDlKN7os/PfYrlLU4914dqL9ROgLO6b+VIvGYw0Ijbm50bb1qj9sYg4vvT3F9kSa3QdAgCg0bfZ/OfZdvO/NB5qqHdffg9lNCLuj4jtEfFAROyIiAcjanV3RsTDK2y/+Q5J6/wnvbqqwJYpm/+9kN/bunP+lxZVRgfy3LZa/EPJiVOVuYP5NjkQQxuy/GSXNr57+ZfPOpU1zv+yJWu/mAvm/bg62HSBbnZ6cfr/xNzo2scRuwfbxZ9EcRsniYhdEbF7lW2cevqrPZ3KmuLPNnNT/F304D5T9cuIp+r7fyma4i8kHe9PTj5/dOrIxMaozB2cKI6KVj/9fPmN1rX15//v/b+2sv2/ue3xX+/fUMRosjFi4cLF07X7tQsrb+Pyb592PKdZ7fE/nLxVSw/n6z6YXlw8NxkxnLzWun7q9mOLfFE/i//A/vbjf3vc3hKPRER2EO+NiH0R8Wje98ci4vGI2N8pwN93xg8vPfHeyuPvclW+h7L4Z7vs/+wlL0vd3v/NB8JSm6I7EwOnv/+mU/vL2/+Ha6kD+ZrlvP516U67IAAAAOCeltY+A5+k47fSaTo+Xv8M/47YnFbmFxafOTF//uxs/bPyozGUFle6Rhquh07m14aL/FRT/lB+3fjzgU21/PjMfGW27OChz23pMP4zfwyU3Ttgzfm+FvQv4x/6l/EP/cv4h/5l/EP/ajf+PyqhH8DdVxv/adm9AMpQG//n95XdDaAEzv+hfxn/0Jc6fjc+7Vwk0dPEpsh/CmGd9GeZiUjXRTfWWyKWInr3hHHh4unBZf8xi9Ulkmhb1P11o/UXNgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANanfwMAAP//0JjdTg==")
r4 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r4, 0x89f1, &(0x7f0000000440)={'sit0\x00', &(0x7f0000000400)={'syztnl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @broadcast}}}})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r4, 0x89f3, &(0x7f0000000940)={'syztnl0\x00', &(0x7f0000000140)={'ip_vti0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @loopback}}}})
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_int(r5, 0x6, 0x22, &(0x7f0000000000)=0x1, 0xfefb)
sendto$inet(r4, &(0x7f0000000640)="68e0112722e41f6e2687fe9503c1e9afd447faf9ea7339696f23641398d90d1c7a5e106df73991f23e6ad120e7e788aa4254c177c10ae607a63db6b4ac1efaef380752040884a80f94aa5b330b00000000000000e9192dff1d6a8a9cdeb809338f1167feb6a87cf63e2638cce6ff04204a3b5ca558837ea4bff2fe0e00d7907f0b7e127d452af73ad5d5389f2fe57a6f45580df5e204de69ee7bae351a056d59ddca5bbc345bf9f86ed144c92a0fe672ddb0494fa158e30048af185c35e9f0079ca7345ba61d233ba6b9b851df932a5dd459b68d3ff4d08d3a46125acb16158105885f3e5008661b1c70ceb430b847e533e3f9d36d8517e80db71e7c44f759e6cc6a65", 0x103, 0x24048091, &(0x7f0000000540)={0x2, 0x4ea7, @multicast1}, 0x10)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000400)=0xe)
r7 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r7)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r8 = inotify_init1(0x0)
fcntl$setown(r8, 0x8, r0)
fcntl$getownex(r8, 0x10, &(0x7f0000000140))
syz_mount_image$udf(&(0x7f00000019c0), &(0x7f0000000f40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xa00010, &(0x7f0000001180)=ANY=[@ANYBLOB, @ANYRESDEC=0x0, @ANYBLOB=',nostrict,anchor=00000000000000000004,gid=forget,longad,novrs,undelete,mode=00000000000000000000003,umask=00000000000000000000007,\x00'], 0x1, 0xc52, &(0x7f0000001a00)="$eJzs3U9sHNd9B/DfGy3FpdzWTOwqThoHm7ZIZcVy9S+mYhXuqqbZFpBlIhRzC8CVSKkLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBAhQIGMzsW3FJkQktiiIlfz629J2deW/mvZn1DC3ozQsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIOL3Xr10+kzaZsORA2gMAPBQXBn70umz2z3/AYDH1tWd/v8fAAAAAAAAAAAAAAA4LFIU8VSkmLuyliaqzx31y+2+23fGh0e2rzaQqppHqvLlr/qZs+fOf+HFoQvdvNye+Tn1H7RPxetjVy81Xpm9NTc/tbAwNdkYn2lfn52c2vUe9lp/q5PVCWjceuP25I0bC42zL5zbtPnO4Af9TxwfvDj03Klnu2XHh0dGxjaK1HvL1+67IR07jfA4GkWcihTPf/tHqRURRez9XNQf7rXfaqDqxMmqE+PDI1VHptutmcVy42j3RBQRjZ5Kze452v5aRK3vofZhZ82IpbL5ZYNPlt0bm2vNt65NTzVGW/OL7cX27Mxo6rS27E8jiriQIpYjYrX/3t31RRG1SPHNJ9fStfzWj+o8fL4aGLxzO4p97OMulO1s9EUsF4/ANTvE+qOI1yLFj989Edfzfaa613wu4rUyvxvxdpkvR6Tyi3E+4v1tvkc8mmpRxF+U1//iWpqs7gfd+8rlLzf+cObGbE/Z7n3lQz4f7rlTHNDzYWBLPhyH/N5UjyJa1R1/Ld3/DzsAAAAAAAAAAAAAAAAAPGgDUcQnI8Wr//7H1bjiqMalP3lx6PcHf7l3zPgzv2A/ZdkXImKp2N2Y3KN5YOBoGk3pgMcSf5TVo4g/yeP/vn7QjQEAAAAAAAAAAAAAAAAAAPhIK+KHkeKl906k5eidU7w9c7NxtXVtujMrbHfu3+6c6evr6+uN1MlmzomcSzmXc67kXM0ZRa7f39lRM3+eyLmUcznnSs7VnHEk18/ZzDmRcynncs6VnKs5o5br52zmnMi5lHM550rO1ZxxSObuBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4nBRRxE8jxTe+upYiRUQzYiI6udJ/0K0DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEr9qYjvRIrGHzTvrqtFRKr+7ThR/nY+mkfL/Hg0h8p8OZqXcraqrDW/fgDtZ2/6UhE/iBT99XfuXvB8/fs6n+5+DeLtr0UM5OVP1Tp5pLtx8IP+J44/eXFo5DPP7LSctmvAycvtmdt3GuPDIyNjPatr+egf71k3mI9bPJiuExELb771Rmt6emr+fhaOVgvlV+C+qj9yC6n2UemphWohaoeiGQfT903qB3WDYl+Vz//3I8Vvv/cf3Qd+5/lfj1/qfLr7hI+f/OnGTwMvbd3RLp//ta318vO/fKZv9/x/qmfdS/mnkb5aRH3x1lzf8Yj6wptvnWrfat2cujk1c/706S8ODX3x3Om+oxH1G+3pqZ6lB3K6AAAAAAAAAAAAAAAAAB6eVMTvRorWD9ZSIyLuVOO1Bi8OPXfq2SNxpBpvtWnc9utjVy81Xpm9NTc/tbAwNdkYn2lfn52c2u3h6tVwr/HhkX3pzC80sM/tH6i/Mjv35nz75h8tbrv9WP3StYXF+db17TfHQBQRzd41J6sGjw+PVI2ebrdmqqqj2w6m//D6UhH/GSmun2+kz+Z1efz/1hH+1fj/7mGXtu7oAY7//8yxjfF/H+spWh4zpSJ+Eil+6y+fic9W7TwW95yzXO5vI8XJC5/O5eJoWa7bhs57BTojA8uy/xsp/vGnm8t2x0M+tVH2zIc6uY+A8vo/GSm+8+ffil/P6za//2H7639s64726f0PT/esO7bpfQV77jr5+p+KFC8/9U78RrXm/3/u+z+679440Sm88X6Ofbr+v9qzbjAf9zcfVOcBAAAAAAAAAAAeYX2piL+LFN8bqaUX87rd/P2/ya072qe///WJnnWTe52vaJcLez6pAAAAAHBI9KUifhgpbi6+c3cM9ebx3z3jP39nY/zncNqytfpzvl+p3hvwIP/8r9dgPu7E3rsNAAAAAAAAAAAAAAAAAAAAh0pKRbyY51OfqMbzT+44n/pKpHj1v5/P5dLxslx3HvjB6vf6ldmZU5emp2frsdi6Nj3VGJtrXZ8q6z4dKdb+5tO5blHNr96db74zx/vGXOzzkWLk77tlO3Oxd+cmf3qj7Jmy7McixX/9w+ayeWrqPHd0VfZsWfavI8VX/nn7ssc3yp4ry34rUnz/K41u2WNl2e77UT+xUfaF67PFPlwVAAAAAAAAAAAAAAAAAAAAPmr6UhF/Fin+59by3bH8ef7/vp6Plbe/1jPf/xZ3qnn+B6v5/3davp/5/6v3CiztdFQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHg8pSjirUgxd2UtrfSXnzvql9tF3BkfHtm+2kCqah6pype/6mfOnjv/hReHLnTzcnvm9s71H7RPxutjVy81Xpm9NTc/tbAwNdkYn2lfn52c2vUe9lp/q5PVCWjceuP25I0bC42zL5zbtPnO4Af9TxwfvDj03Klnu2XHh0dGxnrK1Pru++j3SDusPxpF/FWkeP7bP0rf648oYu/nov5wr/1WA1UnTladGB8eqToy3W7NLJYbR7snooho9FRqds/RQ7gWe9KMWCqbXzb4ZNm9sbnWfOva9FRjtDW/2F5sz86Mpk5ry/40oogLKWI5Ilb7791dXxTxRqT45pNr6V/6I450z8Pnr4x96fTZndtR7GMfd6FsZ6MvYrnY+ZodPcD2PSr6o4h/ihQ/fvdE/Gt/RC06v+JzEa+V+d2It6NzvVP5xTgf8f423yMeTbUo4v/K639xLb3bX94PuveVy19OSxGzPWW795VH/vnwMB3y50k9ivh+dcdfS//mv2sAAAAAAAAAAAAAAACAQ6SIX4sUL713IlXjg++OKW7P3GxcbV2b7gzr6479646ZXl9fX2+kTjZzTuRcyrmccyXnas4ocv2czTLr6+sT+fNSzuWcKzlXc8aRXD9nM+dEzqWcyzlXcq7mjFqun7OZcyLnUs7lnCs5V3PGIRm7BwAAAAAAAAAAAAAAAAAAPF6K6p8U3/jqWlrv78wvPRGdXDEf6GPvZwEAAP//0Pr2Kw==")
ioctl$PAGEMAP_SCAN(0xffffffffffffffff, 0xc0606610, &(0x7f0000000200)={0x60, 0x0, &(0x7f0000245000/0x2000)=nil, &(0x7f00004c7000/0x1000)=nil, 0x0, 0x0, 0x0, 0x1bb, 0x0, 0x0, 0x6a, 0x55})

program did not crash
testing program (duration=42.766832175s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_emit_vhci-tgkill-syz_clone-socket$nl_generic-syz_genetlink_get_family_id$nl80211-sendmsg$NL80211_CMD_SET_TID_CONFIG-socket$nl_xfrm-sendmsg$nl_xfrm-prctl$PR_SET_TAGGED_ADDR_CTRL-syz_mount_image$ext4-socket$inet_udp-ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL-ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL-socket$inet_mptcp-setsockopt$inet_tcp_int-sendto$inet-openat$ptmx-ioctl$TIOCSETD-syz_open_procfs-fchdir-mount-inotify_init1-fcntl$setown-fcntl$getownex-syz_open_procfs$pagemap-ioctl$PAGEMAP_SCAN
detailed listing:
executing program 0:
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="043e110b07"], 0xfc)
tgkill(0x0, 0x0, 0xf)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000800), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r2, @ANYBLOB="000200000000000061711110000008000300", @ANYRES32=0x0, @ANYBLOB="04001d80"], 0x20}, 0x1, 0x0, 0x0, 0x4040}, 0x4008081)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYBLOB="c400000019000100000000000000000000000000000000000000000000000000fc00000000000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000d480b92514d5e8000000000000000000000000000000000000000000000000004000000000000000000000000c0008ff6689d0f18d21984bae27349b3170062f340e28c0e2184fbc39bff232fc7ea117c714471ce62fa2a445dfbbe6d535e5ca5ced13b20ea2af43ae31881f67cda9267061dca64186e4c229ca6456f25343923f058fd7bb990eb661a642fa08fb00"/216], 0xc4}}, 0x0)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000080), 0x1, 0x478, &(0x7f0000000dc0)="$eJzs3c9vFFUcAPDvTH/w21ZEEQSsopH4o6Xlhxy8aDTxoImJHjCealsIslBDSyKEaPWAR0Pi3Xg08S/wpBejnky8arwaEmK4gCYma2Z3Bpb9ZVu3TMN+PsnAe/Pe7nvfmXm7b2Z2uwH0rbHsnyRia0T8GhEj9eydFcbq/928fmnmr+uXZpKoVt/8M6nVu3H90kxRtXjclnqmWs3zG9q0e/mdiOlKZe5cnp9YPPP+xMKFi8+dOjN9cu7k3NmpY8cOH9o7fHTqyCqiSlrWZHHd2P3h/J5dr7595fWZ41fe/fHrrNbWvLwxjl4Zq2/dtp7sdWMl29aQTgZL7Agr8k9EZLtrqDb+R2IgNt0qG4lXPim1c8Caqlar1Xbvz7mlKnAPS6LsHgDlKN7os/PfYrlLU4914dqL9ROgLO6b+VIvGYw0Ijbm50bb1qj9sYg4vvT3F9kSa3QdAgCg0bfZ/OfZdvO/NB5qqHdffg9lNCLuj4jtEfFAROyIiAcjanV3RsTDK2y/+Q5J6/wnvbqqwJYpm/+9kN/bunP+lxZVRgfy3LZa/EPJiVOVuYP5NjkQQxuy/GSXNr57+ZfPOpU1zv+yJWu/mAvm/bg62HSBbnZ6cfr/xNzo2scRuwfbxZ9EcRsniYhdEbF7lW2cevqrPZ3KmuLPNnNT/F304D5T9cuIp+r7fyma4i8kHe9PTj5/dOrIxMaozB2cKI6KVj/9fPmN1rX15//v/b+2sv2/ue3xX+/fUMRosjFi4cLF07X7tQsrb+Pyb592PKdZ7fE/nLxVSw/n6z6YXlw8NxkxnLzWun7q9mOLfFE/i//A/vbjf3vc3hKPRER2EO+NiH0R8Wje98ci4vGI2N8pwN93xg8vPfHeyuPvclW+h7L4Z7vs/+wlL0vd3v/NB8JSm6I7EwOnv/+mU/vL2/+Ha6kD+ZrlvP516U67IAAAAOCeltY+A5+k47fSaTo+Xv8M/47YnFbmFxafOTF//uxs/bPyozGUFle6Rhquh07m14aL/FRT/lB+3fjzgU21/PjMfGW27OChz23pMP4zfwyU3Ttgzfm+FvQv4x/6l/EP/cv4h/5l/EP/ajf+PyqhH8DdVxv/adm9AMpQG//n95XdDaAEzv+hfxn/0Jc6fjc+7Vwk0dPEpsh/CmGd9GeZiUjXRTfWWyKWInr3hHHh4unBZf8xi9Ulkmhb1P11o/UXNgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANanfwMAAP//0JjdTg==")
r4 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r4, 0x89f1, &(0x7f0000000440)={'sit0\x00', &(0x7f0000000400)={'syztnl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @broadcast}}}})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r4, 0x89f3, &(0x7f0000000940)={'syztnl0\x00', &(0x7f0000000140)={'ip_vti0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @loopback}}}})
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_int(r5, 0x6, 0x22, &(0x7f0000000000)=0x1, 0xfefb)
sendto$inet(r4, &(0x7f0000000640)="68e0112722e41f6e2687fe9503c1e9afd447faf9ea7339696f23641398d90d1c7a5e106df73991f23e6ad120e7e788aa4254c177c10ae607a63db6b4ac1efaef380752040884a80f94aa5b330b00000000000000e9192dff1d6a8a9cdeb809338f1167feb6a87cf63e2638cce6ff04204a3b5ca558837ea4bff2fe0e00d7907f0b7e127d452af73ad5d5389f2fe57a6f45580df5e204de69ee7bae351a056d59ddca5bbc345bf9f86ed144c92a0fe672ddb0494fa158e30048af185c35e9f0079ca7345ba61d233ba6b9b851df932a5dd459b68d3ff4d08d3a46125acb16158105885f3e5008661b1c70ceb430b847e533e3f9d36d8517e80db71e7c44f759e6cc6a65", 0x103, 0x24048091, &(0x7f0000000540)={0x2, 0x4ea7, @multicast1}, 0x10)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000400)=0xe)
r7 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r7)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r8 = inotify_init1(0x0)
fcntl$setown(r8, 0x8, r0)
fcntl$getownex(r8, 0x10, &(0x7f0000000140)={0x0, <r9=>0x0})
r10 = syz_open_procfs$pagemap(r9, &(0x7f0000000580))
ioctl$PAGEMAP_SCAN(r10, 0xc0606610, &(0x7f0000000200)={0x60, 0x0, &(0x7f0000245000/0x2000)=nil, &(0x7f00004c7000/0x1000)=nil, 0x0, 0x0, 0x0, 0x1bb, 0x0, 0x0, 0x6a, 0x55})

program crashed: BUG: unable to handle kernel paging request in do_pagemap_cmd
testing program (duration=42.766832175s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_emit_vhci-tgkill-syz_clone-socket$nl_generic-syz_genetlink_get_family_id$nl80211-sendmsg$NL80211_CMD_SET_TID_CONFIG-socket$nl_xfrm-sendmsg$nl_xfrm-prctl$PR_SET_TAGGED_ADDR_CTRL-syz_mount_image$ext4-socket$inet_udp-ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL-ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL-socket$inet_mptcp-setsockopt$inet_tcp_int-sendto$inet-openat$ptmx-ioctl$TIOCSETD-syz_open_procfs-fchdir-mount-inotify_init1-fcntl$setown-syz_open_procfs$pagemap-ioctl$PAGEMAP_SCAN
detailed listing:
executing program 0:
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="043e110b07"], 0xfc)
tgkill(0x0, 0x0, 0xf)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000800), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r2, @ANYBLOB="000200000000000061711110000008000300", @ANYRES32=0x0, @ANYBLOB="04001d80"], 0x20}, 0x1, 0x0, 0x0, 0x4040}, 0x4008081)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYBLOB="c400000019000100000000000000000000000000000000000000000000000000fc00000000000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000d480b92514d5e8000000000000000000000000000000000000000000000000004000000000000000000000000c0008ff6689d0f18d21984bae27349b3170062f340e28c0e2184fbc39bff232fc7ea117c714471ce62fa2a445dfbbe6d535e5ca5ced13b20ea2af43ae31881f67cda9267061dca64186e4c229ca6456f25343923f058fd7bb990eb661a642fa08fb00"/216], 0xc4}}, 0x0)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000080), 0x1, 0x478, &(0x7f0000000dc0)="$eJzs3c9vFFUcAPDvTH/w21ZEEQSsopH4o6Xlhxy8aDTxoImJHjCealsIslBDSyKEaPWAR0Pi3Xg08S/wpBejnky8arwaEmK4gCYma2Z3Bpb9ZVu3TMN+PsnAe/Pe7nvfmXm7b2Z2uwH0rbHsnyRia0T8GhEj9eydFcbq/928fmnmr+uXZpKoVt/8M6nVu3H90kxRtXjclnqmWs3zG9q0e/mdiOlKZe5cnp9YPPP+xMKFi8+dOjN9cu7k3NmpY8cOH9o7fHTqyCqiSlrWZHHd2P3h/J5dr7595fWZ41fe/fHrrNbWvLwxjl4Zq2/dtp7sdWMl29aQTgZL7Agr8k9EZLtrqDb+R2IgNt0qG4lXPim1c8Caqlar1Xbvz7mlKnAPS6LsHgDlKN7os/PfYrlLU4914dqL9ROgLO6b+VIvGYw0Ijbm50bb1qj9sYg4vvT3F9kSa3QdAgCg0bfZ/OfZdvO/NB5qqHdffg9lNCLuj4jtEfFAROyIiAcjanV3RsTDK2y/+Q5J6/wnvbqqwJYpm/+9kN/bunP+lxZVRgfy3LZa/EPJiVOVuYP5NjkQQxuy/GSXNr57+ZfPOpU1zv+yJWu/mAvm/bg62HSBbnZ6cfr/xNzo2scRuwfbxZ9EcRsniYhdEbF7lW2cevqrPZ3KmuLPNnNT/F304D5T9cuIp+r7fyma4i8kHe9PTj5/dOrIxMaozB2cKI6KVj/9fPmN1rX15//v/b+2sv2/ue3xX+/fUMRosjFi4cLF07X7tQsrb+Pyb592PKdZ7fE/nLxVSw/n6z6YXlw8NxkxnLzWun7q9mOLfFE/i//A/vbjf3vc3hKPRER2EO+NiH0R8Wje98ci4vGI2N8pwN93xg8vPfHeyuPvclW+h7L4Z7vs/+wlL0vd3v/NB8JSm6I7EwOnv/+mU/vL2/+Ha6kD+ZrlvP516U67IAAAAOCeltY+A5+k47fSaTo+Xv8M/47YnFbmFxafOTF//uxs/bPyozGUFle6Rhquh07m14aL/FRT/lB+3fjzgU21/PjMfGW27OChz23pMP4zfwyU3Ttgzfm+FvQv4x/6l/EP/cv4h/5l/EP/ajf+PyqhH8DdVxv/adm9AMpQG//n95XdDaAEzv+hfxn/0Jc6fjc+7Vwk0dPEpsh/CmGd9GeZiUjXRTfWWyKWInr3hHHh4unBZf8xi9Ulkmhb1P11o/UXNgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANanfwMAAP//0JjdTg==")
r4 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r4, 0x89f1, &(0x7f0000000440)={'sit0\x00', &(0x7f0000000400)={'syztnl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @broadcast}}}})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r4, 0x89f3, &(0x7f0000000940)={'syztnl0\x00', &(0x7f0000000140)={'ip_vti0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @loopback}}}})
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_int(r5, 0x6, 0x22, &(0x7f0000000000)=0x1, 0xfefb)
sendto$inet(r4, &(0x7f0000000640)="68e0112722e41f6e2687fe9503c1e9afd447faf9ea7339696f23641398d90d1c7a5e106df73991f23e6ad120e7e788aa4254c177c10ae607a63db6b4ac1efaef380752040884a80f94aa5b330b00000000000000e9192dff1d6a8a9cdeb809338f1167feb6a87cf63e2638cce6ff04204a3b5ca558837ea4bff2fe0e00d7907f0b7e127d452af73ad5d5389f2fe57a6f45580df5e204de69ee7bae351a056d59ddca5bbc345bf9f86ed144c92a0fe672ddb0494fa158e30048af185c35e9f0079ca7345ba61d233ba6b9b851df932a5dd459b68d3ff4d08d3a46125acb16158105885f3e5008661b1c70ceb430b847e533e3f9d36d8517e80db71e7c44f759e6cc6a65", 0x103, 0x24048091, &(0x7f0000000540)={0x2, 0x4ea7, @multicast1}, 0x10)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000400)=0xe)
r7 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r7)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r8 = inotify_init1(0x0)
fcntl$setown(r8, 0x8, r0)
r9 = syz_open_procfs$pagemap(0x0, &(0x7f0000000580))
ioctl$PAGEMAP_SCAN(r9, 0xc0606610, &(0x7f0000000200)={0x60, 0x0, &(0x7f0000245000/0x2000)=nil, &(0x7f00004c7000/0x1000)=nil, 0x0, 0x0, 0x0, 0x1bb, 0x0, 0x0, 0x6a, 0x55})

