beyond EOD, truncated [ 229.640647][ T1135] loop4: p166 start 10 is beyond EOD, truncated [ 229.647017][ T1135] loop4: p167 start 10 is beyond EOD, truncated [ 229.653246][ T1135] loop4: p168 start 10 is beyond EOD, truncated [ 229.659521][ T1135] loop4: p169 start 10 is beyond EOD, truncated [ 229.665768][ T1135] loop4: p170 start 10 is beyond EOD, truncated [ 229.672014][ T1135] loop4: p171 start 10 is beyond EOD, truncated [ 229.678692][ T1135] loop4: p172 start 10 is beyond EOD, truncated [ 229.685335][ T1135] loop4: p173 start 10 is beyond EOD, truncated [ 229.691590][ T1135] loop4: p174 start 10 is beyond EOD, truncated [ 229.697863][ T1135] loop4: p175 start 10 is beyond EOD, truncated [ 229.704117][ T1135] loop4: p176 start 10 is beyond EOD, truncated [ 229.710356][ T1135] loop4: p177 start 10 is beyond EOD, truncated [ 229.716699][ T1135] loop4: p178 start 10 is beyond EOD, truncated [ 229.722933][ T1135] loop4: p179 start 10 is beyond EOD, truncated [ 229.729250][ T1135] loop4: p180 start 10 is beyond EOD, truncated [ 229.735504][ T1135] loop4: p181 start 10 is beyond EOD, truncated [ 229.742215][ T1135] loop4: p182 start 10 is beyond EOD, truncated [ 229.748469][ T1135] loop4: p183 start 10 is beyond EOD, truncated [ 229.754729][ T1135] loop4: p184 start 10 is beyond EOD, truncated [ 229.760992][ T1135] loop4: p185 start 10 is beyond EOD, truncated [ 229.767378][ T1135] loop4: p186 start 10 is beyond EOD, truncated [ 229.773753][ T1135] loop4: p187 start 10 is beyond EOD, truncated [ 229.780077][ T1135] loop4: p188 start 10 is beyond EOD, truncated [ 229.786327][ T1135] loop4: p189 start 10 is beyond EOD, truncated [ 229.793327][ T1135] loop4: p190 start 10 is beyond EOD, truncated [ 229.799652][ T1135] loop4: p191 start 10 is beyond EOD, truncated [ 229.806013][ T1135] loop4: p192 start 10 is beyond EOD, truncated [ 229.812298][ T1135] loop4: p193 start 10 is beyond EOD, truncated [ 229.818534][ T1135] loop4: p194 start 10 is beyond EOD, truncated [ 229.824788][ T1135] loop4: p195 start 10 is beyond EOD, truncated [ 229.831153][ T1135] loop4: p196 start 10 is beyond EOD, truncated [ 229.837545][ T1135] loop4: p197 start 10 is beyond EOD, truncated [ 229.843837][ T1135] loop4: p198 start 10 is beyond EOD, truncated [ 229.850240][ T1135] loop4: p199 start 10 is beyond EOD, truncated [ 229.856486][ T1135] loop4: p200 start 10 is beyond EOD, truncated [ 229.862836][ T1135] loop4: p201 start 10 is beyond EOD, truncated [ 229.869072][ T1135] loop4: p202 start 10 is beyond EOD, truncated [ 229.876054][ T1135] loop4: p203 start 10 is beyond EOD, truncated [ 229.882435][ T1135] loop4: p204 start 10 is beyond EOD, truncated [ 229.888761][ T1135] loop4: p205 start 10 is beyond EOD, truncated [ 229.895127][ T1135] loop4: p206 start 10 is beyond EOD, truncated [ 229.901472][ T1135] loop4: p207 start 10 is beyond EOD, truncated [ 229.907772][ T1135] loop4: p208 start 10 is beyond EOD, truncated [ 229.914692][ T1135] loop4: p209 start 10 is beyond EOD, truncated [ 229.920925][ T1135] loop4: p210 start 10 is beyond EOD, truncated [ 229.927159][ T1135] loop4: p211 start 10 is beyond EOD, truncated [ 229.933406][ T1135] loop4: p212 start 10 is beyond EOD, truncated [ 229.939790][ T1135] loop4: p213 start 10 is beyond EOD, truncated [ 229.946166][ T1135] loop4: p214 start 10 is beyond EOD, truncated [ 229.952403][ T1135] loop4: p215 start 10 is beyond EOD, truncated [ 229.958662][ T1135] loop4: p216 start 10 is beyond EOD, truncated [ 229.965102][ T1135] loop4: p217 start 10 is beyond EOD, truncated [ 229.971345][ T1135] loop4: p218 start 10 is beyond EOD, truncated [ 229.977587][ T1135] loop4: p219 start 10 is beyond EOD, truncated [ 229.983861][ T1135] loop4: p220 start 10 is beyond EOD, truncated [ 229.990100][ T1135] loop4: p221 start 10 is beyond EOD, truncated [ 229.996398][ T1135] loop4: p222 start 10 is beyond EOD, truncated [ 230.002782][ T1135] loop4: p223 start 10 is beyond EOD, truncated [ 230.009237][ T1135] loop4: p224 start 10 is beyond EOD, truncated [ 230.015506][ T1135] loop4: p225 start 10 is beyond EOD, truncated [ 230.021825][ T1135] loop4: p226 start 10 is beyond EOD, truncated [ 230.028106][ T1135] loop4: p227 start 10 is beyond EOD, truncated [ 230.034340][ T1135] loop4: p228 start 10 is beyond EOD, truncated [ 230.040579][ T1135] loop4: p229 start 10 is beyond EOD, truncated [ 230.046964][ T1135] loop4: p230 start 10 is beyond EOD, truncated [ 230.053204][ T1135] loop4: p231 start 10 is beyond EOD, truncated [ 230.059564][ T1135] loop4: p232 start 10 is beyond EOD, truncated [ 230.065828][ T1135] loop4: p233 start 10 is beyond EOD, truncated [ 230.072064][ T1135] loop4: p234 start 10 is beyond EOD, truncated [ 230.078307][ T1135] loop4: p235 start 10 is beyond EOD, truncated [ 230.084604][ T1135] loop4: p236 start 10 is beyond EOD, truncated [ 230.090830][ T1135] loop4: p237 start 10 is beyond EOD, truncated [ 230.097072][ T1135] loop4: p238 start 10 is beyond EOD, truncated [ 230.103383][ T1135] loop4: p239 start 10 is beyond EOD, truncated [ 230.109617][ T1135] loop4: p240 start 10 is beyond EOD, truncated [ 230.115863][ T1135] loop4: p241 start 10 is beyond EOD, truncated [ 230.122094][ T1135] loop4: p242 start 10 is beyond EOD, truncated [ 230.128323][ T1135] loop4: p243 start 10 is beyond EOD, truncated [ 230.134573][ T1135] loop4: p244 start 10 is beyond EOD, truncated [ 230.140915][ T1135] loop4: p245 start 10 is beyond EOD, truncated [ 230.147164][ T1135] loop4: p246 start 10 is beyond EOD, truncated [ 230.153484][ T1135] loop4: p247 start 10 is beyond EOD, truncated [ 230.160643][ T1135] loop4: p248 start 10 is beyond EOD, truncated [ 230.167010][ T1135] loop4: p249 start 10 is beyond EOD, truncated [ 230.173729][ T1135] loop4: p250 start 10 is beyond EOD, truncated [ 230.179994][ T1135] loop4: p251 start 10 is beyond EOD, truncated [ 230.186564][ T1135] loop4: p252 start 10 is beyond EOD, truncated [ 230.192806][ T1135] loop4: p253 start 10 is beyond EOD, truncated [ 230.199113][ T1135] loop4: p254 start 10 is beyond EOD, truncated [ 230.205412][ T1135] loop4: p255 start 10 is beyond EOD, truncated 08:40:07 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000080)='f2fs\x00', 0x2080, 0x0) mount(&(0x7f00000001c0)=ANY=[@ANYBLOB="2f7c9cd1216cee6627e248dd861d01419269ac4cf3176dadbb"], &(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='aio\x00', 0x80, &(0x7f0000000180)='{.$\x00') chdir(&(0x7f0000000000)='./file0\x00') clone(0x4412c580, 0x0, 0x0, 0x0, 0x0) 08:40:07 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x11) 08:40:07 executing program 5: r0 = io_uring_setup(0x625c, &(0x7f0000000080)) io_uring_register$IORING_REGISTER_FILES(r0, 0x2, &(0x7f0000000200)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x6, &(0x7f0000000480)=[{0x0, 0x570000}], 0x1) r1 = io_uring_setup(0x625c, &(0x7f0000000080)={0x0, 0xfffffffd, 0x0, 0x2}) io_uring_register$IORING_REGISTER_FILES(r1, 0x2, &(0x7f0000000200)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x6, &(0x7f0000000480)=[{0x0, 0x570000}], 0x1) syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000200)="601c6d6b646f736647693c0008802001020000000100f8ffffffffffffff00000000000001ddb42c6c1da286e4a2241313eb467ed39b04f75f8854f1a364fcf510d9d89580344494783be26a0856861420af9a04950c1964f8ece94e59cd42dbb0d73667f37ca27d8f5549881885fcec0ee3bb52980000017f6577cf201377bd", 0x80, 0x1000000000000000}, {0x0, 0x0, 0xfffffffffffffffb}], 0x1080, &(0x7f0000000500)=ANY=[@ANYRESOCT=r0, @ANYRES16=r0, @ANYRESDEC=r0, @ANYBLOB="5803b3912a1ae9fd164f6cb53ca31b4a22044fd23e8430062ab1f5572ed9b9c33f82da41e478c7c80f717ff885f827f6114bc1d08827a284a946a0449fe8b9fda7c42f59d7c72d0c00080000149cd1f52940eef52f4da3e5658521f4281bb91dc370b0f99aa3f3216cca89139bf7494ad15578c0478ed91f", @ANYRESHEX=r1, @ANYRES32=r0]) chdir(&(0x7f0000000040)='./file0\x00') r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r2, 0x4, 0x6900) r3 = open(&(0x7f0000002000)='./bus\x00', 0x14b042, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f0000000080)={0x80002000}) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r5 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000280), 0x200000, 0x0) syz_io_uring_setup(0x5eaa, &(0x7f0000000300)={0x0, 0x4780, 0x0, 0x0, 0x251, 0x0, r5}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000380), &(0x7f00000004c0)) ftruncate(r3, 0x2008002) epoll_pwait(r3, &(0x7f0000000140)=[{}, {}, {}, {}, {}, {}, {}, {}, {}], 0x9, 0x4, &(0x7f00000000c0)={[0x3]}, 0x8) r6 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) sendfile(r2, r6, 0x0, 0x8400fffffffa) 08:40:07 executing program 1 (fault-call:9 fault-nth:38): pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x0) 08:40:07 executing program 0: syz_read_part_table(0xffffffe4, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:07 executing program 3: syz_read_part_table(0xa00000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 230.288202][ T1135] loop4: p1 p2 < p5 p6 p7 p8 p9 p10 p11 p12 p13 p14 p15 p16 p17 p18 p19 p20 p21 p22 p23 p24 p25 p26 p27 p28 p29 p30 p31 p32 p33 p34 p35 p36 p37 p38 p39 p40 p41 p42 p43 p44 p45 p46 p47 p48 p49 p50 p51 p52 p53 p54 p55 p56 p57 p58 p59 p60 p61 p62 p63 p64 p65 p66 p67 p68 p69 p70 p71 p72 p73 p74 p75 p76 p77 p78 p79 p80 p81 p82 p83 p84 p85 p86 p87 p88 p89 p90 p91 p92 p93 p94 p95 p96 p97 p98 p99 p100 p101 p102 p103 p104 p105 p106 p107 p108 p109 p110 p111 p112 p113 p114 p115 p116 p117 p118 p119 p120 p121 p122 p123 p124 p125 p126 p127 p128 p129 p130 p131 p132 p133 p134 p135 p136 p137 p138 p139 p140 p141 p142 p143 p144 p145 p146 p147 p148 p149 p150 p151 p152 p153 p154 p155 p156 p157 p158 p159 p160 p161 p162 p163 p164 p165 p166 p167 p168 p169 p170 p171 p172 p173 p174 p175 p176 p177 p178 p179 p180 p181 p182 p183 p184 p185 p186 p187 p188 p189 p190 p191 p192 p193 p194 p195 p196 p197 p198 p199 p200 p201 p202 p203 p204 p205 p206 p207 p208 p209 p210 p211 p212 p213 p214 p215 p2 [ 230.288575][ T1135] loop4: p1 start 10 is beyond EOD, [ 230.314440][T21506] loop5: detected capacity change from 0 to 264192 [ 230.376588][ T1135] truncated [ 230.385571][T21509] loop0: detected capacity change from 0 to 264192 [ 230.388354][ T1135] loop4: p2 size 2 extends beyond EOD, [ 230.392802][T21513] netlink: 1312 bytes leftover after parsing attributes in process `syz-executor.1'. [ 230.398502][ T1135] truncated [ 230.400329][ T1135] loop4: p3 start 225 is beyond EOD, [ 230.404193][T21507] loop3: detected capacity change from 0 to 264192 [ 230.413633][ T1135] truncated [ 230.413639][ T1135] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 230.417990][T21513] FAULT_INJECTION: forcing a failure. [ 230.417990][T21513] name failslab, interval 1, probability 0, space 0, times 0 [ 230.428174][ T1135] loop4: p5 start 10 is beyond EOD, [ 230.428804][T21513] CPU: 0 PID: 21513 Comm: syz-executor.1 Not tainted 5.13.0-rc5-syzkaller #0 [ 230.431930][ T1135] truncated [ 230.431935][ T1135] loop4: p6 start 10 is beyond EOD, [ 230.439356][T21513] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 230.439368][T21513] Call Trace: [ 230.439374][T21513] dump_stack+0x137/0x19d [ 230.451941][ T1135] truncated [ 230.457181][T21513] should_fail+0x23c/0x250 [ 230.465921][ T1135] loop4: p7 start 10 is beyond EOD, [ 230.468996][T21513] __should_failslab+0x81/0x90 [ 230.474251][ T1135] truncated [ 230.474255][ T1135] loop4: p8 start 10 is beyond EOD, [ 230.484277][T21513] should_failslab+0x5/0x20 [ 230.484293][T21513] kmem_cache_alloc_node+0x58/0x2b0 [ 230.487559][ T1135] truncated [ 230.491846][T21513] ? alloc_vmap_area+0x12f/0x1340 [ 230.494940][ T1135] loop4: p9 start 10 is beyond EOD, [ 230.499317][T21513] alloc_vmap_area+0x12f/0x1340 [ 230.504567][ T1135] truncated [ 230.504570][ T1135] loop4: p10 start 10 is beyond EOD, [ 230.509297][T21513] ? kmem_cache_alloc_node_trace+0x1f6/0x2e0 [ 230.512388][ T1135] truncated [ 230.512392][ T1135] loop4: p11 start 10 is beyond EOD, [ 230.517638][T21513] __get_vm_area_node+0x165/0x260 [ 230.522115][ T1135] truncated [ 230.522119][ T1135] loop4: p12 start 10 is beyond EOD, [ 230.527283][T21513] __vmalloc_node_range+0xc2/0x5b0 [ 230.530379][ T1135] truncated [ 230.530383][ T1135] loop4: p13 start 10 is beyond EOD, truncated [ 230.530393][ T1135] loop4: p14 start 10 is beyond EOD, truncated [ 230.530402][ T1135] loop4: p15 start 10 is beyond EOD, truncated [ 230.530411][ T1135] loop4: p16 start 10 is beyond EOD, truncated [ 230.530420][ T1135] loop4: p17 start 10 is beyond EOD, truncated [ 230.535447][T21513] ? netlink_sendmsg+0x425/0x7c0 [ 230.540713][ T1135] loop4: p18 start 10 is beyond EOD, [ 230.545535][T21513] ? selinux_socket_getpeersec_dgram+0x1f4/0x250 [ 230.545557][T21513] ? netlink_sendmsg+0x425/0x7c0 [ 230.548648][ T1135] truncated [ 230.548652][ T1135] loop4: p19 start 10 is beyond EOD, [ 230.553986][T21513] vmalloc+0x5a/0x70 [ 230.559939][ T1135] truncated [ 230.563009][T21513] ? netlink_sendmsg+0x425/0x7c0 [ 230.568361][ T1135] loop4: p20 start 10 is beyond EOD, [ 230.573344][T21513] netlink_sendmsg+0x425/0x7c0 [ 230.576440][ T1135] truncated [ 230.576444][ T1135] loop4: p21 start 10 is beyond EOD, truncated [ 230.576476][ T1135] loop4: p22 start 10 is beyond EOD, truncated [ 230.576486][ T1135] loop4: p23 start 10 is beyond EOD, truncated [ 230.576494][ T1135] loop4: p24 start 10 is beyond EOD, [ 230.581834][T21513] ? netlink_getsockopt+0x720/0x720 [ 230.586932][ T1135] truncated [ 230.590005][T21513] kernel_sendmsg+0x97/0xd0 [ 230.590021][T21513] sock_no_sendpage+0x84/0xb0 [ 230.590034][T21513] ? __receive_sock+0x20/0x20 [ 230.596190][ T1135] loop4: p25 start 10 is beyond EOD, [ 230.602303][T21513] kernel_sendpage+0x187/0x200 [ 230.608453][ T1135] truncated [ 230.614567][T21513] ? __receive_sock+0x20/0x20 [ 230.620699][ T1135] loop4: p26 start 10 is beyond EOD, [ 230.625593][T21513] sock_sendpage+0x5a/0x70 [ 230.625613][T21513] pipe_to_sendpage+0x128/0x160 [ 230.630958][ T1135] truncated [ 230.630962][ T1135] loop4: p27 start 10 is beyond EOD, [ 230.637259][T21513] ? sock_fasync+0xc0/0xc0 [ 230.637276][T21513] __splice_from_pipe+0x207/0x500 [ 230.642176][ T1135] truncated [ 230.642180][ T1135] loop4: p28 start 10 is beyond EOD, [ 230.645258][T21513] ? generic_splice_sendpage+0xb0/0xb0 [ 230.650605][ T1135] truncated [ 230.650609][ T1135] loop4: p29 start 10 is beyond EOD, [ 230.654464][T21513] generic_splice_sendpage+0x80/0xb0 [ 230.657550][ T1135] truncated [ 230.657554][ T1135] loop4: p30 start 10 is beyond EOD, truncated [ 230.657563][ T1135] loop4: p31 start 10 is beyond EOD, truncated [ 230.657599][ T1135] loop4: p32 start 10 is beyond EOD, truncated [ 230.657607][ T1135] loop4: p33 start 10 is beyond EOD, [ 230.662685][T21513] ? iter_file_splice_write+0x750/0x750 [ 230.668127][ T1135] truncated [ 230.672848][T21513] do_splice+0x9aa/0xd30 [ 230.672868][T21513] ? vfs_write+0x50c/0x770 [ 230.672880][T21513] ? __fget_light+0x21b/0x260 [ 230.672895][T21513] __se_sys_splice+0x2a6/0x390 [ 230.676009][ T1135] loop4: p34 start 10 is beyond EOD, [ 230.682123][T21513] __x64_sys_splice+0x74/0x80 [ 230.688272][ T1135] truncated [ 230.694382][T21513] do_syscall_64+0x4a/0x90 [ 230.699727][ T1135] loop4: p35 start 10 is beyond EOD, [ 230.704892][T21513] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 230.707985][ T1135] truncated [ 230.707990][ T1135] loop4: p36 start 10 is beyond EOD, [ 230.712454][T21513] RIP: 0033:0x4665d9 [ 230.717123][ T1135] truncated [ 230.721774][T21513] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 230.727129][ T1135] loop4: p37 start 10 is beyond EOD, [ 230.731851][T21513] RSP: 002b:00007f94c660c188 EFLAGS: 00000246 [ 230.735037][ T1135] truncated [ 230.739672][T21513] ORIG_RAX: 0000000000000113 [ 230.739679][T21513] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665d9 [ 230.745024][ T1135] loop4: p38 start 10 is beyond EOD, [ 230.749397][T21513] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003 [ 230.754233][ T1135] truncated [ 230.754237][ T1135] loop4: p39 start 10 is beyond EOD, [ 230.757315][T21513] RBP: 00007f94c660c1d0 R08: 000200000000e228 R09: 0000000000000000 [ 230.757327][T21513] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 230.762660][ T1135] truncated [ 230.762664][ T1135] loop4: p40 start 10 is beyond EOD, [ 230.767130][T21513] R13: 00007ffc46e01fdf R14: 00007f94c660c300 R15: 0000000000022000 [ 230.772135][ T1135] truncated [ 230.772139][ T1135] loop4: p41 start 10 is beyond EOD, truncated [ 230.772149][ T1135] loop4: p42 start 10 is beyond EOD, truncated [ 230.772157][ T1135] loop4: p43 start 10 is beyond EOD, truncated [ 230.772165][ T1135] loop4: p44 start 10 is beyond EOD, truncated [ 230.772174][ T1135] loop4: p45 start 10 is beyond EOD, truncated [ 230.772182][ T1135] loop4: p46 start 10 is beyond EOD, truncated [ 230.772190][ T1135] loop4: p47 start 10 is beyond EOD, truncated [ 230.772198][ T1135] loop4: p48 start 10 is beyond EOD, [ 230.795964][T21509] loop0: p1 p2 p3 p4 [ 230.799944][ T1135] truncated [ 230.799950][ T1135] loop4: p49 start 10 is beyond EOD, [ 230.803129][T21507] loop3: p1 p2 p3 p4 [ 230.809187][ T1135] truncated [ 230.809192][ T1135] loop4: p50 start 10 is beyond EOD, truncated [ 230.809206][ T1135] loop4: p51 start 10 is beyond EOD, truncated [ 230.809217][ T1135] loop4: p52 start 10 is beyond EOD, 08:40:08 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x12) [ 230.824069][T21507] loop3: p2 size 1073872896 extends beyond EOD, [ 230.826987][ T1135] truncated [ 230.832487][T21507] truncated [ 230.833445][T21509] loop0: p2 size 1073872896 extends beyond EOD, [ 230.835595][ T1135] loop4: p53 start 10 is beyond EOD, truncated [ 230.835609][ T1135] loop4: p54 start 10 is beyond EOD, [ 230.839842][T21509] truncated [ 230.841250][T21509] loop0: p3 size 1912633224 extends beyond EOD, [ 230.844377][ T1135] truncated [ 230.844382][ T1135] loop4: p55 start 10 is beyond EOD, [ 230.849076][T21509] truncated 08:40:08 executing program 1 (fault-call:9 fault-nth:39): pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x0) [ 230.850014][T21509] loop0: p4 size 3657465856 extends beyond EOD, [ 230.853882][ T1135] truncated [ 230.859221][T21509] truncated [ 230.863863][ T1135] loop4: p56 start 10 is beyond EOD, [ 230.877206][T21507] loop3: p3 size 1912633224 extends beyond EOD, [ 230.882658][ T1135] truncated [ 230.882663][ T1135] loop4: p57 start 10 is beyond EOD, truncated [ 230.882678][ T1135] loop4: p58 start 10 is beyond EOD, truncated [ 230.882690][ T1135] loop4: p59 start 10 is beyond EOD, [ 230.885817][T21507] truncated [ 230.889684][T21507] loop3: p4 size 3657465856 extends beyond EOD, [ 230.891169][ T1135] truncated [ 230.891173][ T1135] loop4: p60 start 10 is beyond EOD, [ 230.895075][T21507] truncated [ 231.155546][T21532] loop5: detected capacity change from 0 to 264192 [ 231.157000][ T1135] truncated [ 231.157006][ T1135] loop4: p61 start 10 is beyond EOD, truncated [ 231.220876][ T1135] loop4: p62 start 10 is beyond EOD, truncated [ 231.227065][ T1135] loop4: p63 start 10 is beyond EOD, truncated [ 231.233219][ T1135] loop4: p64 start 10 is beyond EOD, truncated [ 231.239364][ T1135] loop4: p65 start 10 is beyond EOD, truncated [ 231.245531][ T1135] loop4: p66 start 10 is beyond EOD, truncated [ 231.251684][ T1135] loop4: p67 start 10 is beyond EOD, truncated [ 231.257843][ T1135] loop4: p68 start 10 is beyond EOD, truncated [ 231.260538][T21543] netlink: 1312 bytes leftover after parsing attributes in process `syz-executor.1'. [ 231.263978][ T1135] loop4: p69 start 10 is beyond EOD, truncated [ 231.263991][ T1135] loop4: p70 start 10 is beyond EOD, [ 231.273817][T21543] FAULT_INJECTION: forcing a failure. [ 231.273817][T21543] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 231.279565][ T1135] truncated [ 231.279571][ T1135] loop4: p71 start 10 is beyond EOD, truncated [ 231.279584][ T1135] loop4: p72 start 10 is beyond EOD, [ 231.284945][T21543] CPU: 0 PID: 21543 Comm: syz-executor.1 Not tainted 5.13.0-rc5-syzkaller #0 [ 231.298102][ T1135] truncated [ 231.301175][T21543] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 231.307304][ T1135] loop4: p73 start 10 is beyond EOD, [ 231.312634][T21543] Call Trace: [ 231.312641][T21543] dump_stack+0x137/0x19d [ 231.321451][ T1135] truncated [ 231.324526][T21543] should_fail+0x23c/0x250 [ 231.334562][ T1135] loop4: p74 start 10 is beyond EOD, [ 231.339896][T21543] __alloc_pages+0x102/0x320 [ 231.343159][ T1135] truncated [ 231.343163][ T1135] loop4: p75 start 10 is beyond EOD, [ 231.347455][T21543] __vmalloc_node_range+0x319/0x5b0 [ 231.350564][ T1135] truncated [ 231.350568][ T1135] loop4: p76 start 10 is beyond EOD, [ 231.354950][T21543] ? netlink_sendmsg+0x425/0x7c0 [ 231.360320][ T1135] truncated [ 231.360324][ T1135] loop4: p77 start 10 is beyond EOD, [ 231.364877][T21543] vmalloc+0x5a/0x70 [ 231.367964][ T1135] truncated [ 231.367968][ T1135] loop4: p78 start 10 is beyond EOD, [ 231.373304][T21543] ? netlink_sendmsg+0x425/0x7c0 [ 231.378480][ T1135] truncated [ 231.381580][T21543] netlink_sendmsg+0x425/0x7c0 [ 231.386942][ T1135] loop4: p79 start 10 is beyond EOD, [ 231.391846][T21543] ? netlink_getsockopt+0x720/0x720 [ 231.394972][ T1135] truncated [ 231.400317][T21543] kernel_sendmsg+0x97/0xd0 [ 231.404184][ T1135] loop4: p80 start 10 is beyond EOD, [ 231.407270][T21543] sock_no_sendpage+0x84/0xb0 [ 231.412621][ T1135] truncated [ 231.412625][ T1135] loop4: p81 start 10 is beyond EOD, [ 231.417525][T21543] ? __receive_sock+0x20/0x20 [ 231.417545][T21543] kernel_sendpage+0x187/0x200 [ 231.420629][ T1135] truncated [ 231.420633][ T1135] loop4: p82 start 10 is beyond EOD, [ 231.425364][T21543] ? __receive_sock+0x20/0x20 [ 231.430712][ T1135] truncated [ 231.430716][ T1135] loop4: p83 start 10 is beyond EOD, [ 231.435882][T21543] sock_sendpage+0x5a/0x70 [ 231.438975][ T1135] truncated [ 231.443457][T21543] pipe_to_sendpage+0x128/0x160 [ 231.443472][T21543] ? sock_fasync+0xc0/0xc0 [ 231.443509][T21543] __splice_from_pipe+0x207/0x500 [ 231.443522][T21543] ? generic_splice_sendpage+0xb0/0xb0 [ 231.443536][T21543] generic_splice_sendpage+0x80/0xb0 [ 231.448922][ T1135] loop4: p84 start 10 is beyond EOD, [ 231.453537][T21543] ? iter_file_splice_write+0x750/0x750 [ 231.456627][ T1135] truncated [ 231.461957][T21543] do_splice+0x9aa/0xd30 [ 231.466617][ T1135] loop4: p85 start 10 is beyond EOD, [ 231.471347][T21543] ? vfs_write+0x50c/0x770 [ 231.474427][ T1135] truncated [ 231.474431][ T1135] loop4: p86 start 10 is beyond EOD, [ 231.479874][T21543] ? __fget_light+0x21b/0x260 [ 231.484527][ T1135] truncated [ 231.484531][ T1135] loop4: p87 start 10 is beyond EOD, [ 231.487611][T21543] __se_sys_splice+0x2a6/0x390 [ 231.487630][T21543] __x64_sys_splice+0x74/0x80 [ 231.492988][ T1135] truncated [ 231.492992][ T1135] loop4: p88 start 10 is beyond EOD, [ 231.497374][T21543] do_syscall_64+0x4a/0x90 [ 231.500475][ T1135] truncated [ 231.500479][ T1135] loop4: p89 start 10 is beyond EOD, [ 231.505298][T21543] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 231.509694][ T1135] truncated [ 231.509698][ T1135] loop4: p90 start 10 is beyond EOD, [ 231.514687][T21543] RIP: 0033:0x4665d9 [ 231.520122][ T1135] truncated [ 231.525368][T21543] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 231.530730][ T1135] loop4: p91 start 10 is beyond EOD, [ 231.536242][T21543] RSP: 002b:00007f94c660c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 231.539336][ T1135] truncated [ 231.539340][ T1135] loop4: p92 start 10 is beyond EOD, [ 231.543546][T21543] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665d9 [ 231.549688][ T1135] truncated [ 231.554083][T21543] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003 [ 231.557198][ T1135] loop4: p93 start 10 is beyond EOD, [ 231.562537][T21543] RBP: 00007f94c660c1d0 R08: 000200000000e228 R09: 0000000000000000 [ 231.567197][ T1135] truncated [ 231.570274][T21543] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 231.570287][T21543] R13: 00007ffc46e01fdf R14: 00007f94c660c300 R15: 0000000000022000 [ 231.721339][ T1135] loop4: p94 start 10 is beyond EOD, truncated [ 231.727496][ T1135] loop4: p95 start 10 is beyond EOD, truncated [ 231.733721][ T1135] loop4: p96 start 10 is beyond EOD, truncated [ 231.739902][ T1135] loop4: p97 start 10 is beyond EOD, truncated [ 231.746064][ T1135] loop4: p98 start 10 is beyond EOD, truncated [ 231.752279][ T1135] loop4: p99 start 10 is beyond EOD, truncated [ 231.758434][ T1135] loop4: p100 start 10 is beyond EOD, truncated [ 231.764660][ T1135] loop4: p101 start 10 is beyond EOD, truncated [ 231.770893][ T1135] loop4: p102 start 10 is beyond EOD, truncated [ 231.777152][ T1135] loop4: p103 start 10 is beyond EOD, truncated [ 231.783433][ T1135] loop4: p104 start 10 is beyond EOD, truncated [ 231.789659][ T1135] loop4: p105 start 10 is beyond EOD, truncated [ 231.795951][ T1135] loop4: p106 start 10 is beyond EOD, truncated [ 231.802215][ T1135] loop4: p107 start 10 is beyond EOD, truncated [ 231.808464][ T1135] loop4: p108 start 10 is beyond EOD, truncated [ 231.814820][ T1135] loop4: p109 start 10 is beyond EOD, truncated [ 231.821061][ T1135] loop4: p110 start 10 is beyond EOD, truncated [ 231.827304][ T1135] loop4: p111 start 10 is beyond EOD, truncated [ 231.833591][ T1135] loop4: p112 start 10 is beyond EOD, truncated [ 231.839842][ T1135] loop4: p113 start 10 is beyond EOD, truncated [ 231.846086][ T1135] loop4: p114 start 10 is beyond EOD, truncated [ 231.852321][ T1135] loop4: p115 start 10 is beyond EOD, truncated [ 231.858695][ T1135] loop4: p116 start 10 is beyond EOD, truncated [ 231.864940][ T1135] loop4: p117 start 10 is beyond EOD, truncated [ 231.871218][ T1135] loop4: p118 start 10 is beyond EOD, truncated [ 231.877456][ T1135] loop4: p119 start 10 is beyond EOD, truncated [ 231.883685][ T1135] loop4: p120 start 10 is beyond EOD, truncated [ 231.889985][ T1135] loop4: p121 start 10 is beyond EOD, truncated [ 231.896232][ T1135] loop4: p122 start 10 is beyond EOD, truncated [ 231.902545][ T1135] loop4: p123 start 10 is beyond EOD, truncated [ 231.908809][ T1135] loop4: p124 start 10 is beyond EOD, truncated [ 231.915205][ T1135] loop4: p125 start 10 is beyond EOD, truncated [ 231.921856][ T1135] loop4: p126 start 10 is beyond EOD, truncated [ 231.928332][ T1135] loop4: p127 start 10 is beyond EOD, truncated [ 231.934592][ T1135] loop4: p128 start 10 is beyond EOD, truncated [ 231.940837][ T1135] loop4: p129 start 10 is beyond EOD, truncated [ 231.947105][ T1135] loop4: p130 start 10 is beyond EOD, truncated [ 231.953439][ T1135] loop4: p131 start 10 is beyond EOD, truncated [ 231.959696][ T1135] loop4: p132 start 10 is beyond EOD, truncated [ 231.966048][ T1135] loop4: p133 start 10 is beyond EOD, truncated [ 231.972341][ T1135] loop4: p134 start 10 is beyond EOD, truncated [ 231.978587][ T1135] loop4: p135 start 10 is beyond EOD, truncated [ 231.984820][ T1135] loop4: p136 start 10 is beyond EOD, truncated [ 231.991075][ T1135] loop4: p137 start 10 is beyond EOD, truncated [ 231.997333][ T1135] loop4: p138 start 10 is beyond EOD, truncated [ 232.003595][ T1135] loop4: p139 start 10 is beyond EOD, truncated [ 232.009829][ T1135] loop4: p140 start 10 is beyond EOD, truncated [ 232.016074][ T1135] loop4: p141 start 10 is beyond EOD, truncated [ 232.022326][ T1135] loop4: p142 start 10 is beyond EOD, truncated [ 232.028571][ T1135] loop4: p143 start 10 is beyond EOD, truncated [ 232.034820][ T1135] loop4: p144 start 10 is beyond EOD, truncated 08:40:09 executing program 1 (fault-call:9 fault-nth:40): pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x0) 08:40:09 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x25) [ 232.041159][ T1135] loop4: p145 start 10 is beyond EOD, truncated [ 232.047399][ T1135] loop4: p146 start 10 is beyond EOD, truncated [ 232.053634][ T1135] loop4: p147 start 10 is beyond EOD, truncated [ 232.059896][ T1135] loop4: p148 start 10 is beyond EOD, truncated [ 232.066225][ T1135] loop4: p149 start 10 is beyond EOD, truncated [ 232.072535][ T1135] loop4: p150 start 10 is beyond EOD, truncated [ 232.078816][ T1135] loop4: p151 start 10 is beyond EOD, truncated [ 232.085055][ T1135] loop4: p152 start 10 is beyond EOD, truncated [ 232.091298][ T1135] loop4: p153 start 10 is beyond EOD, truncated [ 232.097584][ T1135] loop4: p154 start 10 is beyond EOD, truncated [ 232.103909][ T1135] loop4: p155 start 10 is beyond EOD, truncated [ 232.110144][ T1135] loop4: p156 start 10 is beyond EOD, truncated [ 232.116392][ T1135] loop4: p157 start 10 is beyond EOD, truncated [ 232.120720][T21550] netlink: 1312 bytes leftover after parsing attributes in process `syz-executor.1'. [ 232.122621][ T1135] loop4: p158 start 10 is beyond EOD, truncated [ 232.122636][ T1135] loop4: p159 start 10 is beyond EOD, truncated [ 232.132948][T21550] FAULT_INJECTION: forcing a failure. [ 232.132948][T21550] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 232.138318][ T1135] loop4: p160 start 10 is beyond EOD, truncated [ 232.138333][ T1135] loop4: p161 start 10 is beyond EOD, [ 232.144563][T21550] CPU: 0 PID: 21550 Comm: syz-executor.1 Not tainted 5.13.0-rc5-syzkaller #0 [ 232.144580][T21550] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 232.144588][T21550] Call Trace: [ 232.144594][T21550] dump_stack+0x137/0x19d [ 232.144613][T21550] should_fail+0x23c/0x250 [ 232.144626][T21550] __alloc_pages+0x102/0x320 [ 232.144640][T21550] __vmalloc_node_range+0x319/0x5b0 [ 232.157811][ T1135] truncated [ 232.164300][T21550] ? netlink_sendmsg+0x425/0x7c0 [ 232.169739][ T1135] loop4: p162 start 10 is beyond EOD, [ 232.178550][T21550] vmalloc+0x5a/0x70 [ 232.188614][ T1135] truncated [ 232.191869][T21550] ? netlink_sendmsg+0x425/0x7c0 [ 232.196198][ T1135] loop4: p163 start 10 is beyond EOD, [ 232.200578][T21550] netlink_sendmsg+0x425/0x7c0 [ 232.205150][ T1135] truncated [ 232.210314][T21550] ? netlink_getsockopt+0x720/0x720 [ 232.213409][ T1135] loop4: p164 start 10 is beyond EOD, [ 232.218426][T21550] kernel_sendmsg+0x97/0xd0 [ 232.223961][ T1135] truncated [ 232.223969][ T1135] loop4: p165 start 10 is beyond EOD, [ 232.227842][T21550] sock_no_sendpage+0x84/0xb0 [ 232.231013][ T1135] truncated [ 232.235861][T21550] ? __receive_sock+0x20/0x20 [ 232.241302][ T1135] loop4: p166 start 10 is beyond EOD, [ 232.246039][T21550] kernel_sendpage+0x187/0x200 [ 232.246062][T21550] ? __receive_sock+0x20/0x20 [ 232.246078][T21550] sock_sendpage+0x5a/0x70 [ 232.249167][ T1135] truncated [ 232.249172][ T1135] loop4: p167 start 10 is beyond EOD, [ 232.254339][T21550] pipe_to_sendpage+0x128/0x160 [ 232.259783][ T1135] truncated [ 232.264247][T21550] ? sock_fasync+0xc0/0xc0 [ 232.267363][ T1135] loop4: p168 start 10 is beyond EOD, [ 232.272787][T21550] __splice_from_pipe+0x207/0x500 [ 232.277444][ T1135] truncated [ 232.280524][T21550] ? generic_splice_sendpage+0xb0/0xb0 [ 232.285188][ T1135] loop4: p169 start 10 is beyond EOD, [ 232.290604][T21550] generic_splice_sendpage+0x80/0xb0 [ 232.295357][ T1135] truncated [ 232.299995][T21550] ? iter_file_splice_write+0x750/0x750 [ 232.304439][ T1135] loop4: p170 start 10 is beyond EOD, [ 232.307525][T21550] do_splice+0x9aa/0xd30 [ 232.307541][T21550] ? vfs_write+0x50c/0x770 [ 232.312988][ T1135] truncated [ 232.312993][ T1135] loop4: p171 start 10 is beyond EOD, [ 232.317826][T21550] ? __fget_light+0x21b/0x260 [ 232.317847][T21550] __se_sys_splice+0x2a6/0x390 [ 232.317861][T21550] __x64_sys_splice+0x74/0x80 [ 232.317875][T21550] do_syscall_64+0x4a/0x90 [ 232.320988][ T1135] truncated [ 232.320992][ T1135] loop4: p172 start 10 is beyond EOD, [ 232.325406][T21550] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 232.330841][ T1135] truncated [ 232.335838][T21550] RIP: 0033:0x4665d9 [ 232.335854][T21550] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 232.338941][ T1135] loop4: p173 start 10 is beyond EOD, [ 232.344369][T21550] RSP: 002b:00007f94c660c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 232.344384][T21550] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665d9 [ 232.344392][T21550] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003 [ 232.349838][ T1135] truncated [ 232.355273][T21550] RBP: 00007f94c660c1d0 R08: 000200000000e228 R09: 0000000000000000 [ 232.355286][T21550] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 232.358365][ T1135] loop4: p174 start 10 is beyond EOD, [ 232.363893][T21550] R13: 00007ffc46e01fdf R14: 00007f94c660c300 R15: 0000000000022000 [ 232.369342][ T1135] truncated [ 232.511176][ T1135] loop4: p175 start 10 is beyond EOD, truncated [ 232.517428][ T1135] loop4: p176 start 10 is beyond EOD, truncated [ 232.523666][ T1135] loop4: p177 start 10 is beyond EOD, truncated [ 232.529982][ T1135] loop4: p178 start 10 is beyond EOD, truncated [ 232.536346][ T1135] loop4: p179 start 10 is beyond EOD, truncated [ 232.542573][ T1135] loop4: p180 start 10 is beyond EOD, truncated [ 232.548868][ T1135] loop4: p181 start 10 is beyond EOD, truncated [ 232.555165][ T1135] loop4: p182 start 10 is beyond EOD, truncated [ 232.561421][ T1135] loop4: p183 start 10 is beyond EOD, truncated [ 232.567707][ T1135] loop4: p184 start 10 is beyond EOD, truncated [ 232.574015][ T1135] loop4: p185 start 10 is beyond EOD, truncated [ 232.580248][ T1135] loop4: p186 start 10 is beyond EOD, truncated [ 232.586502][ T1135] loop4: p187 start 10 is beyond EOD, truncated [ 232.592973][ T1135] loop4: p188 start 10 is beyond EOD, truncated [ 232.599242][ T1135] loop4: p189 start 10 is beyond EOD, truncated [ 232.605484][ T1135] loop4: p190 start 10 is beyond EOD, truncated [ 232.611711][ T1135] loop4: p191 start 10 is beyond EOD, truncated [ 232.617939][ T1135] loop4: p192 start 10 is beyond EOD, truncated [ 232.624169][ T1135] loop4: p193 start 10 is beyond EOD, truncated [ 232.630407][ T1135] loop4: p194 start 10 is beyond EOD, truncated [ 232.636725][ T1135] loop4: p195 start 10 is beyond EOD, truncated [ 232.642987][ T1135] loop4: p196 start 10 is beyond EOD, truncated [ 232.649217][ T1135] loop4: p197 start 10 is beyond EOD, truncated [ 232.655460][ T1135] loop4: p198 start 10 is beyond EOD, truncated [ 232.661683][ T1135] loop4: p199 start 10 is beyond EOD, truncated [ 232.667928][ T1135] loop4: p200 start 10 is beyond EOD, truncated [ 232.674339][ T1135] loop4: p201 start 10 is beyond EOD, truncated [ 232.680578][ T1135] loop4: p202 start 10 is beyond EOD, truncated [ 232.686829][ T1135] loop4: p203 start 10 is beyond EOD, truncated [ 232.693111][ T1135] loop4: p204 start 10 is beyond EOD, truncated [ 232.702290][ T1135] loop4: p205 start 10 is beyond EOD, truncated [ 232.708562][ T1135] loop4: p206 start 10 is beyond EOD, truncated [ 232.714788][ T1135] loop4: p207 start 10 is beyond EOD, truncated [ 232.721035][ T1135] loop4: p208 start 10 is beyond EOD, truncated [ 232.727271][ T1135] loop4: p209 start 10 is beyond EOD, truncated [ 232.733621][ T1135] loop4: p210 start 10 is beyond EOD, truncated [ 232.739846][ T1135] loop4: p211 start 10 is beyond EOD, truncated [ 232.746277][ T1135] loop4: p212 start 10 is beyond EOD, truncated [ 232.752507][ T1135] loop4: p213 start 10 is beyond EOD, truncated [ 232.758801][ T1135] loop4: p214 start 10 is beyond EOD, truncated [ 232.765047][ T1135] loop4: p215 start 10 is beyond EOD, truncated [ 232.771270][ T1135] loop4: p216 start 10 is beyond EOD, truncated [ 232.779743][ T1135] loop4: p217 start 10 is beyond EOD, truncated [ 232.785983][ T1135] loop4: p218 start 10 is beyond EOD, truncated [ 232.792209][ T1135] loop4: p219 start 10 is beyond EOD, truncated [ 232.798443][ T1135] loop4: p220 start 10 is beyond EOD, truncated [ 232.804846][ T1135] loop4: p221 start 10 is beyond EOD, truncated [ 232.811122][ T1135] loop4: p222 start 10 is beyond EOD, truncated [ 232.817428][ T1135] loop4: p223 start 10 is beyond EOD, truncated [ 232.823653][ T1135] loop4: p224 start 10 is beyond EOD, truncated [ 232.829940][ T1135] loop4: p225 start 10 is beyond EOD, truncated [ 232.836184][ T1135] loop4: p226 start 10 is beyond EOD, truncated [ 232.842413][ T1135] loop4: p227 start 10 is beyond EOD, truncated [ 232.848724][ T1135] loop4: p228 start 10 is beyond EOD, truncated [ 232.854997][ T1135] loop4: p229 start 10 is beyond EOD, truncated [ 232.861240][ T1135] loop4: p230 start 10 is beyond EOD, truncated [ 232.867481][ T1135] loop4: p231 start 10 is beyond EOD, truncated [ 232.873705][ T1135] loop4: p232 start 10 is beyond EOD, truncated [ 232.879930][ T1135] loop4: p233 start 10 is beyond EOD, truncated [ 232.886166][ T1135] loop4: p234 start 10 is beyond EOD, truncated [ 232.892400][ T1135] loop4: p235 start 10 is beyond EOD, truncated 08:40:10 executing program 1 (fault-call:9 fault-nth:41): pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x0) 08:40:10 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x30) [ 232.898644][ T1135] loop4: p236 start 10 is beyond EOD, truncated [ 232.904890][ T1135] loop4: p237 start 10 is beyond EOD, truncated [ 232.911178][ T1135] loop4: p238 start 10 is beyond EOD, truncated [ 232.917415][ T1135] loop4: p239 start 10 is beyond EOD, truncated [ 232.923637][ T1135] loop4: p240 start 10 is beyond EOD, truncated [ 232.929878][ T1135] loop4: p241 start 10 is beyond EOD, truncated [ 232.936125][ T1135] loop4: p242 start 10 is beyond EOD, truncated [ 232.942352][ T1135] loop4: p243 start 10 is beyond EOD, truncated [ 232.948594][ T1135] loop4: p244 start 10 is beyond EOD, truncated [ 232.954846][ T1135] loop4: p245 start 10 is beyond EOD, truncated [ 232.961108][ T1135] loop4: p246 start 10 is beyond EOD, truncated [ 232.967338][ T1135] loop4: p247 start 10 is beyond EOD, truncated [ 232.973555][ T1135] loop4: p248 start 10 is beyond EOD, truncated [ 232.979810][ T1135] loop4: p249 start 10 is beyond EOD, truncated [ 232.986069][ T1135] loop4: p250 start 10 is beyond EOD, truncated [ 232.992380][ T1135] loop4: p251 start 10 is beyond EOD, truncated [ 232.994883][T21557] netlink: 1312 bytes leftover after parsing attributes in process `syz-executor.1'. [ 232.998613][ T1135] loop4: p252 start 10 is beyond EOD, truncated [ 232.998627][ T1135] loop4: p253 start 10 is beyond EOD, [ 233.008641][T21557] FAULT_INJECTION: forcing a failure. [ 233.008641][T21557] name failslab, interval 1, probability 0, space 0, times 0 [ 233.014276][ T1135] truncated [ 233.014281][ T1135] loop4: p254 start 10 is beyond EOD, truncated [ 233.014295][ T1135] loop4: p255 start 10 is beyond EOD, truncated [ 233.019756][T21557] CPU: 0 PID: 21557 Comm: syz-executor.1 Not tainted 5.13.0-rc5-syzkaller #0 [ 233.019774][T21557] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 233.019782][T21557] Call Trace: [ 233.019788][T21557] dump_stack+0x137/0x19d [ 233.074189][T21557] should_fail+0x23c/0x250 [ 233.078666][T21557] ? __build_skb+0x2d/0x170 [ 233.083160][T21557] __should_failslab+0x81/0x90 [ 233.087906][T21557] should_failslab+0x5/0x20 [ 233.092501][T21557] kmem_cache_alloc+0x46/0x2f0 [ 233.097296][T21557] __build_skb+0x2d/0x170 [ 233.101609][T21557] netlink_sendmsg+0x443/0x7c0 [ 233.106356][T21557] ? netlink_getsockopt+0x720/0x720 [ 233.111647][T21557] kernel_sendmsg+0x97/0xd0 [ 233.116133][T21557] sock_no_sendpage+0x84/0xb0 [ 233.120797][T21557] ? __receive_sock+0x20/0x20 [ 233.125454][T21557] kernel_sendpage+0x187/0x200 [ 233.130199][T21557] ? __receive_sock+0x20/0x20 [ 233.134877][T21557] sock_sendpage+0x5a/0x70 [ 233.139269][T21557] pipe_to_sendpage+0x128/0x160 [ 233.144107][T21557] ? sock_fasync+0xc0/0xc0 [ 233.148496][T21557] __splice_from_pipe+0x207/0x500 [ 233.153493][T21557] ? generic_splice_sendpage+0xb0/0xb0 [ 233.158929][T21557] generic_splice_sendpage+0x80/0xb0 [ 233.164190][T21557] ? iter_file_splice_write+0x750/0x750 [ 233.169714][T21557] do_splice+0x9aa/0xd30 [ 233.173939][T21557] ? vfs_write+0x50c/0x770 [ 233.178331][T21557] ? __fget_light+0x21b/0x260 [ 233.182987][T21557] __se_sys_splice+0x2a6/0x390 [ 233.187738][T21557] __x64_sys_splice+0x74/0x80 [ 233.192391][T21557] do_syscall_64+0x4a/0x90 [ 233.196785][T21557] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 233.202700][T21557] RIP: 0033:0x4665d9 [ 233.206620][T21557] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 233.226204][T21557] RSP: 002b:00007f94c660c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 233.234594][T21557] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665d9 [ 233.242555][T21557] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003 [ 233.250504][T21557] RBP: 00007f94c660c1d0 R08: 000200000000e228 R09: 0000000000000000 [ 233.258451][T21557] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 233.266398][T21557] R13: 00007ffc46e01fdf R14: 00007f94c660c300 R15: 0000000000022000 08:40:10 executing program 5: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) r1 = open(&(0x7f0000002000)='./bus\x00', 0x14b042, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000f, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ftruncate(r1, 0x2008002) r3 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) fcntl$setsig(r0, 0xa, 0x2b) sendfile(r0, r3, 0x0, 0x8400fffffffa) 08:40:10 executing program 3: syz_read_part_table(0xb00000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:10 executing program 0: syz_read_part_table(0xffffffee, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:10 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000280)='ramfs\x00', 0x0, 0x0) r0 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) setregid(0x0, r1) r2 = getuid() mount$9p_tcp(&(0x7f0000000100), &(0x7f0000000200)='./file0/file0\x00', &(0x7f00000002c0), 0x4110, &(0x7f00000003c0)={'trans=tcp,', {'port', 0x3d, 0x4e23}, 0x2c, {[{@cache_none}, {@cache_mmap}, {@cache_mmap}, {@msize={'msize', 0x3d, 0x8}}, {@dfltgid={'dfltgid', 0x3d, r1}}, {@cache_none}, {@afid={'afid', 0x3d, 0x9}}, {@cache_none}, {@version_L}, {@access_uid={'access', 0x3d, r2}}], [{@smackfstransmute={'smackfstransmute', 0x3d, 'ramfs\x00'}}, {@measure}, {@smackfsfloor={'smackfsfloor', 0x3d, '-'}}, {@subj_role={'subj_role', 0x3d, 'ramfs\x00'}}, {@func={'func', 0x3d, 'PATH_CHECK'}}, {@obj_type={'obj_type', 0x3d, 'ramfs\x00'}}, {@smackfstransmute={'smackfstransmute', 0x3d, 'ramfs\x00'}}, {@fowner_gt={'fowner>', 0xee01}}]}}) mount(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x100000, 0x0) mkdir(&(0x7f0000000040)='./file0/file0\x00', 0x0) mount(&(0x7f00000001c0)=ANY=[@ANYBLOB="2e2f66696c65302f66696c6530eabdb97dc8708ca23a7a564375204ad07c00"], &(0x7f0000000380)='./file0/file0\x00', 0x0, 0x201000, 0x0) mount(&(0x7f0000000180)=ANY=[@ANYBLOB="1fbf48575b"], &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x200f080, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r3, 0x0) preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0) umount2(&(0x7f0000000300)='./file0\x00', 0xa) r4 = open_tree(r3, &(0x7f0000000080)='./file0\x00', 0x89101) fcntl$setownex(r4, 0xf, &(0x7f00000000c0)={0x0, 0xffffffffffffffff}) 08:40:10 executing program 4: sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYBLOB="8000000001020104000000000000000002000000240002801400018008000100ac1414aa08000200ac1e00010c000280050001"], 0x80}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000200)=ANY=[], 0x208e24b) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r2, r1, 0x0, 0x100000002) r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/exe\x00', 0x0, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r4, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000100)={&(0x7f0000000280)=ANY=[@ANYBLOB="48000000000101040000000000000000050000013400188008000340000000010800170000b103408000000108000340fffffcb0a5000240fffffffb08000240000000ff0800034000000005"], 0x48}, 0x1, 0x0, 0x0, 0x880}, 0x800) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r3, 0x0) preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0) [ 233.383109][T21600] loop3: detected capacity change from 0 to 264192 [ 233.389890][T21598] loop5: detected capacity change from 0 to 264192 [ 233.394682][T21601] loop0: detected capacity change from 0 to 264192 [ 233.404196][T21598] FAT-fs (loop5): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 233.445455][T21600] loop3: p1 p2 p3 p4 [ 233.445522][T21601] loop0: p1 p2 p3 p4 [ 233.453687][T21600] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 233.454129][T21601] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 233.469054][T21600] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 233.484070][T21601] loop0: p3 size 1912633224 extends beyond EOD, truncated 08:40:10 executing program 5: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) r1 = open(&(0x7f0000002000)='./bus\x00', 0x14b042, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000f, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r3 = openat$null(0xffffffffffffff9c, &(0x7f0000000180), 0x2400, 0x0) sendfile(0xffffffffffffffff, r3, &(0x7f00000001c0), 0x1fffc0000) ftruncate(r1, 0x2008002) r4 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) sendfile(r0, r4, 0x0, 0x8400fffffffa) [ 233.491773][T21600] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 233.499117][T21601] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 233.516232][ T1773] FAT-fs (loop5): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 233.527067][ T1135] loop0: p1 p2 p3 p4 [ 233.533483][ T1135] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 233.544798][ T1135] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 233.552926][ T1135] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 233.566117][T21600] loop3: detected capacity change from 0 to 264192 [ 233.586707][T21600] loop3: p1 p2 p3 p4 [ 233.591241][T21600] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 233.599275][T21601] loop0: detected capacity change from 0 to 264192 [ 233.602576][T21657] loop5: detected capacity change from 0 to 264192 [ 233.613323][T21600] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 233.623275][T21657] FAT-fs (loop5): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 233.632894][T21600] loop3: p4 size 3657465856 extends beyond EOD, truncated 08:40:10 executing program 3: syz_read_part_table(0xc00000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 233.645438][T21601] loop0: p1 p2 p3 p4 [ 233.649851][T21601] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 233.670741][T21601] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 233.689417][T21601] loop0: p4 size 3657465856 extends beyond EOD, truncated 08:40:10 executing program 5: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) r1 = open(&(0x7f0000002000)='./bus\x00', 0x14b042, 0x0) move_mount(r0, &(0x7f0000000080)='./bus\x00', 0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x6a) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000f, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ftruncate(r1, 0x8) r3 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) sendfile(r0, r3, 0x0, 0x8400fffffffa) 08:40:10 executing program 0: syz_read_part_table(0xfffffff6, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:10 executing program 1 (fault-call:9 fault-nth:42): pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x0) 08:40:10 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x48) [ 233.730696][T21622] netlink: 72 bytes leftover after parsing attributes in process `syz-executor.4'. [ 233.752804][ T22] FAT-fs (loop5): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 233.773464][T21689] loop3: detected capacity change from 0 to 264192 [ 233.823311][T21689] loop3: p1 p2 p3 p4 [ 233.827891][T21689] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 233.849280][T21713] loop0: detected capacity change from 0 to 264192 [ 233.856727][T21689] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 233.864721][T21689] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 233.868690][T21717] loop5: detected capacity change from 0 to 264192 [ 233.885719][T21713] loop0: p1 p2 p3 p4 [ 233.890788][T21713] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 233.899351][T21717] FAT-fs (loop5): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 233.901114][T21727] netlink: 1312 bytes leftover after parsing attributes in process `syz-executor.1'. 08:40:11 executing program 5: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) r1 = open(&(0x7f0000002000)='./bus\x00', 0x14b042, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000f, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ftruncate(r1, 0x2008002) r3 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) sendfile(r0, r3, 0x0, 0x8400fffffffa) creat(&(0x7f0000000080)='./file0\x00', 0x0) [ 233.923547][T21713] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 233.940336][T21713] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 233.963867][T21727] FAULT_INJECTION: forcing a failure. 08:40:11 executing program 3: syz_read_part_table(0xd00000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 233.963867][T21727] name failslab, interval 1, probability 0, space 0, times 0 [ 233.976525][T21727] CPU: 1 PID: 21727 Comm: syz-executor.1 Not tainted 5.13.0-rc5-syzkaller #0 [ 233.985309][T21727] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 233.995351][T21727] Call Trace: [ 233.998631][T21727] dump_stack+0x137/0x19d [ 234.002671][T21747] loop3: detected capacity change from 0 to 264192 [ 234.002998][T21727] should_fail+0x23c/0x250 [ 234.013871][T21727] __should_failslab+0x81/0x90 [ 234.018671][T21727] should_failslab+0x5/0x20 [ 234.023216][T21727] kmem_cache_alloc_node_trace+0x58/0x2e0 [ 234.028991][T21727] ? __get_vm_area_node+0x11b/0x260 [ 234.034308][T21727] ? ___cache_free+0x3c/0x300 [ 234.038970][T21727] __get_vm_area_node+0x11b/0x260 [ 234.044204][T21727] __vmalloc_node_range+0xc2/0x5b0 [ 234.049317][T21727] ? netlink_sendmsg+0x425/0x7c0 [ 234.054232][T21727] ? selinux_socket_getpeersec_dgram+0x1f4/0x250 [ 234.060551][T21727] ? netlink_sendmsg+0x425/0x7c0 [ 234.065501][T21727] vmalloc+0x5a/0x70 [ 234.069381][T21727] ? netlink_sendmsg+0x425/0x7c0 [ 234.074376][T21727] netlink_sendmsg+0x425/0x7c0 [ 234.079222][T21727] ? netlink_getsockopt+0x720/0x720 [ 234.084424][T21727] kernel_sendmsg+0x97/0xd0 [ 234.088925][T21727] sock_no_sendpage+0x84/0xb0 [ 234.093624][T21727] ? __receive_sock+0x20/0x20 [ 234.098277][T21727] kernel_sendpage+0x187/0x200 [ 234.103053][T21727] ? __receive_sock+0x20/0x20 [ 234.107777][T21727] sock_sendpage+0x5a/0x70 [ 234.112263][T21727] pipe_to_sendpage+0x128/0x160 [ 234.117095][T21727] ? sock_fasync+0xc0/0xc0 [ 234.121491][T21727] __splice_from_pipe+0x207/0x500 [ 234.126491][T21727] ? generic_splice_sendpage+0xb0/0xb0 [ 234.131946][T21727] generic_splice_sendpage+0x80/0xb0 [ 234.137207][T21727] ? iter_file_splice_write+0x750/0x750 [ 234.142732][T21727] do_splice+0x9aa/0xd30 [ 234.146984][T21727] ? vfs_write+0x50c/0x770 [ 234.151375][T21727] ? __fget_light+0x21b/0x260 [ 234.156066][T21727] __se_sys_splice+0x2a6/0x390 [ 234.160868][T21727] __x64_sys_splice+0x74/0x80 [ 234.165539][T21727] do_syscall_64+0x4a/0x90 [ 234.169957][T21727] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 234.175843][T21727] RIP: 0033:0x4665d9 [ 234.179713][T21727] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 234.199387][T21727] RSP: 002b:00007f94c660c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 234.207775][T21727] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665d9 [ 234.215808][T21727] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003 [ 234.223786][T21727] RBP: 00007f94c660c1d0 R08: 000200000000e228 R09: 0000000000000000 [ 234.231786][T21727] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 234.239787][T21727] R13: 00007ffc46e01fdf R14: 00007f94c660c300 R15: 0000000000022000 [ 234.249562][ T1773] FAT-fs (loop5): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 08:40:11 executing program 4: r0 = fcntl$dupfd(0xffffffffffffffff, 0x406, 0xffffffffffffffff) write$eventfd(r0, &(0x7f0000000000)=0x3, 0x8) r1 = socket$inet6(0xa, 0x2, 0x0) sendmmsg$inet6(r1, &(0x7f0000000080)=[{{&(0x7f0000000040)={0xa, 0x4e24, 0x0, @empty}, 0x1c, 0x0}}, {{&(0x7f0000000380)={0xa, 0x4e23, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, 0x1c, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="2400000000000000290000003200000000000000000000020000000000000001", @ANYRES32=0x0, @ANYBLOB="000000000000000000002ba877c5047ff9106cf2f93b5c9b44f0edbc2b5956e6de51cbd34353f43793ba6255dc0cd8c198498023f9419d25800a52e0b6d93c233948b224deeb7ac1e6"], 0x28}}], 0x2, 0x0) [ 234.286999][T21747] loop3: p1 p2 p3 p4 [ 234.292011][T21747] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 234.323139][T21713] loop0: detected capacity change from 0 to 264192 [ 234.334870][T21747] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 234.344821][T21768] loop5: detected capacity change from 0 to 264192 [ 234.351779][T21747] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 234.359460][T21713] loop0: p1 p2 p3 p4 [ 234.367099][T21768] FAT-fs (loop5): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 234.376447][T21713] loop0: p2 size 1073872896 extends beyond EOD, truncated 08:40:11 executing program 4: perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) r0 = perf_event_open(&(0x7f0000000200)={0x0, 0x80, 0x0, 0x0, 0x2, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x3, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x0, 0xfffffffc}, 0x20, 0x0, 0x4, 0x4, 0x100000000, 0xfffffff7, 0x0, 0x0, 0xa18, 0x0, 0x40}, 0x0, 0x0, 0xffffffffffffffff, 0xf) openat$cgroup_freezer_state(0xffffffffffffffff, &(0x7f0000000280), 0x2, 0x0) r1 = openat$sysfs(0xffffff9c, &(0x7f0000000080)='/sys/power/state', 0x2, 0x0) perf_event_open(&(0x7f0000000180)={0x3, 0x80, 0x0, 0x0, 0x7f, 0x40, 0x0, 0x200, 0x0, 0x9, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x87e0, 0x0, @perf_bp={&(0x7f0000000140), 0x4}, 0x10080, 0xb77, 0xde9, 0x6, 0x91, 0x3, 0x7, 0x0, 0x401, 0x0, 0x6}, 0x0, 0xc, 0xffffffffffffffff, 0x1) r2 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fcntl$dupfd(r2, 0x0, 0xffffffffffffffff) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r2, 0x81f8943c, &(0x7f000004db80)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f00000016c0)={0x0, ""/256, 0x0, 0x0}) r8 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r8, 0x81f8943c, &(0x7f000004db80)={0x0, ""/256, 0x0, 0x0}) r11 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x11) r12 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x200002, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r11, 0x81f8943c, &(0x7f0000000280)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r12, 0xd000943d, &(0x7f0000042dc0)={0x7, [{0x0, r15}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r14}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r15}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r13}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r15}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r15}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r13}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r15}, {}, {0x0, r15}, {0x0, r15}, {}, {}, {}, {}, {}, {0x0, r15}], 0x9, "effdfbfac8aecb"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000062c40)={0x0, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r10}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r7}, {}, {}, {}, {}, {}, {0x0, r7}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r7}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r13}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r10}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}], 0x0, "8bebfe4f74c300"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000062c40)={0x0, [{0x0, r7}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r7}, {}, {}, {}, {0x0, r4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r7}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r6}, {}, {r5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r6}, {}, {}, {}, {0x0, r7}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r16}, {0x0, r4}, {}, {}, {}, {}, {}, {}, {}, {}, {r6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r3}], 0x0, "8bebeb894f74c3"}) sendfile(r1, r1, &(0x7f0000000000)=0x7, 0x3) [ 234.395666][T21713] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 234.415005][T21713] loop0: p4 size 3657465856 extends beyond EOD, truncated 08:40:11 executing program 3: syz_read_part_table(0xe00000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:11 executing program 0: syz_read_part_table(0xfffffffb, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 234.499762][T21801] PM: suspend entry (deep) [ 234.518671][ T1773] FAT-fs (loop5): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 234.528617][T21803] loop3: detected capacity change from 0 to 264192 08:40:11 executing program 5: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) r1 = open(&(0x7f0000002000)='./bus\x00', 0x14b042, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000f, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ftruncate(r1, 0x2008002) r3 = io_uring_setup(0x625c, &(0x7f0000000080)) io_uring_register$IORING_REGISTER_FILES(r3, 0x2, &(0x7f0000000200)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_REGISTER_BUFFERS(r3, 0x6, &(0x7f0000000480)=[{0x0, 0x570000}], 0x1) pread64(r3, &(0x7f0000000300)=""/226, 0xe2, 0x4d83) r4 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) sendfile(r0, r4, 0x0, 0x8400fffffffa) [ 234.543142][ T1773] FAT-fs (loop5): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 234.587425][T21803] loop3: p1 p2 p3 p4 [ 234.595991][T21803] loop3: p2 size 1073872896 extends beyond EOD, truncated 08:40:11 executing program 1 (fault-call:9 fault-nth:43): pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x0) [ 234.636521][T21817] loop0: detected capacity change from 0 to 264192 [ 234.646423][T21803] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 234.660885][T21803] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 234.677599][T21825] loop5: detected capacity change from 0 to 264192 08:40:11 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x4c) [ 234.682188][T21801] Filesystems sync: 0.177 seconds [ 234.696886][T21817] loop0: p1 p2 p3 p4 [ 234.701416][T21817] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 234.703919][T21801] Freezing user space processes ... [ 234.709827][T21817] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 234.724063][T21817] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 234.735515][T21801] (elapsed 0.026 seconds) done. [ 234.740423][T21801] OOM killer disabled. [ 234.744502][T21801] Freezing remaining freezable tasks ... (elapsed 0.001 seconds) done. [ 234.754007][T21801] printk: Suspending console(s) (use no_console_suspend to debug) [ 234.795475][ T22] sd 0:0:1:0: [sda] Synchronizing SCSI cache [ 235.311365][T21801] ACPI: Preparing to enter system sleep state S3 [ 235.311525][T21801] PM: Saving platform NVS memory [ 235.311535][T21801] Disabling non-boot CPUs ... [ 235.314845][T21801] smpboot: CPU 1 is now offline [ 235.317890][T21801] kvm-clock: cpu 0, msr 4506001, primary cpu clock, resume [ 235.317953][T21801] ACPI: Low-level resume complete [ 235.318026][T21801] PM: Restoring platform NVS memory [ 235.318034][T21801] kvm-guest: stealtime: cpu 0, msr 237c170c0 [ 235.328043][T21801] Enabling non-boot CPUs ... [ 235.328744][T21801] x86: Booting SMP configuration: [ 235.328754][T21801] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 235.329021][ T0] kvm-clock: cpu 1, msr 4506041, secondary cpu clock [ 235.330075][ T14] kvm-guest: stealtime: cpu 1, msr 237d170c0 [ 235.331612][T21801] CPU1 is up [ 235.331879][T21801] ACPI: Waking up from system sleep state S3 [ 235.448819][T21801] OOM killer enabled. [ 235.449379][T21801] Restarting tasks ... [ 235.453647][ T1135] synth uevent: /devices/virtual/block/loop2: failed to send uevent [ 235.455498][ T1135] block loop2: uevent: failed to send synthetic uevent [ 235.459030][T21801] done. [ 235.459726][T21801] PM: suspend exit [ 235.463383][T21835] loop3: detected capacity change from 0 to 264192 [ 235.468950][T21826] netlink: 1312 bytes leftover after parsing attributes in process `syz-executor.1'. [ 235.470515][T21826] FAULT_INJECTION: forcing a failure. [ 235.470515][T21826] name failslab, interval 1, probability 0, space 0, times 0 [ 235.472420][T21826] CPU: 0 PID: 21826 Comm: syz-executor.1 Not tainted 5.13.0-rc5-syzkaller #0 [ 235.473912][T21826] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 235.475551][T21826] Call Trace: [ 235.475805][T21825] FAT-fs (loop5): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 235.476097][T21826] dump_stack+0x137/0x19d [ 235.478352][T21826] should_fail+0x23c/0x250 [ 235.479169][T21826] __should_failslab+0x81/0x90 [ 235.479930][T21826] should_failslab+0x5/0x20 [ 235.480613][T21826] kmem_cache_alloc_node+0x58/0x2b0 [ 235.481485][T21826] ? alloc_vmap_area+0x12f/0x1340 [ 235.482362][T21826] alloc_vmap_area+0x12f/0x1340 [ 235.483111][T21826] ? kmem_cache_alloc_node_trace+0x1f6/0x2e0 [ 235.484098][T21826] __get_vm_area_node+0x165/0x260 08:40:12 executing program 1 (fault-call:9 fault-nth:44): pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x0) [ 235.484868][T21826] __vmalloc_node_range+0xc2/0x5b0 [ 235.485707][T21826] ? netlink_sendmsg+0x425/0x7c0 [ 235.486701][T21826] ? selinux_socket_getpeersec_dgram+0x1f4/0x250 [ 235.487801][T21826] ? netlink_sendmsg+0x425/0x7c0 [ 235.488506][T21826] vmalloc+0x5a/0x70 [ 235.489102][T21826] ? netlink_sendmsg+0x425/0x7c0 [ 235.489936][T21826] netlink_sendmsg+0x425/0x7c0 [ 235.490798][T21826] ? netlink_getsockopt+0x720/0x720 [ 235.491648][T21826] kernel_sendmsg+0x97/0xd0 [ 235.492376][T21826] sock_no_sendpage+0x84/0xb0 [ 235.493082][T21826] ? __receive_sock+0x20/0x20 [ 235.493762][T21826] kernel_sendpage+0x187/0x200 [ 235.494633][T21826] ? __receive_sock+0x20/0x20 [ 235.495425][T21826] sock_sendpage+0x5a/0x70 [ 235.496176][T21826] pipe_to_sendpage+0x128/0x160 [ 235.497002][T21826] ? sock_fasync+0xc0/0xc0 [ 235.497660][T21826] __splice_from_pipe+0x207/0x500 [ 235.498520][T21826] ? generic_splice_sendpage+0xb0/0xb0 [ 235.499369][T21826] generic_splice_sendpage+0x80/0xb0 [ 235.500174][T21826] ? iter_file_splice_write+0x750/0x750 [ 235.501070][T21826] do_splice+0x9aa/0xd30 [ 235.501793][T21826] ? vfs_write+0x50c/0x770 [ 235.502499][T21826] ? __fget_light+0x21b/0x260 [ 235.503423][T21826] __se_sys_splice+0x2a6/0x390 [ 235.504153][T21826] __x64_sys_splice+0x74/0x80 [ 235.504790][T21826] do_syscall_64+0x4a/0x90 [ 235.505455][T21826] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 235.506413][T21826] RIP: 0033:0x4665d9 [ 235.507021][T21826] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 235.509780][T21826] RSP: 002b:00007f94c662d188 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 235.511262][T21826] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 235.512357][T21826] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003 [ 235.513528][T21826] RBP: 00007f94c662d1d0 R08: 000200000000e228 R09: 0000000000000000 [ 235.514747][T21826] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 235.515958][T21826] R13: 00007ffc46e01fdf R14: 00007f94c662d300 R15: 0000000000022000 08:40:12 executing program 4: r0 = socket$inet6(0x10, 0x3, 0x0) r1 = socket(0x6, 0x80000, 0x80000001) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'veth0_to_hsr\x00', 0x0}) bind$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @random}, 0x14) setsockopt$inet6_IPV6_PKTINFO(r1, 0x29, 0x32, &(0x7f0000001b00)={@private0, r2}, 0x14) sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000080)="5500000018007f7000fe01b282a280930a60000248a84302910000003900090023001000020000000d0005005071c110aa2ebc37fb696bfe80000720000000000000149b1100b1df13000000fb0000400000000040", 0x55}], 0x1}, 0x0) r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r4 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000100), 0x1c1400, 0x0) write$binfmt_elf64(r4, &(0x7f0000000280)=ANY=[@ANYBLOB="7f454c461335f74080000000000000000200060003000000d4010000000000004000000000000000d00100000000000000000080010038000100b902010001000600000000000000090000000000000029050000000000000100000000000000010400000000000001000000000000000400000000000000eb379fa507e6a9355d430e7f31e3146e40bf25053546b62fe77689ad31a27326103f8863016a75d0ee39550fa5204f31f2eeada8c26dc2f2ee088c96499e09ec13b83fc30bca7493fc96fe27d866bf4a53e44027ade40b7a177b0f7c04a55e1bc97b643726cfe0ef947ddef85ab9d1f24085a5b25d3048a798d39bb7e22a1de9f951639ac677fa3c13c48fa2f61d5a260cd4460f4017b0440a07f4cfa1a669e03de7fc6789c12892dcaa071e2f1639da74be1a4d2516c155b7e251673a4bf2dad697a42663ea3a7a70a85488ea35f3d8a8998ee802590c03ca48fbb0322dede894f030d31b1861e4b20d4afe3090458a316c9ea9665408799223b461fb5a073e4d4f0cefc0bc0c54af4d0a9a9e4fe7700cd06cc50956feb841da9aea02a9121466daedd46222d9ebf954691310cc9b460b5b502205164964ec06f00a0f0779d95a5754b49a9a33e8d5c1c73b89fedf2c175bfd1d67e54148bd79b49772698b36a647ccd9677e588f18753c350a27b26b7fdd8f3275f7d5283cf6fa2fb04468d17a0162b863d310b772591d2229db30b9cfb3883a7f75c8b4bf906c67c66380ef59eec8668abef16a3a99e32545d51add29d77e2d50dbaaf60014a4a868bd0134b610fac0df8837c8f224744b30b88df3b71242703efa2ed564095388c025149d12bb401207818287ab607ed252371e739e6bccae6886a721aa422aa3614c1f039509bddc323e50c0df3429b14a06cb591f6fbb45132cccd1dd6d2ebb599746e9c24b4e55632bb17c9afa94d711cb2ff9c7a0ca8d05edc7025c1fa280cae1cccf5ab0cc100360dcbd923746637902e53b34030303a0d13ad8f0bc6bfd98cc0c5f5efb6f6c5e270b467e0430e37ee9f2396849bbf3e9a707bc52e17b044a15a8f503e724909cebc8c46192059f50ff765bc028aa242625c5ffc0fff067c132c744720e769305f309c44abdb745cd86add3d49a16754b963908e64915e7caa4f1e4588e0fa5fc31cb3f73df0dff623aaf42ba5bc358f1272fd09c8ddb56764da286451aac09e838374299f3ab49a61a4b217159cb8129b8c68d8f9f302078bc175b5a9bd35670901884ccb16159b99b2794c1b056e2f2f49308a3309b63fc3ce1a2f0c3961e2f4ea63d7a31f519f14d70ee83503450af6f2e7bc495abc604feb3c3eaf773e5a666d17910a71dd310106cfe3bf85933640cd96fe1469841be8140328b40f2c4bfad25e926fb56094c7f3d182fcac179c35cdf4c2019ee338d91fe5913561e1d15c2930010bcf58cd0e65bb351540929a7e54fb5cb529c15a7cad9d1b215dc45bf5a0e9bc0883a7965a15fdf9f6f2cde79463cc63efe552aae59bc541ba1737ef4a425517e237e200f7d0f71c2e7c0849dd25908366e0fbd43ca0c29431c14262b01dfa229b9b00431a607713acd552b7eb0edf6d2065b72ac270aa50f39c0563f1b23002773c576f593994033d9c823321a8719997059c916bbcfdda5bc71356a29bd862c177ccc1c893098b43334d4195e240b46cdb9b63e05ea82aac3623cd132f7dadc4368fefe2371512fb7a5db6b4e887bbc3b4a7e1f30140207f8d58c72b5ccb8a40af8e3488ada60a2468606f08c7f025654b6afa1936900647d2024a574d97a47b5f000febc8bc5f9dee3240bdcc5f020b33cbf6e9db5b5631e640c8a84a2e1ec11b616178c050dd4b5197d16f933fe572b85d2467100bddb0fdc8a05848dbacb6fe2d413a193259ed7945d25fb617733fa27c936b7731358e6785c6f6596bb9a3b0e60bdba25cc52ee413b4cf100a0a11a217237f9eb7980b1605b1f877537b4894b29f85afade4026af0cec782409493d5a901be677f1cf437fc454fe5afbf9a670bc03c6fd8a386814625d99f95913086df21abe1075b2613c1d0d50a0bdfff21760d08a275bdb76448cf497bf86790d63e0bb157fcced020d156c84d2542d1d95041947c4d5b25ddac78005be6fe93f6ef420292ccb233864b65497caf9344c6da7fc1181ed5098cdcf93d3ef9d10f37cf5ffb18075bc6cc38a8adc56d6973d864cd0da9cf0aebd52c91864f383288553749758bf914ec77ad82a3ce359f9ad35d252848a2f889c889fe7e4d1aed3baa2706511faa67bbdf4a920b9fc72332886f8af916bc46761102042bf1a610e3751b62a978bd8e22e3301955a8cc128dc94871396d88be9ac8fdaa15b4eb33609b3fa83b5af167fb4a4a4b011c9a22dc85d690d2b573ad98fc81c96ae0690690964b4860fef41a74d8e3f643d3b2313c40d9f99212f4a42088cbbcdfa4773c45b65c387db3037959bcc84a71898e6f93f8358745456b2a6b5254030f49e6bc587e6acbfe9246992239344f13e8bea86650c8a7e50c2e1fe580c7d1478a310c6ee02acade7932cb1b3d59f018aadcce178f17a187103af2c62482fd813581211e2bca67ce4dca3e9834ac47ee51d988e20689cfe72b862d7d5cd6b65a93f39aeb05cd665bc84eeada8c12d14c05e1863c4bba02df1d7f4855fe1ff86e5a91c2670e7f4966447cee2cc6e9ba4e5a10772c44d694330a55f8efbac4afbc959e3ecadafdaf81454b39ac536945f2f161a2319dec79c16db4eed1411c99f1289fc9c54919421813eb02151ec37822d6aa1cc7869216eacdc422fe988da3164dddd3e34374498849bb0fba363ac434332fcfd10845e1e82b9715d45a7b9fccb21e12354cf9f3fec4526f5257a7a3e8aef97123643e972bc735dd1a686f1deeb979ff2f45826488ec674423b7519ceb536a303dd4ed337d5436fa2f540c937c11127d94459ac90983ef0b23a77b5b4ab688630a6e6d6ed41ba8f01c44bcaca3c5506d8fc1588c62b3ddc9a3b8b22022fa273851c5859e7e7a9d5877a775401045e6f0be0b9ba52ad66946048e96bdcdcbb415aacbdb8cf3255f68c349587ff9869c98cc639e5c103c1f32608d4d686de225390227f025f8344dc5023651e7930ddead5c58944d996bd560be2be31839c84bd24234d41258c45a61231722ff79c8e78d81d2e94b8f984bf7063ea1e35bd2605b9d2bb4bdb7110845c8b7e050791f76906b10a0813cd99392501e958cbc66e4eaa81bedcca96261eb5bd411128441b59a076eacaf962fd1bab60e6ea2f1a0faa640093f14778d9097dcef643141629fbfe68a1d5ae680cd90b6f79e7e2cfa70b665d9ccd01e64ae4a5d87aa8aa52162d0d1752a5c012ab4cb295093c095627db6ce48693d9880c3b35a7b99f9ba640696288c806407b135a885c1a79dfafd03fe7fd5ad22b555d93f6a978c17f35efcd2317533a9cacd63e79d6f9136c1c30f7eaf56238577a6599c8f373397fc617d104edf8e5bee371f184115079ded84841ae9065b735b08b42b5ece244172db9aa2d0c18e3a56c5b287280cc171498a4013d268771c55d5812ba1dade5e78ea013b3db51b45f3024aa4a9320de341eac1a82e479a61eee1c864e36cb896b54c30ba33c15df5d09474770a2f5c33e92e5e7d20a985876d5a42d04333a174f0cf84ddf9b442b76e328d5ade07a39864612260b83c6bf5868d96a1eb32876b303b0cb5f36fcdcb9460c400a1f64b8339ae929635100c56233707cf33887e727a1f51ad0c40acf22a0fd4e77aac18855d2494347b05c00dc83ebb650c926513af0d7a98340aaeb6a6a4510ce6e5f2c6de7bb1f740aee407b573bd703c5a1c350c12308f4007e28639457ffd45315756922399ded5c47e0cc68b8f86cfc66527e3c475421674ab7659c45ec8b9f58bf21d36e1457eac4e816fb62e75d0707ccaf7e6230c8770c487487517e1a8ff334c30ae23135336b0c37a40c75ceb0b19a0e110881df0c28523ddb4527690c684f26f012e72ef17d3b6ca3b05979e3d2ed60cd0bbe05009e5151fb941590ef5170d57512b21f9be7209c866785602be582cb7daf18d8168bda8df1a2fe6c080cf33c21525b4d1e13c773e065c2fe4c307bfd4ef38a9f4e1bfa275f4f1bddda23b602364b5a1a63b65147fbaa7a1d6deed59e7ecd47abe8860a68e95cf625cab00820e2fc3e07200eabd2b54eebe84917097f8415c936c7b0ae5326a4ee6d0c01aa19789d8fec7b9358b06fd08ca78ef3b11ba98b9b26b563875ce0c34155877546024e7c2f517c3a760dc2303c950361d7f410a0922baa246194ec39dcbe561b74e8e0764d262aaf63c3da201a728ec973fadbdbe61f2d1829efa99591871f2a90725753b61145c45e03c81efb144b51807cdf9a3ff447d523a8c7cb22d946fae78605cf48e48c7263afa90d4f323dd438ff7688c51bcc4f4750c131b219810a19a0779832fc51bda9c9a977f03537927748ff2cf69762fd71d0ba27d665f4106f0ee336c69438a692cfcb8d534e17f172c2fa832bf65f8e2c3470d0575a97a7741cb0a5d9cb72a8de7342537baa4e40630cd1ad5b7403fcc7f2dff6590b3b014aa368ad791a378c12e2c3a39727f4f3294b0f926d54f64ab5f9aebe47366916498365ecd34c82b63f0b4796140a7bd8b037d9f8ff6ffb67a4e052d3feaaf530cebeb02f149c19eba0b9d0c43ca25f196c360ce96a4da45313f81adaf56e880432953479c843660ee492a8a2028eed71a8ccbaab741e5cfd29fa48b4a99a6c0a7253eaf3f22ab930eb1e0baf292ae112a965e83697c0f0d5e7eb002828de25729843e1a7bdf886d987eb5d37ff62ca1b182ba9f9773f25a4fa850ed1e1fc9e86b8675ae75be7159d69148013a0b937e2703c19a23cc63389f78d64e01d42a088c7e7d5aca3c6dd7f2bb39cf631833f1a72f2ccc87def564c36cf1541bf84b6417d855f2dfa7987ca70a757a2f4a53bb7ff9901004dc73531b37231de80714aaaf6609769add00a4892b1a328dbb5243eb4c750ac98bcd28d1f28683ebbdebb84f9923317ff207da739592f3ebb47c2feaf52d47966dc4cc73ec65dbf3249a30a33e4d49bd6e5e1fd0482c9a68183613920db21cf9f7ea6ee6ac455eaf789033473f648e9fdf158d30aec2a844aadfc44ff82f37c1f9d4f1bc5d858e76d7f4556fb8adb365cc26f5499c10b1b9bb7a8996c741ec8c7eb10b0c83181eebe1e8d5a8e707e5f0abd0383a7c3a30ae52d4e1e0297029adba3bc384531e0a3ede6b31e68750c6287c8399738a19bb3135b17d9873d6f9ac7701624d0ece44f0fb28d59bbea8afec5cfac0016e0470576f7172d8a7cb255c45d77f89b2acf2e07e9b5abc5e3cf5d88856dc7017fff842d9863bc6df0e3c3600c5f367d0282fb83735c995b646d29770b64b100617be4e9091f1f90ca3f8f8c021d4599194f8849f7490ca218004d949d685fa9016af4e6263dcd56427641f0cd3097f6b24010ddea9aaabd85c7f41c2234e6f9b25b6af57361b36b4dee4859f859fdb35dbf292f3fddca03afb208193888efd4959d948acd99b28c077346830115824db39b018923bbda2ea0eee60b2dfaf54271d3837cac903527481cf37e67ba2c7ef0784ca55237c071ed8bf4c595d3a85750e009cdcef85d8451aba322779e218239cac39239cdb01c69e42d934d499e102d23e4b2d9cda68564e3023dea73a78525b12802157ecf95e5630d3ddafbe10d1c3e6fe73fcb25e7df850b24bb0f645565601dc7cd202aa4429c878a3d8c8bea1af9b37ec38dce8c272deb19ce589b8015a23b689f4b9ca5eff73a0814cd8dedf1bb442d85ae49a53a0b4d14c9cf1cd1dbe0ea6631d1332deeab2412fa16c24899db1cc602294e720d3260b0eeaf540e61f11648b1f75b469e65ed68d6a09357e39c7a70f13e8d1cd700"/4984], 0x1378) setsockopt$inet6_IPV6_ADDRFORM(r3, 0x29, 0x1, &(0x7f0000000000), 0x4) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'veth0_to_hsr\x00', 0x0}) bind$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @random}, 0x14) r6 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r6, &(0x7f0000000480)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0xb}, 0x2}, 0x1c) getsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000004b80)={{{@in6=@initdev, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast1}, 0x0, @in=@private}}, &(0x7f0000004c80)=0xe8) sendmmsg$inet(r6, &(0x7f0000004e40)=[{{&(0x7f0000000200)={0x2, 0x4e24, @private=0xa010100}, 0x10, &(0x7f0000001900)=[{&(0x7f0000001b40)="e97d264db129fcb4a9f0edda96eb23204e95dbc1ab22a52268e6e40d75ae79ecd6ea0dce53d422324109942e39916c1b4e266ac1062641bdeba706abfda506e15c596205055a22390a5c75ca311f799e832dd6c036b00ecec38f7b144de7e80e595b5907aa2a9ac8cce5fd86529f47e86746ee022d36da6f8dac48f6eaf407bdfcebdd72134ff32f42070d2fe20c8c8b2f06599025310976a2a2aad705238bb82a22ffa91f4bc98fc320d5ebe69110d8a168ca2ad247404427323f98f4285193bb54f7ef4b8f2a9669978394924ccadc497cb83d93cd3d4ac08886bdc1851493309361c29c8a659e3a985716732f1bd202d9b666e85a9faa42b434e015a2080370c6ebfe384f8bae1d3f39d66b941e91af1b5621cab2bdbcfe864b0ea83840524ec6beb0537b0533170d9d8d0c8fb25a46e7f7927870915bb655d2dda10198650d55833ebf6325b80e2c4e5561cc4a8704b37cf8236f2165701c189f9c0449e486629b8ccbfd04e54ad129605d7f28af544438f171d15446b6d784581be572c8b8138011a44b406d35da2ccd9185b0e4e70e0808392e3a12923f802b31e58453061d403c064fec28f684482fef96bb2b62a9f1e4d0a7151eaa4447f71a12d278a2109ddbfe94e1623debe016f82bf190c8c8a0c0f23d28cfa6ed4ddd2247301f773a5b1598edff014ed01ea7d51daaac527f10da70dd941e7c986b41e348d15be2effc52c24990f198ea06bfd9653ca64912b04652ae5485e6645f4f12cbb529c8bc409267ea47e317886ca75f5c5e04cc6bb2244f87286d6f8c2eb0b9489b7ca3a8f0e95f3a4ae83e3db33096dd01be160cbee85d27725aede91bcf20588133042b012d212024ca565df7af8ac024977a612347ae70206dcb2fde9f0ed66cff9a62128bc59404954f4b06bee98700c1ef22d58737e5092c143b85297398660d3d4a140e625b67456e0709b14aab840881dcdd76ed141eb0b771999516d7a51486bbb19b0e6a6fe203a7ca9a9762fb39be9013ca11d9036e0e85e2cb0bffe9ed7ca53ab410e56d6bd7b31c2feaafd35f26d0ca8146a164a2a3f9a824ca61d6d4ce52293025396c573e528352d2f32073c3ac1ace9a038db824d882fae82bf9f8fa4002fbd57c44be1d69f9f29bdca7ffa580fad35fa434076b9e452e2d73ef8e982e2e4fafb4256205c7a2a2dfd41b9e56590fd843fee58d9d721ec9d39ee17284010bf637e8d58f9a27bf86643fe9304f5b4ccbdfdedc2251a16c9fe8ca13735e381176c3b3a3387b69bdea2ec030b2e691f58afb57f0baeb2128a7c082ed0e17726094ea5c9e18586290e7f6bd1f6bc1ba42387d84c0d76287a7a6b6948f0a6b1c68a974f2fa6981e0d1f6153f87f959bead236c63b126b98800e57f092ab34d3fa2b716524638483b537350bce4d1fc84ad73e34af8ffab57df4d156e02d97d660dd0d033ca5a26ec2897bb858c387ebf36f9d73b58169c864a9e64a56bc383618818637b65caa304ee7a26d9bbc1c09b01f439fe4cebab6a471b39ccfc1f3a009592c15fa583d88a461b4cd820420ea8089e2c43d3a2fa710886eab030fd8d52acd122d4f07e77a332f72f0f442a8435485da48c6ebbf4fa76d2521a68b1ed8fedb4b526c2f4abbe49ccfb46cfdfde105d61feeb2012c4a9197733ca3cd35bd77a54c5463f2ef79f52bf84c240041bd55abdbb5db78c017432b03f77f12496c2e76358a14f173559373166da2c0a6c8e63171a945fc6986080dfcc813e215c6b4a72b871f90071c046ea6d80cb19d623c6d99d1f7f5b74ce65c60bb7c9221b119210ce4a906707b4092af8997783b65bddfbe5efe381ccc0813e6f609a12f4305b4464471d5cbe6620e10060df2954962b9af267ea745085d0fa7a10c73867fa5011d9a66a239ec79a31cb0c2c22ef0582dc342601497c80af117c22adef9437d82dd8999b12f57ec3db790b23f3a9a72146d5af8c1556f99e1a2228073f6b86301dd9e94a8b25edec12affa190e32e7634c59ea2e2e93f1ec763fead4680d0d600d16244d26da674bf84c4e68932d6aafbe53abd4dda11568255d6534c50526cc92a691ed51b3c1fb97f029a84080e38ec74135c4a0b8a1f81ffc794d8a427e0526cabdccda2f564baea0fd3425b351f646c9a82be4229a68066c5b8ee28c37b7b1363b37d8bd04b55b842b228adc5d4910958f22f2efae5abfbe88a4e2a01e0451ede05865629eb6977df65af3d1a153c8a7156ed7e4be4c9feb2b142d69f64d41ec399f33afa3f920b65ee1c3bd156e335cd2a6157b7d14afa0cde5aa89fcd5520fff812735a4176a96095b2bafca31b06930b03798401c2881e5cea75531c085c13a7a30194574c4f3deeac7da6c7a6a1c26d5f6f56c0925deab19530ec77a24abff6d06b8d90c394e602de31116ab8d51eac74897e3ed35a97c4bf5e6d93cd292432a4b81d30d9735a290b9fa4d84711f144de14b2a934db158da95d06e9844ed042a705e026df365cc592c9ba0df0411ebd0918349cd7e78ddd18ffc2ea6bc8c09d72383755aedc8ad5faab8e7f5730eeec7394cf0b5f5d37650b84cc3c1a1b2e4a6574b26e0c19aea92107104361fe54ca6f0c5e27e8319bc18b65f1c140b39a116df982aa8b920b745ea502fd0eb616b941301156a04d87f80fcd550263d7dec39adc985a80d4917519c0566f7bb41f3804de8b7e386cb311c4f5b0a0f95f7868d6e9db9221d88600f233d80ccb2ecabaecab5ea3feed5ba1652c22a7e5411864a73bd8f9dd4320bce085890a4af4bac49ea8768ea895bfb4fc11be9448426ecfcbdc65abe6740cd6ff59d071f11811f5880451fee2fc03de1fb3f2b6b5e5b699f73cf373c4247cb660c7d33bbf12e1c32bd614b78adde3a34673afbaef5295f11aaf9cf4119cce170fefaacecf96761e77939ec9bb753fd7265d1847a9b04fb3f7bfa4887a51e7bb6d09cda8a03d777855ff94345dc3be874d58e772a00dcb226d64710911e814de1cb075662deb46585397a00311414af99d22107e0062698435218b770ef30fa095c5a1e60bbcca0de285c24446695eefaf2ba0ab7e49b9a59e2eb9f4f617d2525edf0afd2b7ab655e712cea580e499c8e78198bc2b8ec8cde5e6eae0af64db67ed367305dda27b79bc5f1d23f3da218b557052ee3b4aeccd47f8f9fd38192b627ff8c4c9aadb5d72495fde3823f4d0f74c5275d8ce04cfc4f72c6bae4e10dab05bc68ba958784306095dfd85d1bee601f75d4f85866f19c23eb976e84c70e0b1e457de689ffe0f0a8a88de704eb9518d656d7377e7f3d91ac684d4684d05ae3b66cb355f699b052dd8ba58e9538fdf911863f341f780701e7e4616737aba9941410766e7b3cecad44aa1f148f09fb52dddef9ad12efe88c8909aed4edfac1745951b9167beff5edd29042cead436580b356201cc013a073f82a4f3ce5df5128fe6cf6f0299d31428b1ec56923681d95db840905ba0c58c245f69cd4a378c58e87dea7ea76242481a0e073d8b3e275cdb353248e6ddbc76165654a9ae08955f4b4bbbefcea25a72f1abc3773259eb3ae0583099be292334245c24e20010ba05c32b245f310798cfbc6055c06a8b99b24fdc7e7e60fa70dcea41d257dad8f26bc69780678a8a3133b87aa5381f8e0c35dcc392fc16ab0ecddae6e034c4e45b8050d735ef648009e9512f2883b76440e3cdff6981eb3510250c5acc3e1d1dd0364058ebafa264d9539be492fda1515e6ddfc4e0b2464a49cfd583d79602d5bea6c50d78ae6a67a50cf05c2f54a8c41f733d92ad633b280ea3469ccd8ca73cbbf1c514f31aa1f978a25d3f26d951920c7c6fd8de320f106505718d22f5688a4b5ff61e3db6ce36f71defbc0f6cee9b8285e60a8e688f19dbd68d3b898e4c8e3dd7e2a0e72844a3a7ba68ac18a8f00767750e66ec575e186bf0012055c86d4a3c4d89cf632dc538ef892b472aca72e4aa72ed54c3e08acfc056b5934b467fcf6701af865f845c0375ea99496f065bb50a7dc146ea7e92d566fe8ba164926038a96ea5c5986c96f20871073ac52868c9c552dca34d1ebd795fced08d9ac6d1c84ef13f847b12ea5388162e6a58420fcbf3e23d9da87126117eab82455b7b4a2232005237a359423449544a6e6247e4cc373c1c3280e0865e40cfd385209791ae624aea08c7fcccc63d2c7c00e5b6e0271c4d0a390835023269972093559a441c2b5dcd674fb5f5dddb3940137e6be6084f792dd5a90ed5bcbfbfae7aa95e4c8ab2c81af1abf6177e68b8ff8168645282d6490d54a2a3298eaae73d0d9fd6f6e529e76bcdc5fef1312c84a1fd76f7feef2399f5da6fbede8ab503e8850475020f3d92e0d7c36b52cd07da54bcd0d674a71c3246d1cf365218798c30fde30d0ee11445b97d26b910fd48689a5f18a6fc5b6399c6e66f4685ca363ccd2c2cc54912cf888df1028e1646490c2f265df5526b8a8eddae02dc0d5b30725800b2332b0237ca89bdf532fb57552726378d7af946581ed3e523c9f440f2143b3a93273c404c88135211f570903791fefc08e7fbe282204a438aa331dcfb4987483ef2c4c06d5ca5f5d8aa99eb86058bb39106fba27a0b12be2986003fadb0bd27b98141a4bf0476a68413768ab9b00bddcf42125c0de05ab854d72e2621af45cd1e0fa11e74ab5e006f54aca221082663e6e179035189c039ffd51f5636ae01c4f2df823a4f19a823812df5c5a894cfe7e1e300948513ad7f4052752ea39515ee3b2d54b28f0ee33dfa13ea09c2d2284996e314666612aca5c484c17cfd5988f01775e13898fd593a04347f65435173e7f69fa9e385bcdd41e18d4de6acfeaf7a6ccdc4b97d2a052d225edf7335d9bbc7170df825800901642c98086255d0d89ad9edb3a2b50de47c51cabc0cc2094f0052fbf0f193193b6070df7ec05f082f89c2eab03ad3c1b4b5567506c9f329a3df9a4eceb8b29afa5e670ebc1897085ae72edb293db2dc32c6077bba4993e81f1f7f9e4d78e0cb3707871a61b74a8d353c6560f084a6e7f922b521ad6b42adb02b740e36bd5b8ed4663561871649519b7bfe3afda4611ef10ffff5b2fa8f86b18030e8d7c1a36cff513266eaa575470f79463e7db36ca015497557d0ddd793268e528da03afb8c5395d1239294e10fdfb8209dc83e4dc1e072a4b5b5fe019f46fff8065514c29ec7b8f8e2cf34792bd6886cf8aed7867694a0bd345a55c101bb7050e174e0fbb40bd463846758ff76c7aec415ff0c7b3976382d3d8550cae03fe131d649173c8be453b2d784e2398f256bc59c0eb08a111a3dee8715b7dc8e3e7d8f15463ac9a16fb78163c0473c5b3a5612b55106833c48ef916256014fbd4fd8522821715c96b1668ffbbcbc6ddf12b246bbde9a00f42d58fd07aa995949894e14614382b4e12b83c5f6fe98a4d9e5ff2e38cea41a0184bd10df5d0d1bc5053c72f9dd77af73cd1a86003550ab4cbe7b01828d86c62a137364b8e194658114debb688a7ba3c7587a20a38df28d1d50348df39c24d6599cc2ea8dd5c39d0763c6a9a9a129b81e0be047b41bfc9c136449df7a40943e6ab258e6eea867d93913c86b6d8d33fb23f5d5033262fdead6ffe69db593f3efdef1f5e84d8e3a2b27c06e81d87c552f27ef4abceeba72aa43e04757230ed21485c5f888324cc843ad771c0b6f8f947d67630bcb3c7dc2b67bf8ab4b43dec364dede921660d70610e81241640aead10f9490757799c4bbe2284819b615cad67f310303213bf87eb5acdf75be37bd71a33c649e2", 0x1000}, {&(0x7f0000001600)="9a188c34c28d4ac2744799681f8dcb0e1c248a9803dfcf1714f046ffbbbdcf7e41566ac24079c378043e249c4864049c938ca6c2e095efb7e520d21aa9dc6603c219acd8a3fbbed3153acea1d9bce0ec0a04d48c442c4b0f7b3bacfd23471941f15388361f1974e0238a91e0bd60abeab735d93a522b73be4012dcbf4cfc19", 0x7f}, {&(0x7f0000001680)="8a25a06e920e9d4106d7b3cd4104a91015542744de09f804364d3297ad27f4a0adff10c5a06ca170f9a840062eccc11f143d85dbc37c160ec4ebedb4776b5f42a25d414ba47161b1218203025823ec461fc598cc034ca8760a332267dc9d67ce896d6575307561a85ccbda30cfa8f9c120979f00f3cf7626384b5eab62e220deb189511ccf83782cd7a43254e23a477e00652617f1f65c8b43127e5b913ed3cfcaecc359ef374bd97e3f15e11ee4791653f0e5c391d84170548c9c042fca7985b7cb2d9d7e90c628f662ea2386fc975bae8e1eb833ea2128f20a0148a66a39a963c670d1168db093877d0a1818ea", 0xee}, {&(0x7f0000001780)="5066bcf1efd8605c3a40c0b5b69e831c8a527a04e021e24a120ada165f9aec3b76db29154d4a13c8a9e1ebad6ad67e145e3461062c6e91d165f50ff4e7f86adc1899aad73ced812efe2481c6f78df863b23429e50663c233535ad83af4fff07e2914191ee423a10e71b52a3237d15b4489a0f20c414a979668b8fb4b7f50e4d5718aed3b8268df9c079ac6d8fa4d38c69609cfed1418d286c0cf8278e61df84f71404a16175a", 0xa6}, {&(0x7f0000001840)="58f9310da20708b51a64032744497464798cccf34d54f3e02c7206003095e0d6b9b12cdd06fd98ef514171f9cb51a187a05c8c1b25477d13aea87499c48d72d9e8a8a220152490711b697aa831bb901298cc57c28ec44167a53fe92b7df692433bda965a416804e7ca2935f62dfcfda49e445c49424545fd1f4232e901f4fcf3ef71ddd97946c4df719afc2b8718b5a265c1d8", 0x93}], 0x5, &(0x7f0000001980)=[@ip_retopts={{0xb8, 0x0, 0x7, {[@cipso={0x86, 0x2d, 0x1, [{0x2, 0xe, "81a1fb320e8afac77f62eb5e"}, {0x5, 0x11, "dda8e826193f827f50731a15e28916"}, {0x6, 0x4, "78c2"}, {0x1, 0x4, "6ccd"}]}, @ssrr={0x89, 0xb, 0x5, [@local, @loopback]}, @cipso={0x86, 0x70, 0x1, [{0x6, 0x8, "92991a62754c"}, {0x6, 0xe, "737547eed729c05691bce5bb"}, {0x2, 0x4, "1d1d"}, {0x7, 0x4, "ac9e"}, {0x0, 0xd, "c2d6c259565ce767a88d61"}, {0x6, 0xc, "9537ef4511e720049d00"}, {0x2, 0x12, "cf2f7e2cedc69b31a42ecbe3ea9f1589"}, {0x0, 0x7, "ce0e6e290b"}, {0x6, 0xf, "773404fc36a82559bf10709459"}, {0x5, 0xb, "8899a8ce0fd6cefa10"}]}]}}}], 0xb8}}, {{&(0x7f0000001a40)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x19}}, 0x10, &(0x7f0000002c40)=[{&(0x7f0000001a80)="23b6ea0b2c1261d1717b2aa10d2115ef98990cc4f84f27e0d107b823fd625b23baa2ab13850a014af28431e189090964518c5a66d3b5011e00f248adf472cfeed359adec6105595c45e4cdd4aa699617e7d9d8f54c1baafc167d8f0d68475e2160ac5dd4c120917d14aa7558d3afc65631184bb03bedc8a7e96b", 0x7a}, {&(0x7f0000002b40)="df18d7ed288bc8e8ee79984b6d938d5ffc4334b7359117d47a1798474d4691df4f474595fb81df82a85e65bd9e07dd592ab9a6c56d83aaea5ca549491219459687dd222f8a9e5fd885f1a7caa41b8c33a420a8d9489b3a1d587f8539dd77c696a8c9e5d3ef5a5236c50d0884aa2b1b55cdc8080929f534ea351e4c0dbf1c0f37968684d23f8fb9968399c598ef4c124eb7d9e48cbb8242cdbbd7a33917ba13cd8a18a832d374a31e39b72cc79b31ed1a2b5e58c859e6085dc84f464711c663cb8bfd055841fe38404cfb", 0xca}], 0x2, &(0x7f0000002c80)=[@ip_tos_u8={{0x11, 0x0, 0x1, 0xe4}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x31f}}, @ip_ttl={{0x14, 0x0, 0x2, 0x2}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x29}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x81}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x1ff}}, @ip_retopts={{0x14, 0x0, 0x7, {[@end]}}}], 0xa8}}, {{&(0x7f0000002d40)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x41}}, 0x10, &(0x7f0000002f00)=[{&(0x7f0000002d80)="992d1fbaa330d5290418eb8e92a67d27fdb89bb456f478fb7d7e78a06ed3b1cf21a3c514799c0ad4b1306b53e17c0778193ab47181131cfbda06f7d5bd5e034f83c53bbb7d2c47be484bc1cc38d1f29e3ea59ec56ee02e42df903a5e2e3e352aa0db77b578d5eda34074ef3c0275d166083c2c34e1e30cef1b3d3e48fdfd32b728000a73a33598227c21fcace8812ba8f2", 0x91}, {&(0x7f0000002e40)="6d5f1488a8f9ac3148d1874e50572d33b38fce101571f7336481aee7f17028f6df2cc260bae1b0985cdd8354ed6fb66cad7474d0a9961712622bf6ae3a7b44479806a221e0df72725f6b011dbf1858e07902676e53b16c897c63538262b8d302d353387a4865d4dc68885141d530e7601bc73d77d10e2e064566dddeea471a80bffd8d1a0dd2ed96f828bd6401", 0x8d}], 0x2}}, {{0x0, 0x0, &(0x7f00000030c0)=[{&(0x7f0000002f40)="780d8be1e8cdf4127b7f7886350b1a1f7e27883f03a7d2399065eaf05f4abb066685e1c2b5d636f0770e8e23a9f6c5932bdbd921c87b06aad3d0bd733f8678768f25221aae7583ca2622bafa5dd73baa4147514967bc1b96d48ce61691862d55013582d4d0db206241c760e3f995dd63c697ad2f50092905f08e3502e5ede54d651fc043da11b65a3daba963f9c1", 0x8e}, {&(0x7f0000003000)="418c4c002d89b811e7a5122bfd78d01fd6f1e72fe26255937d284df046390dc0f6a865c93c0f836abdbd12026fa9db389bf33ffd771334f033bc771a312f2f09859e86b5dbbc1bdb49c130ca239a7f8c0ec89f67668ea982d46928ac178d3ce95d530682d0ea6e1706cebf516f6242ea721043a97c4dc9f8e900886f6d4de9d704279410b08e01d1f848cb74bdcf4e11d186072df2f0a9ba1dcbaf0ed6298187795778b2c067d01e97c932537e1fc9ab176a6bc746a303626f8513", 0xbb}], 0x2, &(0x7f0000003100)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x71c7}}], 0x18}}, {{&(0x7f0000003140)={0x2, 0x4e23, @remote}, 0x10, &(0x7f0000004600)=[{&(0x7f0000003180)="fe682aae82075bf90b3f32d32aa4287d82dd10405325ae8864e50143a868aa8f53a4e2142fc4de9f7eef820f3c5735b5602239e664d8c7ab7e8fc1d19492f43d1c86f538ec930d5d1fefe5629a8a569ef0cc828969b62ebca291e7f4e4027e4f4a2b7117f752d4e5cd3b1084c5648c1d676f06e84245a101b8030763c2ae8c0340a05c8d8354613c", 0x88}, {&(0x7f0000003240)="ebba7b183941169d21e736d2016fb532797f25e95c4d66c5f39043225de56faeaa9a0ce251c97a8bd7dba09a438da4f86432f1baa4fa1c1fad3717b4e5aeee8f7e33c6d9a27de7764c4dfa90b6809dde8f9e51173818882fe1992d9c98ad629484aba5da105755155946fa0380e9af5ee272c024e7726c40b2872a1563", 0x7d}, {&(0x7f00000032c0)="98a8c59abb795db2e5b4e98c3dbbc01569c4a2b3b6a02cd4d5d37e0188a92d6108ee7c396702922a5a8bbeea00b92d6406da6279f0b0bdfa7491a61f19f5e54cdc67681fdb54ad0d228dedc99032efca05c4dc52b681e9615fec304ddbecf39b10fad590b452301857655d719528a74dc7de030f368160319e3cfe862e4db830911bd39531156b9dd45ea32a5324d707df404ef84186315dd62ea82c7b6638f142fceae2a76e50d66fcec9de169ce2e7c2df8a409fc8e3acbb06e52639ca427fb47f0d3b7cd4c53fb92dc3267c8515541d28b59a42ca2afe0488", 0xda}, {&(0x7f00000033c0)="bc036ec9feb657e5f769f7922384a0acdc56dfe24ea48edb99c7c362421dfe2b15fa5fede343b86db2e72a100199fb9b6b1a90cb4162e2666b8733dc673c63e4b56d817d39e23a7ce8f4abf39f7f966bf37073040b50ebbe7b694aac5080c6b092a68da9ab484eb1254726a5616c54ba4bba54801138f11d437f5b902ae9e7d4d064c2f5aaed59d594922ab5859bb8b1c1ee364379a464e4583545481b43fcef84aab6891f14b87058ba47957603aa04bd0e8ac4240f11b1b80ba489686c004a420939a16a96ece90d08bac68d5d65cf0c4e2dd6447b3a2dd2df67cec1a3aeab51ad66ad", 0xe4}, {&(0x7f00000034c0)="a70fcfccee00a8e6de3dd2a642630c117b1c3053c20e8fffcea102010f9941efdb59674be63b5a37c899ef7ceeefe712a54cbd5c88d646e1861c8a0179ef31f55755259e9e02dd618ccf0d5e91de9ee7b389d1946128b57eaa89fa99c4911b045f4ee2d481d6f8f2e38194fd1fce511a520418d545213b1843ce88f51fa9e661421490c390a75401b05ff088ff6ad02fc01d65faadcf77d041592653fc46acf46a7af664107ab726", 0xa8}, {&(0x7f0000003580)="ce87975da3fa026867fe34872362df22f624bfb20c66778390d0060544b61de9b191ec9805692e522fd93b961c9fe90aebf22d43ea665fc62e317732fd32390c0ffe7ebc4d6ed36f68a7f6da3852c2a85f28abd52f8c5dea36cc2b3338d7529e7445b037a12908406d08ed86d633966e64c116f83d26e7b905b26539e223a5a9e2415d9282750cb63e7a8f68d59e018b3179d8d18e80f6222c2a51b45c7d68044de0042fd0be3b01e0a58329172bcf4fc2de9f191abc79c88bc2254e3204c0de18c17a2b5ece8a4ce65cb82edcafe6f05efbd5263712bbfcabf9c9c2e7f49aad6a44c338c1fa09d7f206ada67f16aabfde6c43233de2a74776fb47cb123b5ce9f1945f28135ff2aed2cb4cdd9bdb1016630769d2d98ceead5c067ecaf217d353270275ab7187d0c130e151cdb6d65daa935cd93a4a2ab154f891458f50685a3e8afd2a1e612ee5ba57581b5f06cd97fc01b9ecd792e100fd24ed42af8cf940f9ecd8cc10ba88c2a33252102823bd820928935a69a7fae450d5e40c978b9442203388d128aaf6328b436e1e6683252ddf4b4cd84a7c907ec77ccbd7f437e2ed2e6276f412fe60605df1eece0060ae2bcfb1744bacd7e08d07f0e04d6a0755fd759125eab19537edcc8b9a51251cd406c1edb2036906b736d53321b6eff6769e63de4de3e8cb83cf18848140ab48037f9b275976b98f161fa876f5e30f324f240851bc0b2bd6c7b33ca99eb1c5759c36f5ae83b063886142c62fa9c33fc11d700e3632588424dea5c4f37d41960dc19fc972d1e8d6ed85189351d735527d15c7e6aafd2d09fb6790ab02c80815d1aa8fad3bd1aa1f88db2549cad21041029cb3658399168fd1944968fc587465126b1c371eac8bd976310c5374395754de40a7339b142c5fd2d54c1329117a2937759e2e1260ccbb8e09bd60bdbba01b99bd323cdec90926b94f00e66e73a61046fa8b4c560e4c249f5c4b972a1c2207d7b34d9f1462abedd6e020fb10de67249d9ec36137a81e28d87cf0f27ef0d33448c27de9024b4486de136d7450c2898c8ef701d0dcb71e7168c2a6fc43d6369c29b007cc7c2b894777cb18ff4efa1efb3a029ee7e6f0d626e74f8f3ffeceede3ca357a4eb728ae0e3212ae2822e7d7a0efa80ece0a0c588f96e0da50bdbd40288ba86f090e3609aad1f75d0b99ff7db56927d4a552ed206aeba3af06a749931a512d9481429afabd7f7a8af81517afab1d13b2176ded6cf01cc042a56e7a23677ce5bf43399457fc6147f23c34c5070e2b3beb3a90744f768a832a45a56fa0cb9191b3292b3d7e2eea74c414b9d81aa6e931ba34f6caa09b07ba4d25d4b123320a87f47725231e06ad62ff7ee93a4545c55abd75336ecc53e7ba30f6df1c75f2b8e0bff6ea08d0c81f0a0834609d57575976a1c836db96c0175ddaea3f27b7c16f7b266346d1c91dd2c91f97eb11d6964b547fb941c8d7602705d209e09c6426503878300dd1a26c5dd41b1ada4ff309b8d1f66801ba92b5c668e8e24ad9d7cd168e0bec1bedf4241265f85fd2fd68882c0b44966284f098c1f0a0d3007d0eb0048e3026625e19f7329fdf59a5580f09b787234204f2fd821fc140b9a1d95771c98d22e949c57190cec1843523af1131291baf3114226a448279db44146a188423f2219538bd7d4ade1a2f2c0dad847275213feffad55d07090fbe8fe6c91a1c439d973ece0d5a72305122497e4917359e26be1223b0fc9537b9b574b8418f24856c8d588960ce9e2934ce59075a45ad67570ed257b7c45fd2dc6bc5ef00b9f0158bb3809240014f101743495ee537febbfbc87d7292f569791e604ab40d18ae4998f4941bedb5ae404700e3e747c002c41499afd82bf97ae84ec79a0bad833ccc36baf9b4464070c834dd38a4d46666c5175ee8a33a5f5ce6b9623b35089a923934d8c0c1ebcb6763d9f0eecd1f7949b2a276161739840046c2dede27923cd93f32d6da6bb3013095cde963a178794719d75c2cf5a2550870a91242f263d89cd99825bd681dcc3c3cdf857444911f82acf8987483592869ed8e21d676a1c8d69f09a28289f493dc829308d3a796753730f6b4042b3afd763272f690c3a1b1931b5d6af8a67aad5edd2af6e939bf4fbb6071a71dccd8d75822537974c8a825d73f1b803910d6e5aed397f1259e0aa7a222cfbfa94a32dc080a5d3c18fb81184286af72eda19099a3cb799c4a85fa52dd08060d2803e7409c69703de0ff5d3979e2840a84b7a9f41885f18327386205ddb26efff0d54a0758cea31e1c605c95d5e2eb7ba5b96d57322606514d4c0c9fe5e7b9ee1988994cf26c36e3d08a3145c9812ad383e8b9a5e2d462dcb92d1b9cf5aa369ad795fd68c7997eaf343c78468fd524c4771ae9c6686e6908e4405bec05a71d2e874258b68d2cddb385f253422310dc1efbd39c505a08cde7c62f86ab7f5dc24ca7748777b29ec34da9adfe073fc552dffdca9dcacc38b6a71a40d4d2daafca8f7f1a11bf2fd7b86e0a54524373ad8106e0da4a23b573528087214d1a9bf87e0a7b0f6dddefbe9126d8eeb927eb3fb90d8eb6a4a40c5a2ca6ba6212b6b76845c2969e9d26d05c80ed548b151ed84a955f9788d2866ad037ca443a450aa1d0f056623c7b08c7f5f0b77228f1531a6965ee9130d69a176f11ed7d02985b51d1aa69ee37afd7d0508651055a65bbe87ddb4d09073e478d3a6d1aca174b340ade1bd9abafe1338e319bfde866b157682b652f4f1dd66e31fb76b65408a2df0ca7340d67b17a46ad21d0a43eeddaee253a7fdef0730dc01a671ccb80a56b9cf4c687f33634589d971ce7ab0e596b5feab1339cb75a76b70d808826ee2226452116217fd4a01fa53b754bf89a7e1971ab73d488f89ce74dfc0f5c2cb39c73d4ef6c46f68a3902b311439528f728ea23b9a59b009370a34a5f83c665cd6e64f057e1f4be39c8b41bd67e51bd695b13a6d215d23d69114bfb03fa536a2713dbd07e49f1b32c705f2aa9bd4aac92ec601d49bc512a6738222adc5ee615557cd09375ea290f39c30ddfa474ac2ae8fe1bdae10144980a7ed052a24aecd0d6ffad43c3ef8b0451f148dab0fd774d192851c4168fe8a09155a4fab87fb4c3354b6c8f0ad62a55049a242e3cd51a9217b19d78c1f823d9c6d508ac6cb4721ef14b8cc0d5df2899668ac0002d514aed56b2eb351e1f9a0adbefda3a72faf9a0d929f5610a204c0b32b4c33d508b30bc636769b61b45da9999bd668714a47e3038f56a1e18c9a25cca5053757ad9c2e21f06de97e5cc8b41c9278a5cbbdf2a5c577dd46a807bf142751ae856e823d17013cc76a3b6aac0f288d69381548d266bfd3e2eee569ca551587bd17ad3bb695ebe79574f7e0050d18d7694159efb3ed1cedf06fc15c8c6cc3ad51512e96e85be040ea3bbd32ff7b7c6de681939d11a668cfbb5d34326c3da36a8a5a1af2337415ceb1e858d594e228d2378b2abe8c8bc875f33f29507e64adc0c5d6befa93626ec269f87f870c5bb86db353c9d4ec39795af0cef496c61111176acd9fcf30578785606753eb12d32a0a4d24d3a9a6b1504a2e6f61339f945babd23686b0ef7e1078b815d8c6f509c290823f538c64284c40547755e4f53424b140414a8e549bd1e13e3905998a792d0d7106edc97a542888aa3d35e6cbfc17521c42279a38a39b5c3ddbe1cb418a99debd2f5d67049c0923a1297b9d8299492a77ccef6a086c0e917afd9612b259dee40c8cd8930e81dfa324e47bbc4f6db0b902aa559342435fab803c0a1b1c85a3cdd207596b0d4522d68fffb9cc7ed307f7bfa3f988a8e84c2a0a187e816642dec82a4a89c028e5f5537bc9ccf7f0d7a93ec4e2270f5955aa9e87c7daee6324d83ff373acad5bf8ca3bdba15712180ff7f94bbdab04978ac95b18aeef08d046b90e2c84f24e9c3db78269aca65c9b57e24e97f834bb2e7853e5666fd85fcd98a9a5eb7dce820d12d2d731a8c34b6c555364d365fcb52595936627d096d8128191854c070c81b033a08aad3b96f81320d1d91d83ebf2784fcf574c0c1f2f8779ab0505c361c72436463ab24e7df69bf4a5e61282380072dac28fbf02ddd9472c352f92e907375d0bfb65436c8a20388efee42b543a74c130724d8ca33134605c00295ede68483907cb2ce23843c93f43e75253408986720e71fa40bb6a55cb9750712fc4fccbef68cc2f08ef7248d68bca8bdfd776406614dd8ac873a9c1f509af12702ed1eaec7633ab0e4924575b36c22981120a84f94c39b47788e4469d846dde7adf4abcbb005a74b84cd15b4683b13358378725c2a20c796ab2824b4ec42a29d9b2a6c136f6fe47148fc046b47b697f8caa6851f47be54ccfa12fcfa724c306b89d4ae8eeaef094252c775ce933a8fc42ebd63cd947c910f1f126a9db3d3b2efde13d82b3c899edb6ad3fbec3e3257d4b8c84414544aefe408b1572f05e853815661eac38bf1b26f714e7c30d7bdd7560dd776bc32eed39ae48f604a9658c7ffb091da4d8e9c92c7ac29a0d2087be2c7b866890fbd463f908d3f38553c9129471a0a79e228b321313bc58ecff14c1d83e1f3ef537fdfa372caf022492b56fc718b87a84c235b7f26f342fe93fa5c2b1ccd5b2142e3c11b3e7085440ecff04a420ea7d07ca2c12b9a431555329958c1d727457f395073a548d36ce379e254bdb7de207a01bb7f5883337aa7312f7f2ff0bf0c20016e185761eff7e336b9cab5cf32957c44abea7b0ee26c347cf9f1e0eb453a1d263a80a0933142547a3a231c581352a627a90ca22bd985db1f1cd7bc32722ac5c0b07adf05d8f0d0d477d9910fb0a1e8164281bd09703d671d843c3689e121b4431cc2543078dfd0a54aef1198c7d5f379f73b99a65354109358b3ea9f3d70b85e49841052899f21186db9cb3ffed4d8cc7320f164786ca8f8a09af2526b9b11a68f50af125e195a009343454c145468c0123633d93a6df3aa391999b2b433d3bc5447344a5a06890453fdf2180252dfb1be96903fc2ac19384d44157e4ba70ff163c1653751e9720fa8a16bbd26f30475c613643340f7fa4b368a12ba2f4226dc4e942bdfbdcf9af8cc20a731deddbae764a8c83cf4356c96a3dc63c6efdbe410074632f39d26d50dc3d6d98ee0f106ce2be2cb246046f7bcb64d599fd086aed14770a34e54fd39c862be74585cdf3d352f95ec2801dd5b178a0fd25bb535c02fd5964eb81c6d38da6ab5a8c05d8fb09e332605a6f7eead63dfdab43f552ba387f5884ab9b8bef1c4660aa3c8b2159bf5e8e8607a26848b604ac58d840743e92c166305fa15cf9baee1f31c49b3555e9d9841c02060db4a32be6b9a53248a119aafe5d018689bb78a0300184a438f806258e60fe073fad9917f36c4aa7e8c619df8fe261d7efb0155ca768c2f89c58a37a484f2a1fddfb8635cc5244cb01647835569852f24634126a233fb9d41d88f4a37ceba1f21bc629454f73c748dff209ea880e639c138443c86ed1f716ec05786d133e17609f2596f6584ae00d4602b5641d02b9e9144c0d911730537c04b876a50a0f3d6c8fb2e684792af34647ce0ab4d87f7dc1fe51315e23fde05f0317a6c1a50a5302550ea31cc4ba1edfb7bb6ea1fd3b936e94b68e887fb32c892fb534c9498b4233e94de0d9c223c15f378d54c70c7ee386af6590339dbd43d26f0592badd46c76387ded20ea187cfd6a68997b5fed7239ff31809422cf036129170409d6488c246c792e0f3eeda056bafbedcae66839997f9513474b4b76", 0x1000}, {&(0x7f0000004580)="58d5bee9639e8927f4a1f0bcc8f7cb9b6c1987539651bb58e04ca7a11239a119d65ab98943bf9c170d7a3f3be5b0d11594e3926c181526abc0b692460f3fc66db1de3539bfa9e5db7091819b6c6a187db1bb48376b32", 0x56}], 0x7, &(0x7f0000004680)=[@ip_ttl={{0x14, 0x0, 0x2, 0x9}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x9}}, @ip_retopts={{0x10}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r5, @remote, @private=0xa010102}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r5, @multicast2, @loopback}}}], 0x80}}, {{&(0x7f0000004700)={0x2, 0x4e23, @remote}, 0x10, &(0x7f0000004880)=[{&(0x7f0000004740)="82b34d444257fa5ead08a5d982df014ae1cdeaf81a7ce1081f36e09b034f41cd9bbc38e60821775c40cc117b99f530ad05e25cefef16c60ee4120b378a73e6202e", 0x41}, {&(0x7f00000047c0)="88e4705858d692d9da8c1a06cca264946927ad95606ed60f598dcc9ff991200245e35e3d941ae1b6526b56f1d6b346e3601e0bf55d0dd8d07d0568836f38c3e4796e25d5d5950c057c4d2a39045b4874f72c058a9fb741f436c4b3b486408aa1ac5a54a2117b5885283f5277eccaa24c8c10ff3d40ed57f18ecb270aa9dd5c563ea4e7303a070ecbf630a2b455", 0x8d}], 0x2, &(0x7f00000048c0)=[@ip_tos_u8={{0x11, 0x0, 0x1, 0x3}}], 0x18}}, {{0x0, 0x0, &(0x7f0000004a00)=[{&(0x7f0000004900)="5c2b5befd528ced8b2322960c1700d09305fa4b99ca16d08f748f2c562518c32bd0cc53b4f852355c802a510b7748e385c13b694c34d35b069c431", 0x3b}, {&(0x7f0000004940)="e20a588cb2f8898a5f3cbb19923b185b4ed7ab1d3bb00fae0450e0a4d27b45df16d5dcfb8dd9390fd52adcf024f11028bced533a7f672cb2d9cea224a37780d456420526a05c9b7db490951d5ca19fa255e0183391464340dac16cdab757f7a9cb41a2619da17f4e56780e2e39e116f66e5f933144a53a1cf75c46bfee120970e4e6a599f1cd817329ad99ad6fbba31d4ec8bc8acecdaf0e258964e0ff1bae40242d1c5d54043bcb212347888c63", 0xae}], 0x2, &(0x7f0000004cc0)=[@ip_retopts={{0x64, 0x0, 0x7, {[@lsrr={0x83, 0x13, 0xaf, [@loopback, @multicast1, @multicast2, @loopback]}, @end, @timestamp={0x44, 0xc, 0x37, 0x0, 0xe, [0x7ff, 0x800]}, @ra={0x94, 0x4}, @lsrr={0x83, 0x1f, 0xc, [@multicast1, @multicast2, @local, @local, @broadcast, @initdev={0xac, 0x1e, 0x1, 0x0}, @remote]}, @timestamp={0x44, 0x10, 0x69, 0x0, 0x2, [0x0, 0x80000000, 0x200]}]}}}, @ip_retopts={{0x6c, 0x0, 0x7, {[@noop, @generic={0x44, 0xf, "93960958fe7a1a311151c44a9b"}, @lsrr={0x83, 0x1b, 0xae, [@empty, @initdev={0xac, 0x1e, 0x1, 0x0}, @multicast2, @private=0xa010101, @empty, @local]}, @lsrr={0x83, 0x2b, 0x48, [@empty, @multicast1, @private=0xa010102, @empty, @multicast2, @multicast1, @rand_addr=0x64010102, @loopback, @multicast1, @local]}, @end, @generic={0x7, 0x4, "8e8e"}]}}}, @ip_retopts={{0x1c, 0x0, 0x7, {[@noop, @ra={0x94, 0x4, 0x1}, @noop, @end, @ra={0x94, 0x4, 0x1}]}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x101}}, @ip_ttl={{0x14, 0x0, 0x2, 0xe6}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r7, @local, @private=0xa010100}}}], 0x148}}], 0x7, 0x4005) ioctl$sock_inet6_SIOCDELRT(r3, 0x890c, &(0x7f0000000180)={@private0, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @dev={0xfe, 0x80, '\x00', 0x27}, 0x0, 0x70, 0x0, 0x500, 0x7, 0x2, r5}) 08:40:12 executing program 0: syz_read_part_table(0xfffffffd, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 235.539674][ T1135] loop3: p1 p2 p3 p4 [ 235.541220][ T1135] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 235.543541][ T1135] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 235.545456][ T1135] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 235.551023][T21835] loop3: p1 p2 p3 p4 [ 235.552950][T21835] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 235.555436][T21835] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 235.559184][T21835] loop3: p4 size 3657465856 extends beyond EOD, truncated 08:40:12 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000000)={0xfffffffb}, 0x10) r2 = socket$inet6(0xa, 0x2, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) ioctl$BTRFS_IOC_BALANCE_CTL(r3, 0x40049421, 0x7) bind$inet6(r2, &(0x7f0000000480)={0xa, 0x0, 0x47, @dev={0xfe, 0x80, '\x00', 0xb}, 0x265}, 0x4b) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r2, 0x29, 0x20, &(0x7f0000000040)={@mcast1, 0x200, 0x0, 0x0, 0x8, 0x3, 0xd5}, 0x20) write(r1, &(0x7f0000000140)="240000001a005f0014f9f407000909000a00800000000000000000000800100000000000", 0x24) 08:40:12 executing program 3: syz_read_part_table(0xf00000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 235.588105][T21872] loop0: detected capacity change from 0 to 264192 [ 235.622045][T21874] netlink: 1312 bytes leftover after parsing attributes in process `syz-executor.1'. [ 235.628482][T21874] FAULT_INJECTION: forcing a failure. [ 235.628482][T21874] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 235.630707][T21874] CPU: 1 PID: 21874 Comm: syz-executor.1 Not tainted 5.13.0-rc5-syzkaller #0 [ 235.632487][T21874] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 235.634456][T21874] Call Trace: [ 235.634955][T21874] dump_stack+0x137/0x19d [ 235.635855][T21874] should_fail+0x23c/0x250 [ 235.636842][T21874] __alloc_pages+0x102/0x320 [ 235.637699][T21874] __vmalloc_node_range+0x319/0x5b0 [ 235.638507][T21874] ? netlink_sendmsg+0x425/0x7c0 [ 235.639197][T21874] vmalloc+0x5a/0x70 [ 235.639779][T21874] ? netlink_sendmsg+0x425/0x7c0 [ 235.640754][T21874] netlink_sendmsg+0x425/0x7c0 [ 235.641497][T21874] ? netlink_getsockopt+0x720/0x720 [ 235.642289][T21874] kernel_sendmsg+0x97/0xd0 [ 235.643023][T21874] sock_no_sendpage+0x84/0xb0 [ 235.643810][T21874] ? __receive_sock+0x20/0x20 [ 235.644566][T21874] kernel_sendpage+0x187/0x200 [ 235.645320][T21874] ? __receive_sock+0x20/0x20 [ 235.646097][T21874] sock_sendpage+0x5a/0x70 [ 235.647018][T21874] pipe_to_sendpage+0x128/0x160 [ 235.647819][T21874] ? sock_fasync+0xc0/0xc0 [ 235.648424][T21874] __splice_from_pipe+0x207/0x500 [ 235.649151][T21874] ? generic_splice_sendpage+0xb0/0xb0 [ 235.650087][T21874] generic_splice_sendpage+0x80/0xb0 [ 235.651026][T21874] ? iter_file_splice_write+0x750/0x750 [ 235.651970][T21874] do_splice+0x9aa/0xd30 [ 235.652586][T21874] ? vfs_write+0x50c/0x770 [ 235.653301][T21874] ? __fget_light+0x21b/0x260 [ 235.654135][T21874] __se_sys_splice+0x2a6/0x390 [ 235.654812][T21874] __x64_sys_splice+0x74/0x80 [ 235.655611][T21874] do_syscall_64+0x4a/0x90 [ 235.656378][T21874] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 235.657306][T21874] RIP: 0033:0x4665d9 [ 235.657872][T21874] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 235.660676][T21874] RSP: 002b:00007f94c660c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 235.661999][T21874] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665d9 [ 235.663221][T21874] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003 [ 235.664491][T21874] RBP: 00007f94c660c1d0 R08: 000200000000e228 R09: 0000000000000000 [ 235.665573][T21874] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 235.666779][T21874] R13: 00007ffc46e01fdf R14: 00007f94c660c300 R15: 0000000000022000 08:40:12 executing program 4: r0 = socket$inet6(0xa, 0x0, 0x0) perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r1, &(0x7f0000000480)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0xb}, 0x2}, 0x1c) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000001880)={{{@in=@dev, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@broadcast}, 0x0, @in=@loopback}}, &(0x7f0000001980)=0xe8) sendmmsg$inet6(r1, &(0x7f0000002100)=[{{&(0x7f00000000c0)={0xa, 0x4e20, 0x1, @dev={0xfe, 0x80, '\x00', 0x3e}, 0x7}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000100)="0c41a89cad69fb45bc08bd49591c5d724ad5778e403dddae171c8a0946b5a0b10f90f7d062a549b3e31a67e27f9f0264bbcdcc0c396b1bd92feac2c2ae2026cf232bcbe865e372cd6a4dc195344e18d1d422fb76e532f24f3cb4f52e385a7c6b61a27b", 0x63}, {&(0x7f0000000180)="7fd6cf631d6e0ed7bc37845ba61515036613d0036b21da97dd03051430dfe768fda04f0ea5b904f9043510a6fc6b5d1f9367a25f67c9bad8c2b9eee39196982a5c7c37da8390230d9b68ef5ef351f3455ccc79df12d13d42e0dc1e161a9f57d95552d811dd2baa02ff654ec37cdd8a3703bc188480bd3a2352f1502e9663e4b2e5d1e1eb41dab4c2e480779fddca91b89d", 0x91}], 0x2, &(0x7f0000000280)=[@dstopts_2292={{0x80, 0x29, 0x4, {0x2e, 0xc, '\x00', [@hao={0xc9, 0x10, @mcast2}, @calipso={0x7, 0x40, {0x1, 0xe, 0x7, 0x6, [0x5, 0x0, 0x46aababa, 0x0, 0x8, 0x3f, 0xfffffffffffffc01]}}, @padn={0x1, 0x6, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @jumbo, @padn={0x1, 0x3, [0x0, 0x0, 0x0]}]}}}], 0x80}}, {{&(0x7f0000000300)={0xa, 0x4e24, 0x5, @private2={0xfc, 0x2, '\x00', 0x1}, 0x5}, 0x1c, &(0x7f00000017c0)=[{&(0x7f0000000340)="0c7748913e45b9a49e55794c36d8e89b0839522ffbb483f37d153ce41edbc276903f21e22a9c5ed9ea23427d37a727ae79c8125500de9b5abc882a85458420682528f416c64e1000bb9da00cb111819f3e30bce2b74c127a2eac191a9f0b8b59297c566433c1f74f664f30f057bbb423dad4424dabec461fa59f4db45f9687ed1eeedeab37f2e042078593e0ec9976f56a8d976f2479fabb0eff9283fa292366ce3ff7cdcc9b218f7d56e28a9849faa57ecff8f08f2e40d93f0112f12193e179df9c7a1846a699b5ef73fb1723de01ee", 0xd0}, {&(0x7f0000000440)="0111b8fcd0de0a505c2dbf975d1c1c1189b909b8e5ede7009a9463d62f60f7", 0x1f}, {&(0x7f0000000480)="00ef800ba54901ad4565ffc67f547bb77520359067e57516", 0x18}, {&(0x7f00000004c0)="a6840589ce1bf4d0c0285fc001d78af72bff0ab5d54468670ee4f7bc84213f7d445c4c5b4e46768ec3ace5f19e5e764bda44b1773873ab06a77e1e5ed45d56f58b209fd948b89d4cb4b1cbd8662e7ce341ba028b733623e1dd4b1a27f25b430fb5cf916c679ad5c852d2700b8734beb9370ab429b5a88d962d4b5951ad63cb97941a5a3ccacb5a82a26e4e4eb8af5365d8fb23309981f53295928fb691959112c5c290eb1329689a6f90281fcc792518bc996f50c9e58019ea1c2dbcf320f8303c5b7a054f4a63b1397031363b76cf511d268804b4f789debc20e5051e123f0ffcfae7a341577f8abb4164f90c87b2c2055d398dc0d0e19cd101fd530577960bbbe608dbc0b1abac2ba2f9689acf27a006e3c73122f4bb043622454a39d06dda6c0302eee6d2074bc201f633672629273068f7d2aa4ccf9087d55c10f391e34d03a8932b52b2fb55a3c37805ec772e636cd3b2dd1f015d3ba22dfd01b14ec9851c94eafd3ff72aa0f61a303903b4d2d44fd6b2bc08c674bfeb9550a8b2aee338824960b50851024a1f58d19ed6cecbf1c08831218adbcb161f427a005f394e919594dedb7dacfb23deaead2fc11defba8e1c26c4ad0a78cee9a08080db809cffedfee61a3c100426b938d08c537b0e171f1b07b1f8308c6a37cd501dcfb16b3adeb495ad7daeb297de4ea3df2e42790e4ef3c7b43e62e6fce19ecbfd42062c3092fd4dc9bb01a9209ee3f21fe7e7f075a736ff4f815a669b1f27b91d469bbdb7c525e5d8ea1ec5990e877e7209d12d89f67e8cbcf89fb7f532c39b8b963e558a1fcf3110d29acddb36d1d709565891a9cc58244aa172e88cbc89388e4bec65d4e7725d81f813d21e6402eeffd93b46f5842749bf42a85f3885eed7b55a423216309b3100037f54376bd086ee0629f9bd7d33c19928b458aac93db6a5fc2dc457125f6279da28287fc8ea1be12edc1d904c981f5212a08dd96ff9d69f8b052ca48a20888e5e82d2cba05aab07b59a3ad40aa2289cc3caa6327112897eef1e13a2327a58d27d52b22fd9851b09cd2316443502e42f2e73e1472a6e043575c0543ed0dedfdbdda7fc568d09be9876681fe9ca014e17ae3b1a943ccca0e640e0172dd1223b4e99e40ca00b515df49316eddadd4e2a99cf73fd81b9f48c9d8449e02a83de21ce137729723697bca71349005ae7585cf2e0b3379edc3325dc80ec634d90d533e5fb4c1e142eb5f1d35d728d6cb8aea47f75b4170841a94d28d04615b3f88615309149f322397b213fdc846a627f286ddc4dd210dc0dc8e17a80e977fd66105e134b2409fb6d4143a31c2a90312ac43c817b3863caadc6eccd30f8613a2536955f493d4184f3a032d9545dd97c7b3cdc9155d241bd60f0025eb698d2bc1e6a5730eec614c58a42b15f4dbb0fd42b639be3ad4969d27154867a431cb4acd914dd61db2a97bff6d79dc652647be35af7a28ce55576e6f60d89991913680de7b01b8b27b362d3cc0d58f3624ef83749d9d3337f264f436d5c6f2da6ff50cb8e73fba848820bdbd05dd4badffd572f1d4b926031fa730b100294ffae407a9258352218f38ad3d682cf520dc371620b838f24b54062e73e3be8d3386f1b2a52929d878e9d3b4d268fbf1c56f9fdd00c3184430dcf483f26e5d507b87d310f8932b13940771aae46aee4d137d3129343568b5aff8634b0c584a6d08e8f82ff78a4874535954e56c8cd9cc5c60877ede5616ff5d708a875c672ca568d1c87740a17ad3de011aa0aad8ee7df0988b05650efdf0380e44670dd0341e8ae8d111221338edd760bd5c831bd8d36b55660ad0144f966ef02690307b9cc7628cc7f090603e386010eb7211740a2153f3453e872af104cdf55cee6d3e6568b481276f12ab1a1ab5186315528c989653c50bd4486cd73a22a1b29c9354ad593497b343c280efd266f072e500115ce9b0b68cd294494a64cd0530e1e10a223b693eddb9e332dbedebd9a4d02f38f99dd664e5cf507a0bc3757029bbc071b1b5da19fd92754eb52535684f9bb75bda27d1a017d8cf6e28fa31af3aeb98b79d3c15224365f24198a70564ca548df7b75792d011cefb7274906bbe9ad5697721ac4950c1e2ae56c779f8621fbcbaf429409321286e9f33285898ab221861875706160f3ffaebd604ef34fa4ed42de1f46e404d91e423de6700f58ae6fa076f8aa5a66adb79ad237da59b02c43eef6a7eca6cb86a5fb8443e075dbd4507581084301cbd7070f06dd06403ba56a94701698b6d804224a1d8d4d84599aef04c67d5003a858056a1d9aaad57e54b3e9c00ce79ce6aef6179720b08a0cc57d14470e9f68b41ed0da11f5af327483b6e1eb1efa1719e1e612e70c01f25ee3e9907050ffc683669f27847a9c6480d90d768d65efd63d9ef70945a07db28451f805cb7852a22b5a7b10e52c04a796a4c7843b5acce184c38642e2b43d3fb0b834e383c74faee9482b6f8155aed8a4f637d3e6578e71bd93dd2b5c6aaf846fcf6022b085494c8764210f1ca46cc500a5616735fc47a7347286430448bb4e798355b3c784efd47387d896e7c52ca5a5a704376e12bd7063de9b9dfc412db26158a20a61c1fe7ac252fab0133180c08685defd0469e74c897b2e57ffe6e1872581154897b2fe4643ea17447eab6bc3902f6321c154b30559090606af17019ad8e857baa38d83106865b7fd1b7aa6b298c4e79555e923de9c0706438a21418f87426989c841a943298fd310c488b853788f38125af9b53b1740aa26f5f81dc680aaa342c162f8395272db1f1743c7edbab2a1f91a9a135d0af983c0a48c79d4fba5c3d8275f115fcf5f62ba70a193fbdafdbb27731ca5b5fc453e32103d8d06da40b33eee02b42f1197bb3216afbe0509698ad6df5303644d04f118f2ab4886b9af5eece109be99cc6bd1ab5c8fb8119b1fcb342f3dfe1dd5907690bd30cce88f52fe9caa89d6537d8209810973e1b4d35d24524cf5cb308c483cede398bb0b73a70cf67274cb4740882aebb74eda302b13c4f467de96031f612d552aeebbc472ffcfda196caf19b311a3d83e8970b1c71bd64d628f334e970e603b40fbf08186e83a689d98eaefb6a4170d2191617d34f1d7daa060f782474cdaf09e120d11ed6894ff8faafc5e941daac8c1a0ce9c1a3394634ea8ffdee74989723fc8cdd3b338c7e908b903c87bdbd495b554beee58b186aef621762a41b57249c77193f1dfc48e2b7873e3281c9c6dc3adaca20edfe7b641a4ded9f2ce08a001d294624256026e564f31f62ebec914d745f653df2a81349a47aeea425d52aeb45f99cf69cacf024ffc7eebe76600fff8e66c0871dfc626e4f338fa94e75aae65ebb8f85083347fd4d896415295ae5858924f5ebbb0d40e42f3b91c00bac7cb2f34739d54b380c68b7857b20a8bf7f8141a5794606b76373eecd7dc13f74eaea01a6c3cd20a6926370f6009f5a091be736dc1bb760765e53ed285e5746be4fb17f4021887ff4a3a6e8c9ea63b6d5f90589c0ad59d41518a565442b056679a245adfc23aa68571ed37f0d1b968449e46a5ede67a66979acd1cd22c98a0cf821e5eb6f7e34630c13b4ff0a065a0ba15c637d27fc40c8117d6e9242eaefb69c6c363bccb7222b8832978a49d172b64a928b74499821cf5f8fc88f1628e00284289b963becb4e84ed595bf9580eb9a2bf0d1e55f295a96785f7766ca134e82da5330f357473e2b1930515e7a7680b2ba28cc515a9be02ba0d0a5f28dbfa8e5787c64b04dad5186b0ec0f04bb153e86c8c7227beec8538737fb5f6c97774889b0288b544e73f23b36913e1c7c32b5a9601cfb813fb20102f2ebc722cda91963edc7fa20c28cc2f1e145c58b39dcd25fc95d0b366cf32449ac33ea14c23a2c69c9ab4bb4757ce489d102ba4c2035c63680b7362e34f7402c25bbf4fc6241f5076a4da86a0dd68014ed2036ab4bd1b4e44e7903ff018741738089cdbafe723adec95066549e091b27415176694208c4318148e85038a688c554ce77820a37bff74ee1c687f126d3654bce10442f42a0adcfdd73e0d22ac23ff0b9c4f7d70834f6e1509d490e8e3746df5b16fea50ca50859b68e1bbd78252c968d4a9f3c19a3613cca45f5a77ec150428635a901e0ab9576c5e0b4157baff999fa8089e35f4b03b1a40d1c18d564f0876ceb275b45edb889afa6e224c581fead94e061ac15712b54466bb700c4ca344af0394086d2c2744973512f16be37d032d565011d09d87ecc8c404260323e6c5604fb7f9ff2e2dbe94aecf13dbb839bfd44f187c9f1754b216ab8dce20227e6ce893ceb0d019c0e2351847475c536f663410d5ef993186323ffe8542089f73627276287a5622900c7deda26f1f7ed203ff6b6ba84477f4de3c6e6e483e30edfe4384d74ada0bbf9dbb93094efa7805d021d9b430da95fa8dfb5c8e36f069dde43b5a8cf0e2103e65354cdb5455f5658c44dfd59d984b341748fe24ad2efa3ad6f3e078470becfee03c84e9f9dc93e20e00b155bd1f1f32fce125c2ca0ca53eedf3faa261acef9770493895c45736bdd5ffed3b53a99c8c80bcaa2fe3952f0ab2f0ef35ae82cd83b541097c652f0e06b14f0e2b6f02fc83ae0be239edc6834f8cc41da10265b90a135ef083f1ab3b97657a57182e6d87c92f464af3b652ff6ba2d2b616dba7f9ad5582cfbf88ef3051ac285ac0a84267589d62d7256f148b7283c28dc473bdbe2e1c03f36454744c3937a114c34c1c1cbf2ac03835f93d671be32fa32e6f05a8df00519f52bebc40f249bd934afb6a2b8264774133e6b6fbc7d7d48c8e724c28d9e11d3a4ca6aa08a1e580160974138ffcd36b9a96bce5086a7aa4aa73f62adc6449a6ce02ae16bb5087bd6c011cc20a61ecfca403fb6613e89ef005f449e82afb2fd42032e5772fa5498a437812e5fc5eac791dc97ea8cba4b3866fd78b1efa2227e99e650765e8f872869ae3f648b8e0505aa163f35245122f15a99f4a79bc54f00c172490a7c61dee34ccbbd7f616f4245430b21047fb430d342ccccd8d49106429b56c3f0f72ea45f0d8d0d833baaef1bc3d3fcbd5937400afbd632dd569acf0d274c99153918f9fda139f941144abf7e1081968775a119a86580dc27b4ada53d9904b11b17726f0324720cd86595af6acde6e72e03aaddadc8c431b152a0eb87dbf89903a2662fbe8aa7c27a3d35b19e0a27c54451e6b145ca9916097a39c7ac10d09b53ab80c69e61053b76d1ebaa0b8141640df03b9930b95b6db2782a81c7f05f2fe736ce30a78a436cedfe2b7f68c6256234e5414e0a316335a22236193f955711e730d58e8925c0c70d753116b260d4b9402a0bfec52ffe1efe346981dd4439a4087345313e06a66bf69acb83515cfe23136e5b410e9d72e68c68d863e5de9f5094704d043fa7080766a1ac9cc0e5998026f1924da34268652a5b770f0fb38a36fdadb44c40eda2d662a5917b7d20c619015a21d54bc7b15044d1b5809e764f9c4a30fc08cf19f877b4a4479219ecc469e111d19f8a64923c8c734afdcc56b675da331e7d5359c3585826ec77090a32e9d1cacaa2589ad1e39e6d2f05f0c45f6f1a17e550c2820f6ad7c56ce5db2f707471d559c3b0d147f58604c1f0b400bd2d381d14d772656912007aae7205eb3eca9fa3a43b897061782f7b9c4d531d808012cf03a95f7ad8b46ea1ff7cc2d8f115726de88fc930552374c3b9db73928bc614f52277c58541ba3f9443395c1d83f005370d24418d4b44ee965dc8c5648b459", 0x1000}, {&(0x7f00000014c0)="3e5361e91364243a005b26689dd5ecb757b2d2fb9f708c42b26a7461fdeb688bab74181dcf0b8607ca915e2cf5b5ec", 0x2f}, {&(0x7f0000001500)="ae25a7227e4924cff79c09563290522178530b1a423fac3a9a7540bfe71cf5b8be6d15c45aa8a3d60a0c5611fb620ad17721578276256b1a05373cf01732969398ca0aef2e5e9ae45935812fac4c843828412f7d91cad16726ad6e4cb318db6436e371f857aaa7edfe08b8be4346", 0x6e}, {&(0x7f0000001580)="e206b2bb42cbeaae7eb30d2eac29036a72a74a156265dfe74427cf5c362c62132dbb5653d3a577ae2d4d1f9704", 0x2d}, {&(0x7f00000015c0)="0d22ea8799b8da37454c1032476e0ce6bcbf5506dc55cc4f699b6508e533120f304326a261b29bb4d6b26c377a4ae94ea39331a15c68eead6b02ae76bcd25586bc0c36c5b73456cd44dcab2dd549b3bf42d2f281f768c0b608639eaa54deab55070015a4a3db0e2b9fb32908ffebc4d46d8e53dab45ff3b228d3ee0b427a2a4fe01999a1809d952f", 0x88}, {&(0x7f0000001680)="902b17653934d72f8e27b6fd6f0d7b6f35d5973158c9c60ef36621a4bd74121835dc4171c0fff56406e631a646e94a244d0008004d2d8f4bd59bb23560ea517d0d3f0a7beb", 0x45}, {&(0x7f0000001700)="72784874349d19d5d83cec18a6f5a93b61970737520c21e5f404e2c638f0f4151285f2090e8560d47982c0d9804c148d46b3dfea6ea0cecc74a32db635368a79b9e44cafe17f62a2ac6e54838c3f1d0b74111c619e23eb6db27f0c89a32f37ed0ec2bf66875dd0edb0ef115100d19b4df6768e41f6ae98f2e80bb47fe0cda72c2e92e5c368256bba332a684e05f68e0e8f3830917d1857b6c626ad32c6f90045483964b44d2cf223fc4d18c0792357f330670ba7a8", 0xb5}], 0xa, &(0x7f00000019c0)=[@dstopts={{0x30, 0x29, 0x37, {0x6c, 0x3, '\x00', [@hao={0xc9, 0x10, @rand_addr=' \x01\x00'}, @jumbo={0xc2, 0x4, 0x3f}]}}}, @dstopts={{0xd8, 0x29, 0x37, {0x6, 0x17, '\x00', [@pad1, @generic={0xcc, 0xaf, "4e27d44c16bdf880d0b229fe228f4aef96672174ae2bb628434f407cb5a02180535948d28b82d54caba1aa399a03f8c8e80076875e154f53818aae1538e30e6339fd781f61ccb20d6f8ffd39178b977b9143df2373ac6a4b3e90b40c20fdbae81ab0caa657171a0597dded82e550076399a62ee22361d24bb89a3ea5e87af0826593f1d84e40fccadf52301a1adc8377fb4a794d4f74a2a7aaaf2c2d24dc52257fbb27ef209bee3d6e44ce2ff77e4a"}, @jumbo={0xc2, 0x4, 0x8}]}}}, @hopopts={{0xa8, 0x29, 0x36, {0x3b, 0x11, '\x00', [@calipso={0x7, 0x30, {0x2, 0xa, 0x5, 0x9, [0x4, 0xfffffffffffff884, 0x3f, 0x23, 0x1]}}, @pad1, @calipso={0x7, 0x58, {0x1, 0x14, 0x0, 0x0, [0x8, 0xe218, 0x3, 0x1, 0x9, 0x8, 0x3, 0x20, 0x855e, 0x81]}}]}}}, @pktinfo={{0x24, 0x29, 0x32, {@mcast2, r2}}}, @rthdr_2292={{0x78, 0x29, 0x39, {0x2b, 0xc, 0x1, 0x39, 0x0, [@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @loopback, @mcast2, @rand_addr=' \x01\x00', @private0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02']}}}, @hoplimit={{0x14, 0x29, 0x34, 0x7}}, @dontfrag={{0x14, 0x29, 0x3e, 0x5}}], 0x280}}, {{&(0x7f0000001c40)={0xa, 0x4e24, 0x3, @private1, 0xf}, 0x1c, &(0x7f0000002000)=[{&(0x7f0000001c80)="68f0608cd2427db02c0b83a5afe4b6d37293496ea2ff855cdd3d1042d324358072187c711313964e9d6b56e10b5725c38d29d0c1a60646a3a3e68630e0a883dceb9af72e6566615c765bee4a19b0983738ff5a4a6fdeda4c67ab9da10b207081ea404cc79ddccc62ce7396acd1e696a193ba425b5e8c6a7e608a78d1c9e50d5499b69486b254a6195012a7d88017cece42b419ec6334b5c673dbc65c96550bddd3a5abc78c2feb16d16911e422429bca0ba023a1454040712b59e0", 0xbb}, {&(0x7f0000001d40)="7e638e024d22297e024022ab80cac2604893bf9bfb5611c0ce960075056aa22ea951615d7c86221756f81d9b21f5fdbab7b3f48c4e", 0x35}, {&(0x7f0000001d80)="bf579197e7a8faf038cd94f02e301e2263e6ded4394eb0b67835fe4814d4393d8ebb40e118a4a36acdd1833d3aa185bc051d3acabff592db88cf26a1faa0d2e55e4fe9db113e5cfcd98a577e011f01a3d126f6d400a10c63207f2665e747a2070d0c0ba28912266cd617f260ee7ae55d1b499035db9520565cfd84a26e12ae0afad5170311984e0835a266e04f2d41630d6597ddeb14cb01a2705eb9593a81866d311aea3c461fb67e32", 0xaa}, {&(0x7f0000001e40)="6985b8ecc9712ddb324c3671a4fe6db0a2cf86d8f3f24a108f2cbee0c7ffd6c67f7a4688733437fb19d153d534b1cb7b3d15f5a222c4ffde7ed8177fa6b87b98236430281fac3fc1c4996c9f0abf5447cfae3a1c466004d686a766ecb4732490fdd0ca691f548c7cd2780e5766cda15bb5b28f92e56785064fa7ad0ff2bca62e1e798ceec344f5e325cda173e37b7fde7caad338f60695c581e55ece9e968242550ca7eb472159f2f413ef9451", 0xad}, {&(0x7f0000001f00)="717678f2a8262dfa1f9eb01e887086f2ba8920b73a178f4839f7dc3f48ab3bce917a6bbaf887a178aeb956d6cf1501138125455998416de51def73ccc2cb36a1f6338807b14b1e0dcbbd4ede8e0a55e8bea0e3e3e38c083456f7b7edb73136e21d47600554740fcfe652bdb75be44a344d7e9ce8a76788f6e275c25f74824232250ce5c5e8feac08c5ffdea76feb45512d92bb0ff3346cd75e95a6e5c15ad167fb581af79bfa729b5719a54a73b06a1cd4fe9a51eeb071e9f8c94231f75597c5d63e103c947934824208f672e5681bc485", 0xd1}], 0x5, &(0x7f0000002080)=[@dstopts_2292={{0x78, 0x29, 0x4, {0x21, 0xb, '\x00', [@generic={0xd, 0x22, "ef39495f865476f2d541f705009401cb5591288bc23c9c11c32ae53df9ffcbfe7ddf"}, @pad1, @padn={0x1, 0x2, [0x0, 0x0]}, @calipso={0x7, 0x30, {0x1, 0xa, 0x8, 0x1, [0x80, 0x0, 0x520a, 0x7, 0x7fff]}}]}}}], 0x78}}], 0x3, 0x0) ioctl$BTRFS_IOC_SCRUB_PROGRESS(0xffffffffffffffff, 0xc400941d, 0x0) r3 = openat$sysfs(0xffffff9c, &(0x7f0000000080)='/sys/power/state', 0x2, 0x0) sendfile(r3, r3, &(0x7f0000000000)=0x7, 0x3) 08:40:12 executing program 5: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) r1 = open(&(0x7f0000002000)='./bus\x00', 0x14b042, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000f, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ftruncate(r1, 0x2008002) r3 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000f, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) write$P9_RREADLINK(r4, &(0x7f0000000080)={0x10, 0x17, 0x1, {0x7, './file1'}}, 0x10) sendfile(r0, r3, 0x0, 0x8400fffffffa) [ 235.675376][T21872] loop0: p1 p2 p3 p4 [ 235.677161][T21872] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 235.681771][T21872] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 235.684477][T21872] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 235.707693][T21889] PM: suspend entry (deep) [ 235.727478][T21889] Filesystems sync: 0.019 seconds [ 235.728895][T21889] Freezing user space processes ... (elapsed 0.015 seconds) done. [ 235.745763][T21889] OOM killer disabled. [ 235.746547][T21889] Freezing remaining freezable tasks ... (elapsed 0.001 seconds) done. [ 235.749101][T21889] printk: Suspending console(s) (use no_console_suspend to debug) 08:40:13 executing program 1 (fault-call:9 fault-nth:45): pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x0) 08:40:13 executing program 3: syz_read_part_table(0x1000000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 235.886814][ T1768] sd 0:0:1:0: [sda] Synchronizing SCSI cache [ 236.390063][T21889] ACPI: Preparing to enter system sleep state S3 [ 236.390201][T21889] PM: Saving platform NVS memory [ 236.390204][T21889] Disabling non-boot CPUs ... [ 236.393512][T21889] smpboot: CPU 1 is now offline [ 236.396111][T21889] kvm-clock: cpu 0, msr 4506001, primary cpu clock, resume [ 236.396183][T21889] ACPI: Low-level resume complete [ 236.396261][T21889] PM: Restoring platform NVS memory [ 236.396269][T21889] kvm-guest: stealtime: cpu 0, msr 237c170c0 [ 236.405811][T21889] Enabling non-boot CPUs ... [ 236.405971][T21889] x86: Booting SMP configuration: [ 236.405974][T21889] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 236.406192][ T0] kvm-clock: cpu 1, msr 4506041, secondary cpu clock [ 236.407250][ T14] kvm-guest: stealtime: cpu 1, msr 237d170c0 [ 236.408889][T21889] CPU1 is up [ 236.409121][T21889] ACPI: Waking up from system sleep state S3 [ 236.522259][T21889] OOM killer enabled. [ 236.522877][T21889] Restarting tasks ... [ 236.526995][ T1135] synth uevent: /devices/virtual/block/loop0: failed to send uevent [ 236.529257][ T1135] block loop0: uevent: failed to send synthetic uevent [ 236.542479][T21889] done. [ 236.543061][T21889] PM: suspend exit [ 236.551117][T21872] loop0: detected capacity change from 0 to 264192 [ 236.560969][T21901] loop5: detected capacity change from 0 to 264192 [ 236.563047][T21901] FAT-fs (loop5): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 236.567864][T21910] loop3: detected capacity change from 0 to 264192 [ 236.572410][T21914] PM: suspend entry (deep) [ 236.578057][ T4842] FAT-fs (loop5): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 236.580061][ T1135] loop0: p1 p2 p3 p4 [ 236.581064][ T1135] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 236.582582][ T1135] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 236.584333][ T1135] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 236.587344][ T4842] FAT-fs (loop5): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 236.594457][T21914] Filesystems sync: 0.021 seconds [ 236.595524][T21914] Freezing user space processes ... [ 236.596373][T21872] loop0: p1 p2 p3 p4 [ 236.598176][T21872] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 236.599876][T21872] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 236.602117][T21872] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 236.608748][T21910] loop3: p1 p2 p3 p4 [ 236.609563][T21910] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 236.611214][T21910] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 236.612874][T21910] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 236.616723][T21914] (elapsed 0.021 seconds) done. [ 236.617539][T21914] OOM killer disabled. [ 236.618203][T21914] Freezing remaining freezable tasks ... (elapsed 0.001 seconds) done. [ 236.620561][T21914] printk: Suspending console(s) (use no_console_suspend to debug) 08:40:14 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x60) 08:40:14 executing program 0: syz_read_part_table(0xfffffffe, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 236.708656][ T4842] sd 0:0:1:0: [sda] Synchronizing SCSI cache [ 236.868807][ T4736] psmouse serio1: Failed to reset mouse on isa0060/serio1: -5 [ 237.221095][T21914] ACPI: Preparing to enter system sleep state S3 [ 237.221182][T21914] PM: Saving platform NVS memory [ 237.221186][T21914] Disabling non-boot CPUs ... [ 237.223704][T21914] smpboot: CPU 1 is now offline [ 237.226259][T21914] kvm-clock: cpu 0, msr 4506001, primary cpu clock, resume [ 237.226321][T21914] ACPI: Low-level resume complete [ 237.226399][T21914] PM: Restoring platform NVS memory [ 237.226408][T21914] kvm-guest: stealtime: cpu 0, msr 237c170c0 [ 237.234961][T21914] Enabling non-boot CPUs ... [ 237.235114][T21914] x86: Booting SMP configuration: [ 237.235116][T21914] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 237.235355][ T0] kvm-clock: cpu 1, msr 4506041, secondary cpu clock [ 237.236643][ T14] kvm-guest: stealtime: cpu 1, msr 237d170c0 [ 237.238195][T21914] CPU1 is up [ 237.238428][T21914] ACPI: Waking up from system sleep state S3 [ 237.343572][T21914] OOM killer enabled. [ 237.344126][T21914] Restarting tasks ... done. [ 237.357281][T21914] PM: suspend exit [ 237.360740][T21924] netlink: 1312 bytes leftover after parsing attributes in process `syz-executor.1'. [ 237.366245][T21924] FAULT_INJECTION: forcing a failure. [ 237.366245][T21924] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 237.368367][T21924] CPU: 1 PID: 21924 Comm: syz-executor.1 Not tainted 5.13.0-rc5-syzkaller #0 [ 237.369804][T21924] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 237.371332][T21924] Call Trace: [ 237.371862][T21924] dump_stack+0x137/0x19d [ 237.372599][T21924] should_fail+0x23c/0x250 [ 237.373359][T21924] __alloc_pages+0x102/0x320 [ 237.374167][T21924] __vmalloc_node_range+0x319/0x5b0 [ 237.375005][T21924] ? netlink_sendmsg+0x425/0x7c0 [ 237.375877][T21924] vmalloc+0x5a/0x70 [ 237.376589][T21924] ? netlink_sendmsg+0x425/0x7c0 [ 237.377565][T21924] netlink_sendmsg+0x425/0x7c0 08:40:14 executing program 4: pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat(r1, &(0x7f00000000c0)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) splice(r0, 0x0, 0xffffffffffffffff, 0x0, 0x7fffffff, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)=')\x00\x00\x00 \x00', 0x6}], 0x1) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000f, 0x12, r3, 0x0) preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r4 = accept4$inet(r0, &(0x7f0000000140)={0x2, 0x0, @remote}, &(0x7f0000000180)=0x10, 0x1000) ioctl$F2FS_IOC_RESERVE_COMPRESS_BLOCKS(r4, 0x8008f513, &(0x7f0000001200)) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r4, &(0x7f0000001240)={0x30000000}) write$P9_RFLUSH(r3, &(0x7f0000000100)={0x7, 0x6d, 0x2}, 0x7) r5 = syz_open_dev$char_raw(&(0x7f0000000080), 0x1, 0x30000) write(r5, &(0x7f0000000200)="1a2eddce04f3f29c8bc6aeefef86151b5bc2cdcfe01720b0c87a63aa968a50a4ef3cafba3bfd535de3587971ffab782044ebab64c554d16f74881a4b5cc6e9c1d3c7a14e06284580d2b4ffec29de70b3f71414d9c159083bedb445e369c9d5a5e88e8b4a48e0610deb5bd78e4338c10115b7a90a31ce1b16401cc78470cc744d5395de2b23b0e359d97ad6d795b46f6629e02e96f94a26db62710666ce2efa0df9f2f481b22a88c6b43bb0472c5a67ae3229285184e8bbe30ec368eb52095bdc7afc3cb28aca9d7e097f26bfc75683b02458e508a1c4ffa2d4b7e6da20eeff55008d17a829426362872786768f8a88c97c6958e0bc7fb365ad8c52ccb69b6646c030ae1a984a133ecc1b8badd52a806b5dca4d663e8be6ac26ab7de8077ece4f123802157a1ce6b22a33355b313702ff5e46137fd03d11d48329b111b26d909610b8b76d30fcf5c7a2fc90cb977bd4b47e22a52f595b110421b697e3793112c7aaae02cb0bf73b25824db999587898bcf7a545e72e9315ae8c88437ef6cb2fa477d8161d8c7301402326e1b0821dd4394d323d4d17690211eb958aca0b028ccdfcd0c6f0f1cbb121337c68a26141ca52279e3d68321c465dc44f8d9ff89e436077755b20a61bae91211efffd64878c9de4706e221ba68e22b2be50dc50aea74c5f1499b49758c140801bd9d6146a4d85aa7780ece9204864f688f3db08b7154b05187a1c0ba2bdad64788bd0abc09e542b0dedd75c61a003d2a77b5c2a36a72b4174af6a37c2e611a43d88760437b2bbf2d8e6c59b60f83a00aabc2a1f79ce0e89a06c10f0e0def63b08bef485051ad2b0d9b6dbaffc539861a8aa8e51e33aeee35bf0a9234bf89ccacfa686698f4d6e89777ee2e32ca803a0e5f84f23a81c88f9a76081e581f1f90705f9422a6fec748f223cdc715ee275c93d723e766bdea801ee8143765cead5c6eb82b3a97cb583e210a98749fa069fd5785fd16b37e6b2e0b3e98549932a32b89bded0d7b99f5917207f8cefc232efade8a370c9d9d5e033c29c92d2ffff689d8995e590bf15d02d8eab92febd3323b18682a8050f7846789ef9321672e7fca0a6d01f356f6548742e6aff05c685cb70cd63deda079c185068bf78a2f9dfaa82f86642b2ade6cb83277d502e3664bac98b18a864048db34809800f07ffc2806286214bb5a7424a77e2812990a3458c838ed47590ec4bda025ef44f25c23b20b4ec5580b8d24e98b930c12e350af81f4848b8ad0538de5fa68c8df8fec9ded237d6412a8726a87bce0c2631bef6567422b816acb0ba05fc2c46906dd8672685715a0909b94b205ccba61eda9f87600b8b5dcefbe5bb435f32e4dcb47f851f89ed8f11b84a03f3de58269a17195e42b6bafc1ad49c075d16312e3e0c00f00355168f98258d9e1322137110b3fbd510eafd2753a1e71d8d11a0f37f9d5eb0df66a01a28e3eacf619fe5b5072b4f5ccfac4c2d45c8be79d0ddbdd04e101bb357a7ea70cac86666a48089bf8ada1e301c9168d3d5b7f059fa46df1cdb14a8f077e4d6a3612d13b28a382bc9f66a304f64b80955622902cbf24863f2fe8ccb4d50aa040e5f80352e4077e7f03650b0c6c60dc72f4880b65ffd900d689af8f11c1b9c5cd0bebce5b7f3d1388c512958f704de7df30161a35534311b3b1c16119cec927ce1ad9bb2ca8cb5d6e32240692b00872d1ce85becf43a03b8bc50422698242adb31e4388b3229cdd7b0c7bfe02788c06fe5df3561678bec86b8a780990a5849bbb43f4443897bec396e0aaf6ae265cc9388ce0f916b47141194b48610e6aad6d67fdafc1e9da06f22497bc997644fb5de00ec941ad1824253ce3b50be7a8e88482afe1d825dd3e7fe3d5d3dd24da205908de094a13c47d84325515dd91d99b91afeb86677062927d58bafdad2dc13286b584b663c8bf802d724fc0cdc174c045ed975989968136776cdf203525119c17768ed3987d14691dfa768d84a907148062e71fb2d9d2a80b78ab9c92f55d7e427757923c1736b3cdbb89b59281a7866659f3fb608e69fac139c64acba57286f2151563d88fea58f14ca324803a54bb573839da12d3b8df3347aea854c1eb76c7293dfea706a92d05964a9c689bffabf96b10f665c09e25af8ace96576f07e7a02d260efff4886a833c9dbe3179068d7279c91885ab2c813ba306f540e70f13534a47bc0b862fcd254fefefb4eb7ee3c44f0b836970dafda68ede654ae0130488463fe9b24e07404163c495d2ed5a3b89529b36d33b45e5a4953d94d32ea0896e06e9fa0830518ca1b54280d8ab142b442943c36369e2bdeb7de504c68acc49932a4a233126945d138c5dd0db7a9f80431413153a02c52cf50698286096622d91cdbe5625427e40a9d939e62b9a73aad8789a28cd54bab9606d122cba98dd381bcc8c84282fb2e039e122930fa0b022d7e80d28b6bc8758d804b1be30fc9b313e4bc0353012acc9a5ccf73dca267bb143c3150c5a2643bca5cab8d01be8d9e78b39712b3bb913afe9515c3fb026383fb5baf6e12b98cfe5c8b5509450e171796f30ff77d7c94b581cf0a7295ec329bcc6719dc06f2e22fd3831cbedf23d6775d212426199d23fa3593106d805e064aecfcc3a84124a0cdad7320ecb43f94a23640633845d97ac870eefedae933dcc1de15bb6bbd3d23743a13971ec072da6621b42e285607b9e07eadf22e0fc6f7340cc330c22590e551430e9503b05b5aaf899211d6d290e70495f5a1c75ca4a2203dd7d4415d697e4fb9964c6d703ecdcfa506d3efde18ce4d82bb02defee3f692325b316062aa9563a5d090167b8114cc79966cba595db2595534e82366738012b94156b731f12caa84241598a331794ce389b55411380da01782f804b61c36f40317f24e1a995b3d4e9bf9c27e532ad3a44db2ecf6105f1c1327be9d0cea5acc8b1990b024b90a88e9fbba90beb4a39e0d6046034d7185b289382ce2479e1d960e0e318a8323807df3e27c75e470dd814cbf5db2a88aab4801774f040345a86bcad2d2eb93f7a28e82a05e52e8592512f683917b24203af6c93912926c786016ab126c65c064b793496c9447dd10f740b96fc1cce70505ea678058f23186fe1344b2457f0986ee424de9ceeef946ac3900ab7775c56281486a0ebf5af8228081123a4209267c44ac05600c4f47aba78fc4d6fd6472cbef669b6aae9dcd257a19febbc7c05a85af81aabfb66f2dcd95592e9526b90b58d5364817c377524a6c26d46c2c42295ce4a4a6e8a5c4ae44f0b7b1cbe034d016c85edb60c429bd89555851251f3d58bf86ec9d5e43a1add69d6eb1471de4b14e85a5e4b86f96322670b7db3eb00ca6b1ac4f0f34c52da0d53c9549a520e445145e7e1208a6787747f3d8ddfb2d706c348908d4568194131b5d3e5fd9ca506828ad235d8d12f43f1bf4f17a105f976e064f0e79e5f8f1b543efbd38cf398603e35eed265ada14a5e45ae33d7c1803f187d3b35e886c0d32c5283554a8ea8b58844f5f314cc4b722d6088a4fbc1735b3e8d7bc5c022c7fccd289a23641629811df5dc25af88f1b153edfb452f59822f5581d3375316e5ef927d403ab10919a50418a45774c861313d0edd33103d784228aa88ecd948434b5201a112ca75c0a5bf7aa6660a9c6a4a7a4d62212e22c42de657a6d2f6c763faad156ceefbddf789a0a19db218682a9152de857af08ff4ed5def909caf95112c7ab7353419193c244b351c4d207397c4ad6ca40ad3bf33b7ea151ac190ccb24cba21a98268fe82481cc519c3093f48d7f6de8e957f08aee0973b1961f171dd1a8e3ba0252c014ad09f3b9d946a5c83f90d3d9fdcc6a5abca9836152cfa3cfbe858265a7a39b2fc08e9cd0d42aad8c6f52da31f30826947e82fa12d2ff8f9fad1147e8fe0de0373b55eddfa0f66e9499f72ce935b4a2a723fdc873a72fee3f6c2b0c7f992414c27f28fb4285b3cd23a0e4f73a19b5f18f9b203f84d72f453a7f59bf09ee7fa9789ce6a4d2129d8cee7c5735a12c4c6fb182879fa4afc76cf90d4f4f339bf810479f0ececc16d8dd0a446525eb5489b67e39fe4a8cc39bd8f5b076ab8716edd6c20ba7ab1541218d70a45c33d247bf6dd4bc1e2958f8ac78cbe7c03a8e7b0c8d70c35246002d0dde3588ad20fb6cbd45cd40e307b8eefa7335a2631ddc993075d43c3d8f18954f8ead4ff8189b954102cdba5eb542c80e0cd36815cc6822a3ec4fa0d00702745b751b4706795b43a2d00b9cf517a4a52bab429f8ab01890ccd276fda72f1e6f5f1283dec80639620e6d78a642a5fb5886ee5f4adce7ea2205ed29aa075cb59a010903e55086f0bc153c18b307fcaea10e1fda55660d2c8ec2a07ce71f709eb524f3fd5d56624a59aa96df2b85bd612e15c90bbb4ee0d8d76eaf08c362e562fea756870e4c2f03859091333cf72c024247463c036b3a2896641b50ce7b888f030f21eb0980637eb919c45ae5954f3ae2d6a5c226c47645ffef1b782fb3c890b8a2731c738b965ca15d38d04e29ccb42f9a841de05a03efea2a9dbe684bfce3da757d1c4acf4b758ba230c3aa1a3799e28ea1a075fb6c6cdc26d4c4126eaf7a15d047881e3fdf0d165e9628cd4121b41c802699e6ea211182d28af48c6846b4d4382039c20d7299708157c0807058c63d877de42cc182098b23221a8199fb7e42fd4e2eef1db5e5b78c5fa9d22e68ae853dd1c88867b62d935845fca64fd7d0d94e9a8f2d2f970034b4561fffe231439e44c3a00fa43f605839e2d13419645e579da96303e738158c7a15d2058bd58d91ede7c3b31bcbc8289a53115c373ab1b60f6ae620fba653de88f3b6710dff60be494aa145c98a51fd62926141896862d76ec422195c66a3916ea19e00ce587857249b816cc2bf3155b1a4d8de1df6e28d0ca4c88305455779a1a8d7bdb2d7c07eb26a2d92f556626261643b6b562f79ba70ff45fca9cdb32b4afa91e33bc6a8278d9c2f4858cd5a19a3ce5a7a14414fc2fab6ae4707e58ecfc79fcbd8942135af476dc29ddfe90ccae55593fe1089ed16cb35ccdc455d184a8ef1dd7837dcc48d4ed1b643bc86d888a4dbff7ada31dd09fb5919cf01c3fad06463e1f1bef47dfc85903a1add4828cd072b53c62e00a1a2b1c7a16915dea26fc5b18813da15bce445fdf43fead25a1a7aa3bfd961416f8f9bf1cc143a0c88de64b2061858e6dbbfd6eac04c2e2835157e04dbd6e2acb584b246a7f7a713e3fc9341bde7feea9777a17a7f71f9343d1140766400e6305620aeacaace9cc645c2e7e5e1d00a203829d348a834bd2edbbc94f276534542dbcfa09d74aef6740f7b27bc49d0bb90114f6032260973efcca347c32a45accb7f4b9aaa0fbbdfb56eb852731d8446c971e9461896084bf6cfb86c860716d477fbaa2c64b791e95575aefaa900ae35a96b7cb76baac749b13a3e1f53034b28b1f194d4d6eff522c99d361fcca9419b8e4d5d30944003f11345cc5b59f04a3872c9b51cbf52488c76b8a924c7acc41ef43d281f95f363eb1e6ac692e033210f5957ba3274ed12f5d089e67a2376ee4210c6ad61647a34cb679fe023615856f028bf2a5a6517f0e42f5cea6c9d03be07254af94852564c37076c1dde6576d74b5c423421047d67a90fc0b826137befd674c24407725fc59a64eedf15f841180abcd64894ba69a3db110c64af4b648452a601241941e23d384871720e89fdd3381d678014824c826f16813b44e6c3f89d2423a3e61c16d27a110b205c2a523a7a29567d8d", 0x1000) write$binfmt_elf64(r1, &(0x7f0000000000)=ANY=[], 0xfffffd88) [ 237.378321][T21924] ? netlink_getsockopt+0x720/0x720 [ 237.379311][T21924] kernel_sendmsg+0x97/0xd0 [ 237.380030][T21924] sock_no_sendpage+0x84/0xb0 [ 237.380830][T21924] ? __receive_sock+0x20/0x20 [ 237.381601][T21924] kernel_sendpage+0x187/0x200 [ 237.382502][T21924] ? __receive_sock+0x20/0x20 [ 237.383403][T21924] sock_sendpage+0x5a/0x70 [ 237.384540][T21924] pipe_to_sendpage+0x128/0x160 [ 237.385806][T21924] ? sock_fasync+0xc0/0xc0 [ 237.386742][T21924] __splice_from_pipe+0x207/0x500 [ 237.387789][T21924] ? generic_splice_sendpage+0xb0/0xb0 [ 237.388955][T21924] generic_splice_sendpage+0x80/0xb0 [ 237.389803][T21924] ? iter_file_splice_write+0x750/0x750 [ 237.390638][T21924] do_splice+0x9aa/0xd30 [ 237.391424][T21924] ? vfs_write+0x50c/0x770 [ 237.392192][T21924] ? __fget_light+0x21b/0x260 [ 237.393064][T21924] __se_sys_splice+0x2a6/0x390 [ 237.393874][T21924] __x64_sys_splice+0x74/0x80 [ 237.394592][T21924] do_syscall_64+0x4a/0x90 [ 237.395350][T21924] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 237.396328][T21924] RIP: 0033:0x4665d9 [ 237.397010][T21924] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 237.400349][T21924] RSP: 002b:00007f94c660c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 237.401795][T21924] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665d9 [ 237.403072][T21924] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003 [ 237.404466][T21924] RBP: 00007f94c660c1d0 R08: 000200000000e228 R09: 0000000000000000 [ 237.405820][T21924] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 237.407347][T21924] R13: 00007ffc46e01fdf R14: 00007f94c660c300 R15: 0000000000022000 08:40:14 executing program 5: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) r1 = open(&(0x7f0000002000)='./bus\x00', 0x14b042, 0x28) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) open(&(0x7f0000000080)='./bus\x00', 0x5c1402, 0x24) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000f, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ftruncate(r1, 0x2008002) r3 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) sendfile(r0, r3, 0x0, 0x8400fffffffa) 08:40:14 executing program 1 (fault-call:9 fault-nth:46): pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x0) [ 237.429203][T21910] loop3: detected capacity change from 0 to 264192 [ 237.436172][ T4842] FAT-fs (loop5): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 237.441670][T21944] loop0: detected capacity change from 0 to 264192 08:40:14 executing program 3: syz_read_part_table(0x1100000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 237.469375][ T1135] loop3: p1 p2 p3 p4 [ 237.471945][ T1135] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 237.473659][ T1135] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 237.475506][ T1135] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 237.478628][T21910] loop3: p1 p2 p3 p4 [ 237.479112][T21944] loop0: p1 p2 p3 p4 [ 237.480455][T21944] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 237.481031][T21910] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 237.481931][T21944] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 237.483932][T21910] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 237.484118][T21944] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 237.486430][T21910] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 237.495695][T21971] netlink: 1312 bytes leftover after parsing attributes in process `syz-executor.1'. [ 237.496831][T21969] loop5: detected capacity change from 0 to 264192 [ 237.497686][T21971] FAULT_INJECTION: forcing a failure. [ 237.497686][T21971] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 237.500335][T21971] CPU: 1 PID: 21971 Comm: syz-executor.1 Not tainted 5.13.0-rc5-syzkaller #0 [ 237.501690][T21971] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 237.501815][T21969] FAT-fs (loop5): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 237.503265][T21971] Call Trace: [ 237.503273][T21971] dump_stack+0x137/0x19d [ 237.505951][T21971] should_fail+0x23c/0x250 [ 237.506713][T21971] __alloc_pages+0x102/0x320 [ 237.507371][T21971] __vmalloc_node_range+0x319/0x5b0 [ 237.508317][T21971] ? netlink_sendmsg+0x425/0x7c0 [ 237.509149][T21971] vmalloc+0x5a/0x70 [ 237.509779][T21971] ? netlink_sendmsg+0x425/0x7c0 [ 237.510596][T21971] netlink_sendmsg+0x425/0x7c0 [ 237.511446][T21971] ? netlink_getsockopt+0x720/0x720 [ 237.512432][T21971] kernel_sendmsg+0x97/0xd0 [ 237.513196][T21971] sock_no_sendpage+0x84/0xb0 [ 237.513869][T21971] ? __receive_sock+0x20/0x20 [ 237.514547][T21971] kernel_sendpage+0x187/0x200 [ 237.515435][T21971] ? __receive_sock+0x20/0x20 [ 237.516304][T21971] sock_sendpage+0x5a/0x70 [ 237.517066][T21971] pipe_to_sendpage+0x128/0x160 [ 237.517844][T21971] ? sock_fasync+0xc0/0xc0 [ 237.518518][T21971] __splice_from_pipe+0x207/0x500 08:40:14 executing program 5: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) r1 = open(&(0x7f0000000080)='./bus\x00', 0x14b042, 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000f, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ftruncate(r1, 0x2008002) vmsplice(r0, &(0x7f0000001580)=[{&(0x7f0000000280)="16cb370d1577aefdabe625875a4088d6fcc7bd95c4a49f5c9a8dabd0", 0x1c}, {&(0x7f0000001300)="9b327f6f9c609d439cca8221e20d39ee7da4d6b47737e242ba344ecc33727300153bcb08e4dd2b", 0x27}, {&(0x7f0000001340)="fabc799af3e5a799dc1850dc24af47986ecc2d0ac4d241f5d4cf3452c529ee71fb5fbbe11638bf6a155d217d8db90cedc5c0a81d4595944fe806ff531a2da620d96a182ec0ce3a4173208cdb4bf3aee5c6dcbc5d57cab7a21e456351647ffd9dc5578e5dcb9a06d58b0f7b70a8f535dfa8d5169cfc985e5e84761c39e2a6738878ecacda946be2ae2e8f0f6f31fff1b50ab69352cbb257d71e605e60e27ab6d909413165edc4e653909ad3548d023086ff8583d3c1948cbfcec0e702141a2b5bc570d95358278c5a212efe1385399dd57953d75d0b9dd367b907ee66b785f10908b7e105435ff7b11904f12c31ab98", 0xef}, {&(0x7f0000001440)="d14d5c6a312b6941eb0188ac403a60d13e713a3c5f9601ca4415b61f113ac672496b72a3f56416e9beece81d2daaf3073676735ba3585f064cb29ce80b8408bee45f5d2d5e7d2d18a0fb36c7aea1064fe2f209cd359fe658b33b1df888de6732d508bd8a59c2b9fdb2271dfbdf2d308a4dd5aa1fa79b447991d364d08501cac9ae1954c165bcf4601e8065f8eb8edf823b26a7f0549617c084161ce46b9484f1a96b3f3bbea6338559b5e37d0bd7b44209df4982e88610c45c1479dd6f530932962f0de9e0db6f72251ba60ef35c74adc9ba1ca2e2cc07863b37", 0xda}, {&(0x7f0000001540)="c0fb1e54a7298f7a9e00f3d0830e459e5a480a80467ac3d9fc499b0a3fbdef147f93fc3abb2ecf2b60d9d912be3942", 0x2f}], 0x5, 0x6) r3 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) sendfile(r0, r3, 0x0, 0x8400fffffffa) r4 = perf_event_open(&(0x7f0000000140)={0x1, 0x80, 0xfb, 0x7f, 0x0, 0x2b, 0x0, 0x7, 0x1000, 0x4, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x7, 0x4, @perf_bp={&(0x7f00000000c0), 0x8}, 0x2000, 0x7, 0x6, 0x7, 0x6, 0x8, 0xcc0e, 0x0, 0x800, 0x0, 0x100000001}, 0x0, 0xc, 0xffffffffffffffff, 0x7) preadv(r4, &(0x7f0000000240)=[{&(0x7f00000001c0)=""/39, 0x27}, {&(0x7f0000000300)=""/4096, 0x1000}], 0x2, 0x4, 0xfff) [ 237.519275][T21971] ? generic_splice_sendpage+0xb0/0xb0 [ 237.520123][T21971] generic_splice_sendpage+0x80/0xb0 [ 237.520977][T21971] ? iter_file_splice_write+0x750/0x750 [ 237.521879][T21971] do_splice+0x9aa/0xd30 [ 237.522674][T21971] ? vfs_write+0x50c/0x770 [ 237.523354][T21971] ? __fget_light+0x21b/0x260 [ 237.524026][T21971] __se_sys_splice+0x2a6/0x390 [ 237.524737][T21971] __x64_sys_splice+0x74/0x80 [ 237.525695][T21971] do_syscall_64+0x4a/0x90 [ 237.526428][T21971] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 237.527447][T21971] RIP: 0033:0x4665d9 [ 237.528140][T21971] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 237.530932][T21971] RSP: 002b:00007f94c660c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 237.532332][T21971] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665d9 [ 237.533700][T21971] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003 [ 237.534836][T21971] RBP: 00007f94c660c1d0 R08: 000200000000e228 R09: 0000000000000000 [ 237.536180][T21971] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 237.537398][T21971] R13: 00007ffc46e01fdf R14: 00007f94c660c300 R15: 0000000000022000 [ 237.562202][ T4470] FAT-fs (loop5): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 237.577751][T21944] loop0: detected capacity change from 0 to 264192 [ 237.597316][T21944] loop0: p1 p2 p3 p4 [ 237.598557][T21944] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 237.599764][T21993] loop3: detected capacity change from 0 to 264192 [ 237.602276][T21944] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 237.608881][T21944] loop0: p4 size 3657465856 extends beyond EOD, truncated 08:40:14 executing program 0: syz_read_part_table(0x1000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 237.649302][T21993] loop3: p1 p2 p3 p4 [ 237.650673][T21993] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 237.652251][T21993] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 237.653760][T21993] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 237.682934][T22016] loop0: detected capacity change from 0 to 264192 [ 237.706039][T21993] loop3: detected capacity change from 0 to 264192 [ 237.709676][ T1135] loop0: p1 p2 p3 p4 [ 237.711005][ T1135] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 237.712518][ T1135] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 237.713973][ T1135] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 237.717674][T22016] loop0: p1 p2 p3 p4 [ 237.719043][T22016] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 237.721680][T22016] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 237.723312][T22016] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 237.729443][T21993] loop3: p1 p2 p3 p4 [ 237.730968][T21993] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 237.732809][T21993] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 237.739312][T21993] loop3: p4 size 3657465856 extends beyond EOD, truncated 08:40:14 executing program 3: syz_read_part_table(0x1200000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 237.760625][T15432] print_req_error: 25 callbacks suppressed [ 237.760636][T15432] blk_update_request: I/O error, dev loop0, sector 264064 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 237.763713][ T704] blk_update_request: I/O error, dev loop0, sector 264064 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 237.765578][ T704] buffer_io_error: 15 callbacks suppressed [ 237.765588][ T704] Buffer I/O error on dev loop0p2, logical block 33008, async page read [ 237.767850][T22016] __loop_clr_fd: partition scan of loop0 failed (rc=-16) [ 237.771810][T22016] loop0: detected capacity change from 0 to 264192 [ 237.793812][T22061] loop3: detected capacity change from 0 to 264192 08:40:15 executing program 0: syz_read_part_table(0x80000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 237.813271][ T1135] loop0: p1 p2 p3 p4 [ 237.814466][ T1135] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 237.815984][ T1135] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 237.817848][ T1135] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 237.820627][T22061] loop3: p1 p2 p3 p4 [ 237.822258][T22061] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 237.825292][T22016] loop0: p1 p2 p3 p4 [ 237.826492][T22061] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 237.827948][T22016] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 237.830536][T22061] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 237.832603][T22016] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 237.835391][T22016] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 237.861840][T22061] loop3: detected capacity change from 0 to 264192 [ 237.922149][T22061] loop3: p1 p2 p3 p4 [ 237.927956][T22061] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 237.930345][T22061] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 237.931948][T22061] loop3: p4 size 3657465856 extends beyond EOD, truncated 08:40:15 executing program 3: syz_read_part_table(0x1300000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 237.966014][T22107] loop0: detected capacity change from 0 to 264192 [ 237.990719][T22107] loop0: p1 p2 p3 p4 [ 237.992484][T22107] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 237.998651][T22107] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 238.004220][T22107] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 238.052637][T15344] blk_update_request: I/O error, dev loop0, sector 264033 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 238.054776][ T704] blk_update_request: I/O error, dev loop0, sector 264033 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 238.056731][ T704] Buffer I/O error on dev loop0p3, logical block 263808, async page read [ 238.059593][T15432] blk_update_request: I/O error, dev loop0, sector 495 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 238.059646][T15339] blk_update_request: I/O error, dev loop0, sector 264064 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 238.061301][ T704] blk_update_request: I/O error, dev loop0, sector 495 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 238.064653][ T704] Buffer I/O error on dev loop0p1, logical block 1, async page read [ 238.066001][ T704] blk_update_request: I/O error, dev loop0, sector 264064 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 238.067885][ T704] Buffer I/O error on dev loop0p4, logical block 33008, async page read [ 238.070552][T15370] blk_update_request: I/O error, dev loop0, sector 264064 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 238.072551][ T704] blk_update_request: I/O error, dev loop0, sector 264064 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 238.074415][ T704] Buffer I/O error on dev loop0p2, logical block 33008, async page read [ 238.075438][T22121] loop3: detected capacity change from 0 to 264192 [ 238.079547][T22107] __loop_clr_fd: partition scan of loop0 failed (rc=-16) [ 238.088446][ T704] Buffer I/O error on dev loop0p3, logical block 263809, async page read [ 238.090322][ T704] Buffer I/O error on dev loop0p3, logical block 263810, async page read [ 238.091792][ T704] Buffer I/O error on dev loop0p3, logical block 263811, async page read [ 238.093467][ T704] Buffer I/O error on dev loop0p3, logical block 263812, async page read [ 238.094984][ T704] Buffer I/O error on dev loop0p3, logical block 263813, async page read [ 238.103478][T22107] loop0: detected capacity change from 0 to 264192 [ 238.129804][T22121] loop3: p1 p2 p3 p4 [ 238.131136][T22121] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 238.133062][T22121] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 238.134664][T22121] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 238.137133][T22107] loop0: p1 p2 p3 p4 [ 238.138430][T22107] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 238.141247][T22107] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 238.145765][T22107] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 238.184825][T22121] __loop_clr_fd: partition scan of loop3 failed (rc=-16) 08:40:15 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x68) 08:40:15 executing program 0: syz_read_part_table(0x100000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 238.206998][T22121] loop3: detected capacity change from 0 to 264192 08:40:15 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) r1 = openat$cgroup_ro(r0, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r3 = syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x7e, 0x1, &(0x7f0000000400)=[{&(0x7f0000000340)="b8a49e289a335aefe5267e68fb0bfd6a7e397f9adc2c98ac7630711b51cd09c4ab45387425b7df57cf2d87b73605475bebbb52e74df47529fc04d77494d69efb03594c4286bff9b38874b5f2803d5bf94412a64b606dc6b6f00dbe5c5a5194975e55549708b22b59c4759f428211e88e64dcf22e231dca71a7f189c073f98b40cab80b3353c82c8bcbd65aa6fcc56c2d14ed710e8e4b59dceef24a428620fff1ae4826fb4297982e9e", 0xa9, 0xffffffff995ce781}], 0x848002, &(0x7f0000000440)={[{@discard}], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_eq}, {@smackfshat={'smackfshat', 0x3d, '!'}}]}) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r3, 0x84009422, &(0x7f0000000500)={0x0, 0x0, {0x0, @struct}, {}, {0x0, @struct}}) preadv(r1, &(0x7f0000001680)=[{&(0x7f0000000040)=""/5, 0x5}], 0x1, 0x0, 0x0) r4 = openat$full(0xffffffffffffff9c, &(0x7f00000002c0), 0x1, 0x0) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="fb43000000000000000001"], 0x30}}, 0x0) sendmsg$NL80211_CMD_SET_MULTICAST_TO_UNICAST(r4, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x1c, r5, 0x100, 0x70bd2d, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}, @NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x4) 08:40:15 executing program 1 (fault-call:9 fault-nth:47): pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x0) 08:40:15 executing program 3: syz_read_part_table(0x2000000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 238.236892][T22163] loop0: detected capacity change from 0 to 264192 [ 238.253592][T22121] loop3: p1 p2 p3 p4 [ 238.255769][T22121] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 238.258184][T22121] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 238.265634][T22163] loop0: p1 p2 p3 p4 [ 238.266835][T22163] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 238.269973][T22163] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 238.271445][T22121] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 238.271889][T22163] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 238.284206][T22183] new mount options do not match the existing superblock, will be ignored [ 238.304935][T22183] loop4: detected capacity change from 0 to 158951 [ 238.323425][T22163] loop0: detected capacity change from 0 to 264192 [ 238.328715][T22183] new mount options do not match the existing superblock, will be ignored [ 238.333809][T22204] loop4: detected capacity change from 0 to 158951 [ 238.336906][T22190] loop3: detected capacity change from 0 to 264192 [ 238.355286][T22213] netlink: 1312 bytes leftover after parsing attributes in process `syz-executor.1'. [ 238.357101][T22213] FAULT_INJECTION: forcing a failure. [ 238.357101][T22213] name failslab, interval 1, probability 0, space 0, times 0 [ 238.359335][T22213] CPU: 0 PID: 22213 Comm: syz-executor.1 Not tainted 5.13.0-rc5-syzkaller #0 [ 238.360562][T22213] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 238.362256][T22213] Call Trace: [ 238.362753][T22213] dump_stack+0x137/0x19d [ 238.363538][T22213] should_fail+0x23c/0x250 [ 238.364320][T22213] ? __build_skb+0x2d/0x170 [ 238.365186][T22213] __should_failslab+0x81/0x90 [ 238.366138][T22213] should_failslab+0x5/0x20 [ 238.366955][T22213] kmem_cache_alloc+0x46/0x2f0 [ 238.367756][T22213] __build_skb+0x2d/0x170 [ 238.368595][T22213] netlink_sendmsg+0x443/0x7c0 [ 238.369409][T22213] ? netlink_getsockopt+0x720/0x720 [ 238.370307][T22213] kernel_sendmsg+0x97/0xd0 [ 238.371026][T22213] sock_no_sendpage+0x84/0xb0 [ 238.371784][T22213] ? __receive_sock+0x20/0x20 [ 238.372620][T22213] kernel_sendpage+0x187/0x200 [ 238.373565][T22213] ? __receive_sock+0x20/0x20 [ 238.374269][T22213] sock_sendpage+0x5a/0x70 [ 238.374971][T22213] pipe_to_sendpage+0x128/0x160 [ 238.375790][T22213] ? sock_fasync+0xc0/0xc0 [ 238.376583][T22213] __splice_from_pipe+0x207/0x500 [ 238.377541][T22213] ? generic_splice_sendpage+0xb0/0xb0 [ 238.378694][T22213] generic_splice_sendpage+0x80/0xb0 [ 238.379564][T22213] ? iter_file_splice_write+0x750/0x750 [ 238.380601][T22213] do_splice+0x9aa/0xd30 [ 238.381319][T22213] ? vfs_write+0x50c/0x770 [ 238.382040][T22213] ? __fget_light+0x21b/0x260 [ 238.382879][T22213] __se_sys_splice+0x2a6/0x390 [ 238.383584][T22213] __x64_sys_splice+0x74/0x80 [ 238.384455][T22213] do_syscall_64+0x4a/0x90 [ 238.385084][T22213] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 238.386184][T22213] RIP: 0033:0x4665d9 [ 238.386865][T22213] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 238.389982][T22213] RSP: 002b:00007f94c660c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 238.391194][T22213] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665d9 [ 238.392356][T22213] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003 [ 238.393631][T22213] RBP: 00007f94c660c1d0 R08: 000200000000e228 R09: 0000000000000000 [ 238.394958][T22213] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 238.396256][T22213] R13: 00007ffc46e01fdf R14: 00007f94c660c300 R15: 0000000000022000 [ 238.400801][T22163] loop0: p1 p2 p3 p4 [ 238.401924][T22163] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 238.403584][T22163] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 238.407374][T22163] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 238.410315][T22190] loop3: p1 p2 p3 p4 08:40:15 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) r1 = openat$cgroup_ro(r0, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r3 = syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x7e, 0x1, &(0x7f0000000400)=[{&(0x7f0000000340)="b8a49e289a335aefe5267e68fb0bfd6a7e397f9adc2c98ac7630711b51cd09c4ab45387425b7df57cf2d87b73605475bebbb52e74df47529fc04d77494d69efb03594c4286bff9b38874b5f2803d5bf94412a64b606dc6b6f00dbe5c5a5194975e55549708b22b59c4759f428211e88e64dcf22e231dca71a7f189c073f98b40cab80b3353c82c8bcbd65aa6fcc56c2d14ed710e8e4b59dceef24a428620fff1ae4826fb4297982e9e", 0xa9, 0xffffffff995ce781}], 0x848002, &(0x7f0000000440)={[{@discard}], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_eq}, {@smackfshat={'smackfshat', 0x3d, '!'}}]}) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r3, 0x84009422, &(0x7f0000000500)={0x0, 0x0, {0x0, @struct}, {}, {0x0, @struct}}) preadv(r1, &(0x7f0000001680)=[{&(0x7f0000000040)=""/5, 0x5}], 0x1, 0x0, 0x0) r4 = openat$full(0xffffffffffffff9c, &(0x7f00000002c0), 0x1, 0x0) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="fb43000000000000000001"], 0x30}}, 0x0) sendmsg$NL80211_CMD_SET_MULTICAST_TO_UNICAST(r4, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x1c, r5, 0x100, 0x70bd2d, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}, @NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x4) [ 238.427685][T22190] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 238.429368][T22190] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 238.430964][T22190] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 238.443095][T22228] new mount options do not match the existing superblock, will be ignored [ 238.446865][T22001] loop5: detected capacity change from 0 to 264192 [ 238.448577][T22001] FAT-fs (loop5): Unrecognized mount option "À" or missing value [ 238.452994][T22228] loop4: detected capacity change from 0 to 158951 08:40:15 executing program 0: syz_read_part_table(0x1000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:15 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) r1 = openat$cgroup_ro(r0, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r3 = syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x7e, 0x1, &(0x7f0000000400)=[{&(0x7f0000000340)="b8a49e289a335aefe5267e68fb0bfd6a7e397f9adc2c98ac7630711b51cd09c4ab45387425b7df57cf2d87b73605475bebbb52e74df47529fc04d77494d69efb03594c4286bff9b38874b5f2803d5bf94412a64b606dc6b6f00dbe5c5a5194975e55549708b22b59c4759f428211e88e64dcf22e231dca71a7f189c073f98b40cab80b3353c82c8bcbd65aa6fcc56c2d14ed710e8e4b59dceef24a428620fff1ae4826fb4297982e9e", 0xa9, 0xffffffff995ce781}], 0x848002, &(0x7f0000000440)={[{@discard}], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_eq}, {@smackfshat={'smackfshat', 0x3d, '!'}}]}) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r3, 0x84009422, &(0x7f0000000500)={0x0, 0x0, {0x0, @struct}, {}, {0x0, @struct}}) preadv(r1, &(0x7f0000001680)=[{&(0x7f0000000040)=""/5, 0x5}], 0x1, 0x0, 0x0) r4 = openat$full(0xffffffffffffff9c, &(0x7f00000002c0), 0x1, 0x0) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="fb43000000000000000001"], 0x30}}, 0x0) sendmsg$NL80211_CMD_SET_MULTICAST_TO_UNICAST(r4, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x1c, r5, 0x100, 0x70bd2d, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}, @NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x4) 08:40:15 executing program 5: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000f, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat(r1, &(0x7f00000000c0)='\x00', 0xa400, 0x10) fcntl$setstatus(r0, 0x4, 0x6900) r2 = open(&(0x7f0000002000)='./bus\x00', 0x14b042, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000f, 0x12, r3, 0x0) preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ftruncate(r2, 0x2008002) r4 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000f, 0x12, r5, 0x0) preadv(r5, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat(r5, &(0x7f0000000080)='./file0\x00', 0x2, 0x0) sendfile(r0, r4, 0x0, 0x8400fffffffa) [ 238.483079][T22190] __loop_clr_fd: partition scan of loop3 failed (rc=-16) [ 238.488865][T22190] loop3: detected capacity change from 0 to 264192 [ 238.492436][ T1135] loop0: p1 p2 p3 p4 [ 238.494087][ T1135] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 238.496026][ T1135] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 238.498195][ T1135] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 238.524427][T22190] loop3: p1 p2 p3 p4 [ 238.525511][T22190] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 238.527143][T22190] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 238.527358][T22256] new mount options do not match the existing superblock, will be ignored [ 238.528893][T22190] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 238.530395][T22253] loop5: detected capacity change from 0 to 264192 [ 238.533301][T22253] FAT-fs (loop5): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 238.536317][T22256] loop4: detected capacity change from 0 to 158951 08:40:15 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) r1 = openat$cgroup_ro(r0, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r3 = syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x7e, 0x1, &(0x7f0000000400)=[{&(0x7f0000000340)="b8a49e289a335aefe5267e68fb0bfd6a7e397f9adc2c98ac7630711b51cd09c4ab45387425b7df57cf2d87b73605475bebbb52e74df47529fc04d77494d69efb03594c4286bff9b38874b5f2803d5bf94412a64b606dc6b6f00dbe5c5a5194975e55549708b22b59c4759f428211e88e64dcf22e231dca71a7f189c073f98b40cab80b3353c82c8bcbd65aa6fcc56c2d14ed710e8e4b59dceef24a428620fff1ae4826fb4297982e9e", 0xa9, 0xffffffff995ce781}], 0x848002, &(0x7f0000000440)={[{@discard}], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_eq}, {@smackfshat={'smackfshat', 0x3d, '!'}}]}) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r3, 0x84009422, &(0x7f0000000500)={0x0, 0x0, {0x0, @struct}, {}, {0x0, @struct}}) preadv(r1, &(0x7f0000001680)=[{&(0x7f0000000040)=""/5, 0x5}], 0x1, 0x0, 0x0) r4 = openat$full(0xffffffffffffff9c, &(0x7f00000002c0), 0x1, 0x0) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="fb43000000000000000001"], 0x30}}, 0x0) sendmsg$NL80211_CMD_SET_MULTICAST_TO_UNICAST(r4, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x1c, r5, 0x100, 0x70bd2d, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}, @NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x4) 08:40:15 executing program 3: syz_read_part_table(0x2400000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:15 executing program 5: r0 = syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r1, 0x4, 0x6900) r2 = open(&(0x7f0000002000)='./bus\x00', 0x14b042, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000f, 0x12, r3, 0x0) preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ftruncate(r2, 0x2008002) r4 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) r5 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000001580)='ns/net\x00') r6 = io_uring_setup(0x625c, &(0x7f0000000080)) io_uring_register$IORING_REGISTER_FILES(r6, 0x2, &(0x7f0000000200)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_REGISTER_BUFFERS(r6, 0x6, &(0x7f0000000480)=[{0x0, 0x570000}], 0x1) r7 = io_uring_setup(0x625c, &(0x7f0000000080)) io_uring_register$IORING_REGISTER_FILES(r7, 0x2, &(0x7f0000000200)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_REGISTER_BUFFERS(r7, 0x6, &(0x7f0000000480)=[{0x0, 0x570000}], 0x1) r8 = openat(r2, &(0x7f0000001a00)='./file0\x00', 0x121100, 0xac) io_submit(0x0, 0xa, &(0x7f0000001a80)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x5, 0xb2f, 0xffffffffffffffff, &(0x7f0000003040)="4de9317189a043a3a66b1b642f9aa8c2d2bfb6ae8d91a99e8a7f3fc6b09cfe894317b17585d789119306f30fa211c6d3a19497d3de60ecade537cc7cb6af1eed173c61dadbdcd0a8d4ac98a5e55a8c42a822ad509a47a3d46c4930f282da593cb4f347a25523b112dbd35cb8139dc51381de5d2f28a829952cab6b035caa3c89544494ec88953dbe8823522d0d94e8b2cea5bb96e10e871da73ceb26d647f407722b05d17d2f39f4d1f856a371da5bcd75a8772cca5d75c265e6efb2bd6d9d1b77e5ffab26c64cc28caa19d74b6d9c766bf2e662c8fd19235a89994e2c1562014d0c244beff3baa2b779947551e948ed24650172a260a2f8a433da29d1fc16aec6c37033d8c5f23c702b8dd22d8849825993f1c0d3bc6d8da9b5366c13a9f047b26e22f992a567dc89f7d52e7f75a2b8f73b45f753a65cc0b481ecf79172192f94db3f2bff8fddc502421da1c0f8788c01a3169dda25e2199e3b06ada5aaf8fe55128b14e2e1735193a652def68f96bb08cb5eef1d98baaa704478db4ac02d5392af6ba395ee75ebeae3aeff9759211dd12f463a3c29795c30a24085a26cbbd096e7758e5bc245226e4efb0e25e56a470e1d19ccd0a9f36a4571dda92b01f81648e054ac50475aff57382fbd4b4b2c8badc5ab1325bf696cc2beaf2328f2de8bacda14ce93fcd3b1c70a9e2b08a5a76462c37381d07b524405f0427a70f12530fccbb4673fcc2dfdfb2f5162ef956d22f3f65e3de474c122f63a3aeb5efba61153123631de978fba8078e0eb377ee50e314b7586a3a1b2e03f850fa0a9c9194b7b4d2215136e569d551f5b8129475f63d9a002929764c0bff320a0e40b232dc6763215a03e1ec88884ba9f36484d6dcabd0cc019a68b80fed1d26c037bf519d9d2ba40e3c7a6a94eb063531aec1093cfe72a824a04819b5b22b66065aeb547385a320921170cd24d08c84725e02eae64f244380fd6fe97b16b9f417de97e221e3a55bf6ff081bccf3ea12af146f01479f4a50f7c547adc87abc23b8c6887d480d042b134a8637ef28f14ecbdb811a4ad316870f6dd1b197aedb2307573fdac1a8f6794f1b10970243c5c94b355ccbe9ad973f77ec4b48f93e4eae10fcf8cb1e508f3a2840330374dcc10118659fa7212033974fe2ff8bbea431ac60c009a7f331b5597647a5d446a59d3fa6089f2b63eb17cbfc476b667fad130482c7d40f625274ad3db5789a031ea80f2ce6c55a5865967f3e85cabac713ebb26b3df38941f39e00653be0d680af5a700eb791dad101517b1948a23675dd09c5be48c063f28aa265582d9e1479d9e4057215d274248db71d0e446f92670890e75edd0d82c04767e581bf149502a57be7d370d7f392aea9945dd07ab2c2c13b77d74b17343a6286049a46bca66c66b5ac2d3e589a5a6af167dee5e21bfae95cf998e2a74e13a95a6f7ccb8223d87c9e8c1555bdd44bb37a934649aa574b5961a05c0b54de3067b2d1f48c61fb4e7cc14a82d5bfb175eaab407c8436c9cf90c7c333a7838861eec180808fb03a982f4e245cfb2a7fee2f68ed767dfcca14a5a9c4e6b52ae23b30965e3fe91a4b4622a239237c2eb63e91c8587b85019ab966b256c50ca1267f9998f99d280ec662ce91ea65e31c447c66baf67a9f570eea78f0547aab59268285d372dc502e0c1bd7d2c1d852cec6919c9adb8ece69aa13abe3e2463448aedb87bf0110f020f82ab2b2945bd3a3ea3ea103697ffa7724722fcc4c1f82c26590be52a7c0c84b0fadd9067d2698445422ad0abaa4d250626897dcbbf71892cc100d9b93894fb316fc876dcf57abdd9d8d37fceb6cdca4fd3a9260a66abd37dfc7e11f61825e65674b357c00b4bb0c9c6d8ac8aaa74c2a3a760a907a010b52f7ce8a15ce8af2bc25f2c0ef93aec4b1de5b7875d0ee523147e96352458b9cc5fc28e4a8a80897150f1dea6ef50a3371049fc2601e4a8b32137984c0c3262c474d06bddbe0a8ae9886778a77dabc54b3c256b330e8ec8cb3bd6aa46b02ba6f8b1f8621c0213e1063ada487b8966d09c6cd11aa51dfca47b6adb92edc5599bc5221291639d89107687cb8cbab10d90b9ea11461f6fd96ebbae80c06651dc24f6cf5edcca168a550d0f7c3dc9fdb03a15da376e2396bf072feb0eca79ec4c5f6fc46eed51252d832f6da4c4c9d5ed1d98cb749d71a99d7e8d21a1f8d7eccac652eadd4e51d8e9a7171b7a2b67a442732a0da8e61757d420d01283886ad435bcbff470ee38f52e163e286a12ba6cdb859a5ad62bfe1e4b47d0eb70f4fca78764612c587b5e7e2ac608609c477ff67ab496101bfa377eef1b2fe60587f8abaf05f01a17c42a4649abc8680803adf5398e5edcd37b1fe5864ef7868273f4dbb724fdd25a12833b1689cb74becb8d8c7fde4ef693eef1f46af3ada88435e5caf4b87fbf1fda7f891c8e4830cc05b580fd1c86280c2e16eb56da29221d37b12702d7a320e3aad6b841595a21db6adf0cb00de83d95c98b31c07fc6fbb70b4210a765cd7e0295a6515bc1e8f0a88bf79772784bd9de389b0912131ed0a76303ee3931a88683ef8d83b99f8e10cccd211caa0505f5d5ee85e9d790195f3d76f0299d6e9a84188d11946358d1cbef14ef3d3eb902021f4099e243541c65b1e7de7add64b15c5bafe537b246783fb3e7d1f222453e3900d749144cf416dc09c352e5a14e31938f2df150a4d572a4995d4703f760cfb6f2c44ed5ba0c4e6fc8b20b4d06eebedac474d80794b21056b2906d2fc70341e38ae27091213a9e490bf3f0e5454b3d1085de79717ddb439e872a24366d2cc9c8bc45dc6432cfb07fc81912e8e2c2905794eaed21753f62909ac4b45dec4e13c88c16b965810d9431cb211b0ab2a8bfe1a0b2cc9f12c7b9a1443395a9e144d29e98a8b3a3f5d72cc38396515033379a5e6a42d5241a889aea5c6214117ef21cbacda35e66f2744e0fd0321efd40a0d463d29f050f3ee49f959c0673a063b349d2f23c24d09c9344df9669013b9cae7e71f07066c76673c1c1297bbdcb97762f26f9cd5882b640671a388ad39bb9742f1b8852af32bb6310900771689459cc5bda79a784c57075e8f52c04327dc0b6543fa52ab97debf835b881831fe6d2a0499406c392234f649d804aaf38f49328309a5ee8619a58299a3b918bea6a99dc5c590abc5d688cadc149267fd5d33b5d46e08de78b260ffa38b982750e4b76419e63d2b3cf736f6dc5e4048f9f6c82e9216edb0f52cfee4c8253fc59ad9ae9009f53cf91a63693c06f3dd629fd89616003f1791831cf313d07f8c939164f6cb960a68c812d2bfe44abb8210e8917e822130064a35ca0c04c962979af3ecf0b29de6a2d5ed1c68e05e057a1df171b0631324c67988d80928484ec6b8d0173b3e7875da98b7a79db844368242d69f6fd40fdb31586501222445033e759a67da0be6a040a0d3b86c2d5c24e06f89a0603f45074688b3ce71d4140d80a1c417037c2b974803f0dfdd1085de7a060fdfd4a84fca543ecfa4469c7a451671ba15a3ad1623071a8fcad8f6e05a4fee4718cb8cb6fec86fb0d013dfe515ba76d83cc340b1439a5dcbc45325d6a006b8ec3143a351c62d7abbb63257fc3787571be676fc4ccab504ba1730a8c968e46ec3ef3e62611243148022412d75ff667fb5f6bb52a29c037557c639ee2bcd012db22f911fd11f4907aa2a36b61d5457dd56b7565fbeb9f161e08ddad547d624b94baf177ca0a7e1cfafde48d48a6248b3688f95fd8d0cbf41a3b8257be470783bddd34ab4d45f29f7eb09402756fa0cb393ee7e919faca5774ed4386715320660657e61e74223ca4101c796b626b5f557a98feb94dc643b08c5bd87b6121d6420c58de1fb533a9e5e706737093c987625e2b95737aabf5729c6eb085d0e2dcdb3bb75ace69edea8220dab8119ffe0d166779cb5913a6e9930ac17e7626f47e60d9ea4383894aba645e59a83e6816eb848b7495b584c922256ace0ac8c3000e27ad6652909f5e2b94b1e5fa9da5c827193156d8cf42801be18eb08fd1d42185763dcf9bc9fc0bb7a7c37b8c5ed69b3f462127983baf60e4a85fed11103146d9d51d42ee5f866ac6ae69eef72a30a77abbf92fa3f1171dda0fc23191a4fd857d4e88c0e95963ca49e426e96dc05fb711419a0c4aee0cf4d273ccaaafd9ad2e90ae5451270afc195f6eb315ad901c9acdd0a4d56310fcdf4f9a76d6ab7f4bba0c3e6c969f2fec992edb3e0ced5cff4e8d63437f0bc5a612dc346060e1f8b4fceeb5cb5428d5702ec17cc3ae91f4d504c93682b95719396ef8f8bea79d8dd4ed0505b06d7dbfa9870e74d0f2dec0b7feff9aa24a21063cfdcbfa715c2bb09c4fb74c8288bf1ab1290c0e20af38d26c14682ac907a024f3cfcfd3905f7468a249c60c8abd0fa43e2e0717ef8fee8d2230c8f3fa0903a6de36b0936409aee9c8d707cd093662ce5712388f63c21391d4aabb4b9385b1b22c32ba1150ddf884c0beee66faec15ca023c4f2212e6436904f4ed79aef476148324019e618a884f7c2fc9ed63931e47ff00844c166f1610aef3ac661acab622f59b307d7791c2020d7ee6628b954d2e1a7bfb49985a64f425704543c765f677ffb78e4917c164aba407d24a41772b590b99b25be5f562576754c728f4b33e42cf3a85356a06350248f66ad08d69d7cc3b75130915381200f93443809daf26ca86ec389bcfa86e40e28e400bf28069d73ae5e3b200e5ccbe7a24b1157717fb39c5a79ca87dd03408b449f0a3e224d60a12dd52f0ae49711467b0602e855516224a28c212d86d061482a090a2de3e8d8cf1989a0fed0c471600b45b92429febe6977a38a25d6d8ad791e3d268b2e616511158c66cf74a7a9d4ce8d720bdd2bb584a1e1eddd3a1b8188a896a2b484abd721f3bcbc41aede85febbc76eb15fccfcea8e3a8e33a287f475688c8caa8092a3d8cbb4a996b6ebbf3aa8839df912e87644cf48bbe7a2aff617aa3bfcd03b1bf5a41499bb4338581c362b6486c578c66374dde0c7e0694ce1086f8031c791bbd3a5c2ea9384a1896519d15c70fa5f079d4ab8b1089dfc0b75dba0672af163ddf1363b5c876a8bd056e8f6ff2838bfe4610ea171a4313e2de80ba68d97d6aa0ed6c6786245f570fc5090d7d7f735d393e0f790ad510974cd745026db5119b0215c0aa599c9205b72ebe12813b32ec0044c98abc920c6b18bce465b800de1a01b99d10a38958519540f7ecfa0d9b70530a0921e12b57cc6cb31de713f462ddcc77fa8652360d6dc22fda48537d65344bf19ba8d0ce2fcdc9d7b136f28a7f2177ca26e0e1720ca64eb954f212d35c4f5abb566f47cd9b7763f27cb199ee33cba7f98aa19b179da5be930355681c6dc279c5437e43e8fd3fbcd5fef22ca3ac0076d36538d22b23ed1da57c03335f1ee6303eb3d58cac20ca0d1aa4d0837752a5f31f944fa7d5a8e344b5ddceff493a150db4dfcaf1fee0380c68aa7662ba33fbb65851a99c73ff38763a46d58291cd30a8e3bca7ecbc8e668c110eff784d0ddc34067a858c13eb48aa4cd07a45ee53c0c2cc9cade3f56c3b73f8104c538c2db256d77faf6d6f93f238d7370817cd78f5163a7f45ac4c0729869ef440dc9eefc0475e1ce773d1daa03d811bcd474179b8f4efc12249640e7b74d6b17bd8f55ba3c2d8e33443dfbb3c15dfd7669285cc1f0d5e61a01884d07a31264b37c47a864266abcdae36b3c5e5f1003f6589b9ac0687ff44a9bf78eb3f5dd61e8dc09365b87fece57e490702ea", 0x1000, 0x6, 0x0, 0x3}, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x3, 0x5da0, 0xffffffffffffffff, &(0x7f0000000140)="32a5ec87384201ec3767dcffad708ff9286bdba5a2bd86c6355b215f8008fbe85dca1e0458596c60e862b5fd634471e0ee0c64e4eb631c53108e8b40084858d02aed4139b360477c1510f439dfbea626fdf531a565ee1cf3cca35a2208bfd2737b6225b9fb820349b7be23bd8f33351f6292c211afd85bc8845469251e4fa63e4f45a3b47a54a2cd0d2f6966e510e1da3ef4c2a5673877c89031989fdef9a791c4fdb9dc3819", 0xa6, 0x80000000, 0x0, 0x2}, &(0x7f0000001300)={0x0, 0x0, 0x0, 0x0, 0x401, 0xffffffffffffffff, &(0x7f0000000280), 0x0, 0x0, 0x0, 0x6}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x5, 0x40, 0xffffffffffffffff, &(0x7f0000001380)="6ad3955407bf1e457c6fdd9444bda809513e953b6041c203008321d0a5227350de96ab4782554b69645a8f8a71f68b2a3560209ff3345bde9110df1b7c1c7c796f1b724581123690306f4884cfadf59ab360ab5f59777d22b24fb7ad17bb612730021987bb4560e23a17747eb2a9a772db3edd90b4d1dbf8538f20b308383c025a75983c0b8099d7ad87a7fc009962f2f92555970fc513b2ffe2f0947855d1c6ba6dca834c", 0xa5, 0x7, 0x0, 0x3}, &(0x7f0000001540)={0x0, 0x0, 0x0, 0x1, 0x1, 0xffffffffffffffff, &(0x7f0000001480)="248f8605e05f553e3720923dc6df30436780142afcfa51c3b1675f37aebda53375e346d93fa6e4b966c668bb79176fdae3a499d6226263b49beb9437f9f343469b6f5dc88cf8ce3bb287e44e091ad2daffdfac2b49a3dd6f6f614d0f682b330003db3c08dfcd7cb5985160eba00fa57206e1ad4d8bd43972b488a266ac64a5f0738824da54f5b3e9fba87754ba913351906b5ab479eecf3d1459095cb33250406759fd0b4f9a73f8cd4b3302f2ae731ebdbfb1514efb793bdbc3", 0xba, 0x800, 0x0, 0x1, r4}, &(0x7f0000001680)={0x0, 0x0, 0x0, 0x1, 0x7, r5, &(0x7f00000015c0)="b97a8486dda99a8295fb50e2391f1ca087bb18fc0c040f51ce0c33c70e3de15ec7467bb4d7bc73acde7a0a1eaa6e8ed34f02b9b59afb2216e46977a52ed0a1d55058b2f7e145d0d6839c4bb881e000b7acf0baabf93e27367d076f9a41b4866214b6d2e7b8203a290c6de0357fb4618d7cbc20a6ed7b0b2aa927902b6f725d4a894e2fe4d80bbca0ee46fc497cfbe4fe136e182e3438a5ea2e719fd84ed8b1", 0x9f, 0x3ff, 0x0, 0x1, r4}, &(0x7f0000001780)={0x0, 0x0, 0x0, 0x8, 0x2, r1, &(0x7f00000016c0)="76711b0e85d822a1b95aac25ea470d8c345fc8190cc6a6df4cfaa56a67bfedc23e16388549bc98b480c2d89b16b064851e7e2459bdc7d025b91b111c7dc7e14bbe01195db1c79e6e3566e464c747e732aca5a1190867496b3f7208e39626c70c9469ff9f39460bd08e114d234e219330778e17108c8cbb5efc25a5b489bfc7ef88f41a3a741fb03bf45948a7e813c9b013f70eb08f01fbd815358607f85466430c68f5152725ef40cd67d34d1179e73476b778b6", 0xb4, 0x7, 0x0, 0x3, r3}, &(0x7f00000018c0)={0x0, 0x0, 0x0, 0x7, 0x0, r0, &(0x7f00000017c0)="233a222865e21ee9480f7b853bd21b9dff8de7d655b4f7c5716e1502da8f380200454c5d5fff45096a2cf4402bbaa47fbe35523d3f867ee50562c3fcf048f88dab43200710cadbbb96b00eb4bdccf6c14e57a1b5379db84f591cf38f275486d0f1bedc760bec5618be822acebecdb5941c59bc0dc0909c84a0fc0f5014d6eca26280828f9c6fde408cd80de123eae831621dd25c3469a275cdf2f9944f681589d472d0bb5857adeb72374325b2eb673c4cb240c95f2e0d45a5992376b036c501ea5a11fad0620110d5b52348ddbdc3c9", 0xd0, 0x2, 0x0, 0x2, r1}, &(0x7f0000001900)={0x0, 0x0, 0x0, 0x8, 0x0, r6, &(0x7f0000002040)="3ebe50212676df319080b4b2e4c9d4b13d977c1f65cd77f25fe31128c89744ce33d1d4f84de9a884506a2bb7fbe5a1d9e19c1e6f4c309b186b7db55265163227bd2f89a381bda8afbc4a193412bcef36e07c2d338cde737cc35ae90ca45de3c8b9e76df0bea13877f81780aacefe15273baef6aa85e1626dea91a5b490538f543dd7d7c19c2902955c0de64f4007d15232fc625093c895ede393fad31075da12494616440955c72ba5d5172dd456681946b8f59f4ab7b93fc6ddff8bbeb41a125faf392182552022d05beda208afd1a21c7727337bcca27e33eff30a41a71afe00a71c559b69124f663d510f8e47a460fef5dd11daf97e52178003112125354450a4da1bc587871646e0bee0599b5890743d3581b8ff6ada6b888eb28b926070791f05b3adde23abf1cb14add6a843976322cd1139ba513688572b0f0231372995ee1c3bbe6cba0dd7d6f82856470e0a465a0e6d555f4c75d4581e5a897c41e790281ef9d87250eb1e1a7089ddfbb9a750c99492849f80c5eb83e7118131bc5cc3fdd94949e97cfecb3e64ad6b304cfda03958d2192a2dab92413b8dbc24a123a7f7e0edd018e23bc4644f1546c45acd59eaba6df486d7f82f9f979cf529422fde704d97265893982818a6b327986289d325e24f8d7ea9c7f4ec762afa221f4a1c63e12dd98614ee8f0b0e9c3c5e0de47642c3f17c1aa336555befe66f592e437f1175917f96bf521923185f7bcc061665e7dac5531821e837a06bc355db060a9191caaa7f8ac2e7b847da1e2d7c24011648e397244027abe3eb12dbd31e2a641fe0359eb4971429fa6e3f0bf7d1834714a2612e3ecc9b7a6cd402fbb6e2494cc9967b34e33590ddf5890b02235e2d7f7f0c4884c64f64b0cf2f43382122c9ed7825c2e17b2d24d130163be2f6230a9df8e26c2679e501e87b8191cac39d58092c29dcda8fc1daeaf6ac754d4aab5a81a0d42a6dcb4494a695ad71f3722a8d14b5c7db780f2cfdd00fb049669a0a517dddd51bd27889c67d2acecc3706b7eda060abe77e79901405d4da3cb631cc7552467eb475f56f73f8818ade1f121671562a8d86cc464445490b6d89c43dd87375fb74b1bf4938d5852f19aed61396df65c59f095c1a743bf14325427372277d2382b9c446762109f5d7ab511bc5477a25a9339e7e0136908de834faa122777f2859fdf10f9833e92ba9fe8060312d15d3eceebe26b6c6e2e15a2bb45b960f73be8afe1833344e10fb65833c979483cea69f84c0f563e9fa567ce3dd1ae165ba2d0f4636fc9bcd63ac295b263d142e4da08c151d2b9334f2d9be73a9e711d2a89e633b963139dc37af421506ffca8c92eba9becd02df1c2fb2c106374fef2bd1dedd4959601790f1e954f6c1cb985767157bb71e65bbf58792bb8f7c376752b48dd9b97e00a8a73ca7470f68f8dad3ef1d49266b858dd8aa385cd19f25e46de4ca41e4fb7b531e3c75e9a3097eed800851e6490bd818dcd1fe9dd6ccd66f761fb38ba7ef97dbc43b2fdeba4f3d969271998663e69dcc8a109901e6478d7ad22bf1676d241b98a56de5e9d81b6afa51bbfe3ace8e71a65885034ec25dfc2d37437abbc6b4123fd7ae1a81c5ee0a369d19044f54a997bef636c84240a26913b985e5ef821ce4368a94de418ebeb1380cc9d90d44e5eb93b0f65e1b68671e0e98766143ed445cf72eaf5faec06e60ca5b1e7135de6f7a67c9ba2d384e182a5df70b12f7f243935244cdfee2043f5871b9184a039f2bd58d3c6222008fd9b7eea3f45ff7e7dd984abddd02134c5940d5c05ce0b7b5930ec282913254bc5db3a335548ff1749337c9227f3fe6cec5114f728199921c5d0aa751ef4c25330aa4893ffee527011c8461df59fbcd6a0dd38d5c16805f72256927efc90f0a1b7181090ce4b7173ad8dc0c40829223df0559a4eb29567eee3a6b5fdeee7953729d58436ec6b772eb8ed7aa7cdeb51dfd9871920d9c091ac422cf867ac9f23fc4396131b4c09cbe149a1fb9c7ec0d73945c68b18ede2e188d011e1bc6187d123b30e128b73523d7ff547d1e7ddba05c9bc9984c236b624f0114fa22da0f0a8a631c056f3d1aa8704e12a4c877c520b174e5acad2c9eab96b8e7a77d4d9a49e1c01e21bd2be62891399bc6a2f1e98b7d27cdeee63b438175141371cd3c969c75bd336b127d5fbf1b4de7cdebf931d4485bbc27403620fe4ebf777354f9d540461d1db53d21505ee2ec7d749b993a4442e7fea3fbf154799c4666d779e971148a49a1752541eaef39dd73ce106397101f72144c54f8292dde83bf66b5b778df63c305e9c788b56a3b79698d8a9c54d81d5df18ad84bbfac007ec4a7b47b7b7c8bead308e7b2c028b0095bfe93c2a9a8ad8f01d0f3a34d4600a4b267aac961edf3bb22d63bdd7f469c3da899c389ac01562da62b32e3b66ff16570fad6a3802a62ba97f6cf909e2729041354d1d1f591cf796d53a289426afd19e5d19bff3f086153def96633118d2db39c1e32122bdbd8a071572d8705f46c76242e77994f04f3e545db865c9d866fb9700b9f7d9b455de41dfec730ef949e8bc84e96a5276a2260851a1f4b4818f09253cab721f8b84485768f6e566b54fe0dc10ab0fdbb3ad31c9fed46f0504b617adfb19557eb8561e48a76358122a1a5cdec3550a196ebcd7c26b881a9881ba272bb898934f75ead29d5545c48224887988411de7ae8790b28017ac9d731e7ae1c0325860d7748e699bd6165fe33209ad67282ee5dd1b4c31e110adcd75a6581d980bfa72c5b84cdf815c6c16434fe34d6a80878b202ff74f386e999f99a295b803d1b76b4599e28fb2b2a036c99b8eb4cd39acf9bc4355509da9e076325007e98389f99880cb39cbdbc908844622a1b2ed1b7e44a8f3e1708819a0f62aadcf4c0f443ab5239aba0bc7d91fff2beed8783b393e5af8726a879e98d3be1d95fe2b13091c65cc6d8df080d3346bdf6dfd1d839d017526ada7963a634bb557efc8d9ad464fc99893961a00a85298971c55f74ebaced2cf36142954f9cf494413eef8c9ad72f8275de4689a466eea2a8d7da19e510835f743d7ccbdf1375aca70434050d20ab19be2a6109cbfd6b1e50ce2d15f40800f8220191870ee3a34fed6dfe0da482e6856ef126d76a6503060539e9403f3676200cbf48d3e2dc4f77cf70789e6433a4cc8a205c657e5f3559a69ba81f27f196f230e488fc0413ddc4954ac1474a665c794471c557d9ce4154aa26a531ffe368fa76ff6ebe93f76d088afe67c4c89440904ce56bbe33b37ec6d29c4264bbcae72c7d9c6637b34d219e19e7f19bd88565db41579f15cc8c177e4bd778c882cb900664272cbe017366584a24936df66be2432e427aebbbd4bbc04aeb73b2c84bfd4b9e7c1ea77c90e1c60fe17fd07f8b2989715146609316cde329e0cab8db317d56ed983fcca4c3b237bb98692ee39d317b17b9c2f25a4d6ae100a512f510be1d6754914700f711edbc69b2480cc68ad4fa7d83e51bfe4365c6f1933aea43f5247d713b6d4d90ec0f8c22a8aba4cac96a6d7eb9e91d283f2471bf5709fcaf43ad8c4695495ee04836664054b8ab45aeff0d3a167e455d691110e42f2034ca38c32e2d088fd662b6a69cba2bff26f0a70fc47f44f88385555ba206bfd50fcc4147438fc1d9f1a8ccac19ef2d1c8080327e40cba5979162b7b9bb560533c436a720291096607ab4d3f03d7fca6fb1671b549db900e4e84e8ab8c88266536425dbb67281464bfc85ca36659d3eac67f6749e37f73e399c397c839fb397643264653ab1af19ca30edcff8a6420c91fa49a28d432fcca04cffea80a9178c71a3fffbef9c56911d692615a3e8de8e3fe75a0c58a7a0b6325185209b5f82c92734b9b4b6c85cc01835b8f3d8a604e11fd4c272789a5bb8c512b47e8eb763fdc190b44d28dfaafb85c8309eebcb76f45c161c5a5c6bb7a79f145c4c6687346e6aad2854a6210fcc9e8c2800b9ff7de23dc5b6b0be321f54e0fa3c65bdabd6a36c3f5c67c71b83c717db60d5cc2b127f5d3943710dd163ec265750dd2553b4974d43711624af2453a19ca53f7b4e05184c7e2b9320659bd6ee3a48f6289a6325fb6f94d016ca9d28bf78dfbc9243c7ea2b1bf9666b0358ec047eaf03910801dfa36732dda11cd35d76ede95a1a9c87a5333cb7c9417b084f2f97bc054d437ebbd413c6daa8f16b5b8ba2bf6543cbcdaafa680fe13e1ddfd17cd93de2d6edd4514108335757f624bf5dafe266e7aa40019aa6bfe33d2819a220ab4c85d60186ce99fb063fc965329a8469d566b64a50cd2ba52ee6c940996deddf159a7fec7189ea6cd53ac1b0fdfea797264a08cf397d7b3137fc4f24a4f5e89cd08ec7ab93b8cd81badb2d2f6e8da170e64bf2df5381473708c7d446d56ce43f1a85478c821b7b0c7cf0fe5367ad4b069f864466a76c4293f271245ec5a299ff05b750607e254c16b6efc14d6d2bac50f1ee93e2c6624bec17a494950e96ac45cd3b5e99029cfaf75c40a9fac531deac4a5c1c80361e5f239ab11d6cc26befd8a4a31571a2bb6969e4d8f3521268cae46aad42cd0eed6d3c2f1a7862f24f43d92c782ec632210f1f43c654c0632acd01a37347732b80b9377dd28e4e355e5b962b65069b42a534fe0cfa94ed42e4d20e7a442c190d18c8e39d9383f832d2e783545610ced7c2702aa11d8220d1b7d614f5b9835d7bb17044782de262672f502db7c1a98b9960b234e5eec5abe5bd2ba08fa834cb8cb28d8ff4327589e8339f55ef750355dc1512fc8531a77f425a3515dd0650be80de329867d95bb5fb07c1a752050e79d412196be79992342b632fc200bfb7ce43bceb03c77521e1a14e25e8b6ae9a698532a1a853dfc0185c25720c1b9a66711860d63d696a120de7eb882e8970afd1188462d13abe6041c06307941820f21b8aee3995fd043d8f2800a312da9347a5f2095d010d46e4158ab1c82396bebbf5b05d3c0885aecaacac67a87d05357c4953cee8eb141eee61abab4b45f146028e4075e2ebc84d769c3d717b8f13c888aad5e22c8ebe4685ee53bd75a6e99822dd78d12a7f0ce03a61f14e9013f6cca657afbcb9a49bcf240621c4df33939f6cea8d330771182317df4e0568772666aabb9a26ae93cebd98a7246c9d75bca6c0532208bb40e24e7241ed303a4baf5df3c2476a4b07d3288a59b4a281e8f15bd547f64f43516836be372913000050c76a4a86103da5def5a48f6f43be0c34a88eeeeacd69aa6f2826968540658d916227e98d946c522d67be79ba32f227b5ced6573d5b1754425e1d25e459630d4b68817041d705f084bf52abbad45194016e750d073ef674a6a2dbf2ab37f7965ff558bd92aa5599492fa98fdd8b14f3da22b5b367b3f1829c318bb0cd9a84efe807b8a449aadfc6c3bca088050756e63c55969698421e5ca836a8773e9797a11e185f54fe88f06e4660a09e8cbe4f34873e40d1d868f436762a1e59647d5b0a999a3aae90c131146cad1159c32114e3bc5380b7d363094c2751b5cb7a0bf0f2cbcc74971692335d5d656e44f8c344300433bb6e73b8aec335b58af18805cf56a99be76ea8a983293f2de2a3f454b48fa98493f7fd139f31d8547e8dc30e99ad8137fd6b04fdcaeedb17a868f1ba564393e220a7c8bf2cd42c891db9817cda452dc447aa6a57c6feedd5924889141b63cc0336c42d2cdbcc65a5a0f3f9e0bd07429bd7fb40a9e6495466ba38181e431231c666701d68e7be045b3d917b65ba9e6389f3cd37c9", 0x1000, 0x1, 0x0, 0x1, r4}, &(0x7f0000001a40)={0x0, 0x0, 0x0, 0x3, 0x7fff, r7, &(0x7f0000001940)="6af97b0db1898e02a65c5782509aa18af97b7c0d953f4aabbff56e78033c07ba3af2b4a1aa5ba81759a4b772f91f2203fa40412d6a2f802194f608489f4211ecab8407be7e4775657e1e310733f245575c1003a5855591b7f941498cdd5cc9f72680427c9f77ae8ac9cdd488be4372e4991c8f841ce6c306edf308811ad903e6c4cfa61b07e5de6bd093066f88052a7e7cea34cd00d5b089d7c170", 0x9b, 0xfffffffffffffffd, 0x0, 0x1, r8}]) sendfile(r1, r4, 0x0, 0x8400fffffffa) [ 238.607953][T22280] loop0: detected capacity change from 0 to 264192 [ 238.617209][T22285] new mount options do not match the existing superblock, will be ignored [ 238.624045][T22285] loop4: detected capacity change from 0 to 158951 [ 238.628569][T22290] loop3: detected capacity change from 0 to 264192 [ 238.639795][ T98] FAT-fs (loop5): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 238.649733][T22280] loop0: p1 p2 p3 p4 [ 238.660133][T22280] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 238.662015][T22280] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 238.663390][T22290] loop3: p1 p2 p3 p4 [ 238.664428][T22280] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 238.664586][T22290] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 238.666959][T22290] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 238.668508][T22290] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 238.708945][T22280] loop0: detected capacity change from 0 to 264192 [ 238.711484][T22315] loop5: detected capacity change from 0 to 264192 [ 238.713522][T22315] FAT-fs (loop5): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 238.720250][T22280] loop0: p1 p2 p3 p4 [ 238.722156][T22280] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 238.724601][T22280] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 238.726096][T22280] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 238.732196][T22290] loop3: detected capacity change from 0 to 264192 [ 238.759860][T22290] loop3: p1 p2 p3 p4 [ 238.760967][T22290] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 238.762975][T22290] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 238.765041][T22290] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 238.782119][ T1135] loop3: p1 p2 p3 p4 [ 238.783782][ T1135] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 238.785477][ T1135] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 238.786939][ T1135] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 238.796817][ T1773] FAT-fs (loop5): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 08:40:16 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x6c) 08:40:16 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) r1 = openat$cgroup_ro(r0, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r3 = syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x7e, 0x1, &(0x7f0000000400)=[{&(0x7f0000000340)="b8a49e289a335aefe5267e68fb0bfd6a7e397f9adc2c98ac7630711b51cd09c4ab45387425b7df57cf2d87b73605475bebbb52e74df47529fc04d77494d69efb03594c4286bff9b38874b5f2803d5bf94412a64b606dc6b6f00dbe5c5a5194975e55549708b22b59c4759f428211e88e64dcf22e231dca71a7f189c073f98b40cab80b3353c82c8bcbd65aa6fcc56c2d14ed710e8e4b59dceef24a428620fff1ae4826fb4297982e9e", 0xa9, 0xffffffff995ce781}], 0x848002, &(0x7f0000000440)={[{@discard}], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_eq}, {@smackfshat={'smackfshat', 0x3d, '!'