program did not crash
testing program (duration=42.766832175s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_emit_vhci-tgkill-syz_clone-socket$nl_generic-syz_genetlink_get_family_id$nl80211-sendmsg$NL80211_CMD_SET_TID_CONFIG-socket$nl_xfrm-sendmsg$nl_xfrm-prctl$PR_SET_TAGGED_ADDR_CTRL-syz_mount_image$ext4-socket$inet_udp-ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL-ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL-socket$inet_mptcp-setsockopt$inet_tcp_int-sendto$inet-openat$ptmx-ioctl$TIOCSETD-syz_open_procfs-fchdir-mount-inotify_init1-fcntl$getownex-syz_open_procfs$pagemap-ioctl$PAGEMAP_SCAN
detailed listing:
executing program 0:
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="043e110b07"], 0xfc)
tgkill(0x0, 0x0, 0xf)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000800), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r1, @ANYBLOB="000200000000000061711110000008000300", @ANYRES32=0x0, @ANYBLOB="04001d80"], 0x20}, 0x1, 0x0, 0x0, 0x4040}, 0x4008081)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYBLOB="c400000019000100000000000000000000000000000000000000000000000000fc00000000000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000d480b92514d5e8000000000000000000000000000000000000000000000000004000000000000000000000000c0008ff6689d0f18d21984bae27349b3170062f340e28c0e2184fbc39bff232fc7ea117c714471ce62fa2a445dfbbe6d535e5ca5ced13b20ea2af43ae31881f67cda9267061dca64186e4c229ca6456f25343923f058fd7bb990eb661a642fa08fb00"/216], 0xc4}}, 0x0)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000080), 0x1, 0x478, &(0x7f0000000dc0)="$eJzs3c9vFFUcAPDvTH/w21ZEEQSsopH4o6Xlhxy8aDTxoImJHjCealsIslBDSyKEaPWAR0Pi3Xg08S/wpBejnky8arwaEmK4gCYma2Z3Bpb9ZVu3TMN+PsnAe/Pe7nvfmXm7b2Z2uwH0rbHsnyRia0T8GhEj9eydFcbq/928fmnmr+uXZpKoVt/8M6nVu3H90kxRtXjclnqmWs3zG9q0e/mdiOlKZe5cnp9YPPP+xMKFi8+dOjN9cu7k3NmpY8cOH9o7fHTqyCqiSlrWZHHd2P3h/J5dr7595fWZ41fe/fHrrNbWvLwxjl4Zq2/dtp7sdWMl29aQTgZL7Agr8k9EZLtrqDb+R2IgNt0qG4lXPim1c8Caqlar1Xbvz7mlKnAPS6LsHgDlKN7os/PfYrlLU4914dqL9ROgLO6b+VIvGYw0Ijbm50bb1qj9sYg4vvT3F9kSa3QdAgCg0bfZ/OfZdvO/NB5qqHdffg9lNCLuj4jtEfFAROyIiAcjanV3RsTDK2y/+Q5J6/wnvbqqwJYpm/+9kN/bunP+lxZVRgfy3LZa/EPJiVOVuYP5NjkQQxuy/GSXNr57+ZfPOpU1zv+yJWu/mAvm/bg62HSBbnZ6cfr/xNzo2scRuwfbxZ9EcRsniYhdEbF7lW2cevqrPZ3KmuLPNnNT/F304D5T9cuIp+r7fyma4i8kHe9PTj5/dOrIxMaozB2cKI6KVj/9fPmN1rX15//v/b+2sv2/ue3xX+/fUMRosjFi4cLF07X7tQsrb+Pyb592PKdZ7fE/nLxVSw/n6z6YXlw8NxkxnLzWun7q9mOLfFE/i//A/vbjf3vc3hKPRER2EO+NiH0R8Wje98ci4vGI2N8pwN93xg8vPfHeyuPvclW+h7L4Z7vs/+wlL0vd3v/NB8JSm6I7EwOnv/+mU/vL2/+Ha6kD+ZrlvP516U67IAAAAOCeltY+A5+k47fSaTo+Xv8M/47YnFbmFxafOTF//uxs/bPyozGUFle6Rhquh07m14aL/FRT/lB+3fjzgU21/PjMfGW27OChz23pMP4zfwyU3Ttgzfm+FvQv4x/6l/EP/cv4h/5l/EP/ajf+PyqhH8DdVxv/adm9AMpQG//n95XdDaAEzv+hfxn/0Jc6fjc+7Vwk0dPEpsh/CmGd9GeZiUjXRTfWWyKWInr3hHHh4unBZf8xi9Ulkmhb1P11o/UXNgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANanfwMAAP//0JjdTg==")
r3 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r3, 0x89f1, &(0x7f0000000440)={'sit0\x00', &(0x7f0000000400)={'syztnl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @broadcast}}}})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r3, 0x89f3, &(0x7f0000000940)={'syztnl0\x00', &(0x7f0000000140)={'ip_vti0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @loopback}}}})
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_int(r4, 0x6, 0x22, &(0x7f0000000000)=0x1, 0xfefb)
sendto$inet(r3, &(0x7f0000000640)="68e0112722e41f6e2687fe9503c1e9afd447faf9ea7339696f23641398d90d1c7a5e106df73991f23e6ad120e7e788aa4254c177c10ae607a63db6b4ac1efaef380752040884a80f94aa5b330b00000000000000e9192dff1d6a8a9cdeb809338f1167feb6a87cf63e2638cce6ff04204a3b5ca558837ea4bff2fe0e00d7907f0b7e127d452af73ad5d5389f2fe57a6f45580df5e204de69ee7bae351a056d59ddca5bbc345bf9f86ed144c92a0fe672ddb0494fa158e30048af185c35e9f0079ca7345ba61d233ba6b9b851df932a5dd459b68d3ff4d08d3a46125acb16158105885f3e5008661b1c70ceb430b847e533e3f9d36d8517e80db71e7c44f759e6cc6a65", 0x103, 0x24048091, &(0x7f0000000540)={0x2, 0x4ea7, @multicast1}, 0x10)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000400)=0xe)
r6 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r6)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r7 = inotify_init1(0x0)
fcntl$getownex(r7, 0x10, &(0x7f0000000140)={0x0, <r8=>0x0})
r9 = syz_open_procfs$pagemap(r8, &(0x7f0000000580))
ioctl$PAGEMAP_SCAN(r9, 0xc0606610, &(0x7f0000000200)={0x60, 0x0, &(0x7f0000245000/0x2000)=nil, &(0x7f00004c7000/0x1000)=nil, 0x0, 0x0, 0x0, 0x1bb, 0x0, 0x0, 0x6a, 0x55})

program did not crash
testing program (duration=42.766832175s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_emit_vhci-tgkill-syz_clone-socket$nl_generic-syz_genetlink_get_family_id$nl80211-sendmsg$NL80211_CMD_SET_TID_CONFIG-socket$nl_xfrm-sendmsg$nl_xfrm-prctl$PR_SET_TAGGED_ADDR_CTRL-syz_mount_image$ext4-socket$inet_udp-ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL-ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL-socket$inet_mptcp-setsockopt$inet_tcp_int-sendto$inet-openat$ptmx-ioctl$TIOCSETD-syz_open_procfs-fchdir-mount-fcntl$setown-fcntl$getownex-syz_open_procfs$pagemap-ioctl$PAGEMAP_SCAN
detailed listing:
executing program 0:
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="043e110b07"], 0xfc)
tgkill(0x0, 0x0, 0xf)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000800), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r2, @ANYBLOB="000200000000000061711110000008000300", @ANYRES32=0x0, @ANYBLOB="04001d80"], 0x20}, 0x1, 0x0, 0x0, 0x4040}, 0x4008081)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYBLOB="c400000019000100000000000000000000000000000000000000000000000000fc00000000000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000d480b92514d5e8000000000000000000000000000000000000000000000000004000000000000000000000000c0008ff6689d0f18d21984bae27349b3170062f340e28c0e2184fbc39bff232fc7ea117c714471ce62fa2a445dfbbe6d535e5ca5ced13b20ea2af43ae31881f67cda9267061dca64186e4c229ca6456f25343923f058fd7bb990eb661a642fa08fb00"/216], 0xc4}}, 0x0)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000080), 0x1, 0x478, &(0x7f0000000dc0)="$eJzs3c9vFFUcAPDvTH/w21ZEEQSsopH4o6Xlhxy8aDTxoImJHjCealsIslBDSyKEaPWAR0Pi3Xg08S/wpBejnky8arwaEmK4gCYma2Z3Bpb9ZVu3TMN+PsnAe/Pe7nvfmXm7b2Z2uwH0rbHsnyRia0T8GhEj9eydFcbq/928fmnmr+uXZpKoVt/8M6nVu3H90kxRtXjclnqmWs3zG9q0e/mdiOlKZe5cnp9YPPP+xMKFi8+dOjN9cu7k3NmpY8cOH9o7fHTqyCqiSlrWZHHd2P3h/J5dr7595fWZ41fe/fHrrNbWvLwxjl4Zq2/dtp7sdWMl29aQTgZL7Agr8k9EZLtrqDb+R2IgNt0qG4lXPim1c8Caqlar1Xbvz7mlKnAPS6LsHgDlKN7os/PfYrlLU4914dqL9ROgLO6b+VIvGYw0Ijbm50bb1qj9sYg4vvT3F9kSa3QdAgCg0bfZ/OfZdvO/NB5qqHdffg9lNCLuj4jtEfFAROyIiAcjanV3RsTDK2y/+Q5J6/wnvbqqwJYpm/+9kN/bunP+lxZVRgfy3LZa/EPJiVOVuYP5NjkQQxuy/GSXNr57+ZfPOpU1zv+yJWu/mAvm/bg62HSBbnZ6cfr/xNzo2scRuwfbxZ9EcRsniYhdEbF7lW2cevqrPZ3KmuLPNnNT/F304D5T9cuIp+r7fyma4i8kHe9PTj5/dOrIxMaozB2cKI6KVj/9fPmN1rX15//v/b+2sv2/ue3xX+/fUMRosjFi4cLF07X7tQsrb+Pyb592PKdZ7fE/nLxVSw/n6z6YXlw8NxkxnLzWun7q9mOLfFE/i//A/vbjf3vc3hKPRER2EO+NiH0R8Wje98ci4vGI2N8pwN93xg8vPfHeyuPvclW+h7L4Z7vs/+wlL0vd3v/NB8JSm6I7EwOnv/+mU/vL2/+Ha6kD+ZrlvP516U67IAAAAOCeltY+A5+k47fSaTo+Xv8M/47YnFbmFxafOTF//uxs/bPyozGUFle6Rhquh07m14aL/FRT/lB+3fjzgU21/PjMfGW27OChz23pMP4zfwyU3Ttgzfm+FvQv4x/6l/EP/cv4h/5l/EP/ajf+PyqhH8DdVxv/adm9AMpQG//n95XdDaAEzv+hfxn/0Jc6fjc+7Vwk0dPEpsh/CmGd9GeZiUjXRTfWWyKWInr3hHHh4unBZf8xi9Ulkmhb1P11o/UXNgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANanfwMAAP//0JjdTg==")
r4 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r4, 0x89f1, &(0x7f0000000440)={'sit0\x00', &(0x7f0000000400)={'syztnl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @broadcast}}}})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r4, 0x89f3, &(0x7f0000000940)={'syztnl0\x00', &(0x7f0000000140)={'ip_vti0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @loopback}}}})
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_int(r5, 0x6, 0x22, &(0x7f0000000000)=0x1, 0xfefb)
sendto$inet(r4, &(0x7f0000000640)="68e0112722e41f6e2687fe9503c1e9afd447faf9ea7339696f23641398d90d1c7a5e106df73991f23e6ad120e7e788aa4254c177c10ae607a63db6b4ac1efaef380752040884a80f94aa5b330b00000000000000e9192dff1d6a8a9cdeb809338f1167feb6a87cf63e2638cce6ff04204a3b5ca558837ea4bff2fe0e00d7907f0b7e127d452af73ad5d5389f2fe57a6f45580df5e204de69ee7bae351a056d59ddca5bbc345bf9f86ed144c92a0fe672ddb0494fa158e30048af185c35e9f0079ca7345ba61d233ba6b9b851df932a5dd459b68d3ff4d08d3a46125acb16158105885f3e5008661b1c70ceb430b847e533e3f9d36d8517e80db71e7c44f759e6cc6a65", 0x103, 0x24048091, &(0x7f0000000540)={0x2, 0x4ea7, @multicast1}, 0x10)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000400)=0xe)
r7 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r7)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
fcntl$setown(0xffffffffffffffff, 0x8, r0)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000140)={0x0, <r8=>0x0})
r9 = syz_open_procfs$pagemap(r8, &(0x7f0000000580))
ioctl$PAGEMAP_SCAN(r9, 0xc0606610, &(0x7f0000000200)={0x60, 0x0, &(0x7f0000245000/0x2000)=nil, &(0x7f00004c7000/0x1000)=nil, 0x0, 0x0, 0x0, 0x1bb, 0x0, 0x0, 0x6a, 0x55})

program did not crash
testing program (duration=42.766832175s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_emit_vhci-tgkill-syz_clone-socket$nl_generic-syz_genetlink_get_family_id$nl80211-sendmsg$NL80211_CMD_SET_TID_CONFIG-socket$nl_xfrm-sendmsg$nl_xfrm-prctl$PR_SET_TAGGED_ADDR_CTRL-syz_mount_image$ext4-socket$inet_udp-ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL-ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL-socket$inet_mptcp-setsockopt$inet_tcp_int-sendto$inet-openat$ptmx-ioctl$TIOCSETD-syz_open_procfs-fchdir-inotify_init1-fcntl$setown-fcntl$getownex-syz_open_procfs$pagemap-ioctl$PAGEMAP_SCAN
detailed listing:
executing program 0:
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="043e110b07"], 0xfc)
tgkill(0x0, 0x0, 0xf)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000800), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r2, @ANYBLOB="000200000000000061711110000008000300", @ANYRES32=0x0, @ANYBLOB="04001d80"], 0x20}, 0x1, 0x0, 0x0, 0x4040}, 0x4008081)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYBLOB="c400000019000100000000000000000000000000000000000000000000000000fc00000000000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000d480b92514d5e8000000000000000000000000000000000000000000000000004000000000000000000000000c0008ff6689d0f18d21984bae27349b3170062f340e28c0e2184fbc39bff232fc7ea117c714471ce62fa2a445dfbbe6d535e5ca5ced13b20ea2af43ae31881f67cda9267061dca64186e4c229ca6456f25343923f058fd7bb990eb661a642fa08fb00"/216], 0xc4}}, 0x0)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000080), 0x1, 0x478, &(0x7f0000000dc0)="$eJzs3c9vFFUcAPDvTH/w21ZEEQSsopH4o6Xlhxy8aDTxoImJHjCealsIslBDSyKEaPWAR0Pi3Xg08S/wpBejnky8arwaEmK4gCYma2Z3Bpb9ZVu3TMN+PsnAe/Pe7nvfmXm7b2Z2uwH0rbHsnyRia0T8GhEj9eydFcbq/928fmnmr+uXZpKoVt/8M6nVu3H90kxRtXjclnqmWs3zG9q0e/mdiOlKZe5cnp9YPPP+xMKFi8+dOjN9cu7k3NmpY8cOH9o7fHTqyCqiSlrWZHHd2P3h/J5dr7595fWZ41fe/fHrrNbWvLwxjl4Zq2/dtp7sdWMl29aQTgZL7Agr8k9EZLtrqDb+R2IgNt0qG4lXPim1c8Caqlar1Xbvz7mlKnAPS6LsHgDlKN7os/PfYrlLU4914dqL9ROgLO6b+VIvGYw0Ijbm50bb1qj9sYg4vvT3F9kSa3QdAgCg0bfZ/OfZdvO/NB5qqHdffg9lNCLuj4jtEfFAROyIiAcjanV3RsTDK2y/+Q5J6/wnvbqqwJYpm/+9kN/bunP+lxZVRgfy3LZa/EPJiVOVuYP5NjkQQxuy/GSXNr57+ZfPOpU1zv+yJWu/mAvm/bg62HSBbnZ6cfr/xNzo2scRuwfbxZ9EcRsniYhdEbF7lW2cevqrPZ3KmuLPNnNT/F304D5T9cuIp+r7fyma4i8kHe9PTj5/dOrIxMaozB2cKI6KVj/9fPmN1rX15//v/b+2sv2/ue3xX+/fUMRosjFi4cLF07X7tQsrb+Pyb592PKdZ7fE/nLxVSw/n6z6YXlw8NxkxnLzWun7q9mOLfFE/i//A/vbjf3vc3hKPRER2EO+NiH0R8Wje98ci4vGI2N8pwN93xg8vPfHeyuPvclW+h7L4Z7vs/+wlL0vd3v/NB8JSm6I7EwOnv/+mU/vL2/+Ha6kD+ZrlvP516U67IAAAAOCeltY+A5+k47fSaTo+Xv8M/47YnFbmFxafOTF//uxs/bPyozGUFle6Rhquh07m14aL/FRT/lB+3fjzgU21/PjMfGW27OChz23pMP4zfwyU3Ttgzfm+FvQv4x/6l/EP/cv4h/5l/EP/ajf+PyqhH8DdVxv/adm9AMpQG//n95XdDaAEzv+hfxn/0Jc6fjc+7Vwk0dPEpsh/CmGd9GeZiUjXRTfWWyKWInr3hHHh4unBZf8xi9Ulkmhb1P11o/UXNgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANanfwMAAP//0JjdTg==")
r4 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r4, 0x89f1, &(0x7f0000000440)={'sit0\x00', &(0x7f0000000400)={'syztnl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @broadcast}}}})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r4, 0x89f3, &(0x7f0000000940)={'syztnl0\x00', &(0x7f0000000140)={'ip_vti0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @loopback}}}})
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_int(r5, 0x6, 0x22, &(0x7f0000000000)=0x1, 0xfefb)
sendto$inet(r4, &(0x7f0000000640)="68e0112722e41f6e2687fe9503c1e9afd447faf9ea7339696f23641398d90d1c7a5e106df73991f23e6ad120e7e788aa4254c177c10ae607a63db6b4ac1efaef380752040884a80f94aa5b330b00000000000000e9192dff1d6a8a9cdeb809338f1167feb6a87cf63e2638cce6ff04204a3b5ca558837ea4bff2fe0e00d7907f0b7e127d452af73ad5d5389f2fe57a6f45580df5e204de69ee7bae351a056d59ddca5bbc345bf9f86ed144c92a0fe672ddb0494fa158e30048af185c35e9f0079ca7345ba61d233ba6b9b851df932a5dd459b68d3ff4d08d3a46125acb16158105885f3e5008661b1c70ceb430b847e533e3f9d36d8517e80db71e7c44f759e6cc6a65", 0x103, 0x24048091, &(0x7f0000000540)={0x2, 0x4ea7, @multicast1}, 0x10)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000400)=0xe)
r7 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r7)
r8 = inotify_init1(0x0)
fcntl$setown(r8, 0x8, r0)
fcntl$getownex(r8, 0x10, &(0x7f0000000140)={0x0, <r9=>0x0})
r10 = syz_open_procfs$pagemap(r9, &(0x7f0000000580))
ioctl$PAGEMAP_SCAN(r10, 0xc0606610, &(0x7f0000000200)={0x60, 0x0, &(0x7f0000245000/0x2000)=nil, &(0x7f00004c7000/0x1000)=nil, 0x0, 0x0, 0x0, 0x1bb, 0x0, 0x0, 0x6a, 0x55})

program did not crash
testing program (duration=42.766832175s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_emit_vhci-tgkill-syz_clone-socket$nl_generic-syz_genetlink_get_family_id$nl80211-sendmsg$NL80211_CMD_SET_TID_CONFIG-socket$nl_xfrm-sendmsg$nl_xfrm-prctl$PR_SET_TAGGED_ADDR_CTRL-syz_mount_image$ext4-socket$inet_udp-ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL-ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL-socket$inet_mptcp-setsockopt$inet_tcp_int-sendto$inet-openat$ptmx-ioctl$TIOCSETD-syz_open_procfs-mount-inotify_init1-fcntl$setown-fcntl$getownex-syz_open_procfs$pagemap-ioctl$PAGEMAP_SCAN
detailed listing:
executing program 0:
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="043e110b07"], 0xfc)
tgkill(0x0, 0x0, 0xf)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000800), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r2, @ANYBLOB="000200000000000061711110000008000300", @ANYRES32=0x0, @ANYBLOB="04001d80"], 0x20}, 0x1, 0x0, 0x0, 0x4040}, 0x4008081)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYBLOB="c400000019000100000000000000000000000000000000000000000000000000fc00000000000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000d480b92514d5e8000000000000000000000000000000000000000000000000004000000000000000000000000c0008ff6689d0f18d21984bae27349b3170062f340e28c0e2184fbc39bff232fc7ea117c714471ce62fa2a445dfbbe6d535e5ca5ced13b20ea2af43ae31881f67cda9267061dca64186e4c229ca6456f25343923f058fd7bb990eb661a642fa08fb00"/216], 0xc4}}, 0x0)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000080), 0x1, 0x478, &(0x7f0000000dc0)="$eJzs3c9vFFUcAPDvTH/w21ZEEQSsopH4o6Xlhxy8aDTxoImJHjCealsIslBDSyKEaPWAR0Pi3Xg08S/wpBejnky8arwaEmK4gCYma2Z3Bpb9ZVu3TMN+PsnAe/Pe7nvfmXm7b2Z2uwH0rbHsnyRia0T8GhEj9eydFcbq/928fmnmr+uXZpKoVt/8M6nVu3H90kxRtXjclnqmWs3zG9q0e/mdiOlKZe5cnp9YPPP+xMKFi8+dOjN9cu7k3NmpY8cOH9o7fHTqyCqiSlrWZHHd2P3h/J5dr7595fWZ41fe/fHrrNbWvLwxjl4Zq2/dtp7sdWMl29aQTgZL7Agr8k9EZLtrqDb+R2IgNt0qG4lXPim1c8Caqlar1Xbvz7mlKnAPS6LsHgDlKN7os/PfYrlLU4914dqL9ROgLO6b+VIvGYw0Ijbm50bb1qj9sYg4vvT3F9kSa3QdAgCg0bfZ/OfZdvO/NB5qqHdffg9lNCLuj4jtEfFAROyIiAcjanV3RsTDK2y/+Q5J6/wnvbqqwJYpm/+9kN/bunP+lxZVRgfy3LZa/EPJiVOVuYP5NjkQQxuy/GSXNr57+ZfPOpU1zv+yJWu/mAvm/bg62HSBbnZ6cfr/xNzo2scRuwfbxZ9EcRsniYhdEbF7lW2cevqrPZ3KmuLPNnNT/F304D5T9cuIp+r7fyma4i8kHe9PTj5/dOrIxMaozB2cKI6KVj/9fPmN1rX15//v/b+2sv2/ue3xX+/fUMRosjFi4cLF07X7tQsrb+Pyb592PKdZ7fE/nLxVSw/n6z6YXlw8NxkxnLzWun7q9mOLfFE/i//A/vbjf3vc3hKPRER2EO+NiH0R8Wje98ci4vGI2N8pwN93xg8vPfHeyuPvclW+h7L4Z7vs/+wlL0vd3v/NB8JSm6I7EwOnv/+mU/vL2/+Ha6kD+ZrlvP516U67IAAAAOCeltY+A5+k47fSaTo+Xv8M/47YnFbmFxafOTF//uxs/bPyozGUFle6Rhquh07m14aL/FRT/lB+3fjzgU21/PjMfGW27OChz23pMP4zfwyU3Ttgzfm+FvQv4x/6l/EP/cv4h/5l/EP/ajf+PyqhH8DdVxv/adm9AMpQG//n95XdDaAEzv+hfxn/0Jc6fjc+7Vwk0dPEpsh/CmGd9GeZiUjXRTfWWyKWInr3hHHh4unBZf8xi9Ulkmhb1P11o/UXNgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANanfwMAAP//0JjdTg==")
r4 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r4, 0x89f1, &(0x7f0000000440)={'sit0\x00', &(0x7f0000000400)={'syztnl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @broadcast}}}})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r4, 0x89f3, &(0x7f0000000940)={'syztnl0\x00', &(0x7f0000000140)={'ip_vti0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @loopback}}}})
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_int(r5, 0x6, 0x22, &(0x7f0000000000)=0x1, 0xfefb)
sendto$inet(r4, &(0x7f0000000640)="68e0112722e41f6e2687fe9503c1e9afd447faf9ea7339696f23641398d90d1c7a5e106df73991f23e6ad120e7e788aa4254c177c10ae607a63db6b4ac1efaef380752040884a80f94aa5b330b00000000000000e9192dff1d6a8a9cdeb809338f1167feb6a87cf63e2638cce6ff04204a3b5ca558837ea4bff2fe0e00d7907f0b7e127d452af73ad5d5389f2fe57a6f45580df5e204de69ee7bae351a056d59ddca5bbc345bf9f86ed144c92a0fe672ddb0494fa158e30048af185c35e9f0079ca7345ba61d233ba6b9b851df932a5dd459b68d3ff4d08d3a46125acb16158105885f3e5008661b1c70ceb430b847e533e3f9d36d8517e80db71e7c44f759e6cc6a65", 0x103, 0x24048091, &(0x7f0000000540)={0x2, 0x4ea7, @multicast1}, 0x10)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000400)=0xe)
syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r7 = inotify_init1(0x0)
fcntl$setown(r7, 0x8, r0)
fcntl$getownex(r7, 0x10, &(0x7f0000000140)={0x0, <r8=>0x0})
r9 = syz_open_procfs$pagemap(r8, &(0x7f0000000580))
ioctl$PAGEMAP_SCAN(r9, 0xc0606610, &(0x7f0000000200)={0x60, 0x0, &(0x7f0000245000/0x2000)=nil, &(0x7f00004c7000/0x1000)=nil, 0x0, 0x0, 0x0, 0x1bb, 0x0, 0x0, 0x6a, 0x55})

program did not crash
testing program (duration=42.766832175s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_emit_vhci-tgkill-syz_clone-socket$nl_generic-syz_genetlink_get_family_id$nl80211-sendmsg$NL80211_CMD_SET_TID_CONFIG-socket$nl_xfrm-sendmsg$nl_xfrm-prctl$PR_SET_TAGGED_ADDR_CTRL-syz_mount_image$ext4-socket$inet_udp-ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL-ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL-socket$inet_mptcp-setsockopt$inet_tcp_int-sendto$inet-openat$ptmx-ioctl$TIOCSETD-fchdir-mount-inotify_init1-fcntl$setown-fcntl$getownex-syz_open_procfs$pagemap-ioctl$PAGEMAP_SCAN
detailed listing:
executing program 0:
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="043e110b07"], 0xfc)
tgkill(0x0, 0x0, 0xf)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000800), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r2, @ANYBLOB="000200000000000061711110000008000300", @ANYRES32=0x0, @ANYBLOB="04001d80"], 0x20}, 0x1, 0x0, 0x0, 0x4040}, 0x4008081)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYBLOB="c400000019000100000000000000000000000000000000000000000000000000fc00000000000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000d480b92514d5e8000000000000000000000000000000000000000000000000004000000000000000000000000c0008ff6689d0f18d21984bae27349b3170062f340e28c0e2184fbc39bff232fc7ea117c714471ce62fa2a445dfbbe6d535e5ca5ced13b20ea2af43ae31881f67cda9267061dca64186e4c229ca6456f25343923f058fd7bb990eb661a642fa08fb00"/216], 0xc4}}, 0x0)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000080), 0x1, 0x478, &(0x7f0000000dc0)="$eJzs3c9vFFUcAPDvTH/w21ZEEQSsopH4o6Xlhxy8aDTxoImJHjCealsIslBDSyKEaPWAR0Pi3Xg08S/wpBejnky8arwaEmK4gCYma2Z3Bpb9ZVu3TMN+PsnAe/Pe7nvfmXm7b2Z2uwH0rbHsnyRia0T8GhEj9eydFcbq/928fmnmr+uXZpKoVt/8M6nVu3H90kxRtXjclnqmWs3zG9q0e/mdiOlKZe5cnp9YPPP+xMKFi8+dOjN9cu7k3NmpY8cOH9o7fHTqyCqiSlrWZHHd2P3h/J5dr7595fWZ41fe/fHrrNbWvLwxjl4Zq2/dtp7sdWMl29aQTgZL7Agr8k9EZLtrqDb+R2IgNt0qG4lXPim1c8Caqlar1Xbvz7mlKnAPS6LsHgDlKN7os/PfYrlLU4914dqL9ROgLO6b+VIvGYw0Ijbm50bb1qj9sYg4vvT3F9kSa3QdAgCg0bfZ/OfZdvO/NB5qqHdffg9lNCLuj4jtEfFAROyIiAcjanV3RsTDK2y/+Q5J6/wnvbqqwJYpm/+9kN/bunP+lxZVRgfy3LZa/EPJiVOVuYP5NjkQQxuy/GSXNr57+ZfPOpU1zv+yJWu/mAvm/bg62HSBbnZ6cfr/xNzo2scRuwfbxZ9EcRsniYhdEbF7lW2cevqrPZ3KmuLPNnNT/F304D5T9cuIp+r7fyma4i8kHe9PTj5/dOrIxMaozB2cKI6KVj/9fPmN1rX15//v/b+2sv2/ue3xX+/fUMRosjFi4cLF07X7tQsrb+Pyb592PKdZ7fE/nLxVSw/n6z6YXlw8NxkxnLzWun7q9mOLfFE/i//A/vbjf3vc3hKPRER2EO+NiH0R8Wje98ci4vGI2N8pwN93xg8vPfHeyuPvclW+h7L4Z7vs/+wlL0vd3v/NB8JSm6I7EwOnv/+mU/vL2/+Ha6kD+ZrlvP516U67IAAAAOCeltY+A5+k47fSaTo+Xv8M/47YnFbmFxafOTF//uxs/bPyozGUFle6Rhquh07m14aL/FRT/lB+3fjzgU21/PjMfGW27OChz23pMP4zfwyU3Ttgzfm+FvQv4x/6l/EP/cv4h/5l/EP/ajf+PyqhH8DdVxv/adm9AMpQG//n95XdDaAEzv+hfxn/0Jc6fjc+7Vwk0dPEpsh/CmGd9GeZiUjXRTfWWyKWInr3hHHh4unBZf8xi9Ulkmhb1P11o/UXNgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANanfwMAAP//0JjdTg==")
r4 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r4, 0x89f1, &(0x7f0000000440)={'sit0\x00', &(0x7f0000000400)={'syztnl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @broadcast}}}})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r4, 0x89f3, &(0x7f0000000940)={'syztnl0\x00', &(0x7f0000000140)={'ip_vti0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @loopback}}}})
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_int(r5, 0x6, 0x22, &(0x7f0000000000)=0x1, 0xfefb)
sendto$inet(r4, &(0x7f0000000640)="68e0112722e41f6e2687fe9503c1e9afd447faf9ea7339696f23641398d90d1c7a5e106df73991f23e6ad120e7e788aa4254c177c10ae607a63db6b4ac1efaef380752040884a80f94aa5b330b00000000000000e9192dff1d6a8a9cdeb809338f1167feb6a87cf63e2638cce6ff04204a3b5ca558837ea4bff2fe0e00d7907f0b7e127d452af73ad5d5389f2fe57a6f45580df5e204de69ee7bae351a056d59ddca5bbc345bf9f86ed144c92a0fe672ddb0494fa158e30048af185c35e9f0079ca7345ba61d233ba6b9b851df932a5dd459b68d3ff4d08d3a46125acb16158105885f3e5008661b1c70ceb430b847e533e3f9d36d8517e80db71e7c44f759e6cc6a65", 0x103, 0x24048091, &(0x7f0000000540)={0x2, 0x4ea7, @multicast1}, 0x10)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000400)=0xe)
fchdir(0xffffffffffffffff)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r7 = inotify_init1(0x0)
fcntl$setown(r7, 0x8, r0)
fcntl$getownex(r7, 0x10, &(0x7f0000000140)={0x0, <r8=>0x0})
r9 = syz_open_procfs$pagemap(r8, &(0x7f0000000580))
ioctl$PAGEMAP_SCAN(r9, 0xc0606610, &(0x7f0000000200)={0x60, 0x0, &(0x7f0000245000/0x2000)=nil, &(0x7f00004c7000/0x1000)=nil, 0x0, 0x0, 0x0, 0x1bb, 0x0, 0x0, 0x6a, 0x55})

program did not crash
testing program (duration=42.766832175s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_emit_vhci-tgkill-syz_clone-socket$nl_generic-syz_genetlink_get_family_id$nl80211-sendmsg$NL80211_CMD_SET_TID_CONFIG-socket$nl_xfrm-sendmsg$nl_xfrm-prctl$PR_SET_TAGGED_ADDR_CTRL-syz_mount_image$ext4-socket$inet_udp-ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL-ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL-socket$inet_mptcp-setsockopt$inet_tcp_int-sendto$inet-openat$ptmx-syz_open_procfs-fchdir-mount-inotify_init1-fcntl$setown-fcntl$getownex-syz_open_procfs$pagemap-ioctl$PAGEMAP_SCAN
detailed listing:
executing program 0:
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="043e110b07"], 0xfc)
tgkill(0x0, 0x0, 0xf)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000800), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r2, @ANYBLOB="000200000000000061711110000008000300", @ANYRES32=0x0, @ANYBLOB="04001d80"], 0x20}, 0x1, 0x0, 0x0, 0x4040}, 0x4008081)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYBLOB="c400000019000100000000000000000000000000000000000000000000000000fc00000000000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000d480b92514d5e8000000000000000000000000000000000000000000000000004000000000000000000000000c0008ff6689d0f18d21984bae27349b3170062f340e28c0e2184fbc39bff232fc7ea117c714471ce62fa2a445dfbbe6d535e5ca5ced13b20ea2af43ae31881f67cda9267061dca64186e4c229ca6456f25343923f058fd7bb990eb661a642fa08fb00"/216], 0xc4}}, 0x0)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000080), 0x1, 0x478, &(0x7f0000000dc0)="$eJzs3c9vFFUcAPDvTH/w21ZEEQSsopH4o6Xlhxy8aDTxoImJHjCealsIslBDSyKEaPWAR0Pi3Xg08S/wpBejnky8arwaEmK4gCYma2Z3Bpb9ZVu3TMN+PsnAe/Pe7nvfmXm7b2Z2uwH0rbHsnyRia0T8GhEj9eydFcbq/928fmnmr+uXZpKoVt/8M6nVu3H90kxRtXjclnqmWs3zG9q0e/mdiOlKZe5cnp9YPPP+xMKFi8+dOjN9cu7k3NmpY8cOH9o7fHTqyCqiSlrWZHHd2P3h/J5dr7595fWZ41fe/fHrrNbWvLwxjl4Zq2/dtp7sdWMl29aQTgZL7Agr8k9EZLtrqDb+R2IgNt0qG4lXPim1c8Caqlar1Xbvz7mlKnAPS6LsHgDlKN7os/PfYrlLU4914dqL9ROgLO6b+VIvGYw0Ijbm50bb1qj9sYg4vvT3F9kSa3QdAgCg0bfZ/OfZdvO/NB5qqHdffg9lNCLuj4jtEfFAROyIiAcjanV3RsTDK2y/+Q5J6/wnvbqqwJYpm/+9kN/bunP+lxZVRgfy3LZa/EPJiVOVuYP5NjkQQxuy/GSXNr57+ZfPOpU1zv+yJWu/mAvm/bg62HSBbnZ6cfr/xNzo2scRuwfbxZ9EcRsniYhdEbF7lW2cevqrPZ3KmuLPNnNT/F304D5T9cuIp+r7fyma4i8kHe9PTj5/dOrIxMaozB2cKI6KVj/9fPmN1rX15//v/b+2sv2/ue3xX+/fUMRosjFi4cLF07X7tQsrb+Pyb592PKdZ7fE/nLxVSw/n6z6YXlw8NxkxnLzWun7q9mOLfFE/i//A/vbjf3vc3hKPRER2EO+NiH0R8Wje98ci4vGI2N8pwN93xg8vPfHeyuPvclW+h7L4Z7vs/+wlL0vd3v/NB8JSm6I7EwOnv/+mU/vL2/+Ha6kD+ZrlvP516U67IAAAAOCeltY+A5+k47fSaTo+Xv8M/47YnFbmFxafOTF//uxs/bPyozGUFle6Rhquh07m14aL/FRT/lB+3fjzgU21/PjMfGW27OChz23pMP4zfwyU3Ttgzfm+FvQv4x/6l/EP/cv4h/5l/EP/ajf+PyqhH8DdVxv/adm9AMpQG//n95XdDaAEzv+hfxn/0Jc6fjc+7Vwk0dPEpsh/CmGd9GeZiUjXRTfWWyKWInr3hHHh4unBZf8xi9Ulkmhb1P11o/UXNgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANanfwMAAP//0JjdTg==")
r4 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r4, 0x89f1, &(0x7f0000000440)={'sit0\x00', &(0x7f0000000400)={'syztnl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @broadcast}}}})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r4, 0x89f3, &(0x7f0000000940)={'syztnl0\x00', &(0x7f0000000140)={'ip_vti0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @loopback}}}})
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_int(r5, 0x6, 0x22, &(0x7f0000000000)=0x1, 0xfefb)
sendto$inet(r4, &(0x7f0000000640)="68e0112722e41f6e2687fe9503c1e9afd447faf9ea7339696f23641398d90d1c7a5e106df73991f23e6ad120e7e788aa4254c177c10ae607a63db6b4ac1efaef380752040884a80f94aa5b330b00000000000000e9192dff1d6a8a9cdeb809338f1167feb6a87cf63e2638cce6ff04204a3b5ca558837ea4bff2fe0e00d7907f0b7e127d452af73ad5d5389f2fe57a6f45580df5e204de69ee7bae351a056d59ddca5bbc345bf9f86ed144c92a0fe672ddb0494fa158e30048af185c35e9f0079ca7345ba61d233ba6b9b851df932a5dd459b68d3ff4d08d3a46125acb16158105885f3e5008661b1c70ceb430b847e533e3f9d36d8517e80db71e7c44f759e6cc6a65", 0x103, 0x24048091, &(0x7f0000000540)={0x2, 0x4ea7, @multicast1}, 0x10)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
r6 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r6)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r7 = inotify_init1(0x0)
fcntl$setown(r7, 0x8, r0)
fcntl$getownex(r7, 0x10, &(0x7f0000000140)={0x0, <r8=>0x0})
r9 = syz_open_procfs$pagemap(r8, &(0x7f0000000580))
ioctl$PAGEMAP_SCAN(r9, 0xc0606610, &(0x7f0000000200)={0x60, 0x0, &(0x7f0000245000/0x2000)=nil, &(0x7f00004c7000/0x1000)=nil, 0x0, 0x0, 0x0, 0x1bb, 0x0, 0x0, 0x6a, 0x55})