}}]}) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r3, 0x84009422, &(0x7f0000000500)={0x0, 0x0, {0x0, @struct}, {}, {0x0, @struct}}) preadv(r1, &(0x7f0000001680)=[{&(0x7f0000000040)=""/5, 0x5}], 0x1, 0x0, 0x0) openat$full(0xffffffffffffff9c, &(0x7f00000002c0), 0x1, 0x0) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="fb43000000000000000001"], 0x30}}, 0x0) 08:40:16 executing program 0: syz_read_part_table(0x2000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 239.099296][T22372] loop0: detected capacity change from 0 to 264192 [ 239.101151][T22371] new mount options do not match the existing superblock, will be ignored [ 239.103269][T22371] loop4: detected capacity change from 0 to 158951 08:40:16 executing program 1 (fault-call:9 fault-nth:48): pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x0) 08:40:16 executing program 3: syz_read_part_table(0x2500000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:16 executing program 5: r0 = syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r1, 0x4, 0x6900) r2 = open(&(0x7f0000002000)='./bus\x00', 0x14b042, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000f, 0x12, r3, 0x0) preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ftruncate(r2, 0x2008002) fsetxattr(r0, &(0x7f0000000080)=@random={'btrfs.', 'vfat\x00'}, &(0x7f00000000c0)='&\x00', 0x2, 0x1) r4 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x8400fffffffa) 08:40:16 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) r1 = openat$cgroup_ro(r0, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r3 = syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x7e, 0x1, &(0x7f0000000400)=[{&(0x7f0000000340)="b8a49e289a335aefe5267e68fb0bfd6a7e397f9adc2c98ac7630711b51cd09c4ab45387425b7df57cf2d87b73605475bebbb52e74df47529fc04d77494d69efb03594c4286bff9b38874b5f2803d5bf94412a64b606dc6b6f00dbe5c5a5194975e55549708b22b59c4759f428211e88e64dcf22e231dca71a7f189c073f98b40cab80b3353c82c8bcbd65aa6fcc56c2d14ed710e8e4b59dceef24a428620fff1ae4826fb4297982e9e", 0xa9, 0xffffffff995ce781}], 0x848002, &(0x7f0000000440)={[{@discard}], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_eq}, {@smackfshat={'smackfshat', 0x3d, '!'}}]}) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r3, 0x84009422, &(0x7f0000000500)={0x0, 0x0, {0x0, @struct}, {}, {0x0, @struct}}) preadv(r1, &(0x7f0000001680)=[{&(0x7f0000000040)=""/5, 0x5}], 0x1, 0x0, 0x0) openat$full(0xffffffffffffff9c, &(0x7f00000002c0), 0x1, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) [ 239.145955][T22381] loop3: detected capacity change from 0 to 264192 [ 239.161134][T22372] loop0: p1 p2 p3 p4 [ 239.162477][T22372] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 239.163955][T22372] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 239.165360][T22372] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 239.169848][T22381] loop3: p1 p2 p3 p4 [ 239.171007][T22381] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 239.172797][T22381] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 239.174274][T22381] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 239.191690][T22401] new mount options do not match the existing superblock, will be ignored [ 239.193985][T22390] loop5: detected capacity change from 0 to 264192 08:40:16 executing program 0: syz_read_part_table(0x4000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 239.197719][T22390] FAT-fs (loop5): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 239.203933][T22401] loop4: detected capacity change from 0 to 158951 [ 239.219299][T22406] netlink: 1312 bytes leftover after parsing attributes in process `syz-executor.1'. [ 239.221644][T22406] FAULT_INJECTION: forcing a failure. [ 239.221644][T22406] name failslab, interval 1, probability 0, space 0, times 0 [ 239.223727][T22406] CPU: 1 PID: 22406 Comm: syz-executor.1 Not tainted 5.13.0-rc5-syzkaller #0 [ 239.225056][T22406] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 239.226486][T22406] Call Trace: [ 239.227087][T22406] dump_stack+0x137/0x19d [ 239.227791][T22406] should_fail+0x23c/0x250 [ 239.228520][T22406] __should_failslab+0x81/0x90 [ 239.229310][T22406] should_failslab+0x5/0x20 [ 239.230042][T22406] kmem_cache_alloc_node_trace+0x58/0x2e0 [ 239.230953][T22406] ? __get_vm_area_node+0x11b/0x260 [ 239.231823][T22406] ? ___cache_free+0x3c/0x300 [ 239.232581][T22406] __get_vm_area_node+0x11b/0x260 [ 239.233382][T22406] ? sysvec_reschedule_ipi+0x27/0xd0 [ 239.234242][T22406] __vmalloc_node_range+0xc2/0x5b0 [ 239.235057][T22406] ? netlink_sendmsg+0x425/0x7c0 [ 239.235954][T22406] ? selinux_socket_getpeersec_dgram+0x1f4/0x250 [ 239.237039][T22406] ? netlink_sendmsg+0x425/0x7c0 [ 239.237818][T22406] vmalloc+0x5a/0x70 [ 239.238657][T22406] ? netlink_sendmsg+0x425/0x7c0 [ 239.239544][T22406] netlink_sendmsg+0x425/0x7c0 [ 239.240437][T22406] ? netlink_getsockopt+0x720/0x720 [ 239.241361][T22406] kernel_sendmsg+0x97/0xd0 [ 239.242126][T22406] sock_no_sendpage+0x84/0xb0 [ 239.242809][T22406] ? __receive_sock+0x20/0x20 [ 239.243598][T22406] kernel_sendpage+0x187/0x200 [ 239.244277][T22406] ? __receive_sock+0x20/0x20 [ 239.245100][T22406] sock_sendpage+0x5a/0x70 [ 239.245795][T22406] pipe_to_sendpage+0x128/0x160 [ 239.246606][T22406] ? sock_fasync+0xc0/0xc0 [ 239.247348][T22406] __splice_from_pipe+0x207/0x500 [ 239.248139][T22406] ? generic_splice_sendpage+0xb0/0xb0 [ 239.249114][T22406] generic_splice_sendpage+0x80/0xb0 [ 239.249868][T22406] ? iter_file_splice_write+0x750/0x750 [ 239.250815][T22406] do_splice+0x9aa/0xd30 [ 239.251496][T22406] ? vfs_write+0x50c/0x770 [ 239.252230][T22406] ? __fget_light+0x21b/0x260 [ 239.252949][T22406] __se_sys_splice+0x2a6/0x390 [ 239.253600][T22406] __x64_sys_splice+0x74/0x80 [ 239.254321][T22406] do_syscall_64+0x4a/0x90 [ 239.254986][T22406] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 239.255915][T22406] RIP: 0033:0x4665d9 [ 239.256453][T22406] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 239.259283][T22406] RSP: 002b:00007f94c660c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 239.260625][T22406] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665d9 [ 239.261984][T22406] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003 [ 239.263086][T22406] RBP: 00007f94c660c1d0 R08: 000200000000e228 R09: 0000000000000000 [ 239.264229][T22406] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 239.265588][T22406] R13: 00007ffc46e01fdf R14: 00007f94c660c300 R15: 0000000000022000 [ 239.266810][T22406] warn_alloc: 3 callbacks suppressed [ 239.266817][T22406] syz-executor.1: vmalloc size 4416 allocation failure: vm_struct allocation failed, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0 [ 239.269821][T22406] CPU: 1 PID: 22406 Comm: syz-executor.1 Not tainted 5.13.0-rc5-syzkaller #0 [ 239.271210][T22406] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 239.272628][T22406] Call Trace: [ 239.273095][T22406] dump_stack+0x137/0x19d [ 239.273742][T22406] warn_alloc+0x105/0x160 [ 239.274470][T22406] ? ___cache_free+0x3c/0x300 [ 239.275218][T22406] __vmalloc_node_range+0x222/0x5b0 [ 239.276127][T22406] ? selinux_socket_getpeersec_dgram+0x1f4/0x250 [ 239.277135][T22406] ? netlink_sendmsg+0x425/0x7c0 [ 239.277826][T22406] vmalloc+0x5a/0x70 [ 239.278450][T22406] ? netlink_sendmsg+0x425/0x7c0 [ 239.279207][T22406] netlink_sendmsg+0x425/0x7c0 [ 239.280135][T22406] ? netlink_getsockopt+0x720/0x720 [ 239.281009][T22406] kernel_sendmsg+0x97/0xd0 [ 239.281705][T22406] sock_no_sendpage+0x84/0xb0 [ 239.282479][T22406] ? __receive_sock+0x20/0x20 [ 239.283265][T22406] kernel_sendpage+0x187/0x200 [ 239.284181][T22406] ? __receive_sock+0x20/0x20 [ 239.284922][T22406] sock_sendpage+0x5a/0x70 [ 239.285886][T22406] pipe_to_sendpage+0x128/0x160 [ 239.286842][T22406] ? sock_fasync+0xc0/0xc0 [ 239.287760][T22406] __splice_from_pipe+0x207/0x500 [ 239.288564][T22406] ? generic_splice_sendpage+0xb0/0xb0 [ 239.289468][T22406] generic_splice_sendpage+0x80/0xb0 [ 239.290339][T22406] ? iter_file_splice_write+0x750/0x750 [ 239.291170][T22406] do_splice+0x9aa/0xd30 [ 239.291972][T22406] ? vfs_write+0x50c/0x770 [ 239.292701][T22406] ? __fget_light+0x21b/0x260 [ 239.293474][T22406] __se_sys_splice+0x2a6/0x390 [ 239.294201][T22406] __x64_sys_splice+0x74/0x80 [ 239.295049][T22406] do_syscall_64+0x4a/0x90 [ 239.295849][T22406] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 239.296784][T22406] RIP: 0033:0x4665d9 08:40:16 executing program 5: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) r1 = open(&(0x7f0000002000)='./bus\x00', 0x14b042, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000f, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ftruncate(r1, 0x2008002) r3 = syz_open_dev$char_raw(&(0x7f0000000080), 0x0, 0x200000) fcntl$dupfd(r3, 0x406, r2) r4 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) sendfile(r0, r4, 0x0, 0x8400fffffffa) [ 239.297358][T22406] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 239.300326][T22406] RSP: 002b:00007f94c660c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 239.301623][T22406] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665d9 [ 239.302888][T22406] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003 [ 239.304091][T22406] RBP: 00007f94c660c1d0 R08: 000200000000e228 R09: 0000000000000000 [ 239.305236][T22406] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 239.306654][T22406] R13: 00007ffc46e01fdf R14: 00007f94c660c300 R15: 0000000000022000 [ 239.307794][T22406] Mem-Info: [ 239.308271][T22406] active_anon:464 inactive_anon:89376 isolated_anon:0 [ 239.308271][T22406] active_file:5406 inactive_file:32018 isolated_file:0 [ 239.308271][T22406] unevictable:0 dirty:566 writeback:29 [ 239.308271][T22406] slab_reclaimable:4098 slab_unreclaimable:6789 [ 239.308271][T22406] mapped:62081 shmem:5498 pagetables:4213 bounce:0 [ 239.308271][T22406] free:1824521 free_pcp:287 free_cma:0 [ 239.313639][T22406] Node 0 active_anon:1856kB inactive_anon:357504kB active_file:21624kB inactive_file:128072kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:248324kB dirty:2380kB writeback:116kB shmem:21992kB writeback_tmp:0kB kernel_stack:3648kB pagetables:16852kB all_unreclaimable? no [ 239.317955][T22406] Node 0 DMA free:15360kB min:20kB low:32kB high:44kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 239.322273][T22406] lowmem_reserve[]: 0 2938 7916 7916 [ 239.323170][T22406] Node 0 DMA32 free:3013476kB min:4220kB low:7228kB high:10236kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:3013528kB mlocked:0kB bounce:0kB free_pcp:52kB local_pcp:0kB free_cma:0kB [ 239.327659][T22406] lowmem_reserve[]: 0 0 4978 4978 [ 239.328680][T22406] Node 0 Normal free:4269248kB min:7152kB low:12248kB high:17344kB reserved_highatomic:0KB active_anon:1856kB inactive_anon:357504kB active_file:22320kB inactive_file:127492kB unevictable:0kB writepending:2540kB present:5242880kB managed:5098252kB mlocked:0kB bounce:0kB free_pcp:1076kB local_pcp:376kB free_cma:0kB [ 239.333403][T22406] lowmem_reserve[]: 0 0 0 0 [ 239.334036][T22406] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 239.336276][T22406] Node 0 DMA32: 5*4kB (M) 2*8kB (M) 4*16kB (M) 4*32kB (M) 6*64kB (M) 4*128kB (M) 5*256kB (M) 5*512kB (M) 4*1024kB (M) 1*2048kB (M) 733*4096kB (M) = 3013476kB [ 239.339174][T22406] Node 0 Normal: 2*4kB (UE) 45*8kB (UME) 77*16kB (UE) 26*32kB (UE) 19*64kB (UM) 33*128kB (UME) 16*256kB (UME) 11*512kB (UM) 6*1024kB (UME) 3*2048kB (UME) 1035*4096kB (UM) = 4269248kB [ 239.342239][T22406] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 239.343597][T22406] 21586 total pagecache pages [ 239.344581][T22406] 0 pages in swap cache [ 239.345168][T22406] Swap cache stats: add 0, delete 0, find 0/0 [ 239.346101][T22406] Free swap = 0kB [ 239.346749][T22406] Total swap = 0kB [ 239.347353][T22406] 2097051 pages RAM 08:40:16 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) r1 = openat$cgroup_ro(r0, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r3 = syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x7e, 0x1, &(0x7f0000000400)=[{&(0x7f0000000340)="b8a49e289a335aefe5267e68fb0bfd6a7e397f9adc2c98ac7630711b51cd09c4ab45387425b7df57cf2d87b73605475bebbb52e74df47529fc04d77494d69efb03594c4286bff9b38874b5f2803d5bf94412a64b606dc6b6f00dbe5c5a5194975e55549708b22b59c4759f428211e88e64dcf22e231dca71a7f189c073f98b40cab80b3353c82c8bcbd65aa6fcc56c2d14ed710e8e4b59dceef24a428620fff1ae4826fb4297982e9e", 0xa9, 0xffffffff995ce781}], 0x848002, &(0x7f0000000440)={[{@discard}], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_eq}, {@smackfshat={'smackfshat', 0x3d, '!'}}]}) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r3, 0x84009422, &(0x7f0000000500)={0x0, 0x0, {0x0, @struct}, {}, {0x0, @struct}}) preadv(r1, &(0x7f0000001680)=[{&(0x7f0000000040)=""/5, 0x5}], 0x1, 0x0, 0x0) openat$full(0xffffffffffffff9c, &(0x7f00000002c0), 0x1, 0x0) [ 239.347936][T22406] 0 pages HighMem/MovableOnly [ 239.348710][T22406] 65266 pages reserved [ 239.350104][ T1768] FAT-fs (loop5): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 239.359760][T22381] loop3: detected capacity change from 0 to 264192 [ 239.375856][T22426] loop0: detected capacity change from 0 to 264192 [ 239.382109][ T1135] loop3: p1 p2 p3 p4 [ 239.383153][T22430] new mount options do not match the existing superblock, will be ignored [ 239.383420][ T1135] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 239.385405][T22430] loop4: detected capacity change from 0 to 158951 [ 239.385841][ T1135] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 239.388127][ T1135] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 239.392014][T22381] loop3: p1 p2 p3 p4 [ 239.393151][T22381] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 239.394634][T22381] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 239.396150][T22381] loop3: p4 size 3657465856 extends beyond EOD, truncated 08:40:16 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) r1 = openat$cgroup_ro(r0, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r3 = syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x7e, 0x1, &(0x7f0000000400)=[{&(0x7f0000000340)="b8a49e289a335aefe5267e68fb0bfd6a7e397f9adc2c98ac7630711b51cd09c4ab45387425b7df57cf2d87b73605475bebbb52e74df47529fc04d77494d69efb03594c4286bff9b38874b5f2803d5bf94412a64b606dc6b6f00dbe5c5a5194975e55549708b22b59c4759f428211e88e64dcf22e231dca71a7f189c073f98b40cab80b3353c82c8bcbd65aa6fcc56c2d14ed710e8e4b59dceef24a428620fff1ae4826fb4297982e9e", 0xa9, 0xffffffff995ce781}], 0x848002, &(0x7f0000000440)={[{@discard}], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_eq}, {@smackfshat={'smackfshat', 0x3d, '!'}}]}) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r3, 0x84009422, &(0x7f0000000500)={0x0, 0x0, {0x0, @struct}, {}, {0x0, @struct}}) preadv(r1, &(0x7f0000001680)=[{&(0x7f0000000040)=""/5, 0x5}], 0x1, 0x0, 0x0) 08:40:16 executing program 3: syz_read_part_table(0x2600000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 239.419715][T22426] loop0: p1 p2 p3 p4 [ 239.422095][T22426] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 239.423712][T22426] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 239.425476][T22426] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 239.447292][T22459] new mount options do not match the existing superblock, will be ignored [ 239.453863][T22459] loop4: detected capacity change from 0 to 158951 [ 239.455710][T22464] loop5: detected capacity change from 0 to 264192 [ 239.459183][T22464] FAT-fs (loop5): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 239.465409][T22470] loop3: detected capacity change from 0 to 264192 [ 239.472531][T22426] __loop_clr_fd: partition scan of loop0 failed (rc=-16) [ 239.480594][T22470] loop3: p1 p2 p3 p4 [ 239.486402][T22426] loop0: detected capacity change from 0 to 264192 [ 239.487926][T22470] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 239.489423][T22470] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 239.490966][T22470] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 239.520967][ T1135] loop0: p1 p2 p3 p4 [ 239.522063][ T1135] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 239.523637][ T1135] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 239.525010][ T1135] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 239.528276][T22426] loop0: p1 p2 p3 p4 [ 239.529435][T22426] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 239.533326][T22426] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 239.534986][T22426] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 239.540017][T22470] loop3: detected capacity change from 0 to 264192 [ 239.548509][ T1768] FAT-fs (loop5): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 239.580159][T22470] loop3: p1 p2 p3 p4 [ 239.581416][T22470] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 239.582999][T22470] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 239.584546][T22470] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 239.611023][ T1135] loop3: p1 p2 p3 p4 [ 239.612104][ T1135] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 239.613571][ T1135] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 239.615072][ T1135] loop3: p4 size 3657465856 extends beyond EOD, truncated 08:40:17 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x74) 08:40:17 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) openat$cgroup_ro(r0, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r2 = syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x7e, 0x1, &(0x7f0000000400)=[{&(0x7f0000000340)="b8a49e289a335aefe5267e68fb0bfd6a7e397f9adc2c98ac7630711b51cd09c4ab45387425b7df57cf2d87b73605475bebbb52e74df47529fc04d77494d69efb03594c4286bff9b38874b5f2803d5bf94412a64b606dc6b6f00dbe5c5a5194975e55549708b22b59c4759f428211e88e64dcf22e231dca71a7f189c073f98b40cab80b3353c82c8bcbd65aa6fcc56c2d14ed710e8e4b59dceef24a428620fff1ae4826fb4297982e9e", 0xa9, 0xffffffff995ce781}], 0x848002, &(0x7f0000000440)={[{@discard}], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_eq}, {@smackfshat={'smackfshat', 0x3d, '!'}}]}) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r2, 0x84009422, &(0x7f0000000500)={0x0, 0x0, {0x0, @struct}, {}, {0x0, @struct}}) 08:40:17 executing program 0: syz_read_part_table(0x20000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:17 executing program 1 (fault-call:9 fault-nth:49): pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x0) 08:40:17 executing program 5: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25, 0x2}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) r1 = open(&(0x7f0000002000)='./bus\x00', 0x14b042, 0x0) r2 = openat(r0, &(0x7f00000000c0)='./file0\x00', 0xa00, 0x40) r3 = openat(r1, &(0x7f0000001400)='./bus\x00', 0x400, 0x41) ftruncate(r1, 0x3) mkdir(&(0x7f0000000280)='./file0/file0\x00', 0x100) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000f, 0x12, r3, 0x0) preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ftruncate(r1, 0x2008002) preadv(r1, &(0x7f0000000240)=[{&(0x7f0000000140)=""/160, 0xfffffffffffffefc}, {&(0x7f0000000300)=""/224, 0xe0}, {&(0x7f0000002040)=""/4111, 0x100f}], 0x3, 0x7d68, 0x1) r4 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) mount(&(0x7f0000001580)=ANY=[@ANYBLOB="00000000007f00000000000000"], &(0x7f0000001440)='./file0/file0\x00', &(0x7f0000001480)='binfmt_misc\x00', 0x80, 0x0) read(r2, &(0x7f00000014c0)=""/67, 0x43) io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x6, &(0x7f0000000480)=[{0x0, 0x570000}], 0x1) mmap(&(0x7f0000565000/0x3000)=nil, 0x3000, 0x1000003, 0x10, 0xffffffffffffffff, 0x9f584000) fspick(0xffffffffffffff9c, &(0x7f0000001540)='./file0\x00', 0x0) sendfile(r0, r4, 0x0, 0x8400fffffffa) 08:40:17 executing program 3: syz_read_part_table(0x2e00000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:17 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) openat$cgroup_ro(r0, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r2 = syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x7e, 0x1, &(0x7f0000000400)=[{&(0x7f0000000340)="b8a49e289a335aefe5267e68fb0bfd6a7e397f9adc2c98ac7630711b51cd09c4ab45387425b7df57cf2d87b73605475bebbb52e74df47529fc04d77494d69efb03594c4286bff9b38874b5f2803d5bf94412a64b606dc6b6f00dbe5c5a5194975e55549708b22b59c4759f428211e88e64dcf22e231dca71a7f189c073f98b40cab80b3353c82c8bcbd65aa6fcc56c2d14ed710e8e4b59dceef24a428620fff1ae4826fb4297982e9e", 0xa9, 0xffffffff995ce781}], 0x848002, &(0x7f0000000440)={[{@discard}], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_eq}, {@smackfshat={'smackfshat', 0x3d, '!'}}]}) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r2, 0x84009422, &(0x7f0000000500)={0x0, 0x0, {0x0, @struct}, {}, {0x0, @struct}}) [ 239.984387][T22546] loop0: detected capacity change from 0 to 264192 [ 239.986822][T22549] new mount options do not match the existing superblock, will be ignored [ 239.991270][T22549] loop4: detected capacity change from 0 to 158951 [ 240.010392][T22546] loop0: p1 p2 p3 p4 [ 240.012182][T22546] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 240.029545][T22546] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 240.030984][T22546] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 240.042279][T22564] new mount options do not match the existing superblock, will be ignored [ 240.082728][T22564] loop4: detected capacity change from 0 to 158951 08:40:17 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) openat$cgroup_ro(r0, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x7e, 0x1, &(0x7f0000000400)=[{&(0x7f0000000340)="b8a49e289a335aefe5267e68fb0bfd6a7e397f9adc2c98ac7630711b51cd09c4ab45387425b7df57cf2d87b73605475bebbb52e74df47529fc04d77494d69efb03594c4286bff9b38874b5f2803d5bf94412a64b606dc6b6f00dbe5c5a5194975e55549708b22b59c4759f428211e88e64dcf22e231dca71a7f189c073f98b40cab80b3353c82c8bcbd65aa6fcc56c2d14ed710e8e4b59dceef24a428620fff1ae4826fb4297982e9e", 0xa9, 0xffffffff995ce781}], 0x848002, &(0x7f0000000440)={[{@discard}], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_eq}, {@smackfshat={'smackfshat', 0x3d, '!'}}]}) 08:40:17 executing program 0: syz_read_part_table(0x90000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:17 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) openat$cgroup_ro(r0, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x7e, 0x1, &(0x7f0000000400)=[{&(0x7f0000000340)="b8a49e289a335aefe5267e68fb0bfd6a7e397f9adc2c98ac7630711b51cd09c4ab45387425b7df57cf2d87b73605475bebbb52e74df47529fc04d77494d69efb03594c4286bff9b38874b5f2803d5bf94412a64b606dc6b6f00dbe5c5a5194975e55549708b22b59c4759f428211e88e64dcf22e231dca71a7f189c073f98b40cab80b3353c82c8bcbd65aa6fcc56c2d14ed710e8e4b59dceef24a428620fff1ae4826fb4297982e9e", 0xa9, 0xffffffff995ce781}], 0x848002, &(0x7f0000000440)={[{@discard}], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_eq}, {@smackfshat={'smackfshat', 0x3d, '!'}}]}) [ 240.116328][T22568] loop5: detected capacity change from 0 to 264192 [ 240.125750][T22568] FAT-fs (loop5): invalid media value (0x00) [ 240.126834][T22568] FAT-fs (loop5): Can't find a valid FAT filesystem [ 240.127099][T22573] loop3: detected capacity change from 0 to 264192 [ 240.147793][T22577] new mount options do not match the existing superblock, will be ignored [ 240.155656][T22577] loop4: detected capacity change from 0 to 158951 [ 240.177335][T22585] netlink: 1312 bytes leftover after parsing attributes in process `syz-executor.1'. [ 240.179056][T22585] FAULT_INJECTION: forcing a failure. [ 240.179056][T22585] name failslab, interval 1, probability 0, space 0, times 0 [ 240.180306][T22573] loop3: p1 p2 p3 p4 [ 240.181117][T22585] CPU: 0 PID: 22585 Comm: syz-executor.1 Not tainted 5.13.0-rc5-syzkaller #0 [ 240.183046][T22585] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 240.184643][T22585] Call Trace: [ 240.185124][T22585] dump_stack+0x137/0x19d [ 240.185846][T22585] should_fail+0x23c/0x250 [ 240.186452][T22585] __should_failslab+0x81/0x90 [ 240.187338][T22585] should_failslab+0x5/0x20 [ 240.187950][T22585] kmem_cache_alloc_node+0x58/0x2b0 [ 240.188750][T22585] ? alloc_vmap_area+0x12f/0x1340 [ 240.189442][T22585] alloc_vmap_area+0x12f/0x1340 [ 240.190227][T22585] ? kmem_cache_alloc_node_trace+0x1f6/0x2e0 [ 240.191247][T22585] __get_vm_area_node+0x165/0x260 [ 240.191937][T22573] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 240.191959][T22585] __vmalloc_node_range+0xc2/0x5b0 [ 240.193891][T22585] ? netlink_sendmsg+0x425/0x7c0 [ 240.194691][T22585] ? selinux_socket_getpeersec_dgram+0x1f4/0x250 [ 240.195809][T22585] ? netlink_sendmsg+0x425/0x7c0 [ 240.196577][T22585] vmalloc+0x5a/0x70 [ 240.197169][T22585] ? netlink_sendmsg+0x425/0x7c0 [ 240.197908][T22585] netlink_sendmsg+0x425/0x7c0 [ 240.198668][T22585] ? netlink_getsockopt+0x720/0x720 [ 240.199497][T22585] kernel_sendmsg+0x97/0xd0 [ 240.200151][T22585] sock_no_sendpage+0x84/0xb0 [ 240.200819][T22585] ? __receive_sock+0x20/0x20 [ 240.201594][T22585] kernel_sendpage+0x187/0x200 [ 240.202326][T22585] ? __receive_sock+0x20/0x20 [ 240.202998][T22585] sock_sendpage+0x5a/0x70 [ 240.203692][T22585] pipe_to_sendpage+0x128/0x160 [ 240.204597][T22585] ? sock_fasync+0xc0/0xc0 [ 240.205280][T22585] __splice_from_pipe+0x207/0x500 [ 240.206176][T22585] ? generic_splice_sendpage+0xb0/0xb0 [ 240.207207][T22585] generic_splice_sendpage+0x80/0xb0 [ 240.208046][T22585] ? iter_file_splice_write+0x750/0x750 [ 240.208888][T22585] do_splice+0x9aa/0xd30 [ 240.209583][T22585] ? vfs_write+0x50c/0x770 [ 240.210288][T22585] ? __fget_light+0x21b/0x260 [ 240.210891][T22573] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 240.211243][T22585] __se_sys_splice+0x2a6/0x390 [ 240.212664][T22573] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 240.213153][T22585] __x64_sys_splice+0x74/0x80 [ 240.214937][T22585] do_syscall_64+0x4a/0x90 [ 240.215714][T22585] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 240.216760][T22585] RIP: 0033:0x4665d9 [ 240.217504][T22585] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 240.220962][T22585] RSP: 002b:00007f94c660c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 240.222627][T22585] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665d9 [ 240.224073][T22585] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003 [ 240.225570][T22585] RBP: 00007f94c660c1d0 R08: 000200000000e228 R09: 0000000000000000 [ 240.226885][T22585] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 240.228220][T22585] R13: 00007ffc46e01fdf R14: 00007f94c660c300 R15: 0000000000022000 [ 240.242407][T22603] new mount options do not match the existing superblock, will be ignored [ 240.247065][T22603] loop4: detected capacity change from 0 to 158951 [ 240.248311][T22573] loop3: detected capacity change from 0 to 264192 [ 240.268956][T22612] loop0: detected capacity change from 0 to 264192 08:40:17 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) openat$cgroup_ro(r0, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x7e, 0x1, &(0x7f0000000400)=[{&(0x7f0000000340)="b8a49e289a335aefe5267e68fb0bfd6a7e397f9adc2c98ac7630711b51cd09c4ab45387425b7df57cf2d87b73605475bebbb52e74df47529fc04d77494d69efb03594c4286bff9b38874b5f2803d5bf94412a64b606dc6b6f00dbe5c5a5194975e55549708b22b59c4759f428211e88e64dcf22e231dca71a7f189c073f98b40cab80b3353c82c8bcbd65aa6fcc56c2d14ed710e8e4b59dceef24a428620fff1ae4826fb4297982e9e", 0xa9, 0xffffffff995ce781}], 0x848002, &(0x7f0000000440)={[{@discard}], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_eq}, {@smackfshat={'smackfshat', 0x3d, '!'}}]}) [ 240.293610][T22573] loop3: p1 p2 p3 p4 [ 240.301443][T22612] loop0: p1 p2 p3 p4 [ 240.305578][T22573] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 240.307042][T22573] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 240.308222][T22612] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 240.309664][T22612] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 240.317183][T22573] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 240.322744][T22612] loop0: p4 size 3657465856 extends beyond EOD, truncated 08:40:17 executing program 3: syz_read_part_table(0x3009000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 240.352706][T22628] new mount options do not match the existing superblock, will be ignored [ 240.355465][T22628] loop4: detected capacity change from 0 to 158951 [ 240.361431][ T1135] loop3: p1 p2 p3 p4 [ 240.362451][ T1135] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 240.363919][ T1135] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 240.365379][ T1135] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 240.399908][T22612] loop0: detected capacity change from 0 to 264192 [ 240.459164][T22612] loop0: p1 p2 p3 p4 [ 240.460383][T22612] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 240.461927][T22612] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 240.463441][T22612] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 240.471189][ T1135] loop0: p1 p2 p3 p4 [ 240.472348][ T1135] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 240.473931][ T1135] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 240.475367][ T1135] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 240.483109][T22658] loop3: detected capacity change from 0 to 264192 [ 240.500083][T22658] loop3: p1 p2 p3 p4 [ 240.501133][T22658] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 240.502371][T22658] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 240.504077][T22658] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 240.547975][T22568] loop5: detected capacity change from 0 to 264192 [ 240.549897][T22568] FAT-fs (loop5): Unrecognized mount option "@" or missing value [ 240.573956][T22658] loop3: detected capacity change from 0 to 264192 [ 240.620346][ T1135] loop3: p1 p2 p3 p4 [ 240.621633][ T1135] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 240.623355][ T1135] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 240.624720][ T1135] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 240.627577][T22658] loop3: p1 p2 p3 p4 [ 240.628534][T22658] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 240.630429][T22658] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 240.631769][T22658] loop3: p4 size 3657465856 extends beyond EOD, truncated 08:40:17 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x7a) 08:40:17 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) openat$cgroup_ro(r0, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x7e, 0x1, &(0x7f0000000400)=[{&(0x7f0000000340)="b8a49e289a335aefe5267e68fb0bfd6a7e397f9adc2c98ac7630711b51cd09c4ab45387425b7df57cf2d87b73605475bebbb52e74df47529fc04d77494d69efb03594c4286bff9b38874b5f2803d5bf94412a64b606dc6b6f00dbe5c5a5194975e55549708b22b59c4759f428211e88e64dcf22e231dca71a7f189c073f98b40cab80b3353c82c8bcbd65aa6fcc56c2d14ed710e8e4b59dceef24a428620fff1ae4826fb4297982e9e", 0xa9, 0xffffffff995ce781}], 0x848002, &(0x7f0000000440)={[{@discard}], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_eq}, {@smackfshat={'smackfshat', 0x3d, '!'}}]}) 08:40:17 executing program 0: syz_read_part_table(0xc0000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 240.816084][T22720] new mount options do not match the existing superblock, will be ignored [ 240.825099][T22720] loop4: detected capacity change from 0 to 158951 [ 240.825839][T22723] loop0: detected capacity change from 0 to 264192 [ 240.870520][T22723] loop0: p1 p2 p3 p4 [ 240.872004][T22723] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 240.873560][T22723] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 240.874929][T22723] loop0: p4 size 3657465856 extends beyond EOD, truncated 08:40:18 executing program 1 (fault-call:9 fault-nth:50): pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x0) 08:40:18 executing program 5: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) r1 = open(&(0x7f0000002000)='./bus\x00', 0x14b042, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000f, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ftruncate(r1, 0x200a002) r3 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) sendfile(r0, r3, 0x0, 0x8400fffffffa) 08:40:18 executing program 3: syz_read_part_table(0x3509000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:18 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) openat$cgroup_ro(r0, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x7e, 0x1, &(0x7f0000000400)=[{&(0x7f0000000340)="b8a49e289a335aefe5267e68fb0bfd6a7e397f9adc2c98ac7630711b51cd09c4ab45387425b7df57cf2d87b73605475bebbb52e74df47529fc04d77494d69efb03594c4286bff9b38874b5f2803d5bf94412a64b606dc6b6f00dbe5c5a5194975e55549708b22b59c4759f428211e88e64dcf22e231dca71a7f189c073f98b40cab80b3353c82c8bcbd65aa6fcc56c2d14ed710e8e4b59dceef24a428620fff1ae4826fb4297982e9e", 0xa9, 0xffffffff995ce781}], 0x848002, &(0x7f0000000440)={[{@discard}], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_eq}, {@smackfshat={'smackfshat', 0x3d, '!'}}]}) 08:40:18 executing program 0: syz_read_part_table(0xe0ffff00000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 240.988659][T22746] new mount options do not match the existing superblock, will be ignored [ 240.992466][T22750] loop5: detected capacity change from 0 to 264192 [ 240.997116][T22750] FAT-fs (loop5): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 241.024614][T22746] loop4: detected capacity change from 0 to 158951 [ 241.026222][T22749] loop3: detected capacity change from 0 to 264192 [ 241.027801][T22751] loop0: detected capacity change from 0 to 264192 [ 241.046743][T22762] netlink: 1312 bytes leftover after parsing attributes in process `syz-executor.1'. [ 241.051849][T22762] FAULT_INJECTION: forcing a failure. [ 241.051849][T22762] name failslab, interval 1, probability 0, space 0, times 0 [ 241.053773][T22762] CPU: 0 PID: 22762 Comm: syz-executor.1 Not tainted 5.13.0-rc5-syzkaller #0 [ 241.055133][T22762] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 241.056712][T22762] Call Trace: [ 241.057324][T22762] dump_stack+0x137/0x19d [ 241.057991][T22762] should_fail+0x23c/0x250 [ 241.058885][T22762] __should_failslab+0x81/0x90 [ 241.059749][T22762] should_failslab+0x5/0x20 [ 241.060502][T22762] kmem_cache_alloc_node_trace+0x58/0x2e0 [ 241.061486][T22762] ? __kmalloc_node+0x30/0x40 [ 241.062404][T22762] ? __get_vm_area_node+0x226/0x260 [ 241.063143][T22762] __kmalloc_node+0x30/0x40 [ 241.063860][T22762] __vmalloc_node_range+0x250/0x5b0 [ 241.064705][T22762] ? netlink_sendmsg+0x425/0x7c0 [ 241.065564][T22762] vmalloc+0x5a/0x70 [ 241.066231][T22762] ? netlink_sendmsg+0x425/0x7c0 [ 241.067139][T22762] netlink_sendmsg+0x425/0x7c0 [ 241.067891][T22762] ? netlink_getsockopt+0x720/0x720 [ 241.068755][T22762] kernel_sendmsg+0x97/0xd0 [ 241.069379][T22762] sock_no_sendpage+0x84/0xb0 [ 241.070159][T22762] ? __receive_sock+0x20/0x20 [ 241.070814][T22762] kernel_sendpage+0x187/0x200 [ 241.071654][T22762] ? __receive_sock+0x20/0x20 [ 241.072469][T22762] sock_sendpage+0x5a/0x70 [ 241.073120][T22762] pipe_to_sendpage+0x128/0x160 [ 241.073973][T22762] ? sock_fasync+0xc0/0xc0 [ 241.074678][T22762] __splice_from_pipe+0x207/0x500 [ 241.075653][T22762] ? generic_splice_sendpage+0xb0/0xb0 [ 241.076564][T22762] generic_splice_sendpage+0x80/0xb0 [ 241.077494][T22762] ? iter_file_splice_write+0x750/0x750 [ 241.078351][T22762] do_splice+0x9aa/0xd30 [ 241.079052][T22762] ? vfs_write+0x50c/0x770 [ 241.079723][T22762] ? __fget_light+0x21b/0x260 [ 241.080524][T22762] __se_sys_splice+0x2a6/0x390 [ 241.081169][T22762] __x64_sys_splice+0x74/0x80 [ 241.081877][T22762] do_syscall_64+0x4a/0x90 [ 241.082479][T22762] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 241.083379][T22762] RIP: 0033:0x4665d9 [ 241.083975][T22762] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 241.086958][T22762] RSP: 002b:00007f94c660c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 241.088239][T22762] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665d9 [ 241.089425][T22762] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003 [ 241.090553][T22762] RBP: 00007f94c660c1d0 R08: 000200000000e228 R09: 0000000000000000 [ 241.091684][T22762] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 241.093237][T22762] R13: 00007ffc46e01fdf R14: 00007f94c660c300 R15: 0000000000022000 08:40:18 executing program 5: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) r1 = open(&(0x7f0000002000)='./bus\x00', 0x14b042, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000f, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ftruncate(r1, 0x2008002) r3 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) sendfile(r0, r3, 0x0, 0x8400fffffffa) 08:40:18 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) openat$cgroup_ro(r0, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x7e, 0x1, &(0x7f0000000400)=[{&(0x7f0000000340)="b8a49e289a335aefe5267e68fb0bfd6a7e397f9adc2c98ac7630711b51cd09c4ab45387425b7df57cf2d87b73605475bebbb52e74df47529fc04d77494d69efb03594c4286bff9b38874b5f2803d5bf94412a64b606dc6b6f00dbe5c5a5194975e55549708b22b59c4759f428211e88e64dcf22e231dca71a7f189c073f98b40cab80b3353c82c8bcbd65aa6fcc56c2d14ed710e8e4b59dceef24a428620fff1ae4826fb4297982e9e", 0xa9, 0xffffffff995ce781}], 0x848002, &(0x7f0000000440)={[{@discard}], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_eq}, {@smackfshat={'smackfshat', 0x3d, '!'}}]}) [ 241.101108][T22751] loop0: p1 p2 p3 p4 [ 241.102045][T22749] loop3: p1 p2 p3 p4 [ 241.110070][T22751] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 241.111688][T22749] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 241.114161][T22751] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 241.115928][T22749] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 241.117636][T22751] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 241.118902][T22749] loop3: p4 size 3657465856 extends beyond EOD, truncated 08:40:18 executing program 0: syz_read_part_table(0x100000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 241.149535][ T4842] FAT-fs (loop5): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 08:40:18 executing program 3: syz_read_part_table(0x3e00000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 241.187800][T22779] new mount options do not match the existing superblock, will be ignored [ 241.189889][T22779] loop4: detected capacity change from 0 to 158951 [ 241.217251][T22791] loop5: detected capacity change from 0 to 264192 [ 241.217258][T22793] loop0: detected capacity change from 0 to 264192 [ 241.224668][T22791] FAT-fs (loop5): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 241.260960][T22793] loop0: p1 p2 p3 p4 [ 241.263648][T22793] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 241.265134][T22793] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 241.277185][T22793] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 241.284236][T22809] loop3: detected capacity change from 0 to 264192 [ 241.302385][T22809] loop3: p1 p2 p3 p4 [ 241.303826][T22809] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 241.305473][T22809] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 241.322325][T22809] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 241.328144][ T1768] FAT-fs (loop5): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 241.341627][T22793] loop0: detected capacity change from 0 to 264192 [ 241.401040][T22793] loop0: p1 p2 p3 p4 [ 241.402136][T22793] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 241.403676][T22793] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 241.407208][T22793] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 241.417753][T22809] loop3: detected capacity change from 0 to 264192 [ 241.458916][T22809] loop3: p1 p2 p3 p4 [ 241.462547][T22809] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 241.465931][T22809] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 241.472427][T22809] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 241.521343][ T1135] loop3: p1 p2 p3 p4 [ 241.522478][ T1135] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 241.523790][ T1135] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 241.525423][ T1135] loop3: p4 size 3657465856 extends beyond EOD, truncated 08:40:18 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x300) 08:40:18 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) openat$cgroup_ro(r0, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x7e, 0x1, &(0x7f0000000400)=[{&(0x7f0000000340)="b8a49e289a335aefe5267e68fb0bfd6a7e397f9adc2c98ac7630711b51cd09c4ab45387425b7df57cf2d87b73605475bebbb52e74df47529fc04d77494d69efb03594c4286bff9b38874b5f2803d5bf94412a64b606dc6b6f00dbe5c5a5194975e55549708b22b59c4759f428211e88e64dcf22e231dca71a7f189c073f98b40cab80b3353c82c8bcbd65aa6fcc56c2d14ed710e8e4b59dceef24a428620fff1ae4826fb4297982e9e", 0xa9, 0xffffffff995ce781}], 0x848002, &(0x7f0000000440)={[{@discard}], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_eq}, {@smackfshat={'smackfshat', 0x3d, '!'}}]}) 08:40:18 executing program 5: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000080)="601c9ac13ebcea4a7e253c00088020000200000004f80000200040000000b0f71624535aef851c2e6e3cd85da8e61644fc96de7f4d020ab6a431dc2e3f68c7f2528c7df3162085bfa035f0a76478bfae6cfd5c263b0866ba0000c50000000000000000000000000000000ac2", 0x6c}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) r1 = open(&(0x7f0000002000)='./bus\x00', 0x14b042, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000f, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ftruncate(r1, 0x2008002) r3 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) sendfile(r0, r3, 0x0, 0x8400fffffffa) [ 241.705419][T22880] new mount options do not match the existing superblock, will be ignored [ 241.714489][T22880] loop4: detected capacity change from 0 to 158951 [ 241.730244][T22883] loop5: detected capacity change from 0 to 264192 [ 241.760327][T22883] FAT-fs (loop5): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 38652) [ 241.761954][T22883] FAT-fs (loop5): count of clusters too big (957079038) [ 241.763063][T22883] FAT-fs (loop5): Can't find a valid FAT filesystem 08:40:19 executing program 1 (fault-call:9 fault-nth:51): pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x0) 08:40:19 executing program 0: syz_read_part_table(0x200000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:19 executing program 3: syz_read_part_table(0x3f00000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:19 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) openat$cgroup_ro(r0, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x7e, 0x1, &(0x7f0000000400)=[{&(0x7f0000000340)="b8a49e289a335aefe5267e68fb0bfd6a7e397f9adc2c98ac7630711b51cd09c4ab45387425b7df57cf2d87b73605475bebbb52e74df47529fc04d77494d69efb03594c4286bff9b38874b5f2803d5bf94412a64b606dc6b6f00dbe5c5a5194975e55549708b22b59c4759f428211e88e64dcf22e231dca71a7f189c073f98b40cab80b3353c82c8bcbd65aa6fcc56c2d14ed710e8e4b59dceef24a428620fff1ae4826fb4297982e9e", 0xa9, 0xffffffff995ce781}], 0x848002, &(0x7f0000000440)={[{@discard}], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_eq}, {@smackfshat={'smackfshat', 0x3d, '!'}}]}) [ 241.910409][T22898] loop3: detected capacity change from 0 to 264192 [ 241.917395][T22899] new mount options do not match the existing superblock, will be ignored [ 241.921105][T22896] loop0: detected capacity change from 0 to 264192 [ 241.927295][T22899] loop4: detected capacity change from 0 to 158951 [ 241.930561][T22898] loop3: p1 p2 p3 p4 [ 241.931860][T22898] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 241.934820][T22898] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 241.939882][T22898] loop3: p4 size 3657465856 extends beyond EOD, truncated 08:40:19 executing program 3: syz_read_part_table(0x4000000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:19 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) openat$cgroup_ro(r0, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x7e, 0x1, &(0x7f0000000400)=[{&(0x7f0000000340)="b8a49e289a335aefe5267e68fb0bfd6a7e397f9adc2c98ac7630711b51cd09c4ab45387425b7df57cf2d87b73605475bebbb52e74df47529fc04d77494d69efb03594c4286bff9b38874b5f2803d5bf94412a64b606dc6b6f00dbe5c5a5194975e55549708b22b59c4759f428211e88e64dcf22e231dca71a7f189c073f98b40cab80b3353c82c8bcbd65aa6fcc56c2d14ed710e8e4b59dceef24a428620fff1ae4826fb4297982e9e", 0xa9, 0xffffffff995ce781}], 0x848002, &(0x7f0000000440)={[{@discard}], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_eq}, {@smackfshat={'smackfshat', 0x3d, '!'}}]}) [ 241.962107][T22911] netlink: 1312 bytes leftover after parsing attributes in process `syz-executor.1'. [ 241.964503][T22911] FAULT_INJECTION: forcing a failure. [ 241.964503][T22911] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 241.966723][T22911] CPU: 1 PID: 22911 Comm: syz-executor.1 Not tainted 5.13.0-rc5-syzkaller #0 [ 241.968117][T22911] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 241.969760][T22911] Call Trace: [ 241.970278][T22911] dump_stack+0x137/0x19d [ 241.970921][T22911] should_fail+0x23c/0x250 [ 241.971641][T22911] __alloc_pages+0x102/0x320 [ 241.972298][T22911] __vmalloc_node_range+0x319/0x5b0 [ 241.973117][T22911] ? netlink_sendmsg+0x425/0x7c0 [ 241.973855][T22911] vmalloc+0x5a/0x70 [ 241.974468][T22911] ? netlink_sendmsg+0x425/0x7c0 [ 241.975265][T22911] netlink_sendmsg+0x425/0x7c0 [ 241.976042][T22911] ? netlink_getsockopt+0x720/0x720 [ 241.976957][T22911] kernel_sendmsg+0x97/0xd0 [ 241.977685][T22911] sock_no_sendpage+0x84/0xb0 [ 241.978383][T22911] ? __receive_sock+0x20/0x20 [ 241.979103][T22911] kernel_sendpage+0x187/0x200 [ 241.979849][T22911] ? __receive_sock+0x20/0x20 [ 241.980628][T22911] sock_sendpage+0x5a/0x70 [ 241.981316][T22911] pipe_to_sendpage+0x128/0x160 [ 241.982110][T22911] ? sock_fasync+0xc0/0xc0 [ 241.982801][T22911] __splice_from_pipe+0x207/0x500 [ 241.983616][T22911] ? generic_splice_sendpage+0xb0/0xb0 [ 241.984430][T22911] generic_splice_sendpage+0x80/0xb0 [ 241.985172][T22911] ? iter_file_splice_write+0x750/0x750 [ 241.986089][T22911] do_splice+0x9aa/0xd30 [ 241.986786][T22911] ? vfs_write+0x50c/0x770 [ 241.987536][T22911] ? __fget_light+0x21b/0x260 [ 241.988357][T22911] __se_sys_splice+0x2a6/0x390 [ 241.989014][T22911] __x64_sys_splice+0x74/0x80 [ 241.989660][T22911] do_syscall_64+0x4a/0x90 [ 241.990416][T22911] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 241.991316][T22911] RIP: 0033:0x4665d9 [ 241.991937][T22911] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 241.994814][T22911] RSP: 002b:00007f94c660c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 241.996065][T22911] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665d9 [ 241.997212][T22911] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003 [ 241.998461][T22911] RBP: 00007f94c660c1d0 R08: 000200000000e228 R09: 0000000000000000 [ 241.999643][T22911] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 242.000986][T22911] R13: 00007ffc46e01fdf R14: 00007f94c660c300 R15: 0000000000022000 [ 242.005460][T22896] loop0: p1 p2 p3 p4 [ 242.017910][T22896] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 242.034196][T22896] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 242.041168][T22896] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 242.045336][T22923] new mount options do not match the existing superblock, will be ignored [ 242.048844][T22923] loop4: detected capacity change from 0 to 158951 [ 242.050828][T22927] loop3: detected capacity change from 0 to 264192 08:40:19 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) openat$cgroup_ro(r0, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x7e, 0x1, &(0x7f0000000400)=[{&(0x7f0000000340)="b8a49e289a335aefe5267e68fb0bfd6a7e397f9adc2c98ac7630711b51cd09c4ab45387425b7df57cf2d87b73605475bebbb52e74df47529fc04d77494d69efb03594c4286bff9b38874b5f2803d5bf94412a64b606dc6b6f00dbe5c5a5194975e55549708b22b59c4759f428211e88e64dcf22e231dca71a7f189c073f98b40cab80b3353c82c8bcbd65aa6fcc56c2d14ed710e8e4b59dceef24a428620fff1ae4826fb4297982e9e", 0xa9, 0xffffffff995ce781}], 0x848002, &(0x7f0000000440)={[{@discard}], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_eq}, {@smackfshat={'smackfshat', 0x3d, '!'}}]}) [ 242.090888][T22927] loop3: p1 p2 p3 p4 [ 242.093637][T22927] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 242.095864][T22927] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 242.098689][T22927] loop3: p4 size 3657465856 extends beyond EOD, truncated 08:40:19 executing program 0: syz_read_part_table(0x204000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 242.159680][T22940] new mount options do not match the existing superblock, will be ignored [ 242.164536][T22940] loop4: detected capacity change from 0 to 158951 08:40:19 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x7e, 0x1, &(0x7f0000000400)=[{&(0x7f0000000340)="b8a49e289a335aefe5267e68fb0bfd6a7e397f9adc2c98ac7630711b51cd09c4ab45387425b7df57cf2d87b73605475bebbb52e74df47529fc04d77494d69efb03594c4286bff9b38874b5f2803d5bf94412a64b606dc6b6f00dbe5c5a5194975e55549708b22b59c4759f428211e88e64dcf22e231dca71a7f189c073f98b40cab80b3353c82c8bcbd65aa6fcc56c2d14ed710e8e4b59dceef24a428620fff1ae4826fb4297982e9e", 0xa9, 0xffffffff995ce781}], 0x848002, &(0x7f0000000440)={[{@discard}], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_eq}, {@smackfshat={'smackfshat', 0x3d, '!'}}]}) [ 242.227002][T22927] loop3: detected capacity change from 0 to 264192 [ 242.228544][T22956] loop0: detected capacity change from 0 to 264192 [ 242.246237][T22962] new mount options do not match the existing superblock, will be ignored [ 242.248438][T22962] loop4: detected capacity change from 0 to 158951 [ 242.261054][ T1135] loop0: p1 p2 p3 p4 [ 242.262116][T22927] loop3: p1 p2 p3 p4 [ 242.270778][T22927] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 242.272275][ T1135] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 242.273576][T22927] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 242.275062][ T1135] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 242.276719][T22927] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 242.278228][ T1135] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 242.282318][T22956] loop0: p1 p2 p3 p4 [ 242.283529][T22956] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 242.285323][T22956] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 242.287266][T22956] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 242.329202][ T1135] loop3: p1 p2 p3 p4 [ 242.330546][ T1135] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 242.331944][ T1135] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 242.333662][ T1135] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 242.344646][T22956] __loop_clr_fd: partition scan of loop0 failed (rc=-16) [ 242.347498][T22956] loop0: detected capacity change from 0 to 264192 [ 242.383164][T22956] loop0: p1 p2 p3 p4 [ 242.384457][T22956] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 242.386252][T22956] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 242.388379][T22956] loop0: p4 size 3657465856 extends beyond EOD, truncated 08:40:19 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x500) 08:40:19 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x7e, 0x1, &(0x7f0000000400)=[{&(0x7f0000000340)="b8a49e289a335aefe5267e68fb0bfd6a7e397f9adc2c98ac7630711b51cd09c4ab45387425b7df57cf2d87b73605475bebbb52e74df47529fc04d77494d69efb03594c4286bff9b38874b5f2803d5bf94412a64b606dc6b6f00dbe5c5a5194975e55549708b22b59c4759f428211e88e64dcf22e231dca71a7f189c073f98b40cab80b3353c82c8bcbd65aa6fcc56c2d14ed710e8e4b59dceef24a428620fff1ae4826fb4297982e9e", 0xa9, 0xffffffff995ce781}], 0x848002, &(0x7f0000000440)={[{@discard}], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_eq}, {@smackfshat={'smackfshat', 0x3d, '!'}}]}) [ 242.560990][T23023] new mount options do not match the existing superblock, will be ignored [ 242.563437][T23023] loop4: detected capacity change from 0 to 158951 [ 242.609501][T23024] loop5: detected capacity change from 0 to 264192 [ 242.613152][T23024] FAT-fs (loop5): Unrecognized mount option "" or missing value 08:40:19 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setreuid(0x0, r1) setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in=@multicast1, @in=@dev={0xac, 0x14, 0x14, 0xa}, 0x4e23, 0x0, 0x4e24, 0x200, 0xa, 0x80, 0x20, 0x32, 0x0, r1}, {0x7fffffff, 0x20, 0xfffffffffffffff8, 0xffffffffffffff80, 0x1ff, 0x8, 0x6, 0x3}, {0xfffffffffffffffc, 0x2, 0x0, 0x7}, 0x9, 0x0, 0x0, 0x0, 0x3, 0x1}, {{@in6=@mcast1, 0x4d6, 0x32}, 0xa, @in=@loopback, 0x3501, 0x1, 0x3, 0x1f, 0x2, 0x1, 0x7ff}}, 0xe8) syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r2, 0x4, 0x6900) r3 = open(&(0x7f0000002000)='./bus\x00', 0x14b042, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000f, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ftruncate(r3, 0x2008002) r5 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) sendfile(r2, r5, 0x0, 0x8400fffffffa) 08:40:19 executing program 3: syz_read_part_table(0x4000080000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:19 executing program 1 (fault-call:9 fault-nth:52): pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x0) 08:40:19 executing program 0: syz_read_part_table(0x300000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:19 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x7e, 0x1, &(0x7f0000000400)=[{&(0x7f0000000340)="b8a49e289a335aefe5267e68fb0bfd6a7e397f9adc2c98ac7630711b51cd09c4ab45387425b7df57cf2d87b73605475bebbb52e74df47529fc04d77494d69efb03594c4286bff9b38874b5f2803d5bf94412a64b606dc6b6f00dbe5c5a5194975e55549708b22b59c4759f428211e88e64dcf22e231dca71a7f189c073f98b40cab80b3353c82c8bcbd65aa6fcc56c2d14ed710e8e4b59dceef24a428620fff1ae4826fb4297982e9e", 0xa9, 0xffffffff995ce781}], 0x848002, &(0x7f0000000440)={[{@discard}], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_eq}, {@smackfshat={'smackfshat', 0x3d, '!'}}]}) 08:40:19 executing program 5: r0 = syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r1, 0x4, 0x6900) r2 = open(&(0x7f0000002000)='./bus\x00', 0x14b042, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000f, 0x12, r3, 0x0) preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ftruncate(r2, 0x2008002) r4 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendfile(r0, r4, &(0x7f00000000c0)=0x8000, 0x40) r5 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) sendfile(r1, r5, 0x0, 0x8400fffffffa) 08:40:20 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x7e, 0x1, &(0x7f0000000400)=[{&(0x7f0000000340)="b8a49e289a335aefe5267e68fb0bfd6a7e397f9adc2c98ac7630711b51cd09c4ab45387425b7df57cf2d87b73605475bebbb52e74df47529fc04d77494d69efb03594c4286bff9b38874b5f2803d5bf94412a64b606dc6b6f00dbe5c5a5194975e55549708b22b59c4759f428211e88e64dcf22e231dca71a7f189c073f98b40cab80b3353c82c8bcbd65aa6fcc56c2d14ed710e8e4b59dceef24a428620fff1ae4826fb4297982e9e", 0xa9, 0xffffffff995ce781}], 0x848002, &(0x7f0000000440)={[{@discard}], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_eq}, {@smackfshat={'smackfshat', 0x3d, '!'}}]}) [ 242.819868][T23043] loop3: detected capacity change from 0 to 264192 [ 242.834567][T23047] loop4: detected capacity change from 0 to 158951 [ 242.834766][T23048] loop0: detected capacity change from 0 to 264192 [ 242.841036][T23054] loop5: detected capacity change from 0 to 264192 [ 242.847227][T23054] FAT-fs (loop5): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 242.872617][T23043] loop3: p1 p2 p3 p4 [ 242.872691][T23048] loop0: p1 p2 p3 p4 [ 242.875013][T23048] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 242.878616][T23043] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 242.881386][T23043] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 242.892499][T23048] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 242.893976][T23048] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 242.895116][T23066] netlink: 1312 bytes leftover after parsing attributes in process `syz-executor.1'. [ 242.903928][T23066] FAULT_INJECTION: forcing a failure. [ 242.903928][T23066] name failslab, interval 1, probability 0, space 0, times 0 [ 242.906217][T23066] CPU: 1 PID: 23066 Comm: syz-executor.1 Not tainted 5.13.0-rc5-syzkaller #0 [ 242.907603][T23066] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 242.907867][T23043] loop3: p4 size 3657465856 extends beyond EOD, [ 242.909082][T23066] Call Trace: [ 242.909090][T23066] dump_stack+0x137/0x19d [ 242.909111][T23066] should_fail+0x23c/0x250 [ 242.910086][T23043] truncated [ 242.910552][T23066] ? __build_skb+0x2d/0x170 [ 242.913170][T23066] __should_failslab+0x81/0x90 [ 242.913993][T23066] should_failslab+0x5/0x20 [ 242.915017][T23066] kmem_cache_alloc+0x46/0x2f0 [ 242.915902][T23066] __build_skb+0x2d/0x170 [ 242.916562][T23066] netlink_sendmsg+0x443/0x7c0 [ 242.917305][T23066] ? netlink_getsockopt+0x720/0x720 [ 242.918119][T23066] kernel_sendmsg+0x97/0xd0 [ 242.918821][T23066] sock_no_sendpage+0x84/0xb0 [ 242.919586][T23066] ? __receive_sock+0x20/0x20 [ 242.920285][T23066] kernel_sendpage+0x187/0x200 [ 242.921176][T23066] ? __receive_sock+0x20/0x20 [ 242.921920][T23066] sock_sendpage+0x5a/0x70 08:40:20 executing program 5: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) r1 = open(&(0x7f0000002000)='./bus\x00', 0x14b042, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000f, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ftruncate(r1, 0x2008002) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) sendfile(r0, r2, 0x0, 0x7f) [ 242.922684][T23066] pipe_to_sendpage+0x128/0x160 [ 242.923605][T23066] ? sock_fasync+0xc0/0xc0 [ 242.924324][T23066] __splice_from_pipe+0x207/0x500 [ 242.925235][T23066] ? generic_splice_sendpage+0xb0/0xb0 [ 242.926259][T23066] generic_splice_sendpage+0x80/0xb0 [ 242.927056][T23066] ? iter_file_splice_write+0x750/0x750 [ 242.928009][T23066] do_splice+0x9aa/0xd30 [ 242.928699][T23066] ? vfs_write+0x50c/0x770 [ 242.929440][T23066] ? __fget_light+0x21b/0x260 [ 242.930165][T23066] __se_sys_splice+0x2a6/0x390 [ 242.930878][T23066] __x64_sys_splice+0x74/0x80 [ 242.931632][T23066] do_syscall_64+0x4a/0x90 [ 242.932377][T23066] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 242.933363][T23066] RIP: 0033:0x4665d9 [ 242.933913][T23066] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 242.936970][T23066] RSP: 002b:00007f94c660c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 242.938252][T23066] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665d9 [ 242.939492][T23066] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003 [ 242.940763][T23066] RBP: 00007f94c660c1d0 R08: 000200000000e228 R09: 0000000000000000 [ 242.942022][T23066] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 242.943339][T23066] R13: 00007ffc46e01fdf R14: 00007f94c660c300 R15: 0000000000022000 [ 242.954389][T23071] loop4: detected capacity change from 0 to 158951 [ 242.978314][ T4842] FAT-fs (loop5): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 08:40:20 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x7e, 0x1, &(0x7f0000000400)=[{&(0x7f0000000340)="b8a49e289a335aefe5267e68fb0bfd6a7e397f9adc2c98ac7630711b51cd09c4ab45387425b7df57cf2d87b73605475bebbb52e74df47529fc04d77494d69efb03594c4286bff9b38874b5f2803d5bf94412a64b606dc6b6f00dbe5c5a5194975e55549708b22b59c4759f428211e88e64dcf22e231dca71a7f189c073f98b40cab80b3353c82c8bcbd65aa6fcc56c2d14ed710e8e4b59dceef24a428620fff1ae4826fb4297982e9e", 0xa9, 0xffffffff995ce781}], 0x848002, &(0x7f0000000440)={[{@discard}], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_eq}, {@smackfshat={'smackfshat', 0x3d, '!'}}]}) [ 243.002477][T15339] print_req_error: 65 callbacks suppressed [ 243.002485][T15339] blk_update_request: I/O error, dev loop0, sector 264033 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 243.006938][T15432] blk_update_request: I/O error, dev loop0, sector 264064 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 243.010306][T15364] blk_update_request: I/O error, dev loop0, sector 495 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 243.013537][T15422] blk_update_request: I/O error, dev loop0, sector 264064 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 243.015780][ T704] blk_update_request: I/O error, dev loop0, sector 264064 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 243.017857][ T704] buffer_io_error: 45 callbacks suppressed [ 243.017945][ T704] Buffer I/O error on dev loop0p4, logical block 33008, async page read [ 243.020661][T23048] __loop_clr_fd: partition scan of loop0 failed (rc=-16) [ 243.021884][ T704] blk_update_request: I/O error, dev loop0, sector 264064 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 243.024032][ T704] Buffer I/O error on dev loop0p2, logical block 33008, async page read [ 243.028323][ T704] blk_update_request: I/O error, dev loop0, sector 264033 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 243.030168][ T704] Buffer I/O error on dev loop0p3, logical block 263808, async page read [ 243.032457][ T704] blk_update_request: I/O error, dev loop0, sector 264034 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 243.034186][ T704] Buffer I/O error on dev loop0p3, logical block 263809, async page read [ 243.035548][ T704] blk_update_request: I/O error, dev loop0, sector 264035 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 243.037495][ T704] Buffer I/O error on dev loop0p3, logical block 263810, async page read [ 243.038708][ T704] blk_update_request: I/O error, dev loop0, sector 495 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 243.040420][ T704] Buffer I/O error on dev loop0p1, logical block 1, async page read [ 243.042011][ T704] Buffer I/O error on dev loop0p3, logical block 263811, async page read [ 243.043426][ T704] Buffer I/O error on dev loop0p3, logical block 263812, async page read [ 243.043962][T23048] loop0: detected capacity change from 0 to 264192 [ 243.044845][ T704] Buffer I/O error on dev loop0p3, logical block 263813, async page read [ 243.047305][T23043] loop3: detected capacity change from 0 to 264192 08:40:20 executing program 4: mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x7e, 0x1, &(0x7f0000000400)=[{&(0x7f0000000340)="b8a49e289a335aefe5267e68fb0bfd6a7e397f9adc2c98ac7630711b51cd09c4ab45387425b7df57cf2d87b73605475bebbb52e74df47529fc04d77494d69efb03594c4286bff9b38874b5f2803d5bf94412a64b606dc6b6f00dbe5c5a5194975e55549708b22b59c4759f428211e88e64dcf22e231dca71a7f189c073f98b40cab80b3353c82c8bcbd65aa6fcc56c2d14ed710e8e4b59dceef24a428620fff1ae4826fb4297982e9e", 0xa9, 0xffffffff995ce781}], 0x848002, &(0x7f0000000440)={[{@discard}], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_eq}, {@smackfshat={'smackfshat', 0x3d, '!'}}]}) [ 243.055119][T23083] loop4: detected capacity change from 0 to 158951 [ 243.068268][T23043] loop3: p1 p2 p3 p4 [ 243.069648][T23043] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 243.072203][T23043] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 243.074150][ T1135] loop0: p1 p2 p3 p4 [ 243.074282][T23043] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 243.076463][ T1135] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 243.078051][ T1135] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 243.085908][T23109] loop5: detected capacity change from 0 to 264192 [ 243.090357][ T1135] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 243.095491][T23048] loop0: p1 p2 p3 p4 [ 243.096708][T23048] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 243.097727][T23109] FAT-fs (loop5): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 243.098534][T23048] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 243.108116][T23048] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 243.116748][T23124] loop4: detected capacity change from 0 to 158951 [ 243.135333][ T4842] FAT-fs (loop5): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 08:40:20 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x520) 08:40:20 executing program 3: syz_read_part_table(0x4800000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:20 executing program 0: syz_read_part_table(0x400000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 243.432201][T23150] loop0: detected capacity change from 0 to 264192 [ 243.449505][T23153] loop3: detected capacity change from 0 to 264192 [ 243.452178][T23150] loop0: p1 p2 p3 p4 [ 243.453440][T23150] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 243.455208][T23150] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 243.456987][T23150] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 243.491086][T23153] loop3: p1 p2 p3 p4 [ 243.492362][T23153] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 243.494054][T23153] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 243.495737][T23153] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 243.513357][T23150] loop0: detected capacity change from 0 to 264192 [ 243.555575][T23150] loop0: p1 p2 p3 p4 [ 243.556699][T23150] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 243.558063][T23150] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 243.559847][T23150] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 243.578349][T23153] loop3: detected capacity change from 0 to 264192 [ 243.597605][T23153] loop3: p1 p2 p3 p4 [ 243.599422][T23153] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 243.615402][T23153] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 243.617302][T23153] loop3: p4 size 3657465856 extends beyond EOD, truncated 08:40:20 executing program 1 (fault-call:9 fault-nth:53): pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x0) 08:40:20 executing program 5: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) chdir(&(0x7f0000000080)='./bus\x00') fcntl$setstatus(r0, 0x4, 0x6900) r1 = open(&(0x7f0000002000)='./bus\x00', 0x14b042, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000f, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ftruncate(r1, 0x2008002) r3 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) sendfile(r0, r3, 0x0, 0x8400fffffffa) 08:40:20 executing program 4: mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x7e, 0x1, &(0x7f0000000400)=[{&(0x7f0000000340)="b8a49e289a335aefe5267e68fb0bfd6a7e397f9adc2c98ac7630711b51cd09c4ab45387425b7df57cf2d87b73605475bebbb52e74df47529fc04d77494d69efb03594c4286bff9b38874b5f2803d5bf94412a64b606dc6b6f00dbe5c5a5194975e55549708b22b59c4759f428211e88e64dcf22e231dca71a7f189c073f98b40cab80b3353c82c8bcbd65aa6fcc56c2d14ed710e8e4b59dceef24a428620fff1ae4826fb4297982e9e", 0xa9, 0xffffffff995ce781}], 0x848002, &(0x7f0000000440)={[{@discard}], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_eq}, {@smackfshat={'smackfshat', 0x3d, '!'}}]}) 08:40:20 executing program 0: syz_read_part_table(0x500000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:20 executing program 3: syz_read_part_table(0x4c00000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:20 executing program 4: mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x7e, 0x1, &(0x7f0000000400)=[{&(0x7f0000000340)="b8a49e289a335aefe5267e68fb0bfd6a7e397f9adc2c98ac7630711b51cd09c4ab45387425b7df57cf2d87b73605475bebbb52e74df47529fc04d77494d69efb03594c4286bff9b38874b5f2803d5bf94412a64b606dc6b6f00dbe5c5a5194975e55549708b22b59c4759f428211e88e64dcf22e231dca71a7f189c073f98b40cab80b3353c82c8bcbd65aa6fcc56c2d14ed710e8e4b59dceef24a428620fff1ae4826fb4297982e9e", 0xa9, 0xffffffff995ce781}], 0x848002, &(0x7f0000000440)={[{@discard}], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_eq}, {@smackfshat={'smackfshat', 0x3d, '!'}}]}) [ 243.694926][T23212] loop4: detected capacity change from 0 to 158951 [ 243.710116][T23213] loop5: detected capacity change from 0 to 264192 [ 243.718770][T23213] FAT-fs (loop5): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 243.739816][T23222] loop0: detected capacity change from 0 to 264192 [ 243.743794][T23221] loop3: detected capacity change from 0 to 264192 [ 243.751076][T23222] loop0: p1 p2 p3 p4 [ 243.752355][T23222] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 243.755389][T23222] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 243.758437][T23222] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 243.765728][T23221] loop3: p1 p2 p3 p4 [ 243.771582][T23221] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 243.781345][T23231] loop4: detected capacity change from 0 to 158951 [ 243.787587][T23221] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 243.796192][T23221] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 243.830342][T23241] netlink: 1312 bytes leftover after parsing attributes in process `syz-executor.1'. [ 243.844831][T23241] FAULT_INJECTION: forcing a failure. [ 243.844831][T23241] name failslab, interval 1, probability 0, space 0, times 0 [ 243.847037][T23241] CPU: 0 PID: 23241 Comm: syz-executor.1 Not tainted 5.13.0-rc5-syzkaller #0 [ 243.848492][T23241] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 243.850108][T23241] Call Trace: [ 243.850591][T23241] dump_stack+0x137/0x19d [ 243.851310][T23241] should_fail+0x23c/0x250 [ 243.852042][T23241] ? __build_skb+0x2d/0x170 [ 243.852876][T23241] __should_failslab+0x81/0x90 [ 243.853678][T23241] should_failslab+0x5/0x20 [ 243.854388][T23241] kmem_cache_alloc+0x46/0x2f0 [ 243.855246][T23241] __build_skb+0x2d/0x170 [ 243.856319][T23241] netlink_sendmsg+0x443/0x7c0 [ 243.857189][T23241] ? netlink_getsockopt+0x720/0x720 [ 243.858094][T23241] kernel_sendmsg+0x97/0xd0 [ 243.858909][T23241] sock_no_sendpage+0x84/0xb0 [ 243.859758][T23241] ? __receive_sock+0x20/0x20 [ 243.860493][T23241] kernel_sendpage+0x187/0x200 [ 243.861235][T23241] ? __receive_sock+0x20/0x20 [ 243.861956][T23241] sock_sendpage+0x5a/0x70 [ 243.862856][T23241] pipe_to_sendpage+0x128/0x160 [ 243.863696][T23241] ? sock_fasync+0xc0/0xc0 [ 243.864413][T23241] __splice_from_pipe+0x207/0x500 [ 243.865323][T23241] ? generic_splice_sendpage+0xb0/0xb0 [ 243.866172][T23241] generic_splice_sendpage+0x80/0xb0 [ 243.867011][T23241] ? iter_file_splice_write+0x750/0x750 [ 243.867941][T23241] do_splice+0x9aa/0xd30 [ 243.868701][T23241] ? vfs_write+0x50c/0x770 [ 243.869437][T23241] ? __fget_light+0x21b/0x260 [ 243.870222][T23241] __se_sys_splice+0x2a6/0x390 [ 243.871024][T23241] __x64_sys_splice+0x74/0x80 [ 243.871818][T23241] do_syscall_64+0x4a/0x90 [ 243.872530][T23241] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 243.873496][T23241] RIP: 0033:0x4665d9 [ 243.874065][T23241] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 243.876903][T23241] RSP: 002b:00007f94c660c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 243.878116][T23241] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665d9 [ 243.879342][T23241] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003 08:40:21 executing program 4: mkdirat(0xffffffffffffff9c, 0x0, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x7e, 0x1, &(0x7f0000000400)=[{&(0x7f0000000340)="b8a49e289a335aefe5267e68fb0bfd6a7e397f9adc2c98ac7630711b51cd09c4ab45387425b7df57cf2d87b73605475bebbb52e74df47529fc04d77494d69efb03594c4286bff9b38874b5f2803d5bf94412a64b606dc6b6f00dbe5c5a5194975e55549708b22b59c4759f428211e88e64dcf22e231dca71a7f189c073f98b40cab80b3353c82c8bcbd65aa6fcc56c2d14ed710e8e4b59dceef24a428620fff1ae4826fb4297982e9e", 0xa9, 0xffffffff995ce781}], 0x848002, &(0x7f0000000440)={[{@discard}], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_eq}, {@smackfshat={'smackfshat', 0x3d, '!'}}]}) [ 243.880484][T23241] RBP: 00007f94c660c1d0 R08: 000200000000e228 R09: 0000000000000000 [ 243.881734][T23241] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 243.882803][T23241] R13: 00007ffc46e01fdf R14: 00007f94c660c300 R15: 0000000000022000 08:40:21 executing program 0: syz_read_part_table(0x600000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:21 executing program 5: r0 = io_uring_setup(0x625c, &(0x7f0000000080)) io_uring_register$IORING_REGISTER_FILES(r0, 0x2, &(0x7f0000000200)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x6, &(0x7f0000000480)=[{0x0, 0x570000}], 0x1) syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0xaaaaaaaaaaaad19, &(0x7f0000000200), 0x0, &(0x7f0000000140)=ANY=[@ANYRESHEX, @ANYRESDEC=r0, @ANYBLOB="e1acfe87e47be7a5336f46d2a5dca5dbaed21081e5f60cdd45858b0650956df3c832002e10000054ebbeee1035f610709a687b9a0636486fd56eb39ff535130c8d7b3e931aaf"]) chdir(&(0x7f0000000040)='./file0\x00') r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r1, 0x4, 0x6900) r2 = open(&(0x7f0000002000)='./bus\x00', 0x14b042, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000f, 0x12, r3, 0x0) preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r4 = io_uring_setup(0x625c, &(0x7f0000000080)) io_uring_register$IORING_REGISTER_FILES(r4, 0x2, &(0x7f0000000200)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_REGISTER_BUFFERS(r4, 0x6, &(0x7f0000000480)=[{0x0, 0x570000}], 0x1) io_uring_register$IORING_REGISTER_BUFFERS(r4, 0x0, &(0x7f00000004c0)=[{&(0x7f00000001c0)=""/15, 0xf}, {&(0x7f0000000300)=""/139, 0x8b}, {&(0x7f00000003c0)=""/167, 0xa7}, {&(0x7f0000000240)=""/124, 0x7c}], 0x4) ftruncate(r2, 0x2008002) r5 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) sendfile(r1, r5, 0x0, 0x8400fffffffa) [ 243.933003][ T4842] FAT-fs (loop5): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 243.943847][T23221] loop3: detected capacity change from 0 to 264192 [ 243.958676][T23271] loop4: detected capacity change from 0 to 158951 [ 243.966668][T23277] loop0: detected capacity change from 0 to 264192 [ 244.003799][T23221] loop3: p1 p2 p3 p4 [ 244.006174][T23221] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 244.007906][T23221] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 244.011791][T23221] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 244.021548][T23277] loop0: p1 p2 p3 p4 [ 244.022967][T23277] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 244.024653][T23277] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 244.027230][T23277] loop0: p4 size 3657465856 extends beyond EOD, truncated 08:40:21 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x600) 08:40:21 executing program 4: mkdirat(0xffffffffffffff9c, 0x0, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x7e, 0x1, &(0x7f0000000400)=[{&(0x7f0000000340)="b8a49e289a335aefe5267e68fb0bfd6a7e397f9adc2c98ac7630711b51cd09c4ab45387425b7df57cf2d87b73605475bebbb52e74df47529fc04d77494d69efb03594c4286bff9b38874b5f2803d5bf94412a64b606dc6b6f00dbe5c5a5194975e55549708b22b59c4759f428211e88e64dcf22e231dca71a7f189c073f98b40cab80b3353c82c8bcbd65aa6fcc56c2d14ed710e8e4b59dceef24a428620fff1ae4826fb4297982e9e", 0xa9, 0xffffffff995ce781}], 0x848002, &(0x7f0000000440)={[{@discard}], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_eq}, {@smackfshat={'smackfshat', 0x3d, '!'}}]}) 08:40:21 executing program 3: syz_read_part_table(0x5400000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 244.270337][T23320] loop3: detected capacity change from 0 to 264192 [ 244.271396][T23321] loop4: detected capacity change from 0 to 158951 [ 244.327638][T23320] loop3: p1 p2 p3 p4 [ 244.329038][T23320] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 244.330651][T23320] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 244.338522][T23320] loop3: p4 size 3657465856 extends beyond EOD, truncated 08:40:21 executing program 1 (fault-call:9 fault-nth:54): pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x0) 08:40:21 executing program 0: syz_read_part_table(0x604000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:21 executing program 5: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25, 0x80000000000002}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) r1 = open(&(0x7f0000002000)='./bus\x00', 0x14b042, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000f, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ftruncate(r1, 0x2008002) r3 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) sendfile(r0, r3, 0x0, 0x8400fffffffa) 08:40:21 executing program 4: mkdirat(0xffffffffffffff9c, 0x0, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x7e, 0x1, &(0x7f0000000400)=[{&(0x7f0000000340)="b8a49e289a335aefe5267e68fb0bfd6a7e397f9adc2c98ac7630711b51cd09c4ab45387425b7df57cf2d87b73605475bebbb52e74df47529fc04d77494d69efb03594c4286bff9b38874b5f2803d5bf94412a64b606dc6b6f00dbe5c5a5194975e55549708b22b59c4759f428211e88e64dcf22e231dca71a7f189c073f98b40cab80b3353c82c8bcbd65aa6fcc56c2d14ed710e8e4b59dceef24a428620fff1ae4826fb4297982e9e", 0xa9, 0xffffffff995ce781}], 0x848002, &(0x7f0000000440)={[{@discard}], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_eq}, {@smackfshat={'smackfshat', 0x3d, '!'}}]}) 08:40:21 executing program 3: syz_read_part_table(0x5500000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:21 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, 0x0, &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x7e, 0x1, &(0x7f0000000400)=[{&(0x7f0000000340)="b8a49e289a335aefe5267e68fb0bfd6a7e397f9adc2c98ac7630711b51cd09c4ab45387425b7df57cf2d87b73605475bebbb52e74df47529fc04d77494d69efb03594c4286bff9b38874b5f2803d5bf94412a64b606dc6b6f00dbe5c5a5194975e55549708b22b59c4759f428211e88e64dcf22e231dca71a7f189c073f98b40cab80b3353c82c8bcbd65aa6fcc56c2d14ed710e8e4b59dceef24a428620fff1ae4826fb4297982e9e", 0xa9, 0xffffffff995ce781}], 0x848002, &(0x7f0000000440)={[{@discard}], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_eq}, {@smackfshat={'smackfshat', 0x3d, '!'}}]}) [ 244.618284][T23347] loop0: detected capacity change from 0 to 264192 [ 244.620209][T23349] loop3: detected capacity change from 0 to 264192 [ 244.624271][T23354] loop4: detected capacity change from 0 to 158951 [ 244.626808][T23355] loop5: detected capacity change from 0 to 264192 [ 244.630414][T23355] FAT-fs (loop5): bogus number of reserved sectors [ 244.631438][T23355] FAT-fs (loop5): Can't find a valid FAT filesystem [ 244.639775][T23347] loop0: p1 p2 p3 p4 [ 244.641301][T23347] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 244.643406][T23347] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 244.645225][T23347] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 244.651785][T23349] loop3: p1 p2 p3 p4 [ 244.660521][T23349] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 244.661934][T23349] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 244.665443][T23349] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 244.689579][T23372] netlink: 1312 bytes leftover after parsing attributes in process `syz-executor.1'. [ 244.699166][T23372] FAULT_INJECTION: forcing a failure. [ 244.699166][T23372] name failslab, interval 1, probability 0, space 0, times 0 [ 244.701538][T23372] CPU: 1 PID: 23372 Comm: syz-executor.1 Not tainted 5.13.0-rc5-syzkaller #0 [ 244.702846][T23372] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 244.704544][T23372] Call Trace: [ 244.705067][T23372] dump_stack+0x137/0x19d [ 244.705846][T23372] should_fail+0x23c/0x250 [ 244.706524][T23372] __should_failslab+0x81/0x90 [ 244.707267][T23372] should_failslab+0x5/0x20 [ 244.707896][T23372] kmem_cache_alloc_node_trace+0x58/0x2e0 [ 244.708871][T23372] ? __get_vm_area_node+0x11b/0x260 [ 244.709791][T23372] ? ___cache_free+0x3c/0x300 [ 244.710666][T23372] __get_vm_area_node+0x11b/0x260 [ 244.711589][T23372] __vmalloc_node_range+0xc2/0x5b0 [ 244.712557][T23372] ? netlink_sendmsg+0x425/0x7c0 [ 244.713392][T23372] ? selinux_socket_getpeersec_dgram+0x1f4/0x250 [ 244.714471][T23372] ? netlink_sendmsg+0x425/0x7c0 [ 244.715445][T23372] vmalloc+0x5a/0x70 [ 244.716074][T23372] ? netlink_sendmsg+0x425/0x7c0 [ 244.717030][T23372] netlink_sendmsg+0x425/0x7c0 [ 244.717892][T23372] ? netlink_getsockopt+0x720/0x720 [ 244.718721][T23372] kernel_sendmsg+0x97/0xd0 [ 244.719450][T23372] sock_no_sendpage+0x84/0xb0 [ 244.720182][T23372] ? __receive_sock+0x20/0x20 [ 244.720882][T23372] kernel_sendpage+0x187/0x200 [ 244.721740][T23372] ? __receive_sock+0x20/0x20 [ 244.722607][T23372] sock_sendpage+0x5a/0x70 [ 244.723265][T23372] pipe_to_sendpage+0x128/0x160 [ 244.724070][T23372] ? sock_fasync+0xc0/0xc0 [ 244.724827][T23372] __splice_from_pipe+0x207/0x500 [ 244.725723][T23372] ? generic_splice_sendpage+0xb0/0xb0 [ 244.726716][T23372] generic_splice_sendpage+0x80/0xb0 [ 244.727529][T23372] ? iter_file_splice_write+0x750/0x750 [ 244.728472][T23372] do_splice+0x9aa/0xd30 [ 244.729156][T23372] ? vfs_write+0x50c/0x770 [ 244.729949][T23372] ? __fget_light+0x21b/0x260 [ 244.730648][T23372] __se_sys_splice+0x2a6/0x390 [ 244.731452][T23372] __x64_sys_splice+0x74/0x80 [ 244.732283][T23372] do_syscall_64+0x4a/0x90 [ 244.733120][T23372] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 244.734017][T23372] RIP: 0033:0x4665d9 [ 244.734707][T23372] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 08:40:21 executing program 3: syz_read_part_table(0x6000000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:21 executing program 0: syz_read_part_table(0x700000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 244.737813][T23372] RSP: 002b:00007f94c660c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 244.741043][T23372] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665d9 [ 244.742532][T23372] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003 [ 244.743917][T23372] RBP: 00007f94c660c1d0 R08: 000200000000e228 R09: 0000000000000000 [ 244.745295][T23372] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 244.746803][T23372] R13: 00007ffc46e01fdf R14: 00007f94c660c300 R15: 0000000000022000 [ 244.772597][T23374] loop4: detected capacity change from 0 to 158951 08:40:21 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, 0x0, &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x7e, 0x1, &(0x7f0000000400)=[{&(0x7f0000000340)="b8a49e289a335aefe5267e68fb0bfd6a7e397f9adc2c98ac7630711b51cd09c4ab45387425b7df57cf2d87b73605475bebbb52e74df47529fc04d77494d69efb03594c4286bff9b38874b5f2803d5bf94412a64b606dc6b6f00dbe5c5a5194975e55549708b22b59c4759f428211e88e64dcf22e231dca71a7f189c073f98b40cab80b3353c82c8bcbd65aa6fcc56c2d14ed710e8e4b59dceef24a428620fff1ae4826fb4297982e9e", 0xa9, 0xffffffff995ce781}], 0x848002, &(0x7f0000000440)={[{@discard}], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_eq}, {@smackfshat={'smackfshat', 0x3d, '!'}}]}) [ 244.825250][T23396] loop3: detected capacity change from 0 to 264192 [ 244.832097][T23379] loop0: detected capacity change from 0 to 264192 [ 244.840329][T23404] loop4: detected capacity change from 0 to 158951 [ 244.861228][T23396] loop3: p1 p2 p3 p4 [ 244.862437][T23396] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 244.863834][T23379] loop0: p1 p2 p3 p4 [ 244.863937][T23396] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 244.866065][T23379] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 244.866455][T23396] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 244.873107][T23379] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 244.881515][T23379] loop0: p4 size 3657465856 extends beyond EOD, truncated 08:40:22 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x700) 08:40:22 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, 0x0, &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x7e, 0x1, &(0x7f0000000400)=[{&(0x7f0000000340)="b8a49e289a335aefe5267e68fb0bfd6a7e397f9adc2c98ac7630711b51cd09c4ab45387425b7df57cf2d87b73605475bebbb52e74df47529fc04d77494d69efb03594c4286bff9b38874b5f2803d5bf94412a64b606dc6b6f00dbe5c5a5194975e55549708b22b59c4759f428211e88e64dcf22e231dca71a7f189c073f98b40cab80b3353c82c8bcbd65aa6fcc56c2d14ed710e8e4b59dceef24a428620fff1ae4826fb4297982e9e", 0xa9, 0xffffffff995ce781}], 0x848002, &(0x7f0000000440)={[{@discard}], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_eq}, {@smackfshat={'smackfshat', 0x3d, '!'}}]}) 08:40:22 executing program 3: syz_read_part_table(0x6300000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 245.159148][T23437] loop3: detected capacity change from 0 to 264192 [ 245.177366][T23436] loop4: detected capacity change from 0 to 158951 [ 245.202473][T23437] loop3: p1 p2 p3 p4 [ 245.214471][T23437] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 245.216348][T23437] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 245.218049][T23437] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 245.280330][ T1135] loop3: p1 p2 p3 p4 [ 245.282167][ T1135] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 245.284145][ T1135] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 245.285993][ T1135] loop3: p4 size 3657465856 extends beyond EOD, truncated 08:40:22 executing program 1 (fault-call:9 fault-nth:55): pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x0) 08:40:22 executing program 0: syz_read_part_table(0x800000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 245.481817][T23465] loop5: detected capacity change from 0 to 264192 [ 245.485965][T23465] FAT-fs (loop5): Unrecognized mount option "" or missing value 08:40:22 executing program 5: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) creat(&(0x7f0000000080)='./file0\x00', 0x0) r1 = open(&(0x7f0000002000)='./bus\x00', 0x14b042, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000f, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ftruncate(r1, 0x2008002) r3 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) sendfile(r0, r3, 0x0, 0x8400fffffffa) 08:40:22 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x7e, 0x1, &(0x7f0000000400)=[{&(0x7f0000000340)="b8a49e289a335aefe5267e68fb0bfd6a7e397f9adc2c98ac7630711b51cd09c4ab45387425b7df57cf2d87b73605475bebbb52e74df47529fc04d77494d69efb03594c4286bff9b38874b5f2803d5bf94412a64b606dc6b6f00dbe5c5a5194975e55549708b22b59c4759f428211e88e64dcf22e231dca71a7f189c073f98b40cab80b3353c82c8bcbd65aa6fcc56c2d14ed710e8e4b59dceef24a428620fff1ae4826fb4297982e9e", 0xa9, 0xffffffff995ce781}], 0x848002, &(0x7f0000000440)={[{@discard}], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_eq}, {@smackfshat={'smackfshat', 0x3d, '!'