program crashed: BUG: unable to handle kernel paging request in do_pagemap_cmd
testing program (duration=42.766832175s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_emit_vhci-tgkill-syz_clone-socket$nl_generic-syz_genetlink_get_family_id$nl80211-sendmsg$NL80211_CMD_SET_TID_CONFIG-socket$nl_xfrm-sendmsg$nl_xfrm-prctl$PR_SET_TAGGED_ADDR_CTRL-syz_mount_image$ext4-socket$inet_udp-ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL-ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL-socket$inet_mptcp-setsockopt$inet_tcp_int-sendto$inet-syz_open_procfs-fchdir-mount-inotify_init1-fcntl$setown-fcntl$getownex-syz_open_procfs$pagemap-ioctl$PAGEMAP_SCAN
detailed listing:
executing program 0:
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="043e110b07"], 0xfc)
tgkill(0x0, 0x0, 0xf)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000800), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r2, @ANYBLOB="000200000000000061711110000008000300", @ANYRES32=0x0, @ANYBLOB="04001d80"], 0x20}, 0x1, 0x0, 0x0, 0x4040}, 0x4008081)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYBLOB="c400000019000100000000000000000000000000000000000000000000000000fc00000000000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000d480b92514d5e8000000000000000000000000000000000000000000000000004000000000000000000000000c0008ff6689d0f18d21984bae27349b3170062f340e28c0e2184fbc39bff232fc7ea117c714471ce62fa2a445dfbbe6d535e5ca5ced13b20ea2af43ae31881f67cda9267061dca64186e4c229ca6456f25343923f058fd7bb990eb661a642fa08fb00"/216], 0xc4}}, 0x0)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000080), 0x1, 0x478, &(0x7f0000000dc0)="$eJzs3c9vFFUcAPDvTH/w21ZEEQSsopH4o6Xlhxy8aDTxoImJHjCealsIslBDSyKEaPWAR0Pi3Xg08S/wpBejnky8arwaEmK4gCYma2Z3Bpb9ZVu3TMN+PsnAe/Pe7nvfmXm7b2Z2uwH0rbHsnyRia0T8GhEj9eydFcbq/928fmnmr+uXZpKoVt/8M6nVu3H90kxRtXjclnqmWs3zG9q0e/mdiOlKZe5cnp9YPPP+xMKFi8+dOjN9cu7k3NmpY8cOH9o7fHTqyCqiSlrWZHHd2P3h/J5dr7595fWZ41fe/fHrrNbWvLwxjl4Zq2/dtp7sdWMl29aQTgZL7Agr8k9EZLtrqDb+R2IgNt0qG4lXPim1c8Caqlar1Xbvz7mlKnAPS6LsHgDlKN7os/PfYrlLU4914dqL9ROgLO6b+VIvGYw0Ijbm50bb1qj9sYg4vvT3F9kSa3QdAgCg0bfZ/OfZdvO/NB5qqHdffg9lNCLuj4jtEfFAROyIiAcjanV3RsTDK2y/+Q5J6/wnvbqqwJYpm/+9kN/bunP+lxZVRgfy3LZa/EPJiVOVuYP5NjkQQxuy/GSXNr57+ZfPOpU1zv+yJWu/mAvm/bg62HSBbnZ6cfr/xNzo2scRuwfbxZ9EcRsniYhdEbF7lW2cevqrPZ3KmuLPNnNT/F304D5T9cuIp+r7fyma4i8kHe9PTj5/dOrIxMaozB2cKI6KVj/9fPmN1rX15//v/b+2sv2/ue3xX+/fUMRosjFi4cLF07X7tQsrb+Pyb592PKdZ7fE/nLxVSw/n6z6YXlw8NxkxnLzWun7q9mOLfFE/i//A/vbjf3vc3hKPRER2EO+NiH0R8Wje98ci4vGI2N8pwN93xg8vPfHeyuPvclW+h7L4Z7vs/+wlL0vd3v/NB8JSm6I7EwOnv/+mU/vL2/+Ha6kD+ZrlvP516U67IAAAAOCeltY+A5+k47fSaTo+Xv8M/47YnFbmFxafOTF//uxs/bPyozGUFle6Rhquh07m14aL/FRT/lB+3fjzgU21/PjMfGW27OChz23pMP4zfwyU3Ttgzfm+FvQv4x/6l/EP/cv4h/5l/EP/ajf+PyqhH8DdVxv/adm9AMpQG//n95XdDaAEzv+hfxn/0Jc6fjc+7Vwk0dPEpsh/CmGd9GeZiUjXRTfWWyKWInr3hHHh4unBZf8xi9Ulkmhb1P11o/UXNgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANanfwMAAP//0JjdTg==")
r4 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r4, 0x89f1, &(0x7f0000000440)={'sit0\x00', &(0x7f0000000400)={'syztnl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @broadcast}}}})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r4, 0x89f3, &(0x7f0000000940)={'syztnl0\x00', &(0x7f0000000140)={'ip_vti0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @loopback}}}})
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_int(r5, 0x6, 0x22, &(0x7f0000000000)=0x1, 0xfefb)
sendto$inet(r4, &(0x7f0000000640)="68e0112722e41f6e2687fe9503c1e9afd447faf9ea7339696f23641398d90d1c7a5e106df73991f23e6ad120e7e788aa4254c177c10ae607a63db6b4ac1efaef380752040884a80f94aa5b330b00000000000000e9192dff1d6a8a9cdeb809338f1167feb6a87cf63e2638cce6ff04204a3b5ca558837ea4bff2fe0e00d7907f0b7e127d452af73ad5d5389f2fe57a6f45580df5e204de69ee7bae351a056d59ddca5bbc345bf9f86ed144c92a0fe672ddb0494fa158e30048af185c35e9f0079ca7345ba61d233ba6b9b851df932a5dd459b68d3ff4d08d3a46125acb16158105885f3e5008661b1c70ceb430b847e533e3f9d36d8517e80db71e7c44f759e6cc6a65", 0x103, 0x24048091, &(0x7f0000000540)={0x2, 0x4ea7, @multicast1}, 0x10)
r6 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r6)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r7 = inotify_init1(0x0)
fcntl$setown(r7, 0x8, r0)
fcntl$getownex(r7, 0x10, &(0x7f0000000140)={0x0, <r8=>0x0})
r9 = syz_open_procfs$pagemap(r8, &(0x7f0000000580))
ioctl$PAGEMAP_SCAN(r9, 0xc0606610, &(0x7f0000000200)={0x60, 0x0, &(0x7f0000245000/0x2000)=nil, &(0x7f00004c7000/0x1000)=nil, 0x0, 0x0, 0x0, 0x1bb, 0x0, 0x0, 0x6a, 0x55})

program crashed: BUG: unable to handle kernel paging request in do_pagemap_cmd
testing program (duration=42.766832175s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_emit_vhci-tgkill-syz_clone-socket$nl_generic-syz_genetlink_get_family_id$nl80211-sendmsg$NL80211_CMD_SET_TID_CONFIG-socket$nl_xfrm-sendmsg$nl_xfrm-prctl$PR_SET_TAGGED_ADDR_CTRL-syz_mount_image$ext4-socket$inet_udp-ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL-ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL-socket$inet_mptcp-setsockopt$inet_tcp_int-syz_open_procfs-fchdir-mount-inotify_init1-fcntl$setown-fcntl$getownex-syz_open_procfs$pagemap-ioctl$PAGEMAP_SCAN
detailed listing:
executing program 0:
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="043e110b07"], 0xfc)
tgkill(0x0, 0x0, 0xf)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000800), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r2, @ANYBLOB="000200000000000061711110000008000300", @ANYRES32=0x0, @ANYBLOB="04001d80"], 0x20}, 0x1, 0x0, 0x0, 0x4040}, 0x4008081)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYBLOB="c400000019000100000000000000000000000000000000000000000000000000fc00000000000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000d480b92514d5e8000000000000000000000000000000000000000000000000004000000000000000000000000c0008ff6689d0f18d21984bae27349b3170062f340e28c0e2184fbc39bff232fc7ea117c714471ce62fa2a445dfbbe6d535e5ca5ced13b20ea2af43ae31881f67cda9267061dca64186e4c229ca6456f25343923f058fd7bb990eb661a642fa08fb00"/216], 0xc4}}, 0x0)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000080), 0x1, 0x478, &(0x7f0000000dc0)="$eJzs3c9vFFUcAPDvTH/w21ZEEQSsopH4o6Xlhxy8aDTxoImJHjCealsIslBDSyKEaPWAR0Pi3Xg08S/wpBejnky8arwaEmK4gCYma2Z3Bpb9ZVu3TMN+PsnAe/Pe7nvfmXm7b2Z2uwH0rbHsnyRia0T8GhEj9eydFcbq/928fmnmr+uXZpKoVt/8M6nVu3H90kxRtXjclnqmWs3zG9q0e/mdiOlKZe5cnp9YPPP+xMKFi8+dOjN9cu7k3NmpY8cOH9o7fHTqyCqiSlrWZHHd2P3h/J5dr7595fWZ41fe/fHrrNbWvLwxjl4Zq2/dtp7sdWMl29aQTgZL7Agr8k9EZLtrqDb+R2IgNt0qG4lXPim1c8Caqlar1Xbvz7mlKnAPS6LsHgDlKN7os/PfYrlLU4914dqL9ROgLO6b+VIvGYw0Ijbm50bb1qj9sYg4vvT3F9kSa3QdAgCg0bfZ/OfZdvO/NB5qqHdffg9lNCLuj4jtEfFAROyIiAcjanV3RsTDK2y/+Q5J6/wnvbqqwJYpm/+9kN/bunP+lxZVRgfy3LZa/EPJiVOVuYP5NjkQQxuy/GSXNr57+ZfPOpU1zv+yJWu/mAvm/bg62HSBbnZ6cfr/xNzo2scRuwfbxZ9EcRsniYhdEbF7lW2cevqrPZ3KmuLPNnNT/F304D5T9cuIp+r7fyma4i8kHe9PTj5/dOrIxMaozB2cKI6KVj/9fPmN1rX15//v/b+2sv2/ue3xX+/fUMRosjFi4cLF07X7tQsrb+Pyb592PKdZ7fE/nLxVSw/n6z6YXlw8NxkxnLzWun7q9mOLfFE/i//A/vbjf3vc3hKPRER2EO+NiH0R8Wje98ci4vGI2N8pwN93xg8vPfHeyuPvclW+h7L4Z7vs/+wlL0vd3v/NB8JSm6I7EwOnv/+mU/vL2/+Ha6kD+ZrlvP516U67IAAAAOCeltY+A5+k47fSaTo+Xv8M/47YnFbmFxafOTF//uxs/bPyozGUFle6Rhquh07m14aL/FRT/lB+3fjzgU21/PjMfGW27OChz23pMP4zfwyU3Ttgzfm+FvQv4x/6l/EP/cv4h/5l/EP/ajf+PyqhH8DdVxv/adm9AMpQG//n95XdDaAEzv+hfxn/0Jc6fjc+7Vwk0dPEpsh/CmGd9GeZiUjXRTfWWyKWInr3hHHh4unBZf8xi9Ulkmhb1P11o/UXNgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANanfwMAAP//0JjdTg==")
r4 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r4, 0x89f1, &(0x7f0000000440)={'sit0\x00', &(0x7f0000000400)={'syztnl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @broadcast}}}})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r4, 0x89f3, &(0x7f0000000940)={'syztnl0\x00', &(0x7f0000000140)={'ip_vti0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @loopback}}}})
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_int(r5, 0x6, 0x22, &(0x7f0000000000)=0x1, 0xfefb)
r6 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r6)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r7 = inotify_init1(0x0)
fcntl$setown(r7, 0x8, r0)
fcntl$getownex(r7, 0x10, &(0x7f0000000140)={0x0, <r8=>0x0})
r9 = syz_open_procfs$pagemap(r8, &(0x7f0000000580))
ioctl$PAGEMAP_SCAN(r9, 0xc0606610, &(0x7f0000000200)={0x60, 0x0, &(0x7f0000245000/0x2000)=nil, &(0x7f00004c7000/0x1000)=nil, 0x0, 0x0, 0x0, 0x1bb, 0x0, 0x0, 0x6a, 0x55})

program crashed: BUG: unable to handle kernel paging request in do_pagemap_cmd
testing program (duration=42.766832175s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_emit_vhci-tgkill-syz_clone-socket$nl_generic-syz_genetlink_get_family_id$nl80211-sendmsg$NL80211_CMD_SET_TID_CONFIG-socket$nl_xfrm-sendmsg$nl_xfrm-prctl$PR_SET_TAGGED_ADDR_CTRL-syz_mount_image$ext4-socket$inet_udp-ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL-ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL-socket$inet_mptcp-syz_open_procfs-fchdir-mount-inotify_init1-fcntl$setown-fcntl$getownex-syz_open_procfs$pagemap-ioctl$PAGEMAP_SCAN
detailed listing:
executing program 0:
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="043e110b07"], 0xfc)
tgkill(0x0, 0x0, 0xf)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000800), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r2, @ANYBLOB="000200000000000061711110000008000300", @ANYRES32=0x0, @ANYBLOB="04001d80"], 0x20}, 0x1, 0x0, 0x0, 0x4040}, 0x4008081)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYBLOB="c400000019000100000000000000000000000000000000000000000000000000fc00000000000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000d480b92514d5e8000000000000000000000000000000000000000000000000004000000000000000000000000c0008ff6689d0f18d21984bae27349b3170062f340e28c0e2184fbc39bff232fc7ea117c714471ce62fa2a445dfbbe6d535e5ca5ced13b20ea2af43ae31881f67cda9267061dca64186e4c229ca6456f25343923f058fd7bb990eb661a642fa08fb00"/216], 0xc4}}, 0x0)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000080), 0x1, 0x478, &(0x7f0000000dc0)="$eJzs3c9vFFUcAPDvTH/w21ZEEQSsopH4o6Xlhxy8aDTxoImJHjCealsIslBDSyKEaPWAR0Pi3Xg08S/wpBejnky8arwaEmK4gCYma2Z3Bpb9ZVu3TMN+PsnAe/Pe7nvfmXm7b2Z2uwH0rbHsnyRia0T8GhEj9eydFcbq/928fmnmr+uXZpKoVt/8M6nVu3H90kxRtXjclnqmWs3zG9q0e/mdiOlKZe5cnp9YPPP+xMKFi8+dOjN9cu7k3NmpY8cOH9o7fHTqyCqiSlrWZHHd2P3h/J5dr7595fWZ41fe/fHrrNbWvLwxjl4Zq2/dtp7sdWMl29aQTgZL7Agr8k9EZLtrqDb+R2IgNt0qG4lXPim1c8Caqlar1Xbvz7mlKnAPS6LsHgDlKN7os/PfYrlLU4914dqL9ROgLO6b+VIvGYw0Ijbm50bb1qj9sYg4vvT3F9kSa3QdAgCg0bfZ/OfZdvO/NB5qqHdffg9lNCLuj4jtEfFAROyIiAcjanV3RsTDK2y/+Q5J6/wnvbqqwJYpm/+9kN/bunP+lxZVRgfy3LZa/EPJiVOVuYP5NjkQQxuy/GSXNr57+ZfPOpU1zv+yJWu/mAvm/bg62HSBbnZ6cfr/xNzo2scRuwfbxZ9EcRsniYhdEbF7lW2cevqrPZ3KmuLPNnNT/F304D5T9cuIp+r7fyma4i8kHe9PTj5/dOrIxMaozB2cKI6KVj/9fPmN1rX15//v/b+2sv2/ue3xX+/fUMRosjFi4cLF07X7tQsrb+Pyb592PKdZ7fE/nLxVSw/n6z6YXlw8NxkxnLzWun7q9mOLfFE/i//A/vbjf3vc3hKPRER2EO+NiH0R8Wje98ci4vGI2N8pwN93xg8vPfHeyuPvclW+h7L4Z7vs/+wlL0vd3v/NB8JSm6I7EwOnv/+mU/vL2/+Ha6kD+ZrlvP516U67IAAAAOCeltY+A5+k47fSaTo+Xv8M/47YnFbmFxafOTF//uxs/bPyozGUFle6Rhquh07m14aL/FRT/lB+3fjzgU21/PjMfGW27OChz23pMP4zfwyU3Ttgzfm+FvQv4x/6l/EP/cv4h/5l/EP/ajf+PyqhH8DdVxv/adm9AMpQG//n95XdDaAEzv+hfxn/0Jc6fjc+7Vwk0dPEpsh/CmGd9GeZiUjXRTfWWyKWInr3hHHh4unBZf8xi9Ulkmhb1P11o/UXNgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANanfwMAAP//0JjdTg==")
r4 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r4, 0x89f1, &(0x7f0000000440)={'sit0\x00', &(0x7f0000000400)={'syztnl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @broadcast}}}})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r4, 0x89f3, &(0x7f0000000940)={'syztnl0\x00', &(0x7f0000000140)={'ip_vti0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @loopback}}}})
socket$inet_mptcp(0x2, 0x1, 0x106)
r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r5)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r6 = inotify_init1(0x0)
fcntl$setown(r6, 0x8, r0)
fcntl$getownex(r6, 0x10, &(0x7f0000000140)={0x0, <r7=>0x0})
r8 = syz_open_procfs$pagemap(r7, &(0x7f0000000580))
ioctl$PAGEMAP_SCAN(r8, 0xc0606610, &(0x7f0000000200)={0x60, 0x0, &(0x7f0000245000/0x2000)=nil, &(0x7f00004c7000/0x1000)=nil, 0x0, 0x0, 0x0, 0x1bb, 0x0, 0x0, 0x6a, 0x55})

program crashed: BUG: unable to handle kernel paging request in do_pagemap_cmd
testing program (duration=42.766832175s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_emit_vhci-tgkill-syz_clone-socket$nl_generic-syz_genetlink_get_family_id$nl80211-sendmsg$NL80211_CMD_SET_TID_CONFIG-socket$nl_xfrm-sendmsg$nl_xfrm-prctl$PR_SET_TAGGED_ADDR_CTRL-syz_mount_image$ext4-socket$inet_udp-ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL-ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL-syz_open_procfs-fchdir-mount-inotify_init1-fcntl$setown-fcntl$getownex-syz_open_procfs$pagemap-ioctl$PAGEMAP_SCAN
detailed listing:
executing program 0:
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="043e110b07"], 0xfc)
tgkill(0x0, 0x0, 0xf)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000800), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r2, @ANYBLOB="000200000000000061711110000008000300", @ANYRES32=0x0, @ANYBLOB="04001d80"], 0x20}, 0x1, 0x0, 0x0, 0x4040}, 0x4008081)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYBLOB="c400000019000100000000000000000000000000000000000000000000000000fc00000000000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000d480b92514d5e8000000000000000000000000000000000000000000000000004000000000000000000000000c0008ff6689d0f18d21984bae27349b3170062f340e28c0e2184fbc39bff232fc7ea117c714471ce62fa2a445dfbbe6d535e5ca5ced13b20ea2af43ae31881f67cda9267061dca64186e4c229ca6456f25343923f058fd7bb990eb661a642fa08fb00"/216], 0xc4}}, 0x0)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000080), 0x1, 0x478, &(0x7f0000000dc0)="$eJzs3c9vFFUcAPDvTH/w21ZEEQSsopH4o6Xlhxy8aDTxoImJHjCealsIslBDSyKEaPWAR0Pi3Xg08S/wpBejnky8arwaEmK4gCYma2Z3Bpb9ZVu3TMN+PsnAe/Pe7nvfmXm7b2Z2uwH0rbHsnyRia0T8GhEj9eydFcbq/928fmnmr+uXZpKoVt/8M6nVu3H90kxRtXjclnqmWs3zG9q0e/mdiOlKZe5cnp9YPPP+xMKFi8+dOjN9cu7k3NmpY8cOH9o7fHTqyCqiSlrWZHHd2P3h/J5dr7595fWZ41fe/fHrrNbWvLwxjl4Zq2/dtp7sdWMl29aQTgZL7Agr8k9EZLtrqDb+R2IgNt0qG4lXPim1c8Caqlar1Xbvz7mlKnAPS6LsHgDlKN7os/PfYrlLU4914dqL9ROgLO6b+VIvGYw0Ijbm50bb1qj9sYg4vvT3F9kSa3QdAgCg0bfZ/OfZdvO/NB5qqHdffg9lNCLuj4jtEfFAROyIiAcjanV3RsTDK2y/+Q5J6/wnvbqqwJYpm/+9kN/bunP+lxZVRgfy3LZa/EPJiVOVuYP5NjkQQxuy/GSXNr57+ZfPOpU1zv+yJWu/mAvm/bg62HSBbnZ6cfr/xNzo2scRuwfbxZ9EcRsniYhdEbF7lW2cevqrPZ3KmuLPNnNT/F304D5T9cuIp+r7fyma4i8kHe9PTj5/dOrIxMaozB2cKI6KVj/9fPmN1rX15//v/b+2sv2/ue3xX+/fUMRosjFi4cLF07X7tQsrb+Pyb592PKdZ7fE/nLxVSw/n6z6YXlw8NxkxnLzWun7q9mOLfFE/i//A/vbjf3vc3hKPRER2EO+NiH0R8Wje98ci4vGI2N8pwN93xg8vPfHeyuPvclW+h7L4Z7vs/+wlL0vd3v/NB8JSm6I7EwOnv/+mU/vL2/+Ha6kD+ZrlvP516U67IAAAAOCeltY+A5+k47fSaTo+Xv8M/47YnFbmFxafOTF//uxs/bPyozGUFle6Rhquh07m14aL/FRT/lB+3fjzgU21/PjMfGW27OChz23pMP4zfwyU3Ttgzfm+FvQv4x/6l/EP/cv4h/5l/EP/ajf+PyqhH8DdVxv/adm9AMpQG//n95XdDaAEzv+hfxn/0Jc6fjc+7Vwk0dPEpsh/CmGd9GeZiUjXRTfWWyKWInr3hHHh4unBZf8xi9Ulkmhb1P11o/UXNgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANanfwMAAP//0JjdTg==")
r4 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r4, 0x89f1, &(0x7f0000000440)={'sit0\x00', &(0x7f0000000400)={'syztnl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @broadcast}}}})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r4, 0x89f3, &(0x7f0000000940)={'syztnl0\x00', &(0x7f0000000140)={'ip_vti0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @loopback}}}})
r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r5)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r6 = inotify_init1(0x0)
fcntl$setown(r6, 0x8, r0)
fcntl$getownex(r6, 0x10, &(0x7f0000000140)={0x0, <r7=>0x0})
r8 = syz_open_procfs$pagemap(r7, &(0x7f0000000580))
ioctl$PAGEMAP_SCAN(r8, 0xc0606610, &(0x7f0000000200)={0x60, 0x0, &(0x7f0000245000/0x2000)=nil, &(0x7f00004c7000/0x1000)=nil, 0x0, 0x0, 0x0, 0x1bb, 0x0, 0x0, 0x6a, 0x55})