}}]}) 08:40:22 executing program 3: syz_read_part_table(0x6800000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:22 executing program 0: syz_read_part_table(0x900000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 245.528692][T23472] loop0: detected capacity change from 0 to 264192 [ 245.542772][T23472] loop0: p1 p2 p3 p4 [ 245.544502][T23472] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 245.551831][T23472] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 245.555811][T23472] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 245.605038][T23487] loop5: detected capacity change from 0 to 264192 [ 245.609519][T23485] netlink: 1312 bytes leftover after parsing attributes in process `syz-executor.1'. [ 245.609675][T23487] FAT-fs (loop5): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 245.632042][T23485] FAULT_INJECTION: forcing a failure. [ 245.632042][T23485] name failslab, interval 1, probability 0, space 0, times 0 [ 245.634080][T23485] CPU: 0 PID: 23485 Comm: syz-executor.1 Not tainted 5.13.0-rc5-syzkaller #0 [ 245.635618][T23485] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 245.637166][T23485] Call Trace: [ 245.637727][T23485] dump_stack+0x137/0x19d [ 245.638470][T23485] should_fail+0x23c/0x250 [ 245.639346][T23485] __should_failslab+0x81/0x90 [ 245.640156][T23485] should_failslab+0x5/0x20 [ 245.640863][T23485] kmem_cache_alloc_node_trace+0x58/0x2e0 [ 245.641761][T23485] ? __get_vm_area_node+0x11b/0x260 [ 245.642764][T23485] ? ___cache_free+0x3c/0x300 [ 245.643548][T23485] __get_vm_area_node+0x11b/0x260 [ 245.644338][T23485] __vmalloc_node_range+0xc2/0x5b0 [ 245.645124][T23485] ? netlink_sendmsg+0x425/0x7c0 [ 245.645947][T23485] ? selinux_socket_getpeersec_dgram+0x1f4/0x250 [ 245.646986][T23485] ? netlink_sendmsg+0x425/0x7c0 [ 245.647707][T23485] vmalloc+0x5a/0x70 [ 245.648280][T23485] ? netlink_sendmsg+0x425/0x7c0 [ 245.649006][T23485] netlink_sendmsg+0x425/0x7c0 [ 245.649872][T23485] ? netlink_getsockopt+0x720/0x720 [ 245.650691][T23485] kernel_sendmsg+0x97/0xd0 [ 245.651623][T23485] sock_no_sendpage+0x84/0xb0 [ 245.652415][T23485] ? __receive_sock+0x20/0x20 [ 245.653235][T23485] kernel_sendpage+0x187/0x200 [ 245.654105][T23485] ? __receive_sock+0x20/0x20 [ 245.654910][T23485] sock_sendpage+0x5a/0x70 [ 245.655779][T23485] pipe_to_sendpage+0x128/0x160 [ 245.656636][T23485] ? sock_fasync+0xc0/0xc0 [ 245.657309][T23485] __splice_from_pipe+0x207/0x500 [ 245.658085][T23485] ? generic_splice_sendpage+0xb0/0xb0 [ 245.658913][T23485] generic_splice_sendpage+0x80/0xb0 [ 245.659825][T23485] ? iter_file_splice_write+0x750/0x750 [ 245.660719][T23485] do_splice+0x9aa/0xd30 [ 245.661403][T23485] ? vfs_write+0x50c/0x770 [ 245.662122][T23485] ? __fget_light+0x21b/0x260 [ 245.662850][T23485] __se_sys_splice+0x2a6/0x390 [ 245.663718][T23485] __x64_sys_splice+0x74/0x80 [ 245.664497][T23485] do_syscall_64+0x4a/0x90 [ 245.665238][T23485] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 245.666204][T23485] RIP: 0033:0x4665d9 [ 245.666853][T23485] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 245.670289][T23485] RSP: 002b:00007f94c660c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 245.671648][T23485] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665d9 [ 245.672807][T23485] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003 [ 245.674214][T23485] RBP: 00007f94c660c1d0 R08: 000200000000e228 R09: 0000000000000000 [ 245.675646][T23485] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 245.677064][T23485] R13: 00007ffc46e01fdf R14: 00007f94c660c300 R15: 0000000000022000 [ 245.682748][T23497] loop3: detected capacity change from 0 to 264192 [ 245.693946][T23498] loop4: detected capacity change from 0 to 158951 [ 245.703355][T23499] loop0: detected capacity change from 0 to 264192 08:40:22 executing program 5: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) r1 = open(&(0x7f0000002000)='./bus\x00', 0x14b042, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000f, 0x12, r2, 0x0) preadv(r2, &(0x7f00000000c0)=[{&(0x7f0000000140)=""/131, 0x83}, {&(0x7f0000000080)=""/48, 0x30}], 0x2, 0xd9f, 0x0) ftruncate(r1, 0x2008002) r3 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) sendfile(r0, r3, 0x0, 0x8400fffffffa) 08:40:22 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x7e, 0x1, &(0x7f0000000400)=[{&(0x7f0000000340)="b8a49e289a335aefe5267e68fb0bfd6a7e397f9adc2c98ac7630711b51cd09c4ab45387425b7df57cf2d87b73605475bebbb52e74df47529fc04d77494d69efb03594c4286bff9b38874b5f2803d5bf94412a64b606dc6b6f00dbe5c5a5194975e55549708b22b59c4759f428211e88e64dcf22e231dca71a7f189c073f98b40cab80b3353c82c8bcbd65aa6fcc56c2d14ed710e8e4b59dceef24a428620fff1ae4826fb4297982e9e", 0xa9, 0xffffffff995ce781}], 0x848002, &(0x7f0000000440)={[{@discard}], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_eq}, {@smackfshat={'smackfshat', 0x3d, '!'}}]}) [ 245.715125][ T4470] FAT-fs (loop5): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 245.721623][T23497] loop3: p1 p2 p3 p4 [ 245.729328][T23497] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 245.731129][T23497] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 245.735714][T23499] loop0: p1 p2 p3 p4 [ 245.737118][T23499] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 245.740806][T23499] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 245.743101][T23499] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 245.744617][T23497] loop3: p4 size 3657465856 extends beyond EOD, truncated 08:40:22 executing program 0: syz_read_part_table(0xa00000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 245.823326][T23524] loop4: detected capacity change from 0 to 158951 [ 245.825892][T23533] loop5: detected capacity change from 0 to 264192 [ 245.828905][T23533] FAT-fs (loop5): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 245.871253][T23550] loop0: detected capacity change from 0 to 264192 [ 245.891372][ T4842] FAT-fs (loop5): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 245.911382][T23550] loop0: p1 p2 p3 p4 [ 245.912444][T23550] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 245.913768][T23550] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 245.915399][T23550] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 245.919966][ T1135] loop0: p1 p2 p3 p4 [ 245.921296][ T1135] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 245.922816][ T1135] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 245.925671][ T1135] loop0: p4 size 3657465856 extends beyond EOD, truncated 08:40:23 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x900) 08:40:23 executing program 3: syz_read_part_table(0x6c00000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:23 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x7e, 0x1, &(0x7f0000000400)=[{&(0x7f0000000340)="b8a49e289a335aefe5267e68fb0bfd6a7e397f9adc2c98ac7630711b51cd09c4ab45387425b7df57cf2d87b73605475bebbb52e74df47529fc04d77494d69efb03594c4286bff9b38874b5f2803d5bf94412a64b606dc6b6f00dbe5c5a5194975e55549708b22b59c4759f428211e88e64dcf22e231dca71a7f189c073f98b40cab80b3353c82c8bcbd65aa6fcc56c2d14ed710e8e4b59dceef24a428620fff1ae4826fb4297982e9e", 0xa9, 0xffffffff995ce781}], 0x848002, &(0x7f0000000440)={[{@discard}], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_eq}, {@smackfshat={'smackfshat', 0x3d, '!'}}]}) [ 245.980865][T23550] loop0: detected capacity change from 0 to 264192 [ 246.010701][T23585] loop3: detected capacity change from 0 to 264192 [ 246.020458][T23588] loop4: detected capacity change from 0 to 158951 [ 246.022279][T23550] loop0: p1 p2 p3 p4 [ 246.023453][T23550] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 246.025038][T23550] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 246.026862][T23550] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 246.032175][T23585] loop3: p1 p2 p3 p4 [ 246.033159][T23585] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 246.034469][T23585] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 246.035953][T23585] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 246.051295][ T1135] loop0: p1 p2 p3 p4 [ 246.052291][ T1135] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 246.053801][ T1135] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 246.055284][ T1135] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 246.074429][T23585] loop3: detected capacity change from 0 to 264192 [ 246.102440][T23585] loop3: p1 p2 p3 p4 [ 246.103545][T23585] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 246.105156][T23585] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 246.106718][T23585] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 246.132876][ T880] Buffer I/O error on dev loop0p1, logical block 1, async page read [ 246.136917][ T1760] __loop_clr_fd: partition scan of loop0 failed (rc=-16) 08:40:23 executing program 1 (fault-call:9 fault-nth:56): pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x0) 08:40:23 executing program 5: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./bus\x00', 0x0, 0x2, &(0x7f0000000080)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) preadv(r0, &(0x7f0000000200)=[{&(0x7f0000000140)=""/70, 0x46}, {&(0x7f00000000c0)=""/50, 0x32}, {&(0x7f00000001c0)=""/7, 0x7}], 0x3, 0x0, 0x1) r1 = open(&(0x7f0000002000)='./bus\x00', 0x14b042, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000f, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ftruncate(r1, 0x2008002) r3 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) sendfile(r0, r3, 0x0, 0x8400fffffffa) 08:40:23 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x7e, 0x1, &(0x7f0000000400)=[{&(0x7f0000000340)="b8a49e289a335aefe5267e68fb0bfd6a7e397f9adc2c98ac7630711b51cd09c4ab45387425b7df57cf2d87b73605475bebbb52e74df47529fc04d77494d69efb03594c4286bff9b38874b5f2803d5bf94412a64b606dc6b6f00dbe5c5a5194975e55549708b22b59c4759f428211e88e64dcf22e231dca71a7f189c073f98b40cab80b3353c82c8bcbd65aa6fcc56c2d14ed710e8e4b59dceef24a428620fff1ae4826fb4297982e9e", 0xa9, 0xffffffff995ce781}], 0x848002, &(0x7f0000000440)={[{@discard}], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_eq}, {@smackfshat={'smackfshat', 0x3d, '!'}}]}) 08:40:23 executing program 0: syz_read_part_table(0xb00000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:23 executing program 3: syz_read_part_table(0x7400000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 246.382662][T23651] loop3: detected capacity change from 0 to 264192 [ 246.385295][T23652] new mount options do not match the existing superblock, will be ignored [ 246.393343][T23649] loop5: detected capacity change from 0 to 264192 [ 246.401779][T23649] FAT-fs (loop5): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 246.405604][T23652] loop4: detected capacity change from 0 to 158951 [ 246.421570][T23651] loop3: p1 p2 p3 p4 [ 246.423104][T23651] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 246.424894][T23651] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 246.426771][T23651] loop3: p4 size 3657465856 extends beyond EOD, truncated 08:40:23 executing program 5: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) r1 = open(&(0x7f0000002000)='./bus\x00', 0x14b042, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000f, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ftruncate(r1, 0x2008002) r3 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) fsetxattr$trusted_overlay_redirect(r4, &(0x7f00000000c0), &(0x7f00000001c0)='./file1\x00', 0x8, 0x1) sendfile(r0, r3, 0x0, 0x8400fffffffa) perf_event_open(&(0x7f0000000140)={0x0, 0x80, 0x6, 0x6, 0x80, 0x3f, 0x0, 0x100000000, 0x450, 0x9, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_config_ext={0xd8, 0x9}, 0x2220a, 0x0, 0xb97f, 0x0, 0x7fffffff, 0x7, 0x0, 0x0, 0x3ff, 0x0, 0x100000001}, 0x0, 0x4, r0, 0x8) 08:40:23 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x7e, 0x1, &(0x7f0000000400)=[{&(0x7f0000000340)="b8a49e289a335aefe5267e68fb0bfd6a7e397f9adc2c98ac7630711b51cd09c4ab45387425b7df57cf2d87b73605475bebbb52e74df47529fc04d77494d69efb03594c4286bff9b38874b5f2803d5bf94412a64b606dc6b6f00dbe5c5a5194975e55549708b22b59c4759f428211e88e64dcf22e231dca71a7f189c073f98b40cab80b3353c82c8bcbd65aa6fcc56c2d14ed710e8e4b59dceef24a428620fff1ae4826fb4297982e9e", 0xa9, 0xffffffff995ce781}], 0x848002, &(0x7f0000000440)={[{@discard}], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_eq}, {@smackfshat={'smackfshat', 0x3d, '!'}}]}) [ 246.441492][T23655] loop0: detected capacity change from 0 to 264192 [ 246.446030][T23666] netlink: 1312 bytes leftover after parsing attributes in process `syz-executor.1'. [ 246.449868][T23666] FAULT_INJECTION: forcing a failure. [ 246.449868][T23666] name failslab, interval 1, probability 0, space 0, times 0 [ 246.452041][T23666] CPU: 0 PID: 23666 Comm: syz-executor.1 Not tainted 5.13.0-rc5-syzkaller #0 [ 246.453657][T23666] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 246.455209][T23666] Call Trace: [ 246.455702][T23666] dump_stack+0x137/0x19d [ 246.456564][T23666] should_fail+0x23c/0x250 [ 246.457282][T23666] __should_failslab+0x81/0x90 [ 246.457966][T23666] should_failslab+0x5/0x20 [ 246.458731][T23666] kmem_cache_alloc_node_trace+0x58/0x2e0 [ 246.459714][T23666] ? __kmalloc_node+0x30/0x40 [ 246.460524][T23666] ? __get_vm_area_node+0x226/0x260 [ 246.461352][T23666] __kmalloc_node+0x30/0x40 [ 246.462129][T23666] __vmalloc_node_range+0x250/0x5b0 [ 246.462956][T23666] ? netlink_sendmsg+0x425/0x7c0 [ 246.463726][T23666] vmalloc+0x5a/0x70 [ 246.464303][T23666] ? netlink_sendmsg+0x425/0x7c0 [ 246.465117][T23666] netlink_sendmsg+0x425/0x7c0 [ 246.465972][T23666] ? netlink_getsockopt+0x720/0x720 [ 246.466766][T23666] kernel_sendmsg+0x97/0xd0 [ 246.467575][T23666] sock_no_sendpage+0x84/0xb0 [ 246.468455][T23666] ? __receive_sock+0x20/0x20 [ 246.469443][T23666] kernel_sendpage+0x187/0x200 [ 246.470583][T23666] ? __receive_sock+0x20/0x20 [ 246.471504][T23666] sock_sendpage+0x5a/0x70 [ 246.472652][T23666] pipe_to_sendpage+0x128/0x160 [ 246.473378][T23666] ? sock_fasync+0xc0/0xc0 [ 246.474200][T23666] __splice_from_pipe+0x207/0x500 [ 246.475136][T23666] ? generic_splice_sendpage+0xb0/0xb0 [ 246.476159][T23666] generic_splice_sendpage+0x80/0xb0 [ 246.477091][T23666] ? iter_file_splice_write+0x750/0x750 [ 246.478021][T23666] do_splice+0x9aa/0xd30 [ 246.478809][T23666] ? vfs_write+0x50c/0x770 [ 246.479563][T23666] ? __fget_light+0x21b/0x260 [ 246.480438][T23666] __se_sys_splice+0x2a6/0x390 [ 246.481265][T23666] __x64_sys_splice+0x74/0x80 [ 246.482229][T23666] do_syscall_64+0x4a/0x90 [ 246.483004][T23666] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 246.483910][T23666] RIP: 0033:0x4665d9 [ 246.484525][T23666] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 246.487437][T23666] RSP: 002b:00007f94c660c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 246.488701][T23666] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665d9 [ 246.489839][T23666] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003 08:40:23 executing program 3: syz_read_part_table(0x7a00000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 246.491039][T23666] RBP: 00007f94c660c1d0 R08: 000200000000e228 R09: 0000000000000000 [ 246.492258][T23666] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 246.493596][T23666] R13: 00007ffc46e01fdf R14: 00007f94c660c300 R15: 0000000000022000 [ 246.501377][ T4470] FAT-fs (loop5): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 246.519843][T23655] loop0: p1 p2 p3 p4 [ 246.521150][T23655] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 246.527245][T23682] new mount options do not match the existing superblock, will be ignored [ 246.528774][T23655] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 246.530224][T23682] loop4: detected capacity change from 0 to 158951 [ 246.530438][T23655] loop0: p4 size 3657465856 extends beyond EOD, truncated 08:40:23 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x7e, 0x1, &(0x7f0000000400)=[{&(0x7f0000000340)="b8a49e289a335aefe5267e68fb0bfd6a7e397f9adc2c98ac7630711b51cd09c4ab45387425b7df57cf2d87b73605475bebbb52e74df47529fc04d77494d69efb03594c4286bff9b38874b5f2803d5bf94412a64b606dc6b6f00dbe5c5a5194975e55549708b22b59c4759f428211e88e64dcf22e231dca71a7f189c073f98b40cab80b3353c82c8bcbd65aa6fcc56c2d14ed710e8e4b59dceef24a428620fff1ae4826fb4297982e9e", 0xa9, 0xffffffff995ce781}], 0x848002, &(0x7f0000000440)={[{@discard}], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_eq}, {@smackfshat={'smackfshat', 0x3d, '!'}}]}) [ 246.581842][T23698] loop3: detected capacity change from 0 to 264192 [ 246.583234][T23655] loop0: detected capacity change from 0 to 264192 [ 246.589088][T23711] loop5: detected capacity change from 0 to 264192 [ 246.593062][T23711] FAT-fs (loop5): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 246.594724][T23715] new mount options do not match the existing superblock, will be ignored [ 246.596803][T23715] loop4: detected capacity change from 0 to 158951 [ 246.608589][T23698] loop3: p1 p2 p3 p4 [ 246.609936][T23655] loop0: p1 p2 p3 p4 [ 246.615470][T23698] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 246.617094][T23698] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 246.618365][T23655] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 246.620178][T23655] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 246.623299][T23698] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 246.624601][T23655] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 246.660333][T23698] loop3: detected capacity change from 0 to 264192 [ 246.705686][ T1768] FAT-fs (loop5): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 246.707471][T23698] loop3: p1 p2 p3 p4 [ 246.708564][T23698] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 246.710199][T23698] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 246.711888][T23698] loop3: p4 size 3657465856 extends beyond EOD, truncated 08:40:24 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0xa00) 08:40:24 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x7e, 0x1, &(0x7f0000000400)=[{&(0x7f0000000340)="b8a49e289a335aefe5267e68fb0bfd6a7e397f9adc2c98ac7630711b51cd09c4ab45387425b7df57cf2d87b73605475bebbb52e74df47529fc04d77494d69efb03594c4286bff9b38874b5f2803d5bf94412a64b606dc6b6f00dbe5c5a5194975e55549708b22b59c4759f428211e88e64dcf22e231dca71a7f189c073f98b40cab80b3353c82c8bcbd65aa6fcc56c2d14ed710e8e4b59dceef24a428620fff1ae4826fb4297982e9e", 0xa9, 0xffffffff995ce781}], 0x848002, &(0x7f0000000440)={[{@discard}], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_eq}, {@smackfshat={'smackfshat', 0x3d, '!'}}]}) 08:40:24 executing program 0: syz_read_part_table(0xc00000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 246.914195][T23767] new mount options do not match the existing superblock, will be ignored [ 246.916047][T23768] loop0: detected capacity change from 0 to 264192 [ 246.941682][T23768] loop0: p1 p2 p3 p4 [ 246.942934][T23768] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 246.944371][T23768] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 246.946326][T23768] loop0: p4 size 3657465856 extends beyond EOD, truncated 08:40:24 executing program 1 (fault-call:9 fault-nth:57): pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x0) 08:40:24 executing program 5: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000010ffe}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) r1 = open(&(0x7f0000002000)='./bus\x00', 0x14b042, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000f, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ftruncate(r1, 0x2008002) r3 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) sendfile(r0, r3, 0x0, 0x8400fffffffa) 08:40:24 executing program 3: syz_read_part_table(0x8004000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:24 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x7e, 0x1, &(0x7f0000000400)=[{&(0x7f0000000340)="b8a49e289a335aefe5267e68fb0bfd6a7e397f9adc2c98ac7630711b51cd09c4ab45387425b7df57cf2d87b73605475bebbb52e74df47529fc04d77494d69efb03594c4286bff9b38874b5f2803d5bf94412a64b606dc6b6f00dbe5c5a5194975e55549708b22b59c4759f428211e88e64dcf22e231dca71a7f189c073f98b40cab80b3353c82c8bcbd65aa6fcc56c2d14ed710e8e4b59dceef24a428620fff1ae4826fb4297982e9e", 0xa9, 0xffffffff995ce781}], 0x848002, &(0x7f0000000440)={[{@discard}], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_eq}, {@smackfshat={'smackfshat', 0x3d, '!'}}]}) 08:40:24 executing program 0: syz_read_part_table(0xd00000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:24 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x7e, 0x1, &(0x7f0000000400)=[{&(0x7f0000000340)="b8a49e289a335aefe5267e68fb0bfd6a7e397f9adc2c98ac7630711b51cd09c4ab45387425b7df57cf2d87b73605475bebbb52e74df47529fc04d77494d69efb03594c4286bff9b38874b5f2803d5bf94412a64b606dc6b6f00dbe5c5a5194975e55549708b22b59c4759f428211e88e64dcf22e231dca71a7f189c073f98b40cab80b3353c82c8bcbd65aa6fcc56c2d14ed710e8e4b59dceef24a428620fff1ae4826fb4297982e9e", 0xa9, 0xffffffff995ce781}], 0x848002, &(0x7f0000000440)={[{@discard}], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_eq}, {@smackfshat={'smackfshat', 0x3d, '!'}}]}) [ 247.238720][T23792] loop5: detected capacity change from 0 to 264192 [ 247.246958][T23795] new mount options do not match the existing superblock, will be ignored [ 247.251621][T23792] FAT-fs (loop5): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 247.268096][T23802] loop3: detected capacity change from 0 to 264192 [ 247.275655][T23800] loop0: detected capacity change from 0 to 264192 08:40:24 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x10, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x7e, 0x1, &(0x7f0000000400)=[{&(0x7f0000000340)="b8a49e289a335aefe5267e68fb0bfd6a7e397f9adc2c98ac7630711b51cd09c4ab45387425b7df57cf2d87b73605475bebbb52e74df47529fc04d77494d69efb03594c4286bff9b38874b5f2803d5bf94412a64b606dc6b6f00dbe5c5a5194975e55549708b22b59c4759f428211e88e64dcf22e231dca71a7f189c073f98b40cab80b3353c82c8bcbd65aa6fcc56c2d14ed710e8e4b59dceef24a428620fff1ae4826fb4297982e9e", 0xa9, 0xffffffff995ce781}], 0x848002, &(0x7f0000000440)={[{@discard}], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_eq}, {@smackfshat={'smackfshat', 0x3d, '!'}}]}) [ 247.299574][T23811] new mount options do not match the existing superblock, will be ignored [ 247.311645][T23802] loop3: p1 p2 p3 p4 [ 247.313460][T23802] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 247.315037][T23802] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 247.316902][T23802] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 247.331750][T23800] loop0: p1 p2 p3 p4 [ 247.333181][T23800] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 247.334488][T23800] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 247.335986][T23800] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 247.346847][T23819] netlink: 1312 bytes leftover after parsing attributes in process `syz-executor.1'. [ 247.355661][T23819] FAULT_INJECTION: forcing a failure. [ 247.355661][T23819] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 247.357993][T23819] CPU: 1 PID: 23819 Comm: syz-executor.1 Not tainted 5.13.0-rc5-syzkaller #0 [ 247.359258][T23819] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 247.361271][T23819] Call Trace: [ 247.361934][T23819] dump_stack+0x137/0x19d [ 247.362752][T23819] should_fail+0x23c/0x250 [ 247.363565][T23819] __alloc_pages+0x102/0x320 [ 247.364331][T23819] __vmalloc_node_range+0x319/0x5b0 [ 247.365440][T23819] ? netlink_sendmsg+0x425/0x7c0 [ 247.366352][T23819] vmalloc+0x5a/0x70 [ 247.367034][T23819] ? netlink_sendmsg+0x425/0x7c0 [ 247.367782][T23819] netlink_sendmsg+0x425/0x7c0 [ 247.368792][T23819] ? netlink_getsockopt+0x720/0x720 [ 247.369685][T23819] kernel_sendmsg+0x97/0xd0 [ 247.370551][T23819] sock_no_sendpage+0x84/0xb0 [ 247.371679][T23819] ? __receive_sock+0x20/0x20 [ 247.372692][T23819] kernel_sendpage+0x187/0x200 [ 247.373585][T23819] ? __receive_sock+0x20/0x20 [ 247.374475][T23819] sock_sendpage+0x5a/0x70 [ 247.375262][T23819] pipe_to_sendpage+0x128/0x160 [ 247.376167][T23819] ? sock_fasync+0xc0/0xc0 [ 247.376860][T23819] __splice_from_pipe+0x207/0x500 [ 247.377724][T23819] ? generic_splice_sendpage+0xb0/0xb0 [ 247.378579][T23819] generic_splice_sendpage+0x80/0xb0 [ 247.379365][T23819] ? iter_file_splice_write+0x750/0x750 [ 247.380166][T23819] do_splice+0x9aa/0xd30 [ 247.380840][T23819] ? vfs_write+0x50c/0x770 [ 247.381566][T23819] ? __fget_light+0x21b/0x260 [ 247.382309][T23819] __se_sys_splice+0x2a6/0x390 [ 247.382988][T23819] __x64_sys_splice+0x74/0x80 [ 247.383638][T23819] do_syscall_64+0x4a/0x90 [ 247.384324][T23819] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 247.385188][T23819] RIP: 0033:0x4665d9 [ 247.385816][T23819] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 247.388685][T23819] RSP: 002b:00007f94c660c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 247.390010][T23819] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665d9 [ 247.391150][T23819] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003 [ 247.392713][T23819] RBP: 00007f94c660c1d0 R08: 000200000000e228 R09: 0000000000000000 [ 247.393947][T23819] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 247.395159][T23819] R13: 00007ffc46e01fdf R14: 00007f94c660c300 R15: 0000000000022000 08:40:24 executing program 3: syz_read_part_table(0x80ffffff00000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:24 executing program 5: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6900) r1 = open(&(0x7f0000002000)='./bus\x00', 0x14b042, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000f, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ftruncate(r1, 0x2008002) r3 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) sendfile(r0, r3, 0x0, 0x8400fffffffa) [ 247.432960][T23830] new mount options do not match the existing superblock, will be ignored [ 247.460741][ T1768] FAT-fs (loop5): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 247.475023][T23830] loop4: detected capacity change from 0 to 158951 [ 247.535919][T23860] FAT-fs (loop5): bogus number of reserved sectors [ 247.537109][T23860] FAT-fs (loop5): Can't find a valid FAT filesystem 08:40:24 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0xab8) 08:40:24 executing program 0: syz_read_part_table(0xe00000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:24 executing program 3: syz_read_part_table(0x81ffffff00000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 247.755751][T23876] loop3: detected capacity change from 0 to 264192 [ 247.766827][T23880] loop0: detected capacity change from 0 to 264192 [ 247.772742][T23876] loop3: p1 p2 p3 p4 [ 247.773838][T23876] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 247.775370][T23876] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 247.777273][T23876] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 247.783713][T23880] loop0: p1 p2 p3 p4 [ 247.785239][T23880] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 247.789710][T23880] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 247.795089][T23880] loop0: p4 size 3657465856 extends beyond EOD, truncated 08:40:25 executing program 1 (fault-call:9 fault-nth:58): pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x0) 08:40:25 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x10, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x7e, 0x1, &(0x7f0000000400)=[{&(0x7f0000000340)="b8a49e289a335aefe5267e68fb0bfd6a7e397f9adc2c98ac7630711b51cd09c4ab45387425b7df57cf2d87b73605475bebbb52e74df47529fc04d77494d69efb03594c4286bff9b38874b5f2803d5bf94412a64b606dc6b6f00dbe5c5a5194975e55549708b22b59c4759f428211e88e64dcf22e231dca71a7f189c073f98b40cab80b3353c82c8bcbd65aa6fcc56c2d14ed710e8e4b59dceef24a428620fff1ae4826fb4297982e9e", 0xa9, 0xffffffff995ce781}], 0x848002, &(0x7f0000000440)={[{@discard}], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_eq}, {@smackfshat={'smackfshat', 0x3d, '!'}}]}) 08:40:25 executing program 3: syz_read_part_table(0x82ffffff00000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:25 executing program 0: syz_read_part_table(0xf00000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 248.139125][T23920] new mount options do not match the existing superblock, will be ignored [ 248.141931][T23920] loop4: detected capacity change from 0 to 158951 [ 248.147125][T23922] loop3: detected capacity change from 0 to 264192 [ 248.151200][T23921] loop0: detected capacity change from 0 to 264192 08:40:25 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x10, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x7e, 0x1, &(0x7f0000000400)=[{&(0x7f0000000340)="b8a49e289a335aefe5267e68fb0bfd6a7e397f9adc2c98ac7630711b51cd09c4ab45387425b7df57cf2d87b73605475bebbb52e74df47529fc04d77494d69efb03594c4286bff9b38874b5f2803d5bf94412a64b606dc6b6f00dbe5c5a5194975e55549708b22b59c4759f428211e88e64dcf22e231dca71a7f189c073f98b40cab80b3353c82c8bcbd65aa6fcc56c2d14ed710e8e4b59dceef24a428620fff1ae4826fb4297982e9e", 0xa9, 0xffffffff995ce781}], 0x848002, &(0x7f0000000440)={[{@discard}], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_eq}, {@smackfshat={'smackfshat', 0x3d, '!'}}]}) [ 248.196135][T23922] loop3: p1 p2 p3 p4 [ 248.196445][T23921] loop0: p1 p2 p3 p4 [ 248.197414][T23922] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 248.199226][T23921] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 248.199368][T23922] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 248.203665][T23921] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 248.208652][T23922] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 248.212686][T23921] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 248.217460][T23932] netlink: 1312 bytes leftover after parsing attributes in process `syz-executor.1'. [ 248.234648][T23932] FAULT_INJECTION: forcing a failure. [ 248.234648][T23932] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 248.236732][T23932] CPU: 0 PID: 23932 Comm: syz-executor.1 Not tainted 5.13.0-rc5-syzkaller #0 [ 248.237941][T23932] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 248.239587][T23932] Call Trace: [ 248.240122][T23932] dump_stack+0x137/0x19d [ 248.240909][T23932] should_fail+0x23c/0x250 [ 248.241878][T23932] __alloc_pages+0x102/0x320 [ 248.242685][T23932] __vmalloc_node_range+0x319/0x5b0 [ 248.243800][T23932] ? netlink_sendmsg+0x425/0x7c0 [ 248.244629][T23932] vmalloc+0x5a/0x70 [ 248.245320][T23932] ? netlink_sendmsg+0x425/0x7c0 [ 248.246176][T23932] netlink_sendmsg+0x425/0x7c0 [ 248.246992][T23932] ? netlink_getsockopt+0x720/0x720 [ 248.247947][T23932] kernel_sendmsg+0x97/0xd0 [ 248.248788][T23932] sock_no_sendpage+0x84/0xb0 [ 248.249602][T23932] ? __receive_sock+0x20/0x20 [ 248.250335][T23932] kernel_sendpage+0x187/0x200 [ 248.251131][T23932] ? __receive_sock+0x20/0x20 [ 248.251868][T23932] sock_sendpage+0x5a/0x70 [ 248.252575][T23932] pipe_to_sendpage+0x128/0x160 [ 248.253382][T23932] ? sock_fasync+0xc0/0xc0 [ 248.254010][T23932] __splice_from_pipe+0x207/0x500 [ 248.254866][T23932] ? generic_splice_sendpage+0xb0/0xb0 [ 248.255750][T23932] generic_splice_sendpage+0x80/0xb0 [ 248.256872][T23932] ? iter_file_splice_write+0x750/0x750 [ 248.257810][T23932] do_splice+0x9aa/0xd30 [ 248.258474][T23932] ? vfs_write+0x50c/0x770 [ 248.259259][T23932] ? __fget_light+0x21b/0x260 [ 248.259947][T23932] __se_sys_splice+0x2a6/0x390 [ 248.260733][T23932] __x64_sys_splice+0x74/0x80 [ 248.261477][T23932] do_syscall_64+0x4a/0x90 [ 248.262209][T23932] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 248.263098][T23932] RIP: 0033:0x4665d9 [ 248.263653][T23932] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 248.266566][T23932] RSP: 002b:00007f94c660c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 248.268204][T23932] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665d9 [ 248.269617][T23932] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003 [ 248.270913][T23932] RBP: 00007f94c660c1d0 R08: 000200000000e228 R09: 0000000000000000 [ 248.272380][T23932] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 248.273536][T23932] R13: 00007ffc46e01fdf R14: 00007f94c660c300 R15: 0000000000022000 08:40:25 executing program 3: syz_read_part_table(0x85ffffff00000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:25 executing program 0: syz_read_part_table(0x1000000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:25 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, 0xffffffffffffffff, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x7e, 0x1, &(0x7f0000000400)=[{&(0x7f0000000340)="b8a49e289a335aefe5267e68fb0bfd6a7e397f9adc2c98ac7630711b51cd09c4ab45387425b7df57cf2d87b73605475bebbb52e74df47529fc04d77494d69efb03594c4286bff9b38874b5f2803d5bf94412a64b606dc6b6f00dbe5c5a5194975e55549708b22b59c4759f428211e88e64dcf22e231dca71a7f189c073f98b40cab80b3353c82c8bcbd65aa6fcc56c2d14ed710e8e4b59dceef24a428620fff1ae4826fb4297982e9e", 0xa9, 0xffffffff995ce781}], 0x848002, &(0x7f0000000440)={[{@discard}], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_eq}, {@smackfshat={'smackfshat', 0x3d, '!'}}]}) [ 248.310483][T23860] FAT-fs (loop5): Unrecognized mount option "" or missing value [ 248.313844][T23947] new mount options do not match the existing superblock, will be ignored [ 248.321594][T23947] loop4: detected capacity change from 0 to 158951 08:40:25 executing program 5: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) open(&(0x7f0000000080)='./bus\x00', 0x80, 0x8) fcntl$setstatus(r0, 0x4, 0x6900) r1 = open(&(0x7f0000002000)='./bus\x00', 0x14b042, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000f, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ftruncate(r1, 0x2008002) r3 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) sendfile(r0, r3, 0x0, 0x8400fffffffa) ioctl$F2FS_IOC_START_ATOMIC_WRITE(0xffffffffffffffff, 0xf501, 0x0) [ 248.380865][T23969] loop3: detected capacity change from 0 to 264192 [ 248.387658][T23979] loop0: detected capacity change from 0 to 264192 [ 248.390598][T23981] new mount options do not match the existing superblock, will be ignored [ 248.394989][T23981] loop4: detected capacity change from 0 to 158951 [ 248.403517][T23986] loop5: detected capacity change from 0 to 264192 [ 248.407312][T23986] FAT-fs (loop5): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 248.412753][T23979] loop0: p1 p2 p3 p4 [ 248.413714][ T1135] loop3: p1 p2 p3 p4 [ 248.418232][T23979] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 248.422508][ T1135] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 248.422722][T23979] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 248.425413][ T1135] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 248.425465][T23979] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 248.427897][ T1135] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 248.435694][T23969] loop3: p1 p2 p3 p4 [ 248.436811][T23969] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 248.438320][T23969] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 248.439968][T23969] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 248.478462][T23979] loop0: detected capacity change from 0 to 264192 [ 248.486532][T23969] loop3: detected capacity change from 0 to 264192 [ 248.497279][ T1768] FAT-fs (loop5): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 248.513170][T23979] loop0: p1 p2 p3 p4 [ 248.514450][T23979] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 248.516374][T23979] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 248.518771][T23979] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 248.544500][T23969] loop3: p1 p2 p3 p4 [ 248.545914][T23969] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 248.547724][T23969] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 248.549299][T23969] loop3: p4 size 3657465856 extends beyond EOD, truncated 08:40:25 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0xb00) 08:40:25 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, 0xffffffffffffffff, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x7e, 0x1, &(0x7f0000000400)=[{&(0x7f0000000340)="b8a49e289a335aefe5267e68fb0bfd6a7e397f9adc2c98ac7630711b51cd09c4ab45387425b7df57cf2d87b73605475bebbb52e74df47529fc04d77494d69efb03594c4286bff9b38874b5f2803d5bf94412a64b606dc6b6f00dbe5c5a5194975e55549708b22b59c4759f428211e88e64dcf22e231dca71a7f189c073f98b40cab80b3353c82c8bcbd65aa6fcc56c2d14ed710e8e4b59dceef24a428620fff1ae4826fb4297982e9e", 0xa9, 0xffffffff995ce781}], 0x848002, &(0x7f0000000440)={[{@discard}], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_eq}, {@smackfshat={'smackfshat', 0x3d, '!'}}]}) 08:40:25 executing program 5: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) open(&(0x7f0000000080)='./bus\x00', 0x80, 0x8) fcntl$setstatus(r0, 0x4, 0x6900) r1 = open(&(0x7f0000002000)='./bus\x00', 0x14b042, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000f, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ftruncate(r1, 0x2008002) r3 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) sendfile(r0, r3, 0x0, 0x8400fffffffa) ioctl$F2FS_IOC_START_ATOMIC_WRITE(0xffffffffffffffff, 0xf501, 0x0) [ 248.628974][T24052] loop5: detected capacity change from 0 to 264192 [ 248.635477][T23925] print_req_error: 151 callbacks suppressed [ 248.635509][T23925] blk_update_request: I/O error, dev loop3, sector 264064 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 248.636856][T24052] FAT-fs (loop5): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 248.638457][ T704] blk_update_request: I/O error, dev loop3, sector 264064 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 248.641409][ T704] buffer_io_error: 108 callbacks suppressed [ 248.641418][ T704] Buffer I/O error on dev loop3p2, logical block 33008, async page read [ 248.645587][T23960] blk_update_request: I/O error, dev loop3, sector 264064 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 248.647466][ T704] blk_update_request: I/O error, dev loop3, sector 264064 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 248.649560][ T704] Buffer I/O error on dev loop3p4, logical block 33008, async page read [ 248.652197][T23929] blk_update_request: I/O error, dev loop3, sector 264033 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 248.654106][ T704] blk_update_request: I/O error, dev loop3, sector 264033 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 248.656246][ T704] Buffer I/O error on dev loop3p3, logical block 263808, async page read [ 248.657777][ T1769] __loop_clr_fd: partition scan of loop3 failed (rc=-16) [ 248.659104][T23962] blk_update_request: I/O error, dev loop3, sector 495 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 248.672142][T24053] new mount options do not match the existing superblock, will be ignored [ 248.674600][ T704] blk_update_request: I/O error, dev loop3, sector 495 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 248.676502][ T704] Buffer I/O error on dev loop3p1, logical block 1, async page read [ 248.678924][T24053] loop4: detected capacity change from 0 to 158951 [ 248.680505][ T704] blk_update_request: I/O error, dev loop3, sector 264034 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 248.682443][ T704] Buffer I/O error on dev loop3p3, logical block 263809, async page read [ 248.683935][ T704] blk_update_request: I/O error, dev loop3, sector 264035 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 248.685675][ T704] Buffer I/O error on dev loop3p3, logical block 263810, async page read [ 248.687281][ T704] Buffer I/O error on dev loop3p3, logical block 263811, async page read [ 248.688809][ T704] Buffer I/O error on dev loop3p3, logical block 263812, async page read [ 248.690204][ T704] Buffer I/O error on dev loop3p3, logical block 263813, async page read [ 248.691643][ T704] Buffer I/O error on dev loop3p3, logical block 263814, async page read [ 248.742508][ T4470] FAT-fs (loop5): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 08:40:26 executing program 1 (fault-call:9 fault-nth:59): pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x0) 08:40:26 executing program 0: syz_read_part_table(0x1100000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:26 executing program 3: syz_read_part_table(0x8cffffff00000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:26 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, 0xffffffffffffffff, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x7e, 0x1, &(0x7f0000000400)=[{&(0x7f0000000340)="b8a49e289a335aefe5267e68fb0bfd6a7e397f9adc2c98ac7630711b51cd09c4ab45387425b7df57cf2d87b73605475bebbb52e74df47529fc04d77494d69efb03594c4286bff9b38874b5f2803d5bf94412a64b606dc6b6f00dbe5c5a5194975e55549708b22b59c4759f428211e88e64dcf22e231dca71a7f189c073f98b40cab80b3353c82c8bcbd65aa6fcc56c2d14ed710e8e4b59dceef24a428620fff1ae4826fb4297982e9e", 0xa9, 0xffffffff995ce781}], 0x848002, &(0x7f0000000440)={[{@discard}], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_eq}, {@smackfshat={'smackfshat', 0x3d, '!'}}]}) 08:40:26 executing program 5: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x0, 0x200000000011000}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000f, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat(r1, &(0x7f00000000c0)='\x00', 0xa400, 0x10) fcntl$setstatus(r0, 0x4, 0x6900) r2 = open(&(0x7f0000002000)='./bus\x00', 0x14b042, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000f, 0x12, r3, 0x0) preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ftruncate(r2, 0x2008002) r4 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000f, 0x12, r5, 0x0) preadv(r5, &(0x7f0000000280), 0x18, 0xd9f, 0x0) openat(r5, &(0x7f0000000080)='./file0\x00', 0x2, 0x0) sendfile(r0, r4, 0x0, 0x8400fffffffa) [ 248.998798][T24076] new mount options do not match the existing superblock, will be ignored [ 249.001197][T24076] loop4: detected capacity change from 0 to 158951 [ 249.010477][T24081] loop5: detected capacity change from 0 to 264192 [ 249.016999][T24081] FAT-fs (loop5): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 249.018640][T24083] loop0: detected capacity change from 0 to 264192 [ 249.021132][T24086] loop3: detected capacity change from 0 to 264192 [ 249.043486][T24083] loop0: p1 p2 p3 p4 [ 249.044625][T24083] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 249.048391][T24083] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 249.051208][T24083] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 249.063424][T24086] loop3: p1 p2 p3 p4 [ 249.063757][T24098] netlink: 1312 bytes leftover after parsing attributes in process `syz-executor.1'. [ 249.064518][T24086] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 249.066333][T24098] FAULT_INJECTION: forcing a failure. [ 249.066333][T24098] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 249.067531][T24086] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 249.069292][T24098] CPU: 1 PID: 24098 Comm: syz-executor.1 Not tainted 5.13.0-rc5-syzkaller #0 [ 249.071565][T24086] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 249.071783][T24098] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 249.071793][T24098] Call Trace: [ 249.074910][T24098] dump_stack+0x137/0x19d [ 249.075769][T24098] should_fail+0x23c/0x250 [ 249.076574][T24098] __alloc_pages+0x102/0x320 [ 249.077463][T24098] __vmalloc_node_range+0x319/0x5b0 [ 249.078312][T24098] ? netlink_sendmsg+0x425/0x7c0 [ 249.079170][T24098] vmalloc+0x5a/0x70 [ 249.079893][T24098] ? netlink_sendmsg+0x425/0x7c0 [ 249.080692][T24098] netlink_sendmsg+0x425/0x7c0 [ 249.081533][T24098] ? netlink_getsockopt+0x720/0x720 [ 249.082487][T24098] kernel_sendmsg+0x97/0xd0 [ 249.083229][T24098] sock_no_sendpage+0x84/0xb0 [ 249.084078][T24098] ? __receive_sock+0x20/0x20 [ 249.084946][T24098] kernel_sendpage+0x187/0x200 [ 249.085681][T24098] ? __receive_sock+0x20/0x20 [ 249.086639][T24098] sock_sendpage+0x5a/0x70 [ 249.087427][T24098] pipe_to_sendpage+0x128/0x160 [ 249.088592][T24098] ? sock_fasync+0xc0/0xc0 [ 249.089391][T24098] __splice_from_pipe+0x207/0x500 [ 249.090138][T24098] ? generic_splice_sendpage+0xb0/0xb0 [ 249.091035][T24098] generic_splice_sendpage+0x80/0xb0 [ 249.091856][T24098] ? iter_file_splice_write+0x750/0x750 08:40:26 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x7e, 0x1, &(0x7f0000000400)=[{&(0x7f0000000340)="b8a49e289a335aefe5267e68fb0bfd6a7e397f9adc2c98ac7630711b51cd09c4ab45387425b7df57cf2d87b73605475bebbb52e74df47529fc04d77494d69efb03594c4286bff9b38874b5f2803d5bf94412a64b606dc6b6f00dbe5c5a5194975e55549708b22b59c4759f428211e88e64dcf22e231dca71a7f189c073f98b40cab80b3353c82c8bcbd65aa6fcc56c2d14ed710e8e4b59dceef24a428620fff1ae4826fb4297982e9e", 0xa9, 0xffffffff995ce781}], 0x848002, &(0x7f0000000440)={[{@discard}], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_eq}, {@smackfshat={'smackfshat', 0x3d, '!'}}]}) [ 249.092855][T24098] do_splice+0x9aa/0xd30 [ 249.093846][T24098] ? vfs_write+0x50c/0x770 [ 249.094799][T24098] ? __fget_light+0x21b/0x260 [ 249.095590][T24098] __se_sys_splice+0x2a6/0x390 [ 249.096368][T24098] __x64_sys_splice+0x74/0x80 [ 249.097148][T24098] do_syscall_64+0x4a/0x90 [ 249.097896][T24098] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 249.098871][T24098] RIP: 0033:0x4665d9 [ 249.099454][T24098] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 249.102653][T24098] RSP: 002b:00007f94c660c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 249.103973][T24098] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665d9 [ 249.105223][T24098] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003 [ 249.106651][T24098] RBP: 00007f94c660c1d0 R08: 000200000000e228 R09: 0000000000000000 [ 249.107797][T24098] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 249.108980][T24098] R13: 00007ffc46e01fdf R14: 00007f94c660c300 R15: 0000000000022000 08:40:26 executing program 5: r0 = openat$sysfs(0xffffff9c, &(0x7f0000000140)='/sys/kernel/kexec_crash_size', 0x0, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f00000000c0)={0x84, @dev={0xac, 0x14, 0x14, 0x41}, 0x4e23, 0x1, 'none\x00', 0x31, 0x1, 0xf}, 0x2c) r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/llc/core\x00') write$tcp_mem(r1, &(0x7f0000000000)={0x0, 0x20, 0x5, 0x20, 0x0, 0xa}, 0x48) 08:40:26 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x7e, 0x1, &(0x7f0000000400)=[{&(0x7f0000000340)="b8a49e289a335aefe5267e68fb0bfd6a7e397f9adc2c98ac7630711b51cd09c4ab45387425b7df57cf2d87b73605475bebbb52e74df47529fc04d77494d69efb03594c4286bff9b38874b5f2803d5bf94412a64b606dc6b6f00dbe5c5a5194975e55549708b22b59c4759f428211e88e64dcf22e231dca71a7f189c073f98b40cab80b3353c82c8bcbd65aa6fcc56c2d14ed710e8e4b59dceef24a428620fff1ae4826fb4297982e9e", 0xa9, 0xffffffff995ce781}], 0x848002, &(0x7f0000000440)={[{@discard}], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_eq}, {@smackfshat={'smackfshat', 0x3d, '!'}}]}) 08:40:26 executing program 3: syz_read_part_table(0x97ffffff00000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 249.142020][T24111] new mount options do not match the existing superblock, will be ignored [ 249.144163][T24111] loop4: detected capacity change from 0 to 158951 [ 249.151271][ T1768] FAT-fs (loop5): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 249.213228][T24083] loop0: detected capacity change from 0 to 264192 [ 249.239512][T24131] new mount options do not match the existing superblock, will be ignored [ 249.243960][T24083] loop0: p1 p2 p3 p4 [ 249.245482][T24083] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 249.246253][T24131] loop4: detected capacity change from 0 to 158951 [ 249.247004][T24083] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 249.249844][T24083] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 249.252293][T24138] loop3: detected capacity change from 0 to 264192 [ 249.295817][ T1135] loop0: p1 p2 p3 p4 [ 249.297212][ T1135] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 249.300624][T24138] loop3: p1 p2 p3 p4 [ 249.303106][T24138] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 249.304718][T24138] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 249.306707][T24138] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 249.307051][ T1135] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 249.311509][ T1135] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 249.366322][T24138] loop3: detected capacity change from 0 to 264192 [ 249.414837][T24138] loop3: p1 p2 p3 p4 [ 249.416755][T24138] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 249.418886][T24138] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 249.420807][T24138] loop3: p4 size 3657465856 extends beyond EOD, truncated 08:40:26 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0xc00) 08:40:26 executing program 5: set_mempolicy(0x2, &(0x7f00000000c0)=0xfffffffffffffb75, 0x4) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) set_mempolicy(0x0, &(0x7f0000000040)=0x5, 0x1) sendmmsg$unix(r0, &(0x7f0000000840)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=[@rights={{0x14, 0x1, 0x1, [r0]}}], 0x18}], 0x1, 0x0) 08:40:26 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x7e, 0x1, &(0x7f0000000400)=[{&(0x7f0000000340)="b8a49e289a335aefe5267e68fb0bfd6a7e397f9adc2c98ac7630711b51cd09c4ab45387425b7df57cf2d87b73605475bebbb52e74df47529fc04d77494d69efb03594c4286bff9b38874b5f2803d5bf94412a64b606dc6b6f00dbe5c5a5194975e55549708b22b59c4759f428211e88e64dcf22e231dca71a7f189c073f98b40cab80b3353c82c8bcbd65aa6fcc56c2d14ed710e8e4b59dceef24a428620fff1ae4826fb4297982e9e", 0xa9, 0xffffffff995ce781}], 0x848002, &(0x7f0000000440)={[{@discard}], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_eq}, {@smackfshat={'smackfshat', 0x3d, '!'}}]}) [ 249.512879][T24194] new mount options do not match the existing superblock, will be ignored [ 249.515765][T24194] loop4: detected capacity change from 0 to 158951 08:40:27 executing program 1 (fault-call:9 fault-nth:60): pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x0) 08:40:27 executing program 0: syz_read_part_table(0x1200000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:27 executing program 3: syz_read_part_table(0xa1ffffff00000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:27 executing program 5: pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)={0x14, 0x13, 0x0, 0x3}, 0x14}}, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket$nl_route(0x10, 0x3, 0x0) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x4000010, r3, 0x0) preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r4 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x100, 0x9e) close(r4) splice(r0, 0x0, r2, 0x0, 0x4ffe6, 0x0) 08:40:27 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, 0x0, 0x0, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x7e, 0x1, &(0x7f0000000400)=[{&(0x7f0000000340)="b8a49e289a335aefe5267e68fb0bfd6a7e397f9adc2c98ac7630711b51cd09c4ab45387425b7df57cf2d87b73605475bebbb52e74df47529fc04d77494d69efb03594c4286bff9b38874b5f2803d5bf94412a64b606dc6b6f00dbe5c5a5194975e55549708b22b59c4759f428211e88e64dcf22e231dca71a7f189c073f98b40cab80b3353c82c8bcbd65aa6fcc56c2d14ed710e8e4b59dceef24a428620fff1ae4826fb4297982e9e", 0xa9, 0xffffffff995ce781}], 0x848002, &(0x7f0000000440)={[{@discard}], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_eq}, {@smackfshat={'smackfshat', 0x3d, '!'}}]}) [ 249.857949][T24213] new mount options do not match the existing superblock, will be ignored [ 249.863393][T24213] loop4: detected capacity change from 0 to 158951 [ 249.864658][T24216] loop3: detected capacity change from 0 to 264192 [ 249.873278][T24224] loop0: detected capacity change from 0 to 264192 [ 249.906607][T24216] loop3: p1 p2 p3 p4 [ 249.912379][T24224] loop0: p1 p2 p3 p4 [ 249.913944][T24224] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 249.915353][T24224] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 249.916897][T24216] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 249.917899][T24237] netlink: 1312 bytes leftover after parsing attributes in process `syz-executor.1'. [ 249.919341][T24216] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 249.920068][T24237] FAULT_INJECTION: forcing a failure. [ 249.920068][T24237] name failslab, interval 1, probability 0, space 0, times 0 [ 249.921725][T24224] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 249.922475][T24237] CPU: 0 PID: 24237 Comm: syz-executor.1 Not tainted 5.13.0-rc5-syzkaller #0 [ 249.924800][T24237] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 249.925579][T24216] loop3: p4 size 3657465856 extends beyond EOD, [ 249.926349][T24237] Call Trace: [ 249.926367][T24237] dump_stack+0x137/0x19d [ 249.927288][T24216] truncated [ 249.928880][T24237] should_fail+0x23c/0x250 [ 249.929543][T24237] ? __build_skb+0x2d/0x170 [ 249.930290][T24237] __should_failslab+0x81/0x90 [ 249.931097][T24237] should_failslab+0x5/0x20 [ 249.931865][T24237] kmem_cache_alloc+0x46/0x2f0 [ 249.932730][T24237] __build_skb+0x2d/0x170 [ 249.933583][T24237] netlink_sendmsg+0x443/0x7c0 [ 249.934480][T24237] ? netlink_getsockopt+0x720/0x720 [ 249.935274][T24237] kernel_sendmsg+0x97/0xd0 [ 249.936021][T24237] sock_no_sendpage+0x84/0xb0 [ 249.936816][T24237] ? __receive_sock+0x20/0x20 [ 249.937574][T24237] kernel_sendpage+0x187/0x200 [ 249.938292][T24237] ? __receive_sock+0x20/0x20 [ 249.938975][T24237] sock_sendpage+0x5a/0x70 [ 249.939737][T24237] pipe_to_sendpage+0x128/0x160 [ 249.940407][T24237] ? sock_fasync+0xc0/0xc0 [ 249.941179][T24237] __splice_from_pipe+0x207/0x500 [ 249.941915][T24237] ? generic_splice_sendpage+0xb0/0xb0 [ 249.942793][T24237] generic_splice_sendpage+0x80/0xb0 [ 249.943645][T24237] ? iter_file_splice_write+0x750/0x750 [ 249.944483][T24237] do_splice+0x9aa/0xd30 [ 249.945147][T24237] ? vfs_write+0x50c/0x770 [ 249.945929][T24237] ? __fget_light+0x21b/0x260 [ 249.946641][T24237] __se_sys_splice+0x2a6/0x390 [ 249.947383][T24237] __x64_sys_splice+0x74/0x80 [ 249.948097][T24237] do_syscall_64+0x4a/0x90 [ 249.948948][T24237] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 249.950213][T24237] RIP: 0033:0x4665d9 [ 249.950819][T24237] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 249.953805][T24237] RSP: 002b:00007f94c660c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 249.955371][T24237] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665d9 08:40:27 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, 0x0, 0x0, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x7e, 0x1, &(0x7f0000000400)=[{&(0x7f0000000340)="b8a49e289a335aefe5267e68fb0bfd6a7e397f9adc2c98ac7630711b51cd09c4ab45387425b7df57cf2d87b73605475bebbb52e74df47529fc04d77494d69efb03594c4286bff9b38874b5f2803d5bf94412a64b606dc6b6f00dbe5c5a5194975e55549708b22b59c4759f428211e88e64dcf22e231dca71a7f189c073f98b40cab80b3353c82c8bcbd65aa6fcc56c2d14ed710e8e4b59dceef24a428620fff1ae4826fb4297982e9e", 0xa9, 0xffffffff995ce781}], 0x848002, &(0x7f0000000440)={[{@discard}], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_eq}, {@smackfshat={'smackfshat', 0x3d, '!'}}]}) [ 249.956579][T24237] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003 [ 249.957809][T24237] RBP: 00007f94c660c1d0 R08: 000200000000e228 R09: 0000000000000000 [ 249.958930][T24237] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 249.960199][T24237] R13: 00007ffc46e01fdf R14: 00007f94c660c300 R15: 0000000000022000 08:40:27 executing program 0: syz_read_part_table(0x1300000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 249.987429][T24246] new mount options do not match the existing superblock, will be ignored [ 249.991217][T24246] loop4: detected capacity change from 0 to 158951 [ 250.002010][T24216] loop3: detected capacity change from 0 to 264192 08:40:27 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, 0x0, 0x0, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x7e, 0x1, &(0x7f0000000400)=[{&(0x7f0000000340)="b8a49e289a335aefe5267e68fb0bfd6a7e397f9adc2c98ac7630711b51cd09c4ab45387425b7df57cf2d87b73605475bebbb52e74df47529fc04d77494d69efb03594c4286bff9b38874b5f2803d5bf94412a64b606dc6b6f00dbe5c5a5194975e55549708b22b59c4759f428211e88e64dcf22e231dca71a7f189c073f98b40cab80b3353c82c8bcbd65aa6fcc56c2d14ed710e8e4b59dceef24a428620fff1ae4826fb4297982e9e", 0xa9, 0xffffffff995ce781}], 0x848002, &(0x7f0000000440)={[{@discard}], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_eq}, {@smackfshat={'smackfshat', 0x3d, '!'}}]}) [ 250.055490][T24216] loop3: p1 p2 p3 p4 [ 250.068002][T24216] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 250.090459][T24216] loop3: p3 size 1912633224 extends beyond EOD, truncated 08:40:27 executing program 3: syz_read_part_table(0xa526000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 250.103361][T24269] loop0: detected capacity change from 0 to 264192 [ 250.108752][T24216] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 250.111413][T24270] new mount options do not match the existing superblock, will be ignored [ 250.135585][T24270] loop4: detected capacity change from 0 to 158951 [ 250.152669][T24269] loop0: p1 p2 p3 p4 [ 250.165135][T24269] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 250.172796][T24269] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 250.180349][T24269] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 250.198458][ T1769] __loop_clr_fd: partition scan of loop3 failed (rc=-16) [ 250.240112][T24269] loop0: detected capacity change from 0 to 264192 [ 250.258555][T24303] loop3: detected capacity change from 0 to 264192 [ 250.266590][T24269] loop0: p1 p2 p3 p4 [ 250.271075][T24269] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 250.279159][T24269] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 250.286978][T24269] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 250.302256][T24303] loop_reread_partitions: partition scan of loop3 () failed (rc=-16) 08:40:27 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0xd00) 08:40:27 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x7e, 0x1, &(0x7f0000000400)=[{&(0x7f0000000340)="b8a49e289a335aefe5267e68fb0bfd6a7e397f9adc2c98ac7630711b51cd09c4ab45387425b7df57cf2d87b73605475bebbb52e74df47529fc04d77494d69efb03594c4286bff9b38874b5f2803d5bf94412a64b606dc6b6f00dbe5c5a5194975e55549708b22b59c4759f428211e88e64dcf22e231dca71a7f189c073f98b40cab80b3353c82c8bcbd65aa6fcc56c2d14ed710e8e4b59dceef24a428620fff1ae4826fb4297982e9e", 0xa9, 0xffffffff995ce781}], 0x848002, &(0x7f0000000440)={[{@discard}], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_eq}, {@smackfshat={'smackfshat', 0x3d, '!'}}]}) 08:40:27 executing program 0: syz_read_part_table(0x2000000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 250.370221][T24319] new mount options do not match the existing superblock, will be ignored [ 250.379439][T24319] loop4: detected capacity change from 0 to 158951 [ 250.441411][T24337] loop0: detected capacity change from 0 to 264192 [ 250.472447][T24337] loop0: p1 p2 p3 p4 [ 250.476860][T24337] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 250.484717][T24337] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 250.492681][T24337] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 250.546780][T24337] loop0: detected capacity change from 0 to 264192 [ 250.592478][T24337] loop0: p1 p2 p3 p4 [ 250.596999][T24337] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 250.605373][T24337] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 250.613286][T24337] loop0: p4 size 3657465856 extends beyond EOD, truncated 08:40:27 executing program 1 (fault-call:9 fault-nth:61): pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x0) 08:40:27 executing program 3: syz_read_part_table(0xa5ffffff00000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:27 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x7e, 0x1, &(0x7f0000000400)=[{&(0x7f0000000340)="b8a49e289a335aefe5267e68fb0bfd6a7e397f9adc2c98ac7630711b51cd09c4ab45387425b7df57cf2d87b73605475bebbb52e74df47529fc04d77494d69efb03594c4286bff9b38874b5f2803d5bf94412a64b606dc6b6f00dbe5c5a5194975e55549708b22b59c4759f428211e88e64dcf22e231dca71a7f189c073f98b40cab80b3353c82c8bcbd65aa6fcc56c2d14ed710e8e4b59dceef24a428620fff1ae4826fb4297982e9e", 0xa9, 0xffffffff995ce781}], 0x848002, &(0x7f0000000440)={[{@discard}], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_eq}, {@smackfshat={'smackfshat', 0x3d, '!'}}]}) 08:40:27 executing program 0: syz_read_part_table(0x2400000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:27 executing program 5: perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0xd0c04400, 0x0, 0x0, 0x0, 0x0) clone(0x0, &(0x7f0000000000), 0x0, &(0x7f0000000100), 0x0) fork() sched_setaffinity(0x0, 0x0, 0x0) getpid() openat$vcsa(0xffffffffffffff9c, &(0x7f0000000480), 0x4000, 0x0) clone3(&(0x7f00000004c0)={0x0, 0xfffffffffffffffc, &(0x7f0000000080), &(0x7f00000000c0), {0x39}, 0x0, 0x0, &(0x7f0000000780)=""/4085, &(0x7f00000001c0)=[0x0], 0x1}, 0x58) getpgrp(0x0) ptrace(0x8, 0x0) r0 = gettid() tkill(r0, 0x34) wait4(r0, 0x0, 0x80000000, 0x0) ioctl$sock_inet6_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000140)={@mcast2, @remote, @private1={0xfc, 0x1, '\x00', 0x1}}) [ 250.790392][T24372] new mount options do not match the existing superblock, will be ignored [ 250.790583][T24368] loop3: detected capacity change from 0 to 264192 [ 250.802143][T24372] loop4: detected capacity change from 0 to 158951 [ 250.808048][T24373] loop0: detected capacity change from 0 to 264192 [ 250.822695][T24368] loop3: p1 p2 p3 p4 [ 250.827391][T24368] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 250.835566][T24368] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 250.843178][T24373] loop0: p1 p2 p3 p4 [ 250.847784][T24373] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 250.853431][T24368] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 250.855576][T24373] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 250.872084][T24373] loop0: p4 size 3657465856 extends beyond EOD, truncated 08:40:28 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x7e, 0x1, &(0x7f0000000400)=[{&(0x7f0000000340)="b8a49e289a335aefe5267e68fb0bfd6a7e397f9adc2c98ac7630711b51cd09c4ab45387425b7df57cf2d87b73605475bebbb52e74df47529fc04d77494d69efb03594c4286bff9b38874b5f2803d5bf94412a64b606dc6b6f00dbe5c5a5194975e55549708b22b59c4759f428211e88e64dcf22e231dca71a7f189c073f98b40cab80b3353c82c8bcbd65aa6fcc56c2d14ed710e8e4b59dceef24a428620fff1ae4826fb4297982e9e", 0xa9, 0xffffffff995ce781}], 0x848002, &(0x7f0000000440)={[{@discard}], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_eq}, {@smackfshat={'smackfshat', 0x3d, '!'}}]}) [ 250.882818][T24395] netlink: 1312 bytes leftover after parsing attributes in process `syz-executor.1'. [ 250.900960][T24395] FAULT_INJECTION: forcing a failure. [ 250.900960][T24395] name failslab, interval 1, probability 0, space 0, times 0 [ 250.913585][T24395] CPU: 0 PID: 24395 Comm: syz-executor.1 Not tainted 5.13.0-rc5-syzkaller #0 [ 250.922340][T24395] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 250.932385][T24395] Call Trace: [ 250.935718][T24395] dump_stack+0x137/0x19d 08:40:28 executing program 5: prlimit64(0x0, 0xa, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) sched_setattr(r0, &(0x7f0000000240)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x2, 0x10000022, 0x720, 0x3ff, 0x100, 0xef, 0x0, 0x2, 0x8}, 0x0) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = fork() sched_setattr(r3, &(0x7f0000000100)={0x38, 0x6, 0x8, 0x5161, 0x2, 0x800, 0x1, 0x600000000, 0x4}, 0x0) getpid() r4 = open(&(0x7f0000000140)='./bus\x00', 0x1612c2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000000)={0x0}, &(0x7f0000000040)=0xc) rt_tgsigqueueinfo(r0, r5, 0x19, &(0x7f0000000180)={0x9, 0x6, 0x7fff}) r6 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/timer_list\x00', 0x0, 0x0) sendfile(r4, r6, 0x0, 0x4000000000010046) 08:40:28 executing program 0: syz_read_part_table(0x2500000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 250.940057][T24395] should_fail+0x23c/0x250 [ 250.944543][T24395] __should_failslab+0x81/0x90 [ 250.949321][T24395] should_failslab+0x5/0x20 [ 250.953815][T24395] kmem_cache_alloc_node+0x58/0x2b0 [ 250.959014][T24395] ? alloc_vmap_area+0x12f/0x1340 [ 250.964030][T24395] alloc_vmap_area+0x12f/0x1340 [ 250.968875][T24395] ? kmem_cache_alloc_node_trace+0x1f6/0x2e0 [ 250.974904][T24395] __get_vm_area_node+0x165/0x260 [ 250.979925][T24395] __vmalloc_node_range+0xc2/0x5b0 [ 250.985032][T24395] ? netlink_sendmsg+0x425/0x7c0 [ 250.989973][T24395] ? selinux_socket_getpeersec_dgram+0x1f4/0x250 [ 250.990976][T24407] new mount options do not match the existing superblock, will be ignored [ 250.996365][T24395] ? netlink_sendmsg+0x425/0x7c0 [ 250.996388][T24395] vmalloc+0x5a/0x70 [ 251.006264][T24407] loop4: detected capacity change from 0 to 158951 [ 251.009797][T24395] ? netlink_sendmsg+0x425/0x7c0 [ 251.009821][T24395] netlink_sendmsg+0x425/0x7c0 [ 251.029888][T24395] ? netlink_getsockopt+0x720/0x720 [ 251.035112][T24395] kernel_sendmsg+0x97/0xd0 08:40:28 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000300)='./file0\x00', 0x7e, 0x1, &(0x7f0000000400)=[{&(0x7f0000000340)="b8a49e289a335aefe5267e68fb0bfd6a7e397f9adc2c98ac7630711b51cd09c4ab45387425b7df57cf2d87b73605475bebbb52e74df47529fc04d77494d69efb03594c4286bff9b38874b5f2803d5bf94412a64b606dc6b6f00dbe5c5a5194975e55549708b22b59c4759f428211e88e64dcf22e231dca71a7f189c073f98b40cab80b3353c82c8bcbd65aa6fcc56c2d14ed710e8e4b59dceef24a428620fff1ae4826fb4297982e9e", 0xa9, 0xffffffff995ce781}], 0x848002, &(0x7f0000000440)={[{@discard}], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_eq}, {@smackfshat={'smackfshat', 0x3d, '!'}}]}) [ 251.039611][T24395] sock_no_sendpage+0x84/0xb0 [ 251.044375][T24395] ? __receive_sock+0x20/0x20 [ 251.049090][T24395] kernel_sendpage+0x187/0x200 [ 251.053846][T24395] ? __receive_sock+0x20/0x20 [ 251.058584][T24395] sock_sendpage+0x5a/0x70 [ 251.062986][T24395] pipe_to_sendpage+0x128/0x160 [ 251.067856][T24395] ? sock_fasync+0xc0/0xc0 [ 251.072268][T24395] __splice_from_pipe+0x207/0x500 [ 251.077353][T24395] ? generic_splice_sendpage+0xb0/0xb0 [ 251.082915][T24395] generic_splice_sendpage+0x80/0xb0 [ 251.088288][T24395] ? iter_file_splice_write+0x750/0x750 [ 251.093832][T24395] do_splice+0x9aa/0xd30 [ 251.098095][T24395] ? vfs_write+0x50c/0x770 [ 251.102509][T24395] ? __fget_light+0x21b/0x260 [ 251.107300][T24395] __se_sys_splice+0x2a6/0x390 [ 251.112095][T24395] __x64_sys_splice+0x74/0x80 [ 251.116759][T24395] do_syscall_64+0x4a/0x90 [ 251.121184][T24395] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 251.127197][T24395] RIP: 0033:0x4665d9 [ 251.131075][T24395] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 251.150764][T24395] RSP: 002b:00007f94c660c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 251.159223][T24395] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665d9 [ 251.167205][T24395] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003 [ 251.175235][T24395] RBP: 00007f94c660c1d0 R08: 000200000000e228 R09: 0000000000000000 [ 251.183200][T24395] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 251.191234][T24395] R13: 00007ffc46e01fdf R14: 00007f94c660c300 R15: 0000000000022000 [ 251.199230][T24395] warn_alloc: 3 callbacks suppressed [ 251.199239][T24395] syz-executor.1: vmalloc size 4416 allocation failure: vm_struct allocation failed, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0 [ 251.219754][T24395] CPU: 0 PID: 24395 Comm: syz-executor.1 Not tainted 5.13.0-rc5-syzkaller #0 [ 251.228500][T24395] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 251.238538][T24395] Call Trace: [ 251.241831][T24395] dump_stack+0x137/0x19d [ 251.246187][T24395] warn_alloc+0x105/0x160 [ 251.250506][T24395] ? kfree+0xf0/0x1d0 [ 251.254487][T24395] __vmalloc_node_range+0x222/0x5b0 [ 251.259702][T24395] ? selinux_socket_getpeersec_dgram+0x1f4/0x250 [ 251.266075][T24395] ? netlink_sendmsg+0x425/0x7c0 [ 251.271022][T24395] vmalloc+0x5a/0x70 [ 251.274985][T24395] ? netlink_sendmsg+0x425/0x7c0 [ 251.279924][T24395] netlink_sendmsg+0x425/0x7c0 [ 251.284762][T24395] ? netlink_getsockopt+0x720/0x720 [ 251.290028][T24395] kernel_sendmsg+0x97/0xd0 [ 251.294595][T24395] sock_no_sendpage+0x84/0xb0 [ 251.299261][T24395] ? __receive_sock+0x20/0x20 [ 251.304097][T24395] kernel_sendpage+0x187/0x200 [ 251.308857][T24395] ? __receive_sock+0x20/0x20 [ 251.313526][T24395] sock_sendpage+0x5a/0x70 [ 251.317938][T24395] pipe_to_sendpage+0x128/0x160 [ 251.322791][T24395] ? sock_fasync+0xc0/0xc0 [ 251.327198][T24395] __splice_from_pipe+0x207/0x500 [ 251.332217][T24395] ? generic_splice_sendpage+0xb0/0xb0 [ 251.337726][T24395] generic_splice_sendpage+0x80/0xb0 [ 251.343004][T24395] ? iter_file_splice_write+0x750/0x750 [ 251.348543][T24395] do_splice+0x9aa/0xd30 [ 251.352777][T24395] ? vfs_write+0x50c/0x770 [ 251.357247][T24395] ? __fget_light+0x21b/0x260 [ 251.361906][T24395] __se_sys_splice+0x2a6/0x390 [ 251.366710][T24395] __x64_sys_splice+0x74/0x80 [ 251.371407][T24395] do_syscall_64+0x4a/0x90 [ 251.375819][T24395] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 251.381728][T24395] RIP: 0033:0x4665d9 [ 251.385609][T24395] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 251.405204][T24395] RSP: 002b:00007f94c660c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 251.413619][T24395] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665d9 [ 251.421570][T24395] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003 [ 251.429559][T24395] RBP: 00007f94c660c1d0 R08: 000200000000e228 R09: 0000000000000000 08:40:28 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0xe00) [ 251.437516][T24395] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 251.445474][T24395] R13: 00007ffc46e01fdf R14: 00007f94c660c300 R15: 0000000000022000 [ 251.453587][T24395] Mem-Info: [ 251.456683][T24395] active_anon:138 inactive_anon:88029 isolated_anon:0 [ 251.456683][T24395] active_file:5354 inactive_file:31849 isolated_file:0 [ 251.456683][T24395] unevictable:0 dirty:330 writeback:0 [ 251.456683][T24395] slab_reclaimable:4115 slab_unreclaimable:6794 [ 251.456683][T24395] mapped:62345 shmem:5503 pagetables:4230 bounce:0 [ 251.456683][T24395] free:1826120 free_pcp:526 free_cma:0 [ 251.493522][T24395] Node 0 active_anon:552kB inactive_anon:352232kB active_file:21416kB inactive_file:127396kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:249496kB dirty:1320kB writeback:0kB shmem:22012kB writeback_tmp:0kB kernel_stack:3696kB pagetables:16920kB all_unreclaimable? no [ 251.520296][T24395] Node 0 DMA free:15360kB min:20kB low:32kB high:44kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 251.546231][T24395] lowmem_reserve[]: 0 2938 7916 7916 [ 251.551606][T24395] Node 0 DMA32 free:3013476kB min:4220kB low:7228kB high:10236kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:3013528kB mlocked:0kB bounce:0kB free_pcp:52kB local_pcp:52kB free_cma:0kB [ 251.579122][T24395] lowmem_reserve[]: 0 0 4978 4978 [ 251.584343][T24395] Node 0 Normal free:4274888kB min:7152kB low:12248kB high:17344kB reserved_highatomic:0KB active_anon:552kB inactive_anon:352928kB active_file:21416kB inactive_file:127396kB unevictable:0kB writepending:1320kB present:5242880kB managed:5098252kB mlocked:0kB bounce:0kB free_pcp:1780kB local_pcp:748kB free_cma:0kB [ 251.613852][T24395] lowmem_reserve[]: 0 0 0 0 [ 251.618361][T24395] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 251.630932][T24395] Node 0 DMA32: 5*4kB (M) 2*8kB (M) 4*16kB (M) 4*32kB (M) 6*64kB (M) 4*128kB (M) 5*256kB (M) 5*512kB (M) 4*1024kB (M) 1*2048kB (M) 733*4096kB (M) = 3013476kB [ 251.646914][T24395] Node 0 Normal: 6*4kB (UM) 12*8kB (UME) 17*16kB (UE) 130*32kB (UME) 78*64kB (UME) 43*128kB (UME) 24*256kB (UM) 14*512kB (UM) 7*1024kB (ME) 4*2048kB (UME) 1033*4096kB (UM) = 4274888kB [ 251.665164][T24395] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 251.674457][T24395] 21332 total pagecache pages [ 251.679124][T24395] 0 pages in swap cache [ 251.683326][T24395] Swap cache stats: add 0, delete 0, find 0/0 [ 251.689463][T24395] Free swap = 0kB 08:40:28 executing program 1: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x0) [ 251.693183][T24395] Total swap = 0kB [ 251.697036][T24395] 2097051 pages RAM [ 251.700809][T24395] 0 pages HighMem/MovableOnly [ 251.705481][T24395] 65266 pages reserved 08:40:28 executing program 3: syz_read_part_table(0xa6ffffff00000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 251.757338][T24433] new mount options do not match the existing superblock, will be ignored [ 251.767240][T24433] loop4: detected capacity change from 0 to 158951 [ 251.767981][T24409] loop0: detected capacity change from 0 to 264192 08:40:28 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000300)='./file0\x00', 0x7e, 0x1, &(0x7f0000000400)=[{&(0x7f0000000340)="b8a49e289a335aefe5267e68fb0bfd6a7e397f9adc2c98ac7630711b51cd09c4ab45387425b7df57cf2d87b73605475bebbb52e74df47529fc04d77494d69efb03594c4286bff9b38874b5f2803d5bf94412a64b606dc6b6f00dbe5c5a5194975e55549708b22b59c4759f428211e88e64dcf22e231dca71a7f189c073f98b40cab80b3353c82c8bcbd65aa6fcc56c2d14ed710e8e4b59dceef24a428620fff1ae4826fb4297982e9e", 0xa9, 0xffffffff995ce781}], 0x848002, &(0x7f0000000440)={[{@discard}], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_eq}, {@smackfshat={'smackfshat', 0x3d, '!'}}]}) 08:40:28 executing program 5: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x20400, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000f, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$BLKROSET(r1, 0x125d, &(0x7f00000000c0)=0x6) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x3, &(0x7f0000000300)=[{&(0x7f0000000080)="20000000000100000c000000ce0000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef", 0x3a, 0x400}, {&(0x7f0000010400)="2e0000001300000023", 0x9, 0x800}, {&(0x7f0000012b00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x8c80}], 0x0, &(0x7f0000000040)={[{@resuid}]}) [ 251.806578][T24442] netlink: 1312 bytes leftover after parsing attributes in process `syz-executor.1'. [ 251.840411][T24409] loop0: p1 p2 p3 p4 [ 251.843646][T24452] new mount options do not match the existing superblock, will be ignored [ 251.845051][T24409] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 251.861621][T24409] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 251.877076][T24458] loop5: detected capacity change from 0 to 512 [ 251.877137][T24452] loop4: detected capacity change from 0 to 158951 [ 251.890373][T24458] EXT4-fs (loop5): warning: mounting unchecked fs, running e2fsck is recommended [ 251.892338][T24456] loop3: detected capacity change from 0 to 264192 08:40:29 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000300)='./file0\x00', 0x7e, 0x1, &(0x7f0000000400)=[{&(0x7f0000000340)="b8a49e289a335aefe5267e68fb0bfd6a7e397f9adc2c98ac7630711b51cd09c4ab45387425b7df57cf2d87b73605475bebbb52e74df47529fc04d77494d69efb03594c4286bff9b38874b5f2803d5bf94412a64b606dc6b6f00dbe5c5a5194975e55549708b22b59c4759f428211e88e64dcf22e231dca71a7f189c073f98b40cab80b3353c82c8bcbd65aa6fcc56c2d14ed710e8e4b59dceef24a428620fff1ae4826fb4297982e9e", 0xa9, 0xffffffff995ce781}], 0x848002, &(0x7f0000000440)={[{@discard}], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_eq}, {@smackfshat={'smackfshat', 0x3d, '!'}}]}) 08:40:29 executing program 0: syz_read_part_table(0x2600000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 251.912905][T24458] EXT4-fs (loop5): mounted filesystem without journal. Opts: resuid=0x0000000000000000,,errors=continue. Quota mode: none. [ 251.928624][T24409] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 251.946440][T24472] new mount options do not match the existing superblock, will be ignored 08:40:29 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', 0x0, 0x7e, 0x1, &(0x7f0000000400)=[{&(0x7f0000000340)="b8a49e289a335aefe5267e68fb0bfd6a7e397f9adc2c98ac7630711b51cd09c4ab45387425b7df57cf2d87b73605475bebbb52e74df47529fc04d77494d69efb03594c4286bff9b38874b5f2803d5bf94412a64b606dc6b6f00dbe5c5a5194975e55549708b22b59c4759f428211e88e64dcf22e231dca71a7f189c073f98b40cab80b3353c82c8bcbd65aa6fcc56c2d14ed710e8e4b59dceef24a428620fff1ae4826fb4297982e9e", 0xa9, 0xffffffff995ce781}], 0x848002, &(0x7f0000000440)={[{@discard}], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_eq}, {@smackfshat={'smackfshat', 0x3d, '!'}}]}) [ 251.965857][T24456] loop3: p1 p2 p3 p4 [ 251.967955][T24472] loop4: detected capacity change from 0 to 158951 [ 251.970671][T24456] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 252.006283][T24456] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 252.020494][T24489] loop0: detected capacity change from 0 to 264192 [ 252.046583][T24456] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 252.059417][T24493] new mount options do not match the existing superblock, will be ignored [ 252.087864][T24489] loop0: p1 p2 p3 p4 [ 252.094114][T24493] loop4: detected capacity change from 0 to 158951 [ 252.101222][T24489] loop0: p2 size 1073872896 extends beyond EOD, truncated 08:40:29 executing program 3: syz_read_part_table(0xa9ffffff00000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 252.133694][T24456] loop3: detected capacity change from 0 to 264192 [ 252.143444][T24489] loop0: p3 size 1912633224 extends beyond EOD, truncated 08:40:29 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', 0x0, 0x7e, 0x1, &(0x7f0000000400)=[{&(0x7f0000000340)="b8a49e289a335aefe5267e68fb0bfd6a7e397f9adc2c98ac7630711b51cd09c4ab45387425b7df57cf2d87b73605475bebbb52e74df47529fc04d77494d69efb03594c4286bff9b38874b5f2803d5bf94412a64b606dc6b6f00dbe5c5a5194975e55549708b22b59c4759f428211e88e64dcf22e231dca71a7f189c073f98b40cab80b3353c82c8bcbd65aa6fcc56c2d14ed710e8e4b59dceef24a428620fff1ae4826fb4297982e9e", 0xa9, 0xffffffff995ce781}], 0x848002, &(0x7f0000000440)={[{@discard}], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_eq}, {@smackfshat={'smackfshat', 0x3d, '!'}}]}) [ 252.175801][T24489] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 252.239778][T24514] new mount options do not match the existing superblock, will be ignored 08:40:29 executing program 0: syz_read_part_table(0x2e00000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 252.281476][T24514] loop4: detected capacity change from 0 to 158951 [ 252.300671][T24521] loop3: detected capacity change from 0 to 264192 08:40:29 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', 0x0, 0x7e, 0x1, &(0x7f0000000400)=[{&(0x7f0000000340)="b8a49e289a335aefe5267e68fb0bfd6a7e397f9adc2c98ac7630711b51cd09c4ab45387425b7df57cf2d87b73605475bebbb52e74df47529fc04d77494d69efb03594c4286bff9b38874b5f2803d5bf94412a64b606dc6b6f00dbe5c5a5194975e55549708b22b59c4759f428211e88e64dcf22e231dca71a7f189c073f98b40cab80b3353c82c8bcbd65aa6fcc56c2d14ed710e8e4b59dceef24a428620fff1ae4826fb4297982e9e", 0xa9, 0xffffffff995ce781}], 0x848002, &(0x7f0000000440)={[{@discard}], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_eq}, {@smackfshat={'smackfshat', 0x3d, '!'}}]}) [ 252.342771][T24521] loop3: p1 p2 p3 p4 [ 252.347764][T24521] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 252.364442][T24521] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 252.372102][T24521] loop3: p4 size 3657465856 extends beyond EOD, truncated 08:40:29 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0xf00) [ 252.427081][T24539] loop0: detected capacity change from 0 to 264192 [ 252.470730][T24545] new mount options do not match the existing superblock, will be ignored [ 252.472792][T24539] loop0: p1 p2 p3 p4 [ 252.489979][T24539] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 252.497923][T24539] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 252.505916][T24539] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 252.519998][T24545] loop4: detected capacity change from 0 to 158951 [ 252.534936][T24539] __loop_clr_fd: partition scan of loop0 failed (rc=-16) 08:40:29 executing program 1: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e2c0, 0x0) 08:40:29 executing program 3: syz_read_part_table(0xb403000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:29 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f0000000340)="b8a49e289a335aefe5267e68fb0bfd6a7e397f9adc2c98ac7630711b51cd09c4ab45387425b7df57cf2d87b73605475bebbb52e74df47529fc04d77494d69efb03594c4286bff9b38874b5f2803d5bf94412a64b606dc6b6f00dbe5c5a5194975e55549708b22b59c4759f428211e88e64dcf22e231dca71a7f189c073f98b40cab80b3353c82c8bcbd65aa6fcc56c2d14ed710e8e4b59dceef24a428620fff1ae4826fb4297982e9e", 0xa9, 0xffffffff995ce781}], 0x848002, &(0x7f0000000440)={[{@discard}], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_eq}, {@smackfshat={'smackfshat', 0x3d, '!'}}]}) [ 252.585093][T24539] loop0: detected capacity change from 0 to 264192 [ 252.629333][T24578] new mount options do not match the existing superblock, will be ignored [ 252.644217][T24577] loop3: detected capacity change from 0 to 264192 [ 252.650842][T24578] loop4: detected capacity change from 0 to 158951 [ 252.659412][T24539] loop0: p1 p2 p3 p4 [ 252.663906][T24539] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 252.671545][T24539] loop0: p3 size 1912633224 extends beyond EOD, truncated 08:40:29 executing program 0: syz_read_part_table(0x3e00000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:29 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x0, 0x0, 0x848002, &(0x7f0000000440)={[{@discard}], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_eq}, {@smackfshat={'smackfshat', 0x3d, '!'}}]}) [ 252.680164][T24539] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 252.681820][T24577] loop3: p1 p2 p3 p4 [ 252.703312][T24577] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 252.706518][T24594] netlink: 1312 bytes leftover after parsing attributes in process `syz-executor.1'. [ 252.711075][T24577] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 252.728055][T24577] loop3: p4 size 3657465856 extends beyond EOD, truncated 08:40:29 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x0, 0x0, 0x848002, &(0x7f0000000440)={[{@discard}], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_eq}, {@smackfshat={'smackfshat', 0x3d, '!'}}]}) 08:40:29 executing program 3: syz_read_part_table(0xbfffffff00000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 252.776307][T24609] new mount options do not match the existing superblock, will be ignored [ 252.797352][T24610] loop0: detected capacity change from 0 to 264192 [ 252.834182][T24610] loop0: p1 p2 p3 p4 [ 252.841412][T24610] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 252.861772][T24610] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 252.864985][T24626] new mount options do not match the existing superblock, will be ignored 08:40:30 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x0, 0x0, 0x848002, &(0x7f0000000440)={[{@discard}], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_eq}, {@smackfshat={'smackfshat', 0x3d, '!'}}]}) [ 252.880242][T24610] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 252.888115][T24627] loop3: detected capacity change from 0 to 264192 08:40:30 executing program 0: syz_read_part_table(0x3f00000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 252.944862][T24627] loop3: p1 p2 p3 p4 [ 252.949250][T24627] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 252.975303][T24642] new mount options do not match the existing superblock, will be ignored [ 252.992813][T24627] loop3: p3 size 1912633224 extends beyond EOD, truncated 08:40:30 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x6000000000000003, 0x6) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r1 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r2 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r2, &(0x7f0000000480)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0xb}, 0x2}, 0x1c) ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r2, 0x8983, &(0x7f00000002c0)={0x0, 'ipvlan0\x00', {0x1}, 0x9}) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x380000a, 0x12, r3, 0x0) preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r4 = syz_genetlink_get_family_id$fou(&(0x7f0000000080), r1) r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) write(r5, &(0x7f0000000200)="6589f3d35b7783720a667ca6ff66b771f46070401289e336b028f118a61e9f82230a0c62ddb7b841e601bd3bb81c181a5a264491c865f10e4b2d8278b2c88ba27dabdf6468c3eb89826c35385153139949b46bb0cf3d3f7b2f0ad20db5187c7a7e5e54b25737cb43a4ac9c1abf0f0363475a5b4d49c9ee0a225bf47f1ea33e9baa359ec2c8277ad7056eeabfca9bc3ef82ed7dd42eab9b097350f421564a49244209cc", 0xa3) sendmsg$FOU_CMD_GET(r3, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x1c, r4, 0x200, 0x70bd25, 0x25dfdbfc, {}, [@FOU_ATTR_IFINDEX={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4040000}, 0x10) sendmsg$FOU_CMD_ADD(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x30, r4, 0x20, 0x70bd25, 0x25dfdbfb, {}, [@FOU_ATTR_LOCAL_V6={0x14, 0x7, @empty}, @FOU_ATTR_AF={0x5, 0x2, 0xa}]}, 0x30}, 0x1, 0x0, 0x0, 0x800}, 0x800) sendto$inet(r0, 0x0, 0x0, 0x400c0c0, &(0x7f00000000c0)={0x2, 0x0, @rand_addr=0x64010100}, 0x10) sendto$inet(r0, &(0x7f0000000080), 0xfe7a, 0x0, &(0x7f00000001c0), 0x10) 08:40:30 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)={[{@discard}], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_eq}, {@smackfshat={'smackfshat', 0x3d, '!'}}]}) [ 253.018885][T24627] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 253.029495][T24650] loop0: detected capacity change from 0 to 264192 [ 253.087058][T24650] loop0: p1 p2 p3 p4 [ 253.088645][T24660] new mount options do not match the existing superblock, will be ignored [ 253.092351][T24650] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 253.112204][T24650] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 253.124552][T24650] loop0: p4 size 3657465856 extends beyond EOD, truncated 08:40:30 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x1100) 08:40:30 executing program 1: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0xffffffffffffffff, 0x0) 08:40:30 executing program 3: syz_read_part_table(0xc9ffffff00000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:30 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f0000000400), 0x0, &(0x7f0000000440)={[{@discard}], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_eq}, {@smackfshat={'smackfshat', 0x3d, '!'}}]}) 08:40:30 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = memfd_create(&(0x7f0000000040)='4\xacXrcO\b\xc4ut/e\x00'/28, 0x0) write$binfmt_elf64(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c46000000d20000000000e9ff0003003e00000310000000060000ff1952fffffff0010000000000000000008b00000000100000380002000000000000000323bf9f782deffbda6a6ba5d5745d724065f99d1bd345399b081b23aea1"], 0x44) write$binfmt_elf32(r0, &(0x7f0000000200)=ANY=[], 0x6c) execveat(r0, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1100) 08:40:30 executing program 0: syz_read_part_table(0x4000000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:30 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x100}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$ETHTOOL_MSG_FEATURES_GET(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYRES32, @ANYRES16=0x0, @ANYBLOB="b85b070000002000009982"], 0xe8}}, 0x0) clone(0x80100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000380)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000193c0)=""/102385, 0xfff7}], 0x3, 0x0, 0x0, 0x0) tkill(r2, 0xe) wait4(0x0, 0x0, 0x0, 0x0) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) r3 = gettid() rt_sigqueueinfo(r3, 0xa, &(0x7f00000002c0)) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000140)={'\x00', 0x0, 0x5, 0x80}) 08:40:30 executing program 5: r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000001500)=[{&(0x7f0000010000)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020002020202020202020202020200000000000000000bf000000000000bf000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000181400000000000000000000160000000022001c", 0x9f, 0x8000}, {&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000bf000000000000bf252f", 0x5a, 0x8800}, {&(0x7f0000000280)="88001c0000000000001c00080000000008007809140b2a3a0802", 0x1a, 0xe000}], 0x0, &(0x7f0000000040)={[{@nocompress}, {@nojoliet}]}) name_to_handle_at(r0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000080)=ANY=[@ANYBLOB="0c0000008100000006000002d5090000040000001824d065b749127abdcc120825ce5402595b70b2"], &(0x7f0000000180), 0x400) fchownat(r0, &(0x7f00000001c0)='./file0\x00', 0xee00, 0xffffffffffffffff, 0x900) mknodat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x40, 0x3) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000240)='net/fib_triestat\x00') [ 253.491361][T24696] new mount options do not match the existing superblock, will be ignored [ 253.504505][T24700] loop3: detected capacity change from 0 to 264192 [ 253.508959][T24701] loop0: detected capacity change from 0 to 264192 [ 253.521551][T24696] EXT4-fs (loop4): VFS: Can't find ext4 filesystem 08:40:30 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f0000000400), 0x0, &(0x7f0000000440)={[{@discard}], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_eq}, {@smackfshat={'smackfshat', 0x3d, '!'}}]}) [ 253.554716][T24701] loop0: p1 p2 p3 p4 [ 253.559695][T24701] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 253.567592][T24701] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 253.572978][T24721] loop5: detected capacity change from 0 to 224 [ 253.581434][T24700] loop3: p1 p2 p3 p4 [ 253.586193][T24701] loop0: p4 size 3657465856 extends beyond EOD, truncated 08:40:30 executing program 5: r0 = socket$inet(0x10, 0x80002, 0x0) r1 = perf_event_open(&(0x7f00000000c0)={0x4, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x40, 0x0, 0x0, 0x0, 0x1, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0) write(0xffffffffffffffff, 0x0, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40082404, 0x0) r2 = socket$inet(0x2, 0x4, 0xfffffbff) ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f0000000040)={0x0, r2, 0x0, 0x4, 0x101}) r3 = openat(0xffffffffffffffff, &(0x7f00000001c0)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f00007cd000/0x3000)=nil, 0x3000, 0x180000f, 0x4010, r3, 0x3000) preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000100)="24000000190007041dfffd946f610500020000e8fe02080100010800080007000400ff7e280000001100ffffba16a0aa1c0900000000000012000000000000eff24d8238cfa47e23f7efbf54", 0x4c}], 0x1}, 0x0) [ 253.602159][T24700] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 253.610069][T24700] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 253.625058][T24700] loop3: p4 size 3657465856 extends beyond EOD, truncated 08:40:30 executing program 0: syz_read_part_table(0x4000080000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:30 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f0000000400), 0x0, &(0x7f0000000440)={[{@discard}], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_eq}, {@smackfshat={'smackfshat', 0x3d, '!'}}]}) [ 253.674186][T24739] new mount options do not match the existing superblock, will be ignored [ 253.685688][T24739] EXT4-fs (loop4): VFS: Can't find ext4 filesystem [ 253.707201][T24700] loop3: detected capacity change from 0 to 264192 [ 253.737632][T24762] loop0: detected capacity change from 0 to 264192 [ 253.744906][T24764] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'. [ 253.760231][T24767] new mount options do not match the existing superblock, will be ignored [ 253.764241][T24769] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'. [ 253.770207][T24767] EXT4-fs (loop4): VFS: Can't find ext4 filesystem [ 253.785009][T24762] loop0: p1 p2 p3 p4 [ 253.789483][T24762] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 253.800819][T24762] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 253.808658][T24762] loop0: p4 size 3657465856 extends beyond EOD, truncated 08:40:31 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x1200) 08:40:31 executing program 1: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x2) 08:40:31 executing program 3: syz_read_part_table(0xcf7d278900000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:31 executing program 5: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0x7, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019006000600100000f000000000000000000000004000000000002000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d6f4655f000000000000000001000000000000000b0000000001000008000000d24200001203", 0x66, 0x400}, {&(0x7f0000010100)="0000000000000000000000008395006fb905454792d9f392427055b7010040", 0x1f, 0x4e0}, {&(0x7f0000010300)="03", 0x1, 0x640}, {&(0x7f0000010400)="03000000040000000500000016000f000300040000000000000000000f00698c", 0x20, 0x800}, {&(0x7f0000010e00)="ed41000000040000d6f4655fd7f4655fd7f4655f000000000000040020", 0x1d, 0x1500}, {&(0x7f0000011000)="8081000000180000d6f4655fd6f4655fd6f4655f00000000000001002000000010000800000000000af302000400000000000000000000000200000030000000020000000400000032", 0x49, 0x1600}, {&(0x7f0000012700)="111fc0d901", 0x5, 0xc000}], 0x0, &(0x7f0000013b00)) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f000016f000/0x3000)=nil, 0x3000, 0x0, 0x12, r0, 0xca13a000) preadv(r0, &(0x7f0000001440)=[{&(0x7f0000000040)=""/95, 0x5f}, {&(0x7f00000002c0)=""/4096, 0x1000}, {&(0x7f0000000140)=""/97, 0x61}, {&(0x7f00000012c0)=""/187, 0xbb}, {&(0x7f0000001380)=""/177, 0xb1}], 0x5, 0x7fffffff, 0x0) 08:40:31 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f0000000400), 0x848002, 0x0) 08:40:31 executing program 0: syz_read_part_table(0x4800000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 254.367864][T24803] new mount options do not match the existing superblock, will be ignored [ 254.382725][T24808] loop3: detected capacity change from 0 to 264192 [ 254.382830][T24810] loop5: detected capacity change from 0 to 1024 [ 254.390231][T24805] loop0: detected capacity change from 0 to 264192 [ 254.400589][T24810] __quota_error: 28 callbacks suppressed [ 254.400665][T24810] Quota error (device loop5): v2_read_file_info: Free block number too big (0 >= 0). 08:40:31 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f0000000400), 0x848002, 0x0) [ 254.415765][T24818] netlink: 1312 bytes leftover after parsing attributes in process `syz-executor.1'. [ 254.417239][T24810] EXT4-fs warning (device loop5): ext4_enable_quotas:6479: Failed to enable quota tracking (type=0, err=-117). Please run e2fsck to fix. [ 254.431503][T24805] loop0: p1 p2 p3 p4 [ 254.440951][T24808] loop3: p1 p2 p3 p4 [ 254.449254][T24810] EXT4-fs (loop5): mount failed [ 254.450179][T24808] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 254.454826][T24805] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 254.463560][T24808] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 254.471244][T24805] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 254.483559][T24805] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 254.504584][T24810] loop5: detected capacity change from 0 to 1024 [ 254.511735][T24808] loop3: p4 size 3657465856 extends beyond EOD, truncated 08:40:31 executing program 3: syz_read_part_table(0xe4ffffff00000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 254.519009][T24834] new mount options do not match the existing superblock, will be ignored [ 254.533394][T24810] Quota error (device loop5): v2_read_file_info: Free block number too big (0 >= 0). [ 254.544100][T24810] EXT4-fs warning (device loop5): ext4_enable_quotas:6479: Failed to enable quota tracking (type=0, err=-117). Please run e2fsck to fix. [ 254.561896][T24810] EXT4-fs (loop5): mount failed 08:40:31 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f0000000400), 0x848002, 0x0) [ 254.571813][T24805] loop0: detected capacity change from 0 to 264192 08:40:31 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f0000000000)={@multicast2, @loopback}, 0xc) r1 = socket$netlink(0x10, 0x3, 0x0) writev(r1, &(0x7f00000000c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff060000000100000056000000250000003fbe6d303a25105c907d5f1b190004000400000007fd17e557", 0x39}], 0x1) r2 = socket$netlink(0x10, 0x3, 0x0) writev(r2, &(0x7f0000000040)=[{&(0x7f0000000100)="390000001300034700bb65e1c3e4ffff060000000100000045000000250000001900040004002d000200000000000006040000000000000000", 0x39}], 0x1) dup2(r2, r0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000f, 0x12, r3, 0x0) preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$MON_IOCG_STATS(r3, 0x80089203, &(0x7f0000000080)) [ 254.613154][T24849] loop3: detected capacity change from 0 to 264192 [ 254.625857][T24805] loop0: p1 p2 p3 p4 [ 254.630736][T24805] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 254.643376][T24805] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 254.651692][T24849] loop3: p1 p2 p3 p4 08:40:31 executing program 0: syz_read_part_table(0x4c00000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 254.666343][T24849] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 254.674494][T24805] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 254.683807][T24872] new mount options do not match the existing superblock, will be ignored [ 254.688326][T24849] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 254.699975][T24874] netlink: 25 bytes leftover after parsing attributes in process `syz-executor.5'. 08:40:31 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)={[], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_eq}, {@smackfshat={'smackfshat', 0x3d, '!'}}]}) [ 254.710836][T24849] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 254.719085][T24874] netlink: 'syz-executor.5': attribute type 4 has an invalid length. [ 254.729093][T24874] netlink: 25 bytes leftover after parsing attributes in process `syz-executor.5'. [ 254.738894][T24881] netlink: 'syz-executor.5': attribute type 4 has an invalid length. [ 254.756191][T24831] print_req_error: 110 callbacks suppressed [ 254.756201][T24831] blk_update_request: I/O error, dev loop3, sector 495 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 254.774596][T24849] __loop_clr_fd: partition scan of loop3 failed (rc=-16) [ 254.774620][T24801] blk_update_request: I/O error, dev loop3, sector 264064 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 254.783465][ T880] blk_update_request: I/O error, dev loop3, sector 495 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 254.804241][ T880] buffer_io_error: 78 callbacks suppressed [ 254.804250][ T880] Buffer I/O error on dev loop3p1, logical block 1, async page read [ 254.809980][T24849] loop3: detected capacity change from 0 to 264192 [ 254.834581][T24807] blk_update_request: I/O error, dev loop0, sector 495 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 254.834974][T24829] blk_update_request: I/O error, dev loop0, sector 264064 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 254.849765][ T880] blk_update_request: I/O error, dev loop0, sector 495 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 254.859356][T24885] blk_update_request: I/O error, dev loop0, sector 264033 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 254.868670][ T880] Buffer I/O error on dev loop0p1, logical block 1, async page read [ 254.882184][T24886] blk_update_request: I/O error, dev loop0, sector 264064 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 254.899926][ T1760] __loop_clr_fd: partition scan of loop0 failed (rc=-16) [ 254.922883][ T704] blk_update_request: I/O error, dev loop0, sector 264033 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 254.934258][ T704] Buffer I/O error on dev loop0p3, logical block 263808, async page read [ 254.943901][T24896] new mount options do not match the existing superblock, will be ignored [ 254.946070][ T704] blk_update_request: I/O error, dev loop0, sector 264034 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 254.963673][ T704] Buffer I/O error on dev loop0p3, logical block 263809, async page read [ 254.964398][T24849] loop_reread_partitions: partition scan of loop3 () failed (rc=-16) [ 254.972463][ T704] Buffer I/O error on dev loop0p3, logical block 263810, async page read [ 254.993229][ T704] Buffer I/O error on dev loop0p3, logical block 263811, async page read [ 255.001687][ T704] Buffer I/O error on dev loop0p3, logical block 263812, async page read [ 255.010185][ T704] Buffer I/O error on dev loop0p3, logical block 263813, async page read 08:40:32 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x2000) [ 255.018818][ T704] Buffer I/O error on dev loop0p3, logical block 263814, async page read [ 255.028216][ T704] Buffer I/O error on dev loop0p3, logical block 263815, async page read [ 255.043302][T24905] loop0: detected capacity change from 0 to 264192 [ 255.102120][T24905] loop0: p1 p2 p3 p4 [ 255.106217][ T1135] loop3: p1 p2 p3 p4 [ 255.111122][ T1135] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 255.111221][T24905] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 255.127820][ T1135] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 255.143535][ T1135] loop3: p4 size 3657465856 extends beyond EOD, truncated 08:40:32 executing program 1: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x3) 08:40:32 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)={[], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_eq}, {@smackfshat={'smackfshat', 0x3d, '!'}}]}) 08:40:32 executing program 3: syz_read_part_table(0xeeffffff00000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 255.161583][T24905] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 255.181507][T24905] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 255.253555][T24905] loop0: detected capacity change from 0 to 264192 [ 255.272131][T24954] new mount options do not match the existing superblock, will be ignored [ 255.292153][T24956] loop3: detected capacity change from 0 to 264192 [ 255.300430][T24905] loop0: p1 p2 p3 p4 [ 255.313351][T24905] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 255.324989][T24905] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 255.333858][T24905] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 255.345730][T24966] netlink: 1312 bytes leftover after parsing attributes in process `syz-executor.1'. 08:40:32 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)={[], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}, {@euid_eq}]}) 08:40:32 executing program 0: syz_read_part_table(0x5400000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 255.377004][T24956] loop3: p1 p2 p3 p4 [ 255.381819][T24956] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 255.423302][T24956] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 255.440835][T24956] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 255.441717][T24979] new mount options do not match the existing superblock, will be ignored 08:40:32 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)={[], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_gt={'uid>', 0xffffffffffffffff}}]}) 08:40:32 executing program 3: syz_read_part_table(0xf504000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 255.562594][T24993] loop0: detected capacity change from 0 to 264192 [ 255.584277][T24995] new mount options do not match the existing superblock, will be ignored 08:40:32 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)={[], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}, {@func={'func', 0x3d, 'MMAP_CHECK'}}]}) [ 255.662868][T25005] loop3: detected capacity change from 0 to 264192 [ 255.679678][T24993] loop0: p1 p2 p3 p4 [ 255.692293][T24993] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 255.703781][T25005] loop3: p1 p2 p3 p4 [ 255.708678][T25005] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 255.717581][T24993] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 255.726599][T25005] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 255.740673][T25005] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 255.748521][T25018] new mount options do not match the existing superblock, will be ignored [ 255.757884][T24993] loop0: p4 size 3657465856 extends beyond EOD, truncated 08:40:33 executing program 3: syz_read_part_table(0xf6ffffff00000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:33 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x2005) 08:40:33 executing program 3: syz_read_part_table(0xfbffffff00000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:33 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)={[], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}, {@obj_type}]}) [ 255.929527][T24993] loop0: detected capacity change from 0 to 264192 [ 255.941876][T25043] new mount options do not match the existing superblock, will be ignored [ 255.993560][T24993] loop0: p1 p2 p3 p4 [ 255.999064][T24993] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 256.020679][T25054] loop3: detected capacity change from 0 to 264192 [ 256.027472][T24993] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 256.040108][T24993] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 256.073691][T25054] loop3: p1 p2 p3 p4 [ 256.078540][T25054] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 256.087148][T25054] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 256.098967][T25054] loop3: p4 size 3657465856 extends beyond EOD, truncated 08:40:33 executing program 1: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x4) 08:40:33 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)={[], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}, {@dont_hash}]}) 08:40:33 executing program 0: syz_read_part_table(0x5500000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 256.129098][ T1760] __loop_clr_fd: partition scan of loop0 failed (rc=-16) [ 256.203145][T25077] new mount options do not match the existing superblock, will be ignored 08:40:33 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)={[], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}]}) [ 256.262144][T25081] netlink: 1312 bytes leftover after parsing attributes in process `syz-executor.1'. [ 256.264765][T25082] loop0: detected capacity change from 0 to 264192 08:40:33 executing program 3: syz_read_part_table(0xfdfdffff00000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 256.368707][T25097] new mount options do not match the existing superblock, will be ignored [ 256.379471][T25082] loop0: p1 p2 p3 p4 [ 256.391830][T25082] loop0: p2 size 1073872896 extends beyond EOD, truncated 08:40:33 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)={[], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}, {@subj_type={'subj_type', 0x3d, 'cpuset\x00'}}]}) [ 256.423668][T25082] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 256.427083][T25107] loop3: detected capacity change from 0 to 264192 [ 256.440587][T25082] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 256.525854][T25118] new mount options do not match the existing superblock, will be ignored [ 256.553879][T25107] loop3: p1 p2 p3 p4 [ 256.558565][T25107] loop3: p2 size 1073872896 extends beyond EOD, truncated 08:40:33 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)={[], [{@fowner_lt={'fowner<', 0xee00}}, {@pcr={'pcr', 0x3d, 0x40}}]}) [ 256.582622][T25082] loop0: detected capacity change from 0 to 264192 [ 256.583289][T25107] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 256.617618][T25107] loop3: p4 size 3657465856 extends beyond EOD, truncated 08:40:33 executing program 3: syz_read_part_table(0xfdffffff00000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 256.629930][T25136] new mount options do not match the existing superblock, will be ignored [ 256.646254][T25082] loop0: p1 p2 p3 p4 [ 256.656258][T25082] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 256.676618][T25082] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 256.684720][T25082] loop0: p4 size 3657465856 extends beyond EOD, truncated 08:40:33 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)={[], [{@fowner_lt={'fowner<', 0xee00}}]}) 08:40:33 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x2500) 08:40:33 executing program 0: syz_read_part_table(0x6000000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 256.788915][T25156] new mount options do not match the existing superblock, will be ignored [ 256.816710][T25155] loop3: detected capacity change from 0 to 264192 [ 256.833805][T25168] loop0: detected capacity change from 0 to 264192 08:40:34 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 256.867290][T25155] loop3: p1 p2 p3 p4 [ 256.874180][T25168] loop0: p1 p2 p3 p4 [ 256.876404][T25155] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 256.889879][T25168] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 256.911898][T25155] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 256.927040][T25168] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 256.934838][T25155] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 256.942540][T25184] new mount options do not match the existing superblock, will be ignored [ 256.967729][T25168] loop0: p4 size 3657465856 extends beyond EOD, truncated 08:40:34 executing program 1: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x5) 08:40:34 executing program 4 (fault-call:5 fault-nth:0): mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 257.032968][T25155] loop3: detected capacity change from 0 to 264192 [ 257.074948][T25155] loop3: p1 p2 p3 p4 [ 257.079615][T25155] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 257.100880][T25207] new mount options do not match the existing superblock, will be ignored [ 257.103788][T25155] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 257.111230][T25207] FAULT_INJECTION: forcing a failure. [ 257.111230][T25207] name failslab, interval 1, probability 0, space 0, times 0 [ 257.129109][T25207] CPU: 0 PID: 25207 Comm: syz-executor.4 Not tainted 5.13.0-rc5-syzkaller #0 [ 257.138035][T25207] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 257.148085][T25207] Call Trace: [ 257.151365][T25207] dump_stack+0x137/0x19d [ 257.155719][T25207] should_fail+0x23c/0x250 [ 257.160143][T25207] ? __se_sys_memfd_create+0xfb/0x390 [ 257.165514][T25207] __should_failslab+0x81/0x90 [ 257.170316][T25207] should_failslab+0x5/0x20 [ 257.174820][T25207] __kmalloc+0x66/0x340 [ 257.178992][T25207] ? strnlen_user+0x137/0x1c0 [ 257.183663][T25207] __se_sys_memfd_create+0xfb/0x390 [ 257.188858][T25207] __x64_sys_memfd_create+0x2d/0x40 [ 257.194103][T25207] do_syscall_64+0x4a/0x90 [ 257.198520][T25207] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 257.204404][T25207] RIP: 0033:0x4665d9 [ 257.208286][T25207] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 257.227885][T25207] RSP: 002b:00007f3a0bdd3f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 257.236295][T25207] RAX: ffffffffffffffda RBX: 0000000020000400 RCX: 00000000004665d9 [ 257.244270][T25207] RDX: 00007f3a0bdd4000 RSI: 0000000000000000 RDI: 00000000004bee66 [ 257.252237][T25207] RBP: 0000000000000000 R08: 00007f3a0bdd3ff8 R09: ffffffffffffffff [ 257.260244][T25207] R10: 00007f3a0bdd3ffc R11: 0000000000000246 R12: 0000000020000180 [ 257.268292][T25207] R13: 0000000020000300 R14: 0000000000000000 R15: 0000000020000440 [ 257.279918][T25155] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 257.289708][T25209] netlink: 1312 bytes leftover after parsing attributes in process `syz-executor.1'. [ 257.312338][T25168] loop0: detected capacity change from 0 to 264192 08:40:34 executing program 3: syz_read_part_table(0xfeffffff00000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:34 executing program 4 (fault-call:5 fault-nth:1): mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 257.354458][T25168] loop0: p1 p2 p3 p4 [ 257.359718][T25168] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 257.370058][T25168] loop0: p3 size 1912633224 extends beyond EOD, truncated 08:40:34 executing program 0: syz_read_part_table(0x6300000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 257.428895][T25168] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 257.436824][T25231] loop3: detected capacity change from 0 to 264192 [ 257.452727][T25233] new mount options do not match the existing superblock, will be ignored [ 257.474020][T25233] FAULT_INJECTION: forcing a failure. [ 257.474020][T25233] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 257.487197][T25233] CPU: 0 PID: 25233 Comm: syz-executor.4 Not tainted 5.13.0-rc5-syzkaller #0 [ 257.496017][T25233] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 257.506077][T25233] Call Trace: [ 257.509350][T25233] dump_stack+0x137/0x19d [ 257.513702][T25233] should_fail+0x23c/0x250 [ 257.518119][T25233] should_fail_usercopy+0x16/0x20 [ 257.523303][T25233] _copy_from_user+0x1c/0xd0 [ 257.528001][T25233] __se_sys_memfd_create+0x137/0x390 [ 257.533281][T25233] __x64_sys_memfd_create+0x2d/0x40 [ 257.538480][T25233] do_syscall_64+0x4a/0x90 [ 257.542896][T25233] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 257.548844][T25233] RIP: 0033:0x4665d9 [ 257.552728][T25233] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 257.572332][T25233] RSP: 002b:00007f3a0bdd3f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 257.580737][T25233] RAX: ffffffffffffffda RBX: 0000000020000400 RCX: 00000000004665d9 [ 257.588697][T25233] RDX: 00007f3a0bdd4000 RSI: 0000000000000000 RDI: 00000000004bee66 [ 257.596668][T25233] RBP: 0000000000000000 R08: 00007f3a0bdd3ff8 R09: ffffffffffffffff [ 257.604659][T25233] R10: 00007f3a0bdd3ffc R11: 0000000000000246 R12: 0000000020000180 [ 257.612625][T25233] R13: 0000000020000300 R14: 0000000000000000 R15: 0000000020000440 [ 257.621168][T25231] loop3: p1 p2 p3 p4 08:40:34 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x3000) [ 257.657673][T25231] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 257.687799][T25231] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 257.699579][T25240] loop0: detected capacity change from 0 to 264192 [ 257.710710][T25231] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 257.745095][T25240] loop0: p1 p2 p3 p4 08:40:34 executing program 3: syz_read_part_table(0xfeffffffffffffff, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:34 executing program 4 (fault-call:5 fault-nth:2): mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 257.758409][T25240] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 257.766450][T25240] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 257.774613][T25240] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 257.802725][T25271] new mount options do not match the existing superblock, will be ignored [ 257.819974][T25275] loop3: detected capacity change from 0 to 264192 [ 257.829177][T25271] FAULT_INJECTION: forcing a failure. [ 257.829177][T25271] name failslab, interval 1, probability 0, space 0, times 0 [ 257.841794][T25271] CPU: 0 PID: 25271 Comm: syz-executor.4 Not tainted 5.13.0-rc5-syzkaller #0 [ 257.850562][T25271] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 257.860775][T25271] Call Trace: [ 257.864044][T25271] dump_stack+0x137/0x19d [ 257.868369][T25271] should_fail+0x23c/0x250 [ 257.872854][T25271] ? shmem_alloc_inode+0x22/0x30 [ 257.877868][T25271] __should_failslab+0x81/0x90 [ 257.882630][T25271] ? shmem_match+0xa0/0xa0 [ 257.887046][T25271] should_failslab+0x5/0x20 [ 257.891533][T25271] kmem_cache_alloc+0x46/0x2f0 [ 257.896304][T25271] ? do_anonymous_page+0x411/0x8b0 [ 257.901843][T25271] ? fsnotify_perm+0x59/0x2e0 [ 257.906516][T25271] ? shmem_match+0xa0/0xa0 [ 257.911005][T25271] shmem_alloc_inode+0x22/0x30 [ 257.915774][T25271] new_inode_pseudo+0x38/0x1c0 [ 257.920556][T25271] new_inode+0x21/0x120 [ 257.924707][T25271] shmem_get_inode+0xa1/0x480 [ 257.929384][T25271] __shmem_file_setup+0xf1/0x1d0 [ 257.934604][T25271] shmem_file_setup+0x37/0x40 [ 257.939270][T25271] __se_sys_memfd_create+0x1eb/0x390 [ 257.944626][T25271] __x64_sys_memfd_create+0x2d/0x40 [ 257.949817][T25271] do_syscall_64+0x4a/0x90 [ 257.954231][T25271] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 257.960200][T25271] RIP: 0033:0x4665d9 [ 257.964085][T25271] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 257.983946][T25271] RSP: 002b:00007f3a0bdd3f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 257.992401][T25271] RAX: ffffffffffffffda RBX: 0000000020000400 RCX: 00000000004665d9 08:40:35 executing program 1: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x6) [ 258.000375][T25271] RDX: 00007f3a0bdd4000 RSI: 0000000000000000 RDI: 00000000004bee66 [ 258.008341][T25271] RBP: 0000000000000000 R08: 00007f3a0bdd3ff8 R09: ffffffffffffffff [ 258.016305][T25271] R10: 00007f3a0bdd3ffc R11: 0000000000000246 R12: 0000000020000180 [ 258.024272][T25271] R13: 0000000020000300 R14: 0000000000000000 R15: 0000000020000440 08:40:35 executing program 4 (fault-call:5 fault-nth:3): mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 258.073067][T25240] loop0: detected capacity change from 0 to 264192 [ 258.079911][T25275] loop3: p1 p2 p3 p4 [ 258.087915][T25275] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 258.099226][T25275] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 258.099773][T25290] netlink: 1312 bytes leftover after parsing attributes in process `syz-executor.1'. [ 258.115577][T25275] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 258.127789][T25240] loop0: p1 p2 p3 p4 [ 258.138862][T25240] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 258.160224][T25240] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 258.168473][T25299] new mount options do not match the existing superblock, will be ignored [ 258.178814][T25240] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 258.187074][T25299] FAULT_INJECTION: forcing a failure. [ 258.187074][T25299] name failslab, interval 1, probability 0, space 0, times 0 [ 258.199725][T25299] CPU: 1 PID: 25299 Comm: syz-executor.4 Not tainted 5.13.0-rc5-syzkaller #0 [ 258.208530][T25299] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 258.218610][T25299] Call Trace: [ 258.221878][T25299] dump_stack+0x137/0x19d [ 258.226275][T25299] should_fail+0x23c/0x250 [ 258.230694][T25299] ? security_inode_alloc+0x30/0x180 [ 258.236025][T25299] __should_failslab+0x81/0x90 [ 258.240809][T25299] should_failslab+0x5/0x20 [ 258.245384][T25299] kmem_cache_alloc+0x46/0x2f0 [ 258.250176][T25299] security_inode_alloc+0x30/0x180 [ 258.255290][T25299] inode_init_always+0x20b/0x420 [ 258.260222][T25299] ? shmem_match+0xa0/0xa0 [ 258.264633][T25299] new_inode_pseudo+0x73/0x1c0 [ 258.269413][T25299] new_inode+0x21/0x120 [ 258.273566][T25299] shmem_get_inode+0xa1/0x480 [ 258.278250][T25299] __shmem_file_setup+0xf1/0x1d0 [ 258.283257][T25299] shmem_file_setup+0x37/0x40 [ 258.287943][T25299] __se_sys_memfd_create+0x1eb/0x390 [ 258.293315][T25299] __x64_sys_memfd_create+0x2d/0x40 [ 258.298509][T25299] do_syscall_64+0x4a/0x90 [ 258.302923][T25299] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 258.308865][T25299] RIP: 0033:0x4665d9 [ 258.312800][T25299] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 258.332553][T25299] RSP: 002b:00007f3a0bdd3f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 258.340961][T25299] RAX: ffffffffffffffda RBX: 0000000020000400 RCX: 00000000004665d9 [ 258.348934][T25299] RDX: 00007f3a0bdd4000 RSI: 0000000000000000 RDI: 00000000004bee66 [ 258.356948][T25299] RBP: 0000000000000000 R08: 00007f3a0bdd3ff8 R09: ffffffffffffffff [ 258.364915][T25299] R10: 00007f3a0bdd3ffc R11: 0000000000000246 R12: 0000000020000180 08:40:35 executing program 0: syz_read_part_table(0x6800000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:35 executing program 4 (fault-call:5 fault-nth:4): mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 258.372900][T25299] R13: 0000000020000300 R14: 0000000000000000 R15: 0000000020000440 [ 258.391384][T25275] loop3: detected capacity change from 0 to 264192 [ 258.427849][T25275] loop3: p1 p2 p3 p4 [ 258.433275][T25313] new mount options do not match the existing superblock, will be ignored [ 258.444228][T25275] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 258.451902][T25275] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 258.454644][T25313] FAULT_INJECTION: forcing a failure. [ 258.454644][T25313] name failslab, interval 1, probability 0, space 0, times 0 [ 258.471624][T25313] CPU: 0 PID: 25313 Comm: syz-executor.4 Not tainted 5.13.0-rc5-syzkaller #0 [ 258.480387][T25313] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 258.490446][T25313] Call Trace: [ 258.493745][T25313] dump_stack+0x137/0x19d [ 258.498143][T25313] should_fail+0x23c/0x250 [ 258.502560][T25313] ? __d_alloc+0x36/0x370 [ 258.506880][T25313] __should_failslab+0x81/0x90 [ 258.511644][T25313] should_failslab+0x5/0x20 [ 258.516144][T25313] kmem_cache_alloc+0x46/0x2f0 [ 258.520961][T25313] ? __init_rwsem+0x59/0x70 [ 258.525491][T25313] __d_alloc+0x36/0x370 [ 258.529651][T25313] ? current_time+0xdb/0x190 [ 258.534251][T25313] d_alloc_pseudo+0x1a/0x50 [ 258.538827][T25313] alloc_file_pseudo+0x63/0x130 [ 258.543782][T25313] __shmem_file_setup+0x14c/0x1d0 [ 258.548825][T25313] shmem_file_setup+0x37/0x40 [ 258.553537][T25313] __se_sys_memfd_create+0x1eb/0x390 [ 258.558834][T25313] __x64_sys_memfd_create+0x2d/0x40 [ 258.564128][T25313] do_syscall_64+0x4a/0x90 [ 258.568570][T25313] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 258.574470][T25313] RIP: 0033:0x4665d9 [ 258.578370][T25313] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 258.598245][T25313] RSP: 002b:00007f3a0bdd3f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 258.606658][T25313] RAX: ffffffffffffffda RBX: 0000000020000400 RCX: 00000000004665d9 [ 258.614620][T25313] RDX: 00007f3a0bdd4000 RSI: 0000000000000000 RDI: 00000000004bee66 [ 258.622688][T25313] RBP: 0000000000000000 R08: 00007f3a0bdd3ff8 R09: ffffffffffffffff [ 258.630681][T25313] R10: 00007f3a0bdd3ffc R11: 0000000000000246 R12: 0000000020000180 [ 258.638650][T25313] R13: 0000000020000300 R14: 0000000000000000 R15: 0000000020000440 [ 258.651669][T25275] loop3: p4 size 3657465856 extends beyond EOD, truncated 08:40:35 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x4800) [ 258.675751][T25326] loop0: detected capacity change from 0 to 264192 08:40:35 executing program 4 (fault-call:5 fault-nth:5): mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) 08:40:35 executing program 3: syz_read_part_table(0xff0f000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 258.704477][T25326] loop0: p1 p2 p3 p4 [ 258.708941][T25326] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 258.735675][T25326] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 258.747702][ T1135] loop3: p1 p2 p3 p4 [ 258.754579][ T1135] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 258.776546][T25343] new mount options do not match the existing superblock, will be ignored [ 258.782502][T25326] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 258.785835][T25343] FAULT_INJECTION: forcing a failure. [ 258.785835][T25343] name failslab, interval 1, probability 0, space 0, times 0 [ 258.794956][ T1135] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 258.804784][T25343] CPU: 1 PID: 25343 Comm: syz-executor.4 Not tainted 5.13.0-rc5-syzkaller #0 [ 258.820642][T25343] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 258.830693][T25343] Call Trace: [ 258.833965][T25343] dump_stack+0x137/0x19d [ 258.837816][ T1135] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 258.838333][T25343] should_fail+0x23c/0x250 [ 258.838352][T25343] ? __alloc_file+0x2e/0x1a0 [ 258.838365][T25343] __should_failslab+0x81/0x90 [ 258.838387][T25343] should_failslab+0x5/0x20 [ 258.863691][T25343] kmem_cache_alloc+0x46/0x2f0 [ 258.868555][T25343] ? inode_doinit_with_dentry+0x382/0x950 [ 258.874279][T25343] __alloc_file+0x2e/0x1a0 [ 258.878768][T25343] alloc_empty_file+0xcd/0x1c0 [ 258.883764][T25343] alloc_file+0x3a/0x280 [ 258.888008][T25343] alloc_file_pseudo+0xe2/0x130 [ 258.892859][T25343] __shmem_file_setup+0x14c/0x1d0 [ 258.897971][T25343] shmem_file_setup+0x37/0x40 08:40:36 executing program 1: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x7) [ 258.902745][T25343] __se_sys_memfd_create+0x1eb/0x390 [ 258.908063][T25343] __x64_sys_memfd_create+0x2d/0x40 [ 258.913333][T25343] do_syscall_64+0x4a/0x90 [ 258.917793][T25343] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 258.923687][T25343] RIP: 0033:0x4665d9 [ 258.927573][T25343] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 258.947172][T25343] RSP: 002b:00007f3a0bdd3f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f 08:40:36 executing program 4 (fault-call:5 fault-nth:6): mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 258.955674][T25343] RAX: ffffffffffffffda RBX: 0000000020000400 RCX: 00000000004665d9 [ 258.963732][T25343] RDX: 00007f3a0bdd4000 RSI: 0000000000000000 RDI: 00000000004bee66 [ 258.971727][T25343] RBP: 0000000000000000 R08: 00007f3a0bdd3ff8 R09: ffffffffffffffff [ 258.979697][T25343] R10: 00007f3a0bdd3ffc R11: 0000000000000246 R12: 0000000020000180 [ 258.987660][T25343] R13: 0000000020000300 R14: 0000000000000000 R15: 0000000020000440 [ 259.019371][T25354] netlink: 1312 bytes leftover after parsing attributes in process `syz-executor.1'. [ 259.041536][T25366] new mount options do not match the existing superblock, will be ignored [ 259.050174][T25353] loop3: detected capacity change from 0 to 264192 [ 259.057251][T25326] loop0: detected capacity change from 0 to 264192 [ 259.057957][T25366] FAULT_INJECTION: forcing a failure. [ 259.057957][T25366] name failslab, interval 1, probability 0, space 0, times 0 [ 259.076383][T25366] CPU: 1 PID: 25366 Comm: syz-executor.4 Not tainted 5.13.0-rc5-syzkaller #0 [ 259.085157][T25366] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 259.095229][T25366] Call Trace: [ 259.098504][T25366] dump_stack+0x137/0x19d [ 259.102896][T25366] should_fail+0x23c/0x250 [ 259.107386][T25366] ? security_file_alloc+0x30/0x190 [ 259.112584][T25366] __should_failslab+0x81/0x90 [ 259.117468][T25366] should_failslab+0x5/0x20 [ 259.122055][T25366] kmem_cache_alloc+0x46/0x2f0 [ 259.126817][T25366] security_file_alloc+0x30/0x190 [ 259.131839][T25366] __alloc_file+0x83/0x1a0 [ 259.136257][T25366] alloc_empty_file+0xcd/0x1c0 [ 259.141023][T25366] alloc_file+0x3a/0x280 [ 259.145262][T25366] alloc_file_pseudo+0xe2/0x130 [ 259.150177][T25366] __shmem_file_setup+0x14c/0x1d0 [ 259.155205][T25366] shmem_file_setup+0x37/0x40 [ 259.160099][T25366] __se_sys_memfd_create+0x1eb/0x390 [ 259.165395][T25366] __x64_sys_memfd_create+0x2d/0x40 [ 259.170617][T25366] do_syscall_64+0x4a/0x90 [ 259.175029][T25366] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 259.180922][T25366] RIP: 0033:0x4665d9 [ 259.184808][T25366] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 259.204434][T25366] RSP: 002b:00007f3a0bdd3f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f 08:40:36 executing program 4 (fault-call:5 fault-nth:7): mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 259.212857][T25366] RAX: ffffffffffffffda RBX: 0000000020000400 RCX: 00000000004665d9 [ 259.220853][T25366] RDX: 00007f3a0bdd4000 RSI: 0000000000000000 RDI: 00000000004bee66 [ 259.228833][T25366] RBP: 0000000000000000 R08: 00007f3a0bdd3ff8 R09: ffffffffffffffff [ 259.236797][T25366] R10: 00007f3a0bdd3ffc R11: 0000000000000246 R12: 0000000020000180 [ 259.244764][T25366] R13: 0000000020000300 R14: 0000000000000000 R15: 0000000020000440 [ 259.285791][T25326] loop0: p1 p2 p3 p4 [ 259.289911][T25353] loop3: p1 p2 p3 p4 [ 259.295669][T25326] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 259.303111][T25353] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 259.318484][T25326] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 259.320634][T25353] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 259.332940][T25374] new mount options do not match the existing superblock, will be ignored [ 259.341647][T25326] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 259.352205][T25374] FAULT_INJECTION: forcing a failure. [ 259.352205][T25374] name failslab, interval 1, probability 0, space 0, times 0 [ 259.364844][T25374] CPU: 0 PID: 25374 Comm: syz-executor.4 Not tainted 5.13.0-rc5-syzkaller #0 [ 259.373606][T25374] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 259.383747][T25374] Call Trace: [ 259.387128][T25374] dump_stack+0x137/0x19d [ 259.391466][T25374] should_fail+0x23c/0x250 [ 259.395952][T25374] ? getname_flags+0x84/0x3d0 [ 259.400630][T25374] __should_failslab+0x81/0x90 [ 259.405403][T25374] should_failslab+0x5/0x20 [ 259.410003][T25374] kmem_cache_alloc+0x46/0x2f0 [ 259.414767][T25374] ? notify_change+0xa59/0xa80 [ 259.419553][T25374] getname_flags+0x84/0x3d0 [ 259.424058][T25374] ? fput+0x2d/0x130 [ 259.428024][T25374] getname+0x15/0x20 [ 259.431920][T25374] do_sys_openat2+0x5b/0x250 [ 259.436525][T25374] __x64_sys_openat+0xef/0x110 [ 259.441323][T25374] do_syscall_64+0x4a/0x90 [ 259.445738][T25374] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 259.451637][T25374] RIP: 0033:0x4196c4 [ 259.455577][T25374] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 259.475190][T25374] RSP: 002b:00007f3a0bdd3ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 259.483621][T25374] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 00000000004196c4 [ 259.491660][T25374] RDX: 0000000000000002 RSI: 00007f3a0bdd4000 RDI: 00000000ffffff9c [ 259.499628][T25374] RBP: 00007f3a0bdd4000 R08: 0000000000000000 R09: ffffffffffffffff [ 259.507597][T25374] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 259.515567][T25374] R13: 0000000000000005 R14: 0000000020000400 R15: 0000000000000000 [ 259.531944][T25353] loop3: p4 size 3657465856 extends beyond EOD, truncated 08:40:36 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x4c00) 08:40:36 executing program 0: syz_read_part_table(0x6c00000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 259.557780][ T1135] loop3: p1 p2 p3 p4 [ 259.562201][ T1135] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 259.578441][ T1135] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 259.597151][ T1135] loop3: p4 size 3657465856 extends beyond EOD, truncated 08:40:36 executing program 4 (fault-call:5 fault-nth:8): mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 259.647152][T25353] loop3: detected capacity change from 0 to 264192 [ 259.653859][T25406] loop0: detected capacity change from 0 to 264192 [ 259.696343][T25353] loop3: p1 p2 p3 p4 [ 259.696362][ T1135] loop0: p1 p2 p3 p4 [ 259.701522][T25418] new mount options do not match the existing superblock, will be ignored [ 259.708124][ T1135] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 259.713535][T25353] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 259.728355][T25418] FAULT_INJECTION: forcing a failure. [ 259.728355][T25418] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 259.735642][ T1135] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 259.741404][T25418] CPU: 1 PID: 25418 Comm: syz-executor.4 Not tainted 5.13.0-rc5-syzkaller #0 [ 259.755673][T25353] loop3: p3 size 1912633224 extends beyond EOD, [ 259.757231][T25418] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 259.757242][T25418] Call Trace: [ 259.763565][T25353] truncated [ 259.773597][T25418] dump_stack+0x137/0x19d [ 259.773624][T25418] should_fail+0x23c/0x250 [ 259.787623][ T1135] loop0: p4 size 3657465856 extends beyond EOD, [ 259.788679][T25418] should_fail_usercopy+0x16/0x20 [ 259.788702][T25418] strncpy_from_user+0x21/0x250 [ 259.795025][ T1135] truncated [ 259.800046][T25418] getname_flags+0xb8/0x3d0 [ 259.800067][T25418] getname+0x15/0x20 [ 259.816362][T25418] do_sys_openat2+0x5b/0x250 [ 259.820954][T25418] __x64_sys_openat+0xef/0x110 [ 259.825793][T25418] do_syscall_64+0x4a/0x90 [ 259.830206][T25418] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 259.835158][T25353] loop3: p4 size 3657465856 extends beyond EOD, [ 259.836267][T25418] RIP: 0033:0x4196c4 [ 259.836282][T25418] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 259.842598][T25353] truncated [ 259.846470][T25418] RSP: 002b:00007f3a0bdd3ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 259.846488][T25418] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 00000000004196c4 [ 259.846498][T25418] RDX: 0000000000000002 RSI: 00007f3a0bdd4000 RDI: 00000000ffffff9c 08:40:37 executing program 1: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x8) [ 259.846509][T25418] RBP: 00007f3a0bdd4000 R08: 0000000000000000 R09: ffffffffffffffff [ 259.901535][T25418] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 259.909507][T25418] R13: 0000000000000005 R14: 0000000020000400 R15: 0000000000000000 [ 259.921738][T25406] loop0: p1 p2 p3 p4 [ 259.926275][T25406] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 259.935296][T25406] loop0: p3 size 1912633224 extends beyond EOD, truncated 08:40:37 executing program 4 (fault-call:5 fault-nth:9): mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) 08:40:37 executing program 3: syz_read_part_table(0xffefffff00000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 259.943032][T25406] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 259.988125][T25443] netlink: 1312 bytes leftover after parsing attributes in process `syz-executor.1'. [ 259.997755][T25441] new mount options do not match the existing superblock, will be ignored [ 260.016536][T25441] FAULT_INJECTION: forcing a failure. [ 260.016536][T25441] name failslab, interval 1, probability 0, space 0, times 0 [ 260.029298][T25441] CPU: 1 PID: 25441 Comm: syz-executor.4 Not tainted 5.13.0-rc5-syzkaller #0 [ 260.038058][T25441] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 260.048111][T25441] Call Trace: [ 260.051392][T25441] dump_stack+0x137/0x19d [ 260.055729][T25441] should_fail+0x23c/0x250 [ 260.060149][T25441] ? __alloc_file+0x2e/0x1a0 [ 260.064746][T25441] __should_failslab+0x81/0x90 [ 260.069541][T25441] should_failslab+0x5/0x20 [ 260.074042][T25441] kmem_cache_alloc+0x46/0x2f0 [ 260.078816][T25441] __alloc_file+0x2e/0x1a0 [ 260.083236][T25441] alloc_empty_file+0xcd/0x1c0 [ 260.088005][T25441] path_openat+0x6a/0x20b0 [ 260.092421][T25441] ? avc_has_perm_noaudit+0x19a/0x240 [ 260.097798][T25441] ? avc_has_perm+0x59/0x150 [ 260.102417][T25441] ? avc_has_perm+0xc8/0x150 [ 260.107018][T25441] ? fsnotify+0x1167/0x1190 [ 260.111607][T25441] do_filp_open+0xd9/0x1f0 [ 260.116017][T25441] ? __virt_addr_valid+0x15a/0x1a0 [ 260.121192][T25441] ? __check_object_size+0x253/0x310 [ 260.126507][T25441] ? _find_next_bit+0x16a/0x190 [ 260.131362][T25441] ? alloc_fd+0x388/0x3e0 08:40:37 executing program 0: syz_read_part_table(0x7400000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 260.135774][T25441] do_sys_openat2+0xa3/0x250 [ 260.140379][T25441] __x64_sys_openat+0xef/0x110 [ 260.145164][T25441] do_syscall_64+0x4a/0x90 [ 260.149582][T25441] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 260.155486][T25441] RIP: 0033:0x4196c4 [ 260.159370][T25441] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 260.179042][T25441] RSP: 002b:00007f3a0bdd3ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 260.187508][T25441] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 00000000004196c4 [ 260.195497][T25441] RDX: 0000000000000002 RSI: 00007f3a0bdd4000 RDI: 00000000ffffff9c [ 260.203495][T25441] RBP: 00007f3a0bdd4000 R08: 0000000000000000 R09: ffffffffffffffff [ 260.211472][T25441] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 260.219438][T25441] R13: 0000000000000005 R14: 0000000020000400 R15: 0000000000000000 08:40:37 executing program 4 (fault-call:5 fault-nth:10): mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 260.250876][T25464] loop3: detected capacity change from 0 to 264192 [ 260.257621][T25466] loop0: detected capacity change from 0 to 264192 [ 260.279239][T25464] loop3: p1 p2 p3 p4 [ 260.285140][T25466] loop0: p1 p2 p3 p4 [ 260.285171][T25464] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 260.289532][T25466] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 260.305934][T25466] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 260.313788][T25464] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 260.317628][T25477] new mount options do not match the existing superblock, will be ignored [ 260.330111][T25466] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 260.330215][T25464] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 260.349961][T25477] FAULT_INJECTION: forcing a failure. [ 260.349961][T25477] name failslab, interval 1, probability 0, space 0, times 0 [ 260.362646][T25477] CPU: 1 PID: 25477 Comm: syz-executor.4 Not tainted 5.13.0-rc5-syzkaller #0 [ 260.371409][T25477] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 260.381464][T25477] Call Trace: [ 260.384741][T25477] dump_stack+0x137/0x19d [ 260.389071][T25477] should_fail+0x23c/0x250 [ 260.393489][T25477] ? security_file_alloc+0x30/0x190 [ 260.398685][T25477] __should_failslab+0x81/0x90 [ 260.403524][T25477] should_failslab+0x5/0x20 [ 260.408026][T25477] kmem_cache_alloc+0x46/0x2f0 [ 260.412849][T25477] security_file_alloc+0x30/0x190 [ 260.417869][T25477] __alloc_file+0x83/0x1a0 [ 260.422327][T25477] alloc_empty_file+0xcd/0x1c0 [ 260.427086][T25477] path_openat+0x6a/0x20b0 [ 260.431506][T25477] ? avc_has_perm_noaudit+0x19a/0x240 [ 260.436882][T25477] ? avc_has_perm+0x59/0x150 [ 260.441489][T25477] ? avc_has_perm+0xc8/0x150 [ 260.446140][T25477] ? fsnotify+0x1167/0x1190 08:40:37 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x6000) 08:40:37 executing program 3: syz_read_part_table(0xffffff7f00000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 260.450650][T25477] do_filp_open+0xd9/0x1f0 [ 260.455065][T25477] ? __virt_addr_valid+0x15a/0x1a0 [ 260.460181][T25477] ? __check_object_size+0x253/0x310 [ 260.465500][T25477] ? _find_next_bit+0x16a/0x190 [ 260.470370][T25477] ? alloc_fd+0x388/0x3e0 [ 260.474702][T25477] do_sys_openat2+0xa3/0x250 [ 260.479294][T25477] __x64_sys_openat+0xef/0x110 [ 260.484055][T25477] do_syscall_64+0x4a/0x90 [ 260.488471][T25477] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 260.494418][T25477] RIP: 0033:0x4196c4 [ 260.498312][T25477] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 260.517912][T25477] RSP: 002b:00007f3a0bdd3ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 260.526321][T25477] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 00000000004196c4 [ 260.534347][T25477] RDX: 0000000000000002 RSI: 00007f3a0bdd4000 RDI: 00000000ffffff9c [ 260.542439][T25477] RBP: 00007f3a0bdd4000 R08: 0000000000000000 R09: ffffffffffffffff 08:40:37 executing program 3: syz_read_part_table(0xffffffff00000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 260.550412][T25477] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 260.558385][T25477] R13: 0000000000000005 R14: 0000000020000400 R15: 0000000000000000 08:40:37 executing program 4 (fault-call:5 fault-nth:11): mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 260.624239][T25466] loop0: detected capacity change from 0 to 264192 [ 260.650188][T25498] loop3: detected capacity change from 0 to 264192 [ 260.651512][T25501] new mount options do not match the existing superblock, will be ignored [ 260.665704][T25466] loop0: p1 p2 p3 p4 [ 260.670975][T25466] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 260.679025][T25498] loop3: p1 p2 p3 p4 [ 260.684225][T25498] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 260.684378][T25501] FAULT_INJECTION: forcing a failure. [ 260.684378][T25501] name failslab, interval 1, probability 0, space 0, times 0 [ 260.704048][T25501] CPU: 0 PID: 25501 Comm: syz-executor.4 Not tainted 5.13.0-rc5-syzkaller #0 [ 260.712808][T25501] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 260.722922][T25501] Call Trace: [ 260.726232][T25501] dump_stack+0x137/0x19d [ 260.730568][T25501] should_fail+0x23c/0x250 [ 260.734990][T25501] ? loop_set_status_from_info+0x3a0/0x3a0 [ 260.740846][T25501] __should_failslab+0x81/0x90 [ 260.745702][T25501] ? __kthread_create_on_node+0x7a/0x290 [ 260.751418][T25501] should_failslab+0x5/0x20 [ 260.755917][T25501] kmem_cache_alloc_trace+0x49/0x310 [ 260.761294][T25501] ? loop_set_status_from_info+0x3a0/0x3a0 [ 260.767097][T25501] __kthread_create_on_node+0x7a/0x290 [ 260.772599][T25501] ? lo_open+0x93/0xa0 [ 260.776716][T25501] ? __blkdev_get+0xc1/0x6d0 [ 260.781302][T25501] ? loop_set_status_from_info+0x3a0/0x3a0 [ 260.787158][T25501] kthread_create_on_node+0x72/0xa0 [ 260.792506][T25501] loop_configure+0x597/0xcb0 [ 260.797184][T25501] ? mntput+0x45/0x70 [ 260.801187][T25501] lo_ioctl+0x555/0x11f0 [ 260.805440][T25501] ? path_openat+0x19ab/0x20b0 [ 260.810374][T25501] ? putname+0xa5/0xc0 [ 260.814641][T25501] ? ___cache_free+0x3c/0x300 [ 260.819414][T25501] ? blkdev_common_ioctl+0x9c3/0x1040 [ 260.824800][T25501] ? selinux_file_ioctl+0x8e0/0x970 [ 260.830067][T25501] ? lo_release+0x120/0x120 [ 260.834571][T25501] blkdev_ioctl+0x1d0/0x3c0 [ 260.839188][T25501] block_ioctl+0x6d/0x80 [ 260.843437][T25501] ? blkdev_iopoll+0x70/0x70 [ 260.848028][T25501] __se_sys_ioctl+0xcb/0x140 [ 260.852623][T25501] __x64_sys_ioctl+0x3f/0x50 [ 260.857252][T25501] do_syscall_64+0x4a/0x90 [ 260.861688][T25501] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 260.867595][T25501] RIP: 0033:0x466397 [ 260.871493][T25501] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 260.873989][T25515] netlink: 1312 bytes leftover after parsing attributes in process `syz-executor.1'. [ 260.891127][T25501] RSP: 002b:00007f3a0bdd3f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 260.891149][T25501] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397 [ 260.891161][T25501] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 08:40:37 executing program 1: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x9) [ 260.925016][T25501] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff [ 260.932986][T25501] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 260.940957][T25501] R13: 0000000000000005 R14: 0000000020000400 R15: 0000000000000000 [ 260.955940][T25498] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 260.965758][T25498] loop3: p4 size 3657465856 extends beyond EOD, truncated 08:40:38 executing program 4 (fault-call:5 fault-nth:12): mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 260.977431][T25466] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 260.993760][T25466] loop0: p4 size 3657465856 extends beyond EOD, truncated 08:40:38 executing program 0: syz_read_part_table(0x7a00000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 261.046505][T25524] new mount options do not match the existing superblock, will be ignored [ 261.067625][ T1135] loop0: p1 p2 p3 p4 [ 261.075712][ T1135] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 261.083017][T25524] FAULT_INJECTION: forcing a failure. [ 261.083017][T25524] name failslab, interval 1, probability 0, space 0, times 0 [ 261.095638][T25524] CPU: 1 PID: 25524 Comm: syz-executor.4 Not tainted 5.13.0-rc5-syzkaller #0 [ 261.097441][T25498] loop3: detected capacity change from 0 to 264192 [ 261.104390][T25524] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 261.120937][T25524] Call Trace: [ 261.124212][T25524] dump_stack+0x137/0x19d [ 261.128539][T25524] should_fail+0x23c/0x250 [ 261.132956][T25524] ? __kernfs_new_node+0x6a/0x330 [ 261.137989][T25524] __should_failslab+0x81/0x90 [ 261.142802][T25524] should_failslab+0x5/0x20 [ 261.147299][T25524] kmem_cache_alloc+0x46/0x2f0 [ 261.152061][T25524] ? kvm_sched_clock_read+0xd/0x20 [ 261.157169][T25524] __kernfs_new_node+0x6a/0x330 [ 261.162032][T25524] ? select_task_rq_fair+0x186/0xc00 [ 261.167335][T25524] ? rb_insert_color+0x7e/0x310 [ 261.172182][T25524] kernfs_create_dir_ns+0x5e/0x140 [ 261.173009][ T1135] loop0: p3 size 1912633224 extends beyond EOD, [ 261.177286][T25524] internal_create_group+0x138/0x850 [ 261.177324][T25524] ? check_preempt_wakeup+0x1bb/0x360 [ 261.183644][ T1135] truncated [ 261.184162][ T1135] loop0: p4 size 3657465856 extends beyond EOD, [ 261.188978][T25524] sysfs_create_group+0x1b/0x20 [ 261.189002][T25524] loop_configure+0xa21/0xcb0 [ 261.194361][ T1135] truncated [ 261.216344][T25524] lo_ioctl+0x555/0x11f0 [ 261.220570][T25524] ? path_openat+0x19ab/0x20b0 [ 261.225316][T25524] ? putname+0xa5/0xc0 [ 261.229493][T25524] ? ___cache_free+0x3c/0x300 [ 261.234218][T25524] ? blkdev_common_ioctl+0x9c3/0x1040 [ 261.239575][T25524] ? selinux_file_ioctl+0x8e0/0x970 [ 261.244752][T25524] ? lo_release+0x120/0x120 [ 261.249238][T25524] blkdev_ioctl+0x1d0/0x3c0 [ 261.253722][T25524] block_ioctl+0x6d/0x80 [ 261.257964][T25524] ? blkdev_iopoll+0x70/0x70 [ 261.262554][T25524] __se_sys_ioctl+0xcb/0x140 [ 261.267127][T25524] __x64_sys_ioctl+0x3f/0x50 [ 261.271700][T25524] do_syscall_64+0x4a/0x90 [ 261.276120][T25524] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 261.282057][T25524] RIP: 0033:0x466397 [ 261.285934][T25524] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 261.305599][T25524] RSP: 002b:00007f3a0bdd3f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 261.314055][T25524] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397 [ 261.322011][T25524] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 261.329964][T25524] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff [ 261.337919][T25524] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 08:40:38 executing program 5: r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = perf_event_open(&(0x7f00000000c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000a00)={0x0, ""/256, 0x0, 0x0}) r5 = openat$sysfs(0xffffff9c, &(0x7f0000000080)='/sys/power/state', 0x2, 0x0) sendfile(r5, r5, &(0x7f0000000000)=0x7, 0x3) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r6, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000001840)=ANY=[@ANYRES32, @ANYRES32, @ANYRESOCT, @ANYRES32, @ANYRES32, @ANYRES64, @ANYRESHEX], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r1, 0xc0709411, &(0x7f0000055200)={{r3, 0x6, 0xae, 0x7, 0x5, 0x4, 0x400, 0x5, 0x2, 0xe2, 0x5ac36f4d, 0x7, 0x7f, 0x9}, 0x18, [0x0, 0x0, 0x0]}) r8 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001a40)={0x0, ""/256, 0x0, 0x0, 0x0}) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r8, 0x84009422, &(0x7f0000000d40)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r11, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r11, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') sendmsg$NLBL_CIPSOV4_C_REMOVE(r11, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYRES32, @ANYRES32, @ANYRESOCT=r8, @ANYRES32=r9, @ANYRES32, @ANYRES64=r3, @ANYRESDEC=r10], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f00000552c0)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_TREE_SEARCH(r5, 0xd0009411, &(0x7f00000554c0)={{r2, 0xb002, 0x3, 0x7, 0x2, 0x7, 0x7fff, 0x5, 0x3, 0xffff, 0x0, 0x80000000, 0x2, 0x0, 0xf6a7}}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r0, 0xd000943d, &(0x7f00000564c0)={0x1, [{r3}, {r2}, {0x0, r4}, {0x0, r4}, {0x0, r4}, {r3, r4}, {r2, r4}, {r3}, {0x0, r4}, {0x0, r4}, {0x0, r4}, {r2, r4}, {r2}, {r2}, {0x0, r4}, {0x0, r4}, {}, {r2, r4}, {0x0, r4}, {}, {}, {r2}, {0x0, r4}, {r3}, {0x0, r4}, {}, {}, {}, {r2, r4}, {0x0, r4}, {r3}, {}, {}, {}, {}, {0x0, r4}, {r3, r4}, {r2}, {r2}, {}, {0x0, r4}, {r3, r4}, {}, {r2}, {}, {}, {}, {r2}, {r2, r4}, {r3}, {}, {r2}, {0x0, r4}, {r3, r4}, {0x0, r4}, {r2, r4}, {}, {r2, r4}, {0x0, r4}, {r2}, {r2}, {}, {r2, r4}, {r2, r4}, {0x0, r4}, {r3, r4}, {0x0, r4}, {r3}, {r2, r4}, {r2, r4}, {0x0, r4}, {}, {r2, r4}, {}, {r2}, {r3, r4}, {r2, r4}, {}, {r3}, {r3}, {}, {r2}, {}, {r3}, {0x0, r4}, {r2, r4}, {r2, r4}, {0x0, r4}, {}, {r3}, {r3, r4}, {}, {r2}, {0x0, r4}, {r2, r4}, {r2, r4}, {0x0, r4}, {}, {}, {}, {}, {}, {0x0, r4}, {}, {r3}, {}, {0x0, r4}, {r2}, {}, {r3, r4}, {r2, r4}, {r2, r4}, {r2, r4}, {}, {r3}, {r2, r4}, {}, {0x0, r4}, {r3}, {r2}, {r2, r4}, {r2}, {}, {}, {r2}, {}, {r2, r4}, {0x0, r4}, {r2, r4}, {r2}, {r3, r4}, {}, {r3}, {0x0, r4}, {}, {r3, r4}, {r3, r4}, {}, {0x0, r4}, {0x0, r4}, {0x0, r4}, {r3, r4}, {}, {}, {}, {}, {0x0, r4}, {r3}, {0x0, r4}, {r3, r4}, {0x0, r4}, {}, {}, {r3}, {r2, r4}, {r3}, {0x0, r4}, {r2, r4}, {0x0, r4}, {}, {r2}, {r2}, {r3, r4}, {r3}, {0x0, r4}, {}, {0x0, r4}, {r3}, {r2, r4}, {}, {}, {}, {r3}, {r3, r4}, {r3}, {}, {0x0, r4}, {}, {}, {r3, r4}, {r3}, {0x0, r4}, {r3}, {0x0, r4}, {0x0, r4}, {r3}, {0x0, r4}, {r2}, {}, {}, {0x0, r4}, {}, {r3, r4}, {}, {}, {0x0, r4}, {r2}, {}, {r3}, {r3}, {}, {r3, r4}, {}, {r3}, {}, {}, {r2}, {r3}, {r2, r4}, {0x0, r4}, {r2}, {}, {r2, r4}, {r3}, {r3}, {}, {}, {r2}, {r3, r4}, {0x0, r4}, {r3, r4}, {}, {r2}, {r2, r4}, {r2, r4}, {r2}, {r2}, {}, {0x0, r4}, {r2}, {0x0, r4}, {r2}, {}, {r2}, {r3}, {r2, r4}, {}, {0x0, r4}, {r2}, {0x0, r4}, {}, {r3}, {r3}, {0x0, r4}, {}, {0x0, r4}, {}, {0x0, r4}, {}, {r2, r4}, {}, {r3}, {r7, r9}, {r2, r12}, {r13, r4}], 0x1f, "84f6cf9fd91ef0"}) 08:40:38 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x6800) [ 261.345874][T25524] R13: 0000000000000005 R14: 0000000020000400 R15: 0000000000000000 [ 261.373317][T25546] device lo entered promiscuous mode [ 261.379982][T25546] Y­4`Ò˜: renamed from lo 08:40:38 executing program 4 (fault-call:5 fault-nth:13): mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 261.395323][T25498] loop3: p1 p2 p3 p4 [ 261.399915][T25498] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 261.414186][T25498] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 261.424224][T25544] loop0: detected capacity change from 0 to 264192 [ 261.434508][T25498] loop3: p4 size 3657465856 extends beyond EOD, truncated 08:40:38 executing program 3: syz_read_part_table(0xfffffffffffffffe, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 261.434603][T25568] new mount options do not match the existing superblock, will be ignored 08:40:38 executing program 3: syz_read_part_table(0xffffffffffffffff, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 261.469622][T25568] FAULT_INJECTION: forcing a failure. [ 261.469622][T25568] name failslab, interval 1, probability 0, space 0, times 0 [ 261.482329][T25568] CPU: 0 PID: 25568 Comm: syz-executor.4 Not tainted 5.13.0-rc5-syzkaller #0 [ 261.491119][T25568] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 261.501322][T25568] Call Trace: [ 261.504646][T25568] dump_stack+0x137/0x19d [ 261.508980][T25568] should_fail+0x23c/0x250 [ 261.513397][T25568] ? __kernfs_new_node+0x6a/0x330 08:40:38 executing program 5: syz_read_part_table(0x6300000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:38 executing program 3: syz_read_part_table(0x0, 0x2, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 261.518494][T25568] __should_failslab+0x81/0x90 [ 261.523322][T25568] should_failslab+0x5/0x20 [ 261.527812][T25568] kmem_cache_alloc+0x46/0x2f0 [ 261.532566][T25568] ? __cond_resched+0x11/0x40 [ 261.537309][T25568] __kernfs_new_node+0x6a/0x330 [ 261.542167][T25568] ? idr_alloc_cyclic+0x249/0x2d0 [ 261.547427][T25568] ? rb_insert_color+0x7e/0x310 [ 261.552290][T25568] kernfs_new_node+0x5b/0xd0 [ 261.556929][T25568] __kernfs_create_file+0x45/0x1a0 [ 261.561118][T25593] loop5: detected capacity change from 0 to 264192 08:40:38 executing program 3: syz_read_part_table(0x0, 0x3, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 261.562114][T25568] sysfs_add_file_mode_ns+0x1c1/0x250 [ 261.562138][T25568] internal_create_group+0x2e4/0x850 [ 261.579408][T25568] sysfs_create_group+0x1b/0x20 [ 261.584346][T25568] loop_configure+0xa21/0xcb0 [ 261.589099][T25568] lo_ioctl+0x555/0x11f0 [ 261.593346][T25568] ? path_openat+0x19ab/0x20b0 [ 261.598124][T25568] ? putname+0xa5/0xc0 [ 261.602208][T25568] ? ___cache_free+0x3c/0x300 [ 261.606924][T25568] ? blkdev_common_ioctl+0x9c3/0x1040 [ 261.612361][T25568] ? selinux_file_ioctl+0x8e0/0x970 08:40:38 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:38 executing program 1: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0xa) 08:40:38 executing program 3: syz_read_part_table(0x0, 0x5, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 261.617588][T25568] ? lo_release+0x120/0x120 [ 261.622096][T25568] blkdev_ioctl+0x1d0/0x3c0 [ 261.626619][T25568] block_ioctl+0x6d/0x80 [ 261.630866][T25568] ? blkdev_iopoll+0x70/0x70 [ 261.635451][T25568] __se_sys_ioctl+0xcb/0x140 [ 261.640043][T25568] __x64_sys_ioctl+0x3f/0x50 [ 261.644635][T25568] do_syscall_64+0x4a/0x90 [ 261.649119][T25568] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 261.655015][T25568] RIP: 0033:0x466397 [ 261.658922][T25568] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 261.678526][T25568] RSP: 002b:00007f3a0bdd3f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 261.686940][T25568] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397 [ 261.694907][T25568] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 261.702869][T25568] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff [ 261.710818][T25568] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 261.718771][T25568] R13: 0000000000000005 R14: 0000000020000400 R15: 0000000000000000 [ 261.730089][T25544] loop0: p1 p2 p3 p4 [ 261.737636][T25544] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 261.747539][T25544] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 261.755731][T25593] loop5: p1 p2 p3 p4 [ 261.766042][T25593] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 261.768338][T25607] netlink: 1312 bytes leftover after parsing attributes in process `syz-executor.1'. [ 261.783992][T25593] loop5: p3 size 1912633224 extends beyond EOD, truncated [ 261.791499][T25544] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 261.799492][T25593] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 261.812852][ T1135] loop0: p1 p2 p3 p4 [ 261.817575][ T1135] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 261.825501][ T1135] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 261.832935][ T1135] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 261.879836][T25544] loop0: detected capacity change from 0 to 264192 [ 261.935118][T25544] loop0: p1 p2 p3 p4 [ 261.939805][T25544] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 261.947642][T25544] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 261.955374][T25544] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 261.964441][ T1135] loop0: p1 p2 p3 p4 [ 261.968986][ T1135] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 261.976732][ T1135] loop0: p3 size 1912633224 extends beyond EOD, truncated 08:40:39 executing program 0: syz_read_part_table(0x8004000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:39 executing program 3: syz_read_part_table(0x0, 0x6, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 261.984314][ T1135] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 262.010215][T25669] loop3: detected capacity change from 0 to 1 [ 262.088330][T25682] loop0: detected capacity change from 0 to 264192 [ 262.091774][T25669] loop3: detected capacity change from 0 to 1 [ 262.145161][T25682] loop0: p1 p2 p3 p4 [ 262.149653][T25682] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 262.157539][T25682] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 262.165351][T25682] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 262.176383][ T1135] loop0: p1 p2 p3 p4 [ 262.180805][ T1135] loop0: p2 size 1073872896 extends beyond EOD, truncated 08:40:39 executing program 4 (fault-call:5 fault-nth:14): mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) 08:40:39 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x6, 0x2172, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000005000/0x4000)=nil, 0x4000, 0x1000, 0x0, &(0x7f0000003000/0x1000)=nil) setrlimit(0x3, &(0x7f0000000080)) r1 = creat(&(0x7f0000000140)='./bus\x00', 0x0) fcntl$setstatus(r1, 0x4, 0x4002) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000180)="20679e441df373a70162324f0a8a72beda8d8c7d720aea708e8a85af119645fc43a055b35a946efbf74463bd3e35feb79800e329f757113b4fbe19ebf98c23b16f3823e51a878b081b55", 0x4a}], 0x1) io_setup(0x7, &(0x7f0000000040)=0x0) io_submit(r2, 0xf10, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000000), 0x200a00}]) 08:40:39 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x6c00) 08:40:39 executing program 3: syz_read_part_table(0x0, 0x7, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 262.189187][ T1135] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 262.197071][ T1135] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 262.240935][T25705] new mount options do not match the existing superblock, will be ignored [ 262.250436][T25705] FAULT_INJECTION: forcing a failure. [ 262.250436][T25705] name failslab, interval 1, probability 0, space 0, times 0 [ 262.256516][T25682] loop0: detected capacity change from 0 to 264192 [ 262.263062][T25705] CPU: 1 PID: 25705 Comm: syz-executor.4 Not tainted 5.13.0-rc5-syzkaller #0 [ 262.263078][T25705] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 262.263085][T25705] Call Trace: [ 262.263091][T25705] dump_stack+0x137/0x19d [ 262.296058][T25705] should_fail+0x23c/0x250 [ 262.300456][T25705] ? __kernfs_new_node+0x6a/0x330 [ 262.305501][T25705] __should_failslab+0x81/0x90 [ 262.310457][T25705] should_failslab+0x5/0x20 [ 262.314954][T25705] kmem_cache_alloc+0x46/0x2f0 [ 262.319781][T25705] ? __cond_resched+0x11/0x40 [ 262.324445][T25705] __kernfs_new_node+0x6a/0x330 [ 262.329317][T25705] ? idr_alloc_cyclic+0x249/0x2d0 [ 262.334404][T25705] ? rb_insert_color+0x7e/0x310 [ 262.339229][T25705] kernfs_new_node+0x5b/0xd0 [ 262.343797][T25705] __kernfs_create_file+0x45/0x1a0 [ 262.348951][T25705] sysfs_add_file_mode_ns+0x1c1/0x250 [ 262.354485][T25705] internal_create_group+0x2e4/0x850 [ 262.359752][T25705] sysfs_create_group+0x1b/0x20 [ 262.364595][T25705] loop_configure+0xa21/0xcb0 [ 262.369296][T25705] lo_ioctl+0x555/0x11f0 [ 262.373515][T25705] ? path_openat+0x19ab/0x20b0 [ 262.378262][T25705] ? putname+0xa5/0xc0 [ 262.382307][T25705] ? ___cache_free+0x3c/0x300 [ 262.386962][T25705] ? blkdev_common_ioctl+0x9c3/0x1040 [ 262.392456][T25705] ? selinux_file_ioctl+0x8e0/0x970 [ 262.397627][T25705] ? lo_release+0x120/0x120 [ 262.402109][T25705] blkdev_ioctl+0x1d0/0x3c0 [ 262.406643][T25705] block_ioctl+0x6d/0x80 [ 262.410865][T25705] ? blkdev_iopoll+0x70/0x70 [ 262.415446][T25705] __se_sys_ioctl+0xcb/0x140 [ 262.420032][T25705] __x64_sys_ioctl+0x3f/0x50 [ 262.424610][T25705] do_syscall_64+0x4a/0x90 [ 262.429008][T25705] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 262.434953][T25705] RIP: 0033:0x466397 [ 262.438843][T25705] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 262.458490][T25705] RSP: 002b:00007f3a0bdd3f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 262.466876][T25705] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397 [ 262.474845][T25705] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 262.482810][T25705] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff 08:40:39 executing program 1: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0xb) [ 262.490770][T25705] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 262.498720][T25705] R13: 0000000000000005 R14: 0000000020000400 R15: 0000000000000000 08:40:39 executing program 5: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0xa) 08:40:39 executing program 4 (fault-call:5 fault-nth:15): mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) 08:40:39 executing program 3: syz_read_part_table(0x0, 0x8, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 262.533200][T25722] loop3: detected capacity change from 0 to 1 [ 262.542417][T25682] loop0: p1 p2 p3 p4 [ 262.546863][T25682] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 262.555856][T25682] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 262.563572][T25682] loop0: p4 size 3657465856 extends beyond EOD, truncated 08:40:39 executing program 0: syz_read_part_table(0x80ffffff00000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 262.593069][T25737] new mount options do not match the existing superblock, will be ignored [ 262.610489][T25737] FAULT_INJECTION: forcing a failure. [ 262.610489][T25737] name failslab, interval 1, probability 0, space 0, times 0 [ 262.623140][T25737] CPU: 0 PID: 25737 Comm: syz-executor.4 Not tainted 5.13.0-rc5-syzkaller #0 [ 262.631894][T25737] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 262.636741][T25743] netlink: 1312 bytes leftover after parsing attributes in process `syz-executor.5'. [ 262.641936][T25737] Call Trace: [ 262.641944][T25737] dump_stack+0x137/0x19d [ 262.656864][T25744] loop3: detected capacity change from 0 to 1 [ 262.658974][T25737] should_fail+0x23c/0x250 [ 262.658995][T25737] ? __kernfs_new_node+0x6a/0x330 [ 262.674433][T25737] __should_failslab+0x81/0x90 [ 262.679182][T25737] should_failslab+0x5/0x20 [ 262.683735][T25737] kmem_cache_alloc+0x46/0x2f0 [ 262.688477][T25737] __kernfs_new_node+0x6a/0x330 [ 262.693321][T25737] ? __cond_resched+0x11/0x40 [ 262.697977][T25737] ? mutex_lock+0x9/0x30 [ 262.702195][T25737] kernfs_new_node+0x5b/0xd0 [ 262.706777][T25737] __kernfs_create_file+0x45/0x1a0 [ 262.711993][T25737] sysfs_add_file_mode_ns+0x1c1/0x250 [ 262.717379][T25737] internal_create_group+0x2e4/0x850 [ 262.722643][T25737] sysfs_create_group+0x1b/0x20 [ 262.727579][T25737] loop_configure+0xa21/0xcb0 [ 262.732230][T25737] lo_ioctl+0x555/0x11f0 [ 262.736464][T25737] ? path_openat+0x19ab/0x20b0 [ 262.741291][T25737] ? putname+0xa5/0xc0 [ 262.745334][T25737] ? ___cache_free+0x3c/0x300 [ 262.750067][T25737] ? blkdev_common_ioctl+0x9c3/0x1040 [ 262.755433][T25737] ? selinux_file_ioctl+0x8e0/0x970 [ 262.760611][T25737] ? lo_release+0x120/0x120 [ 262.765104][T25737] blkdev_ioctl+0x1d0/0x3c0 [ 262.769597][T25737] block_ioctl+0x6d/0x80 [ 262.773825][T25737] ? blkdev_iopoll+0x70/0x70 [ 262.778503][T25737] __se_sys_ioctl+0xcb/0x140 [ 262.783099][T25737] __x64_sys_ioctl+0x3f/0x50 [ 262.787710][T25737] do_syscall_64+0x4a/0x90 [ 262.792113][T25737] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 262.797988][T25737] RIP: 0033:0x466397 [ 262.801898][T25737] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 262.821567][T25737] RSP: 002b:00007f3a0bdd3f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 262.829970][T25737] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397 [ 262.838043][T25737] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 262.846011][T25737] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff [ 262.853963][T25737] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 262.861914][T25737] R13: 0000000000000005 R14: 0000000020000400 R15: 0000000000000000 [ 262.874232][T25747] netlink: 1312 bytes leftover after parsing attributes in process `syz-executor.1'. 08:40:40 executing program 4 (fault-call:5 fault-nth:16): mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 262.900757][T25757] loop0: detected capacity change from 0 to 264192 [ 262.920745][T25762] new mount options do not match the existing superblock, will be ignored [ 262.929919][T25762] FAULT_INJECTION: forcing a failure. [ 262.929919][T25762] name failslab, interval 1, probability 0, space 0, times 0 [ 262.942526][T25762] CPU: 0 PID: 25762 Comm: syz-executor.4 Not tainted 5.13.0-rc5-syzkaller #0 [ 262.951383][T25762] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 262.955260][ T1135] loop0: p1 p2 p3 p4 [ 262.961457][T25762] Call Trace: [ 262.961466][T25762] dump_stack+0x137/0x19d [ 262.966011][ T1135] loop0: p2 size 1073872896 extends beyond EOD, [ 262.968715][T25762] should_fail+0x23c/0x250 [ 262.973066][ T1135] truncated [ 262.973524][ T1135] loop0: p3 size 1912633224 extends beyond EOD, [ 262.979374][T25762] ? __kernfs_new_node+0x6a/0x330 [ 262.979397][T25762] __should_failslab+0x81/0x90 [ 262.979418][T25762] should_failslab+0x5/0x20 [ 262.983821][ T1135] truncated [ 262.986785][ T1135] loop0: p4 size 3657465856 extends beyond EOD, [ 262.986913][T25762] kmem_cache_alloc+0x46/0x2f0 [ 262.993246][ T1135] truncated [ 262.998222][T25762] __kernfs_new_node+0x6a/0x330 [ 262.998245][T25762] ? __cond_resched+0x11/0x40 [ 263.034242][T25762] ? mutex_lock+0x9/0x30 [ 263.038486][T25762] kernfs_new_node+0x5b/0xd0 [ 263.043113][T25762] __kernfs_create_file+0x45/0x1a0 [ 263.048210][T25762] sysfs_add_file_mode_ns+0x1c1/0x250 [ 263.053572][T25762] internal_create_group+0x2e4/0x850 [ 263.058883][T25762] sysfs_create_group+0x1b/0x20 [ 263.063735][T25762] loop_configure+0xa21/0xcb0 [ 263.068407][T25762] lo_ioctl+0x555/0x11f0 [ 263.072672][T25762] ? path_openat+0x19ab/0x20b0 [ 263.077481][T25762] ? putname+0xa5/0xc0 [ 263.081554][T25762] ? ___cache_free+0x3c/0x300 [ 263.086223][T25762] ? blkdev_common_ioctl+0x9c3/0x1040 [ 263.091638][T25762] ? selinux_file_ioctl+0x8e0/0x970 [ 263.096848][T25762] ? lo_release+0x120/0x120 [ 263.101342][T25762] blkdev_ioctl+0x1d0/0x3c0 [ 263.105840][T25762] block_ioctl+0x6d/0x80 [ 263.110211][T25762] ? blkdev_iopoll+0x70/0x70 [ 263.114851][T25762] __se_sys_ioctl+0xcb/0x140 [ 263.119572][T25762] __x64_sys_ioctl+0x3f/0x50 [ 263.124156][T25762] do_syscall_64+0x4a/0x90 [ 263.128554][T25762] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 263.134422][T25762] RIP: 0033:0x466397 [ 263.138302][T25762] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 263.157885][T25762] RSP: 002b:00007f3a0bdd3f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 263.166293][T25762] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397 [ 263.174247][T25762] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 263.182209][T25762] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff [ 263.190296][T25762] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 08:40:40 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x7400) 08:40:40 executing program 4 (fault-call:5 fault-nth:17): mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 263.198257][T25762] R13: 0000000000000005 R14: 0000000020000400 R15: 0000000000000000 [ 263.213733][T25757] loop0: p1 p2 p3 p4 [ 263.216308][T25744] loop3: detected capacity change from 0 to 1 [ 263.220198][T25757] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 263.231225][T25757] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 263.239352][T25757] loop0: p4 size 3657465856 extends beyond EOD, truncated 08:40:40 executing program 3: syz_read_part_table(0x0, 0xa, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 263.266275][ T1135] loop0: p1 p2 p3 p4 [ 263.271110][ T1135] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 263.279831][ T1135] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 263.283747][T25797] new mount options do not match the existing superblock, will be ignored [ 263.287906][ T1135] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 263.302393][T25797] FAULT_INJECTION: forcing a failure. [ 263.302393][T25797] name failslab, interval 1, probability 0, space 0, times 0 [ 263.315279][T25797] CPU: 0 PID: 25797 Comm: syz-executor.4 Not tainted 5.13.0-rc5-syzkaller #0 [ 263.316164][T25800] loop3: detected capacity change from 0 to 1 [ 263.324247][T25797] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 263.324260][T25797] Call Trace: [ 263.324266][T25797] dump_stack+0x137/0x19d [ 263.347907][T25797] should_fail+0x23c/0x250 [ 263.352392][T25797] ? __kernfs_new_node+0x6a/0x330 [ 263.357497][T25797] __should_failslab+0x81/0x90 [ 263.362243][T25797] should_failslab+0x5/0x20 [ 263.366722][T25797] kmem_cache_alloc+0x46/0x2f0 [ 263.371489][T25797] __kernfs_new_node+0x6a/0x330 [ 263.376324][T25797] ? __cond_resched+0x11/0x40 [ 263.380985][T25797] ? mutex_lock+0x9/0x30 [ 263.385206][T25797] kernfs_new_node+0x5b/0xd0 [ 263.389785][T25797] __kernfs_create_file+0x45/0x1a0 [ 263.394883][T25797] sysfs_add_file_mode_ns+0x1c1/0x250 [ 263.400343][T25797] internal_create_group+0x2e4/0x850 [ 263.405615][T25797] sysfs_create_group+0x1b/0x20 [ 263.410454][T25797] loop_configure+0xa21/0xcb0 [ 263.415113][T25797] lo_ioctl+0x555/0x11f0 [ 263.419356][T25797] ? path_openat+0x19ab/0x20b0 [ 263.424189][T25797] ? putname+0xa5/0xc0 [ 263.428241][T25797] ? ___cache_free+0x3c/0x300 [ 263.432904][T25797] ? blkdev_common_ioctl+0x9c3/0x1040 [ 263.438267][T25797] ? selinux_file_ioctl+0x8e0/0x970 [ 263.443451][T25797] ? lo_release+0x120/0x120 [ 263.447936][T25797] blkdev_ioctl+0x1d0/0x3c0 [ 263.452426][T25797] block_ioctl+0x6d/0x80 [ 263.456766][T25797] ? blkdev_iopoll+0x70/0x70 [ 263.461363][T25797] __se_sys_ioctl+0xcb/0x140 [ 263.465941][T25797] __x64_sys_ioctl+0x3f/0x50 [ 263.470520][T25797] do_syscall_64+0x4a/0x90 [ 263.475049][T25797] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 263.480947][T25797] RIP: 0033:0x466397 [ 263.484828][T25797] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 263.504446][T25797] RSP: 002b:00007f3a0bdd3f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 08:40:40 executing program 1: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0xc) 08:40:40 executing program 5: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x6800) [ 263.512849][T25797] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397 [ 263.520870][T25797] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 263.528831][T25797] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff [ 263.536824][T25797] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 263.544793][T25797] R13: 0000000000000005 R14: 0000000020000400 R15: 0000000000000000 08:40:40 executing program 4 (fault-call:5 fault-nth:18): mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 263.585768][ T1135] loop3: p1 p2 p4 [ 263.589551][ T1135] loop3: p1 start 487 is beyond EOD, truncated [ 263.595756][ T1135] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 263.604912][T25757] loop0: detected capacity change from 0 to 264192 [ 263.607700][ T1135] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 263.620590][T25800] loop3: p1 p2 p4 [ 263.623181][T25826] new mount options do not match the existing superblock, will be ignored [ 263.624572][T25800] loop3: p1 start 487 is beyond EOD, truncated [ 263.634104][T25826] FAULT_INJECTION: forcing a failure. [ 263.634104][T25826] name failslab, interval 1, probability 0, space 0, times 0 [ 263.639099][T25800] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 263.651701][T25826] CPU: 0 PID: 25826 Comm: syz-executor.4 Not tainted 5.13.0-rc5-syzkaller #0 [ 263.660828][T25831] netlink: 1312 bytes leftover after parsing attributes in process `syz-executor.1'. [ 263.667536][T25826] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 263.667549][T25826] Call Trace: [ 263.667556][T25826] dump_stack+0x137/0x19d [ 263.680066][T25800] loop3: p4 size 3657465856 extends beyond EOD, [ 263.687035][T25826] should_fail+0x23c/0x250 [ 263.687057][T25826] ? __kernfs_new_node+0x6a/0x330 [ 263.690334][T25800] truncated [ 263.713418][T25826] __should_failslab+0x81/0x90 [ 263.718359][T25826] should_failslab+0x5/0x20 [ 263.722949][T25826] kmem_cache_alloc+0x46/0x2f0 [ 263.727804][T25826] __kernfs_new_node+0x6a/0x330 [ 263.732631][T25826] ? __cond_resched+0x11/0x40 [ 263.737282][T25826] ? mutex_lock+0x9/0x30 [ 263.741498][T25826] kernfs_new_node+0x5b/0xd0 [ 263.746065][T25826] __kernfs_create_file+0x45/0x1a0 [ 263.751295][T25826] sysfs_add_file_mode_ns+0x1c1/0x250 [ 263.756759][T25826] internal_create_group+0x2e4/0x850 [ 263.762112][T25826] sysfs_create_group+0x1b/0x20 [ 263.766957][T25826] loop_configure+0xa21/0xcb0 [ 263.771669][T25826] lo_ioctl+0x555/0x11f0 [ 263.775980][T25826] ? path_openat+0x19ab/0x20b0 [ 263.780752][T25826] ? putname+0xa5/0xc0 [ 263.784805][T25826] ? ___cache_free+0x3c/0x300 [ 263.789542][T25826] ? blkdev_common_ioctl+0x9c3/0x1040 [ 263.794905][T25826] ? selinux_file_ioctl+0x8e0/0x970 [ 263.800119][T25826] ? lo_release+0x120/0x120 [ 263.804629][T25826] blkdev_ioctl+0x1d0/0x3c0 [ 263.809161][T25826] block_ioctl+0x6d/0x80 [ 263.813381][T25826] ? blkdev_iopoll+0x70/0x70 [ 263.817964][T25826] __se_sys_ioctl+0xcb/0x140 [ 263.822575][T25826] __x64_sys_ioctl+0x3f/0x50 [ 263.827198][T25826] do_syscall_64+0x4a/0x90 [ 263.831881][T25826] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 263.837755][T25826] RIP: 0033:0x466397 [ 263.841652][T25826] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 263.861319][T25826] RSP: 002b:00007f3a0bdd3f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 263.869792][T25826] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397 [ 263.877780][T25826] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 263.885727][T25826] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff [ 263.893682][T25826] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 263.901634][T25826] R13: 0000000000000005 R14: 0000000020000400 R15: 0000000000000000 [ 263.915101][T25757] loop0: p1 p2 p3 p4 [ 263.919986][T25757] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 263.928122][T25757] loop0: p3 size 1912633224 extends beyond EOD, truncated 08:40:41 executing program 4 (fault-call:5 fault-nth:19): mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 263.935831][T25757] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 263.943338][T25800] loop3: detected capacity change from 0 to 1 [ 263.965908][T25850] new mount options do not match the existing superblock, will be ignored [ 263.975134][T25850] FAULT_INJECTION: forcing a failure. [ 263.975134][T25850] name failslab, interval 1, probability 0, space 0, times 0 [ 263.987783][T25850] CPU: 0 PID: 25850 Comm: syz-executor.4 Not tainted 5.13.0-rc5-syzkaller #0 [ 263.996536][T25850] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 263.997450][ T1135] loop3: p1 p2 p4 [ 264.006586][T25850] Call Trace: [ 264.006643][T25850] dump_stack+0x137/0x19d [ 264.010541][ T1135] loop3: p1 start 487 is beyond EOD, [ 264.013644][T25850] should_fail+0x23c/0x250 [ 264.013665][T25850] __should_failslab+0x81/0x90 [ 264.018015][ T1135] truncated 08:40:41 executing program 0: syz_read_part_table(0x81ffffff00000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:41 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x7a00) [ 264.023354][T25850] ? kobject_uevent_env+0x1a7/0xc40 [ 264.027750][ T1135] loop3: p2 size 1073872896 extends beyond EOD, [ 264.032472][T25850] should_failslab+0x5/0x20 [ 264.035567][ T1135] truncated [ 264.040747][T25850] kmem_cache_alloc_trace+0x49/0x310 [ 264.050043][ T1135] loop3: p4 size 3657465856 extends beyond EOD, [ 264.051519][T25850] ? sysfs_add_file_mode_ns+0x1c1/0x250 [ 264.051542][T25850] ? dev_uevent_filter+0x70/0x70 [ 264.054630][ T1135] truncated [ 264.079776][T25850] kobject_uevent_env+0x1a7/0xc40 [ 264.084828][T25850] ? internal_create_group+0x7c9/0x850 [ 264.090295][T25850] kobject_uevent+0x18/0x20 [ 264.094813][T25850] loop_configure+0xb3c/0xcb0 [ 264.099477][T25850] lo_ioctl+0x555/0x11f0 [ 264.103731][T25850] ? path_openat+0x19ab/0x20b0 [ 264.108496][T25850] ? putname+0xa5/0xc0 [ 264.112537][T25850] ? ___cache_free+0x3c/0x300 [ 264.117188][T25850] ? blkdev_common_ioctl+0x9c3/0x1040 [ 264.122551][T25850] ? selinux_file_ioctl+0x8e0/0x970 [ 264.127730][T25850] ? lo_release+0x120/0x120 [ 264.132235][T25850] blkdev_ioctl+0x1d0/0x3c0 [ 264.136730][T25850] block_ioctl+0x6d/0x80 [ 264.140948][T25850] ? blkdev_iopoll+0x70/0x70 [ 264.145520][T25850] __se_sys_ioctl+0xcb/0x140 [ 264.150102][T25850] __x64_sys_ioctl+0x3f/0x50 [ 264.154755][T25850] do_syscall_64+0x4a/0x90 [ 264.159176][T25850] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 264.165049][T25850] RIP: 0033:0x466397 [ 264.168917][T25850] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 264.188538][T25850] RSP: 002b:00007f3a0bdd3f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 264.196944][T25850] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397 [ 264.204926][T25850] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 264.212876][T25850] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff [ 264.220835][T25850] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 264.228784][T25850] R13: 0000000000000005 R14: 0000000020000400 R15: 0000000000000000 08:40:41 executing program 4 (fault-call:5 fault-nth:20): mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) 08:40:41 executing program 3: syz_read_part_table(0x0, 0xb, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 264.241206][T25800] loop3: p1 p2 p4 [ 264.245068][T25800] loop3: p1 start 487 is beyond EOD, truncated [ 264.251258][T25800] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 264.258943][T25800] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 264.288401][T25871] loop0: detected capacity change from 0 to 264192 [ 264.293879][T25873] new mount options do not match the existing superblock, will be ignored [ 264.308212][T25873] FAULT_INJECTION: forcing a failure. [ 264.308212][T25873] name failslab, interval 1, probability 0, space 0, times 0 [ 264.320811][T25873] CPU: 0 PID: 25873 Comm: syz-executor.4 Not tainted 5.13.0-rc5-syzkaller #0 [ 264.329543][T25873] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 264.337522][T25878] loop3: detected capacity change from 0 to 1 [ 264.339672][T25873] Call Trace: [ 264.339679][T25873] dump_stack+0x137/0x19d [ 264.339701][T25873] should_fail+0x23c/0x250 [ 264.357728][T25873] ? kzalloc+0x1d/0x30 [ 264.361783][T25873] __should_failslab+0x81/0x90 [ 264.366625][T25873] should_failslab+0x5/0x20 [ 264.371115][T25873] __kmalloc+0x66/0x340 [ 264.375252][T25873] kzalloc+0x1d/0x30 [ 264.379136][T25873] kobject_get_path+0x7c/0x110 [ 264.383953][T25873] kobject_uevent_env+0x1be/0xc40 [ 264.388963][T25873] ? internal_create_group+0x7c9/0x850 [ 264.394537][T25873] kobject_uevent+0x18/0x20 [ 264.399030][T25873] loop_configure+0xb3c/0xcb0 [ 264.403689][T25873] lo_ioctl+0x555/0x11f0 [ 264.407903][T25873] ? path_openat+0x19ab/0x20b0 [ 264.412649][T25873] ? putname+0xa5/0xc0 [ 264.416710][T25873] ? ___cache_free+0x3c/0x300 [ 264.421388][T25873] ? blkdev_common_ioctl+0x9c3/0x1040 [ 264.426817][T25873] ? selinux_file_ioctl+0x8e0/0x970 [ 264.432001][T25873] ? lo_release+0x120/0x120 [ 264.436486][T25873] blkdev_ioctl+0x1d0/0x3c0 [ 264.440973][T25873] block_ioctl+0x6d/0x80 [ 264.445210][T25873] ? blkdev_iopoll+0x70/0x70 [ 264.449851][T25873] __se_sys_ioctl+0xcb/0x140 [ 264.454418][T25873] __x64_sys_ioctl+0x3f/0x50 [ 264.458981][T25873] do_syscall_64+0x4a/0x90 [ 264.463388][T25873] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 264.469408][T25873] RIP: 0033:0x466397 [ 264.473373][T25873] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 264.492968][T25873] RSP: 002b:00007f3a0bdd3f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 264.501375][T25873] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397 [ 264.509494][T25873] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 264.517438][T25873] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff [ 264.525441][T25873] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 08:40:41 executing program 1: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0xd) 08:40:41 executing program 5: syz_read_part_table(0x0, 0xa, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 264.533394][T25873] R13: 0000000000000005 R14: 0000000020000400 R15: 0000000000000000 [ 264.551520][T25871] loop0: p1 p2 p3 p4 [ 264.558871][T25871] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 264.578811][T25871] loop0: p3 size 1912633224 extends beyond EOD, truncated 08:40:41 executing program 4 (fault-call:5 fault-nth:21): mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 264.580058][T25892] loop5: detected capacity change from 0 to 1 [ 264.588549][T25871] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 264.605758][T25892] loop5: p1 p2 p4 [ 264.609638][T25892] loop5: p1 start 487 is beyond EOD, truncated [ 264.615936][T25892] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 264.624059][T25878] loop3: detected capacity change from 0 to 1 [ 264.630881][T25892] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 264.644531][T25905] netlink: 1312 bytes leftover after parsing attributes in process `syz-executor.1'. [ 264.654493][T25908] new mount options do not match the existing superblock, will be ignored [ 264.677137][T24890] print_req_error: 90 callbacks suppressed [ 264.677158][T24890] blk_update_request: I/O error, dev loop0, sector 495 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 264.681568][T25908] FAULT_INJECTION: forcing a failure. [ 264.681568][T25908] name failslab, interval 1, probability 0, space 0, times 0 [ 264.683051][ T704] blk_update_request: I/O error, dev loop0, sector 495 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 264.694341][T25908] CPU: 1 PID: 25908 Comm: syz-executor.4 Not tainted 5.13.0-rc5-syzkaller #0 [ 264.706926][ T704] buffer_io_error: 64 callbacks suppressed [ 264.706940][ T704] Buffer I/O error on dev loop0p1, logical block 1, async page read 08:40:41 executing program 3: syz_read_part_table(0x0, 0xc, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 264.717884][T25908] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 264.717926][T25908] Call Trace: [ 264.717933][T25908] dump_stack+0x137/0x19d [ 264.728229][T24807] blk_update_request: I/O error, dev loop0, sector 264064 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 264.732505][T25908] should_fail+0x23c/0x250 [ 264.745114][T24885] blk_update_request: I/O error, dev loop0, sector 264064 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 264.750491][T25908] ? kzalloc+0x1d/0x30 [ 264.750514][T25908] __should_failslab+0x81/0x90 [ 264.750534][T25908] should_failslab+0x5/0x20 [ 264.755665][T24888] blk_update_request: I/O error, dev loop0, sector 264033 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 264.758098][T25908] __kmalloc+0x66/0x340 [ 264.770361][T25871] __loop_clr_fd: partition scan of loop0 failed (rc=-16) [ 264.774280][T25908] kzalloc+0x1d/0x30 [ 264.774303][T25908] kobject_get_path+0x7c/0x110 [ 264.788364][ T704] blk_update_request: I/O error, dev loop0, sector 264064 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 264.789998][T25908] kobject_uevent_env+0x1be/0xc40 [ 264.794764][ T704] Buffer I/O error on dev loop0p4, logical block 33008, async page read [ 264.799235][T25908] ? internal_create_group+0x7c9/0x850 [ 264.799258][T25908] kobject_uevent+0x18/0x20 [ 264.799275][T25908] loop_configure+0xb3c/0xcb0 [ 264.799306][T25908] lo_ioctl+0x555/0x11f0 [ 264.829255][ T704] blk_update_request: I/O error, dev loop0, sector 264064 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 264.830642][T25908] ? path_openat+0x19ab/0x20b0 [ 264.830664][T25908] ? putname+0xa5/0xc0 [ 264.841929][ T704] Buffer I/O error on dev loop0p2, logical block 33008, async page read [ 264.846902][T25908] ? ___cache_free+0x3c/0x300 [ 264.846935][T25908] ? blkdev_common_ioctl+0x9c3/0x1040 [ 264.860853][ T704] blk_update_request: I/O error, dev loop0, sector 264033 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 264.865143][T25908] ? selinux_file_ioctl+0x8e0/0x970 [ 264.865163][T25908] ? lo_release+0x120/0x120 [ 264.869836][ T704] Buffer I/O error on dev loop0p3, logical block 263808, async page read [ 264.874126][T25908] blkdev_ioctl+0x1d0/0x3c0 [ 264.887695][ T704] blk_update_request: I/O error, dev loop0, sector 264034 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 264.890173][T25908] block_ioctl+0x6d/0x80 [ 264.894243][ T704] Buffer I/O error on dev loop0p3, logical block 263809, async page read [ 264.902541][T25908] ? blkdev_iopoll+0x70/0x70 [ 264.902562][T25908] __se_sys_ioctl+0xcb/0x140 [ 264.902577][T25908] __x64_sys_ioctl+0x3f/0x50 [ 264.902598][T25908] do_syscall_64+0x4a/0x90 [ 264.915527][ T704] blk_update_request: I/O error, dev loop0, sector 264035 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 264.923834][T25908] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 264.929030][ T704] Buffer I/O error on dev loop0p3, logical block 263810, async page read [ 264.933482][T25908] RIP: 0033:0x466397 [ 264.946424][ T704] Buffer I/O error on dev loop0p3, logical block 263811, async page read [ 264.958060][T25908] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 08:40:42 executing program 5: syz_read_part_table(0x0, 0xa, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:42 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0xb80a) [ 264.958078][T25908] RSP: 002b:00007f3a0bdd3f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 264.958095][T25908] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397 [ 264.962489][ T704] Buffer I/O error on dev loop0p3, logical block 263812, async page read [ 264.970704][T25908] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 264.970717][T25908] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff [ 264.970727][T25908] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 264.977369][ T704] Buffer I/O error on dev loop0p3, logical block 263813, async page read [ 264.979883][T25908] R13: 0000000000000005 R14: 0000000020000400 R15: 0000000000000000 [ 264.995098][T25871] loop0: detected capacity change from 0 to 264192 [ 265.000370][ T704] Buffer I/O error on dev loop0p3, logical block 263814, async page read [ 265.102676][T25929] loop5: detected capacity change from 0 to 1 08:40:42 executing program 4 (fault-call:5 fault-nth:22): mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 265.148536][T25929] loop5: p1 p2 p4 [ 265.153022][T25929] loop5: p1 start 487 is beyond EOD, truncated [ 265.159357][T25929] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 265.172572][T25871] loop0: p1 p2 p3 p4 [ 265.184512][T25871] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 265.193573][T25871] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 265.202359][T25929] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 265.210350][T25871] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 265.230648][T25951] loop3: detected capacity change from 0 to 1 [ 265.233325][T25952] new mount options do not match the existing superblock, will be ignored [ 265.247039][T25952] FAULT_INJECTION: forcing a failure. [ 265.247039][T25952] name failslab, interval 1, probability 0, space 0, times 0 [ 265.259810][T25952] CPU: 0 PID: 25952 Comm: syz-executor.4 Not tainted 5.13.0-rc5-syzkaller #0 [ 265.268540][T25952] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 265.278729][T25952] Call Trace: [ 265.282002][T25952] dump_stack+0x137/0x19d [ 265.286384][T25952] should_fail+0x23c/0x250 [ 265.290933][T25952] __should_failslab+0x81/0x90 [ 265.295693][T25952] should_failslab+0x5/0x20 [ 265.300190][T25952] kmem_cache_alloc_node+0x58/0x2b0 [ 265.305368][T25952] ? __alloc_skb+0xed/0x420 [ 265.309938][T25952] __alloc_skb+0xed/0x420 [ 265.314320][T25952] alloc_uevent_skb+0x5b/0x120 [ 265.319088][T25952] kobject_uevent_env+0x863/0xc40 [ 265.324095][T25952] ? internal_create_group+0x7c9/0x850 [ 265.329621][T25952] kobject_uevent+0x18/0x20 [ 265.334183][T25952] loop_configure+0xb3c/0xcb0 [ 265.338872][T25952] lo_ioctl+0x555/0x11f0 [ 265.343107][T25952] ? path_openat+0x19ab/0x20b0 [ 265.347847][T25952] ? putname+0xa5/0xc0 [ 265.351893][T25952] ? ___cache_free+0x3c/0x300 [ 265.356549][T25952] ? blkdev_common_ioctl+0x9c3/0x1040 [ 265.361959][T25952] ? selinux_file_ioctl+0x8e0/0x970 [ 265.367154][T25952] ? lo_release+0x120/0x120 [ 265.371736][T25952] blkdev_ioctl+0x1d0/0x3c0 [ 265.376223][T25952] block_ioctl+0x6d/0x80 [ 265.380595][T25952] ? blkdev_iopoll+0x70/0x70 [ 265.385265][T25952] __se_sys_ioctl+0xcb/0x140 [ 265.389848][T25952] __x64_sys_ioctl+0x3f/0x50 [ 265.394524][T25952] do_syscall_64+0x4a/0x90 08:40:42 executing program 1: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0xe) [ 265.398922][T25952] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 265.404822][T25952] RIP: 0033:0x466397 [ 265.408703][T25952] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 265.428293][T25952] RSP: 002b:00007f3a0bdd3f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 265.436684][T25952] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397 [ 265.444633][T25952] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 265.452602][T25952] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff [ 265.460572][T25952] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 265.468519][T25952] R13: 0000000000000005 R14: 0000000020000400 R15: 0000000000000000 [ 265.489251][T25961] netlink: 1312 bytes leftover after parsing attributes in process `syz-executor.1'. 