program crashed: BUG: unable to handle kernel paging request in do_pagemap_cmd
testing program (duration=42.766832175s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_emit_vhci-tgkill-syz_clone-socket$nl_generic-syz_genetlink_get_family_id$nl80211-sendmsg$NL80211_CMD_SET_TID_CONFIG-socket$nl_xfrm-sendmsg$nl_xfrm-prctl$PR_SET_TAGGED_ADDR_CTRL-syz_mount_image$ext4-socket$inet_udp-ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL-syz_open_procfs-fchdir-mount-inotify_init1-fcntl$setown-fcntl$getownex-syz_open_procfs$pagemap-ioctl$PAGEMAP_SCAN
detailed listing:
executing program 0:
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="043e110b07"], 0xfc)
tgkill(0x0, 0x0, 0xf)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000800), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r2, @ANYBLOB="000200000000000061711110000008000300", @ANYRES32=0x0, @ANYBLOB="04001d80"], 0x20}, 0x1, 0x0, 0x0, 0x4040}, 0x4008081)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYBLOB="c400000019000100000000000000000000000000000000000000000000000000fc00000000000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000d480b92514d5e8000000000000000000000000000000000000000000000000004000000000000000000000000c0008ff6689d0f18d21984bae27349b3170062f340e28c0e2184fbc39bff232fc7ea117c714471ce62fa2a445dfbbe6d535e5ca5ced13b20ea2af43ae31881f67cda9267061dca64186e4c229ca6456f25343923f058fd7bb990eb661a642fa08fb00"/216], 0xc4}}, 0x0)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000080), 0x1, 0x478, &(0x7f0000000dc0)="$eJzs3c9vFFUcAPDvTH/w21ZEEQSsopH4o6Xlhxy8aDTxoImJHjCealsIslBDSyKEaPWAR0Pi3Xg08S/wpBejnky8arwaEmK4gCYma2Z3Bpb9ZVu3TMN+PsnAe/Pe7nvfmXm7b2Z2uwH0rbHsnyRia0T8GhEj9eydFcbq/928fmnmr+uXZpKoVt/8M6nVu3H90kxRtXjclnqmWs3zG9q0e/mdiOlKZe5cnp9YPPP+xMKFi8+dOjN9cu7k3NmpY8cOH9o7fHTqyCqiSlrWZHHd2P3h/J5dr7595fWZ41fe/fHrrNbWvLwxjl4Zq2/dtp7sdWMl29aQTgZL7Agr8k9EZLtrqDb+R2IgNt0qG4lXPim1c8Caqlar1Xbvz7mlKnAPS6LsHgDlKN7os/PfYrlLU4914dqL9ROgLO6b+VIvGYw0Ijbm50bb1qj9sYg4vvT3F9kSa3QdAgCg0bfZ/OfZdvO/NB5qqHdffg9lNCLuj4jtEfFAROyIiAcjanV3RsTDK2y/+Q5J6/wnvbqqwJYpm/+9kN/bunP+lxZVRgfy3LZa/EPJiVOVuYP5NjkQQxuy/GSXNr57+ZfPOpU1zv+yJWu/mAvm/bg62HSBbnZ6cfr/xNzo2scRuwfbxZ9EcRsniYhdEbF7lW2cevqrPZ3KmuLPNnNT/F304D5T9cuIp+r7fyma4i8kHe9PTj5/dOrIxMaozB2cKI6KVj/9fPmN1rX15//v/b+2sv2/ue3xX+/fUMRosjFi4cLF07X7tQsrb+Pyb592PKdZ7fE/nLxVSw/n6z6YXlw8NxkxnLzWun7q9mOLfFE/i//A/vbjf3vc3hKPRER2EO+NiH0R8Wje98ci4vGI2N8pwN93xg8vPfHeyuPvclW+h7L4Z7vs/+wlL0vd3v/NB8JSm6I7EwOnv/+mU/vL2/+Ha6kD+ZrlvP516U67IAAAAOCeltY+A5+k47fSaTo+Xv8M/47YnFbmFxafOTF//uxs/bPyozGUFle6Rhquh07m14aL/FRT/lB+3fjzgU21/PjMfGW27OChz23pMP4zfwyU3Ttgzfm+FvQv4x/6l/EP/cv4h/5l/EP/ajf+PyqhH8DdVxv/adm9AMpQG//n95XdDaAEzv+hfxn/0Jc6fjc+7Vwk0dPEpsh/CmGd9GeZiUjXRTfWWyKWInr3hHHh4unBZf8xi9Ulkmhb1P11o/UXNgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANanfwMAAP//0JjdTg==")
r4 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r4, 0x89f1, &(0x7f0000000440)={'sit0\x00', &(0x7f0000000400)={'syztnl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @broadcast}}}})
r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r5)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r6 = inotify_init1(0x0)
fcntl$setown(r6, 0x8, r0)
fcntl$getownex(r6, 0x10, &(0x7f0000000140)={0x0, <r7=>0x0})
r8 = syz_open_procfs$pagemap(r7, &(0x7f0000000580))
ioctl$PAGEMAP_SCAN(r8, 0xc0606610, &(0x7f0000000200)={0x60, 0x0, &(0x7f0000245000/0x2000)=nil, &(0x7f00004c7000/0x1000)=nil, 0x0, 0x0, 0x0, 0x1bb, 0x0, 0x0, 0x6a, 0x55})

program crashed: BUG: unable to handle kernel paging request in do_pagemap_cmd
testing program (duration=42.766832175s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_emit_vhci-tgkill-syz_clone-socket$nl_generic-syz_genetlink_get_family_id$nl80211-sendmsg$NL80211_CMD_SET_TID_CONFIG-socket$nl_xfrm-sendmsg$nl_xfrm-prctl$PR_SET_TAGGED_ADDR_CTRL-syz_mount_image$ext4-socket$inet_udp-syz_open_procfs-fchdir-mount-inotify_init1-fcntl$setown-fcntl$getownex-syz_open_procfs$pagemap-ioctl$PAGEMAP_SCAN
detailed listing:
executing program 0:
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="043e110b07"], 0xfc)
tgkill(0x0, 0x0, 0xf)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000800), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r2, @ANYBLOB="000200000000000061711110000008000300", @ANYRES32=0x0, @ANYBLOB="04001d80"], 0x20}, 0x1, 0x0, 0x0, 0x4040}, 0x4008081)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYBLOB="c400000019000100000000000000000000000000000000000000000000000000fc00000000000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000d480b92514d5e8000000000000000000000000000000000000000000000000004000000000000000000000000c0008ff6689d0f18d21984bae27349b3170062f340e28c0e2184fbc39bff232fc7ea117c714471ce62fa2a445dfbbe6d535e5ca5ced13b20ea2af43ae31881f67cda9267061dca64186e4c229ca6456f25343923f058fd7bb990eb661a642fa08fb00"/216], 0xc4}}, 0x0)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000080), 0x1, 0x478, &(0x7f0000000dc0)="$eJzs3c9vFFUcAPDvTH/w21ZEEQSsopH4o6Xlhxy8aDTxoImJHjCealsIslBDSyKEaPWAR0Pi3Xg08S/wpBejnky8arwaEmK4gCYma2Z3Bpb9ZVu3TMN+PsnAe/Pe7nvfmXm7b2Z2uwH0rbHsnyRia0T8GhEj9eydFcbq/928fmnmr+uXZpKoVt/8M6nVu3H90kxRtXjclnqmWs3zG9q0e/mdiOlKZe5cnp9YPPP+xMKFi8+dOjN9cu7k3NmpY8cOH9o7fHTqyCqiSlrWZHHd2P3h/J5dr7595fWZ41fe/fHrrNbWvLwxjl4Zq2/dtp7sdWMl29aQTgZL7Agr8k9EZLtrqDb+R2IgNt0qG4lXPim1c8Caqlar1Xbvz7mlKnAPS6LsHgDlKN7os/PfYrlLU4914dqL9ROgLO6b+VIvGYw0Ijbm50bb1qj9sYg4vvT3F9kSa3QdAgCg0bfZ/OfZdvO/NB5qqHdffg9lNCLuj4jtEfFAROyIiAcjanV3RsTDK2y/+Q5J6/wnvbqqwJYpm/+9kN/bunP+lxZVRgfy3LZa/EPJiVOVuYP5NjkQQxuy/GSXNr57+ZfPOpU1zv+yJWu/mAvm/bg62HSBbnZ6cfr/xNzo2scRuwfbxZ9EcRsniYhdEbF7lW2cevqrPZ3KmuLPNnNT/F304D5T9cuIp+r7fyma4i8kHe9PTj5/dOrIxMaozB2cKI6KVj/9fPmN1rX15//v/b+2sv2/ue3xX+/fUMRosjFi4cLF07X7tQsrb+Pyb592PKdZ7fE/nLxVSw/n6z6YXlw8NxkxnLzWun7q9mOLfFE/i//A/vbjf3vc3hKPRER2EO+NiH0R8Wje98ci4vGI2N8pwN93xg8vPfHeyuPvclW+h7L4Z7vs/+wlL0vd3v/NB8JSm6I7EwOnv/+mU/vL2/+Ha6kD+ZrlvP516U67IAAAAOCeltY+A5+k47fSaTo+Xv8M/47YnFbmFxafOTF//uxs/bPyozGUFle6Rhquh07m14aL/FRT/lB+3fjzgU21/PjMfGW27OChz23pMP4zfwyU3Ttgzfm+FvQv4x/6l/EP/cv4h/5l/EP/ajf+PyqhH8DdVxv/adm9AMpQG//n95XdDaAEzv+hfxn/0Jc6fjc+7Vwk0dPEpsh/CmGd9GeZiUjXRTfWWyKWInr3hHHh4unBZf8xi9Ulkmhb1P11o/UXNgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANanfwMAAP//0JjdTg==")
socket$inet_udp(0x2, 0x2, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r4)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r5 = inotify_init1(0x0)
fcntl$setown(r5, 0x8, r0)
fcntl$getownex(r5, 0x10, &(0x7f0000000140)={0x0, <r6=>0x0})
r7 = syz_open_procfs$pagemap(r6, &(0x7f0000000580))
ioctl$PAGEMAP_SCAN(r7, 0xc0606610, &(0x7f0000000200)={0x60, 0x0, &(0x7f0000245000/0x2000)=nil, &(0x7f00004c7000/0x1000)=nil, 0x0, 0x0, 0x0, 0x1bb, 0x0, 0x0, 0x6a, 0x55})

program crashed: BUG: unable to handle kernel paging request in do_pagemap_cmd
testing program (duration=42.766832175s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_emit_vhci-tgkill-syz_clone-socket$nl_generic-syz_genetlink_get_family_id$nl80211-sendmsg$NL80211_CMD_SET_TID_CONFIG-socket$nl_xfrm-sendmsg$nl_xfrm-prctl$PR_SET_TAGGED_ADDR_CTRL-syz_mount_image$ext4-syz_open_procfs-fchdir-mount-inotify_init1-fcntl$setown-fcntl$getownex-syz_open_procfs$pagemap-ioctl$PAGEMAP_SCAN
detailed listing:
executing program 0:
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="043e110b07"], 0xfc)
tgkill(0x0, 0x0, 0xf)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000800), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r2, @ANYBLOB="000200000000000061711110000008000300", @ANYRES32=0x0, @ANYBLOB="04001d80"], 0x20}, 0x1, 0x0, 0x0, 0x4040}, 0x4008081)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYBLOB="c400000019000100000000000000000000000000000000000000000000000000fc00000000000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000d480b92514d5e8000000000000000000000000000000000000000000000000004000000000000000000000000c0008ff6689d0f18d21984bae27349b3170062f340e28c0e2184fbc39bff232fc7ea117c714471ce62fa2a445dfbbe6d535e5ca5ced13b20ea2af43ae31881f67cda9267061dca64186e4c229ca6456f25343923f058fd7bb990eb661a642fa08fb00"/216], 0xc4}}, 0x0)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000080), 0x1, 0x478, &(0x7f0000000dc0)="$eJzs3c9vFFUcAPDvTH/w21ZEEQSsopH4o6Xlhxy8aDTxoImJHjCealsIslBDSyKEaPWAR0Pi3Xg08S/wpBejnky8arwaEmK4gCYma2Z3Bpb9ZVu3TMN+PsnAe/Pe7nvfmXm7b2Z2uwH0rbHsnyRia0T8GhEj9eydFcbq/928fmnmr+uXZpKoVt/8M6nVu3H90kxRtXjclnqmWs3zG9q0e/mdiOlKZe5cnp9YPPP+xMKFi8+dOjN9cu7k3NmpY8cOH9o7fHTqyCqiSlrWZHHd2P3h/J5dr7595fWZ41fe/fHrrNbWvLwxjl4Zq2/dtp7sdWMl29aQTgZL7Agr8k9EZLtrqDb+R2IgNt0qG4lXPim1c8Caqlar1Xbvz7mlKnAPS6LsHgDlKN7os/PfYrlLU4914dqL9ROgLO6b+VIvGYw0Ijbm50bb1qj9sYg4vvT3F9kSa3QdAgCg0bfZ/OfZdvO/NB5qqHdffg9lNCLuj4jtEfFAROyIiAcjanV3RsTDK2y/+Q5J6/wnvbqqwJYpm/+9kN/bunP+lxZVRgfy3LZa/EPJiVOVuYP5NjkQQxuy/GSXNr57+ZfPOpU1zv+yJWu/mAvm/bg62HSBbnZ6cfr/xNzo2scRuwfbxZ9EcRsniYhdEbF7lW2cevqrPZ3KmuLPNnNT/F304D5T9cuIp+r7fyma4i8kHe9PTj5/dOrIxMaozB2cKI6KVj/9fPmN1rX15//v/b+2sv2/ue3xX+/fUMRosjFi4cLF07X7tQsrb+Pyb592PKdZ7fE/nLxVSw/n6z6YXlw8NxkxnLzWun7q9mOLfFE/i//A/vbjf3vc3hKPRER2EO+NiH0R8Wje98ci4vGI2N8pwN93xg8vPfHeyuPvclW+h7L4Z7vs/+wlL0vd3v/NB8JSm6I7EwOnv/+mU/vL2/+Ha6kD+ZrlvP516U67IAAAAOCeltY+A5+k47fSaTo+Xv8M/47YnFbmFxafOTF//uxs/bPyozGUFle6Rhquh07m14aL/FRT/lB+3fjzgU21/PjMfGW27OChz23pMP4zfwyU3Ttgzfm+FvQv4x/6l/EP/cv4h/5l/EP/ajf+PyqhH8DdVxv/adm9AMpQG//n95XdDaAEzv+hfxn/0Jc6fjc+7Vwk0dPEpsh/CmGd9GeZiUjXRTfWWyKWInr3hHHh4unBZf8xi9Ulkmhb1P11o/UXNgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANanfwMAAP//0JjdTg==")
r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r4)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r5 = inotify_init1(0x0)
fcntl$setown(r5, 0x8, r0)
fcntl$getownex(r5, 0x10, &(0x7f0000000140)={0x0, <r6=>0x0})
r7 = syz_open_procfs$pagemap(r6, &(0x7f0000000580))
ioctl$PAGEMAP_SCAN(r7, 0xc0606610, &(0x7f0000000200)={0x60, 0x0, &(0x7f0000245000/0x2000)=nil, &(0x7f00004c7000/0x1000)=nil, 0x0, 0x0, 0x0, 0x1bb, 0x0, 0x0, 0x6a, 0x55})

program crashed: BUG: unable to handle kernel paging request in do_pagemap_cmd
testing program (duration=42.766832175s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_emit_vhci-tgkill-syz_clone-socket$nl_generic-syz_genetlink_get_family_id$nl80211-sendmsg$NL80211_CMD_SET_TID_CONFIG-socket$nl_xfrm-sendmsg$nl_xfrm-prctl$PR_SET_TAGGED_ADDR_CTRL-syz_open_procfs-fchdir-mount-inotify_init1-fcntl$setown-fcntl$getownex-syz_open_procfs$pagemap-ioctl$PAGEMAP_SCAN
detailed listing:
executing program 0:
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="043e110b07"], 0xfc)
tgkill(0x0, 0x0, 0xf)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000800), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r2, @ANYBLOB="000200000000000061711110000008000300", @ANYRES32=0x0, @ANYBLOB="04001d80"], 0x20}, 0x1, 0x0, 0x0, 0x4040}, 0x4008081)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYBLOB="c400000019000100000000000000000000000000000000000000000000000000fc00000000000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000d480b92514d5e8000000000000000000000000000000000000000000000000004000000000000000000000000c0008ff6689d0f18d21984bae27349b3170062f340e28c0e2184fbc39bff232fc7ea117c714471ce62fa2a445dfbbe6d535e5ca5ced13b20ea2af43ae31881f67cda9267061dca64186e4c229ca6456f25343923f058fd7bb990eb661a642fa08fb00"/216], 0xc4}}, 0x0)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r4)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r5 = inotify_init1(0x0)
fcntl$setown(r5, 0x8, r0)
fcntl$getownex(r5, 0x10, &(0x7f0000000140)={0x0, <r6=>0x0})
r7 = syz_open_procfs$pagemap(r6, &(0x7f0000000580))
ioctl$PAGEMAP_SCAN(r7, 0xc0606610, &(0x7f0000000200)={0x60, 0x0, &(0x7f0000245000/0x2000)=nil, &(0x7f00004c7000/0x1000)=nil, 0x0, 0x0, 0x0, 0x1bb, 0x0, 0x0, 0x6a, 0x55})

program did not crash
testing program (duration=42.766832175s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_emit_vhci-tgkill-syz_clone-socket$nl_generic-syz_genetlink_get_family_id$nl80211-sendmsg$NL80211_CMD_SET_TID_CONFIG-socket$nl_xfrm-sendmsg$nl_xfrm-syz_mount_image$ext4-syz_open_procfs-fchdir-mount-inotify_init1-fcntl$setown-fcntl$getownex-syz_open_procfs$pagemap-ioctl$PAGEMAP_SCAN
detailed listing:
executing program 0:
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="043e110b07"], 0xfc)
tgkill(0x0, 0x0, 0xf)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000800), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r2, @ANYBLOB="000200000000000061711110000008000300", @ANYRES32=0x0, @ANYBLOB="04001d80"], 0x20}, 0x1, 0x0, 0x0, 0x4040}, 0x4008081)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYBLOB="c400000019000100000000000000000000000000000000000000000000000000fc00000000000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000d480b92514d5e8000000000000000000000000000000000000000000000000004000000000000000000000000c0008ff6689d0f18d21984bae27349b3170062f340e28c0e2184fbc39bff232fc7ea117c714471ce62fa2a445dfbbe6d535e5ca5ced13b20ea2af43ae31881f67cda9267061dca64186e4c229ca6456f25343923f058fd7bb990eb661a642fa08fb00"/216], 0xc4}}, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000080), 0x1, 0x478, &(0x7f0000000dc0)="$eJzs3c9vFFUcAPDvTH/w21ZEEQSsopH4o6Xlhxy8aDTxoImJHjCealsIslBDSyKEaPWAR0Pi3Xg08S/wpBejnky8arwaEmK4gCYma2Z3Bpb9ZVu3TMN+PsnAe/Pe7nvfmXm7b2Z2uwH0rbHsnyRia0T8GhEj9eydFcbq/928fmnmr+uXZpKoVt/8M6nVu3H90kxRtXjclnqmWs3zG9q0e/mdiOlKZe5cnp9YPPP+xMKFi8+dOjN9cu7k3NmpY8cOH9o7fHTqyCqiSlrWZHHd2P3h/J5dr7595fWZ41fe/fHrrNbWvLwxjl4Zq2/dtp7sdWMl29aQTgZL7Agr8k9EZLtrqDb+R2IgNt0qG4lXPim1c8Caqlar1Xbvz7mlKnAPS6LsHgDlKN7os/PfYrlLU4914dqL9ROgLO6b+VIvGYw0Ijbm50bb1qj9sYg4vvT3F9kSa3QdAgCg0bfZ/OfZdvO/NB5qqHdffg9lNCLuj4jtEfFAROyIiAcjanV3RsTDK2y/+Q5J6/wnvbqqwJYpm/+9kN/bunP+lxZVRgfy3LZa/EPJiVOVuYP5NjkQQxuy/GSXNr57+ZfPOpU1zv+yJWu/mAvm/bg62HSBbnZ6cfr/xNzo2scRuwfbxZ9EcRsniYhdEbF7lW2cevqrPZ3KmuLPNnNT/F304D5T9cuIp+r7fyma4i8kHe9PTj5/dOrIxMaozB2cKI6KVj/9fPmN1rX15//v/b+2sv2/ue3xX+/fUMRosjFi4cLF07X7tQsrb+Pyb592PKdZ7fE/nLxVSw/n6z6YXlw8NxkxnLzWun7q9mOLfFE/i//A/vbjf3vc3hKPRER2EO+NiH0R8Wje98ci4vGI2N8pwN93xg8vPfHeyuPvclW+h7L4Z7vs/+wlL0vd3v/NB8JSm6I7EwOnv/+mU/vL2/+Ha6kD+ZrlvP516U67IAAAAOCeltY+A5+k47fSaTo+Xv8M/47YnFbmFxafOTF//uxs/bPyozGUFle6Rhquh07m14aL/FRT/lB+3fjzgU21/PjMfGW27OChz23pMP4zfwyU3Ttgzfm+FvQv4x/6l/EP/cv4h/5l/EP/ajf+PyqhH8DdVxv/adm9AMpQG//n95XdDaAEzv+hfxn/0Jc6fjc+7Vwk0dPEpsh/CmGd9GeZiUjXRTfWWyKWInr3hHHh4unBZf8xi9Ulkmhb1P11o/UXNgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANanfwMAAP//0JjdTg==")
r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r4)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r5 = inotify_init1(0x0)
fcntl$setown(r5, 0x8, r0)
fcntl$getownex(r5, 0x10, &(0x7f0000000140)={0x0, <r6=>0x0})
r7 = syz_open_procfs$pagemap(r6, &(0x7f0000000580))
ioctl$PAGEMAP_SCAN(r7, 0xc0606610, &(0x7f0000000200)={0x60, 0x0, &(0x7f0000245000/0x2000)=nil, &(0x7f00004c7000/0x1000)=nil, 0x0, 0x0, 0x0, 0x1bb, 0x0, 0x0, 0x6a, 0x55})