08:40:42 executing program 0: syz_read_part_table(0x82ffffff00000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:42 executing program 5: syz_read_part_table(0x0, 0xa, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:42 executing program 4 (fault-call:5 fault-nth:23): mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 265.495036][ T1135] loop0: p1 p2 p3 p4 [ 265.503240][ T1135] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 265.516677][ T1135] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 265.524135][ T1135] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 265.532452][T25970] loop5: detected capacity change from 0 to 1 [ 265.544049][T25951] loop3: detected capacity change from 0 to 1 [ 265.562585][T25983] new mount options do not match the existing superblock, will be ignored [ 265.571520][T25970] loop5: p1 p2 p4 [ 265.576240][T25980] loop0: detected capacity change from 0 to 264192 [ 265.578602][T25970] loop5: p1 start 487 is beyond EOD, truncated [ 265.584446][T25983] FAULT_INJECTION: forcing a failure. [ 265.584446][T25983] name failslab, interval 1, probability 0, space 0, times 0 [ 265.588952][T25970] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 265.608651][T25983] CPU: 0 PID: 25983 Comm: syz-executor.4 Not tainted 5.13.0-rc5-syzkaller #0 [ 265.617385][T25983] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 265.627468][T25983] Call Trace: [ 265.630732][T25983] dump_stack+0x137/0x19d [ 265.635097][T25983] should_fail+0x23c/0x250 [ 265.639490][T25983] ? skb_clone+0x12c/0x1f0 [ 265.643885][T25983] __should_failslab+0x81/0x90 [ 265.648766][T25983] should_failslab+0x5/0x20 [ 265.653242][T25983] kmem_cache_alloc+0x46/0x2f0 [ 265.658058][T25983] skb_clone+0x12c/0x1f0 [ 265.662360][T25983] netlink_broadcast_filtered+0x50d/0xb90 [ 265.668086][T25983] ? skb_put+0xb9/0xf0 [ 265.672251][T25983] netlink_broadcast+0x35/0x50 [ 265.677030][T25983] kobject_uevent_env+0x8c9/0xc40 [ 265.682076][T25983] ? internal_create_group+0x7c9/0x850 [ 265.687544][T25983] kobject_uevent+0x18/0x20 [ 265.692086][T25983] loop_configure+0xb3c/0xcb0 [ 265.696887][T25983] lo_ioctl+0x555/0x11f0 [ 265.701174][T25983] ? path_openat+0x19ab/0x20b0 [ 265.705911][T25983] ? putname+0xa5/0xc0 [ 265.709955][T25983] ? ___cache_free+0x3c/0x300 [ 265.714607][T25983] ? blkdev_common_ioctl+0x9c3/0x1040 [ 265.719999][T25983] ? selinux_file_ioctl+0x8e0/0x970 [ 265.725225][T25983] ? lo_release+0x120/0x120 [ 265.729753][T25983] blkdev_ioctl+0x1d0/0x3c0 [ 265.734243][T25983] block_ioctl+0x6d/0x80 [ 265.738466][T25983] ? blkdev_iopoll+0x70/0x70 [ 265.743042][T25983] __se_sys_ioctl+0xcb/0x140 [ 265.747626][T25983] __x64_sys_ioctl+0x3f/0x50 [ 265.752250][T25983] do_syscall_64+0x4a/0x90 [ 265.756712][T25983] ? irqentry_exit_to_user_mode+0x5/0x20 [ 265.762333][T25983] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 265.768215][T25983] RIP: 0033:0x466397 [ 265.772086][T25983] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 265.791759][T25983] RSP: 002b:00007f3a0bdd3f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 265.800156][T25983] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397 [ 265.808227][T25983] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 265.816177][T25983] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff [ 265.824124][T25983] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 265.832077][T25983] R13: 0000000000000005 R14: 0000000020000400 R15: 0000000000000000 [ 265.845831][T25970] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 265.854753][ T1135] loop5: p1 p2 p4 08:40:43 executing program 4 (fault-call:5 fault-nth:24): mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) 08:40:43 executing program 3: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:43 executing program 5: syz_read_part_table(0x0, 0x0, 0x0) [ 265.858965][ T1135] loop5: p1 start 487 is beyond EOD, truncated [ 265.865114][ T1135] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 265.872775][T25980] loop0: p1 p2 p3 p4 [ 265.876015][ T1135] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 265.885181][T25980] loop0: p2 size 1073872896 extends beyond EOD, truncated 08:40:43 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x100000) [ 265.920680][T25980] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 265.934990][T26011] new mount options do not match the existing superblock, will be ignored [ 265.946360][T25980] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 265.958221][T26009] loop3: detected capacity change from 0 to 1 [ 265.964533][T26011] FAULT_INJECTION: forcing a failure. [ 265.964533][T26011] name failslab, interval 1, probability 0, space 0, times 0 [ 265.977203][T26011] CPU: 1 PID: 26011 Comm: syz-executor.4 Not tainted 5.13.0-rc5-syzkaller #0 [ 265.985951][T26011] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 265.996003][T26011] Call Trace: [ 265.999296][T26011] dump_stack+0x137/0x19d [ 266.003648][T26011] should_fail+0x23c/0x250 [ 266.008112][T26011] __should_failslab+0x81/0x90 [ 266.012856][T26011] ? call_usermodehelper_setup+0x81/0x160 [ 266.018560][T26011] should_failslab+0x5/0x20 [ 266.023073][T26011] kmem_cache_alloc_trace+0x49/0x310 [ 266.028416][T26011] ? add_uevent_var+0x16e/0x1c0 [ 266.033244][T26011] ? __kfree_skb+0xfe/0x150 [ 266.037746][T26011] call_usermodehelper_setup+0x81/0x160 [ 266.043297][T26011] ? add_uevent_var+0x1c0/0x1c0 [ 266.048194][T26011] kobject_uevent_env+0xb29/0xc40 [ 266.053309][T26011] ? internal_create_group+0x7c9/0x850 [ 266.058840][T26011] kobject_uevent+0x18/0x20 [ 266.063476][T26011] loop_configure+0xb3c/0xcb0 [ 266.068129][T26011] lo_ioctl+0x555/0x11f0 [ 266.072367][T26011] ? path_openat+0x19ab/0x20b0 [ 266.077119][T26011] ? putname+0xa5/0xc0 [ 266.081159][T26011] ? ___cache_free+0x3c/0x300 [ 266.085846][T26011] ? blkdev_common_ioctl+0x9c3/0x1040 [ 266.091223][T26011] ? selinux_file_ioctl+0x8e0/0x970 [ 266.096447][T26011] ? lo_release+0x120/0x120 [ 266.100964][T26011] blkdev_ioctl+0x1d0/0x3c0 [ 266.105452][T26011] block_ioctl+0x6d/0x80 [ 266.109687][T26011] ? blkdev_iopoll+0x70/0x70 [ 266.114283][T26011] __se_sys_ioctl+0xcb/0x140 [ 266.118955][T26011] __x64_sys_ioctl+0x3f/0x50 [ 266.123550][T26011] do_syscall_64+0x4a/0x90 [ 266.127958][T26011] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 266.133865][T26011] RIP: 0033:0x466397 [ 266.137753][T26011] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 266.157355][T26011] RSP: 002b:00007f3a0bdd3f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 266.165775][T26011] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397 [ 266.173953][T26011] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 266.181907][T26011] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff [ 266.189873][T26011] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 266.197827][T26011] R13: 0000000000000005 R14: 0000000020000400 R15: 0000000000000000 [ 266.220151][T25980] loop0: detected capacity change from 0 to 264192 08:40:43 executing program 5: syz_read_part_table(0x0, 0x0, 0x0) 08:40:43 executing program 1: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0xf) 08:40:43 executing program 4 (fault-call:5 fault-nth:25): mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 266.266251][T26009] loop3: detected capacity change from 0 to 1 [ 266.279502][ T1135] loop0: p1 p2 p3 p4 [ 266.285344][ T1135] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 266.306436][ T1135] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 266.312140][T26051] new mount options do not match the existing superblock, will be ignored [ 266.314074][ T1135] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 266.324151][T26051] FAULT_INJECTION: forcing a failure. [ 266.324151][T26051] name failslab, interval 1, probability 0, space 0, times 0 [ 266.341809][T26051] CPU: 1 PID: 26051 Comm: syz-executor.4 Not tainted 5.13.0-rc5-syzkaller #0 [ 266.346101][T25980] loop0: p1 p2 p3 p4 [ 266.350719][T26051] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 266.350732][T26051] Call Trace: [ 266.350738][T26051] dump_stack+0x137/0x19d [ 266.355457][T25980] loop0: p2 size 1073872896 extends beyond EOD, [ 266.364735][T26051] should_fail+0x23c/0x250 [ 266.364758][T26051] ? getname_flags+0x84/0x3d0 [ 266.364774][T26051] __should_failslab+0x81/0x90 [ 266.368069][T25980] truncated [ 266.372451][T26051] should_failslab+0x5/0x20 [ 266.381532][T25980] loop0: p3 size 1912633224 extends beyond EOD, [ 266.383139][T26051] kmem_cache_alloc+0x46/0x2f0 [ 266.383163][T26051] getname_flags+0x84/0x3d0 08:40:43 executing program 3: syz_read_part_table(0x0, 0xe, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 266.387826][T25980] truncated [ 266.392542][T26051] do_mkdirat+0x3b/0x200 [ 266.397339][T25980] loop0: p4 size 3657465856 extends beyond EOD, [ 266.400105][T26051] __x64_sys_mkdir+0x32/0x40 [ 266.400126][T26051] do_syscall_64+0x4a/0x90 [ 266.406551][T25980] truncated [ 266.411250][T26051] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 266.447487][T26051] RIP: 0033:0x4656e7 [ 266.451385][T26051] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 266.471007][T26051] RSP: 002b:00007f3a0bdd3fa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 266.479427][T26051] RAX: ffffffffffffffda RBX: 0000000020000400 RCX: 00000000004656e7 [ 266.487458][T26051] RDX: 0000000000000005 RSI: 00000000000001ff RDI: 0000000020000300 [ 266.495445][T26051] RBP: 00007f3a0bdd4040 R08: 0000000000000000 R09: ffffffffffffffff [ 266.503477][T26051] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000180 08:40:43 executing program 0: syz_read_part_table(0x85ffffff00000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:43 executing program 5: syz_read_part_table(0x0, 0x0, 0x0) [ 266.511428][T26051] R13: 0000000020000300 R14: 00007f3a0bdd4000 R15: 0000000020000440 [ 266.521035][T26066] netlink: 1312 bytes leftover after parsing attributes in process `syz-executor.1'. 08:40:43 executing program 4 (fault-call:5 fault-nth:26): mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 266.605313][T26078] loop3: detected capacity change from 0 to 1 [ 266.613376][T26085] loop0: detected capacity change from 0 to 264192 [ 266.618928][T26086] new mount options do not match the existing superblock, will be ignored [ 266.631775][T26086] FAULT_INJECTION: forcing a failure. [ 266.631775][T26086] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 266.644823][T26086] CPU: 1 PID: 26086 Comm: syz-executor.4 Not tainted 5.13.0-rc5-syzkaller #0 [ 266.653587][T26086] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 266.663614][T26086] Call Trace: [ 266.666878][T26086] dump_stack+0x137/0x19d [ 266.671208][T26086] should_fail+0x23c/0x250 [ 266.675610][T26086] should_fail_usercopy+0x16/0x20 [ 266.680665][T26086] strncpy_from_user+0x21/0x250 [ 266.685598][T26086] getname_flags+0xb8/0x3d0 [ 266.690081][T26086] do_mkdirat+0x3b/0x200 [ 266.694310][T26086] __x64_sys_mkdir+0x32/0x40 [ 266.698936][T26086] do_syscall_64+0x4a/0x90 [ 266.703333][T26086] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 266.709207][T26086] RIP: 0033:0x4656e7 [ 266.713081][T26086] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 266.732659][T26086] RSP: 002b:00007f3a0bdd3fa8 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 266.741060][T26086] RAX: ffffffffffffffda RBX: 0000000020000400 RCX: 00000000004656e7 [ 266.749083][T26086] RDX: 0000000000000005 RSI: 00000000000001ff RDI: 0000000020000300 [ 266.757148][T26086] RBP: 00007f3a0bdd4040 R08: 0000000000000000 R09: ffffffffffffffff [ 266.765124][T26086] R10: 0000000000000000 R11: 0000000000000213 R12: 0000000020000180 [ 266.773073][T26086] R13: 0000000020000300 R14: 00007f3a0bdd4000 R15: 0000000020000440 [ 266.783872][T26085] loop0: p1 p2 p3 p4 [ 266.788632][T26085] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 266.797100][T26085] loop0: p3 size 1912633224 extends beyond EOD, truncated 08:40:43 executing program 5: syz_read_part_table(0x0, 0x0, &(0x7f0000000000)) 08:40:43 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x300000) 08:40:44 executing program 4 (fault-call:5 fault-nth:27): mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 266.804537][T26085] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 266.839534][T26078] loop3: detected capacity change from 0 to 1 [ 266.860305][T26118] new mount options do not match the existing superblock, will be ignored [ 266.862478][T26085] loop0: detected capacity change from 0 to 264192 [ 266.874035][T26118] FAULT_INJECTION: forcing a failure. [ 266.874035][T26118] name failslab, interval 1, probability 0, space 0, times 0 [ 266.888152][T26118] CPU: 0 PID: 26118 Comm: syz-executor.4 Not tainted 5.13.0-rc5-syzkaller #0 [ 266.896912][T26118] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 266.907015][T26118] Call Trace: [ 266.910285][T26118] dump_stack+0x137/0x19d [ 266.914772][T26118] should_fail+0x23c/0x250 [ 266.919188][T26118] ? __se_sys_mount+0x4e/0x2e0 [ 266.923937][T26118] __should_failslab+0x81/0x90 [ 266.928679][T26118] should_failslab+0x5/0x20 [ 266.933186][T26118] __kmalloc_track_caller+0x64/0x340 [ 266.938452][T26118] ? strnlen_user+0x137/0x1c0 [ 266.943110][T26118] strndup_user+0x73/0x120 [ 266.947521][T26118] __se_sys_mount+0x4e/0x2e0 [ 266.952087][T26118] ? do_mkdirat+0x69/0x200 [ 266.956507][T26118] __x64_sys_mount+0x63/0x70 [ 266.961070][T26118] do_syscall_64+0x4a/0x90 [ 266.965464][T26118] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 266.971339][T26118] RIP: 0033:0x467afa [ 266.975224][T26118] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 266.994820][T26118] RSP: 002b:00007f3a0bdd3fa8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 267.003291][T26118] RAX: ffffffffffffffda RBX: 0000000020000400 RCX: 0000000000467afa 08:40:44 executing program 3: syz_read_part_table(0x0, 0x10, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 267.011234][T26118] RDX: 0000000020000180 RSI: 0000000020000300 RDI: 00007f3a0bdd4000 [ 267.019181][T26118] RBP: 00007f3a0bdd4040 R08: 00007f3a0bdd4040 R09: 0000000020000180 [ 267.027136][T26118] R10: 0000000000848002 R11: 0000000000000202 R12: 0000000020000180 [ 267.035083][T26118] R13: 0000000020000300 R14: 00007f3a0bdd4000 R15: 0000000020000440 [ 267.047041][T26085] loop0: p1 p2 p3 p4 [ 267.051586][T26085] loop0: p2 size 1073872896 extends beyond EOD, truncated 08:40:44 executing program 5: syz_read_part_table(0x0, 0x0, &(0x7f0000000000)) 08:40:44 executing program 4 (fault-call:5 fault-nth:28): mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 267.064595][T26085] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 267.073385][T26085] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 267.104794][T26141] new mount options do not match the existing superblock, will be ignored 08:40:44 executing program 1: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x10) 08:40:44 executing program 0: syz_read_part_table(0x8cffffff00000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 267.114246][T26141] FAULT_INJECTION: forcing a failure. [ 267.114246][T26141] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 267.127317][T26141] CPU: 1 PID: 26141 Comm: syz-executor.4 Not tainted 5.13.0-rc5-syzkaller #0 [ 267.136072][T26141] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 267.146116][T26141] Call Trace: [ 267.149387][T26141] dump_stack+0x137/0x19d [ 267.153715][T26141] should_fail+0x23c/0x250 [ 267.158119][T26141] should_fail_usercopy+0x16/0x20 [ 267.163140][T26141] _copy_from_user+0x1c/0xd0 [ 267.167719][T26141] strndup_user+0xb0/0x120 [ 267.172116][T26141] __se_sys_mount+0x4e/0x2e0 [ 267.176680][T26141] ? do_mkdirat+0x69/0x200 [ 267.181069][T26141] __x64_sys_mount+0x63/0x70 [ 267.185631][T26141] do_syscall_64+0x4a/0x90 [ 267.190029][T26141] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 267.195913][T26141] RIP: 0033:0x467afa [ 267.199808][T26141] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 267.219393][T26141] RSP: 002b:00007f3a0bdd3fa8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 267.227793][T26141] RAX: ffffffffffffffda RBX: 0000000020000400 RCX: 0000000000467afa [ 267.235742][T26141] RDX: 0000000020000180 RSI: 0000000020000300 RDI: 00007f3a0bdd4000 [ 267.243692][T26141] RBP: 00007f3a0bdd4040 R08: 00007f3a0bdd4040 R09: 0000000020000180 [ 267.251656][T26141] R10: 0000000000848002 R11: 0000000000000202 R12: 0000000020000180 08:40:44 executing program 4 (fault-call:5 fault-nth:29): mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 267.259634][T26141] R13: 0000000020000300 R14: 00007f3a0bdd4000 R15: 0000000020000440 [ 267.281675][T26150] loop3: detected capacity change from 0 to 1 [ 267.304191][T26161] loop0: detected capacity change from 0 to 264192 08:40:44 executing program 5: syz_read_part_table(0x0, 0x0, &(0x7f0000000000)) [ 267.311367][T26164] new mount options do not match the existing superblock, will be ignored [ 267.327215][T26164] FAULT_INJECTION: forcing a failure. [ 267.327215][T26164] name failslab, interval 1, probability 0, space 0, times 0 [ 267.339824][T26164] CPU: 0 PID: 26164 Comm: syz-executor.4 Not tainted 5.13.0-rc5-syzkaller #0 [ 267.348709][T26164] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 267.358744][T26164] Call Trace: [ 267.361998][T26164] dump_stack+0x137/0x19d [ 267.366320][T26164] should_fail+0x23c/0x250 [ 267.370743][T26164] ? __se_sys_mount+0x91/0x2e0 [ 267.375524][T26164] __should_failslab+0x81/0x90 [ 267.380268][T26164] should_failslab+0x5/0x20 [ 267.384744][T26164] __kmalloc_track_caller+0x64/0x340 [ 267.390007][T26164] ? strnlen_user+0x137/0x1c0 [ 267.394767][T26164] strndup_user+0x73/0x120 [ 267.399165][T26164] __se_sys_mount+0x91/0x2e0 [ 267.403730][T26164] ? do_mkdirat+0x69/0x200 [ 267.408120][T26164] __x64_sys_mount+0x63/0x70 [ 267.412705][T26164] do_syscall_64+0x4a/0x90 [ 267.417109][T26164] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 267.422977][T26164] RIP: 0033:0x467afa [ 267.426864][T26164] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 267.446558][T26164] RSP: 002b:00007f3a0bdd3fa8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 267.454953][T26164] RAX: ffffffffffffffda RBX: 0000000020000400 RCX: 0000000000467afa [ 267.462903][T26164] RDX: 0000000020000180 RSI: 0000000020000300 RDI: 00007f3a0bdd4000 [ 267.470880][T26164] RBP: 00007f3a0bdd4040 R08: 00007f3a0bdd4040 R09: 0000000020000180 [ 267.478853][T26164] R10: 0000000000848002 R11: 0000000000000202 R12: 0000000020000180 [ 267.486816][T26164] R13: 0000000020000300 R14: 00007f3a0bdd4000 R15: 0000000020000440 08:40:44 executing program 4 (fault-call:5 fault-nth:30): mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 267.526351][ T1135] loop0: p1 p2 p3 p4 [ 267.530750][ T1135] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 267.538517][ T1135] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 267.547467][ T1135] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 267.553759][T26183] new mount options do not match the existing superblock, will be ignored [ 267.563159][T26150] loop3: detected capacity change from 0 to 1 [ 267.571443][T26161] loop0: p1 p2 p3 p4 [ 267.575788][T26161] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 267.583872][T26183] FAULT_INJECTION: forcing a failure. [ 267.583872][T26183] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 267.594514][T26161] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 267.597031][T26183] CPU: 1 PID: 26183 Comm: syz-executor.4 Not tainted 5.13.0-rc5-syzkaller #0 [ 267.604840][T26161] loop0: p4 size 3657465856 extends beyond EOD, [ 267.613352][T26183] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 267.613364][T26183] Call Trace: [ 267.613370][T26183] dump_stack+0x137/0x19d [ 267.613393][T26183] should_fail+0x23c/0x250 [ 267.613409][T26183] should_fail_usercopy+0x16/0x20 [ 267.613423][T26183] _copy_from_user+0x1c/0xd0 [ 267.613440][T26183] strndup_user+0xb0/0x120 [ 267.619761][T26161] truncated [ 267.629773][T26183] __se_sys_mount+0x91/0x2e0 [ 267.629791][T26183] ? do_mkdirat+0x69/0x200 [ 267.667766][T26183] __x64_sys_mount+0x63/0x70 [ 267.672349][T26183] do_syscall_64+0x4a/0x90 08:40:44 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x1000000) [ 267.676762][T26183] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 267.682642][T26183] RIP: 0033:0x467afa [ 267.686517][T26183] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 267.706121][T26183] RSP: 002b:00007f3a0bdd3fa8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 267.714559][T26183] RAX: ffffffffffffffda RBX: 0000000020000400 RCX: 0000000000467afa 08:40:44 executing program 3: syz_read_part_table(0x0, 0x11, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:44 executing program 5: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{0x0, 0x0, 0x1c0}]) [ 267.722525][T26183] RDX: 0000000020000180 RSI: 0000000020000300 RDI: 00007f3a0bdd4000 [ 267.730485][T26183] RBP: 00007f3a0bdd4040 R08: 00007f3a0bdd4040 R09: 0000000020000180 [ 267.738449][T26183] R10: 0000000000848002 R11: 0000000000000202 R12: 0000000020000180 [ 267.746418][T26183] R13: 0000000020000300 R14: 00007f3a0bdd4000 R15: 0000000020000440 08:40:44 executing program 4 (fault-call:5 fault-nth:31): mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 267.781873][T26161] loop0: detected capacity change from 0 to 264192 [ 267.782094][T26208] loop5: detected capacity change from 0 to 1 [ 267.828990][T26215] new mount options do not match the existing superblock, will be ignored [ 267.837810][T26161] loop0: p1 p2 p3 p4 [ 267.842540][T26161] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 267.843519][T26215] FAULT_INJECTION: forcing a failure. [ 267.843519][T26215] name failslab, interval 1, probability 0, space 0, times 0 [ 267.862284][T26215] CPU: 0 PID: 26215 Comm: syz-executor.4 Not tainted 5.13.0-rc5-syzkaller #0 [ 267.864801][T26161] loop0: p3 size 1912633224 extends beyond EOD, 08:40:45 executing program 5: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{0x0, 0x0, 0x1c0}]) [ 267.871032][T26215] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 267.871043][T26215] Call Trace: [ 267.871050][T26215] dump_stack+0x137/0x19d [ 267.877399][T26161] truncated [ 267.887511][T26215] should_fail+0x23c/0x250 [ 267.887533][T26215] __should_failslab+0x81/0x90 [ 267.896432][T26161] loop0: p4 size 3657465856 extends beyond EOD, [ 267.898188][T26215] ? __se_sys_mount+0xf2/0x2e0 [ 267.898205][T26215] should_failslab+0x5/0x20 [ 267.898218][T26215] kmem_cache_alloc_trace+0x49/0x310 [ 267.902608][T26161] truncated [ 267.913560][T26225] loop3: detected capacity change from 0 to 1 [ 267.918398][T26215] ? _copy_from_user+0x94/0xd0 [ 267.918420][T26215] __se_sys_mount+0xf2/0x2e0 [ 267.947187][T26215] ? do_mkdirat+0x69/0x200 [ 267.951683][T26215] __x64_sys_mount+0x63/0x70 [ 267.956262][T26215] do_syscall_64+0x4a/0x90 [ 267.960659][T26215] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 267.966543][T26215] RIP: 0033:0x467afa [ 267.970429][T26215] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 267.990012][T26215] RSP: 002b:00007f3a0bdd3fa8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 267.998666][T26215] RAX: ffffffffffffffda RBX: 0000000020000400 RCX: 0000000000467afa [ 268.006638][T26215] RDX: 0000000020000180 RSI: 0000000020000300 RDI: 00007f3a0bdd4000 [ 268.014609][T26215] RBP: 00007f3a0bdd4040 R08: 00007f3a0bdd4040 R09: 0000000020000180 08:40:45 executing program 1: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x11) 08:40:45 executing program 0: syz_read_part_table(0x97ffffff00000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 268.022561][T26215] R10: 0000000000848002 R11: 0000000000000202 R12: 0000000020000180 [ 268.030512][T26215] R13: 0000000020000300 R14: 00007f3a0bdd4000 R15: 0000000020000440 08:40:45 executing program 4 (fault-call:5 fault-nth:32): mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 268.085891][T26233] loop5: detected capacity change from 0 to 1 [ 268.097971][T26225] loop3: detected capacity change from 0 to 1 [ 268.124026][T26250] new mount options do not match the existing superblock, will be ignored [ 268.134001][T26250] FAULT_INJECTION: forcing a failure. [ 268.134001][T26250] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 268.138610][T26251] loop0: detected capacity change from 0 to 264192 [ 268.147073][T26250] CPU: 1 PID: 26250 Comm: syz-executor.4 Not tainted 5.13.0-rc5-syzkaller #0 [ 268.162530][T26250] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 268.172586][T26250] Call Trace: [ 268.175856][T26250] dump_stack+0x137/0x19d [ 268.180183][T26250] should_fail+0x23c/0x250 [ 268.184588][T26250] should_fail_usercopy+0x16/0x20 [ 268.189595][T26250] _copy_from_user+0x1c/0xd0 [ 268.194175][T26250] __se_sys_mount+0x115/0x2e0 [ 268.198895][T26250] __x64_sys_mount+0x63/0x70 [ 268.203467][T26250] do_syscall_64+0x4a/0x90 [ 268.207860][T26250] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 268.213758][T26250] RIP: 0033:0x467afa [ 268.217629][T26250] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 268.237211][T26250] RSP: 002b:00007f3a0bdd3fa8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 268.245598][T26250] RAX: ffffffffffffffda RBX: 0000000020000400 RCX: 0000000000467afa [ 268.253560][T26250] RDX: 0000000020000180 RSI: 0000000020000300 RDI: 00007f3a0bdd4000 [ 268.261511][T26250] RBP: 00007f3a0bdd4040 R08: 00007f3a0bdd4040 R09: 0000000020000180 [ 268.269467][T26250] R10: 0000000000848002 R11: 0000000000000202 R12: 0000000020000180 [ 268.277424][T26250] R13: 0000000020000300 R14: 00007f3a0bdd4000 R15: 0000000020000440 08:40:45 executing program 3: syz_read_part_table(0x0, 0x12, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:45 executing program 5: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{0x0, 0x0, 0x1c0}]) 08:40:45 executing program 4 (fault-call:5 fault-nth:33): mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 268.298021][T26251] loop0: p1 p2 p3 p4 [ 268.302450][T26251] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 268.311475][T26251] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 268.319422][T26251] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 268.323431][T26262] loop5: detected capacity change from 0 to 1 [ 268.361882][T26271] new mount options do not match the existing superblock, will be ignored [ 268.371431][T26271] FAULT_INJECTION: forcing a failure. [ 268.371431][T26271] name failslab, interval 1, probability 0, space 0, times 0 [ 268.384033][T26271] CPU: 1 PID: 26271 Comm: syz-executor.4 Not tainted 5.13.0-rc5-syzkaller #0 [ 268.392775][T26271] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 268.402810][T26271] Call Trace: [ 268.406075][T26271] dump_stack+0x137/0x19d [ 268.410140][T26276] loop3: detected capacity change from 0 to 1 [ 268.410395][T26271] should_fail+0x23c/0x250 [ 268.410416][T26271] ? getname_flags+0x84/0x3d0 [ 268.425536][T26271] __should_failslab+0x81/0x90 [ 268.430282][T26271] should_failslab+0x5/0x20 [ 268.434758][T26271] kmem_cache_alloc+0x46/0x2f0 [ 268.439495][T26271] getname_flags+0x84/0x3d0 [ 268.443988][T26271] ? should_fail+0xd6/0x250 [ 268.448471][T26271] user_path_at_empty+0x28/0x50 [ 268.453316][T26271] __se_sys_mount+0x209/0x2e0 [ 268.457968][T26271] __x64_sys_mount+0x63/0x70 [ 268.462532][T26271] do_syscall_64+0x4a/0x90 [ 268.466974][T26271] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 268.472882][T26271] RIP: 0033:0x467afa [ 268.476762][T26271] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 268.496357][T26271] RSP: 002b:00007f3a0bdd3fa8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 268.504747][T26271] RAX: ffffffffffffffda RBX: 0000000020000400 RCX: 0000000000467afa 08:40:45 executing program 5: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0), 0x0, 0x1c0}]) 08:40:45 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x2000000) [ 268.512694][T26271] RDX: 0000000020000180 RSI: 0000000020000300 RDI: 00007f3a0bdd4000 [ 268.520655][T26271] RBP: 00007f3a0bdd4040 R08: 00007f3a0bdd4040 R09: 0000000020000180 [ 268.528622][T26271] R10: 0000000000848002 R11: 0000000000000202 R12: 0000000020000180 [ 268.536573][T26271] R13: 0000000020000300 R14: 00007f3a0bdd4000 R15: 0000000020000440 [ 268.555803][T26251] loop0: detected capacity change from 0 to 264192 08:40:45 executing program 4 (fault-call:5 fault-nth:34): mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 268.575106][T26289] loop5: detected capacity change from 0 to 1 08:40:45 executing program 5: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0), 0x0, 0x1c0}]) [ 268.618243][T26251] loop0: p1 p2 p3 p4 [ 268.625205][T26251] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 268.634027][T26251] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 268.639315][T26276] loop3: detected capacity change from 0 to 1 [ 268.648190][T26251] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 268.658581][T26301] new mount options do not match the existing superblock, will be ignored [ 268.668102][T26301] FAULT_INJECTION: forcing a failure. [ 268.668102][T26301] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 268.681142][T26301] CPU: 1 PID: 26301 Comm: syz-executor.4 Not tainted 5.13.0-rc5-syzkaller #0 [ 268.689894][T26301] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 268.699922][T26301] Call Trace: [ 268.703180][T26301] dump_stack+0x137/0x19d [ 268.707483][T26301] should_fail+0x23c/0x250 [ 268.711872][T26301] should_fail_usercopy+0x16/0x20 [ 268.716874][T26301] strncpy_from_user+0x21/0x250 [ 268.721861][T26301] getname_flags+0xb8/0x3d0 [ 268.726356][T26301] ? should_fail+0xd6/0x250 [ 268.730904][T26301] user_path_at_empty+0x28/0x50 [ 268.735731][T26301] __se_sys_mount+0x209/0x2e0 [ 268.740422][T26301] __x64_sys_mount+0x63/0x70 [ 268.745016][T26301] do_syscall_64+0x4a/0x90 [ 268.749413][T26301] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 268.755425][T26301] RIP: 0033:0x467afa [ 268.759339][T26301] Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 268.778926][T26301] RSP: 002b:00007f3a0bdd3fa8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 268.787328][T26301] RAX: ffffffffffffffda RBX: 0000000020000400 RCX: 0000000000467afa [ 268.795284][T26301] RDX: 0000000020000180 RSI: 0000000020000300 RDI: 00007f3a0bdd4000 [ 268.803233][T26301] RBP: 00007f3a0bdd4040 R08: 00007f3a0bdd4040 R09: 0000000020000180 [ 268.811277][T26301] R10: 0000000000848002 R11: 0000000000000202 R12: 0000000020000180 08:40:46 executing program 0: syz_read_part_table(0xa1ffffff00000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:46 executing program 4 (fault-call:5 fault-nth:35): mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 268.819232][T26301] R13: 0000000020000300 R14: 00007f3a0bdd4000 R15: 0000000020000440 08:40:46 executing program 1: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x12) 08:40:46 executing program 3: syz_read_part_table(0x0, 0x5f, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 268.896539][T26313] loop5: detected capacity change from 0 to 1 [ 268.906067][T26318] new mount options do not match the existing superblock, will be ignored [ 268.946558][T26318] FAULT_INJECTION: forcing a failure. [ 268.946558][T26318] name failslab, interval 1, probability 0, space 0, times 0 [ 268.959210][T26318] CPU: 0 PID: 26318 Comm: syz-executor.4 Not tainted 5.13.0-rc5-syzkaller #0 [ 268.960458][T26319] loop0: detected capacity change from 0 to 264192 [ 268.967961][T26318] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 268.967973][T26318] Call Trace: [ 268.967979][T26318] dump_stack+0x137/0x19d [ 268.968001][T26318] should_fail+0x23c/0x250 [ 268.974580][T26330] loop3: detected capacity change from 0 to 1 [ 268.984531][T26318] __should_failslab+0x81/0x90 [ 268.984556][T26318] ? kobject_uevent_env+0x1a7/0xc40 [ 268.984574][T26318] should_failslab+0x5/0x20 [ 268.984587][T26318] kmem_cache_alloc_trace+0x49/0x310 [ 269.022264][T26318] ? kernfs_put+0x22a/0x300 [ 269.026762][T26318] ? ___cache_free+0x3c/0x300 [ 269.031435][T26318] ? dev_uevent_filter+0x70/0x70 [ 269.036363][T26318] kobject_uevent_env+0x1a7/0xc40 [ 269.041443][T26318] ? kernfs_put+0x2e2/0x300 [ 269.045934][T26318] kobject_uevent+0x18/0x20 [ 269.050437][T26318] __loop_clr_fd+0x433/0x640 [ 269.055004][T26318] lo_ioctl+0x9eb/0x11f0 [ 269.059320][T26318] ? lockref_get_not_dead+0xf2/0x1c0 [ 269.064598][T26318] ? avc_has_perm_noaudit+0x19a/0x240 [ 269.069979][T26318] ? filename_lookup+0x2be/0x390 [ 269.074929][T26318] ? ___cache_free+0x3c/0x300 [ 269.079588][T26318] ? avc_has_extended_perms+0x5d8/0x7b0 [ 269.085168][T26318] ? selinux_capable+0x34/0x40 [ 269.089907][T26318] ? security_capable+0x91/0xa0 [ 269.094780][T26318] ? blkdev_common_ioctl+0x9c3/0x1040 [ 269.100132][T26318] ? selinux_file_ioctl+0x8e0/0x970 [ 269.105377][T26318] ? lo_release+0x120/0x120 [ 269.109911][T26318] blkdev_ioctl+0x1d0/0x3c0 [ 269.114431][T26318] block_ioctl+0x6d/0x80 [ 269.118683][T26318] ? blkdev_iopoll+0x70/0x70 [ 269.123253][T26318] __se_sys_ioctl+0xcb/0x140 [ 269.127838][T26318] __x64_sys_ioctl+0x3f/0x50 [ 269.132435][T26318] do_syscall_64+0x4a/0x90 [ 269.136864][T26318] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 269.142783][T26318] RIP: 0033:0x466397 [ 269.146698][T26318] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 269.166460][T26318] RSP: 002b:00007f3a0bdd3fa8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 269.174862][T26318] RAX: ffffffffffffffda RBX: 0000000020000400 RCX: 0000000000466397 [ 269.182825][T26318] RDX: 0000000000000000 RSI: 0000000000004c01 RDI: 0000000000000006 08:40:46 executing program 4 (fault-call:5 fault-nth:36): mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 269.190775][T26318] RBP: 00007f3a0bdd46bc R08: 00007f3a0bdd4040 R09: 0000000020000180 [ 269.198745][T26318] R10: 0000000000848002 R11: 0000000000000246 R12: ffffffffffffffff [ 269.206762][T26318] R13: 0000000000000016 R14: 00007f3a0bdd4000 R15: 0000000020000440 [ 269.227158][T26319] loop0: p1 p2 p3 p4 [ 269.236940][T26319] loop0: p2 size 1073872896 extends beyond EOD, truncated 08:40:46 executing program 5: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0), 0x0, 0x1c0}]) [ 269.245176][T26319] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 269.248171][T26345] new mount options do not match the existing superblock, will be ignored [ 269.254991][T26319] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 269.277223][T26330] loop3: detected capacity change from 0 to 1 [ 269.283811][T26354] loop5: detected capacity change from 0 to 1 [ 269.306554][T26345] FAULT_INJECTION: forcing a failure. [ 269.306554][T26345] name failslab, interval 1, probability 0, space 0, times 0 [ 269.319266][T26345] CPU: 0 PID: 26345 Comm: syz-executor.4 Not tainted 5.13.0-rc5-syzkaller #0 [ 269.328048][T26345] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 269.336814][T26319] loop0: detected capacity change from 0 to 264192 [ 269.338086][T26345] Call Trace: [ 269.338094][T26345] dump_stack+0x137/0x19d [ 269.338115][T26345] should_fail+0x23c/0x250 [ 269.338128][T26345] ? kzalloc+0x1d/0x30 [ 269.360609][T26345] __should_failslab+0x81/0x90 [ 269.365380][T26345] should_failslab+0x5/0x20 [ 269.369983][T26345] __kmalloc+0x66/0x340 [ 269.374118][T26345] kzalloc+0x1d/0x30 [ 269.377991][T26345] kobject_get_path+0x7c/0x110 [ 269.382735][T26345] kobject_uevent_env+0x1be/0xc40 [ 269.387810][T26345] ? kernfs_put+0x2e2/0x300 [ 269.392367][T26345] kobject_uevent+0x18/0x20 [ 269.396849][T26345] __loop_clr_fd+0x433/0x640 [ 269.401461][T26345] lo_ioctl+0x9eb/0x11f0 08:40:46 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x3000000) [ 269.405815][T26345] ? lockref_get_not_dead+0xf2/0x1c0 [ 269.411258][T26345] ? avc_has_perm_noaudit+0x19a/0x240 [ 269.416610][T26345] ? filename_lookup+0x2be/0x390 [ 269.421529][T26345] ? ___cache_free+0x3c/0x300 [ 269.426204][T26345] ? avc_has_extended_perms+0x5d8/0x7b0 [ 269.431744][T26345] ? selinux_capable+0x34/0x40 [ 269.436585][T26345] ? security_capable+0x91/0xa0 [ 269.441430][T26345] ? blkdev_common_ioctl+0x9c3/0x1040 [ 269.446793][T26345] ? selinux_file_ioctl+0x8e0/0x970 [ 269.451970][T26345] ? lo_release+0x120/0x120 [ 269.456448][T26345] blkdev_ioctl+0x1d0/0x3c0 [ 269.461011][T26345] block_ioctl+0x6d/0x80 [ 269.465315][T26345] ? blkdev_iopoll+0x70/0x70 [ 269.469885][T26345] __se_sys_ioctl+0xcb/0x140 [ 269.474548][T26345] __x64_sys_ioctl+0x3f/0x50 [ 269.479135][T26345] do_syscall_64+0x4a/0x90 [ 269.483553][T26345] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 269.489438][T26345] RIP: 0033:0x466397 [ 269.493322][T26345] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 269.512938][T26345] RSP: 002b:00007f3a0bdd3fa8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 269.521342][T26345] RAX: ffffffffffffffda RBX: 0000000020000400 RCX: 0000000000466397 [ 269.529382][T26345] RDX: 0000000000000000 RSI: 0000000000004c01 RDI: 0000000000000006 [ 269.537503][T26345] RBP: 00007f3a0bdd46bc R08: 00007f3a0bdd4040 R09: 0000000020000180 [ 269.545556][T26345] R10: 0000000000848002 R11: 0000000000000246 R12: ffffffffffffffff 08:40:46 executing program 4 (fault-call:5 fault-nth:37): mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 269.553528][T26345] R13: 0000000000000016 R14: 00007f3a0bdd4000 R15: 0000000020000440 08:40:46 executing program 5: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ff", 0x20, 0x1c0}]) 08:40:46 executing program 3: syz_read_part_table(0x0, 0x7b5, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 269.586273][T26373] new mount options do not match the existing superblock, will be ignored [ 269.606373][T26319] loop0: p1 p2 p3 p4 [ 269.620585][T26319] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 269.631261][T26319] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 269.639615][T26319] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 269.640360][T26387] loop5: detected capacity change from 0 to 1 [ 269.647256][T26373] FAULT_INJECTION: forcing a failure. [ 269.647256][T26373] name failslab, interval 1, probability 0, space 0, times 0 [ 269.658810][T26385] loop3: detected capacity change from 0 to 1 [ 269.665568][T26373] CPU: 0 PID: 26373 Comm: syz-executor.4 Not tainted 5.13.0-rc5-syzkaller #0 [ 269.680348][T26373] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 269.690384][T26373] Call Trace: [ 269.693646][T26373] dump_stack+0x137/0x19d [ 269.697988][T26373] should_fail+0x23c/0x250 [ 269.702378][T26373] __should_failslab+0x81/0x90 [ 269.707131][T26373] should_failslab+0x5/0x20 [ 269.711613][T26373] kmem_cache_alloc_node+0x58/0x2b0 [ 269.716882][T26373] ? __alloc_skb+0xed/0x420 [ 269.721432][T26373] __alloc_skb+0xed/0x420 [ 269.725816][T26373] alloc_uevent_skb+0x5b/0x120 [ 269.730563][T26373] kobject_uevent_env+0x863/0xc40 08:40:46 executing program 1: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x25) [ 269.735579][T26373] ? kernfs_put+0x2e2/0x300 [ 269.740059][T26373] kobject_uevent+0x18/0x20 [ 269.744559][T26373] __loop_clr_fd+0x433/0x640 [ 269.749141][T26373] lo_ioctl+0x9eb/0x11f0 [ 269.753369][T26373] ? lockref_get_not_dead+0xf2/0x1c0 [ 269.758764][T26373] ? avc_has_perm_noaudit+0x19a/0x240 [ 269.764178][T26373] ? filename_lookup+0x2be/0x390 [ 269.769097][T26373] ? ___cache_free+0x3c/0x300 [ 269.773767][T26373] ? avc_has_extended_perms+0x5d8/0x7b0 [ 269.779369][T26373] ? selinux_capable+0x34/0x40 [ 269.784124][T26373] ? security_capable+0x91/0xa0 [ 269.788950][T26373] ? blkdev_common_ioctl+0x9c3/0x1040 [ 269.794297][T26373] ? selinux_file_ioctl+0x8e0/0x970 [ 269.799472][T26373] ? lo_release+0x120/0x120 [ 269.803962][T26373] blkdev_ioctl+0x1d0/0x3c0 [ 269.808453][T26373] block_ioctl+0x6d/0x80 [ 269.812699][T26373] ? blkdev_iopoll+0x70/0x70 [ 269.817261][T26373] __se_sys_ioctl+0xcb/0x140 [ 269.821826][T26373] __x64_sys_ioctl+0x3f/0x50 [ 269.826416][T26373] do_syscall_64+0x4a/0x90 [ 269.830845][T26373] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 269.836833][T26373] RIP: 0033:0x466397 [ 269.840709][T26373] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 269.860288][T26373] RSP: 002b:00007f3a0bdd3fa8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 269.868675][T26373] RAX: ffffffffffffffda RBX: 0000000020000400 RCX: 0000000000466397 [ 269.876657][T26373] RDX: 0000000000000000 RSI: 0000000000004c01 RDI: 0000000000000006 08:40:47 executing program 4 (fault-call:5 fault-nth:38): mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 269.884794][T26373] RBP: 00007f3a0bdd46bc R08: 00007f3a0bdd4040 R09: 0000000020000180 [ 269.892754][T26373] R10: 0000000000848002 R11: 0000000000000246 R12: ffffffffffffffff [ 269.900708][T26373] R13: 0000000000000016 R14: 00007f3a0bdd4000 R15: 0000000020000440 08:40:47 executing program 0: syz_read_part_table(0xa5ffffff00000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 269.937337][T26398] new mount options do not match the existing superblock, will be ignored [ 269.949249][ T1135] loop0: p1 p2 p3 p4 [ 269.953725][ T1135] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 269.961572][ T1135] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 269.969241][ T1135] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 269.996785][T26398] FAULT_INJECTION: forcing a failure. [ 269.996785][T26398] name failslab, interval 1, probability 0, space 0, times 0 [ 270.009387][T26398] CPU: 0 PID: 26398 Comm: syz-executor.4 Not tainted 5.13.0-rc5-syzkaller #0 [ 270.013087][T26385] loop3: detected capacity change from 0 to 1 [ 270.018142][T26398] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 270.018153][T26398] Call Trace: [ 270.018159][T26398] dump_stack+0x137/0x19d [ 270.018191][T26398] should_fail+0x23c/0x250 08:40:47 executing program 5: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ff", 0x20, 0x1c0}]) [ 270.046227][T26398] __should_failslab+0x81/0x90 [ 270.049426][T26414] loop5: detected capacity change from 0 to 1 [ 270.050990][T26398] should_failslab+0x5/0x20 [ 270.051010][T26398] kmem_cache_alloc_node_trace+0x58/0x2e0 [ 270.067229][T26398] ? __kmalloc_node_track_caller+0x30/0x40 [ 270.073191][T26398] ? kmem_cache_alloc_node+0x1da/0x2b0 [ 270.078732][T26398] __kmalloc_node_track_caller+0x30/0x40 [ 270.084382][T26398] ? alloc_uevent_skb+0x5b/0x120 [ 270.089317][T26398] __alloc_skb+0x187/0x420 [ 270.093717][T26398] alloc_uevent_skb+0x5b/0x120 [ 270.098464][T26398] kobject_uevent_env+0x863/0xc40 [ 270.103525][T26398] ? kernfs_put+0x2e2/0x300 [ 270.108020][T26398] kobject_uevent+0x18/0x20 [ 270.112501][T26398] __loop_clr_fd+0x433/0x640 [ 270.117072][T26398] lo_ioctl+0x9eb/0x11f0 [ 270.121327][T26398] ? lockref_get_not_dead+0xf2/0x1c0 [ 270.126598][T26398] ? avc_has_perm_noaudit+0x19a/0x240 [ 270.132053][T26398] ? filename_lookup+0x2be/0x390 [ 270.136983][T26398] ? ___cache_free+0x3c/0x300 [ 270.141727][T26398] ? avc_has_extended_perms+0x5d8/0x7b0 [ 270.147373][T26398] ? selinux_capable+0x34/0x40 [ 270.152123][T26398] ? security_capable+0x91/0xa0 [ 270.156969][T26398] ? blkdev_common_ioctl+0x9c3/0x1040 [ 270.162377][T26398] ? selinux_file_ioctl+0x8e0/0x970 [ 270.167562][T26398] ? lo_release+0x120/0x120 [ 270.172092][T26398] blkdev_ioctl+0x1d0/0x3c0 [ 270.176571][T26398] block_ioctl+0x6d/0x80 [ 270.180859][T26398] ? blkdev_iopoll+0x70/0x70 [ 270.185439][T26398] __se_sys_ioctl+0xcb/0x140 [ 270.190011][T26398] __x64_sys_ioctl+0x3f/0x50 [ 270.194589][T26398] do_syscall_64+0x4a/0x90 [ 270.199032][T26398] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 270.204914][T26398] RIP: 0033:0x466397 [ 270.208861][T26398] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 270.228514][T26398] RSP: 002b:00007f3a0bdd3fa8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 270.236951][T26398] RAX: ffffffffffffffda RBX: 0000000020000400 RCX: 0000000000466397 08:40:47 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x4000000) 08:40:47 executing program 4 (fault-call:5 fault-nth:39): mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 270.244999][T26398] RDX: 0000000000000000 RSI: 0000000000004c01 RDI: 0000000000000006 [ 270.252946][T26398] RBP: 00007f3a0bdd46bc R08: 00007f3a0bdd4040 R09: 0000000020000180 [ 270.260905][T26398] R10: 0000000000848002 R11: 0000000000000246 R12: ffffffffffffffff [ 270.268857][T26398] R13: 0000000000000016 R14: 00007f3a0bdd4000 R15: 0000000020000440 08:40:47 executing program 3: syz_read_part_table(0x0, 0x7b8, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 270.314024][T26422] new mount options do not match the existing superblock, will be ignored [ 270.341426][T26432] loop0: detected capacity change from 0 to 264192 [ 270.376753][T26422] FAULT_INJECTION: forcing a failure. [ 270.376753][T26422] name failslab, interval 1, probability 0, space 0, times 0 [ 270.386603][T26432] loop0: p1 p2 p3 p4 [ 270.389363][T26422] CPU: 1 PID: 26422 Comm: syz-executor.4 Not tainted 5.13.0-rc5-syzkaller #0 [ 270.402109][T26422] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 270.412250][T26422] Call Trace: [ 270.415548][T26422] dump_stack+0x137/0x19d [ 270.419904][T26422] should_fail+0x23c/0x250 [ 270.424318][T26422] ? skb_clone+0x12c/0x1f0 [ 270.428723][T26422] __should_failslab+0x81/0x90 [ 270.433566][T26422] should_failslab+0x5/0x20 [ 270.438115][T26422] kmem_cache_alloc+0x46/0x2f0 [ 270.441399][T26438] loop3: detected capacity change from 0 to 1 [ 270.442910][T26422] skb_clone+0x12c/0x1f0 [ 270.442934][T26422] netlink_broadcast_filtered+0x50d/0xb90 [ 270.458880][T26422] ? skb_put+0xb9/0xf0 [ 270.462948][T26422] netlink_broadcast+0x35/0x50 [ 270.467767][T26422] kobject_uevent_env+0x8c9/0xc40 [ 270.472796][T26422] ? kernfs_put+0x2e2/0x300 [ 270.477353][T26422] kobject_uevent+0x18/0x20 [ 270.481851][T26422] __loop_clr_fd+0x433/0x640 [ 270.486469][T26422] lo_ioctl+0x9eb/0x11f0 [ 270.490691][T26422] ? lockref_get_not_dead+0xf2/0x1c0 [ 270.495956][T26422] ? avc_has_perm_noaudit+0x19a/0x240 [ 270.501360][T26422] ? filename_lookup+0x2be/0x390 [ 270.506282][T26422] ? ___cache_free+0x3c/0x300 [ 270.511000][T26422] ? avc_has_extended_perms+0x5d8/0x7b0 [ 270.516581][T26422] ? selinux_capable+0x34/0x40 [ 270.521370][T26422] ? security_capable+0x91/0xa0 [ 270.526262][T26422] ? blkdev_common_ioctl+0x9c3/0x1040 [ 270.531621][T26422] ? selinux_file_ioctl+0x8e0/0x970 [ 270.536798][T26422] ? lo_release+0x120/0x120 [ 270.541340][T26422] blkdev_ioctl+0x1d0/0x3c0 [ 270.545855][T26422] block_ioctl+0x6d/0x80 [ 270.550073][T26422] ? blkdev_iopoll+0x70/0x70 [ 270.554638][T26422] __se_sys_ioctl+0xcb/0x140 [ 270.559226][T26422] __x64_sys_ioctl+0x3f/0x50 [ 270.563802][T26422] do_syscall_64+0x4a/0x90 [ 270.568337][T26422] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 270.574217][T26422] RIP: 0033:0x466397 [ 270.578091][T26422] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 270.597694][T26422] RSP: 002b:00007f3a0bdd3fa8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 270.606167][T26422] RAX: ffffffffffffffda RBX: 0000000020000400 RCX: 0000000000466397 [ 270.614116][T26422] RDX: 0000000000000000 RSI: 0000000000004c01 RDI: 0000000000000006 08:40:47 executing program 1: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x30) 08:40:47 executing program 4 (fault-call:5 fault-nth:40): mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 270.622072][T26422] RBP: 00007f3a0bdd46bc R08: 00007f3a0bdd4040 R09: 0000000020000180 [ 270.630074][T26422] R10: 0000000000848002 R11: 0000000000000246 R12: ffffffffffffffff [ 270.638031][T26422] R13: 0000000000000016 R14: 00007f3a0bdd4000 R15: 0000000020000440 [ 270.649414][T26432] loop0: p2 size 1073872896 extends beyond EOD, truncated 08:40:47 executing program 5: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ff", 0x20, 0x1c0}]) [ 270.672990][T26432] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 270.697803][T26432] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 270.701433][T26451] new mount options do not match the existing superblock, will be ignored [ 270.713725][T26452] loop5: detected capacity change from 0 to 1 [ 270.721540][ T1135] loop0: p1 p2 p3 p4 [ 270.726312][ T1135] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 270.733684][ T1135] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 270.741255][ T1135] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 270.776418][T26451] FAULT_INJECTION: forcing a failure. [ 270.776418][T26451] name failslab, interval 1, probability 0, space 0, times 0 [ 270.783925][T26432] loop0: detected capacity change from 0 to 264192 [ 270.789077][T26451] CPU: 0 PID: 26451 Comm: syz-executor.4 Not tainted 5.13.0-rc5-syzkaller #0 [ 270.804384][T26451] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 270.814472][T26451] Call Trace: [ 270.817731][T26451] dump_stack+0x137/0x19d [ 270.822037][T26451] should_fail+0x23c/0x250 [ 270.826501][T26451] __should_failslab+0x81/0x90 [ 270.831269][T26451] ? call_usermodehelper_setup+0x81/0x160 [ 270.836978][T26451] should_failslab+0x5/0x20 [ 270.841474][T26451] kmem_cache_alloc_trace+0x49/0x310 [ 270.846736][T26451] ? add_uevent_var+0x16e/0x1c0 [ 270.851619][T26451] ? __kfree_skb+0xfe/0x150 [ 270.856105][T26451] call_usermodehelper_setup+0x81/0x160 [ 270.861697][T26451] ? add_uevent_var+0x1c0/0x1c0 [ 270.866557][T26451] kobject_uevent_env+0xb29/0xc40 [ 270.871679][T26451] ? kernfs_put+0x2e2/0x300 [ 270.876161][T26451] kobject_uevent+0x18/0x20 [ 270.880648][T26451] __loop_clr_fd+0x433/0x640 [ 270.885220][T26451] lo_ioctl+0x9eb/0x11f0 [ 270.889468][T26451] ? lockref_get_not_dead+0xf2/0x1c0 [ 270.894878][T26451] ? avc_has_perm_noaudit+0x19a/0x240 [ 270.900251][T26451] ? filename_lookup+0x2be/0x390 [ 270.905402][T26451] ? ___cache_free+0x3c/0x300 [ 270.910062][T26451] ? avc_has_extended_perms+0x5d8/0x7b0 [ 270.915586][T26451] ? selinux_capable+0x34/0x40 [ 270.920339][T26451] ? security_capable+0x91/0xa0 [ 270.925174][T26451] ? kcsan_setup_watchpoint+0x231/0x3e0 [ 270.930699][T26451] ? blkdev_common_ioctl+0x9c3/0x1040 [ 270.936066][T26451] ? selinux_file_ioctl+0x8e0/0x970 [ 270.941348][T26451] ? lo_release+0x120/0x120 [ 270.945827][T26451] blkdev_ioctl+0x1d0/0x3c0 [ 270.950367][T26451] block_ioctl+0x6d/0x80 [ 270.954641][T26451] ? blkdev_iopoll+0x70/0x70 [ 270.959345][T26451] __se_sys_ioctl+0xcb/0x140 [ 270.963913][T26451] __x64_sys_ioctl+0x3f/0x50 [ 270.968482][T26451] do_syscall_64+0x4a/0x90 [ 270.972963][T26451] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 270.978837][T26451] RIP: 0033:0x466397 [ 270.982766][T26451] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 271.002364][T26451] RSP: 002b:00007f3a0bdd3fa8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 271.010770][T26451] RAX: ffffffffffffffda RBX: 0000000020000400 RCX: 0000000000466397 [ 271.018720][T26451] RDX: 0000000000000000 RSI: 0000000000004c01 RDI: 0000000000000006 08:40:48 executing program 4 (fault-call:5 fault-nth:41): mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 271.026733][T26451] RBP: 00007f3a0bdd46bc R08: 00007f3a0bdd4040 R09: 0000000020000180 [ 271.034694][T26451] R10: 0000000000848002 R11: 0000000000000246 R12: ffffffffffffffff [ 271.042651][T26451] R13: 0000000000000016 R14: 00007f3a0bdd4000 R15: 0000000020000440 [ 271.065506][T26438] loop3: detected capacity change from 0 to 1 08:40:48 executing program 5: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e1000000887700720030", 0x30, 0x1c0}]) [ 271.076481][T26432] loop0: p1 p2 p3 p4 [ 271.087600][T26482] new mount options do not match the existing superblock, will be ignored [ 271.088570][T26432] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 271.103865][T26432] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 271.112399][T26432] loop0: p4 size 3657465856 extends beyond EOD, truncated 08:40:48 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x5000000) [ 271.124651][T26493] loop5: detected capacity change from 0 to 1 [ 271.136471][T26482] FAULT_INJECTION: forcing a failure. [ 271.136471][T26482] name failslab, interval 1, probability 0, space 0, times 0 [ 271.149071][T26482] CPU: 1 PID: 26482 Comm: syz-executor.4 Not tainted 5.13.0-rc5-syzkaller #0 [ 271.157820][T26482] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 271.167868][T26482] Call Trace: [ 271.171139][T26482] dump_stack+0x137/0x19d [ 271.175466][T26482] should_fail+0x23c/0x250 [ 271.180027][T26482] ? inotify_handle_inode_event+0x106/0x2d0 [ 271.185941][T26482] __should_failslab+0x81/0x90 [ 271.190774][T26482] should_failslab+0x5/0x20 [ 271.195294][T26482] __kmalloc+0x66/0x340 [ 271.199438][T26482] ? lockref_get_not_dead+0xf2/0x1c0 [ 271.204897][T26482] inotify_handle_inode_event+0x106/0x2d0 [ 271.210707][T26482] ? tsan.module_ctor+0x10/0x10 [ 271.215532][T26482] fsnotify+0x1040/0x1190 [ 271.219924][T26482] __fsnotify_parent+0x2f3/0x430 [ 271.224905][T26482] ? blkdev_common_ioctl+0x9c3/0x1040 [ 271.230342][T26482] __fput+0x1a9/0x4e0 [ 271.234303][T26482] ____fput+0x11/0x20 [ 271.238316][T26482] task_work_run+0xae/0x130 [ 271.242821][T26482] exit_to_user_mode_prepare+0x156/0x190 [ 271.248501][T26482] syscall_exit_to_user_mode+0x20/0x40 [ 271.253938][T26482] do_syscall_64+0x56/0x90 [ 271.258353][T26482] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 271.264309][T26482] RIP: 0033:0x4193eb [ 271.268185][T26482] Code: 0f 05 48 3d 00 f0 ff ff 77 45 c3 0f 1f 40 00 48 83 ec 18 89 7c 24 0c e8 63 fc ff ff 8b 7c 24 0c 41 89 c0 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 44 89 c7 89 44 24 0c e8 a1 fc ff ff 8b 44 [ 271.287789][T26482] RSP: 002b:00007f3a0bdd3f90 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 271.296178][T26482] RAX: 0000000000000000 RBX: 0000000020000400 RCX: 00000000004193eb [ 271.304132][T26482] RDX: 0000000000000000 RSI: 0000000000004c01 RDI: 0000000000000006 [ 271.312079][T26482] RBP: 00007f3a0bdd46bc R08: 0000000000000000 R09: 0000000020000180 [ 271.320038][T26482] R10: 0000000000848002 R11: 0000000000000293 R12: ffffffffffffffff 08:40:48 executing program 0: syz_read_part_table(0xa6ffffff00000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:48 executing program 3: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0301bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:48 executing program 4 (fault-call:5 fault-nth:42): mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 271.327988][T26482] R13: 0000000000000016 R14: 00007f3a0bdd4000 R15: 0000000020000440 [ 271.348150][ T1135] loop0: p1 p2 p3 p4 [ 271.355805][ T1135] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 271.364147][ T1135] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 271.372201][ T1135] loop0: p4 size 3657465856 extends beyond EOD, truncated 08:40:48 executing program 5: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e1000000887700720030", 0x30, 0x1c0}]) [ 271.412906][T26514] loop3: detected capacity change from 0 to 1 [ 271.420000][T26517] new mount options do not match the existing superblock, will be ignored [ 271.424012][T26520] loop5: detected capacity change from 0 to 1 [ 271.446070][T26514] loop3: p1 p2 p3 p4 [ 271.450073][T26514] loop3: p1 start 487 is beyond EOD, truncated [ 271.456198][T26517] FAULT_INJECTION: forcing a failure. [ 271.456198][T26517] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 271.456335][T26514] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 271.469349][T26517] CPU: 0 PID: 26517 Comm: syz-executor.4 Not tainted 5.13.0-rc5-syzkaller #0 [ 271.482988][T26514] loop3: p3 start 225 is beyond EOD, [ 271.485192][T26517] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 271.485203][T26517] Call Trace: [ 271.485210][T26517] dump_stack+0x137/0x19d [ 271.490587][T26514] truncated 08:40:48 executing program 1: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x48) [ 271.500587][T26517] should_fail+0x23c/0x250 [ 271.503919][T26514] loop3: p4 size 3657465856 extends beyond EOD, [ 271.508216][T26517] should_fail_usercopy+0x16/0x20 [ 271.511308][T26514] truncated [ 271.519254][T26533] loop0: detected capacity change from 0 to 264192 [ 271.522004][T26517] _copy_to_user+0x1c/0x90 [ 271.522027][T26517] simple_read_from_buffer+0xab/0x120 [ 271.546624][T26517] proc_fail_nth_read+0xf6/0x140 [ 271.551553][T26517] ? rw_verify_area+0x136/0x250 [ 271.556531][T26517] ? proc_fault_inject_write+0x200/0x200 [ 271.562160][T26517] vfs_read+0x154/0x5d0 [ 271.566825][T26517] ? __fput+0x43e/0x4e0 [ 271.570968][T26517] ? __fget_light+0x21b/0x260 [ 271.575631][T26517] ? __cond_resched+0x11/0x40 [ 271.580336][T26517] ksys_read+0xce/0x180 [ 271.584479][T26517] __x64_sys_read+0x3e/0x50 [ 271.588955][T26517] do_syscall_64+0x4a/0x90 [ 271.593355][T26517] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 271.599255][T26517] RIP: 0033:0x41935c [ 271.603136][T26517] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48 [ 271.622762][T26517] RSP: 002b:00007f3a0bdd4170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 271.631360][T26517] RAX: ffffffffffffffda RBX: ffffffffffffffff RCX: 000000000041935c [ 271.639321][T26517] RDX: 000000000000000f RSI: 00007f3a0bdd41e0 RDI: 0000000000000004 [ 271.647367][T26517] RBP: 00007f3a0bdd41d0 R08: 0000000000000000 R09: 0000000020000180 [ 271.655323][T26517] R10: 0000000000848002 R11: 0000000000000246 R12: 0000000000000002 08:40:48 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 271.663291][T26517] R13: 00007ffec0fa817f R14: 00007f3a0bdd4300 R15: 0000000000022000 [ 271.699233][T26545] new mount options do not match the existing superblock, will be ignored [ 271.708027][T26533] loop0: p1 p2 p3 p4 [ 271.713247][T26533] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 271.722178][T26514] loop3: detected capacity change from 0 to 1 [ 271.726399][T26533] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 271.735658][T26533] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 271.744839][ T1135] loop0: p1 p2 p3 p4 [ 271.749546][T26514] loop3: p1 p2 p3 p4 [ 271.750281][ T1135] loop0: p2 size 1073872896 extends beyond EOD, truncated 08:40:48 executing program 5: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e1000000887700720030", 0x30, 0x1c0}]) 08:40:48 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x2, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 271.753603][T26514] loop3: p1 start 487 is beyond EOD, truncated [ 271.766808][T26514] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 271.768054][ T1135] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 271.781629][ T1135] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 271.808046][ T1135] loop0: p1 p2 p3 p4 [ 271.812752][ T1135] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 271.815924][T26578] new mount options do not match the existing superblock, will be ignored [ 271.820275][ T1135] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 271.829254][T26579] loop5: detected capacity change from 0 to 1 [ 271.836536][T26514] loop3: p3 start 225 is beyond EOD, truncated [ 271.847250][ T1135] loop0: p4 size 3657465856 extends beyond EOD, truncated 08:40:49 executing program 3: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0401bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:49 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x3, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 271.847753][T26514] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 271.866597][T26578] new mount options do not match the existing superblock, will be ignored [ 271.884425][T26533] loop0: detected capacity change from 0 to 264192 08:40:49 executing program 5: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff0000", 0x38, 0x1c0}]) [ 271.914859][T26604] new mount options do not match the existing superblock, will be ignored [ 271.924016][T26533] loop0: p1 p2 p3 p4 [ 271.929909][T26533] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 271.955285][T26617] loop3: detected capacity change from 0 to 1 [ 271.957840][T26533] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 271.969785][T26533] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 271.970163][T26622] loop5: detected capacity change from 0 to 1 [ 271.978599][ T1135] loop0: p1 p2 p3 p4 [ 271.986339][T26604] new mount options do not match the existing superblock, will be ignored [ 271.988213][ T1135] loop0: p2 size 1073872896 extends beyond EOD, truncated 08:40:49 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x6000000) [ 272.003486][T26617] loop3: p1 p2 p3 p4 [ 272.011626][T26617] loop3: p1 start 487 is beyond EOD, truncated [ 272.014690][ T1135] loop0: p3 size 1912633224 extends beyond EOD, [ 272.017866][T26617] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 272.023800][T26617] loop3: p3 start 225 is beyond EOD, [ 272.024202][ T1135] truncated [ 272.037763][ T1135] loop0: p4 size 3657465856 extends beyond EOD, [ 272.039946][T26617] truncated 08:40:49 executing program 0: syz_read_part_table(0xa926000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:49 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x4, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) 08:40:49 executing program 5: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff0000", 0x38, 0x1c0}]) [ 272.039951][T26617] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 272.056572][ T1135] truncated [ 272.082504][T26648] new mount options do not match the existing superblock, will be ignored [ 272.083735][T26617] loop3: detected capacity change from 0 to 1 [ 272.091873][T26651] loop5: detected capacity change from 0 to 1 [ 272.115754][T26617] loop3: p1 p2 p3 p4 [ 272.119797][T26617] loop3: p1 start 487 is beyond EOD, truncated 08:40:49 executing program 5: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff0000", 0x38, 0x1c0}]) [ 272.125949][T26617] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 272.134115][T26617] loop3: p3 start 225 is beyond EOD, truncated [ 272.140363][T26617] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 272.148083][T26648] new mount options do not match the existing superblock, will be ignored [ 272.177760][T26670] loop0: detected capacity change from 0 to 264192 [ 272.215788][ T1135] loop0: p1 p2 p3 p4 [ 272.215857][T26677] loop5: detected capacity change from 0 to 1 [ 272.220100][ T1135] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 272.233305][ T1135] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 272.241988][ T1135] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 272.251078][T26670] loop0: p1 p2 p3 p4 [ 272.255845][T26670] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 272.263446][T26670] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 272.271206][T26670] loop0: p4 size 3657465856 extends beyond EOD, truncated 08:40:49 executing program 1: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x4c) 08:40:49 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x5, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) 08:40:49 executing program 3: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0501bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:49 executing program 5: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff000000000080", 0x3c, 0x1c0}]) 08:40:49 executing program 0: syz_read_part_table(0xa9ffffff00000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 272.422890][T26724] loop5: detected capacity change from 0 to 1 [ 272.436856][T26728] new mount options do not match the existing superblock, will be ignored [ 272.447905][T26730] loop0: detected capacity change from 0 to 264192 [ 272.449825][T26731] loop3: detected capacity change from 0 to 1 [ 272.478351][T26728] new mount options do not match the existing superblock, will be ignored [ 272.494971][T26731] loop3: p1 p2 p3 p4 [ 272.499749][T26730] loop0: p1 p2 p3 p4 [ 272.506058][T26730] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 272.514783][T26730] loop0: p3 size 1912633224 extends beyond EOD, truncated 08:40:49 executing program 5: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff000000000080", 0x3c, 0x1c0}]) [ 272.522917][T26730] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 272.534662][T26731] loop3: p1 start 487 is beyond EOD, truncated [ 272.540949][T26731] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 272.562169][T26731] loop3: p3 start 225 is beyond EOD, truncated [ 272.568459][T26731] loop3: p4 size 3657465856 extends beyond EOD, truncated 08:40:49 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x6, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 272.578112][T26754] loop5: detected capacity change from 0 to 1 [ 272.604753][T26730] loop0: detected capacity change from 0 to 264192 [ 272.617564][T26766] new mount options do not match the existing superblock, will be ignored [ 272.649059][T26731] loop3: detected capacity change from 0 to 1 [ 272.668173][T26766] new mount options do not match the existing superblock, will be ignored [ 272.697902][T26731] loop3: p1 p2 p3 p4 [ 272.702298][T26731] loop3: p1 start 487 is beyond EOD, truncated [ 272.708483][T26731] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 272.727582][T26731] loop3: p3 start 225 is beyond EOD, truncated [ 272.733766][T26731] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 272.786400][ T1135] loop3: p1 p2 p3 p4 [ 272.790545][ T1135] loop3: p1 start 487 is beyond EOD, truncated [ 272.796723][ T1135] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 272.804022][ T1135] loop3: p3 start 225 is beyond EOD, truncated [ 272.810206][ T1135] loop3: p4 size 3657465856 extends beyond EOD, truncated 08:40:50 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x7000000) 08:40:50 executing program 0: syz_read_part_table(0xbfffffff00000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:50 executing program 5: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff000000000080", 0x3c, 0x1c0}]) 08:40:50 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x7, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) 08:40:50 executing program 3: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0601bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 272.955494][T26807] loop5: detected capacity change from 0 to 1 [ 272.958415][T26802] new mount options do not match the existing superblock, will be ignored [ 272.961727][T26803] loop3: detected capacity change from 0 to 1 [ 272.974326][T26804] loop0: detected capacity change from 0 to 264192 [ 272.996312][T26802] new mount options do not match the existing superblock, will be ignored [ 273.009585][T26803] loop3: p1 p2 p3 p4 [ 273.013976][T26803] loop3: p1 start 487 is beyond EOD, truncated [ 273.020222][T26803] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 273.029557][T26804] loop0: p1 p2 p3 p4 [ 273.029563][T26803] loop3: p3 start 225 is beyond EOD, truncated [ 273.039731][T26803] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 273.044169][T26804] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 273.056684][T26804] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 273.064151][T26804] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 273.102119][T26803] loop3: detected capacity change from 0 to 1 [ 273.135341][T26803] loop3: p1 p2 p3 p4 [ 273.139367][T26803] loop3: p1 start 487 is beyond EOD, truncated [ 273.145587][T26803] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 273.153170][T26803] loop3: p3 start 225 is beyond EOD, truncated [ 273.159391][T26803] loop3: p4 size 3657465856 extends beyond EOD, truncated 08:40:50 executing program 1: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x60) 08:40:50 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x8, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) 08:40:50 executing program 5: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da", 0x3e, 0x1c0}]) 08:40:50 executing program 0: syz_read_part_table(0xc10c000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:50 executing program 3: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0701bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 273.274681][ T1135] loop3: p1 p2 p3 p4 [ 273.280975][ T1135] loop3: p1 start 487 is beyond EOD, truncated [ 273.287149][ T1135] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 273.294053][T26855] loop0: detected capacity change from 0 to 264192 [ 273.301036][ T1135] loop3: p3 start 225 is beyond EOD, truncated [ 273.301675][T26856] loop5: detected capacity change from 0 to 1 [ 273.307280][ T1135] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 273.317471][T26858] new mount options do not match the existing superblock, will be ignored 08:40:50 executing program 5: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da", 0x3e, 0x1c0}]) [ 273.355283][T26855] loop0: p1 p2 p3 p4 [ 273.359874][T26855] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 273.367892][T26855] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 273.380137][T26868] loop3: detected capacity change from 0 to 1 [ 273.380509][T26858] new mount options do not match the existing superblock, will be ignored 08:40:50 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x9, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 273.409926][T26855] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 273.421650][T26868] loop3: p1 p2 p3 p4 [ 273.422544][T26885] loop5: detected capacity change from 0 to 1 [ 273.426354][T26868] loop3: p1 start 487 is beyond EOD, truncated [ 273.438073][T26868] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 273.446113][T26868] loop3: p3 start 225 is beyond EOD, truncated [ 273.452291][T26868] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 273.466035][ T1135] loop3: p1 p2 p3 p4 [ 273.470832][ T1135] loop3: p1 start 487 is beyond EOD, truncated [ 273.477042][ T1135] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 273.479155][T26895] new mount options do not match the existing superblock, will be ignored [ 273.486116][ T1135] loop3: p3 start 225 is beyond EOD, truncated [ 273.498805][ T1135] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 273.535816][T26895] new mount options do not match the existing superblock, will be ignored [ 273.555236][T26868] loop3: detected capacity change from 0 to 1 08:40:50 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x8000000) 08:40:50 executing program 0: syz_read_part_table(0xc20c000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:50 executing program 5: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da", 0x3e, 0x1c0}]) 08:40:50 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0xa, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) 08:40:50 executing program 3: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0801bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 273.841721][T26933] new mount options do not match the existing superblock, will be ignored [ 273.866456][T26938] loop5: detected capacity change from 0 to 1 [ 273.868785][T26936] loop3: detected capacity change from 0 to 1 [ 273.878911][T26937] loop0: detected capacity change from 0 to 264192 [ 273.897625][T26933] new mount options do not match the existing superblock, will be ignored [ 273.906640][T26936] loop3: p1 p2 p3 p4 [ 273.910754][T26936] loop3: p1 start 487 is beyond EOD, truncated [ 273.914926][T26937] loop0: p1 p2 p3 p4 [ 273.916977][T26936] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 273.922889][T26937] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 273.935803][T26937] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 273.936079][T26936] loop3: p3 start 225 is beyond EOD, truncated [ 273.943795][T26937] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 273.949168][T26936] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 274.006343][T24831] print_req_error: 4 callbacks suppressed [ 274.006353][T24831] blk_update_request: I/O error, dev loop0, sector 264064 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 274.007674][T24890] blk_update_request: I/O error, dev loop0, sector 264033 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 274.012165][ T880] blk_update_request: I/O error, dev loop0, sector 264064 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 274.024910][T26937] __loop_clr_fd: partition scan of loop0 failed (rc=-16) 08:40:51 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0xb, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) 08:40:51 executing program 1: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x68) 08:40:51 executing program 5: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55", 0x3f, 0x1c0}]) [ 274.035425][ T880] Buffer I/O error on dev loop0p2, logical block 33008, async page read [ 274.038570][ T880] blk_update_request: I/O error, dev loop0, sector 264033 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 274.067594][T26937] loop0: detected capacity change from 0 to 264192 [ 274.073381][ T880] Buffer I/O error on dev loop0p3, logical block 263808, async page read [ 274.086916][T26936] loop3: detected capacity change from 0 to 1 [ 274.147489][T26937] loop0: p1 p2 p3 p4 [ 274.160921][T26984] new mount options do not match the existing superblock, will be ignored [ 274.167627][T26937] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 274.177217][T26936] loop3: p1 p2 p3 p4 [ 274.181953][T26986] loop5: detected capacity change from 0 to 1 [ 274.182664][T26936] loop3: p1 start 487 is beyond EOD, truncated 08:40:51 executing program 3: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0901bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 274.190048][T26937] loop0: p3 size 1912633224 extends beyond EOD, [ 274.194186][T26936] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 274.195003][T26936] loop3: p3 start 225 is beyond EOD, [ 274.200551][T26937] truncated [ 274.207640][T26936] truncated [ 274.215903][T26937] loop0: p4 size 3657465856 extends beyond EOD, [ 274.216076][T26936] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 274.231690][T26984] new mount options do not match the existing superblock, will be ignored [ 274.232709][T26937] truncated 08:40:51 executing program 0: syz_read_part_table(0xc40c000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:51 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0xc, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) 08:40:51 executing program 5: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55", 0x3f, 0x1c0}]) [ 274.245073][ T1135] loop3: p1 p2 p3 p4 [ 274.250368][ T1135] loop3: p1 start 487 is beyond EOD, truncated [ 274.256567][ T1135] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 274.267014][ T1135] loop3: p3 start 225 is beyond EOD, truncated [ 274.273238][ T1135] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 274.290607][T27008] new mount options do not match the existing superblock, will be ignored [ 274.306693][T27015] loop5: detected capacity change from 0 to 1 [ 274.326652][T27012] loop3: detected capacity change from 0 to 1 [ 274.333004][T27029] loop0: detected capacity change from 0 to 264192 [ 274.341154][T27008] new mount options do not match the existing superblock, will be ignored [ 274.355322][T27029] loop0: p1 p2 p3 p4 [ 274.359804][T27029] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 274.371607][T27029] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 274.379293][T27029] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 274.386972][T27012] loop3: p1 p2 p3 p4 [ 274.390967][T27012] loop3: p1 start 487 is beyond EOD, truncated [ 274.397124][T27012] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 274.405726][T27012] loop3: p3 start 225 is beyond EOD, truncated [ 274.411897][T27012] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 274.423800][ T1135] loop3: p1 p2 p3 p4 [ 274.428324][ T1135] loop3: p1 start 487 is beyond EOD, truncated [ 274.434486][ T1135] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 274.444280][T27029] loop0: detected capacity change from 0 to 264192 [ 274.444900][ T1135] loop3: p3 start 225 is beyond EOD, truncated [ 274.456993][ T1135] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 274.494779][T27029] loop0: p1 p2 p3 p4 [ 274.499211][T27029] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 274.507321][T27029] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 274.515138][T27012] loop3: detected capacity change from 0 to 1 [ 274.518151][T27029] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 274.530198][ T1135] loop0: p1 p2 p3 p4 [ 274.534793][ T1135] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 274.542294][ T1135] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 274.549889][ T1135] loop0: p4 size 3657465856 extends beyond EOD, truncated 08:40:51 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x9000000) 08:40:51 executing program 5: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55", 0x3f, 0x1c0}]) 08:40:51 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0xd, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) 08:40:51 executing program 0: syz_read_part_table(0xc50c000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:51 executing program 3: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0a01bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 274.735557][T27098] loop0: detected capacity change from 0 to 264192 [ 274.743526][T27097] loop5: detected capacity change from 0 to 1 [ 274.751366][T27103] loop3: detected capacity change from 0 to 1 [ 274.751791][T27096] new mount options do not match the existing superblock, will be ignored [ 274.766466][T27098] loop0: p1 p2 p3 p4 [ 274.770951][T27098] loop0: p2 size 1073872896 extends beyond EOD, truncated 08:40:51 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0xe, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 274.783881][T27103] loop3: p1 p2 p3 p4 [ 274.785348][T27098] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 274.788145][T27103] loop3: p1 start 487 is beyond EOD, truncated [ 274.796326][T27098] loop0: p4 size 3657465856 extends beyond EOD, [ 274.801163][T27103] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 274.802356][T27103] loop3: p3 start 225 is beyond EOD, [ 274.807516][T27098] truncated [ 274.810191][T27096] new mount options do not match the existing superblock, will be ignored [ 274.814640][T27103] truncated [ 274.834686][T27103] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 274.896665][T27123] new mount options do not match the existing superblock, will be ignored [ 274.932373][T27103] loop3: detected capacity change from 0 to 1 [ 274.935322][T27098] loop0: detected capacity change from 0 to 264192 [ 274.941297][T27123] new mount options do not match the existing superblock, will be ignored 08:40:52 executing program 1: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x6c) 08:40:52 executing program 5: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40}]) 08:40:52 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x10, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) 08:40:52 executing program 0: syz_read_part_table(0xc60c000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 274.994603][T27103] loop3: p1 p2 p3 p4 [ 274.998699][T27103] loop3: p1 start 487 is beyond EOD, truncated [ 275.004867][T27103] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 275.013159][T27103] loop3: p3 start 225 is beyond EOD, truncated [ 275.019336][T27103] loop3: p4 size 3657465856 extends beyond EOD, truncated 08:40:52 executing program 3: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="1001bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 275.060974][T27149] new mount options do not match the existing superblock, will be ignored [ 275.097259][ T1135] loop3: p1 p2 p3 p4 [ 275.101598][ T1135] loop3: p1 start 487 is beyond EOD, truncated 08:40:52 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x11, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 275.107535][T27162] loop0: detected capacity change from 0 to 264192 [ 275.107778][ T1135] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 275.120435][T27149] new mount options do not match the existing superblock, will be ignored [ 275.130802][ T1135] loop3: p3 start 225 is beyond EOD, truncated [ 275.137004][ T1135] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 275.162246][T27176] new mount options do not match the existing superblock, will be ignored [ 275.175056][T27162] loop0: p1 p2 p3 p4 [ 275.179549][T27162] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 275.187966][T27176] new mount options do not match the existing superblock, will be ignored [ 275.196920][T27162] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 275.204241][T27174] loop3: detected capacity change from 0 to 1 [ 275.213061][T27162] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 275.244554][T27174] loop3: p1 p2 p3 p4 [ 275.248746][T27174] loop3: p1 start 487 is beyond EOD, truncated [ 275.254935][T27174] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 275.269391][T27174] loop3: p3 start 225 is beyond EOD, truncated [ 275.275728][T27174] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 275.298072][T27162] loop0: detected capacity change from 0 to 264192 [ 275.378166][T27162] loop0: p1 p2 p3 p4 [ 275.386145][T27162] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 275.393707][T27162] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 275.401655][T27162] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 275.445800][ T1135] loop0: p1 p2 p3 p4 [ 275.450646][ T1135] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 275.459207][ T1135] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 275.466787][ T1135] loop0: p4 size 3657465856 extends beyond EOD, truncated 08:40:52 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0xa000000) 08:40:52 executing program 5: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40}]) 08:40:52 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x12, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) 08:40:52 executing program 3: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="1701bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:52 executing program 0: syz_read_part_table(0xc9ffffff00000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 275.624976][T27244] new mount options do not match the existing superblock, will be ignored [ 275.636218][T27247] loop3: detected capacity change from 0 to 1 [ 275.636222][T27246] loop0: detected capacity change from 0 to 264192 [ 275.654707][T27246] loop0: p1 p2 p3 p4 [ 275.656779][T27244] new mount options do not match the existing superblock, will be ignored 08:40:52 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x25, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 275.670636][T27246] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 275.678827][T27246] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 275.686347][T27247] loop3: p1 p2 p3 p4 [ 275.693786][T27247] loop3: p1 start 487 is beyond EOD, truncated [ 275.699976][T27247] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 275.707921][T27247] loop3: p3 start 225 is beyond EOD, truncated [ 275.711446][T27264] new mount options do not match the existing superblock, will be ignored [ 275.714263][T27247] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 275.729901][T27246] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 275.764966][T27264] new mount options do not match the existing superblock, will be ignored [ 275.819299][T27247] loop3: detected capacity change from 0 to 1 [ 275.828456][T27246] loop0: detected capacity change from 0 to 264192 [ 275.874351][T27247] loop3: p1 p2 p3 p4 [ 275.878599][T27247] loop3: p1 start 487 is beyond EOD, truncated [ 275.885059][T27247] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 275.892678][T27247] loop3: p3 start 225 is beyond EOD, truncated [ 275.898864][T27247] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 275.910066][T27246] loop0: p1 p2 p3 p4 [ 275.910478][ T1135] loop3: p1 p2 p3 p4 08:40:53 executing program 1: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x74) 08:40:53 executing program 5: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40}]) 08:40:53 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x48, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 275.918953][T27246] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 275.924333][ T1135] loop3: p1 start 487 is beyond EOD, truncated [ 275.932563][ T1135] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 275.937406][T27246] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 275.957002][ T1135] loop3: p3 start 225 is beyond EOD, truncated [ 275.959773][T27246] loop0: p4 size 3657465856 extends beyond EOD, truncated 08:40:53 executing program 3: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="2601bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 275.963182][ T1135] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 275.980177][T27308] new mount options do not match the existing superblock, will be ignored 08:40:53 executing program 0: syz_read_part_table(0xcf7d278900000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:53 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x4c, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 276.032744][T27308] new mount options do not match the existing superblock, will be ignored [ 276.074232][T27327] loop3: detected capacity change from 0 to 1 [ 276.098215][T27332] new mount options do not match the existing superblock, will be ignored [ 276.114571][ T1135] loop3: p1 p2 p3 p4 [ 276.118636][ T1135] loop3: p1 start 487 is beyond EOD, truncated [ 276.125023][ T1135] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 276.132465][ T1135] loop3: p3 start 225 is beyond EOD, truncated [ 276.134952][T27332] new mount options do not match the existing superblock, will be ignored [ 276.138772][ T1135] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 276.161572][T27327] loop3: p1 p2 p3 p4 [ 276.165697][T27327] loop3: p1 start 487 is beyond EOD, truncated [ 276.171858][T27327] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 276.171970][T27351] loop0: detected capacity change from 0 to 264192 [ 276.180176][T27327] loop3: p3 start 225 is beyond EOD, truncated [ 276.191814][T27327] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 276.214207][T27351] loop0: p1 p2 p3 p4 [ 276.218919][T27351] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 276.226848][T27351] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 276.234467][T27351] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 276.247890][ T1135] loop0: p1 p2 p3 p4 [ 276.253556][T27327] loop3: detected capacity change from 0 to 1 [ 276.259848][ T1135] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 276.267371][ T1135] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 276.274958][ T1135] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 276.294183][T27327] loop3: p1 p2 p3 p4 [ 276.298738][T27327] loop3: p1 start 487 is beyond EOD, truncated [ 276.305064][T27327] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 276.312442][T27327] loop3: p3 start 225 is beyond EOD, truncated [ 276.318680][T27327] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 276.329731][T27351] loop0: detected capacity change from 0 to 264192 [ 276.374884][ T1135] loop3: p1 p2 p3 p4 [ 276.379027][T27351] loop0: p1 p2 p3 p4 [ 276.379139][ T1135] loop3: p1 start 487 is beyond EOD, truncated [ 276.390426][ T1135] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 