program crashed: BUG: unable to handle kernel paging request in do_pagemap_cmd
testing program (duration=42.766832175s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_emit_vhci-tgkill-syz_clone-socket$nl_generic-syz_genetlink_get_family_id$nl80211-sendmsg$NL80211_CMD_SET_TID_CONFIG-socket$nl_xfrm-syz_mount_image$ext4-syz_open_procfs-fchdir-mount-inotify_init1-fcntl$setown-fcntl$getownex-syz_open_procfs$pagemap-ioctl$PAGEMAP_SCAN
detailed listing:
executing program 0:
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="043e110b07"], 0xfc)
tgkill(0x0, 0x0, 0xf)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000800), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r2, @ANYBLOB="000200000000000061711110000008000300", @ANYRES32=0x0, @ANYBLOB="04001d80"], 0x20}, 0x1, 0x0, 0x0, 0x4040}, 0x4008081)
socket$nl_xfrm(0x10, 0x3, 0x6)
syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000080), 0x1, 0x478, &(0x7f0000000dc0)="$eJzs3c9vFFUcAPDvTH/w21ZEEQSsopH4o6Xlhxy8aDTxoImJHjCealsIslBDSyKEaPWAR0Pi3Xg08S/wpBejnky8arwaEmK4gCYma2Z3Bpb9ZVu3TMN+PsnAe/Pe7nvfmXm7b2Z2uwH0rbHsnyRia0T8GhEj9eydFcbq/928fmnmr+uXZpKoVt/8M6nVu3H90kxRtXjclnqmWs3zG9q0e/mdiOlKZe5cnp9YPPP+xMKFi8+dOjN9cu7k3NmpY8cOH9o7fHTqyCqiSlrWZHHd2P3h/J5dr7595fWZ41fe/fHrrNbWvLwxjl4Zq2/dtp7sdWMl29aQTgZL7Agr8k9EZLtrqDb+R2IgNt0qG4lXPim1c8Caqlar1Xbvz7mlKnAPS6LsHgDlKN7os/PfYrlLU4914dqL9ROgLO6b+VIvGYw0Ijbm50bb1qj9sYg4vvT3F9kSa3QdAgCg0bfZ/OfZdvO/NB5qqHdffg9lNCLuj4jtEfFAROyIiAcjanV3RsTDK2y/+Q5J6/wnvbqqwJYpm/+9kN/bunP+lxZVRgfy3LZa/EPJiVOVuYP5NjkQQxuy/GSXNr57+ZfPOpU1zv+yJWu/mAvm/bg62HSBbnZ6cfr/xNzo2scRuwfbxZ9EcRsniYhdEbF7lW2cevqrPZ3KmuLPNnNT/F304D5T9cuIp+r7fyma4i8kHe9PTj5/dOrIxMaozB2cKI6KVj/9fPmN1rX15//v/b+2sv2/ue3xX+/fUMRosjFi4cLF07X7tQsrb+Pyb592PKdZ7fE/nLxVSw/n6z6YXlw8NxkxnLzWun7q9mOLfFE/i//A/vbjf3vc3hKPRER2EO+NiH0R8Wje98ci4vGI2N8pwN93xg8vPfHeyuPvclW+h7L4Z7vs/+wlL0vd3v/NB8JSm6I7EwOnv/+mU/vL2/+Ha6kD+ZrlvP516U67IAAAAOCeltY+A5+k47fSaTo+Xv8M/47YnFbmFxafOTF//uxs/bPyozGUFle6Rhquh07m14aL/FRT/lB+3fjzgU21/PjMfGW27OChz23pMP4zfwyU3Ttgzfm+FvQv4x/6l/EP/cv4h/5l/EP/ajf+PyqhH8DdVxv/adm9AMpQG//n95XdDaAEzv+hfxn/0Jc6fjc+7Vwk0dPEpsh/CmGd9GeZiUjXRTfWWyKWInr3hHHh4unBZf8xi9Ulkmhb1P11o/UXNgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANanfwMAAP//0JjdTg==")
r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r3)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r4 = inotify_init1(0x0)
fcntl$setown(r4, 0x8, r0)
fcntl$getownex(r4, 0x10, &(0x7f0000000140)={0x0, <r5=>0x0})
r6 = syz_open_procfs$pagemap(r5, &(0x7f0000000580))
ioctl$PAGEMAP_SCAN(r6, 0xc0606610, &(0x7f0000000200)={0x60, 0x0, &(0x7f0000245000/0x2000)=nil, &(0x7f00004c7000/0x1000)=nil, 0x0, 0x0, 0x0, 0x1bb, 0x0, 0x0, 0x6a, 0x55})

program crashed: BUG: unable to handle kernel paging request in do_pagemap_cmd
testing program (duration=42.766832175s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_emit_vhci-tgkill-syz_clone-socket$nl_generic-syz_genetlink_get_family_id$nl80211-sendmsg$NL80211_CMD_SET_TID_CONFIG-syz_mount_image$ext4-syz_open_procfs-fchdir-mount-inotify_init1-fcntl$setown-fcntl$getownex-syz_open_procfs$pagemap-ioctl$PAGEMAP_SCAN
detailed listing:
executing program 0:
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="043e110b07"], 0xfc)
tgkill(0x0, 0x0, 0xf)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000800), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r2, @ANYBLOB="000200000000000061711110000008000300", @ANYRES32=0x0, @ANYBLOB="04001d80"], 0x20}, 0x1, 0x0, 0x0, 0x4040}, 0x4008081)
syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000080), 0x1, 0x478, &(0x7f0000000dc0)="$eJzs3c9vFFUcAPDvTH/w21ZEEQSsopH4o6Xlhxy8aDTxoImJHjCealsIslBDSyKEaPWAR0Pi3Xg08S/wpBejnky8arwaEmK4gCYma2Z3Bpb9ZVu3TMN+PsnAe/Pe7nvfmXm7b2Z2uwH0rbHsnyRia0T8GhEj9eydFcbq/928fmnmr+uXZpKoVt/8M6nVu3H90kxRtXjclnqmWs3zG9q0e/mdiOlKZe5cnp9YPPP+xMKFi8+dOjN9cu7k3NmpY8cOH9o7fHTqyCqiSlrWZHHd2P3h/J5dr7595fWZ41fe/fHrrNbWvLwxjl4Zq2/dtp7sdWMl29aQTgZL7Agr8k9EZLtrqDb+R2IgNt0qG4lXPim1c8Caqlar1Xbvz7mlKnAPS6LsHgDlKN7os/PfYrlLU4914dqL9ROgLO6b+VIvGYw0Ijbm50bb1qj9sYg4vvT3F9kSa3QdAgCg0bfZ/OfZdvO/NB5qqHdffg9lNCLuj4jtEfFAROyIiAcjanV3RsTDK2y/+Q5J6/wnvbqqwJYpm/+9kN/bunP+lxZVRgfy3LZa/EPJiVOVuYP5NjkQQxuy/GSXNr57+ZfPOpU1zv+yJWu/mAvm/bg62HSBbnZ6cfr/xNzo2scRuwfbxZ9EcRsniYhdEbF7lW2cevqrPZ3KmuLPNnNT/F304D5T9cuIp+r7fyma4i8kHe9PTj5/dOrIxMaozB2cKI6KVj/9fPmN1rX15//v/b+2sv2/ue3xX+/fUMRosjFi4cLF07X7tQsrb+Pyb592PKdZ7fE/nLxVSw/n6z6YXlw8NxkxnLzWun7q9mOLfFE/i//A/vbjf3vc3hKPRER2EO+NiH0R8Wje98ci4vGI2N8pwN93xg8vPfHeyuPvclW+h7L4Z7vs/+wlL0vd3v/NB8JSm6I7EwOnv/+mU/vL2/+Ha6kD+ZrlvP516U67IAAAAOCeltY+A5+k47fSaTo+Xv8M/47YnFbmFxafOTF//uxs/bPyozGUFle6Rhquh07m14aL/FRT/lB+3fjzgU21/PjMfGW27OChz23pMP4zfwyU3Ttgzfm+FvQv4x/6l/EP/cv4h/5l/EP/ajf+PyqhH8DdVxv/adm9AMpQG//n95XdDaAEzv+hfxn/0Jc6fjc+7Vwk0dPEpsh/CmGd9GeZiUjXRTfWWyKWInr3hHHh4unBZf8xi9Ulkmhb1P11o/UXNgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANanfwMAAP//0JjdTg==")
r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r3)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r4 = inotify_init1(0x0)
fcntl$setown(r4, 0x8, r0)
fcntl$getownex(r4, 0x10, &(0x7f0000000140)={0x0, <r5=>0x0})
r6 = syz_open_procfs$pagemap(r5, &(0x7f0000000580))
ioctl$PAGEMAP_SCAN(r6, 0xc0606610, &(0x7f0000000200)={0x60, 0x0, &(0x7f0000245000/0x2000)=nil, &(0x7f00004c7000/0x1000)=nil, 0x0, 0x0, 0x0, 0x1bb, 0x0, 0x0, 0x6a, 0x55})

program crashed: BUG: unable to handle kernel paging request in do_pagemap_cmd
testing program (duration=42.766832175s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_emit_vhci-tgkill-syz_clone-socket$nl_generic-syz_genetlink_get_family_id$nl80211-syz_mount_image$ext4-syz_open_procfs-fchdir-mount-inotify_init1-fcntl$setown-fcntl$getownex-syz_open_procfs$pagemap-ioctl$PAGEMAP_SCAN
detailed listing:
executing program 0:
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="043e110b07"], 0xfc)
tgkill(0x0, 0x0, 0xf)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000800), 0xffffffffffffffff)
syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000080), 0x1, 0x478, &(0x7f0000000dc0)="$eJzs3c9vFFUcAPDvTH/w21ZEEQSsopH4o6Xlhxy8aDTxoImJHjCealsIslBDSyKEaPWAR0Pi3Xg08S/wpBejnky8arwaEmK4gCYma2Z3Bpb9ZVu3TMN+PsnAe/Pe7nvfmXm7b2Z2uwH0rbHsnyRia0T8GhEj9eydFcbq/928fmnmr+uXZpKoVt/8M6nVu3H90kxRtXjclnqmWs3zG9q0e/mdiOlKZe5cnp9YPPP+xMKFi8+dOjN9cu7k3NmpY8cOH9o7fHTqyCqiSlrWZHHd2P3h/J5dr7595fWZ41fe/fHrrNbWvLwxjl4Zq2/dtp7sdWMl29aQTgZL7Agr8k9EZLtrqDb+R2IgNt0qG4lXPim1c8Caqlar1Xbvz7mlKnAPS6LsHgDlKN7os/PfYrlLU4914dqL9ROgLO6b+VIvGYw0Ijbm50bb1qj9sYg4vvT3F9kSa3QdAgCg0bfZ/OfZdvO/NB5qqHdffg9lNCLuj4jtEfFAROyIiAcjanV3RsTDK2y/+Q5J6/wnvbqqwJYpm/+9kN/bunP+lxZVRgfy3LZa/EPJiVOVuYP5NjkQQxuy/GSXNr57+ZfPOpU1zv+yJWu/mAvm/bg62HSBbnZ6cfr/xNzo2scRuwfbxZ9EcRsniYhdEbF7lW2cevqrPZ3KmuLPNnNT/F304D5T9cuIp+r7fyma4i8kHe9PTj5/dOrIxMaozB2cKI6KVj/9fPmN1rX15//v/b+2sv2/ue3xX+/fUMRosjFi4cLF07X7tQsrb+Pyb592PKdZ7fE/nLxVSw/n6z6YXlw8NxkxnLzWun7q9mOLfFE/i//A/vbjf3vc3hKPRER2EO+NiH0R8Wje98ci4vGI2N8pwN93xg8vPfHeyuPvclW+h7L4Z7vs/+wlL0vd3v/NB8JSm6I7EwOnv/+mU/vL2/+Ha6kD+ZrlvP516U67IAAAAOCeltY+A5+k47fSaTo+Xv8M/47YnFbmFxafOTF//uxs/bPyozGUFle6Rhquh07m14aL/FRT/lB+3fjzgU21/PjMfGW27OChz23pMP4zfwyU3Ttgzfm+FvQv4x/6l/EP/cv4h/5l/EP/ajf+PyqhH8DdVxv/adm9AMpQG//n95XdDaAEzv+hfxn/0Jc6fjc+7Vwk0dPEpsh/CmGd9GeZiUjXRTfWWyKWInr3hHHh4unBZf8xi9Ulkmhb1P11o/UXNgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANanfwMAAP//0JjdTg==")
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r1)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r2 = inotify_init1(0x0)
fcntl$setown(r2, 0x8, r0)
fcntl$getownex(r2, 0x10, &(0x7f0000000140)={0x0, <r3=>0x0})
r4 = syz_open_procfs$pagemap(r3, &(0x7f0000000580))
ioctl$PAGEMAP_SCAN(r4, 0xc0606610, &(0x7f0000000200)={0x60, 0x0, &(0x7f0000245000/0x2000)=nil, &(0x7f00004c7000/0x1000)=nil, 0x0, 0x0, 0x0, 0x1bb, 0x0, 0x0, 0x6a, 0x55})

program crashed: BUG: unable to handle kernel paging request in do_pagemap_cmd
testing program (duration=42.766832175s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_emit_vhci-tgkill-syz_clone-socket$nl_generic-syz_mount_image$ext4-syz_open_procfs-fchdir-mount-inotify_init1-fcntl$setown-fcntl$getownex-syz_open_procfs$pagemap-ioctl$PAGEMAP_SCAN
detailed listing:
executing program 0:
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="043e110b07"], 0xfc)
tgkill(0x0, 0x0, 0xf)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000080), 0x1, 0x478, &(0x7f0000000dc0)="$eJzs3c9vFFUcAPDvTH/w21ZEEQSsopH4o6Xlhxy8aDTxoImJHjCealsIslBDSyKEaPWAR0Pi3Xg08S/wpBejnky8arwaEmK4gCYma2Z3Bpb9ZVu3TMN+PsnAe/Pe7nvfmXm7b2Z2uwH0rbHsnyRia0T8GhEj9eydFcbq/928fmnmr+uXZpKoVt/8M6nVu3H90kxRtXjclnqmWs3zG9q0e/mdiOlKZe5cnp9YPPP+xMKFi8+dOjN9cu7k3NmpY8cOH9o7fHTqyCqiSlrWZHHd2P3h/J5dr7595fWZ41fe/fHrrNbWvLwxjl4Zq2/dtp7sdWMl29aQTgZL7Agr8k9EZLtrqDb+R2IgNt0qG4lXPim1c8Caqlar1Xbvz7mlKnAPS6LsHgDlKN7os/PfYrlLU4914dqL9ROgLO6b+VIvGYw0Ijbm50bb1qj9sYg4vvT3F9kSa3QdAgCg0bfZ/OfZdvO/NB5qqHdffg9lNCLuj4jtEfFAROyIiAcjanV3RsTDK2y/+Q5J6/wnvbqqwJYpm/+9kN/bunP+lxZVRgfy3LZa/EPJiVOVuYP5NjkQQxuy/GSXNr57+ZfPOpU1zv+yJWu/mAvm/bg62HSBbnZ6cfr/xNzo2scRuwfbxZ9EcRsniYhdEbF7lW2cevqrPZ3KmuLPNnNT/F304D5T9cuIp+r7fyma4i8kHe9PTj5/dOrIxMaozB2cKI6KVj/9fPmN1rX15//v/b+2sv2/ue3xX+/fUMRosjFi4cLF07X7tQsrb+Pyb592PKdZ7fE/nLxVSw/n6z6YXlw8NxkxnLzWun7q9mOLfFE/i//A/vbjf3vc3hKPRER2EO+NiH0R8Wje98ci4vGI2N8pwN93xg8vPfHeyuPvclW+h7L4Z7vs/+wlL0vd3v/NB8JSm6I7EwOnv/+mU/vL2/+Ha6kD+ZrlvP516U67IAAAAOCeltY+A5+k47fSaTo+Xv8M/47YnFbmFxafOTF//uxs/bPyozGUFle6Rhquh07m14aL/FRT/lB+3fjzgU21/PjMfGW27OChz23pMP4zfwyU3Ttgzfm+FvQv4x/6l/EP/cv4h/5l/EP/ajf+PyqhH8DdVxv/adm9AMpQG//n95XdDaAEzv+hfxn/0Jc6fjc+7Vwk0dPEpsh/CmGd9GeZiUjXRTfWWyKWInr3hHHh4unBZf8xi9Ulkmhb1P11o/UXNgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANanfwMAAP//0JjdTg==")
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r1)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r2 = inotify_init1(0x0)
fcntl$setown(r2, 0x8, r0)
fcntl$getownex(r2, 0x10, &(0x7f0000000140)={0x0, <r3=>0x0})
r4 = syz_open_procfs$pagemap(r3, &(0x7f0000000580))
ioctl$PAGEMAP_SCAN(r4, 0xc0606610, &(0x7f0000000200)={0x60, 0x0, &(0x7f0000245000/0x2000)=nil, &(0x7f00004c7000/0x1000)=nil, 0x0, 0x0, 0x0, 0x1bb, 0x0, 0x0, 0x6a, 0x55})

program crashed: BUG: unable to handle kernel paging request in do_pagemap_cmd
testing program (duration=42.766832175s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_emit_vhci-tgkill-syz_clone-syz_mount_image$ext4-syz_open_procfs-fchdir-mount-inotify_init1-fcntl$setown-fcntl$getownex-syz_open_procfs$pagemap-ioctl$PAGEMAP_SCAN
detailed listing:
executing program 0:
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="043e110b07"], 0xfc)
tgkill(0x0, 0x0, 0xf)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000080), 0x1, 0x478, &(0x7f0000000dc0)="$eJzs3c9vFFUcAPDvTH/w21ZEEQSsopH4o6Xlhxy8aDTxoImJHjCealsIslBDSyKEaPWAR0Pi3Xg08S/wpBejnky8arwaEmK4gCYma2Z3Bpb9ZVu3TMN+PsnAe/Pe7nvfmXm7b2Z2uwH0rbHsnyRia0T8GhEj9eydFcbq/928fmnmr+uXZpKoVt/8M6nVu3H90kxRtXjclnqmWs3zG9q0e/mdiOlKZe5cnp9YPPP+xMKFi8+dOjN9cu7k3NmpY8cOH9o7fHTqyCqiSlrWZHHd2P3h/J5dr7595fWZ41fe/fHrrNbWvLwxjl4Zq2/dtp7sdWMl29aQTgZL7Agr8k9EZLtrqDb+R2IgNt0qG4lXPim1c8Caqlar1Xbvz7mlKnAPS6LsHgDlKN7os/PfYrlLU4914dqL9ROgLO6b+VIvGYw0Ijbm50bb1qj9sYg4vvT3F9kSa3QdAgCg0bfZ/OfZdvO/NB5qqHdffg9lNCLuj4jtEfFAROyIiAcjanV3RsTDK2y/+Q5J6/wnvbqqwJYpm/+9kN/bunP+lxZVRgfy3LZa/EPJiVOVuYP5NjkQQxuy/GSXNr57+ZfPOpU1zv+yJWu/mAvm/bg62HSBbnZ6cfr/xNzo2scRuwfbxZ9EcRsniYhdEbF7lW2cevqrPZ3KmuLPNnNT/F304D5T9cuIp+r7fyma4i8kHe9PTj5/dOrIxMaozB2cKI6KVj/9fPmN1rX15//v/b+2sv2/ue3xX+/fUMRosjFi4cLF07X7tQsrb+Pyb592PKdZ7fE/nLxVSw/n6z6YXlw8NxkxnLzWun7q9mOLfFE/i//A/vbjf3vc3hKPRER2EO+NiH0R8Wje98ci4vGI2N8pwN93xg8vPfHeyuPvclW+h7L4Z7vs/+wlL0vd3v/NB8JSm6I7EwOnv/+mU/vL2/+Ha6kD+ZrlvP516U67IAAAAOCeltY+A5+k47fSaTo+Xv8M/47YnFbmFxafOTF//uxs/bPyozGUFle6Rhquh07m14aL/FRT/lB+3fjzgU21/PjMfGW27OChz23pMP4zfwyU3Ttgzfm+FvQv4x/6l/EP/cv4h/5l/EP/ajf+PyqhH8DdVxv/adm9AMpQG//n95XdDaAEzv+hfxn/0Jc6fjc+7Vwk0dPEpsh/CmGd9GeZiUjXRTfWWyKWInr3hHHh4unBZf8xi9Ulkmhb1P11o/UXNgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANanfwMAAP//0JjdTg==")
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r1)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r2 = inotify_init1(0x0)
fcntl$setown(r2, 0x8, r0)
fcntl$getownex(r2, 0x10, &(0x7f0000000140)={0x0, <r3=>0x0})
r4 = syz_open_procfs$pagemap(r3, &(0x7f0000000580))
ioctl$PAGEMAP_SCAN(r4, 0xc0606610, &(0x7f0000000200)={0x60, 0x0, &(0x7f0000245000/0x2000)=nil, &(0x7f00004c7000/0x1000)=nil, 0x0, 0x0, 0x0, 0x1bb, 0x0, 0x0, 0x6a, 0x55})