276.391218][T27351] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 276.398414][ T1135] loop3: p3 start 225 is beyond EOD, truncated [ 276.406250][T27351] loop0: p3 size 1912633224 extends beyond EOD, [ 276.411073][ T1135] loop3: p4 size 3657465856 extends beyond EOD, truncated 08:40:53 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0xb000000) 08:40:53 executing program 5: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0501bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:53 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x68, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) 08:40:53 executing program 3: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="3101bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 276.424655][T27351] truncated [ 276.428083][T27351] loop0: p4 size 3657465856 extends beyond EOD, truncated 08:40:53 executing program 0: syz_read_part_table(0xe402000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 276.496058][T27407] new mount options do not match the existing superblock, will be ignored [ 276.496224][T27403] loop5: detected capacity change from 0 to 1 [ 276.527805][T27419] loop3: detected capacity change from 0 to 1 08:40:53 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x6c, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 276.555469][T27403] loop5: p1 p2 p3 p4 [ 276.557177][T27407] new mount options do not match the existing superblock, will be ignored [ 276.561148][T27403] loop5: p1 start 487 is beyond EOD, truncated [ 276.568731][T27412] loop0: detected capacity change from 0 to 264192 [ 276.574178][T27403] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 276.589394][T27419] loop3: p1 p2 p3 p4 [ 276.594517][T27419] loop3: p1 start 487 is beyond EOD, truncated [ 276.601502][T27419] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 276.604176][T27412] loop0: p1 p2 p3 p4 [ 276.613537][T27412] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 276.636719][T27412] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 276.637623][T27438] new mount options do not match the existing superblock, will be ignored [ 276.644530][T27419] loop3: p3 start 225 is beyond EOD, truncated [ 276.655988][T27403] loop5: p3 start 225 is beyond EOD, [ 276.658570][T27419] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 276.666924][T27412] loop0: p4 size 3657465856 extends beyond EOD, [ 276.671067][T27403] truncated [ 276.671072][T27403] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 276.677424][T27412] truncated [ 276.716386][T27438] new mount options do not match the existing superblock, will be ignored [ 276.731226][T27419] loop3: detected capacity change from 0 to 1 08:40:53 executing program 1: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x7a) 08:40:53 executing program 0: syz_read_part_table(0xe4ffffff00000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:53 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x74, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) 08:40:53 executing program 5 (fault-call:0 fault-nth:0): syz_read_part_table(0x0, 0xa, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 276.784025][T27419] loop3: p1 p2 p3 p4 [ 276.788092][T27419] loop3: p1 start 487 is beyond EOD, truncated [ 276.794258][T27419] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 276.802701][T27419] loop3: p3 start 225 is beyond EOD, truncated [ 276.808974][T27419] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 276.829657][T27472] FAULT_INJECTION: forcing a failure. [ 276.829657][T27472] name failslab, interval 1, probability 0, space 0, times 0 [ 276.842318][T27472] CPU: 1 PID: 27472 Comm: syz-executor.5 Not tainted 5.13.0-rc5-syzkaller #0 [ 276.842816][T27473] new mount options do not match the existing superblock, will be ignored [ 276.851133][T27472] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 276.851145][T27472] Call Trace: [ 276.851151][T27472] dump_stack+0x137/0x19d [ 276.862039][T27474] loop0: detected capacity change from 0 to 264192 [ 276.869905][T27472] should_fail+0x23c/0x250 [ 276.869926][T27472] ? __se_sys_memfd_create+0xfb/0x390 [ 276.869946][T27472] __should_failslab+0x81/0x90 [ 276.899160][T27472] should_failslab+0x5/0x20 [ 276.903752][T27472] __kmalloc+0x66/0x340 [ 276.907894][T27472] ? strnlen_user+0x137/0x1c0 [ 276.912549][T27472] __se_sys_memfd_create+0xfb/0x390 [ 276.917760][T27472] __x64_sys_memfd_create+0x2d/0x40 [ 276.923222][T27472] do_syscall_64+0x4a/0x90 [ 276.927622][T27472] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 276.933497][T27472] RIP: 0033:0x4665d9 [ 276.937374][T27472] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 276.957005][T27472] RSP: 002b:00007faa1f1e6e98 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 276.965418][T27472] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 00000000004665d9 [ 276.973374][T27472] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004bee66 08:40:54 executing program 5 (fault-call:0 fault-nth:1): syz_read_part_table(0x0, 0xa, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 276.981339][T27472] RBP: 000000000000000a R08: 3000720077880000 R09: 0000000000000000 [ 276.989291][T27472] R10: 000000000000000a R11: 0000000000000246 R12: 0000000008100000 [ 276.997328][T27472] R13: 00007ffe90da0c5f R14: 0000000000000380 R15: 0000000000022000 [ 277.006856][ T1135] loop3: p1 p2 p3 p4 [ 277.011060][ T1135] loop3: p1 start 487 is beyond EOD, truncated [ 277.017348][ T1135] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 277.028848][ T1135] loop3: p3 start 225 is beyond EOD, truncated [ 277.035149][ T1135] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 277.040217][T27486] FAULT_INJECTION: forcing a failure. [ 277.040217][T27486] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 277.055565][T27486] CPU: 0 PID: 27486 Comm: syz-executor.5 Not tainted 5.13.0-rc5-syzkaller #0 [ 277.064338][T27486] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 277.074453][T27486] Call Trace: [ 277.077716][T27486] dump_stack+0x137/0x19d [ 277.082044][T27486] should_fail+0x23c/0x250 [ 277.086446][T27486] should_fail_usercopy+0x16/0x20 [ 277.091479][T27486] _copy_from_user+0x1c/0xd0 [ 277.096056][T27486] __se_sys_memfd_create+0x137/0x390 [ 277.101492][T27486] __x64_sys_memfd_create+0x2d/0x40 [ 277.106700][T27486] do_syscall_64+0x4a/0x90 [ 277.111132][T27486] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 277.117101][T27486] RIP: 0033:0x4665d9 [ 277.120980][T27486] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 277.140597][T27486] RSP: 002b:00007faa1f1e6e98 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 277.149139][T27486] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 00000000004665d9 [ 277.157962][T27486] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004bee66 [ 277.166004][T27486] RBP: 000000000000000a R08: 3000720077880000 R09: 0000000000000000 [ 277.173976][T27486] R10: 000000000000000a R11: 0000000000000246 R12: 0000000008100000 08:40:54 executing program 5 (fault-call:0 fault-nth:2): syz_read_part_table(0x0, 0xa, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 277.182018][T27486] R13: 00007ffe90da0c5f R14: 0000000000000380 R15: 0000000000022000 [ 277.204174][ T1135] loop0: p1 p2 p3 p4 [ 277.209391][ T1135] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 277.219626][ T1135] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 277.219972][T27473] new mount options do not match the existing superblock, will be ignored [ 277.227808][ T1135] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 277.236958][T27496] FAULT_INJECTION: forcing a failure. [ 277.236958][T27496] name failslab, interval 1, probability 0, space 0, times 0 [ 277.255108][T27496] CPU: 0 PID: 27496 Comm: syz-executor.5 Not tainted 5.13.0-rc5-syzkaller #0 [ 277.263878][T27496] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 277.274011][T27496] Call Trace: [ 277.277291][T27496] dump_stack+0x137/0x19d [ 277.281622][T27496] should_fail+0x23c/0x250 [ 277.286028][T27496] ? shmem_alloc_inode+0x22/0x30 [ 277.290984][T27496] __should_failslab+0x81/0x90 [ 277.295730][T27496] ? shmem_match+0xa0/0xa0 [ 277.300285][T27496] should_failslab+0x5/0x20 [ 277.304764][T27496] kmem_cache_alloc+0x46/0x2f0 [ 277.309503][T27496] ? do_anonymous_page+0x411/0x8b0 [ 277.314592][T27496] ? fsnotify_perm+0x59/0x2e0 [ 277.319245][T27496] ? shmem_match+0xa0/0xa0 [ 277.323642][T27496] shmem_alloc_inode+0x22/0x30 [ 277.328430][T27496] new_inode_pseudo+0x38/0x1c0 08:40:54 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0xc000000) 08:40:54 executing program 3: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="3e01bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:54 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x7a, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 277.333171][T27496] new_inode+0x21/0x120 [ 277.337328][T27496] shmem_get_inode+0xa1/0x480 [ 277.341994][T27496] __shmem_file_setup+0xf1/0x1d0 [ 277.346927][T27496] shmem_file_setup+0x37/0x40 [ 277.351603][T27496] __se_sys_memfd_create+0x1eb/0x390 [ 277.356988][T27496] __x64_sys_memfd_create+0x2d/0x40 [ 277.362197][T27496] do_syscall_64+0x4a/0x90 [ 277.366620][T27496] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 277.372509][T27496] RIP: 0033:0x4665d9 [ 277.376475][T27496] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 277.387839][T27505] loop3: detected capacity change from 0 to 1 [ 277.396073][T27496] RSP: 002b:00007faa1f1e6e98 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 277.396095][T27496] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 00000000004665d9 [ 277.396107][T27496] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004bee66 [ 277.426588][T27496] RBP: 000000000000000a R08: 3000720077880000 R09: 0000000000000000 08:40:54 executing program 5 (fault-call:0 fault-nth:3): syz_read_part_table(0x0, 0xa, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 277.434550][T27496] R10: 000000000000000a R11: 0000000000000246 R12: 0000000008100000 [ 277.442503][T27496] R13: 00007ffe90da0c5f R14: 0000000000000380 R15: 0000000000022000 [ 277.452198][T27474] loop0: p1 p2 p3 p4 [ 277.458678][T27474] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 277.468255][T27517] new mount options do not match the existing superblock, will be ignored [ 277.475994][T27474] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 277.484684][T27474] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 277.484714][T27505] loop3: p1 p2 p3 p4 [ 277.504817][T27505] loop3: p1 start 487 is beyond EOD, truncated [ 277.511099][T27505] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 277.514593][T27524] FAULT_INJECTION: forcing a failure. [ 277.514593][T27524] name failslab, interval 1, probability 0, space 0, times 0 [ 277.519584][T27505] loop3: p3 start 225 is beyond EOD, [ 277.530806][T27524] CPU: 1 PID: 27524 Comm: syz-executor.5 Not tainted 5.13.0-rc5-syzkaller #0 [ 277.536321][T27505] truncated [ 277.545041][T27524] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 277.545052][T27524] Call Trace: [ 277.545060][T27524] dump_stack+0x137/0x19d [ 277.548198][T27505] loop3: p4 size 3657465856 extends beyond EOD, [ 277.558227][T27524] should_fail+0x23c/0x250 [ 277.561500][T27505] truncated [ 277.579612][T27524] ? security_inode_alloc+0x30/0x180 [ 277.584893][T27524] __should_failslab+0x81/0x90 [ 277.589651][T27524] should_failslab+0x5/0x20 [ 277.594167][T27524] kmem_cache_alloc+0x46/0x2f0 [ 277.598944][T27524] security_inode_alloc+0x30/0x180 [ 277.604187][T27524] inode_init_always+0x20b/0x420 [ 277.609122][T27524] ? shmem_match+0xa0/0xa0 [ 277.613526][T27524] new_inode_pseudo+0x73/0x1c0 [ 277.618359][T27524] new_inode+0x21/0x120 [ 277.622512][T27524] shmem_get_inode+0xa1/0x480 [ 277.627175][T27524] __shmem_file_setup+0xf1/0x1d0 [ 277.632227][T27524] shmem_file_setup+0x37/0x40 [ 277.636930][T27524] __se_sys_memfd_create+0x1eb/0x390 [ 277.642198][T27524] __x64_sys_memfd_create+0x2d/0x40 [ 277.647478][T27524] do_syscall_64+0x4a/0x90 [ 277.651927][T27524] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 277.657809][T27524] RIP: 0033:0x4665d9 [ 277.661686][T27524] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 08:40:54 executing program 1: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x21d) 08:40:54 executing program 5 (fault-call:0 fault-nth:4): syz_read_part_table(0x0, 0xa, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 277.681277][T27524] RSP: 002b:00007faa1f1e6e98 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 277.689673][T27524] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 00000000004665d9 [ 277.697626][T27524] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004bee66 [ 277.705587][T27524] RBP: 000000000000000a R08: 3000720077880000 R09: 0000000000000000 [ 277.713696][T27524] R10: 000000000000000a R11: 0000000000000246 R12: 0000000008100000 [ 277.721722][T27524] R13: 00007ffe90da0c5f R14: 0000000000000380 R15: 0000000000022000 08:40:54 executing program 0: syz_read_part_table(0xeeffffff00000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:54 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0xfe, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 277.751452][T27517] new mount options do not match the existing superblock, will be ignored [ 277.771892][T27505] loop3: detected capacity change from 0 to 1 [ 277.787087][T27546] FAULT_INJECTION: forcing a failure. [ 277.787087][T27546] name failslab, interval 1, probability 0, space 0, times 0 [ 277.798309][T27550] loop0: detected capacity change from 0 to 264192 [ 277.799712][T27546] CPU: 0 PID: 27546 Comm: syz-executor.5 Not tainted 5.13.0-rc5-syzkaller #0 [ 277.799730][T27546] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 277.799739][T27546] Call Trace: [ 277.799744][T27546] dump_stack+0x137/0x19d [ 277.832567][T27546] should_fail+0x23c/0x250 [ 277.836967][T27546] ? __d_alloc+0x36/0x370 [ 277.841376][T27546] __should_failslab+0x81/0x90 [ 277.846224][T27546] should_failslab+0x5/0x20 [ 277.850781][T27546] kmem_cache_alloc+0x46/0x2f0 [ 277.855533][T27546] ? __init_rwsem+0x59/0x70 [ 277.860032][T27546] __d_alloc+0x36/0x370 [ 277.864165][T27546] ? current_time+0xdb/0x190 [ 277.868866][T27546] d_alloc_pseudo+0x1a/0x50 [ 277.873397][T27546] alloc_file_pseudo+0x63/0x130 [ 277.878304][T27546] __shmem_file_setup+0x14c/0x1d0 [ 277.883346][T27546] shmem_file_setup+0x37/0x40 [ 277.888006][T27546] __se_sys_memfd_create+0x1eb/0x390 [ 277.893344][T27546] __x64_sys_memfd_create+0x2d/0x40 [ 277.898588][T27546] do_syscall_64+0x4a/0x90 [ 277.903096][T27546] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 277.908988][T27546] RIP: 0033:0x4665d9 [ 277.912901][T27546] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 277.932584][T27546] RSP: 002b:00007faa1f1e6e98 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 277.941076][T27546] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 00000000004665d9 [ 277.949037][T27546] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004bee66 [ 277.956991][T27546] RBP: 000000000000000a R08: 3000720077880000 R09: 0000000000000000 [ 277.965058][T27546] R10: 000000000000000a R11: 0000000000000246 R12: 0000000008100000 [ 277.973249][T27546] R13: 00007ffe90da0c5f R14: 0000000000000380 R15: 0000000000022000 [ 277.983902][T27505] loop3: p1 p2 p3 p4 [ 277.983997][T27550] loop0: p1 p2 p3 p4 [ 277.987953][T27505] loop3: p1 start 487 is beyond EOD, truncated 08:40:55 executing program 5 (fault-call:0 fault-nth:5): syz_read_part_table(0x0, 0xa, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 277.998086][T27505] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 278.005365][T27550] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 278.013114][T27550] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 278.024146][T27559] new mount options do not match the existing superblock, will be ignored [ 278.033009][T27550] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 278.040860][T27562] FAULT_INJECTION: forcing a failure. [ 278.040860][T27562] name failslab, interval 1, probability 0, space 0, times 0 [ 278.041236][T27505] loop3: p3 start 225 is beyond EOD, truncated [ 278.053525][T27562] CPU: 1 PID: 27562 Comm: syz-executor.5 Not tainted 5.13.0-rc5-syzkaller #0 [ 278.059658][T27505] loop3: p4 size 3657465856 extends beyond EOD, [ 278.068389][T27562] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 278.068398][T27562] Call Trace: [ 278.068404][T27562] dump_stack+0x137/0x19d [ 278.068424][T27562] should_fail+0x23c/0x250 [ 278.074736][T27505] truncated [ 278.084776][T27562] ? __alloc_file+0x2e/0x1a0 [ 278.104420][T27562] __should_failslab+0x81/0x90 [ 278.109968][T27562] should_failslab+0x5/0x20 [ 278.114502][T27562] kmem_cache_alloc+0x46/0x2f0 [ 278.119321][T27562] ? inode_doinit_with_dentry+0x382/0x950 [ 278.125064][T27562] __alloc_file+0x2e/0x1a0 [ 278.129462][T27562] alloc_empty_file+0xcd/0x1c0 [ 278.134205][T27562] alloc_file+0x3a/0x280 [ 278.138430][T27562] alloc_file_pseudo+0xe2/0x130 [ 278.143265][T27562] __shmem_file_setup+0x14c/0x1d0 [ 278.148311][T27562] shmem_file_setup+0x37/0x40 [ 278.153161][T27562] __se_sys_memfd_create+0x1eb/0x390 [ 278.158452][T27562] __x64_sys_memfd_create+0x2d/0x40 [ 278.163684][T27562] do_syscall_64+0x4a/0x90 [ 278.168100][T27562] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 278.174027][T27562] RIP: 0033:0x4665d9 [ 278.177906][T27562] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 08:40:55 executing program 3: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="6401bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 278.197496][T27562] RSP: 002b:00007faa1f1e6e98 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 278.205887][T27562] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 00000000004665d9 [ 278.213836][T27562] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004bee66 [ 278.221791][T27562] RBP: 000000000000000a R08: 3000720077880000 R09: 0000000000000000 [ 278.229756][T27562] R10: 000000000000000a R11: 0000000000000246 R12: 0000000008100000 [ 278.237706][T27562] R13: 00007ffe90da0c5f R14: 0000000000000380 R15: 0000000000022000 08:40:55 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0xd000000) 08:40:55 executing program 5 (fault-call:0 fault-nth:6): syz_read_part_table(0x0, 0xa, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 278.254386][ T1769] loop3: p1 p2 p3 p4 [ 278.258442][ T1769] loop3: p1 start 487 is beyond EOD, truncated [ 278.264606][ T1769] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 278.276160][T27559] new mount options do not match the existing superblock, will be ignored [ 278.276961][ T1769] loop3: p3 start 225 is beyond EOD, truncated [ 278.290948][ T1769] loop3: p4 size 3657465856 extends beyond EOD, truncated 08:40:55 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x204, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 278.304584][T27550] loop0: detected capacity change from 0 to 264192 [ 278.309548][T27584] FAULT_INJECTION: forcing a failure. [ 278.309548][T27584] name failslab, interval 1, probability 0, space 0, times 0 [ 278.323685][T27584] CPU: 1 PID: 27584 Comm: syz-executor.5 Not tainted 5.13.0-rc5-syzkaller #0 [ 278.332432][T27584] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 278.342473][T27584] Call Trace: [ 278.345745][T27584] dump_stack+0x137/0x19d [ 278.350101][T27584] should_fail+0x23c/0x250 [ 278.354494][T27584] ? security_file_alloc+0x30/0x190 [ 278.359704][T27584] __should_failslab+0x81/0x90 [ 278.364472][T27584] should_failslab+0x5/0x20 [ 278.368951][T27584] kmem_cache_alloc+0x46/0x2f0 [ 278.373688][T27584] security_file_alloc+0x30/0x190 [ 278.378744][T27584] __alloc_file+0x83/0x1a0 [ 278.383128][T27584] alloc_empty_file+0xcd/0x1c0 [ 278.387866][T27584] alloc_file+0x3a/0x280 [ 278.392081][T27584] alloc_file_pseudo+0xe2/0x130 [ 278.396918][T27584] __shmem_file_setup+0x14c/0x1d0 [ 278.401920][T27584] shmem_file_setup+0x37/0x40 [ 278.406596][T27584] __se_sys_memfd_create+0x1eb/0x390 [ 278.411868][T27584] __x64_sys_memfd_create+0x2d/0x40 [ 278.417056][T27584] do_syscall_64+0x4a/0x90 [ 278.421501][T27584] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 278.427386][T27584] RIP: 0033:0x4665d9 [ 278.431254][T27584] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 278.451120][T27584] RSP: 002b:00007faa1f1e6e98 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 278.459558][T27584] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 00000000004665d9 [ 278.467505][T27584] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004bee66 [ 278.475450][T27584] RBP: 000000000000000a R08: 3000720077880000 R09: 0000000000000000 [ 278.483429][T27584] R10: 000000000000000a R11: 0000000000000246 R12: 0000000008100000 [ 278.491372][T27584] R13: 00007ffe90da0c5f R14: 0000000000000380 R15: 0000000000022000 08:40:55 executing program 5 (fault-call:0 fault-nth:7): syz_read_part_table(0x0, 0xa, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 278.515955][T27550] loop0: p1 p2 p3 p4 [ 278.516679][T27592] new mount options do not match the existing superblock, will be ignored [ 278.529841][T27550] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 278.538510][T27550] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 278.557214][T27592] loop4: detected capacity change from 0 to 1 08:40:55 executing program 0: syz_read_part_table(0xf504000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:55 executing program 1: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x300) [ 278.567487][T27550] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 278.576954][T27604] loop3: detected capacity change from 0 to 1 [ 278.585592][T27611] FAULT_INJECTION: forcing a failure. [ 278.585592][T27611] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 278.598956][T27611] CPU: 1 PID: 27611 Comm: syz-executor.5 Not tainted 5.13.0-rc5-syzkaller #0 [ 278.607728][T27611] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 278.617776][T27611] Call Trace: [ 278.621115][T27611] dump_stack+0x137/0x19d [ 278.625498][T27611] should_fail+0x23c/0x250 [ 278.629977][T27611] __alloc_pages+0x102/0x320 [ 278.634585][T27611] alloc_pages_vma+0x391/0x660 [ 278.639328][T27611] shmem_getpage_gfp+0x980/0x1410 [ 278.644385][T27611] ? mls_context_isvalid+0x76/0x1e0 [ 278.649575][T27611] shmem_write_begin+0x7e/0x100 [ 278.654514][T27611] generic_perform_write+0x196/0x3a0 [ 278.659849][T27611] ? file_update_time+0x1bd/0x3e0 [ 278.664850][T27611] __generic_file_write_iter+0x161/0x300 [ 278.670457][T27611] ? generic_write_checks+0x250/0x290 [ 278.675808][T27611] generic_file_write_iter+0x75/0x130 [ 278.681185][T27611] vfs_write+0x69d/0x770 [ 278.685404][T27611] __x64_sys_pwrite64+0xf5/0x150 [ 278.690385][T27611] do_syscall_64+0x4a/0x90 [ 278.694875][T27611] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 278.700823][T27611] RIP: 0033:0x419777 [ 278.704719][T27611] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 278.724317][T27611] RSP: 002b:00007faa1f1e6e70 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 278.732968][T27611] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000419777 [ 278.740917][T27611] RDX: 0000000000000040 RSI: 00000000200000c0 RDI: 0000000000000004 [ 278.748982][T27611] RBP: 000000000000000a R08: 0000000000000000 R09: 0000000000000000 [ 278.756936][T27611] R10: 00000000000001c0 R11: 0000000000000293 R12: 0000000000000004 [ 278.764897][T27611] R13: 0000000000000004 R14: 0000000020000000 R15: 0000000000000000 [ 278.777246][T27611] loop5: detected capacity change from 0 to 1 [ 278.784068][T27604] loop3: p1 p2 p3 p4 [ 278.788127][T27604] loop3: p1 start 487 is beyond EOD, truncated [ 278.794304][T27604] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 278.797689][T27592] new mount options do not match the existing superblock, will be ignored [ 278.811205][T27604] loop3: p3 start 225 is beyond EOD, truncated 08:40:55 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x300, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 278.817388][T27604] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 278.836832][T24890] blk_update_request: I/O error, dev loop0, sector 264064 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 278.840139][T27631] new mount options do not match the existing superblock, will be ignored [ 278.849967][T24807] blk_update_request: I/O error, dev loop0, sector 264033 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 278.862249][T27631] loop4: detected capacity change from 0 to 1 [ 278.874749][T24831] blk_update_request: I/O error, dev loop0, sector 495 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 278.875899][T24888] blk_update_request: I/O error, dev loop0, sector 264064 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 278.887262][ T1760] __loop_clr_fd: partition scan of loop0 failed (rc=-16) [ 278.898238][ T880] blk_update_request: I/O error, dev loop0, sector 264064 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 08:40:56 executing program 5 (fault-call:0 fault-nth:8): syz_read_part_table(0x0, 0xa, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 278.916261][ T880] Buffer I/O error on dev loop0p4, logical block 33008, async page read [ 278.924750][ T880] blk_update_request: I/O error, dev loop0, sector 495 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 278.935781][ T880] Buffer I/O error on dev loop0p1, logical block 1, async page read [ 278.939529][T27635] loop0: detected capacity change from 0 to 264192 [ 278.943807][ T880] Buffer I/O error on dev loop0p2, logical block 33008, async page read [ 278.980629][T27631] new mount options do not match the existing superblock, will be ignored [ 278.990510][T27604] loop3: detected capacity change from 0 to 1 [ 278.990980][T27653] FAULT_INJECTION: forcing a failure. [ 278.990980][T27653] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 279.009742][T27653] CPU: 0 PID: 27653 Comm: syz-executor.5 Not tainted 5.13.0-rc5-syzkaller #0 [ 279.018574][T27653] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 279.028723][T27653] Call Trace: [ 279.031994][T27653] dump_stack+0x137/0x19d [ 279.036362][T27653] should_fail+0x23c/0x250 [ 279.040927][T27653] should_fail_usercopy+0x16/0x20 [ 279.046089][T27653] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 279.052204][T27653] ? shmem_write_begin+0x7e/0x100 [ 279.057289][T27653] generic_perform_write+0x1e4/0x3a0 [ 279.062609][T27653] ? file_update_time+0x1bd/0x3e0 [ 279.067628][T27653] __generic_file_write_iter+0x161/0x300 [ 279.073239][T27653] ? generic_write_checks+0x250/0x290 08:40:56 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x402, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 279.078647][T27653] generic_file_write_iter+0x75/0x130 [ 279.083990][T27653] vfs_write+0x69d/0x770 [ 279.088227][T27653] __x64_sys_pwrite64+0xf5/0x150 [ 279.093141][T27653] do_syscall_64+0x4a/0x90 [ 279.097592][T27653] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 279.103527][T27653] RIP: 0033:0x419777 [ 279.107499][T27653] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b 08:40:56 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0xe000000) [ 279.127091][T27653] RSP: 002b:00007faa1f1e6e70 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 279.135487][T27653] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000419777 [ 279.143452][T27653] RDX: 0000000000000040 RSI: 00000000200000c0 RDI: 0000000000000004 [ 279.151413][T27653] RBP: 000000000000000a R08: 0000000000000000 R09: 0000000000000000 [ 279.159376][T27653] R10: 00000000000001c0 R11: 0000000000000293 R12: 0000000000000004 [ 279.167341][T27653] R13: 0000000000000004 R14: 0000000020000000 R15: 0000000000000000 [ 279.182825][T27635] loop_reread_partitions: partition scan of loop0 () failed (rc=-16) [ 279.193536][T27604] loop3: p1 p2 p3 p4 [ 279.197914][T27604] loop3: p1 start 487 is beyond EOD, truncated [ 279.204207][T27604] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 279.219834][T27604] loop3: p3 start 225 is beyond EOD, truncated [ 279.226060][T27604] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 279.228613][T27653] loop5: detected capacity change from 0 to 1 [ 279.238227][T27667] new mount options do not match the existing superblock, will be ignored [ 279.248766][T27667] loop4: detected capacity change from 0 to 2 [ 279.263592][T27653] loop5: p1 p2 p4 [ 279.267347][T27653] loop5: p1 start 487 is beyond EOD, truncated [ 279.273543][T27653] loop5: p2 size 1073872896 extends beyond EOD, truncated 08:40:56 executing program 3: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0202bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 279.280493][T27635] loop0: detected capacity change from 0 to 264192 [ 279.280982][T27653] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 279.295064][ T1135] loop3: p1 p2 p3 p4 [ 279.299107][ T1135] loop3: p1 start 487 is beyond EOD, truncated [ 279.305281][ T1135] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 279.312735][ T1135] loop3: p3 start 225 is beyond EOD, truncated [ 279.318936][ T1135] loop3: p4 size 3657465856 extends beyond EOD, truncated 08:40:56 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x406, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) 08:40:56 executing program 5 (fault-call:0 fault-nth:9): syz_read_part_table(0x0, 0xa, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 279.326699][T27667] new mount options do not match the existing superblock, will be ignored [ 279.345097][T27635] loop0: p1 p2 p3 p4 [ 279.352629][T27635] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 279.360843][T27635] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 279.368727][T27635] loop0: p4 size 3657465856 extends beyond EOD, truncated 08:40:56 executing program 0: syz_read_part_table(0xf600000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 279.387696][T27700] new mount options do not match the existing superblock, will be ignored [ 279.408115][T27709] loop3: detected capacity change from 0 to 1 [ 279.414966][ T1135] loop0: p1 p2 p3 p4 [ 279.415362][T27715] FAULT_INJECTION: forcing a failure. [ 279.415362][T27715] name failslab, interval 1, probability 0, space 0, times 0 [ 279.419962][ T1135] loop0: p2 size 1073872896 extends beyond EOD, [ 279.431572][T27715] CPU: 0 PID: 27715 Comm: syz-executor.5 Not tainted 5.13.0-rc5-syzkaller #0 [ 279.431542][ T1135] truncated [ 279.431950][ T1135] loop0: p3 size 1912633224 extends beyond EOD, [ 279.437943][T27715] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 279.437953][T27715] Call Trace: [ 279.437959][T27715] dump_stack+0x137/0x19d [ 279.446699][ T1135] truncated [ 279.449776][T27715] should_fail+0x23c/0x250 [ 279.456402][ T1135] loop0: p4 size 3657465856 extends beyond EOD, 08:40:56 executing program 1: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x500) [ 279.466106][T27715] ? getname_flags+0x84/0x3d0 [ 279.469372][ T1135] truncated [ 279.484396][T27700] loop4: detected capacity change from 0 to 2 [ 279.487490][T27715] __should_failslab+0x81/0x90 [ 279.487516][T27715] should_failslab+0x5/0x20 [ 279.510491][T27715] kmem_cache_alloc+0x46/0x2f0 [ 279.515243][T27715] getname_flags+0x84/0x3d0 [ 279.519739][T27715] ? vfs_write+0x703/0x770 [ 279.524160][T27715] getname+0x15/0x20 [ 279.528030][T27715] do_sys_openat2+0x5b/0x250 [ 279.532628][T27715] ? __fget_light+0x21b/0x260 [ 279.537280][T27715] __x64_sys_openat+0xef/0x110 [ 279.542038][T27715] do_syscall_64+0x4a/0x90 [ 279.546439][T27715] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 279.552359][T27715] RIP: 0033:0x4196c4 [ 279.556244][T27715] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 279.576124][T27715] RSP: 002b:00007faa1f1e6e20 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 279.584510][T27715] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 00000000004196c4 [ 279.592459][T27715] RDX: 0000000000000002 RSI: 00007faa1f1e6f40 RDI: 00000000ffffff9c [ 279.600411][T27715] RBP: 00007faa1f1e6f40 R08: 0000000000000000 R09: 0000000000000000 [ 279.608362][T27715] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 279.616360][T27715] R13: 0000000000000004 R14: 00000000200000f0 R15: 000000000000000a 08:40:56 executing program 5 (fault-call:0 fault-nth:10): syz_read_part_table(0x0, 0xa, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 279.637365][T27709] loop3: p1 p2 p3 p4 [ 279.641453][T27709] loop3: p1 start 487 is beyond EOD, truncated [ 279.647623][T27709] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 279.655508][T27709] loop3: p3 start 225 is beyond EOD, truncated [ 279.661653][T27709] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 279.669486][T27700] new mount options do not match the existing superblock, will be ignored [ 279.675774][T27734] FAULT_INJECTION: forcing a failure. 08:40:56 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x500, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 279.675774][T27734] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 279.691182][T27734] CPU: 0 PID: 27734 Comm: syz-executor.5 Not tainted 5.13.0-rc5-syzkaller #0 [ 279.699937][T27734] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 279.710008][T27734] Call Trace: [ 279.713273][T27734] dump_stack+0x137/0x19d [ 279.717595][T27734] should_fail+0x23c/0x250 [ 279.722019][T27734] should_fail_usercopy+0x16/0x20 [ 279.724821][T27746] loop0: detected capacity change from 0 to 264192 [ 279.727072][T27734] strncpy_from_user+0x21/0x250 [ 279.738401][T27734] getname_flags+0xb8/0x3d0 [ 279.742917][T27734] ? vfs_write+0x703/0x770 [ 279.747308][T27734] getname+0x15/0x20 [ 279.751182][T27734] do_sys_openat2+0x5b/0x250 [ 279.755753][T27734] ? __fget_light+0x21b/0x260 [ 279.760410][T27734] __x64_sys_openat+0xef/0x110 [ 279.765165][T27734] do_syscall_64+0x4a/0x90 [ 279.769553][T27734] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 279.775443][T27734] RIP: 0033:0x4196c4 [ 279.779324][T27734] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 279.798912][T27734] RSP: 002b:00007faa1f1e6e20 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 279.807352][T27734] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 00000000004196c4 [ 279.815367][T27734] RDX: 0000000000000002 RSI: 00007faa1f1e6f40 RDI: 00000000ffffff9c [ 279.823316][T27734] RBP: 00007faa1f1e6f40 R08: 0000000000000000 R09: 0000000000000000 [ 279.831277][T27734] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 08:40:57 executing program 5 (fault-call:0 fault-nth:11): syz_read_part_table(0x0, 0xa, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 279.839243][T27734] R13: 0000000000000004 R14: 00000000200000f0 R15: 000000000000000a [ 279.868755][T27753] new mount options do not match the existing superblock, will be ignored [ 279.877644][T27709] loop3: detected capacity change from 0 to 1 [ 279.884267][T27746] loop0: p1 p2 p3 p4 [ 279.888844][T27746] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 279.891034][T27753] loop4: detected capacity change from 0 to 2 [ 279.897905][T27757] FAULT_INJECTION: forcing a failure. [ 279.897905][T27757] name failslab, interval 1, probability 0, space 0, times 0 [ 279.910054][T27746] loop0: p3 size 1912633224 extends beyond EOD, [ 279.914675][T27757] CPU: 1 PID: 27757 Comm: syz-executor.5 Not tainted 5.13.0-rc5-syzkaller #0 [ 279.914694][T27757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 279.914703][T27757] Call Trace: [ 279.921084][T27746] truncated [ 279.921685][T27746] loop0: p4 size 3657465856 extends beyond EOD, [ 279.930012][T27757] dump_stack+0x137/0x19d [ 279.930037][T27757] should_fail+0x23c/0x250 [ 279.930053][T27757] ? __alloc_file+0x2e/0x1a0 [ 279.930067][T27757] __should_failslab+0x81/0x90 [ 279.940132][T27746] truncated [ 279.943372][T27757] should_failslab+0x5/0x20 [ 279.978400][T27757] kmem_cache_alloc+0x46/0x2f0 [ 279.983140][T27757] __alloc_file+0x2e/0x1a0 [ 279.987533][T27757] alloc_empty_file+0xcd/0x1c0 [ 279.992348][T27757] path_openat+0x6a/0x20b0 [ 279.996740][T27757] ? avc_has_perm_noaudit+0x19a/0x240 [ 280.002117][T27757] ? avc_has_perm+0x59/0x150 [ 280.006695][T27757] ? avc_has_perm+0xc8/0x150 [ 280.011283][T27757] do_filp_open+0xd9/0x1f0 [ 280.015696][T27757] ? __virt_addr_valid+0x15a/0x1a0 [ 280.020788][T27757] ? __check_object_size+0x253/0x310 [ 280.026054][T27757] ? _find_next_bit+0x16a/0x190 [ 280.030972][T27757] ? alloc_fd+0x388/0x3e0 [ 280.035284][T27757] do_sys_openat2+0xa3/0x250 08:40:57 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0xf000000) [ 280.039882][T27757] ? __fget_light+0x21b/0x260 [ 280.044548][T27757] __x64_sys_openat+0xef/0x110 [ 280.049384][T27757] do_syscall_64+0x4a/0x90 [ 280.053787][T27757] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 280.059735][T27757] RIP: 0033:0x4196c4 [ 280.063615][T27757] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 280.083266][T27757] RSP: 002b:00007faa1f1e6e20 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 280.091668][T27757] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 00000000004196c4 [ 280.099637][T27757] RDX: 0000000000000002 RSI: 00007faa1f1e6f40 RDI: 00000000ffffff9c [ 280.107588][T27757] RBP: 00007faa1f1e6f40 R08: 0000000000000000 R09: 0000000000000000 [ 280.115553][T27757] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 280.123513][T27757] R13: 0000000000000004 R14: 00000000200000f0 R15: 000000000000000a 08:40:57 executing program 5 (fault-call:0 fault-nth:12): syz_read_part_table(0x0, 0xa, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 280.143770][T27709] loop3: p1 p2 p3 p4 [ 280.148351][T27709] loop3: p1 start 487 is beyond EOD, truncated [ 280.154604][T27709] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 280.162699][T27753] new mount options do not match the existing superblock, will be ignored [ 280.178579][T27709] loop3: p3 start 225 is beyond EOD, truncated [ 280.183502][T27779] FAULT_INJECTION: forcing a failure. 08:40:57 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x600, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 280.183502][T27779] name failslab, interval 1, probability 0, space 0, times 0 [ 280.184789][T27709] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 280.197348][T27779] CPU: 0 PID: 27779 Comm: syz-executor.5 Not tainted 5.13.0-rc5-syzkaller #0 [ 280.213181][T27779] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 280.213561][T27746] loop0: detected capacity change from 0 to 264192 [ 280.223226][T27779] Call Trace: [ 280.223234][T27779] dump_stack+0x137/0x19d [ 280.237321][T27779] should_fail+0x23c/0x250 [ 280.241727][T27779] ? security_file_alloc+0x30/0x190 [ 280.246917][T27779] __should_failslab+0x81/0x90 [ 280.251765][T27779] should_failslab+0x5/0x20 [ 280.256259][T27779] kmem_cache_alloc+0x46/0x2f0 [ 280.261089][T27779] security_file_alloc+0x30/0x190 [ 280.266104][T27779] __alloc_file+0x83/0x1a0 [ 280.270542][T27779] alloc_empty_file+0xcd/0x1c0 [ 280.275285][T27779] path_openat+0x6a/0x20b0 [ 280.279755][T27779] ? avc_has_perm_noaudit+0x19a/0x240 [ 280.285131][T27779] ? avc_has_perm+0x59/0x150 [ 280.289704][T27779] ? avc_has_perm+0xc8/0x150 [ 280.294328][T27779] do_filp_open+0xd9/0x1f0 [ 280.298753][T27779] ? __virt_addr_valid+0x15a/0x1a0 [ 280.303875][T27779] ? __check_object_size+0x253/0x310 [ 280.309152][T27779] ? _find_next_bit+0x16a/0x190 [ 280.313995][T27779] ? alloc_fd+0x388/0x3e0 [ 280.318300][T27779] do_sys_openat2+0xa3/0x250 [ 280.322968][T27779] ? __fget_light+0x21b/0x260 [ 280.327646][T27779] __x64_sys_openat+0xef/0x110 [ 280.332438][T27779] do_syscall_64+0x4a/0x90 [ 280.336833][T27779] entry_SYSCALL_64_after_hwframe+0x44/0xae 08:40:57 executing program 1: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x520) [ 280.342724][T27779] RIP: 0033:0x4196c4 [ 280.346613][T27779] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 280.366211][T27779] RSP: 002b:00007faa1f1e6e20 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 280.374650][T27779] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 00000000004196c4 [ 280.382599][T27779] RDX: 0000000000000002 RSI: 00007faa1f1e6f40 RDI: 00000000ffffff9c [ 280.390578][T27779] RBP: 00007faa1f1e6f40 R08: 0000000000000000 R09: 0000000000000000 [ 280.398613][T27779] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 280.406562][T27779] R13: 0000000000000004 R14: 00000000200000f0 R15: 000000000000000a 08:40:57 executing program 3: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0203bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:57 executing program 5 (fault-call:0 fault-nth:13): syz_read_part_table(0x0, 0xa, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 280.440020][T27790] new mount options do not match the existing superblock, will be ignored [ 280.453551][T27746] loop0: p1 p2 p3 p4 [ 280.457643][ T1135] loop3: p1 p2 p3 p4 [ 280.461735][ T1135] loop3: p1 start 487 is beyond EOD, truncated [ 280.467915][ T1135] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 280.471251][T27795] FAULT_INJECTION: forcing a failure. [ 280.471251][T27795] name failslab, interval 1, probability 0, space 0, times 0 [ 280.475755][T27790] loop4: detected capacity change from 0 to 3 [ 280.487607][T27795] CPU: 1 PID: 27795 Comm: syz-executor.5 Not tainted 5.13.0-rc5-syzkaller #0 [ 280.494666][ T1135] loop3: p3 start 225 is beyond EOD, [ 280.502393][T27795] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 280.502405][T27795] Call Trace: [ 280.502412][T27795] dump_stack+0x137/0x19d [ 280.507770][ T1135] truncated [ 280.517805][T27795] should_fail+0x23c/0x250 [ 280.517826][T27795] ? loop_set_status_from_info+0x3a0/0x3a0 [ 280.521077][ T1135] loop3: p4 size 3657465856 extends beyond EOD, [ 280.525374][T27795] __should_failslab+0x81/0x90 [ 280.528485][ T1135] truncated [ 280.552824][T27795] ? __kthread_create_on_node+0x7a/0x290 [ 280.558448][T27795] should_failslab+0x5/0x20 [ 280.562928][T27795] kmem_cache_alloc_trace+0x49/0x310 [ 280.568193][T27795] ? loop_set_status_from_info+0x3a0/0x3a0 [ 280.574195][T27795] __kthread_create_on_node+0x7a/0x290 [ 280.579704][T27795] ? lo_open+0x93/0xa0 [ 280.583789][T27795] ? __blkdev_get+0xc1/0x6d0 [ 280.588418][T27795] ? loop_set_status_from_info+0x3a0/0x3a0 [ 280.594199][T27795] kthread_create_on_node+0x72/0xa0 [ 280.599377][T27795] loop_configure+0x597/0xcb0 [ 280.604082][T27795] ? mntput+0x45/0x70 [ 280.608052][T27795] lo_ioctl+0x555/0x11f0 [ 280.612282][T27795] ? path_openat+0x19ab/0x20b0 [ 280.617040][T27795] ? putname+0xa5/0xc0 [ 280.621084][T27795] ? ___cache_free+0x3c/0x300 [ 280.625771][T27795] ? blkdev_common_ioctl+0x9c3/0x1040 [ 280.631124][T27795] ? selinux_file_ioctl+0x8e0/0x970 [ 280.636299][T27795] ? lo_release+0x120/0x120 [ 280.640780][T27795] blkdev_ioctl+0x1d0/0x3c0 [ 280.645260][T27795] block_ioctl+0x6d/0x80 [ 280.649487][T27795] ? blkdev_iopoll+0x70/0x70 [ 280.654057][T27795] __se_sys_ioctl+0xcb/0x140 [ 280.658715][T27795] __x64_sys_ioctl+0x3f/0x50 [ 280.663287][T27795] do_syscall_64+0x4a/0x90 [ 280.667763][T27795] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 280.673739][T27795] RIP: 0033:0x466397 [ 280.677630][T27795] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 280.697216][T27795] RSP: 002b:00007faa1f1e6e98 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 280.705618][T27795] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397 [ 280.713576][T27795] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 280.721522][T27795] RBP: 0000000000000005 R08: 0000000000000000 R09: 0000000000000000 [ 280.729473][T27795] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 08:40:57 executing program 5 (fault-call:0 fault-nth:14): syz_read_part_table(0x0, 0xa, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 280.737420][T27795] R13: 0000000000000004 R14: 00000000200000f0 R15: 000000000000000a [ 280.745646][T27746] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 280.754024][T27746] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 280.761716][T27746] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 280.780869][T27807] FAULT_INJECTION: forcing a failure. [ 280.780869][T27807] name failslab, interval 1, probability 0, space 0, times 0 [ 280.793499][T27807] CPU: 1 PID: 27807 Comm: syz-executor.5 Not tainted 5.13.0-rc5-syzkaller #0 [ 280.802448][T27807] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 280.812347][T27790] new mount options do not match the existing superblock, will be ignored [ 280.812481][T27807] Call Trace: [ 280.824237][T27807] dump_stack+0x137/0x19d [ 280.828604][T27807] should_fail+0x23c/0x250 [ 280.833088][T27807] ? __kernfs_new_node+0x6a/0x330 [ 280.838109][T27807] __should_failslab+0x81/0x90 [ 280.842878][T27807] should_failslab+0x5/0x20 [ 280.847395][T27807] kmem_cache_alloc+0x46/0x2f0 [ 280.852185][T27807] ? kvm_sched_clock_read+0xd/0x20 [ 280.857279][T27807] __kernfs_new_node+0x6a/0x330 [ 280.862128][T27807] ? select_task_rq_fair+0x186/0xc00 [ 280.867415][T27807] ? rb_insert_color+0x2fa/0x310 [ 280.872339][T27807] ? kcsan_setup_watchpoint+0x231/0x3e0 [ 280.877941][T27807] kernfs_create_dir_ns+0x5e/0x140 [ 280.883057][T27807] internal_create_group+0x138/0x850 [ 280.888335][T27807] ? enqueue_task_fair+0xcd/0x510 [ 280.893338][T27807] sysfs_create_group+0x1b/0x20 [ 280.898251][T27807] loop_configure+0xa21/0xcb0 [ 280.902974][T27807] lo_ioctl+0x555/0x11f0 [ 280.907215][T27807] ? path_openat+0x19ab/0x20b0 [ 280.912029][T27807] ? putname+0xa5/0xc0 [ 280.916075][T27807] ? ___cache_free+0x3c/0x300 [ 280.920737][T27807] ? blkdev_common_ioctl+0x9c3/0x1040 [ 280.926102][T27807] ? selinux_file_ioctl+0x8e0/0x970 [ 280.931275][T27807] ? lo_release+0x120/0x120 [ 280.935756][T27807] blkdev_ioctl+0x1d0/0x3c0 [ 280.940272][T27807] block_ioctl+0x6d/0x80 [ 280.944515][T27807] ? blkdev_iopoll+0x70/0x70 [ 280.949082][T27807] __se_sys_ioctl+0xcb/0x140 [ 280.953658][T27807] __x64_sys_ioctl+0x3f/0x50 [ 280.958327][T27807] do_syscall_64+0x4a/0x90 [ 280.962726][T27807] ? irqentry_exit_to_user_mode+0x5/0x20 [ 280.968467][T27807] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 280.974374][T27807] RIP: 0033:0x466397 [ 280.978238][T27807] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 280.997819][T27807] RSP: 002b:00007faa1f1e6e98 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 281.006206][T27807] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397 [ 281.014201][T27807] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 281.022146][T27807] RBP: 0000000000000005 R08: 0000000000000000 R09: 0000000000000000 [ 281.030087][T27807] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 08:40:58 executing program 0: syz_read_part_table(0xf6ffffff00000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:58 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x604, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) 08:40:58 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x10000000) [ 281.038027][T27807] R13: 0000000000000004 R14: 00000000200000f0 R15: 000000000000000a [ 281.046006][T27807] loop5: detected capacity change from 0 to 1 [ 281.074365][T27814] new mount options do not match the existing superblock, will be ignored [ 281.083805][T27814] loop4: detected capacity change from 0 to 3 [ 281.094837][T27822] loop3: detected capacity change from 0 to 1 [ 281.103616][T27807] loop5: p1 p2 p4 [ 281.107555][T27807] loop5: p1 start 487 is beyond EOD, truncated [ 281.113762][T27807] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 281.117710][T27814] new mount options do not match the existing superblock, will be ignored [ 281.129723][T27832] loop0: detected capacity change from 0 to 264192 [ 281.136561][T27807] loop5: p4 size 3657465856 extends beyond EOD, truncated 08:40:58 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x700, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) 08:40:58 executing program 5 (fault-call:0 fault-nth:15): syz_read_part_table(0x0, 0xa, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 281.136751][T27822] loop3: p1 p2 p3 p4 [ 281.147952][T27822] loop3: p1 start 487 is beyond EOD, truncated [ 281.154183][T27822] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 281.161723][T27832] loop0: p1 p2 p3 p4 [ 281.166915][T27832] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 281.177804][T27822] loop3: p3 start 225 is beyond EOD, truncated [ 281.184005][T27822] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 281.184661][T27846] new mount options do not match the existing superblock, will be ignored [ 281.191966][T27832] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 281.224983][T27846] loop4: detected capacity change from 0 to 3 [ 281.230341][T27832] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 281.231902][T27857] FAULT_INJECTION: forcing a failure. 08:40:58 executing program 0: syz_read_part_table(0xfbffffff00000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:58 executing program 1: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x600) [ 281.231902][T27857] name failslab, interval 1, probability 0, space 0, times 0 [ 281.250788][T27857] CPU: 0 PID: 27857 Comm: syz-executor.5 Not tainted 5.13.0-rc5-syzkaller #0 [ 281.259538][T27857] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 281.269595][T27857] Call Trace: [ 281.272868][T27857] dump_stack+0x137/0x19d [ 281.277226][T27857] should_fail+0x23c/0x250 [ 281.281663][T27857] ? __kernfs_new_node+0x6a/0x330 [ 281.286677][T27857] __should_failslab+0x81/0x90 [ 281.291520][T27857] should_failslab+0x5/0x20 [ 281.296017][T27857] kmem_cache_alloc+0x46/0x2f0 [ 281.300774][T27857] ? __cond_resched+0x11/0x40 [ 281.305503][T27857] __kernfs_new_node+0x6a/0x330 [ 281.310408][T27857] ? idr_alloc_cyclic+0x249/0x2d0 [ 281.315434][T27857] ? rb_insert_color+0x7e/0x310 [ 281.320279][T27857] kernfs_new_node+0x5b/0xd0 [ 281.324902][T27857] __kernfs_create_file+0x45/0x1a0 [ 281.330009][T27857] sysfs_add_file_mode_ns+0x1c1/0x250 [ 281.335397][T27857] internal_create_group+0x2e4/0x850 [ 281.340756][T27857] sysfs_create_group+0x1b/0x20 [ 281.345673][T27857] loop_configure+0xa21/0xcb0 [ 281.350453][T27857] lo_ioctl+0x555/0x11f0 [ 281.354666][T27857] ? path_openat+0x19ab/0x20b0 [ 281.359490][T27857] ? putname+0xa5/0xc0 [ 281.363539][T27857] ? ___cache_free+0x3c/0x300 [ 281.368270][T27857] ? blkdev_common_ioctl+0x9c3/0x1040 [ 281.373614][T27857] ? selinux_file_ioctl+0x8e0/0x970 [ 281.379391][T27857] ? lo_release+0x120/0x120 [ 281.383875][T27857] blkdev_ioctl+0x1d0/0x3c0 [ 281.388416][T27857] block_ioctl+0x6d/0x80 [ 281.392632][T27857] ? blkdev_iopoll+0x70/0x70 [ 281.397273][T27857] __se_sys_ioctl+0xcb/0x140 [ 281.401847][T27857] __x64_sys_ioctl+0x3f/0x50 [ 281.406417][T27857] do_syscall_64+0x4a/0x90 [ 281.410830][T27857] ? irqentry_exit_to_user_mode+0x5/0x20 [ 281.416447][T27857] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 281.422371][T27857] RIP: 0033:0x466397 [ 281.426349][T27857] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 281.446133][T27857] RSP: 002b:00007faa1f1e6e98 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 281.454593][T27857] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397 [ 281.462546][T27857] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 281.470497][T27857] RBP: 0000000000000005 R08: 0000000000000000 R09: 0000000000000000 [ 281.478469][T27857] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 281.486482][T27857] R13: 0000000000000004 R14: 00000000200000f0 R15: 000000000000000a [ 281.494602][T27857] loop5: detected capacity change from 0 to 1 [ 281.513654][T27822] loop3: detected capacity change from 0 to 1 [ 281.513701][ T1135] loop5: p1 p2 p4 [ 281.520206][T27846] new mount options do not match the existing superblock, will be ignored [ 281.536433][ T1135] loop5: p1 start 487 is beyond EOD, truncated 08:40:58 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x900, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 281.542709][ T1135] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 281.551434][T27870] loop0: detected capacity change from 0 to 264192 [ 281.559278][ T1135] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 281.564554][T27822] loop3: p1 p2 p3 p4 [ 281.571014][T27822] loop3: p1 start 487 is beyond EOD, truncated [ 281.571974][T27857] loop5: p1 p2 p4 [ 281.577220][T27822] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 281.581641][T27857] loop5: p1 start 487 is beyond EOD, truncated [ 281.590677][T27822] loop3: p3 start 225 is beyond EOD, [ 281.595254][T27857] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 281.598481][T27898] new mount options do not match the existing superblock, will be ignored [ 281.600641][T27822] truncated [ 281.600645][T27822] loop3: p4 size 3657465856 extends beyond EOD, [ 281.613466][T27857] loop5: p4 size 3657465856 extends beyond EOD, [ 281.616240][T27822] truncated [ 281.617143][T27870] loop0: p1 p2 p3 p4 [ 281.619361][T27857] truncated 08:40:58 executing program 5 (fault-call:0 fault-nth:16): syz_read_part_table(0x0, 0xa, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 281.619520][T27898] loop4: detected capacity change from 0 to 4 [ 281.632508][T27870] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 281.655807][T27870] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 281.663311][T27870] loop0: p4 size 3657465856 extends beyond EOD, truncated 08:40:58 executing program 3: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0204bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:58 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0xa00, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 281.693929][T27898] new mount options do not match the existing superblock, will be ignored [ 281.726067][T27870] loop0: detected capacity change from 0 to 264192 [ 281.736481][T27927] FAULT_INJECTION: forcing a failure. [ 281.736481][T27927] name failslab, interval 1, probability 0, space 0, times 0 [ 281.748071][T27930] new mount options do not match the existing superblock, will be ignored [ 281.749159][T27927] CPU: 0 PID: 27927 Comm: syz-executor.5 Not tainted 5.13.0-rc5-syzkaller #0 [ 281.758859][T27930] loop4: detected capacity change from 0 to 5 [ 281.766367][T27927] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 281.766380][T27927] Call Trace: [ 281.766387][T27927] dump_stack+0x137/0x19d [ 281.766411][T27927] should_fail+0x23c/0x250 [ 281.794513][T27927] ? __kernfs_new_node+0x6a/0x330 [ 281.799516][T27927] __should_failslab+0x81/0x90 [ 281.804334][T27927] should_failslab+0x5/0x20 [ 281.808834][T27927] kmem_cache_alloc+0x46/0x2f0 [ 281.813593][T27927] __kernfs_new_node+0x6a/0x330 [ 281.818490][T27927] ? __cond_resched+0x11/0x40 [ 281.823144][T27927] ? mutex_lock+0x9/0x30 [ 281.827393][T27927] kernfs_new_node+0x5b/0xd0 [ 281.831958][T27927] __kernfs_create_file+0x45/0x1a0 [ 281.837063][T27927] sysfs_add_file_mode_ns+0x1c1/0x250 [ 281.842444][T27927] internal_create_group+0x2e4/0x850 [ 281.847756][T27927] sysfs_create_group+0x1b/0x20 [ 281.852599][T27927] loop_configure+0xa21/0xcb0 [ 281.857307][T27927] lo_ioctl+0x555/0x11f0 [ 281.861843][T27927] ? path_openat+0x19ab/0x20b0 [ 281.866604][T27927] ? putname+0xa5/0xc0 [ 281.870647][T27927] ? ___cache_free+0x3c/0x300 [ 281.875343][T27927] ? blkdev_common_ioctl+0x9c3/0x1040 [ 281.880764][T27927] ? selinux_file_ioctl+0x8e0/0x970 [ 281.885950][T27927] ? lo_release+0x120/0x120 [ 281.890458][T27927] blkdev_ioctl+0x1d0/0x3c0 [ 281.895057][T27927] block_ioctl+0x6d/0x80 [ 281.899283][T27927] ? blkdev_iopoll+0x70/0x70 [ 281.903849][T27927] __se_sys_ioctl+0xcb/0x140 [ 281.908651][T27927] __x64_sys_ioctl+0x3f/0x50 [ 281.913234][T27927] do_syscall_64+0x4a/0x90 [ 281.917625][T27927] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 281.923587][T27927] RIP: 0033:0x466397 [ 281.927469][T27927] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 281.947088][T27927] RSP: 002b:00007faa1f1e6e98 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 281.955570][T27927] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397 [ 281.963533][T27927] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 281.971497][T27927] RBP: 0000000000000005 R08: 0000000000000000 R09: 0000000000000000 [ 281.979514][T27927] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 281.987461][T27927] R13: 0000000000000004 R14: 00000000200000f0 R15: 000000000000000a 08:40:59 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x11000000) [ 282.002875][T27870] loop0: p1 p2 p3 p4 [ 282.004219][T27927] loop5: detected capacity change from 0 to 1 [ 282.010244][T27870] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 282.027950][T27930] new mount options do not match the existing superblock, will be ignored [ 282.036259][T27870] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 282.043714][T27927] loop5: p1 p2 p4 08:40:59 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0xb00, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 282.047695][T27927] loop5: p1 start 487 is beyond EOD, truncated [ 282.053943][T27927] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 282.061956][T27949] loop3: detected capacity change from 0 to 1 [ 282.062275][T27870] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 282.076832][T27927] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 282.093542][T27956] new mount options do not match the existing superblock, will be ignored 08:40:59 executing program 0: syz_read_part_table(0xfdfdffff00000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 282.106075][ T1135] loop5: p1 p2 p4 [ 282.109907][T27956] loop4: detected capacity change from 0 to 5 [ 282.115528][T27949] loop3: p1 p2 p3 p4 [ 282.117725][ T1135] loop5: p1 start 487 is beyond EOD, truncated [ 282.120214][T27949] loop3: p1 start 487 is beyond EOD, [ 282.126120][ T1135] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 282.127894][ T1135] loop5: p4 size 3657465856 extends beyond EOD, [ 282.131509][T27949] truncated [ 282.131514][T27949] loop3: p2 size 1073872896 extends beyond EOD, truncated 08:40:59 executing program 1: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x700) 08:40:59 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0xc00, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) 08:40:59 executing program 5 (fault-call:0 fault-nth:17): syz_read_part_table(0x0, 0xa, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 282.138624][ T1135] truncated [ 282.146953][T27949] loop3: p3 start 225 is beyond EOD, truncated [ 282.159558][ T1135] loop5: p1 p2 p4 [ 282.164436][T27949] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 282.176118][T27956] new mount options do not match the existing superblock, will be ignored [ 282.178854][ T1135] loop5: p1 start 487 is beyond EOD, truncated [ 282.190762][ T1135] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 282.198637][ T1135] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 282.228735][T27987] loop0: detected capacity change from 0 to 264192 [ 282.228803][T27949] loop3: detected capacity change from 0 to 1 [ 282.241512][T27994] new mount options do not match the existing superblock, will be ignored [ 282.250923][T27994] loop4: detected capacity change from 0 to 6 [ 282.262933][T27949] loop3: p1 p2 p3 p4 [ 282.262949][T27987] loop0: p1 p2 p3 p4 [ 282.267096][T27949] loop3: p1 start 487 is beyond EOD, truncated [ 282.274421][T27987] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 282.277129][T27949] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 282.284490][T27987] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 282.294165][T28004] FAULT_INJECTION: forcing a failure. [ 282.294165][T28004] name failslab, interval 1, probability 0, space 0, times 0 [ 282.299304][T27987] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 282.311243][T28004] CPU: 1 PID: 28004 Comm: syz-executor.5 Not tainted 5.13.0-rc5-syzkaller #0 [ 282.327053][T28004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 282.329627][T27949] loop3: p3 start 225 is beyond EOD, [ 282.337085][T28004] Call Trace: [ 282.337093][T28004] dump_stack+0x137/0x19d [ 282.342510][T27949] truncated [ 282.342515][T27949] loop3: p4 size 3657465856 extends beyond EOD, [ 282.345773][T28004] should_fail+0x23c/0x250 [ 282.345793][T28004] ? __kernfs_new_node+0x6a/0x330 [ 282.350093][T27949] truncated [ 282.371974][T28004] __should_failslab+0x81/0x90 [ 282.376775][T28004] should_failslab+0x5/0x20 [ 282.381255][T28004] kmem_cache_alloc+0x46/0x2f0 [ 282.385998][T28004] __kernfs_new_node+0x6a/0x330 [ 282.390893][T28004] ? __cond_resched+0x11/0x40 [ 282.395587][T28004] ? mutex_lock+0x9/0x30 [ 282.399885][T28004] kernfs_new_node+0x5b/0xd0 [ 282.404454][T28004] __kernfs_create_file+0x45/0x1a0 [ 282.409599][T28004] sysfs_add_file_mode_ns+0x1c1/0x250 [ 282.414948][T28004] internal_create_group+0x2e4/0x850 [ 282.420305][T28004] sysfs_create_group+0x1b/0x20 [ 282.425162][T28004] loop_configure+0xa21/0xcb0 [ 282.429822][T28004] lo_ioctl+0x555/0x11f0 [ 282.434154][T28004] ? path_openat+0x19ab/0x20b0 [ 282.438911][T28004] ? putname+0xa5/0xc0 [ 282.443242][T28004] ? ___cache_free+0x3c/0x300 [ 282.447917][T28004] ? blkdev_common_ioctl+0x9c3/0x1040 [ 282.453308][T28004] ? selinux_file_ioctl+0x8e0/0x970 [ 282.458520][T28004] ? lo_release+0x120/0x120 [ 282.463001][T28004] blkdev_ioctl+0x1d0/0x3c0 [ 282.467483][T28004] block_ioctl+0x6d/0x80 [ 282.471813][T28004] ? blkdev_iopoll+0x70/0x70 [ 282.476385][T28004] __se_sys_ioctl+0xcb/0x140 [ 282.481142][T28004] __x64_sys_ioctl+0x3f/0x50 [ 282.485825][T28004] do_syscall_64+0x4a/0x90 [ 282.490218][T28004] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 282.496088][T28004] RIP: 0033:0x466397 [ 282.499999][T28004] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 282.519583][T28004] RSP: 002b:00007faa1f1e6e98 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 282.527970][T28004] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397 [ 282.535918][T28004] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 282.543868][T28004] RBP: 0000000000000005 R08: 0000000000000000 R09: 0000000000000000 [ 282.551816][T28004] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 282.559769][T28004] R13: 0000000000000004 R14: 00000000200000f0 R15: 000000000000000a [ 282.568129][T28004] loop5: detected capacity change from 0 to 1 [ 282.573799][ T1135] loop3: p1 p2 p3 p4 08:40:59 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0xd00, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 282.574537][T27994] new mount options do not match the existing superblock, will be ignored [ 282.578200][ T1135] loop3: p1 start 487 is beyond EOD, truncated [ 282.592982][ T1135] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 282.612184][ T1135] loop3: p3 start 225 is beyond EOD, truncated [ 282.612939][T27987] loop0: detected capacity change from 0 to 264192 [ 282.618438][ T1135] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 282.631439][T28029] new mount options do not match the existing superblock, will be ignored [ 282.641995][T28029] loop4: detected capacity change from 0 to 6 [ 282.642815][T28004] loop5: p1 p2 p4 [ 282.651937][T27987] loop0: p1 p2 p3 p4 [ 282.652085][T28004] loop5: p1 start 487 is beyond EOD, truncated [ 282.662160][T28004] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 282.669431][T27987] loop0: p2 size 1073872896 extends beyond EOD, truncated 08:40:59 executing program 3: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0205bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:59 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0xe00, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 282.669759][T28004] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 282.684470][ T1135] loop3: p1 p2 p3 p4 [ 282.688482][ T1135] loop3: p1 start 487 is beyond EOD, truncated [ 282.694753][ T1135] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 282.698323][T28029] new mount options do not match the existing superblock, will be ignored [ 282.702316][T27987] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 282.722950][ T1135] loop3: p3 start 225 is beyond EOD, truncated 08:40:59 executing program 5 (fault-call:0 fault-nth:18): syz_read_part_table(0x0, 0xa, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:40:59 executing program 0: syz_read_part_table(0xfdffffff00000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 282.723848][T27987] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 282.729184][ T1135] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 282.757855][T28051] new mount options do not match the existing superblock, will be ignored [ 282.767347][T28051] loop4: detected capacity change from 0 to 7 [ 282.811628][T28062] FAULT_INJECTION: forcing a failure. [ 282.811628][T28062] name failslab, interval 1, probability 0, space 0, times 0 [ 282.824294][T28062] CPU: 1 PID: 28062 Comm: syz-executor.5 Not tainted 5.13.0-rc5-syzkaller #0 [ 282.833060][T28062] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 282.839026][T28051] new mount options do not match the existing superblock, will be ignored [ 282.843112][T28062] Call Trace: [ 282.843120][T28062] dump_stack+0x137/0x19d 08:41:00 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x1020, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) 08:41:00 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x12000000) [ 282.843144][T28062] should_fail+0x23c/0x250 [ 282.863615][T28062] ? __kernfs_new_node+0x6a/0x330 [ 282.866921][T28071] loop3: detected capacity change from 0 to 1 [ 282.868638][T28062] __should_failslab+0x81/0x90 [ 282.868663][T28062] should_failslab+0x5/0x20 [ 282.883943][T28062] kmem_cache_alloc+0x46/0x2f0 [ 282.888703][T28062] __kernfs_new_node+0x6a/0x330 [ 282.893544][T28062] ? __cond_resched+0x11/0x40 [ 282.898295][T28062] ? mutex_lock+0x9/0x30 [ 282.902531][T28062] kernfs_new_node+0x5b/0xd0 [ 282.907253][T28062] __kernfs_create_file+0x45/0x1a0 [ 282.912359][T28062] sysfs_add_file_mode_ns+0x1c1/0x250 [ 282.917911][T28062] internal_create_group+0x2e4/0x850 [ 282.923188][T28062] sysfs_create_group+0x1b/0x20 [ 282.928018][T28062] loop_configure+0xa21/0xcb0 [ 282.932670][T28062] lo_ioctl+0x555/0x11f0 [ 282.936906][T28062] ? path_openat+0x19ab/0x20b0 [ 282.941793][T28062] ? putname+0xa5/0xc0 [ 282.945848][T28062] ? ___cache_free+0x3c/0x300 [ 282.950518][T28062] ? blkdev_common_ioctl+0x9c3/0x1040 [ 282.955870][T28062] ? selinux_file_ioctl+0x8e0/0x970 [ 282.961046][T28062] ? lo_release+0x120/0x120 [ 282.965525][T28062] blkdev_ioctl+0x1d0/0x3c0 [ 282.970014][T28062] block_ioctl+0x6d/0x80 [ 282.974316][T28062] ? blkdev_iopoll+0x70/0x70 [ 282.978885][T28062] __se_sys_ioctl+0xcb/0x140 [ 282.983461][T28062] __x64_sys_ioctl+0x3f/0x50 [ 282.988096][T28062] do_syscall_64+0x4a/0x90 [ 282.992494][T28062] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 282.998395][T28062] RIP: 0033:0x466397 08:41:00 executing program 1: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x900) [ 283.002272][T28062] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 283.021907][T28062] RSP: 002b:00007faa1f1e6e98 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 283.030318][T28062] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397 [ 283.038282][T28062] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 283.046235][T28062] RBP: 0000000000000005 R08: 0000000000000000 R09: 0000000000000000 [ 283.054235][T28062] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 283.062198][T28062] R13: 0000000000000004 R14: 00000000200000f0 R15: 000000000000000a [ 283.077699][T28062] loop5: detected capacity change from 0 to 1 [ 283.091987][T28083] new mount options do not match the existing superblock, will be ignored [ 283.101597][T28071] loop3: p1 p2 p3 p4 [ 283.106039][ T1135] loop5: p1 p2 p4 [ 283.107604][T28071] loop3: p1 start 487 is beyond EOD, truncated [ 283.110306][ T1135] loop5: p1 start 487 is beyond EOD, truncated [ 283.115952][T28071] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 283.122088][ T1135] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 283.131354][T28083] loop4: detected capacity change from 0 to 8 [ 283.142640][T28064] loop0: detected capacity change from 0 to 264192 [ 283.149629][ T1135] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 283.149645][T28071] loop3: p3 start 225 is beyond EOD, truncated [ 283.162915][T28071] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 283.171083][T28062] loop5: p1 p2 p4 [ 283.175933][T28083] new mount options do not match the existing superblock, will be ignored [ 283.182548][T28062] loop5: p1 start 487 is beyond EOD, truncated [ 283.184919][T28064] loop0: p1 p2 p3 p4 [ 283.190612][T28062] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 283.193090][T28062] loop5: p4 size 3657465856 extends beyond EOD, truncated 08:41:00 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x1100, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 283.203847][T28064] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 283.217999][T28064] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 283.226772][T28064] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 283.240137][T28071] loop3: detected capacity change from 0 to 1 [ 283.246716][T28118] new mount options do not match the existing superblock, will be ignored [ 283.256473][T28118] loop4: detected capacity change from 0 to 8 08:41:00 executing program 5 (fault-call:0 fault-nth:19): syz_read_part_table(0x0, 0xa, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 283.273107][T28071] loop3: p1 p2 p3 p4 [ 283.277908][T28071] loop3: p1 start 487 is beyond EOD, truncated [ 283.284105][T28071] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 283.291294][T28129] FAULT_INJECTION: forcing a failure. [ 283.291294][T28129] name failslab, interval 1, probability 0, space 0, times 0 [ 283.292282][T28071] loop3: p3 start 225 is beyond EOD, truncated [ 283.303968][T28129] CPU: 0 PID: 28129 Comm: syz-executor.5 Not tainted 5.13.0-rc5-syzkaller #0 [ 283.310078][T28071] loop3: p4 size 3657465856 extends beyond EOD, [ 283.318805][T28129] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 283.318816][T28129] Call Trace: [ 283.318823][T28129] dump_stack+0x137/0x19d [ 283.325130][T28071] truncated [ 283.345866][T28129] should_fail+0x23c/0x250 [ 283.350346][T28129] ? __kernfs_new_node+0x6a/0x330 [ 283.355349][T28129] __should_failslab+0x81/0x90 [ 283.360106][T28129] should_failslab+0x5/0x20 [ 283.364600][T28129] kmem_cache_alloc+0x46/0x2f0 [ 283.369347][T28129] __kernfs_new_node+0x6a/0x330 [ 283.374209][T28129] ? __cond_resched+0x11/0x40 [ 283.378865][T28129] ? mutex_lock+0x9/0x30 [ 283.383083][T28129] kernfs_new_node+0x5b/0xd0 [ 283.387714][T28129] __kernfs_create_file+0x45/0x1a0 [ 283.392802][T28129] sysfs_add_file_mode_ns+0x1c1/0x250 [ 283.398251][T28129] internal_create_group+0x2e4/0x850 [ 283.403533][T28129] sysfs_create_group+0x1b/0x20 [ 283.408378][T28129] loop_configure+0xa21/0xcb0 [ 283.413032][T28129] lo_ioctl+0x555/0x11f0 [ 283.417256][T28129] ? path_openat+0x19ab/0x20b0 [ 283.422000][T28129] ? putname+0xa5/0xc0 [ 283.426042][T28129] ? ___cache_free+0x3c/0x300 [ 283.430701][T28129] ? blkdev_common_ioctl+0x9c3/0x1040 [ 283.436052][T28129] ? selinux_file_ioctl+0x8e0/0x970 [ 283.441230][T28129] ? lo_release+0x120/0x120 [ 283.445711][T28129] blkdev_ioctl+0x1d0/0x3c0 [ 283.450205][T28129] block_ioctl+0x6d/0x80 [ 283.454483][T28129] ? blkdev_iopoll+0x70/0x70 [ 283.459079][T28129] __se_sys_ioctl+0xcb/0x140 [ 283.463723][T28129] __x64_sys_ioctl+0x3f/0x50 [ 283.468310][T28129] do_syscall_64+0x4a/0x90 [ 283.472707][T28129] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 283.478669][T28129] RIP: 0033:0x466397 [ 283.482552][T28129] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 283.502133][T28129] RSP: 002b:00007faa1f1e6e98 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 283.510533][T28129] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397 [ 283.518483][T28129] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 283.526483][T28129] RBP: 0000000000000005 R08: 0000000000000000 R09: 0000000000000000 [ 283.534444][T28129] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 283.542392][T28129] R13: 0000000000000004 R14: 00000000200000f0 R15: 000000000000000a [ 283.550965][T28129] loop5: detected capacity change from 0 to 1 [ 283.559013][T28118] new mount options do not match the existing superblock, will be ignored [ 283.560259][ T1135] loop3: p1 p2 p3 p4 08:41:00 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x1200, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 283.575002][ T1135] loop3: p1 start 487 is beyond EOD, truncated [ 283.579125][T28064] loop0: detected capacity change from 0 to 264192 [ 283.581174][ T1135] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 283.595178][ T1135] loop3: p3 start 225 is beyond EOD, truncated [ 283.601374][ T1135] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 283.613397][T28151] new mount options do not match the existing superblock, will be ignored 08:41:00 executing program 3: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0206bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 283.622600][T28151] loop4: detected capacity change from 0 to 9 [ 283.623088][T28129] loop5: p1 p2 p4 [ 283.635384][T28064] loop0: p1 p2 p3 p4 [ 283.637126][T28129] loop5: p1 start 487 is beyond EOD, truncated [ 283.645590][T28129] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 283.649772][T28064] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 283.658261][T28151] new mount options do not match the existing superblock, will be ignored [ 283.660980][T28064] loop0: p3 size 1912633224 extends beyond EOD, truncated 08:41:00 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x2000, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 283.679464][T28064] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 283.691041][T28129] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 283.704996][ T1135] loop5: p1 p2 p4 [ 283.708897][ T1135] loop5: p1 start 487 is beyond EOD, truncated [ 283.710937][T28178] new mount options do not match the existing superblock, will be ignored 08:41:00 executing program 0: syz_read_part_table(0xfeffffff00000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:41:00 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x20000000) 08:41:00 executing program 5 (fault-call:0 fault-nth:20): syz_read_part_table(0x0, 0xa, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 283.715084][ T1135] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 283.722554][T28174] loop3: detected capacity change from 0 to 1 [ 283.727603][T28178] loop4: detected capacity change from 0 to 16 [ 283.734221][ T1135] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 283.762826][T28174] loop3: p1 p2 p3 p4 [ 283.766915][T28174] loop3: p1 start 487 is beyond EOD, truncated [ 283.773168][T28174] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 283.774183][T28178] new mount options do not match the existing superblock, will be ignored [ 283.796440][T28174] loop3: p3 start 225 is beyond EOD, truncated [ 283.802657][T28174] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 283.816114][ T1135] loop3: p1 p2 p3 p4 [ 283.817042][T28207] loop0: detected capacity change from 0 to 264192 08:41:01 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x2010, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 283.820353][ T1135] loop3: p1 start 487 is beyond EOD, truncated [ 283.827731][T28205] FAULT_INJECTION: forcing a failure. [ 283.827731][T28205] name failslab, interval 1, probability 0, space 0, times 0 [ 283.832791][ T1135] loop3: p2 size 1073872896 extends beyond EOD, [ 283.845372][T28205] CPU: 0 PID: 28205 Comm: syz-executor.5 Not tainted 5.13.0-rc5-syzkaller #0 [ 283.845389][T28205] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 283.851699][ T1135] truncated [ 283.865736][ T1135] loop3: p3 start 225 is beyond EOD, 08:41:01 executing program 1: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0xa00) [ 283.870495][T28205] Call Trace: [ 283.870504][T28205] dump_stack+0x137/0x19d [ 283.873617][ T1135] truncated [ 283.878948][T28205] should_fail+0x23c/0x250 [ 283.882206][ T1135] loop3: p4 size 3657465856 extends beyond EOD, [ 283.886537][T28205] ? __kernfs_new_node+0x6a/0x330 [ 283.886559][T28205] __should_failslab+0x81/0x90 [ 283.889660][ T1135] truncated [ 283.913361][T28205] should_failslab+0x5/0x20 [ 283.917858][T28205] kmem_cache_alloc+0x46/0x2f0 [ 283.922629][T28205] __kernfs_new_node+0x6a/0x330 [ 283.927472][T28205] ? __cond_resched+0x11/0x40 [ 283.932151][T28205] ? mutex_lock+0x9/0x30 [ 283.936370][T28205] kernfs_new_node+0x5b/0xd0 [ 283.940968][T28205] __kernfs_create_file+0x45/0x1a0 [ 283.946069][T28205] sysfs_add_file_mode_ns+0x1c1/0x250 [ 283.951504][T28205] internal_create_group+0x2e4/0x850 [ 283.956769][T28205] sysfs_create_group+0x1b/0x20 [ 283.961598][T28205] loop_configure+0xa21/0xcb0 [ 283.966286][T28205] lo_ioctl+0x555/0x11f0 [ 283.970521][T28205] ? path_openat+0x19ab/0x20b0 [ 283.975255][T28205] ? putname+0xa5/0xc0 [ 283.979312][T28205] ? ___cache_free+0x3c/0x300 [ 283.983965][T28205] ? blkdev_common_ioctl+0x9c3/0x1040 [ 283.989333][T28205] ? selinux_file_ioctl+0x8e0/0x970 [ 283.994504][T28205] ? lo_release+0x120/0x120 [ 283.999079][T28205] blkdev_ioctl+0x1d0/0x3c0 [ 284.003597][T28205] block_ioctl+0x6d/0x80 [ 284.007826][T28205] ? blkdev_iopoll+0x70/0x70 [ 284.012407][T28205] __se_sys_ioctl+0xcb/0x140 [ 284.017023][T28205] __x64_sys_ioctl+0x3f/0x50 [ 284.021589][T28205] do_syscall_64+0x4a/0x90 [ 284.026088][T28205] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 284.031961][T28205] RIP: 0033:0x466397 [ 284.035853][T28205] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 284.055437][T28205] RSP: 002b:00007faa1f1e6e98 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 284.063841][T28205] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397 [ 284.071791][T28205] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 284.079880][T28205] RBP: 0000000000000005 R08: 0000000000000000 R09: 0000000000000000 [ 284.087860][T28205] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 284.095899][T28205] R13: 0000000000000004 R14: 00000000200000f0 R15: 000000000000000a [ 284.104289][T28205] loop5: detected capacity change from 0 to 1 [ 284.112585][T28207] loop0: p1 p2 p3 p4 [ 284.117396][T28207] loop0: p2 size 1073872896 extends beyond EOD, truncated 08:41:01 executing program 3: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0207bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 284.125637][T28207] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 284.126315][T28222] new mount options do not match the existing superblock, will be ignored [ 284.133866][T28207] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 284.152515][T28222] loop4: detected capacity change from 0 to 16 [ 284.159246][T28205] loop5: p1 p2 p4 [ 284.163454][T28205] loop5: p1 start 487 is beyond EOD, truncated [ 284.169623][T28205] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 284.177337][T28205] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 284.186482][ T1135] loop5: p1 p2 p4 [ 284.188321][T28236] loop3: detected capacity change from 0 to 1 [ 284.190331][ T1135] loop5: p1 start 487 is beyond EOD, truncated [ 284.202497][ T1135] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 284.209883][ T1135] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 284.218361][T28222] new mount options do not match the existing superblock, will be ignored [ 284.228156][T28236] loop3: p1 p2 p3 p4 08:41:01 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x2500, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 284.235922][T28236] loop3: p1 start 487 is beyond EOD, truncated [ 284.242099][T28236] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 284.242655][T28207] loop0: detected capacity change from 0 to 264192 [ 284.256193][T28236] loop3: p3 start 225 is beyond EOD, truncated [ 284.262375][T28236] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 284.279037][ T1135] loop3: p1 p2 p3 p4 08:41:01 executing program 5 (fault-call:0 fault-nth:21): syz_read_part_table(0x0, 0xa, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 284.283131][T28266] new mount options do not match the existing superblock, will be ignored [ 284.291883][T28207] loop0: p1 p2 p3 p4 [ 284.296390][T28207] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 284.299787][T28266] loop4: detected capacity change from 0 to 18 [ 284.309288][T28207] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 284.310264][ T1135] loop3: p1 start 487 is beyond EOD, truncated [ 284.318157][T28207] loop0: p4 size 3657465856 extends beyond EOD, [ 284.322948][ T1135] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 284.323264][T28271] loop5: detected capacity change from 0 to 1 [ 284.329253][T28207] truncated [ 284.336743][ T1135] loop3: p3 start 225 is beyond EOD, [ 284.342896][T28266] new mount options do not match the existing superblock, will be ignored [ 284.345549][ T1135] truncated [ 284.345554][ T1135] loop3: p4 size 3657465856 extends beyond EOD, [ 284.361553][T28271] FAULT_INJECTION: forcing a failure. [ 284.361553][T28271] name failslab, interval 1, probability 0, space 0, times 0 [ 284.362588][ T1135] truncated [ 284.384621][T28271] CPU: 1 PID: 28271 Comm: syz-executor.5 Not tainted 5.13.0-rc5-syzkaller #0 [ 284.393473][T28271] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 284.403508][T28271] Call Trace: [ 284.406832][T28271] dump_stack+0x137/0x19d [ 284.411151][T28271] should_fail+0x23c/0x250 [ 284.415554][T28271] __should_failslab+0x81/0x90 [ 284.420300][T28271] ? kobject_uevent_env+0x1a7/0xc40 [ 284.425475][T28271] should_failslab+0x5/0x20 [ 284.429957][T28271] kmem_cache_alloc_trace+0x49/0x310 [ 284.435310][T28271] ? dev_uevent_filter+0x70/0x70 [ 284.440316][T28271] kobject_uevent_env+0x1a7/0xc40 [ 284.445323][T28271] kobject_uevent+0x18/0x20 [ 284.449828][T28271] loop_configure+0xb3c/0xcb0 [ 284.454483][T28271] lo_ioctl+0x555/0x11f0 [ 284.458700][T28271] ? path_openat+0x19ab/0x20b0 [ 284.463440][T28271] ? putname+0xa5/0xc0 [ 284.467484][T28271] ? ___cache_free+0x3c/0x300 [ 284.472141][T28271] ? blkdev_common_ioctl+0x9c3/0x1040 [ 284.477491][T28271] ? selinux_file_ioctl+0x8e0/0x970 [ 284.482662][T28271] ? lo_release+0x120/0x120 [ 284.487148][T28271] blkdev_ioctl+0x1d0/0x3c0 [ 284.491632][T28271] block_ioctl+0x6d/0x80 [ 284.495856][T28271] ? blkdev_iopoll+0x70/0x70 [ 284.500504][T28271] __se_sys_ioctl+0xcb/0x140 [ 284.505083][T28271] __x64_sys_ioctl+0x3f/0x50 [ 284.509711][T28271] do_syscall_64+0x4a/0x90 [ 284.514136][T28271] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 284.520010][T28271] RIP: 0033:0x466397 [ 284.523887][T28271] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 284.543476][T28271] RSP: 002b:00007faa1f1e6e98 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 284.551864][T28271] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397 [ 284.559813][T28271] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 284.567763][T28271] RBP: 0000000000000005 R08: 0000000000000000 R09: 0000000000000000 [ 284.575790][T28271] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 08:41:01 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x3f00, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 284.583801][T28271] R13: 0000000000000004 R14: 00000000200000f0 R15: 000000000000000a 08:41:01 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x20050000) 08:41:01 executing program 0: syz_read_part_table(0xff0f000000000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 284.610148][T28285] new mount options do not match the existing superblock, will be ignored [ 284.612009][ T1135] loop3: p1 p2 p3 p4 [ 284.623129][ T1135] loop3: p1 start 487 is beyond EOD, truncated [ 284.627498][T28285] loop4: detected capacity change from 0 to 31 [ 284.629301][ T1135] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 284.629896][ T1135] loop3: p3 start 225 is beyond EOD, truncated [ 284.648783][ T1135] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 284.652619][T28271] loop5: p1 p2 p4 08:41:01 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x4800, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 284.659680][T28271] loop5: p1 start 487 is beyond EOD, truncated [ 284.665921][T28271] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 284.674309][T28271] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 284.677057][T28285] new mount options do not match the existing superblock, will be ignored [ 284.690662][T28305] loop0: detected capacity change from 0 to 264192 08:41:01 executing program 3: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0208bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 284.709155][T28236] loop3: detected capacity change from 0 to 1 [ 284.721430][T28318] new mount options do not match the existing superblock, will be ignored [ 284.730299][T28305] loop0: p1 p2 p3 p4 [ 284.734932][T28305] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 284.747525][T28305] loop0: p3 size 1912633224 extends beyond EOD, truncated 08:41:01 executing program 5 (fault-call:0 fault-nth:22): syz_read_part_table(0x0, 0xa, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:41:01 executing program 1: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0xab8) [ 284.756188][T28318] loop4: detected capacity change from 0 to 36 [ 284.764501][T28305] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 284.773826][ T1135] loop0: p1 p2 p3 p4 [ 284.778271][ T1135] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 284.790610][ T1135] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 284.798487][ T1135] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 284.808727][T28340] loop5: detected capacity change from 0 to 1 [ 284.808839][T28347] loop3: detected capacity change from 0 to 1 [ 284.815673][T28340] FAULT_INJECTION: forcing a failure. [ 284.815673][T28340] name failslab, interval 1, probability 0, space 0, times 0 [ 284.833558][T28340] CPU: 0 PID: 28340 Comm: syz-executor.5 Not tainted 5.13.0-rc5-syzkaller #0 [ 284.842310][T28340] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 284.852383][T28340] Call Trace: [ 284.855649][T28340] dump_stack+0x137/0x19d [ 284.860026][T28340] should_fail+0x23c/0x250 [ 284.864433][T28340] ? kzalloc+0x1d/0x30 [ 284.868499][T28340] __should_failslab+0x81/0x90 [ 284.873238][T28340] should_failslab+0x5/0x20 [ 284.877885][T28340] __kmalloc+0x66/0x340 [ 284.882027][T28340] kzalloc+0x1d/0x30 [ 284.885980][T28340] kobject_get_path+0x7c/0x110 [ 284.890734][T28340] kobject_uevent_env+0x1be/0xc40 [ 284.895750][T28340] kobject_uevent+0x18/0x20 [ 284.900233][T28340] loop_configure+0xb3c/0xcb0 [ 284.904972][T28340] lo_ioctl+0x555/0x11f0 [ 284.909195][T28340] ? path_openat+0x19ab/0x20b0 [ 284.913966][T28340] ? putname+0xa5/0xc0 [ 284.918052][T28340] ? ___cache_free+0x3c/0x300 [ 284.922701][T28340] ? blkdev_common_ioctl+0x9c3/0x1040 [ 284.928100][T28340] ? selinux_file_ioctl+0x8e0/0x970 [ 284.933359][T28340] ? lo_release+0x120/0x120 [ 284.937916][T28340] blkdev_ioctl+0x1d0/0x3c0 [ 284.942390][T28340] block_ioctl+0x6d/0x80 [ 284.946606][T28340] ? blkdev_iopoll+0x70/0x70 [ 284.951217][T28340] __se_sys_ioctl+0xcb/0x140 [ 284.955789][T28340] __x64_sys_ioctl+0x3f/0x50 [ 284.960377][T28340] do_syscall_64+0x4a/0x90 [ 284.964794][T28340] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 284.970724][T28340] RIP: 0033:0x466397 [ 284.974735][T28340] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 284.994417][T28340] RSP: 002b:00007faa1f1e6e98 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 285.002806][T28340] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397 [ 285.010761][T28340] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 285.018786][T28340] RBP: 0000000000000005 R08: 0000000000000000 R09: 0000000000000000 [ 285.026743][T28340] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 285.034687][T28340] R13: 0000000000000004 R14: 00000000200000f0 R15: 000000000000000a 08:41:02 executing program 0: syz_read_part_table(0xffefffff00000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 285.062746][T28347] loop3: p1 p2 p3 p4 [ 285.063462][T28318] new mount options do not match the existing superblock, will be ignored [ 285.066962][T28347] loop3: p1 start 487 is beyond EOD, truncated [ 285.081411][T28347] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 285.096043][T28340] loop5: p1 p2 p4 [ 285.102442][T28347] loop3: p3 start 225 is beyond EOD, truncated 08:41:02 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x4c00, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) 08:41:02 executing program 5 (fault-call:0 fault-nth:23): syz_read_part_table(0x0, 0xa, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 285.107741][T28340] loop5: p1 start 487 is beyond EOD, truncated [ 285.108612][T28347] loop3: p4 size 3657465856 extends beyond EOD, [ 285.114764][T28340] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 285.121809][T28340] loop5: p4 size 3657465856 extends beyond EOD, [ 285.128197][T28347] truncated [ 285.137622][T28340] truncated [ 285.141361][T28365] loop0: detected capacity change from 0 to 264192 [ 285.181100][T28378] new mount options do not match the existing superblock, will be ignored [ 285.189481][T28380] loop5: detected capacity change from 0 to 1 [ 285.196385][ T1135] loop0: p1 p2 p3 p4 [ 285.196898][T28380] FAULT_INJECTION: forcing a failure. [ 285.196898][T28380] name failslab, interval 1, probability 0, space 0, times 0 [ 285.201130][T28378] loop4: detected capacity change from 0 to 38 [ 285.212959][T28380] CPU: 0 PID: 28380 Comm: syz-executor.5 Not tainted 5.13.0-rc5-syzkaller #0 [ 285.212978][T28380] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 285.212988][T28380] Call Trace: [ 285.212994][T28380] dump_stack+0x137/0x19d [ 285.245411][T28380] should_fail+0x23c/0x250 [ 285.250005][T28380] __should_failslab+0x81/0x90 [ 285.254800][T28380] should_failslab+0x5/0x20 [ 285.259302][T28380] kmem_cache_alloc_node+0x58/0x2b0 [ 285.264476][T28380] ? __alloc_skb+0xed/0x420 [ 285.268954][T28380] __alloc_skb+0xed/0x420 [ 285.273322][T28380] alloc_uevent_skb+0x5b/0x120 [ 285.278059][T28380] kobject_uevent_env+0x863/0xc40 [ 285.283065][T28380] kobject_uevent+0x18/0x20 [ 285.287539][T28380] loop_configure+0xb3c/0xcb0 [ 285.292201][T28380] lo_ioctl+0x555/0x11f0 [ 285.296512][T28380] ? path_openat+0x19ab/0x20b0 [ 285.301266][T28380] ? putname+0xa5/0xc0 [ 285.305399][T28380] ? ___cache_free+0x3c/0x300 [ 285.310067][T28380] ? blkdev_common_ioctl+0x9c3/0x1040 [ 285.315450][T28380] ? selinux_file_ioctl+0x8e0/0x970 [ 285.320620][T28380] ? lo_release+0x120/0x120 [ 285.325091][T28380] blkdev_ioctl+0x1d0/0x3c0 [ 285.329563][T28380] block_ioctl+0x6d/0x80 [ 285.333780][T28380] ? blkdev_iopoll+0x70/0x70 [ 285.338341][T28380] __se_sys_ioctl+0xcb/0x140 [ 285.342904][T28380] __x64_sys_ioctl+0x3f/0x50 [ 285.347471][T28380] do_syscall_64+0x4a/0x90 [ 285.351859][T28380] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 285.357773][T28380] RIP: 0033:0x466397 [ 285.361674][T28380] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 285.381303][T28380] RSP: 002b:00007faa1f1e6e98 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 285.389687][T28380] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397 [ 285.397672][T28380] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 285.405616][T28380] RBP: 0000000000000005 R08: 0000000000000000 R09: 0000000000000000 [ 285.413567][T28380] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 285.421514][T28380] R13: 0000000000000004 R14: 00000000200000f0 R15: 000000000000000a [ 285.432313][ T1135] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 285.442076][T28347] loop3: detected capacity change from 0 to 1 [ 285.442125][ T1135] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 285.455707][ T1135] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 285.464580][T28365] loop0: p1 p2 p3 p4 [ 285.469179][T28365] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 285.476808][T28380] loop5: p1 p2 p4 08:41:02 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x25000000) [ 285.478105][T28378] new mount options do not match the existing superblock, will be ignored [ 285.480709][T28380] loop5: p1 start 487 is beyond EOD, truncated [ 285.489111][T28347] loop3: p1 p2 p3 p4 [ 285.489153][T28347] loop3: p1 start 487 is beyond EOD, [ 285.495256][T28380] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 285.499220][T28347] truncated [ 285.499224][T28347] loop3: p2 size 1073872896 extends beyond EOD, [ 285.505001][T28380] loop5: p4 size 3657465856 extends beyond EOD, [ 285.511763][T28347] truncated 08:41:02 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x6800, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 285.530715][T28380] truncated [ 285.530774][T28365] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 285.546706][T28365] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 285.564640][T28347] loop3: p3 start 225 is beyond EOD, truncated [ 285.570892][T28347] loop3: p4 size 3657465856 extends beyond EOD, truncated 08:41:02 executing program 5 (fault-call:0 fault-nth:24): syz_read_part_table(0x0, 0xa, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:41:02 executing program 3: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="020abfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 285.597232][T28365] loop0: detected capacity change from 0 to 264192 [ 285.606065][T28427] new mount options do not match the existing superblock, will be ignored [ 285.629418][T28433] loop5: detected capacity change from 0 to 1 [ 285.630153][T28427] loop4: detected capacity change from 0 to 52 [ 285.638158][T28433] FAULT_INJECTION: forcing a failure. 