program crashed: BUG: unable to handle kernel paging request in do_pagemap_cmd
testing program (duration=42.766832175s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_emit_vhci-tgkill-syz_mount_image$ext4-syz_open_procfs-fchdir-mount-inotify_init1-fcntl$setown-fcntl$getownex-syz_open_procfs$pagemap-ioctl$PAGEMAP_SCAN
detailed listing:
executing program 0:
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="043e110b07"], 0xfc)
tgkill(0x0, 0x0, 0xf)
syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000080), 0x1, 0x478, &(0x7f0000000dc0)="$eJzs3c9vFFUcAPDvTH/w21ZEEQSsopH4o6Xlhxy8aDTxoImJHjCealsIslBDSyKEaPWAR0Pi3Xg08S/wpBejnky8arwaEmK4gCYma2Z3Bpb9ZVu3TMN+PsnAe/Pe7nvfmXm7b2Z2uwH0rbHsnyRia0T8GhEj9eydFcbq/928fmnmr+uXZpKoVt/8M6nVu3H90kxRtXjclnqmWs3zG9q0e/mdiOlKZe5cnp9YPPP+xMKFi8+dOjN9cu7k3NmpY8cOH9o7fHTqyCqiSlrWZHHd2P3h/J5dr7595fWZ41fe/fHrrNbWvLwxjl4Zq2/dtp7sdWMl29aQTgZL7Agr8k9EZLtrqDb+R2IgNt0qG4lXPim1c8Caqlar1Xbvz7mlKnAPS6LsHgDlKN7os/PfYrlLU4914dqL9ROgLO6b+VIvGYw0Ijbm50bb1qj9sYg4vvT3F9kSa3QdAgCg0bfZ/OfZdvO/NB5qqHdffg9lNCLuj4jtEfFAROyIiAcjanV3RsTDK2y/+Q5J6/wnvbqqwJYpm/+9kN/bunP+lxZVRgfy3LZa/EPJiVOVuYP5NjkQQxuy/GSXNr57+ZfPOpU1zv+yJWu/mAvm/bg62HSBbnZ6cfr/xNzo2scRuwfbxZ9EcRsniYhdEbF7lW2cevqrPZ3KmuLPNnNT/F304D5T9cuIp+r7fyma4i8kHe9PTj5/dOrIxMaozB2cKI6KVj/9fPmN1rX15//v/b+2sv2/ue3xX+/fUMRosjFi4cLF07X7tQsrb+Pyb592PKdZ7fE/nLxVSw/n6z6YXlw8NxkxnLzWun7q9mOLfFE/i//A/vbjf3vc3hKPRER2EO+NiH0R8Wje98ci4vGI2N8pwN93xg8vPfHeyuPvclW+h7L4Z7vs/+wlL0vd3v/NB8JSm6I7EwOnv/+mU/vL2/+Ha6kD+ZrlvP516U67IAAAAOCeltY+A5+k47fSaTo+Xv8M/47YnFbmFxafOTF//uxs/bPyozGUFle6Rhquh07m14aL/FRT/lB+3fjzgU21/PjMfGW27OChz23pMP4zfwyU3Ttgzfm+FvQv4x/6l/EP/cv4h/5l/EP/ajf+PyqhH8DdVxv/adm9AMpQG//n95XdDaAEzv+hfxn/0Jc6fjc+7Vwk0dPEpsh/CmGd9GeZiUjXRTfWWyKWInr3hHHh4unBZf8xi9Ulkmhb1P11o/UXNgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANanfwMAAP//0JjdTg==")
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r0)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r1 = inotify_init1(0x0)
fcntl$setown(r1, 0x8, 0x0)
fcntl$getownex(r1, 0x10, &(0x7f0000000140)={0x0, <r2=>0x0})
r3 = syz_open_procfs$pagemap(r2, &(0x7f0000000580))
ioctl$PAGEMAP_SCAN(r3, 0xc0606610, &(0x7f0000000200)={0x60, 0x0, &(0x7f0000245000/0x2000)=nil, &(0x7f00004c7000/0x1000)=nil, 0x0, 0x0, 0x0, 0x1bb, 0x0, 0x0, 0x6a, 0x55})

program did not crash
testing program (duration=42.766832175s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_emit_vhci-syz_clone-syz_mount_image$ext4-syz_open_procfs-fchdir-mount-inotify_init1-fcntl$setown-fcntl$getownex-syz_open_procfs$pagemap-ioctl$PAGEMAP_SCAN
detailed listing:
executing program 0:
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="043e110b07"], 0xfc)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000080), 0x1, 0x478, &(0x7f0000000dc0)="$eJzs3c9vFFUcAPDvTH/w21ZEEQSsopH4o6Xlhxy8aDTxoImJHjCealsIslBDSyKEaPWAR0Pi3Xg08S/wpBejnky8arwaEmK4gCYma2Z3Bpb9ZVu3TMN+PsnAe/Pe7nvfmXm7b2Z2uwH0rbHsnyRia0T8GhEj9eydFcbq/928fmnmr+uXZpKoVt/8M6nVu3H90kxRtXjclnqmWs3zG9q0e/mdiOlKZe5cnp9YPPP+xMKFi8+dOjN9cu7k3NmpY8cOH9o7fHTqyCqiSlrWZHHd2P3h/J5dr7595fWZ41fe/fHrrNbWvLwxjl4Zq2/dtp7sdWMl29aQTgZL7Agr8k9EZLtrqDb+R2IgNt0qG4lXPim1c8Caqlar1Xbvz7mlKnAPS6LsHgDlKN7os/PfYrlLU4914dqL9ROgLO6b+VIvGYw0Ijbm50bb1qj9sYg4vvT3F9kSa3QdAgCg0bfZ/OfZdvO/NB5qqHdffg9lNCLuj4jtEfFAROyIiAcjanV3RsTDK2y/+Q5J6/wnvbqqwJYpm/+9kN/bunP+lxZVRgfy3LZa/EPJiVOVuYP5NjkQQxuy/GSXNr57+ZfPOpU1zv+yJWu/mAvm/bg62HSBbnZ6cfr/xNzo2scRuwfbxZ9EcRsniYhdEbF7lW2cevqrPZ3KmuLPNnNT/F304D5T9cuIp+r7fyma4i8kHe9PTj5/dOrIxMaozB2cKI6KVj/9fPmN1rX15//v/b+2sv2/ue3xX+/fUMRosjFi4cLF07X7tQsrb+Pyb592PKdZ7fE/nLxVSw/n6z6YXlw8NxkxnLzWun7q9mOLfFE/i//A/vbjf3vc3hKPRER2EO+NiH0R8Wje98ci4vGI2N8pwN93xg8vPfHeyuPvclW+h7L4Z7vs/+wlL0vd3v/NB8JSm6I7EwOnv/+mU/vL2/+Ha6kD+ZrlvP516U67IAAAAOCeltY+A5+k47fSaTo+Xv8M/47YnFbmFxafOTF//uxs/bPyozGUFle6Rhquh07m14aL/FRT/lB+3fjzgU21/PjMfGW27OChz23pMP4zfwyU3Ttgzfm+FvQv4x/6l/EP/cv4h/5l/EP/ajf+PyqhH8DdVxv/adm9AMpQG//n95XdDaAEzv+hfxn/0Jc6fjc+7Vwk0dPEpsh/CmGd9GeZiUjXRTfWWyKWInr3hHHh4unBZf8xi9Ulkmhb1P11o/UXNgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANanfwMAAP//0JjdTg==")
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r1)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r2 = inotify_init1(0x0)
fcntl$setown(r2, 0x8, r0)
fcntl$getownex(r2, 0x10, &(0x7f0000000140)={0x0, <r3=>0x0})
r4 = syz_open_procfs$pagemap(r3, &(0x7f0000000580))
ioctl$PAGEMAP_SCAN(r4, 0xc0606610, &(0x7f0000000200)={0x60, 0x0, &(0x7f0000245000/0x2000)=nil, &(0x7f00004c7000/0x1000)=nil, 0x0, 0x0, 0x0, 0x1bb, 0x0, 0x0, 0x6a, 0x55})

program crashed: BUG: unable to handle kernel paging request in do_pagemap_cmd
testing program (duration=42.766832175s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_clone-syz_mount_image$ext4-syz_open_procfs-fchdir-mount-inotify_init1-fcntl$setown-fcntl$getownex-syz_open_procfs$pagemap-ioctl$PAGEMAP_SCAN
detailed listing:
executing program 0:
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000080), 0x1, 0x478, &(0x7f0000000dc0)="$eJzs3c9vFFUcAPDvTH/w21ZEEQSsopH4o6Xlhxy8aDTxoImJHjCealsIslBDSyKEaPWAR0Pi3Xg08S/wpBejnky8arwaEmK4gCYma2Z3Bpb9ZVu3TMN+PsnAe/Pe7nvfmXm7b2Z2uwH0rbHsnyRia0T8GhEj9eydFcbq/928fmnmr+uXZpKoVt/8M6nVu3H90kxRtXjclnqmWs3zG9q0e/mdiOlKZe5cnp9YPPP+xMKFi8+dOjN9cu7k3NmpY8cOH9o7fHTqyCqiSlrWZHHd2P3h/J5dr7595fWZ41fe/fHrrNbWvLwxjl4Zq2/dtp7sdWMl29aQTgZL7Agr8k9EZLtrqDb+R2IgNt0qG4lXPim1c8Caqlar1Xbvz7mlKnAPS6LsHgDlKN7os/PfYrlLU4914dqL9ROgLO6b+VIvGYw0Ijbm50bb1qj9sYg4vvT3F9kSa3QdAgCg0bfZ/OfZdvO/NB5qqHdffg9lNCLuj4jtEfFAROyIiAcjanV3RsTDK2y/+Q5J6/wnvbqqwJYpm/+9kN/bunP+lxZVRgfy3LZa/EPJiVOVuYP5NjkQQxuy/GSXNr57+ZfPOpU1zv+yJWu/mAvm/bg62HSBbnZ6cfr/xNzo2scRuwfbxZ9EcRsniYhdEbF7lW2cevqrPZ3KmuLPNnNT/F304D5T9cuIp+r7fyma4i8kHe9PTj5/dOrIxMaozB2cKI6KVj/9fPmN1rX15//v/b+2sv2/ue3xX+/fUMRosjFi4cLF07X7tQsrb+Pyb592PKdZ7fE/nLxVSw/n6z6YXlw8NxkxnLzWun7q9mOLfFE/i//A/vbjf3vc3hKPRER2EO+NiH0R8Wje98ci4vGI2N8pwN93xg8vPfHeyuPvclW+h7L4Z7vs/+wlL0vd3v/NB8JSm6I7EwOnv/+mU/vL2/+Ha6kD+ZrlvP516U67IAAAAOCeltY+A5+k47fSaTo+Xv8M/47YnFbmFxafOTF//uxs/bPyozGUFle6Rhquh07m14aL/FRT/lB+3fjzgU21/PjMfGW27OChz23pMP4zfwyU3Ttgzfm+FvQv4x/6l/EP/cv4h/5l/EP/ajf+PyqhH8DdVxv/adm9AMpQG//n95XdDaAEzv+hfxn/0Jc6fjc+7Vwk0dPEpsh/CmGd9GeZiUjXRTfWWyKWInr3hHHh4unBZf8xi9Ulkmhb1P11o/UXNgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANanfwMAAP//0JjdTg==")
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r1)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r2 = inotify_init1(0x0)
fcntl$setown(r2, 0x8, r0)
fcntl$getownex(r2, 0x10, &(0x7f0000000140)={0x0, <r3=>0x0})
r4 = syz_open_procfs$pagemap(r3, &(0x7f0000000580))
ioctl$PAGEMAP_SCAN(r4, 0xc0606610, &(0x7f0000000200)={0x60, 0x0, &(0x7f0000245000/0x2000)=nil, &(0x7f00004c7000/0x1000)=nil, 0x0, 0x0, 0x0, 0x1bb, 0x0, 0x0, 0x6a, 0x55})

program crashed: BUG: unable to handle kernel paging request in do_pagemap_cmd
testing program (duration=42.766832175s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_clone-syz_mount_image$ext4-syz_open_procfs-fchdir-mount-inotify_init1-fcntl$setown-fcntl$getownex-syz_open_procfs$pagemap-ioctl$PAGEMAP_SCAN
detailed listing:
executing program 0:
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000080), 0x1, 0x478, &(0x7f0000000dc0)="$eJzs3c9vFFUcAPDvTH/w21ZEEQSsopH4o6Xlhxy8aDTxoImJHjCealsIslBDSyKEaPWAR0Pi3Xg08S/wpBejnky8arwaEmK4gCYma2Z3Bpb9ZVu3TMN+PsnAe/Pe7nvfmXm7b2Z2uwH0rbHsnyRia0T8GhEj9eydFcbq/928fmnmr+uXZpKoVt/8M6nVu3H90kxRtXjclnqmWs3zG9q0e/mdiOlKZe5cnp9YPPP+xMKFi8+dOjN9cu7k3NmpY8cOH9o7fHTqyCqiSlrWZHHd2P3h/J5dr7595fWZ41fe/fHrrNbWvLwxjl4Zq2/dtp7sdWMl29aQTgZL7Agr8k9EZLtrqDb+R2IgNt0qG4lXPim1c8Caqlar1Xbvz7mlKnAPS6LsHgDlKN7os/PfYrlLU4914dqL9ROgLO6b+VIvGYw0Ijbm50bb1qj9sYg4vvT3F9kSa3QdAgCg0bfZ/OfZdvO/NB5qqHdffg9lNCLuj4jtEfFAROyIiAcjanV3RsTDK2y/+Q5J6/wnvbqqwJYpm/+9kN/bunP+lxZVRgfy3LZa/EPJiVOVuYP5NjkQQxuy/GSXNr57+ZfPOpU1zv+yJWu/mAvm/bg62HSBbnZ6cfr/xNzo2scRuwfbxZ9EcRsniYhdEbF7lW2cevqrPZ3KmuLPNnNT/F304D5T9cuIp+r7fyma4i8kHe9PTj5/dOrIxMaozB2cKI6KVj/9fPmN1rX15//v/b+2sv2/ue3xX+/fUMRosjFi4cLF07X7tQsrb+Pyb592PKdZ7fE/nLxVSw/n6z6YXlw8NxkxnLzWun7q9mOLfFE/i//A/vbjf3vc3hKPRER2EO+NiH0R8Wje98ci4vGI2N8pwN93xg8vPfHeyuPvclW+h7L4Z7vs/+wlL0vd3v/NB8JSm6I7EwOnv/+mU/vL2/+Ha6kD+ZrlvP516U67IAAAAOCeltY+A5+k47fSaTo+Xv8M/47YnFbmFxafOTF//uxs/bPyozGUFle6Rhquh07m14aL/FRT/lB+3fjzgU21/PjMfGW27OChz23pMP4zfwyU3Ttgzfm+FvQv4x/6l/EP/cv4h/5l/EP/ajf+PyqhH8DdVxv/adm9AMpQG//n95XdDaAEzv+hfxn/0Jc6fjc+7Vwk0dPEpsh/CmGd9GeZiUjXRTfWWyKWInr3hHHh4unBZf8xi9Ulkmhb1P11o/UXNgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANanfwMAAP//0JjdTg==")
r1 = syz_open_procfs(0x0, 0x0)
fchdir(r1)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r2 = inotify_init1(0x0)
fcntl$setown(r2, 0x8, r0)
fcntl$getownex(r2, 0x10, &(0x7f0000000140)={0x0, <r3=>0x0})
r4 = syz_open_procfs$pagemap(r3, &(0x7f0000000580))
ioctl$PAGEMAP_SCAN(r4, 0xc0606610, &(0x7f0000000200)={0x60, 0x0, &(0x7f0000245000/0x2000)=nil, &(0x7f00004c7000/0x1000)=nil, 0x0, 0x0, 0x0, 0x1bb, 0x0, 0x0, 0x6a, 0x55})

program did not crash
testing program (duration=42.766832175s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_clone-syz_mount_image$ext4-syz_open_procfs-fchdir-mount-inotify_init1-fcntl$setown-fcntl$getownex-syz_open_procfs$pagemap-ioctl$PAGEMAP_SCAN
detailed listing:
executing program 0:
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000080), 0x1, 0x478, &(0x7f0000000dc0)="$eJzs3c9vFFUcAPDvTH/w21ZEEQSsopH4o6Xlhxy8aDTxoImJHjCealsIslBDSyKEaPWAR0Pi3Xg08S/wpBejnky8arwaEmK4gCYma2Z3Bpb9ZVu3TMN+PsnAe/Pe7nvfmXm7b2Z2uwH0rbHsnyRia0T8GhEj9eydFcbq/928fmnmr+uXZpKoVt/8M6nVu3H90kxRtXjclnqmWs3zG9q0e/mdiOlKZe5cnp9YPPP+xMKFi8+dOjN9cu7k3NmpY8cOH9o7fHTqyCqiSlrWZHHd2P3h/J5dr7595fWZ41fe/fHrrNbWvLwxjl4Zq2/dtp7sdWMl29aQTgZL7Agr8k9EZLtrqDb+R2IgNt0qG4lXPim1c8Caqlar1Xbvz7mlKnAPS6LsHgDlKN7os/PfYrlLU4914dqL9ROgLO6b+VIvGYw0Ijbm50bb1qj9sYg4vvT3F9kSa3QdAgCg0bfZ/OfZdvO/NB5qqHdffg9lNCLuj4jtEfFAROyIiAcjanV3RsTDK2y/+Q5J6/wnvbqqwJYpm/+9kN/bunP+lxZVRgfy3LZa/EPJiVOVuYP5NjkQQxuy/GSXNr57+ZfPOpU1zv+yJWu/mAvm/bg62HSBbnZ6cfr/xNzo2scRuwfbxZ9EcRsniYhdEbF7lW2cevqrPZ3KmuLPNnNT/F304D5T9cuIp+r7fyma4i8kHe9PTj5/dOrIxMaozB2cKI6KVj/9fPmN1rX15//v/b+2sv2/ue3xX+/fUMRosjFi4cLF07X7tQsrb+Pyb592PKdZ7fE/nLxVSw/n6z6YXlw8NxkxnLzWun7q9mOLfFE/i//A/vbjf3vc3hKPRER2EO+NiH0R8Wje98ci4vGI2N8pwN93xg8vPfHeyuPvclW+h7L4Z7vs/+wlL0vd3v/NB8JSm6I7EwOnv/+mU/vL2/+Ha6kD+ZrlvP516U67IAAAAOCeltY+A5+k47fSaTo+Xv8M/47YnFbmFxafOTF//uxs/bPyozGUFle6Rhquh07m14aL/FRT/lB+3fjzgU21/PjMfGW27OChz23pMP4zfwyU3Ttgzfm+FvQv4x/6l/EP/cv4h/5l/EP/ajf+PyqhH8DdVxv/adm9AMpQG//n95XdDaAEzv+hfxn/0Jc6fjc+7Vwk0dPEpsh/CmGd9GeZiUjXRTfWWyKWInr3hHHh4unBZf8xi9Ulkmhb1P11o/UXNgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANanfwMAAP//0JjdTg==")
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r1)
mount(0x0, 0x0, &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r2 = inotify_init1(0x0)
fcntl$setown(r2, 0x8, r0)
fcntl$getownex(r2, 0x10, &(0x7f0000000140)={0x0, <r3=>0x0})
r4 = syz_open_procfs$pagemap(r3, &(0x7f0000000580))
ioctl$PAGEMAP_SCAN(r4, 0xc0606610, &(0x7f0000000200)={0x60, 0x0, &(0x7f0000245000/0x2000)=nil, &(0x7f00004c7000/0x1000)=nil, 0x0, 0x0, 0x0, 0x1bb, 0x0, 0x0, 0x6a, 0x55})

program did not crash
testing program (duration=42.766832175s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_clone-syz_mount_image$ext4-syz_open_procfs-fchdir-mount-inotify_init1-fcntl$setown-fcntl$getownex-syz_open_procfs$pagemap-ioctl$PAGEMAP_SCAN
detailed listing:
executing program 0:
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000080), 0x1, 0x478, &(0x7f0000000dc0)="$eJzs3c9vFFUcAPDvTH/w21ZEEQSsopH4o6Xlhxy8aDTxoImJHjCealsIslBDSyKEaPWAR0Pi3Xg08S/wpBejnky8arwaEmK4gCYma2Z3Bpb9ZVu3TMN+PsnAe/Pe7nvfmXm7b2Z2uwH0rbHsnyRia0T8GhEj9eydFcbq/928fmnmr+uXZpKoVt/8M6nVu3H90kxRtXjclnqmWs3zG9q0e/mdiOlKZe5cnp9YPPP+xMKFi8+dOjN9cu7k3NmpY8cOH9o7fHTqyCqiSlrWZHHd2P3h/J5dr7595fWZ41fe/fHrrNbWvLwxjl4Zq2/dtp7sdWMl29aQTgZL7Agr8k9EZLtrqDb+R2IgNt0qG4lXPim1c8Caqlar1Xbvz7mlKnAPS6LsHgDlKN7os/PfYrlLU4914dqL9ROgLO6b+VIvGYw0Ijbm50bb1qj9sYg4vvT3F9kSa3QdAgCg0bfZ/OfZdvO/NB5qqHdffg9lNCLuj4jtEfFAROyIiAcjanV3RsTDK2y/+Q5J6/wnvbqqwJYpm/+9kN/bunP+lxZVRgfy3LZa/EPJiVOVuYP5NjkQQxuy/GSXNr57+ZfPOpU1zv+yJWu/mAvm/bg62HSBbnZ6cfr/xNzo2scRuwfbxZ9EcRsniYhdEbF7lW2cevqrPZ3KmuLPNnNT/F304D5T9cuIp+r7fyma4i8kHe9PTj5/dOrIxMaozB2cKI6KVj/9fPmN1rX15//v/b+2sv2/ue3xX+/fUMRosjFi4cLF07X7tQsrb+Pyb592PKdZ7fE/nLxVSw/n6z6YXlw8NxkxnLzWun7q9mOLfFE/i//A/vbjf3vc3hKPRER2EO+NiH0R8Wje98ci4vGI2N8pwN93xg8vPfHeyuPvclW+h7L4Z7vs/+wlL0vd3v/NB8JSm6I7EwOnv/+mU/vL2/+Ha6kD+ZrlvP516U67IAAAAOCeltY+A5+k47fSaTo+Xv8M/47YnFbmFxafOTF//uxs/bPyozGUFle6Rhquh07m14aL/FRT/lB+3fjzgU21/PjMfGW27OChz23pMP4zfwyU3Ttgzfm+FvQv4x/6l/EP/cv4h/5l/EP/ajf+PyqhH8DdVxv/adm9AMpQG//n95XdDaAEzv+hfxn/0Jc6fjc+7Vwk0dPEpsh/CmGd9GeZiUjXRTfWWyKWInr3hHHh4unBZf8xi9Ulkmhb1P11o/UXNgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANanfwMAAP//0JjdTg==")
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r1)
mount(0x0, &(0x7f0000000080)='.\x00', 0x0, 0x0, 0x0)
r2 = inotify_init1(0x0)
fcntl$setown(r2, 0x8, r0)
fcntl$getownex(r2, 0x10, &(0x7f0000000140)={0x0, <r3=>0x0})
r4 = syz_open_procfs$pagemap(r3, &(0x7f0000000580))
ioctl$PAGEMAP_SCAN(r4, 0xc0606610, &(0x7f0000000200)={0x60, 0x0, &(0x7f0000245000/0x2000)=nil, &(0x7f00004c7000/0x1000)=nil, 0x0, 0x0, 0x0, 0x1bb, 0x0, 0x0, 0x6a, 0x55})

program did not crash
testing program (duration=42.766832175s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_clone-syz_mount_image$ext4-syz_open_procfs-fchdir-mount-inotify_init1-fcntl$setown-fcntl$getownex-syz_open_procfs$pagemap-ioctl$PAGEMAP_SCAN
detailed listing:
executing program 0:
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000080), 0x1, 0x478, &(0x7f0000000dc0)="$eJzs3c9vFFUcAPDvTH/w21ZEEQSsopH4o6Xlhxy8aDTxoImJHjCealsIslBDSyKEaPWAR0Pi3Xg08S/wpBejnky8arwaEmK4gCYma2Z3Bpb9ZVu3TMN+PsnAe/Pe7nvfmXm7b2Z2uwH0rbHsnyRia0T8GhEj9eydFcbq/928fmnmr+uXZpKoVt/8M6nVu3H90kxRtXjclnqmWs3zG9q0e/mdiOlKZe5cnp9YPPP+xMKFi8+dOjN9cu7k3NmpY8cOH9o7fHTqyCqiSlrWZHHd2P3h/J5dr7595fWZ41fe/fHrrNbWvLwxjl4Zq2/dtp7sdWMl29aQTgZL7Agr8k9EZLtrqDb+R2IgNt0qG4lXPim1c8Caqlar1Xbvz7mlKnAPS6LsHgDlKN7os/PfYrlLU4914dqL9ROgLO6b+VIvGYw0Ijbm50bb1qj9sYg4vvT3F9kSa3QdAgCg0bfZ/OfZdvO/NB5qqHdffg9lNCLuj4jtEfFAROyIiAcjanV3RsTDK2y/+Q5J6/wnvbqqwJYpm/+9kN/bunP+lxZVRgfy3LZa/EPJiVOVuYP5NjkQQxuy/GSXNr57+ZfPOpU1zv+yJWu/mAvm/bg62HSBbnZ6cfr/xNzo2scRuwfbxZ9EcRsniYhdEbF7lW2cevqrPZ3KmuLPNnNT/F304D5T9cuIp+r7fyma4i8kHe9PTj5/dOrIxMaozB2cKI6KVj/9fPmN1rX15//v/b+2sv2/ue3xX+/fUMRosjFi4cLF07X7tQsrb+Pyb592PKdZ7fE/nLxVSw/n6z6YXlw8NxkxnLzWun7q9mOLfFE/i//A/vbjf3vc3hKPRER2EO+NiH0R8Wje98ci4vGI2N8pwN93xg8vPfHeyuPvclW+h7L4Z7vs/+wlL0vd3v/NB8JSm6I7EwOnv/+mU/vL2/+Ha6kD+ZrlvP516U67IAAAAOCeltY+A5+k47fSaTo+Xv8M/47YnFbmFxafOTF//uxs/bPyozGUFle6Rhquh07m14aL/FRT/lB+3fjzgU21/PjMfGW27OChz23pMP4zfwyU3Ttgzfm+FvQv4x/6l/EP/cv4h/5l/EP/ajf+PyqhH8DdVxv/adm9AMpQG//n95XdDaAEzv+hfxn/0Jc6fjc+7Vwk0dPEpsh/CmGd9GeZiUjXRTfWWyKWInr3hHHh4unBZf8xi9Ulkmhb1P11o/UXNgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANanfwMAAP//0JjdTg==")
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r1)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r2 = inotify_init1(0x0)
fcntl$setown(r2, 0x8, r0)
fcntl$getownex(r2, 0x10, 0x0)
r3 = syz_open_procfs$pagemap(0x0, &(0x7f0000000580))
ioctl$PAGEMAP_SCAN(r3, 0xc0606610, &(0x7f0000000200)={0x60, 0x0, &(0x7f0000245000/0x2000)=nil, &(0x7f00004c7000/0x1000)=nil, 0x0, 0x0, 0x0, 0x1bb, 0x0, 0x0, 0x6a, 0x55})

program did not crash
testing program (duration=42.766832175s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_clone-syz_mount_image$ext4-syz_open_procfs-fchdir-mount-inotify_init1-fcntl$setown-fcntl$getownex-syz_open_procfs$pagemap-ioctl$PAGEMAP_SCAN
detailed listing:
executing program 0:
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000080), 0x1, 0x478, &(0x7f0000000dc0)="$eJzs3c9vFFUcAPDvTH/w21ZEEQSsopH4o6Xlhxy8aDTxoImJHjCealsIslBDSyKEaPWAR0Pi3Xg08S/wpBejnky8arwaEmK4gCYma2Z3Bpb9ZVu3TMN+PsnAe/Pe7nvfmXm7b2Z2uwH0rbHsnyRia0T8GhEj9eydFcbq/928fmnmr+uXZpKoVt/8M6nVu3H90kxRtXjclnqmWs3zG9q0e/mdiOlKZe5cnp9YPPP+xMKFi8+dOjN9cu7k3NmpY8cOH9o7fHTqyCqiSlrWZHHd2P3h/J5dr7595fWZ41fe/fHrrNbWvLwxjl4Zq2/dtp7sdWMl29aQTgZL7Agr8k9EZLtrqDb+R2IgNt0qG4lXPim1c8Caqlar1Xbvz7mlKnAPS6LsHgDlKN7os/PfYrlLU4914dqL9ROgLO6b+VIvGYw0Ijbm50bb1qj9sYg4vvT3F9kSa3QdAgCg0bfZ/OfZdvO/NB5qqHdffg9lNCLuj4jtEfFAROyIiAcjanV3RsTDK2y/+Q5J6/wnvbqqwJYpm/+9kN/bunP+lxZVRgfy3LZa/EPJiVOVuYP5NjkQQxuy/GSXNr57+ZfPOpU1zv+yJWu/mAvm/bg62HSBbnZ6cfr/xNzo2scRuwfbxZ9EcRsniYhdEbF7lW2cevqrPZ3KmuLPNnNT/F304D5T9cuIp+r7fyma4i8kHe9PTj5/dOrIxMaozB2cKI6KVj/9fPmN1rX15//v/b+2sv2/ue3xX+/fUMRosjFi4cLF07X7tQsrb+Pyb592PKdZ7fE/nLxVSw/n6z6YXlw8NxkxnLzWun7q9mOLfFE/i//A/vbjf3vc3hKPRER2EO+NiH0R8Wje98ci4vGI2N8pwN93xg8vPfHeyuPvclW+h7L4Z7vs/+wlL0vd3v/NB8JSm6I7EwOnv/+mU/vL2/+Ha6kD+ZrlvP516U67IAAAAOCeltY+A5+k47fSaTo+Xv8M/47YnFbmFxafOTF//uxs/bPyozGUFle6Rhquh07m14aL/FRT/lB+3fjzgU21/PjMfGW27OChz23pMP4zfwyU3Ttgzfm+FvQv4x/6l/EP/cv4h/5l/EP/ajf+PyqhH8DdVxv/adm9AMpQG//n95XdDaAEzv+hfxn/0Jc6fjc+7Vwk0dPEpsh/CmGd9GeZiUjXRTfWWyKWInr3hHHh4unBZf8xi9Ulkmhb1P11o/UXNgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANanfwMAAP//0JjdTg==")
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r1)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r2 = inotify_init1(0x0)
fcntl$setown(r2, 0x8, r0)
fcntl$getownex(r2, 0x10, &(0x7f0000000140)={0x0, <r3=>0x0})
r4 = syz_open_procfs$pagemap(r3, 0x0)
ioctl$PAGEMAP_SCAN(r4, 0xc0606610, &(0x7f0000000200)={0x60, 0x0, &(0x7f0000245000/0x2000)=nil, &(0x7f00004c7000/0x1000)=nil, 0x0, 0x0, 0x0, 0x1bb, 0x0, 0x0, 0x6a, 0x55})

program did not crash
testing program (duration=42.766832175s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_clone-syz_mount_image$ext4-syz_open_procfs-fchdir-mount-inotify_init1-fcntl$setown-fcntl$getownex-syz_open_procfs$pagemap-ioctl$PAGEMAP_SCAN
detailed listing:
executing program 0:
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000080), 0x1, 0x478, &(0x7f0000000dc0)="$eJzs3c9vFFUcAPDvTH/w21ZEEQSsopH4o6Xlhxy8aDTxoImJHjCealsIslBDSyKEaPWAR0Pi3Xg08S/wpBejnky8arwaEmK4gCYma2Z3Bpb9ZVu3TMN+PsnAe/Pe7nvfmXm7b2Z2uwH0rbHsnyRia0T8GhEj9eydFcbq/928fmnmr+uXZpKoVt/8M6nVu3H90kxRtXjclnqmWs3zG9q0e/mdiOlKZe5cnp9YPPP+xMKFi8+dOjN9cu7k3NmpY8cOH9o7fHTqyCqiSlrWZHHd2P3h/J5dr7595fWZ41fe/fHrrNbWvLwxjl4Zq2/dtp7sdWMl29aQTgZL7Agr8k9EZLtrqDb+R2IgNt0qG4lXPim1c8Caqlar1Xbvz7mlKnAPS6LsHgDlKN7os/PfYrlLU4914dqL9ROgLO6b+VIvGYw0Ijbm50bb1qj9sYg4vvT3F9kSa3QdAgCg0bfZ/OfZdvO/NB5qqHdffg9lNCLuj4jtEfFAROyIiAcjanV3RsTDK2y/+Q5J6/wnvbqqwJYpm/+9kN/bunP+lxZVRgfy3LZa/EPJiVOVuYP5NjkQQxuy/GSXNr57+ZfPOpU1zv+yJWu/mAvm/bg62HSBbnZ6cfr/xNzo2scRuwfbxZ9EcRsniYhdEbF7lW2cevqrPZ3KmuLPNnNT/F304D5T9cuIp+r7fyma4i8kHe9PTj5/dOrIxMaozB2cKI6KVj/9fPmN1rX15//v/b+2sv2/ue3xX+/fUMRosjFi4cLF07X7tQsrb+Pyb592PKdZ7fE/nLxVSw/n6z6YXlw8NxkxnLzWun7q9mOLfFE/i//A/vbjf3vc3hKPRER2EO+NiH0R8Wje98ci4vGI2N8pwN93xg8vPfHeyuPvclW+h7L4Z7vs/+wlL0vd3v/NB8JSm6I7EwOnv/+mU/vL2/+Ha6kD+ZrlvP516U67IAAAAOCeltY+A5+k47fSaTo+Xv8M/47YnFbmFxafOTF//uxs/bPyozGUFle6Rhquh07m14aL/FRT/lB+3fjzgU21/PjMfGW27OChz23pMP4zfwyU3Ttgzfm+FvQv4x/6l/EP/cv4h/5l/EP/ajf+PyqhH8DdVxv/adm9AMpQG//n95XdDaAEzv+hfxn/0Jc6fjc+7Vwk0dPEpsh/CmGd9GeZiUjXRTfWWyKWInr3hHHh4unBZf8xi9Ulkmhb1P11o/UXNgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANanfwMAAP//0JjdTg==")
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r1)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r2 = inotify_init1(0x0)
fcntl$setown(r2, 0x8, r0)
fcntl$getownex(r2, 0x10, &(0x7f0000000140)={0x0, <r3=>0x0})
r4 = syz_open_procfs$pagemap(r3, &(0x7f0000000580))
ioctl$PAGEMAP_SCAN(r4, 0xc0606610, 0x0)

program did not crash
extracting C reproducer
testing compiled C program (duration=42.766832175s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_clone-syz_mount_image$ext4-syz_open_procfs-fchdir-mount-inotify_init1-fcntl$setown-fcntl$getownex-syz_open_procfs$pagemap-ioctl$PAGEMAP_SCAN
program crashed: BUG: unable to handle kernel paging request in do_pagemap_cmd
simplifying C reproducer
testing compiled C program (duration=42.766832175s, {Threaded:false Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_clone-syz_mount_image$ext4-syz_open_procfs-fchdir-mount-inotify_init1-fcntl$setown-fcntl$getownex-syz_open_procfs$pagemap-ioctl$PAGEMAP_SCAN
program crashed: BUG: unable to handle kernel paging request in do_pagemap_cmd
testing compiled C program (duration=42.766832175s, {Threaded:false Repeat:false RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:false Cgroups:false BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_clone-syz_mount_image$ext4-syz_open_procfs-fchdir-mount-inotify_init1-fcntl$setown-fcntl$getownex-syz_open_procfs$pagemap-ioctl$PAGEMAP_SCAN
program did not crash
testing compiled C program (duration=42.766832175s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_clone-syz_mount_image$ext4-syz_open_procfs-fchdir-mount-inotify_init1-fcntl$setown-fcntl$getownex-syz_open_procfs$pagemap-ioctl$PAGEMAP_SCAN
program did not crash
testing compiled C program (duration=42.766832175s, {Threaded:false Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:true Sysctl:true Swap:false UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_clone-syz_mount_image$ext4-syz_open_procfs-fchdir-mount-inotify_init1-fcntl$setown-fcntl$getownex-syz_open_procfs$pagemap-ioctl$PAGEMAP_SCAN
program crashed: BUG: unable to handle kernel paging request in do_pagemap_cmd
testing compiled C program (duration=42.766832175s, {Threaded:false Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:false UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_clone-syz_mount_image$ext4-syz_open_procfs-fchdir-mount-inotify_init1-fcntl$setown-fcntl$getownex-syz_open_procfs$pagemap-ioctl$PAGEMAP_SCAN
program crashed: BUG: unable to handle kernel paging request in do_pagemap_cmd
testing compiled C program (duration=42.766832175s, {Threaded:false Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:false UseTmpDir:false HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_clone-syz_mount_image$ext4-syz_open_procfs-fchdir-mount-inotify_init1-fcntl$setown-fcntl$getownex-syz_open_procfs$pagemap-ioctl$PAGEMAP_SCAN
program crashed: BUG: unable to handle kernel paging request in do_pagemap_cmd
testing compiled C program (duration=42.766832175s, {Threaded:false Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:false UseTmpDir:false HandleSegv:false Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_clone-syz_mount_image$ext4-syz_open_procfs-fchdir-mount-inotify_init1-fcntl$setown-fcntl$getownex-syz_open_procfs$pagemap-ioctl$PAGEMAP_SCAN
program crashed: BUG: unable to handle kernel paging request in do_pagemap_cmd
testing compiled C program (duration=42.766832175s, {Threaded:false Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:false HandleSegv:false Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_clone-syz_mount_image$ext4-syz_open_procfs-fchdir-mount-inotify_init1-fcntl$setown-fcntl$getownex-syz_open_procfs$pagemap-ioctl$PAGEMAP_SCAN
program crashed: BUG: unable to handle kernel paging request in do_pagemap_cmd
reproducing took 59m52.127771552s
repro crashed as (corrupted=false):
Unable to handle kernel paging request at virtual address dfff800000000031
KASAN: null-ptr-deref in range [0x0000000000000188-0x000000000000018f]
Mem abort info:
  ESR = 0x0000000096000005
  EC = 0x25: DABT (current EL), IL = 32 bits
  SET = 0, FnV = 0
  EA = 0, S1PTW = 0
  FSC = 0x05: level 1 translation fault
Data abort info:
  ISV = 0, ISS = 0x00000005, ISS2 = 0x00000000
  CM = 0, WnR = 0, TnD = 0, TagAccess = 0
  GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0
[dfff800000000031] address between user and kernel address ranges
Internal error: Oops: 0000000096000005 [#1] PREEMPT SMP
Modules linked in:
CPU: 0 UID: 0 PID: 6545 Comm: syz-executor126 Not tainted 6.11.0-rc5-syzkaller-gdf54f4a16f82 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
pstate: 804000c5 (Nzcv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __lock_acquire+0xfc/0x779c kernel/locking/lockdep.c:5007
lr : lock_acquire+0x240/0x728 kernel/locking/lockdep.c:5759
sp : ffff8000a0ba7540
x29: ffff8000a0ba7800 x28: ffff800080d89a40 x27: 0000000000000001
x26: ffff0001b3cd0040 x25: 0000000000000000 x24: 0000000000000000
x23: 0000000000000000 x22: 1ffff00011ea20a1 x21: 0000000000000188
x20: 0000000000000001 x19: 0000000000000000 x18: 0000000000000000
x17: 0000000000000000 x16: ffff80008301a8cc x15: 0000000000000005
x14: 1ffff00014174f88 x13: dfff800000000000 x12: ffff700014174ed0
x11: ffff800080349378 x10: ffff80008f51050c x9 : 00000000000000f3
x8 : 0000000000000031 x7 : ffff800080d89a40 x6 : 0000000000000000
x5 : 0000000000000000 x4 : 0000000000000001 x3 : 0000000000000001
x2 : 0000000000000000 x1 : 0000000000000000 x0 : 0000000000000188
Call trace:
 __lock_acquire+0xfc/0x779c kernel/locking/lockdep.c:5007
 lock_acquire+0x240/0x728 kernel/locking/lockdep.c:5759
 down_read_killable+0x64/0x338 kernel/locking/rwsem.c:1549
 mmap_read_lock_killable include/linux/mmap_lock.h:153 [inline]
 do_pagemap_scan fs/proc/task_mmu.c:2771 [inline]
 do_pagemap_cmd+0x8d8/0x1240 fs/proc/task_mmu.c:2824
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:907 [inline]
 __se_sys_ioctl fs/ioctl.c:893 [inline]
 __arm64_sys_ioctl+0x14c/0x1c8 fs/ioctl.c:893
 __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]
 invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49
 el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132
 do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151
 el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:712
 el0t_64_sync_handler+0x84/0xfc arch/arm64/kernel/entry-common.c:730
 el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:598
Code: f0078e28 b9450d08 34008c88 d343fea8 (386d6908) 
---[ end trace 0000000000000000 ]---
----------------
Code disassembly (best guess):
   0:	f0078e28 	adrp	x8, 0xf1c7000
   4:	b9450d08 	ldr	w8, [x8, #1292]
   8:	34008c88 	cbz	w8, 0x1198
   c:	d343fea8 	lsr	x8, x21, #3
* 10:	386d6908 	ldrb	w8, [x8, x13] <-- trapping instruction

final repro crashed as (corrupted=false):
Unable to handle kernel paging request at virtual address dfff800000000031
KASAN: null-ptr-deref in range [0x0000000000000188-0x000000000000018f]
Mem abort info:
  ESR = 0x0000000096000005
  EC = 0x25: DABT (current EL), IL = 32 bits
  SET = 0, FnV = 0
  EA = 0, S1PTW = 0
  FSC = 0x05: level 1 translation fault
Data abort info:
  ISV = 0, ISS = 0x00000005, ISS2 = 0x00000000
  CM = 0, WnR = 0, TnD = 0, TagAccess = 0
  GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0
[dfff800000000031] address between user and kernel address ranges
Internal error: Oops: 0000000096000005 [#1] PREEMPT SMP
Modules linked in:
CPU: 0 UID: 0 PID: 6545 Comm: syz-executor126 Not tainted 6.11.0-rc5-syzkaller-gdf54f4a16f82 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
pstate: 804000c5 (Nzcv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __lock_acquire+0xfc/0x779c kernel/locking/lockdep.c:5007
lr : lock_acquire+0x240/0x728 kernel/locking/lockdep.c:5759
sp : ffff8000a0ba7540
x29: ffff8000a0ba7800 x28: ffff800080d89a40 x27: 0000000000000001
x26: ffff0001b3cd0040 x25: 0000000000000000 x24: 0000000000000000
x23: 0000000000000000 x22: 1ffff00011ea20a1 x21: 0000000000000188
x20: 0000000000000001 x19: 0000000000000000 x18: 0000000000000000
x17: 0000000000000000 x16: ffff80008301a8cc x15: 0000000000000005
x14: 1ffff00014174f88 x13: dfff800000000000 x12: ffff700014174ed0
x11: ffff800080349378 x10: ffff80008f51050c x9 : 00000000000000f3
x8 : 0000000000000031 x7 : ffff800080d89a40 x6 : 0000000000000000
x5 : 0000000000000000 x4 : 0000000000000001 x3 : 0000000000000001
x2 : 0000000000000000 x1 : 0000000000000000 x0 : 0000000000000188
Call trace:
 __lock_acquire+0xfc/0x779c kernel/locking/lockdep.c:5007
 lock_acquire+0x240/0x728 kernel/locking/lockdep.c:5759
 down_read_killable+0x64/0x338 kernel/locking/rwsem.c:1549
 mmap_read_lock_killable include/linux/mmap_lock.h:153 [inline]
 do_pagemap_scan fs/proc/task_mmu.c:2771 [inline]
 do_pagemap_cmd+0x8d8/0x1240 fs/proc/task_mmu.c:2824
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:907 [inline]
 __se_sys_ioctl fs/ioctl.c:893 [inline]
 __arm64_sys_ioctl+0x14c/0x1c8 fs/ioctl.c:893
 __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]
 invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49
 el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132
 do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151
 el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:712
 el0t_64_sync_handler+0x84/0xfc arch/arm64/kernel/entry-common.c:730
 el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:598
Code: f0078e28 b9450d08 34008c88 d343fea8 (386d6908) 
---[ end trace 0000000000000000 ]---
----------------
Code disassembly (best guess):
   0:	f0078e28 	adrp	x8, 0xf1c7000
   4:	b9450d08 	ldr	w8, [x8, #1292]
   8:	34008c88 	cbz	w8, 0x1198
   c:	d343fea8 	lsr	x8, x21, #3
* 10:	386d6908 	ldrb	w8, [x8, x13] <-- trapping instruction