08:41:02 executing program 1: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0xb00) [ 285.638158][T28433] name failslab, interval 1, probability 0, space 0, times 0 [ 285.654272][T28433] CPU: 0 PID: 28433 Comm: syz-executor.5 Not tainted 5.13.0-rc5-syzkaller #0 [ 285.656865][ T1135] loop0: p1 p2 p3 p4 [ 285.663019][T28433] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 285.663038][T28433] Call Trace: [ 285.663045][T28433] dump_stack+0x137/0x19d [ 285.684601][T28433] should_fail+0x23c/0x250 [ 285.689209][T28433] __should_failslab+0x81/0x90 [ 285.693959][T28433] should_failslab+0x5/0x20 [ 285.698456][T28433] kmem_cache_alloc_node_trace+0x58/0x2e0 [ 285.704213][T28433] ? __kmalloc_node_track_caller+0x30/0x40 [ 285.710007][T28433] ? kmem_cache_alloc_node+0x1da/0x2b0 [ 285.715509][T28433] __kmalloc_node_track_caller+0x30/0x40 [ 285.721165][T28433] ? alloc_uevent_skb+0x5b/0x120 [ 285.726086][T28433] __alloc_skb+0x187/0x420 [ 285.730486][T28433] alloc_uevent_skb+0x5b/0x120 [ 285.735258][T28433] kobject_uevent_env+0x863/0xc40 [ 285.740321][T28433] kobject_uevent+0x18/0x20 [ 285.744895][T28433] loop_configure+0xb3c/0xcb0 [ 285.749636][T28433] lo_ioctl+0x555/0x11f0 [ 285.753893][T28433] ? path_openat+0x19ab/0x20b0 [ 285.758700][T28433] ? putname+0xa5/0xc0 [ 285.762784][T28433] ? ___cache_free+0x3c/0x300 [ 285.767461][T28433] ? blkdev_common_ioctl+0x9c3/0x1040 [ 285.772808][T28433] ? selinux_file_ioctl+0x8e0/0x970 [ 285.777999][T28433] ? lo_release+0x120/0x120 [ 285.782496][T28433] blkdev_ioctl+0x1d0/0x3c0 [ 285.786994][T28433] block_ioctl+0x6d/0x80 [ 285.791238][T28433] ? blkdev_iopoll+0x70/0x70 [ 285.795828][T28433] __se_sys_ioctl+0xcb/0x140 [ 285.800415][T28433] __x64_sys_ioctl+0x3f/0x50 [ 285.804997][T28433] do_syscall_64+0x4a/0x90 [ 285.809490][T28433] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 285.815436][T28433] RIP: 0033:0x466397 [ 285.819329][T28433] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 285.838918][T28433] RSP: 002b:00007faa1f1e6e98 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 285.847361][T28433] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397 [ 285.855330][T28433] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 285.863280][T28433] RBP: 0000000000000005 R08: 0000000000000000 R09: 0000000000000000 [ 285.871245][T28433] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 285.879191][T28433] R13: 0000000000000004 R14: 00000000200000f0 R15: 000000000000000a [ 285.893527][ T1135] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 285.901644][ T1135] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 285.911437][ T1135] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 285.914830][T28449] loop3: detected capacity change from 0 to 1 [ 285.924946][T28433] loop5: p1 p2 p4 [ 285.926119][T28365] loop0: p1 p2 p3 p4 [ 285.928698][T28433] loop5: p1 start 487 is beyond EOD, truncated [ 285.934526][T28427] new mount options do not match the existing superblock, will be ignored 08:41:03 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x6c00, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 285.939581][T28433] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 285.955504][T28433] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 285.956069][T28365] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 285.970508][T28365] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 285.978171][T28365] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 285.982488][T28449] loop3: p1 p2 p3 p4 08:41:03 executing program 5 (fault-call:0 fault-nth:25): syz_read_part_table(0x0, 0xa, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:41:03 executing program 0: syz_read_part_table(0xffffff7f00000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 285.993990][T28449] loop3: p1 start 487 is beyond EOD, truncated [ 286.000440][T28449] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 286.008611][T28449] loop3: p3 start 225 is beyond EOD, truncated [ 286.014779][T28449] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 286.015709][T28470] new mount options do not match the existing superblock, will be ignored [ 286.033106][T28470] loop4: detected capacity change from 0 to 54 [ 286.055349][T28449] loop3: detected capacity change from 0 to 1 [ 286.055766][ T1135] loop0: p1 p2 p3 p4 [ 286.061668][T28482] loop5: detected capacity change from 0 to 1 [ 286.066346][ T1135] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 286.072231][T28482] FAULT_INJECTION: forcing a failure. [ 286.072231][T28482] name failslab, interval 1, probability 0, space 0, times 0 [ 286.091387][T28482] CPU: 1 PID: 28482 Comm: syz-executor.5 Not tainted 5.13.0-rc5-syzkaller #0 [ 286.100144][T28482] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 286.110260][T28482] Call Trace: [ 286.113557][T28482] dump_stack+0x137/0x19d [ 286.117887][T28482] should_fail+0x23c/0x250 [ 286.122305][T28482] ? skb_clone+0x12c/0x1f0 [ 286.126717][T28482] __should_failslab+0x81/0x90 [ 286.131487][T28482] should_failslab+0x5/0x20 [ 286.135986][T28482] kmem_cache_alloc+0x46/0x2f0 [ 286.140761][T28482] skb_clone+0x12c/0x1f0 [ 286.145020][T28482] netlink_broadcast_filtered+0x50d/0xb90 [ 286.150751][T28482] ? skb_put+0xb9/0xf0 [ 286.154882][T28482] netlink_broadcast+0x35/0x50 [ 286.159624][T28482] kobject_uevent_env+0x8c9/0xc40 [ 286.164684][T28482] kobject_uevent+0x18/0x20 [ 286.169186][T28482] loop_configure+0xb3c/0xcb0 [ 286.173919][T28482] lo_ioctl+0x555/0x11f0 [ 286.178147][T28482] ? path_openat+0x19ab/0x20b0 [ 286.182991][T28482] ? putname+0xa5/0xc0 [ 286.187140][T28482] ? ___cache_free+0x3c/0x300 [ 286.191973][T28482] ? blkdev_common_ioctl+0x9c3/0x1040 [ 286.197414][T28482] ? selinux_file_ioctl+0x8e0/0x970 [ 286.202726][T28482] ? lo_release+0x120/0x120 [ 286.207228][T28482] blkdev_ioctl+0x1d0/0x3c0 [ 286.211726][T28482] block_ioctl+0x6d/0x80 [ 286.215966][T28482] ? blkdev_iopoll+0x70/0x70 [ 286.220548][T28482] __se_sys_ioctl+0xcb/0x140 [ 286.225136][T28482] __x64_sys_ioctl+0x3f/0x50 [ 286.229729][T28482] do_syscall_64+0x4a/0x90 [ 286.234233][T28482] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 286.240109][T28482] RIP: 0033:0x466397 [ 286.244000][T28482] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 286.263602][T28482] RSP: 002b:00007faa1f1e6e98 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 286.272095][T28482] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397 [ 286.280144][T28482] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 286.288144][T28482] RBP: 0000000000000005 R08: 0000000000000000 R09: 0000000000000000 [ 286.296101][T28482] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 08:41:03 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x7400, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 286.304072][T28482] R13: 0000000000000004 R14: 00000000200000f0 R15: 000000000000000a [ 286.312696][T28449] loop3: p1 p2 p3 p4 [ 286.316815][T28449] loop3: p1 start 487 is beyond EOD, truncated [ 286.318703][ T1135] loop0: p3 size 1912633224 extends beyond EOD, [ 286.322976][T28449] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 286.323284][T28470] new mount options do not match the existing superblock, will be ignored [ 286.329299][ T1135] truncated [ 286.331958][ T1135] loop0: p4 size 3657465856 extends beyond EOD, [ 286.346440][T28449] loop3: p3 start 225 is beyond EOD, [ 286.348295][ T1135] truncated [ 286.363618][T28449] truncated [ 286.366730][T28449] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 286.377528][T28482] loop5: p1 p2 p4 [ 286.381459][T28482] loop5: p1 start 487 is beyond EOD, truncated [ 286.387802][T28482] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 286.390054][T28503] new mount options do not match the existing superblock, will be ignored 08:41:03 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x48000000) 08:41:03 executing program 3: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="020ebfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 286.407740][T28482] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 286.413598][T28503] loop4: detected capacity change from 0 to 58 [ 286.431097][ T1135] loop5: p1 p2 p4 [ 286.436288][ T1135] loop5: p1 start 487 is beyond EOD, truncated [ 286.442506][ T1135] loop5: p2 size 1073872896 extends beyond EOD, truncated 08:41:03 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x7a00, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) 08:41:03 executing program 5 (fault-call:0 fault-nth:26): syz_read_part_table(0x0, 0xa, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 286.450319][T28503] new mount options do not match the existing superblock, will be ignored [ 286.460871][ T1135] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 286.460919][T28523] loop0: detected capacity change from 0 to 264192 [ 286.490745][T28532] loop3: detected capacity change from 0 to 1 08:41:03 executing program 1: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0xc00) [ 286.501678][T28538] new mount options do not match the existing superblock, will be ignored [ 286.511563][T28538] loop4: detected capacity change from 0 to 61 [ 286.518486][T28523] loop0: p1 p2 p3 p4 [ 286.522329][T28532] loop3: p1 p2 p3 p4 [ 286.526964][T28523] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 286.537115][T28532] loop3: p1 start 487 is beyond EOD, truncated [ 286.543433][T28532] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 286.550074][T28523] loop0: p3 size 1912633224 extends beyond EOD, truncated 08:41:03 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0xfeff, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 286.558403][T28532] loop3: p3 start 225 is beyond EOD, truncated [ 286.559238][T28523] loop0: p4 size 3657465856 extends beyond EOD, [ 286.564648][T28532] loop3: p4 size 3657465856 extends beyond EOD, [ 286.564654][T28523] truncated [ 286.564660][T28532] truncated [ 286.565173][T28538] new mount options do not match the existing superblock, will be ignored [ 286.572505][T28551] loop5: detected capacity change from 0 to 1 [ 286.598865][T28551] FAULT_INJECTION: forcing a failure. [ 286.598865][T28551] name failslab, interval 1, probability 0, space 0, times 0 [ 286.611479][T28551] CPU: 0 PID: 28551 Comm: syz-executor.5 Not tainted 5.13.0-rc5-syzkaller #0 [ 286.618620][T28562] new mount options do not match the existing superblock, will be ignored [ 286.620249][T28551] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 286.620260][T28551] Call Trace: [ 286.620266][T28551] dump_stack+0x137/0x19d [ 286.620287][T28551] should_fail+0x23c/0x250 [ 286.631170][T28562] loop4: detected capacity change from 0 to 127 [ 286.639066][T28551] ? skb_clone+0x12c/0x1f0 [ 286.639089][T28551] __should_failslab+0x81/0x90 [ 286.639110][T28551] should_failslab+0x5/0x20 [ 286.639125][T28551] kmem_cache_alloc+0x46/0x2f0 [ 286.676228][T28551] skb_clone+0x12c/0x1f0 [ 286.680650][T28551] netlink_broadcast_filtered+0x50d/0xb90 [ 286.686363][T28551] ? skb_put+0xb9/0xf0 [ 286.690480][T28551] netlink_broadcast+0x35/0x50 [ 286.695335][T28551] kobject_uevent_env+0x8c9/0xc40 [ 286.700367][T28551] kobject_uevent+0x18/0x20 [ 286.704886][T28551] loop_configure+0xb3c/0xcb0 [ 286.709637][T28551] lo_ioctl+0x555/0x11f0 [ 286.713897][T28551] ? path_openat+0x19ab/0x20b0 [ 286.718833][T28551] ? putname+0xa5/0xc0 [ 286.722897][T28551] ? ___cache_free+0x3c/0x300 [ 286.727596][T28551] ? blkdev_common_ioctl+0x9c3/0x1040 [ 286.733061][T28551] ? selinux_file_ioctl+0x8e0/0x970 [ 286.738257][T28551] ? lo_release+0x120/0x120 [ 286.742765][T28551] blkdev_ioctl+0x1d0/0x3c0 [ 286.747264][T28551] block_ioctl+0x6d/0x80 [ 286.751579][T28551] ? blkdev_iopoll+0x70/0x70 [ 286.756176][T28551] __se_sys_ioctl+0xcb/0x140 [ 286.760928][T28551] __x64_sys_ioctl+0x3f/0x50 [ 286.765497][T28551] do_syscall_64+0x4a/0x90 [ 286.769896][T28551] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 286.775861][T28551] RIP: 0033:0x466397 [ 286.779769][T28551] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 286.799379][T28551] RSP: 002b:00007faa1f1e6e98 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 286.807862][T28551] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397 [ 286.815818][T28551] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 286.823772][T28551] RBP: 0000000000000005 R08: 0000000000000000 R09: 0000000000000000 [ 286.831762][T28551] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 286.839731][T28551] R13: 0000000000000004 R14: 00000000200000f0 R15: 000000000000000a [ 286.852568][ T1135] loop3: p1 p2 p3 p4 [ 286.856792][ T1135] loop3: p1 start 487 is beyond EOD, truncated [ 286.863016][ T1135] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 286.870704][ T1135] loop3: p3 start 225 is beyond EOD, truncated [ 286.876938][ T1135] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 286.892340][T28551] loop5: p1 p2 p4 [ 286.896147][T28551] loop5: p1 start 487 is beyond EOD, truncated [ 286.902485][T28551] loop5: p2 size 1073872896 extends beyond EOD, truncated 08:41:04 executing program 3: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="020fbfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:41:04 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0xfffe, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) 08:41:04 executing program 5 (fault-call:0 fault-nth:27): syz_read_part_table(0x0, 0xa, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 286.911583][T28551] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 286.913509][T28562] new mount options do not match the existing superblock, will be ignored [ 286.928934][T28523] loop0: detected capacity change from 0 to 264192 [ 286.972209][T28523] loop0: p1 p2 p3 p4 [ 286.978326][T28523] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 286.984947][T28598] loop3: detected capacity change from 0 to 1 [ 286.991126][T28523] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 286.992616][T28602] new mount options do not match the existing superblock, will be ignored [ 286.999149][T28604] loop5: detected capacity change from 0 to 1 [ 287.009199][T28602] loop4: detected capacity change from 0 to 127 [ 287.013852][T28523] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 287.020196][T28604] FAULT_INJECTION: forcing a failure. [ 287.020196][T28604] name failslab, interval 1, probability 0, space 0, times 0 [ 287.039432][T28604] CPU: 0 PID: 28604 Comm: syz-executor.5 Not tainted 5.13.0-rc5-syzkaller #0 [ 287.048168][T28604] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 287.058200][T28604] Call Trace: [ 287.061465][T28604] dump_stack+0x137/0x19d [ 287.065802][T28604] should_fail+0x23c/0x250 [ 287.070202][T28604] __should_failslab+0x81/0x90 [ 287.074981][T28604] ? call_usermodehelper_setup+0x81/0x160 [ 287.080675][T28604] should_failslab+0x5/0x20 [ 287.085164][T28604] kmem_cache_alloc_trace+0x49/0x310 [ 287.090454][T28604] ? add_uevent_var+0x16e/0x1c0 [ 287.095292][T28604] ? __kfree_skb+0xfe/0x150 [ 287.099777][T28604] call_usermodehelper_setup+0x81/0x160 [ 287.105457][T28604] ? add_uevent_var+0x1c0/0x1c0 [ 287.110300][T28604] kobject_uevent_env+0xb29/0xc40 [ 287.115318][T28604] kobject_uevent+0x18/0x20 [ 287.120061][T28604] loop_configure+0xb3c/0xcb0 [ 287.124733][T28604] lo_ioctl+0x555/0x11f0 [ 287.130327][T28604] ? path_openat+0x19ab/0x20b0 [ 287.135180][T28604] ? putname+0xa5/0xc0 [ 287.139244][T28604] ? ___cache_free+0x3c/0x300 [ 287.143943][T28604] ? blkdev_common_ioctl+0x9c3/0x1040 [ 287.149327][T28604] ? selinux_file_ioctl+0x8e0/0x970 [ 287.154521][T28604] ? lo_release+0x120/0x120 [ 287.159090][T28604] blkdev_ioctl+0x1d0/0x3c0 [ 287.163588][T28604] block_ioctl+0x6d/0x80 [ 287.167884][T28604] ? blkdev_iopoll+0x70/0x70 [ 287.172454][T28604] __se_sys_ioctl+0xcb/0x140 [ 287.177091][T28604] __x64_sys_ioctl+0x3f/0x50 [ 287.181674][T28604] do_syscall_64+0x4a/0x90 [ 287.186187][T28604] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 287.192143][T28604] RIP: 0033:0x466397 [ 287.196025][T28604] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 287.215617][T28604] RSP: 002b:00007faa1f1e6e98 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 287.224033][T28604] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000466397 [ 287.231984][T28604] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 287.239975][T28604] RBP: 0000000000000005 R08: 0000000000000000 R09: 0000000000000000 [ 287.247940][T28604] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 287.255891][T28604] R13: 0000000000000004 R14: 00000000200000f0 R15: 000000000000000a 08:41:04 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x4c000000) [ 287.270949][ T1135] loop0: p1 p2 p3 p4 [ 287.276179][ T1135] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 287.283729][T28598] loop3: p1 p2 p3 p4 [ 287.286794][ T1135] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 287.289241][T28598] loop3: p1 start 487 is beyond EOD, truncated [ 287.301202][T28598] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 287.302336][ T1135] loop0: p4 size 3657465856 extends beyond EOD, truncated 08:41:04 executing program 0: syz_read_part_table(0xffffffff00000000, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:41:04 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x80000, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 287.310476][T28602] new mount options do not match the existing superblock, will be ignored [ 287.324599][T28604] loop5: p1 p2 p4 [ 287.329591][T28604] loop5: p1 start 487 is beyond EOD, truncated [ 287.331574][T28598] loop3: p3 start 225 is beyond EOD, truncated [ 287.335826][T28604] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 287.341949][T28598] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 287.358539][T28604] loop5: p4 size 3657465856 extends beyond EOD, truncated 08:41:04 executing program 1: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0xd00) [ 287.373993][T28633] new mount options do not match the existing superblock, will be ignored [ 287.383249][T28633] loop4: detected capacity change from 0 to 1024 [ 287.396368][T28598] loop3: detected capacity change from 0 to 1 [ 287.411584][T28650] loop0: detected capacity change from 0 to 264192 08:41:04 executing program 5 (fault-call:0 fault-nth:28): syz_read_part_table(0x0, 0xa, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 287.430309][T28633] new mount options do not match the existing superblock, will be ignored [ 287.444440][T28598] loop3: p1 p2 p3 p4 [ 287.448581][T28598] loop3: p1 start 487 is beyond EOD, truncated [ 287.452097][T28661] loop5: detected capacity change from 0 to 1 [ 287.456522][T28598] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 287.462783][T28661] FAULT_INJECTION: forcing a failure. 08:41:04 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x80040, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 287.462783][T28661] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 287.473295][T28598] loop3: p3 start 225 is beyond EOD, truncated [ 287.482704][T28661] CPU: 1 PID: 28661 Comm: syz-executor.5 Not tainted 5.13.0-rc5-syzkaller #0 [ 287.488856][T28598] loop3: p4 size 3657465856 extends beyond EOD, [ 287.497690][T28661] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 287.497720][T28661] Call Trace: [ 287.497726][T28661] dump_stack+0x137/0x19d [ 287.504034][T28598] truncated [ 287.514067][T28661] should_fail+0x23c/0x250 [ 287.519428][T28650] loop0: p1 p2 p3 p4 [ 287.521665][T28661] should_fail_usercopy+0x16/0x20 [ 287.525807][T28650] loop0: p2 size 1073872896 extends beyond EOD, [ 287.529175][T28661] _copy_from_user+0x1c/0xd0 [ 287.529199][T28661] lo_ioctl+0x3d5/0x11f0 [ 287.533170][T28650] truncated [ 287.534709][T28650] loop0: p3 size 1912633224 extends beyond EOD, [ 287.538308][T28661] ? path_openat+0x19ab/0x20b0 [ 287.544657][T28650] truncated [ 287.549216][T28661] ? avc_has_extended_perms+0x5d8/0x7b0 08:41:04 executing program 3: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0210bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 287.554980][T28650] loop0: p4 size 3657465856 extends beyond EOD, [ 287.556529][T28661] ? __perf_event_task_sched_out+0xce0/0xd30 [ 287.562864][T28650] truncated [ 287.567589][T28661] ? putname+0xa5/0xc0 [ 287.595592][T28661] ? __perf_event_task_sched_in+0x471/0x4c0 [ 287.601494][T28661] ? blkdev_common_ioctl+0x9c3/0x1040 [ 287.606850][T28661] ? selinux_file_ioctl+0x8e0/0x970 [ 287.612291][T28661] ? lo_release+0x120/0x120 [ 287.616871][T28661] blkdev_ioctl+0x1d0/0x3c0 [ 287.621396][T28661] block_ioctl+0x6d/0x80 [ 287.625622][T28661] ? blkdev_iopoll+0x70/0x70 [ 287.630240][T28661] __se_sys_ioctl+0xcb/0x140 [ 287.634856][T28661] __x64_sys_ioctl+0x3f/0x50 [ 287.639490][T28661] do_syscall_64+0x4a/0x90 [ 287.643890][T28661] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 287.649787][T28661] RIP: 0033:0x466397 [ 287.653718][T28661] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 287.673377][T28661] RSP: 002b:00007faa1f1e6ef8 EFLAGS: 00000202 ORIG_RAX: 0000000000000010 [ 287.681893][T28661] RAX: ffffffffffffffda RBX: 00007faa1f1e6f40 RCX: 0000000000466397 [ 287.689889][T28661] RDX: 00007faa1f1e7050 RSI: 0000000000004c04 RDI: 0000000000000005 [ 287.697852][T28661] RBP: 00007faa1f1e71d0 R08: 0000000000000000 R09: 0000000000000000 [ 287.705819][T28661] R10: 0000000000000000 R11: 0000000000000202 R12: 00007faa1f1e7050 [ 287.713849][T28661] R13: 00007ffe90da0c5f R14: 00007faa1f1e7300 R15: 0000000000022000 [ 287.725712][ T1769] loop3: p1 p2 p3 p4 [ 287.730044][T28676] new mount options do not match the existing superblock, will be ignored [ 287.730367][ T1769] loop3: p1 start 487 is beyond EOD, truncated [ 287.742220][T28676] loop4: detected capacity change from 0 to 1024 [ 287.744959][ T1769] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 287.746620][ T1769] loop3: p3 start 225 is beyond EOD, truncated [ 287.764734][ T1769] loop3: p4 size 3657465856 extends beyond EOD, truncated 08:41:04 executing program 5 (fault-call:0 fault-nth:29): syz_read_part_table(0x0, 0xa, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:41:04 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x1000000, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 287.782874][T28676] new mount options do not match the existing superblock, will be ignored [ 287.799209][T28650] loop0: detected capacity change from 0 to 264192 [ 287.807776][T28693] loop5: detected capacity change from 0 to 1 [ 287.821185][T28702] loop3: detected capacity change from 0 to 1 [ 287.827041][T28705] new mount options do not match the existing superblock, will be ignored [ 287.836419][T28650] loop0: p1 p2 p3 p4 [ 287.840420][ T1135] loop5: p1 p2 p4 [ 287.842768][T28705] loop4: detected capacity change from 0 to 32768 [ 287.844258][ T1135] loop5: p1 start 487 is beyond EOD, truncated [ 287.856726][ T1135] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 287.864215][ T1135] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 287.864477][T28650] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 287.879001][T28693] FAULT_INJECTION: forcing a failure. [ 287.879001][T28693] name failslab, interval 1, probability 0, space 0, times 0 [ 287.882854][T28705] new mount options do not match the existing superblock, will be ignored [ 287.891691][T28693] CPU: 1 PID: 28693 Comm: syz-executor.5 Not tainted 5.13.0-rc5-syzkaller #0 [ 287.900520][T28702] loop3: p1 p2 p3 p4 [ 287.908952][T28693] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 287.908963][T28693] Call Trace: [ 287.908970][T28693] dump_stack+0x137/0x19d [ 287.909005][T28693] should_fail+0x23c/0x250 [ 287.914496][T28650] loop0: p3 size 1912633224 extends beyond EOD, [ 287.923094][T28693] __should_failslab+0x81/0x90 [ 287.923118][T28693] ? kobject_uevent_env+0x1a7/0xc40 [ 287.923139][T28693] should_failslab+0x5/0x20 [ 287.926399][T28650] truncated [ 287.928670][T28650] loop0: p4 size 3657465856 extends beyond EOD, [ 287.930718][T28693] kmem_cache_alloc_trace+0x49/0x310 [ 287.930741][T28693] ? kernfs_put+0x22a/0x300 [ 287.935166][T28650] truncated [ 287.941827][T28693] ? dev_uevent_filter+0x70/0x70 [ 287.947879][T28702] loop3: p1 start 487 is beyond EOD, [ 287.951760][T28693] kobject_uevent_env+0x1a7/0xc40 [ 287.951784][T28693] ? kernfs_put+0x2e2/0x300 [ 287.956424][T28702] truncated [ 287.959493][T28693] ? __pm_runtime_disable+0x27f/0x2b0 [ 287.965880][T28702] loop3: p2 size 1073872896 extends beyond EOD, [ 287.971119][T28693] ? __cond_resched+0x11/0x40 [ 287.975627][T28702] truncated [ 287.978708][T28693] kobject_uevent+0x18/0x20 [ 287.987062][T28702] loop3: p3 start 225 is beyond EOD, 08:41:05 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x2000000, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 287.988985][T28693] device_del+0x85e/0x8f0 [ 287.994072][T28702] truncated [ 287.998531][T28693] delete_partition+0x76/0xd0 [ 288.001620][T28702] loop3: p4 size 3657465856 extends beyond EOD, [ 288.006965][T28693] blk_drop_partitions+0x7a/0xf0 [ 288.006986][T28693] bdev_disk_changed+0x16d/0x340 [ 288.007004][T28693] loop_set_status+0x75f/0x7e0 [ 288.007019][T28693] lo_ioctl+0x758/0x11f0 [ 288.007031][T28693] ? path_openat+0x19ab/0x20b0 [ 288.007046][T28693] ? putname+0xa5/0xc0 [ 288.013370][T28702] truncated [ 288.018009][T28693] ? ___cache_free+0x3c/0x300 [ 288.085105][T28693] ? blkdev_common_ioctl+0x9c3/0x1040 [ 288.090557][T28693] ? selinux_file_ioctl+0x8e0/0x970 [ 288.095803][T28693] ? lo_release+0x120/0x120 [ 288.100340][T28693] blkdev_ioctl+0x1d0/0x3c0 [ 288.104877][T28693] block_ioctl+0x6d/0x80 [ 288.109202][T28693] ? blkdev_iopoll+0x70/0x70 [ 288.113788][T28693] __se_sys_ioctl+0xcb/0x140 [ 288.118459][T28693] __x64_sys_ioctl+0x3f/0x50 [ 288.123029][T28693] do_syscall_64+0x4a/0x90 [ 288.127437][T28693] entry_SYSCALL_64_after_hwframe+0x44/0xae 08:41:05 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x60000000) [ 288.133407][T28693] RIP: 0033:0x466397 [ 288.137286][T28693] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 288.156977][T28693] RSP: 002b:00007faa1f1e6ef8 EFLAGS: 00000202 ORIG_RAX: 0000000000000010 [ 288.165388][T28693] RAX: ffffffffffffffda RBX: 00007faa1f1e6f40 RCX: 0000000000466397 [ 288.173376][T28693] RDX: 00007faa1f1e7050 RSI: 0000000000004c04 RDI: 0000000000000005 [ 288.181339][T28693] RBP: 00007faa1f1e71d0 R08: 0000000000000000 R09: 0000000000000000 [ 288.189289][T28693] R10: 0000000000000000 R11: 0000000000000202 R12: 00007faa1f1e7050 [ 288.197265][T28693] R13: 00007ffe90da0c5f R14: 00007faa1f1e7300 R15: 0000000000022000 [ 288.208739][T28693] loop5: p1 p2 p4 [ 288.212608][T28693] loop5: p1 start 487 is beyond EOD, truncated [ 288.218774][T28693] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 288.218954][T28729] new mount options do not match the existing superblock, will be ignored 08:41:05 executing program 0: syz_read_part_table(0xffffffffffffffff, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:41:05 executing program 1: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0xe00) [ 288.227759][T28693] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 288.236021][T28729] loop4: detected capacity change from 0 to 65536 [ 288.261896][T28702] loop3: detected capacity change from 0 to 1 08:41:05 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x2040000, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) 08:41:05 executing program 5 (fault-call:0 fault-nth:30): syz_read_part_table(0x0, 0xa, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 288.292628][T28702] loop3: p1 p2 p3 p4 [ 288.297363][T28729] new mount options do not match the existing superblock, will be ignored [ 288.306438][T28702] loop3: p1 start 487 is beyond EOD, truncated [ 288.312727][T28702] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 288.318205][T28752] loop0: detected capacity change from 0 to 264192 [ 288.342242][T28702] loop3: p3 start 225 is beyond EOD, truncated [ 288.348420][T28702] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 288.354073][T28763] new mount options do not match the existing superblock, will be ignored [ 288.364535][T28766] loop5: detected capacity change from 0 to 1 [ 288.365250][T28763] loop4: detected capacity change from 0 to 66048 [ 288.377746][T28752] loop0: p1 p2 p3 p4 [ 288.382402][T28752] loop0: p2 size 1073872896 extends beyond EOD, truncated 08:41:05 executing program 3: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="021bbfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 288.389948][T28752] loop0: p3 size 1912633224 extends beyond EOD, truncated [ 288.397524][T28766] FAULT_INJECTION: forcing a failure. [ 288.397524][T28766] name failslab, interval 1, probability 0, space 0, times 0 [ 288.407960][T28752] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 288.410319][T28766] CPU: 1 PID: 28766 Comm: syz-executor.5 Not tainted 5.13.0-rc5-syzkaller #0 [ 288.426124][T28766] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 288.436201][T28766] Call Trace: [ 288.439476][T28766] dump_stack+0x137/0x19d [ 288.442024][T28752] loop0: p1 p2 p3 p4 [ 288.443796][T28766] should_fail+0x23c/0x250 [ 288.443812][T28766] __should_failslab+0x81/0x90 [ 288.443834][T28766] should_failslab+0x5/0x20 [ 288.448318][T28752] loop0: p2 size 1073872896 extends beyond EOD, [ 288.452184][T28766] kmem_cache_alloc_node_trace+0x58/0x2e0 [ 288.452209][T28766] ? try_to_wake_up+0x38f/0x480 [ 288.456958][T28752] truncated [ 288.459531][T28752] loop0: p3 size 1912633224 extends beyond EOD, [ 288.461542][T28766] ? __get_vm_area_node+0x11b/0x260 [ 288.467931][T28752] truncated [ 288.473615][T28766] __get_vm_area_node+0x11b/0x260 [ 288.480247][T28752] loop0: p4 size 3657465856 extends beyond EOD, [ 288.481553][T28766] __vmalloc_node_range+0xc2/0x5b0 [ 288.481577][T28766] ? blk_add_partitions+0x136/0xa80 [ 288.487894][T28752] truncated [ 288.493046][T28766] ? blk_add_partitions+0x136/0xa80 [ 288.526045][T28766] vzalloc+0x5a/0x70 [ 288.529992][T28766] ? blk_add_partitions+0x136/0xa80 [ 288.535236][T28766] blk_add_partitions+0x136/0xa80 [ 288.540247][T28766] bdev_disk_changed+0x2d3/0x340 [ 288.545173][T28766] loop_set_status+0x75f/0x7e0 [ 288.549931][T28766] lo_ioctl+0x758/0x11f0 [ 288.554151][T28766] ? path_openat+0x19ab/0x20b0 [ 288.558902][T28766] ? putname+0xa5/0xc0 [ 288.562963][T28766] ? ___cache_free+0x3c/0x300 [ 288.567621][T28766] ? blkdev_common_ioctl+0x9c3/0x1040 [ 288.573140][T28766] ? selinux_file_ioctl+0x8e0/0x970 [ 288.578367][T28766] ? lo_release+0x120/0x120 [ 288.582929][T28766] blkdev_ioctl+0x1d0/0x3c0 [ 288.587413][T28766] block_ioctl+0x6d/0x80 [ 288.591700][T28766] ? blkdev_iopoll+0x70/0x70 [ 288.596333][T28766] __se_sys_ioctl+0xcb/0x140 [ 288.600903][T28766] __x64_sys_ioctl+0x3f/0x50 [ 288.605576][T28766] do_syscall_64+0x4a/0x90 [ 288.610025][T28766] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 288.615948][T28766] RIP: 0033:0x466397 [ 288.619819][T28766] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 288.639431][T28766] RSP: 002b:00007faa1f1e6ef8 EFLAGS: 00000202 ORIG_RAX: 0000000000000010 [ 288.647906][T28766] RAX: ffffffffffffffda RBX: 00007faa1f1e6f40 RCX: 0000000000466397 [ 288.655871][T28766] RDX: 00007faa1f1e7050 RSI: 0000000000004c04 RDI: 0000000000000005 [ 288.665672][T28766] RBP: 00007faa1f1e71d0 R08: 0000000000000000 R09: 0000000000000000 [ 288.673636][T28766] R10: 0000000000000000 R11: 0000000000000202 R12: 00007faa1f1e7050 [ 288.681618][T28766] R13: 00007ffe90da0c5f R14: 00007faa1f1e7300 R15: 0000000000022000 [ 288.689621][T28766] syz-executor.5: vmalloc size 32768 allocation failure: vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0 [ 288.705760][T28766] CPU: 1 PID: 28766 Comm: syz-executor.5 Not tainted 5.13.0-rc5-syzkaller #0 [ 288.714876][T28766] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 288.724952][T28766] Call Trace: [ 288.728234][T28766] dump_stack+0x137/0x19d [ 288.732582][T28766] warn_alloc+0x105/0x160 [ 288.736938][T28766] __vmalloc_node_range+0x222/0x5b0 [ 288.742243][T28766] ? blk_add_partitions+0x136/0xa80 [ 288.747594][T28766] vzalloc+0x5a/0x70 [ 288.751473][T28766] ? blk_add_partitions+0x136/0xa80 [ 288.756667][T28766] blk_add_partitions+0x136/0xa80 [ 288.761857][T28766] bdev_disk_changed+0x2d3/0x340 [ 288.766961][T28766] loop_set_status+0x75f/0x7e0 [ 288.771724][T28766] lo_ioctl+0x758/0x11f0 [ 288.775977][T28766] ? path_openat+0x19ab/0x20b0 [ 288.780737][T28766] ? putname+0xa5/0xc0 [ 288.784802][T28766] ? ___cache_free+0x3c/0x300 [ 288.789582][T28766] ? blkdev_common_ioctl+0x9c3/0x1040 [ 288.794952][T28766] ? selinux_file_ioctl+0x8e0/0x970 [ 288.800156][T28766] ? lo_release+0x120/0x120 [ 288.804647][T28766] blkdev_ioctl+0x1d0/0x3c0 [ 288.809281][T28766] block_ioctl+0x6d/0x80 [ 288.813507][T28766] ? blkdev_iopoll+0x70/0x70 [ 288.818090][T28766] __se_sys_ioctl+0xcb/0x140 [ 288.822659][T28766] __x64_sys_ioctl+0x3f/0x50 [ 288.827452][T28766] do_syscall_64+0x4a/0x90 [ 288.831852][T28766] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 288.837817][T28766] RIP: 0033:0x466397 [ 288.841788][T28766] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 288.861406][T28766] RSP: 002b:00007faa1f1e6ef8 EFLAGS: 00000202 ORIG_RAX: 0000000000000010 [ 288.869819][T28766] RAX: ffffffffffffffda RBX: 00007faa1f1e6f40 RCX: 0000000000466397 [ 288.877788][T28766] RDX: 00007faa1f1e7050 RSI: 0000000000004c04 RDI: 0000000000000005 [ 288.885736][T28766] RBP: 00007faa1f1e71d0 R08: 0000000000000000 R09: 0000000000000000 [ 288.893822][T28766] R10: 0000000000000000 R11: 0000000000000202 R12: 00007faa1f1e7050 [ 288.901885][T28766] R13: 00007ffe90da0c5f R14: 00007faa1f1e7300 R15: 0000000000022000 [ 288.909974][T28766] Mem-Info: [ 288.913094][T28766] active_anon:136 inactive_anon:89316 isolated_anon:0 [ 288.913094][T28766] active_file:5370 inactive_file:31950 isolated_file:0 [ 288.913094][T28766] unevictable:0 dirty:92 writeback:5 [ 288.913094][T28766] slab_reclaimable:4122 slab_unreclaimable:6841 [ 288.913094][T28766] mapped:62824 shmem:4732 pagetables:4236 bounce:0 [ 288.913094][T28766] free:1824608 free_pcp:554 free_cma:0 [ 288.950006][T28766] Node 0 active_anon:544kB inactive_anon:357264kB active_file:21480kB inactive_file:127800kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:251296kB dirty:368kB writeback:20kB shmem:18928kB writeback_tmp:0kB kernel_stack:3680kB pagetables:16944kB all_unreclaimable? no [ 288.976743][T28766] Node 0 DMA free:15360kB min:20kB low:32kB high:44kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 289.002669][T28766] lowmem_reserve[]: 0 2938 7916 7916 [ 289.007953][T28766] Node 0 DMA32 free:3013476kB min:4220kB low:7228kB high:10236kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:3013528kB mlocked:0kB bounce:0kB free_pcp:52kB local_pcp:0kB free_cma:0kB [ 289.035270][T28766] lowmem_reserve[]: 0 0 4978 4978 [ 289.040364][T28766] Node 0 Normal free:4269828kB min:7152kB low:12248kB high:17344kB reserved_highatomic:0KB active_anon:544kB inactive_anon:357264kB active_file:21480kB inactive_file:127800kB unevictable:0kB writepending:336kB present:5242880kB managed:5098252kB mlocked:0kB bounce:0kB free_pcp:1892kB local_pcp:884kB free_cma:0kB [ 289.069736][T28766] lowmem_reserve[]: 0 0 0 0 [ 289.074260][T28766] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 289.086892][T28766] Node 0 DMA32: 5*4kB (M) 2*8kB (M) 4*16kB (M) 4*32kB (M) 6*64kB (M) 4*128kB (M) 5*256kB (M) 5*512kB (M) 4*1024kB (M) 1*2048kB (M) 733*4096kB (M) = 3013476kB [ 289.102959][T28766] Node 0 Normal: 178*4kB (UME) 74*8kB (UME) 100*16kB (UME) 22*32kB (UME) 24*64kB (UME) 38*128kB (UME) 24*256kB (UM) 14*512kB (UM) 7*1024kB (ME) 4*2048kB (UME) 1033*4096kB (UM) = 4269848kB [ 289.121587][T28766] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 289.130890][T28766] 20691 total pagecache pages [ 289.135603][T28766] 0 pages in swap cache [ 289.139743][T28766] Swap cache stats: add 0, delete 0, find 0/0 08:41:06 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x68000000) 08:41:06 executing program 1: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0xf00) [ 289.145813][T28766] Free swap = 0kB [ 289.149522][T28766] Total swap = 0kB [ 289.153255][T28766] 2097051 pages RAM [ 289.157078][T28766] 0 pages HighMem/MovableOnly [ 289.161760][T28766] 65266 pages reserved [ 289.166368][ T1135] loop5: p1 p2 p4 [ 289.170275][ T1135] loop5: p1 start 487 is beyond EOD, truncated [ 289.176502][ T1135] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 289.177030][T28763] new mount options do not match the existing superblock, will be ignored 08:41:06 executing program 0: syz_read_part_table(0x0, 0x2, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:41:06 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x3000000, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) 08:41:06 executing program 5: syz_read_part_table(0x0, 0xa, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 289.186481][ T1135] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 289.215171][T28806] loop0: detected capacity change from 0 to 1 [ 289.218286][T28809] new mount options do not match the existing superblock, will be ignored [ 289.231465][T28809] loop4: detected capacity change from 0 to 98304 [ 289.236969][T28816] loop3: detected capacity change from 0 to 1 08:41:06 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x4000000, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 289.252484][T28809] new mount options do not match the existing superblock, will be ignored [ 289.261652][T28828] loop5: detected capacity change from 0 to 1 [ 289.268370][T28816] loop3: p1 p2 p3 p4 [ 289.277920][T28816] loop3: p1 start 487 is beyond EOD, truncated [ 289.284222][T28816] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 289.288162][T28806] loop0: detected capacity change from 0 to 1 [ 289.293955][T28837] new mount options do not match the existing superblock, will be ignored [ 289.304035][T28816] loop3: p3 start 225 is beyond EOD, truncated [ 289.307632][T28837] loop4: detected capacity change from 0 to 131072 [ 289.312133][T28816] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 289.326427][ T1135] loop5: p1 p2 p4 [ 289.330196][ T1135] loop5: p1 start 487 is beyond EOD, truncated [ 289.332703][T28837] new mount options do not match the existing superblock, will be ignored [ 289.336378][ T1135] loop5: p2 size 1073872896 extends beyond EOD, truncated 08:41:06 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x5000000, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 289.355565][ T1135] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 289.367216][T28828] loop5: p1 p2 p4 [ 289.370943][T28853] new mount options do not match the existing superblock, will be ignored [ 289.371247][T28828] loop5: p1 start 487 is beyond EOD, truncated [ 289.380561][T28853] loop4: detected capacity change from 0 to 163840 [ 289.385756][T28828] loop5: p2 size 1073872896 extends beyond EOD, truncated 08:41:06 executing program 0: syz_read_part_table(0x0, 0x3, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:41:06 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x6000000, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 289.399594][T28828] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 289.422610][T28853] new mount options do not match the existing superblock, will be ignored [ 289.431335][T28816] loop3: detected capacity change from 0 to 1 08:41:06 executing program 5: syz_read_part_table(0x2, 0xa, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 289.464409][T28816] loop3: p1 p2 p3 p4 [ 289.468458][T28816] loop3: p1 start 487 is beyond EOD, truncated [ 289.474760][T28816] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 289.489283][T28878] new mount options do not match the existing superblock, will be ignored [ 289.494447][T28816] loop3: p3 start 225 is beyond EOD, truncated [ 289.504094][T28816] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 289.512678][T28876] loop0: detected capacity change from 0 to 1 [ 289.518949][T28878] loop4: detected capacity change from 0 to 196608 [ 289.528351][T28885] loop5: detected capacity change from 0 to 1 08:41:06 executing program 3: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="021dbfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:41:06 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x6040000, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 289.582133][T28885] loop5: p1 p2 p4 [ 289.586116][T28885] loop5: p1 start 487 is beyond EOD, truncated [ 289.593444][T28885] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 289.600989][T28878] new mount options do not match the existing superblock, will be ignored [ 289.602101][T28885] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 289.634145][T28903] new mount options do not match the existing superblock, will be ignored [ 289.639265][T28905] loop3: detected capacity change from 0 to 1 [ 289.643425][T28903] loop4: detected capacity change from 0 to 197120 [ 289.664882][T28885] loop5: detected capacity change from 0 to 1 [ 289.685932][T28905] loop3: p1 p2 p3 p4 [ 289.690063][T28905] loop3: p1 start 487 is beyond EOD, truncated [ 289.696376][T28905] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 289.704302][ T1135] loop5: p1 p2 p4 [ 289.708047][ T1135] loop5: p1 start 487 is beyond EOD, truncated [ 289.714218][ T1135] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 289.715280][T28903] new mount options do not match the existing superblock, will be ignored [ 289.722075][ T1135] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 289.737203][T28905] loop3: p3 start 225 is beyond EOD, truncated [ 289.743538][T28905] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 289.752463][T28885] loop5: p1 p2 p4 [ 289.756376][T28885] loop5: p1 start 487 is beyond EOD, truncated [ 289.762644][T28885] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 289.770579][T28885] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 289.795843][ T1135] loop5: p1 p2 p4 [ 289.799736][ T1135] loop5: p1 start 487 is beyond EOD, truncated [ 289.806019][ T1135] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 289.814614][T28905] loop3: detected capacity change from 0 to 1 [ 289.814949][ T1135] loop5: p4 size 3657465856 extends beyond EOD, truncated 08:41:07 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x6c000000) [ 289.852200][T28905] loop3: p1 p2 p3 p4 [ 289.856577][T28905] loop3: p1 start 487 is beyond EOD, truncated [ 289.862874][T28905] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 289.871386][T28905] loop3: p3 start 225 is beyond EOD, truncated [ 289.877680][T28905] loop3: p4 size 3657465856 extends beyond EOD, truncated 08:41:07 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x7000000, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) 08:41:07 executing program 0: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:41:07 executing program 5: syz_read_part_table(0x3, 0xa, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:41:07 executing program 1: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x1100) 08:41:07 executing program 3: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0225bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 289.923120][ T1135] loop3: p1 p2 p3 p4 [ 289.927559][ T1135] loop3: p1 start 487 is beyond EOD, truncated [ 289.933745][ T1135] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 289.941647][ T1135] loop3: p3 start 225 is beyond EOD, truncated [ 289.947857][ T1135] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 289.983464][T28969] loop0: detected capacity change from 0 to 1 [ 289.988170][T28968] new mount options do not match the existing superblock, will be ignored [ 289.990783][T28967] loop5: detected capacity change from 0 to 1 [ 290.001198][T28968] loop4: detected capacity change from 0 to 229376 [ 290.021258][T28972] loop3: detected capacity change from 0 to 1 [ 290.032376][T28968] new mount options do not match the existing superblock, will be ignored [ 290.040977][T28967] loop5: p1 p2 p4 [ 290.045115][T28967] loop5: p1 start 487 is beyond EOD, truncated [ 290.051287][T28967] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 290.059421][T28972] loop3: p1 p2 p3 p4 [ 290.064565][T28972] loop3: p1 start 487 is beyond EOD, truncated [ 290.068996][T28967] loop5: p4 size 3657465856 extends beyond EOD, truncated 08:41:07 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x8000000, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 290.070726][T28972] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 290.086758][ T1135] loop5: p1 p2 p4 [ 290.088405][T28969] loop0: detected capacity change from 0 to 1 [ 290.090990][ T1135] loop5: p1 start 487 is beyond EOD, truncated [ 290.102865][ T1135] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 290.104684][T28997] new mount options do not match the existing superblock, will be ignored [ 290.110891][ T1135] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 290.125808][T28972] loop3: p3 start 225 is beyond EOD, truncated 08:41:07 executing program 5: syz_read_part_table(0x4, 0xa, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 290.126954][T28997] loop4: detected capacity change from 0 to 262144 [ 290.132438][T28972] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 290.158034][T28997] new mount options do not match the existing superblock, will be ignored 08:41:07 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x9000000, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) 08:41:07 executing program 0: syz_read_part_table(0x0, 0x5, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 290.189275][T29013] loop5: detected capacity change from 0 to 1 [ 290.203714][T28972] loop3: detected capacity change from 0 to 1 [ 290.218700][T29026] new mount options do not match the existing superblock, will be ignored [ 290.227998][T29013] loop5: p1 p2 p4 [ 290.229306][T29026] loop4: detected capacity change from 0 to 264192 [ 290.232623][T29013] loop5: p1 start 487 is beyond EOD, truncated [ 290.238779][T28972] loop3: p1 p2 p3 p4 [ 290.244610][T29013] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 290.248647][T28972] loop3: p1 start 487 is beyond EOD, truncated [ 290.258117][T29013] loop5: p4 size 3657465856 extends beyond EOD, [ 290.261887][T28972] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 290.270957][T29036] loop0: detected capacity change from 0 to 1 [ 290.275733][T29013] truncated 08:41:07 executing program 3: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="022cbfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 290.282595][T28972] loop3: p3 start 225 is beyond EOD, truncated [ 290.287076][T29013] loop5: p1 p2 p4 [ 290.291087][T28972] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 290.302152][T29013] loop5: p1 start 487 is beyond EOD, truncated [ 290.302431][T29026] new mount options do not match the existing superblock, will be ignored [ 290.308405][T29013] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 290.324542][T29013] loop5: p4 size 3657465856 extends beyond EOD, truncated 08:41:07 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0xa000000, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 290.351286][ T1135] loop5: p1 p2 p4 [ 290.360250][ T1135] loop5: p1 start 487 is beyond EOD, truncated [ 290.366451][ T1135] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 290.372266][T29058] new mount options do not match the existing superblock, will be ignored [ 290.383993][ T1135] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 290.385620][T29061] loop3: detected capacity change from 0 to 1 [ 290.391462][T29058] loop4: detected capacity change from 0 to 264192 [ 290.399768][T29036] loop0: detected capacity change from 0 to 1 [ 290.412000][T29061] loop3: p1 p2 p3 p4 [ 290.416041][T29061] loop3: p1 start 487 is beyond EOD, truncated [ 290.422196][T29061] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 290.423116][T29058] new mount options do not match the existing superblock, will be ignored [ 290.438530][T29061] loop3: p3 start 225 is beyond EOD, truncated [ 290.444719][T29061] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 290.503964][T29061] loop3: detected capacity change from 0 to 1 [ 290.542138][T29061] loop3: p1 p2 p3 p4 [ 290.546216][T29061] loop3: p1 start 487 is beyond EOD, truncated [ 290.552408][T29061] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 290.560003][T29061] loop3: p3 start 225 is beyond EOD, truncated [ 290.566201][T29061] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 290.574720][ T1135] loop3: p1 p2 p3 p4 [ 290.578842][ T1135] loop3: p1 start 487 is beyond EOD, truncated [ 290.585028][ T1135] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 290.592500][ T1135] loop3: p3 start 225 is beyond EOD, truncated [ 290.598650][ T1135] loop3: p4 size 3657465856 extends beyond EOD, truncated 08:41:07 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x74000000) 08:41:07 executing program 5: syz_read_part_table(0x5, 0xa, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:41:07 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0xb000000, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 290.760159][T29112] new mount options do not match the existing superblock, will be ignored [ 290.773199][T29110] loop5: detected capacity change from 0 to 1 [ 290.780814][T29112] loop4: detected capacity change from 0 to 264192 08:41:08 executing program 1: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x1200) 08:41:08 executing program 0: syz_read_part_table(0x0, 0x6, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:41:08 executing program 3: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="02e1bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:41:08 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0xc000000, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 290.812112][T29110] loop5: p1 p2 p4 [ 290.815917][T29110] loop5: p1 start 487 is beyond EOD, truncated [ 290.822149][T29110] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 290.829835][T29112] new mount options do not match the existing superblock, will be ignored [ 290.851303][T29110] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 290.890715][T29127] loop3: detected capacity change from 0 to 1 [ 290.898047][T29128] loop0: detected capacity change from 0 to 1 [ 290.903776][T29135] new mount options do not match the existing superblock, will be ignored [ 290.914088][T29110] loop5: detected capacity change from 0 to 1 [ 290.921326][T29135] loop4: detected capacity change from 0 to 264192 [ 290.925593][T29127] loop3: p1 p2 p3 p4 [ 290.938449][T29127] loop3: p1 start 487 is beyond EOD, truncated [ 290.944914][T29127] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 290.952396][T29127] loop3: p3 start 225 is beyond EOD, truncated [ 290.958546][T29127] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 290.972121][T29110] loop5: p1 p2 p4 [ 290.974406][T29135] new mount options do not match the existing superblock, will be ignored [ 290.976013][T29110] loop5: p1 start 487 is beyond EOD, truncated 08:41:08 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0xd000000, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) 08:41:08 executing program 0: syz_read_part_table(0x0, 0x7, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 290.990520][T29110] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 291.017579][T29127] loop3: detected capacity change from 0 to 1 [ 291.017609][T29110] loop5: p4 size 3657465856 extends beyond EOD, truncated 08:41:08 executing program 5: syz_read_part_table(0x6, 0xa, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 291.038919][T29163] loop0: detected capacity change from 0 to 1 [ 291.040818][T29167] new mount options do not match the existing superblock, will be ignored [ 291.054608][T29167] loop4: detected capacity change from 0 to 264192 [ 291.064265][T29127] loop3: p1 p2 p3 p4 [ 291.069129][ T1135] loop5: p1 p2 p4 [ 291.071907][T29127] loop3: p1 start 487 is beyond EOD, truncated [ 291.075503][ T1135] loop5: p1 start 487 is beyond EOD, [ 291.079059][T29127] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 291.081170][T29127] loop3: p3 start 225 is beyond EOD, [ 291.084458][ T1135] truncated [ 291.084463][ T1135] loop5: p2 size 1073872896 extends beyond EOD, [ 291.091552][T29127] truncated [ 291.091557][T29127] loop3: p4 size 3657465856 extends beyond EOD, [ 291.096912][ T1135] truncated [ 291.103891][ T1135] loop5: p4 size 3657465856 extends beyond EOD, [ 291.106407][T29127] truncated [ 291.109491][ T1135] truncated [ 291.119692][T29167] new mount options do not match the existing superblock, will be ignored 08:41:08 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0xe000000, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) 08:41:08 executing program 3: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="02febfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 291.141641][T29163] loop0: detected capacity change from 0 to 1 [ 291.158222][T29188] new mount options do not match the existing superblock, will be ignored [ 291.171573][T29180] loop5: detected capacity change from 0 to 1 [ 291.176370][T29188] loop4: detected capacity change from 0 to 264192 [ 291.184788][T29188] new mount options do not match the existing superblock, will be ignored [ 291.202115][ T1135] loop5: p1 p2 p4 [ 291.207649][ T1135] loop5: p1 start 487 is beyond EOD, truncated [ 291.213827][ T1135] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 291.231410][ T1135] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 291.234446][T29204] loop3: detected capacity change from 0 to 1 [ 291.245079][T29180] loop5: p1 p2 p4 [ 291.249048][T29180] loop5: p1 start 487 is beyond EOD, truncated [ 291.255326][T29180] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 291.262994][T29180] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 291.272395][T29204] loop3: p1 p2 p3 p4 [ 291.276593][T29204] loop3: p1 start 487 is beyond EOD, truncated [ 291.282793][T29204] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 291.290922][T29204] loop3: p3 start 225 is beyond EOD, truncated [ 291.297140][T29204] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 291.325797][T29180] loop5: detected capacity change from 0 to 1 [ 291.350924][T29204] loop3: detected capacity change from 0 to 1 [ 291.357193][T29180] loop5: p1 p2 p4 [ 291.361008][T29180] loop5: p1 start 487 is beyond EOD, truncated [ 291.367377][T29180] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 291.375448][T29180] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 291.392778][T29204] loop3: p1 p2 p3 p4 [ 291.397262][T29204] loop3: p1 start 487 is beyond EOD, truncated [ 291.403460][T29204] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 291.411804][T29204] loop3: p3 start 225 is beyond EOD, truncated [ 291.418012][T29204] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 291.449510][ T1135] loop5: p1 p2 p4 [ 291.455791][ T1135] loop5: p1 start 487 is beyond EOD, truncated [ 291.462074][ T1135] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 291.470935][ T1135] loop5: p4 size 3657465856 extends beyond EOD, truncated 08:41:08 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x7a000000) 08:41:08 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x10000000, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) 08:41:08 executing program 0: syz_read_part_table(0x0, 0x8, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 291.605971][T29256] new mount options do not match the existing superblock, will be ignored [ 291.634127][T29256] loop4: detected capacity change from 0 to 264192 [ 291.640729][T29257] loop0: detected capacity change from 0 to 1 08:41:08 executing program 1: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x1d02) 08:41:08 executing program 5: syz_read_part_table(0x7, 0xa, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:41:08 executing program 3: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="020105000000e70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:41:08 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x11000000, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 291.700568][T29256] new mount options do not match the existing superblock, will be ignored [ 291.736437][T29257] loop0: detected capacity change from 0 to 1 08:41:08 executing program 0: syz_read_part_table(0x0, 0xa, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 291.747720][T29272] loop3: detected capacity change from 0 to 1 [ 291.756817][T29273] loop5: detected capacity change from 0 to 1 [ 291.770972][T29281] new mount options do not match the existing superblock, will be ignored [ 291.788748][T29281] loop4: detected capacity change from 0 to 264192 [ 291.796655][T29273] loop5: p1 p2 p4 [ 291.797119][T29272] loop3: p1 < > p2 p3 p4 [ 291.800531][T29273] loop5: p1 start 487 is beyond EOD, truncated [ 291.804734][T29272] loop3: partition table partially beyond EOD, truncated [ 291.805031][T29272] loop3: p1 start 487 is beyond EOD, [ 291.810870][T29273] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 291.812914][T29273] loop5: p4 size 3657465856 extends beyond EOD, [ 291.817909][T29272] truncated [ 291.823363][T29273] truncated [ 291.843010][T29272] loop3: p2 size 1073872896 extends beyond EOD, truncated 08:41:09 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x12000000, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 291.854956][T29281] new mount options do not match the existing superblock, will be ignored [ 291.864042][T29296] loop0: detected capacity change from 0 to 1 [ 291.870075][T29273] loop5: detected capacity change from 0 to 1 [ 291.881178][T29272] loop3: p3 start 225 is beyond EOD, truncated [ 291.887424][T29272] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 291.902040][T29273] loop5: p1 p2 p4 [ 291.906160][T29296] loop0: p1 p2 p4 [ 291.906984][T29273] loop5: p1 start 487 is beyond EOD, truncated [ 291.910030][T29296] loop0: p1 start 487 is beyond EOD, truncated [ 291.916278][T29273] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 291.922402][T29296] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 291.937834][T29273] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 291.940211][T29296] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 291.947164][T29311] new mount options do not match the existing superblock, will be ignored [ 291.974250][T29272] loop3: detected capacity change from 0 to 1 [ 291.974712][T29311] loop4: detected capacity change from 0 to 264192 08:41:09 executing program 5: syz_read_part_table(0x8, 0xa, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:41:09 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x20000000, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 292.002213][T29272] loop3: p1 < > p2 p3 p4 [ 292.006548][T29272] loop3: partition table partially beyond EOD, truncated [ 292.013840][T29272] loop3: p1 start 487 is beyond EOD, truncated [ 292.020011][T29272] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 292.024965][T29311] new mount options do not match the existing superblock, will be ignored [ 292.027951][T29272] loop3: p3 start 225 is beyond EOD, truncated [ 292.041761][T29272] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 292.049471][ T1135] loop5: p1 p2 p4 08:41:09 executing program 0: syz_read_part_table(0x0, 0xb, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 292.061132][T29335] new mount options do not match the existing superblock, will be ignored [ 292.062322][ T1135] loop5: p1 start 487 is beyond EOD, truncated [ 292.075827][ T1135] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 292.077046][T29335] loop4: detected capacity change from 0 to 264192 [ 292.088720][ T1135] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 292.090365][T29339] loop0: detected capacity change from 0 to 1 [ 292.132437][T29335] new mount options do not match the existing superblock, will be ignored [ 292.170449][T29356] loop5: detected capacity change from 0 to 1 [ 292.193700][T29339] loop0: detected capacity change from 0 to 1 [ 292.202367][ T1135] loop5: p1 p2 p4 [ 292.206272][ T1135] loop5: p1 start 487 is beyond EOD, truncated [ 292.212561][ T1135] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 292.220376][ T1135] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 292.228864][T29356] loop5: p1 p2 p4 [ 292.232697][T29356] loop5: p1 start 487 is beyond EOD, truncated [ 292.238866][T29356] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 292.246664][T29356] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 292.291244][T29356] loop5: detected capacity change from 0 to 1 [ 292.332024][T29356] loop5: p1 p2 p4 [ 292.335874][T29356] loop5: p1 start 487 is beyond EOD, truncated [ 292.342065][T29356] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 292.349507][T29356] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 292.358071][ T1135] loop5: p1 p2 p4 [ 292.362226][ T1135] loop5: p1 start 487 is beyond EOD, truncated [ 292.368515][ T1135] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 292.376490][ T1135] loop5: p4 size 3657465856 extends beyond EOD, truncated 08:41:09 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0xb80a0000) 08:41:09 executing program 3: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="02010f000000e70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:41:09 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x20100000, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 292.522445][T29401] new mount options do not match the existing superblock, will be ignored [ 292.536670][T29398] loop3: detected capacity change from 0 to 1 [ 292.551420][T29401] loop4: detected capacity change from 0 to 264192 08:41:09 executing program 1: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x2000) 08:41:09 executing program 0: syz_read_part_table(0x0, 0xc, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:41:09 executing program 5: syz_read_part_table(0x9, 0xa, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 292.573633][T29398] loop3: p1 < > p2 p3 p4 [ 292.577998][T29398] loop3: partition table partially beyond EOD, truncated [ 292.594734][T29401] new mount options do not match the existing superblock, will be ignored [ 292.595114][T29398] loop3: p1 start 487 is beyond EOD, truncated [ 292.609444][T29398] loop3: p2 size 1073872896 extends beyond EOD, truncated 08:41:09 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x25000000, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 292.637576][T29398] loop3: p3 start 225 is beyond EOD, truncated [ 292.643981][T29398] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 292.673417][T29419] loop5: detected capacity change from 0 to 1 [ 292.685928][T29420] loop0: detected capacity change from 0 to 1 [ 292.691218][T29422] new mount options do not match the existing superblock, will be ignored [ 292.701488][T29422] loop4: detected capacity change from 0 to 264192 [ 292.708154][T29419] loop5: p1 p2 p4 [ 292.711926][T29419] loop5: p1 start 487 is beyond EOD, truncated [ 292.718084][T29419] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 292.725869][T29398] loop3: detected capacity change from 0 to 1 08:41:09 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x3f000000, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 292.730437][T29419] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 292.745562][T29422] new mount options do not match the existing superblock, will be ignored [ 292.753719][T29398] loop3: p1 < > p2 p3 p4 [ 292.758516][T29398] loop3: partition table partially beyond EOD, truncated [ 292.766071][T29398] loop3: p1 start 487 is beyond EOD, truncated [ 292.772264][T29398] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 292.784749][T29398] loop3: p3 start 225 is beyond EOD, truncated [ 292.790913][T29398] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 292.802395][T29420] loop0: detected capacity change from 0 to 1 [ 292.809046][T29419] loop5: detected capacity change from 0 to 1 [ 292.819982][T29454] new mount options do not match the existing superblock, will be ignored [ 292.829232][T29454] loop4: detected capacity change from 0 to 264192 08:41:10 executing program 3: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="020154000000e70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 292.832133][ T1135] loop5: p1 p2 p4 [ 292.839606][ T1135] loop5: p1 start 487 is beyond EOD, truncated [ 292.845842][ T1135] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 292.853556][ T1135] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 292.862275][T29419] loop5: p1 p2 p4 [ 292.866054][T29419] loop5: p1 start 487 is beyond EOD, truncated [ 292.872223][T29419] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 292.880273][T29419] loop5: p4 size 3657465856 extends beyond EOD, truncated 08:41:10 executing program 0: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:41:10 executing program 5: syz_read_part_table(0xa, 0xa, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:41:10 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x40000800, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 292.899114][T29454] new mount options do not match the existing superblock, will be ignored [ 292.932447][T29476] loop3: detected capacity change from 0 to 1 [ 292.937102][T29477] loop0: detected capacity change from 0 to 1 [ 292.952795][T29484] new mount options do not match the existing superblock, will be ignored [ 292.962686][T29476] loop3: p1[DM] p2 p3 p4 [ 292.967110][T29476] loop3: p1 start 487 is beyond EOD, truncated [ 292.973296][T29476] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 292.978616][T29484] loop4: detected capacity change from 0 to 264192 [ 292.980821][T29476] loop3: p3 start 225 is beyond EOD, truncated [ 292.987230][T29492] loop5: detected capacity change from 0 to 1 [ 292.993103][T29476] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 293.012793][T29477] loop0: detected capacity change from 0 to 1 [ 293.032987][T29484] new mount options do not match the existing superblock, will be ignored [ 293.042410][T29492] loop5: p1 p2 p4 [ 293.046760][T29492] loop5: p1 start 487 is beyond EOD, truncated [ 293.052930][T29492] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 293.055255][T29476] loop3: detected capacity change from 0 to 1 [ 293.061941][T29492] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 293.113003][T29492] loop5: detected capacity change from 0 to 1 [ 293.122070][T29476] loop3: p1[DM] p2 p3 p4 [ 293.126534][T29476] loop3: p1 start 487 is beyond EOD, truncated [ 293.132066][T29492] loop5: p1 p2 p4 [ 293.132768][T29476] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 293.136488][T29492] loop5: p1 start 487 is beyond EOD, truncated [ 293.136499][T29492] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 293.137071][T29492] loop5: p4 size 3657465856 extends beyond EOD, [ 293.145627][T29476] loop3: p3 start 225 is beyond EOD, [ 293.149794][T29492] truncated [ 293.161056][ T1763] loop5: p1 p2 p4 [ 293.163288][T29476] truncated [ 293.163293][T29476] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 293.185858][ T1763] loop5: p1 start 487 is beyond EOD, truncated [ 293.192097][ T1763] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 293.200123][ T1763] loop5: p4 size 3657465856 extends beyond EOD, truncated 08:41:10 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0xeaffffff) 08:41:10 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x48000000, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) 08:41:10 executing program 0: syz_read_part_table(0x0, 0xe, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 293.364439][T29548] loop0: detected capacity change from 0 to 1 [ 293.375839][T29552] new mount options do not match the existing superblock, will be ignored [ 293.385346][T29552] loop4: detected capacity change from 0 to 264192 08:41:10 executing program 1: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x2005) 08:41:10 executing program 5: syz_read_part_table(0xb, 0xa, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:41:10 executing program 3: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="020155000000e70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:41:10 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x4c000000, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) 08:41:10 executing program 0: syz_read_part_table(0x0, 0x10, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 293.426792][T29548] loop0: detected capacity change from 0 to 1 [ 293.437736][T29552] new mount options do not match the existing superblock, will be ignored [ 293.497399][T29566] new mount options do not match the existing superblock, will be ignored [ 293.504371][T29567] loop5: detected capacity change from 0 to 1 [ 293.506656][T29566] loop4: detected capacity change from 0 to 264192 [ 293.514311][T29572] loop3: detected capacity change from 0 to 1 [ 293.532656][T29580] loop0: detected capacity change from 0 to 1 [ 293.562386][T29572] loop3: p1[EZD] p2 p3 p4 [ 293.566560][T29567] loop5: p1 p2 p4 [ 293.569009][T29572] loop3: p1 start 487 is beyond EOD, truncated [ 293.570935][T29566] new mount options do not match the existing superblock, will be ignored [ 293.576694][T29572] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 293.588873][T29567] loop5: p1 start 487 is beyond EOD, truncated [ 293.598494][T29567] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 293.599504][T29572] loop3: p3 start 225 is beyond EOD, truncated 08:41:10 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x68000000, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 293.611757][T29572] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 293.620125][T29567] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 293.637573][T29597] new mount options do not match the existing superblock, will be ignored [ 293.647878][T29580] loop0: detected capacity change from 0 to 1 [ 293.648641][T29597] loop4: detected capacity change from 0 to 264192 [ 293.664276][T29572] loop3: detected capacity change from 0 to 1 [ 293.685098][T29567] loop5: detected capacity change from 0 to 1 08:41:10 executing program 0: syz_read_part_table(0x0, 0x11, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 293.722192][T29572] loop3: p1[EZD] p2 p3 p4 [ 293.723123][T29567] loop5: p1 p2 p4 [ 293.732142][T29567] loop5: p1 start 487 is beyond EOD, truncated [ 293.732607][T29572] loop3: p1 start 487 is beyond EOD, truncated [ 293.738310][T29567] loop5: p2 size 1073872896 extends beyond EOD, [ 293.744499][T29572] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 293.751095][T29572] loop3: p3 start 225 is beyond EOD, [ 293.758052][T29567] truncated 08:41:10 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x6c000000, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 293.763299][T29597] new mount options do not match the existing superblock, will be ignored [ 293.763473][T29572] truncated [ 293.769861][T29567] loop5: p4 size 3657465856 extends beyond EOD, [ 293.775323][T29572] loop3: p4 size 3657465856 extends beyond EOD, [ 293.778430][T29567] truncated [ 293.785335][ T1135] loop5: p1 p2 p4 [ 293.791170][T29572] truncated [ 293.801358][ T1135] loop5: p1 start 487 is beyond EOD, truncated [ 293.807819][ T1135] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 293.815777][ T1135] loop5: p4 size 3657465856 extends beyond EOD, truncated 08:41:10 executing program 3: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="020163000000e70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 293.835970][T29630] new mount options do not match the existing superblock, will be ignored [ 293.839179][T29632] loop0: detected capacity change from 0 to 1 [ 293.845247][T29630] loop4: detected capacity change from 0 to 264192 [ 293.882299][T29641] loop3: detected capacity change from 0 to 1 [ 293.897275][T29630] new mount options do not match the existing superblock, will be ignored [ 293.921963][T29641] loop3: p1 p2 p3 p4 [ 293.926042][T29641] loop3: p1 start 487 is beyond EOD, truncated [ 293.932278][T29641] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 293.942211][T29641] loop3: p3 start 225 is beyond EOD, truncated [ 293.944734][T29632] loop0: detected capacity change from 0 to 1 [ 293.948562][T29641] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 293.963053][ T1135] loop3: p1 p2 p3 p4 [ 293.967252][ T1135] loop3: p1 start 487 is beyond EOD, truncated [ 293.973445][ T1135] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 293.980877][ T1135] loop3: p3 start 225 is beyond EOD, truncated [ 293.987077][ T1135] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 294.041109][T29641] loop3: detected capacity change from 0 to 1 08:41:11 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0xfcffffff) 08:41:11 executing program 5: syz_read_part_table(0xc, 0xa, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:41:11 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x74000000, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 294.257438][T29683] new mount options do not match the existing superblock, will be ignored [ 294.269165][T29684] loop5: detected capacity change from 0 to 1 [ 294.288647][T29683] loop4: detected capacity change from 0 to 264192 [ 294.312119][T29684] loop5: p1 p2 p4 [ 294.317999][T29684] loop5: p1 start 487 is beyond EOD, truncated [ 294.325145][T29684] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 294.334378][T29684] loop5: p4 size 3657465856 extends beyond EOD, truncated 08:41:11 executing program 1: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x2500) 08:41:11 executing program 0: syz_read_part_table(0x0, 0x12, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:41:11 executing program 3: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="020181ffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 294.354772][T29683] new mount options do not match the existing superblock, will be ignored 08:41:11 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x7a000000, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 294.420921][T29701] loop3: detected capacity change from 0 to 1 [ 294.431419][T29699] loop0: detected capacity change from 0 to 1 [ 294.435364][T29708] new mount options do not match the existing superblock, will be ignored [ 294.450053][T29708] loop4: detected capacity change from 0 to 264192 [ 294.456910][T29701] loop3: p1 p2 p3 p4 [ 294.464037][T29701] loop3: p1 start 487 is beyond EOD, truncated [ 294.470351][T29701] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 294.472025][T29684] loop5: detected capacity change from 0 to 1 [ 294.478652][T29701] loop3: p3 start 225 is beyond EOD, truncated [ 294.489732][T29701] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 294.497125][T29699] loop0: detected capacity change from 0 to 1 [ 294.499539][T29708] new mount options do not match the existing superblock, will be ignored [ 294.505937][T29684] loop5: p1 p2 p4 08:41:11 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x89277dcf, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 294.515683][T29684] loop5: p1 start 487 is beyond EOD, truncated [ 294.522007][T29684] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 294.531152][T29684] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 294.542375][T29732] new mount options do not match the existing superblock, will be ignored [ 294.551742][T29732] loop4: detected capacity change from 0 to 264192 08:41:11 executing program 5: syz_read_part_table(0xd, 0xa, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:41:11 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x8cffffff, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 294.570780][T29732] new mount options do not match the existing superblock, will be ignored [ 294.575324][T29701] loop3: detected capacity change from 0 to 1 [ 294.592897][ T1135] loop5: p1 p2 p4 [ 294.596667][ T1135] loop5: p1 start 487 is beyond EOD, truncated [ 294.602854][ T1135] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 294.610429][ T1135] loop5: p4 size 3657465856 extends beyond EOD, truncated 08:41:11 executing program 0: syz_read_part_table(0x0, 0x5f, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 294.622142][T29701] loop3: p1 p2 p3 p4 [ 294.626300][T29701] loop3: p1 start 487 is beyond EOD, truncated [ 294.632689][T29701] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 294.641248][T29701] loop3: p3 start 225 is beyond EOD, truncated [ 294.647437][T29701] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 294.649158][T29753] new mount options do not match the existing superblock, will be ignored 08:41:11 executing program 3: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="020182ffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 294.674498][T29753] loop4: detected capacity change from 0 to 264192 [ 294.676250][T29759] loop0: detected capacity change from 0 to 1 [ 294.694880][T29766] loop5: detected capacity change from 0 to 1 [ 294.704205][T29753] new mount options do not match the existing superblock, will be ignored [ 294.713557][T29766] loop5: p1 p2 p4 [ 294.717436][T29766] loop5: p1 start 487 is beyond EOD, truncated [ 294.723612][T29766] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 294.731151][T29766] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 294.761540][T29759] loop0: detected capacity change from 0 to 1 [ 294.761949][T29783] loop3: detected capacity change from 0 to 1 [ 294.778838][T29766] loop5: detected capacity change from 0 to 1 [ 294.802045][T29783] loop3: p1 p2 p3 p4 [ 294.806197][T29783] loop3: p1 start 487 is beyond EOD, truncated [ 294.812355][T29783] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 294.819767][T29783] loop3: p3 start 225 is beyond EOD, truncated [ 294.825978][T29783] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 294.832065][T29766] loop5: p1 p2 p4 [ 294.836940][T29766] loop5: p1 start 487 is beyond EOD, truncated [ 294.843135][T29766] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 294.850841][T29766] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 294.867350][T29783] loop3: detected capacity change from 0 to 1 [ 294.901983][T29783] loop3: p1 p2 p3 p4 [ 294.906108][T29783] loop3: p1 start 487 is beyond EOD, truncated [ 294.912345][T29783] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 294.920520][T29783] loop3: p3 start 225 is beyond EOD, truncated [ 294.926780][T29783] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 294.933858][ T1135] loop5: p1 p2 p4 [ 294.937751][ T1135] loop5: p1 start 487 is beyond EOD, truncated [ 294.943937][ T1135] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 294.951468][ T1135] loop5: p4 size 3657465856 extends beyond EOD, truncated 08:41:12 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0xfeffffff) 08:41:12 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0xcf7d2789, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) 08:41:12 executing program 0: syz_read_part_table(0x0, 0x64, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 295.111162][T29832] new mount options do not match the existing superblock, will be ignored [ 295.120485][T29833] loop0: detected capacity change from 0 to 1 [ 295.156914][T29832] loop4: detected capacity change from 0 to 264192 [ 295.182819][T29832] new mount options do not match the existing superblock, will be ignored 08:41:12 executing program 1: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x3000) 08:41:12 executing program 5: syz_read_part_table(0xe, 0xa, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:41:12 executing program 3: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="020185ffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:41:12 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0xf6ffffff, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 295.205008][T29833] loop0: detected capacity change from 0 to 1 08:41:12 executing program 0: syz_read_part_table(0x0, 0x7b5, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 295.262654][T29853] new mount options do not match the existing superblock, will be ignored [ 295.263720][T29855] loop3: detected capacity change from 0 to 1 [ 295.272869][T29856] loop5: detected capacity change from 0 to 1 [ 295.282614][T29853] loop4: detected capacity change from 0 to 264192 [ 295.292407][T29855] loop3: p1 < > p2 p3 p4 [ 295.296737][T29855] loop3: partition table partially beyond EOD, truncated [ 295.304255][T29855] loop3: p1 start 487 is beyond EOD, truncated [ 295.310438][T29855] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 295.315360][T29853] new mount options do not match the existing superblock, will be ignored [ 295.318040][T29855] loop3: p3 start 225 is beyond EOD, truncated [ 295.332374][T29855] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 295.342464][T29856] loop5: p1 p2 p4 [ 295.352236][T29856] loop5: p1 start 487 is beyond EOD, truncated 08:41:12 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0xfdfdffff, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 295.358705][T29856] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 295.368207][T29856] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 295.376226][T29874] loop0: detected capacity change from 0 to 1 [ 295.395746][T29881] new mount options do not match the existing superblock, will be ignored [ 295.405180][T29855] loop3: detected capacity change from 0 to 1 [ 295.409671][T29881] loop4: detected capacity change from 0 to 264192 [ 295.436722][T29856] loop5: detected capacity change from 0 to 1 [ 295.443304][T29855] loop3: p1 < > p2 p3 p4 [ 295.447692][T29855] loop3: partition table partially beyond EOD, truncated [ 295.454842][T29855] loop3: p1 start 487 is beyond EOD, truncated [ 295.456974][T29874] loop0: detected capacity change from 0 to 1 [ 295.461009][T29855] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 295.471047][T29881] new mount options do not match the existing superblock, will be ignored [ 295.483283][ T1135] loop5: p1 p2 p4 08:41:12 executing program 3: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201a5ffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:41:12 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0xfeffffff, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 295.487169][ T1135] loop5: p1 start 487 is beyond EOD, truncated [ 295.487835][T29855] loop3: p3 start 225 is beyond EOD, truncated [ 295.493404][ T1135] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 295.499520][T29855] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 295.514681][ T1135] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 295.523793][T29856] loop5: p1 p2 p4 [ 295.527605][T29856] loop5: p1 start 487 is beyond EOD, truncated 08:41:12 executing program 0: syz_read_part_table(0x0, 0x7b8, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 295.533777][T29856] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 295.541663][T29856] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 295.556238][T29918] new mount options do not match the existing superblock, will be ignored [ 295.568339][T29911] loop3: detected capacity change from 0 to 1 [ 295.574097][T29918] loop4: detected capacity change from 0 to 264192 [ 295.618160][T29926] loop0: detected capacity change from 0 to 1 [ 295.622470][T29918] new mount options do not match the existing superblock, will be ignored [ 295.633208][T29911] loop3: p1 p2 p3 p4 [ 295.637372][T29911] loop3: p1 start 487 is beyond EOD, truncated [ 295.643640][T29911] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 295.652739][T29911] loop3: p3 start 225 is beyond EOD, truncated [ 295.659075][T29911] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 295.698234][T29911] loop3: detected capacity change from 0 to 1 [ 295.720873][T29926] loop0: detected capacity change from 0 to 1 [ 295.727495][ T1135] loop3: p1 p2 p3 p4 [ 295.731583][ T1135] loop3: p1 start 487 is beyond EOD, truncated [ 295.737743][ T1135] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 295.745832][ T1135] loop3: p3 start 225 is beyond EOD, truncated [ 295.752114][ T1135] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 295.761073][T29911] loop3: p1 p2 p3 p4 [ 295.765236][T29911] loop3: p1 start 487 is beyond EOD, truncated [ 295.771388][T29911] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 295.779050][T29911] loop3: p3 start 225 is beyond EOD, truncated [ 295.785253][T29911] loop3: p4 size 3657465856 extends beyond EOD, truncated 08:41:13 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0xffffffea) 08:41:13 executing program 5: syz_read_part_table(0xf, 0xa, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:41:13 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0xfffffdfd, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 296.004160][T29969] new mount options do not match the existing superblock, will be ignored [ 296.018056][T29972] loop5: detected capacity change from 0 to 1 [ 296.032280][T29969] loop4: detected capacity change from 0 to 264192 08:41:13 executing program 1: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x3f00) 08:41:13 executing program 0: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0301bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:41:13 executing program 3: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201a6ffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:41:13 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0xffffff8c, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 296.052972][T29969] new mount options do not match the existing superblock, will be ignored [ 296.067463][T29972] loop5: p1 p2 p4 [ 296.073195][T29972] loop5: p1 start 487 is beyond EOD, truncated [ 296.079364][T29972] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 296.088105][T29972] loop5: p4 size 3657465856 extends beyond EOD, truncated 08:41:13 executing program 5: syz_read_part_table(0x10, 0xa, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 296.130936][T29990] loop0: detected capacity change from 0 to 1 [ 296.132794][T29991] loop3: detected capacity change from 0 to 1 [ 296.143097][T29995] new mount options do not match the existing superblock, will be ignored [ 296.157552][T29995] loop4: detected capacity change from 0 to 264192 [ 296.163482][T29991] loop3: p1 p2 p3 p4 [ 296.168261][T29991] loop3: p1 start 487 is beyond EOD, truncated [ 296.169197][T29990] loop0: p1 p2 p3 p4 [ 296.174482][T29991] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 296.186136][T29990] loop0: p1 start 487 is beyond EOD, truncated [ 296.186961][T29991] loop3: p3 start 225 is beyond EOD, truncated [ 296.192384][T29990] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 296.198502][T29991] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 296.215702][T29995] new mount options do not match the existing superblock, will be ignored [ 296.219649][T29990] loop0: p3 start 225 is beyond EOD, truncated 08:41:13 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0xfffffff6, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 296.225190][T30007] loop5: detected capacity change from 0 to 1 [ 296.230369][T29990] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 296.267972][T30021] new mount options do not match the existing superblock, will be ignored [ 296.269009][T29991] loop3: detected capacity change from 0 to 1 [ 296.286657][T30007] loop5: p1 p2 p4 [ 296.290409][T30007] loop5: p1 start 487 is beyond EOD, truncated [ 296.290855][T29990] loop0: detected capacity change from 0 to 1 [ 296.296602][T30007] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 296.299257][T30007] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 296.312689][T29991] loop3: p1 p2 p3 p4 08:41:13 executing program 0: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0401bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:41:13 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0xfffffffe, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) 08:41:13 executing program 3: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201a9ffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 296.325983][T29991] loop3: p1 start 487 is beyond EOD, truncated [ 296.327089][T30021] loop4: detected capacity change from 0 to 264192 [ 296.332356][T29991] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 296.347552][T29991] loop3: p3 start 225 is beyond EOD, truncated [ 296.353750][T29991] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 296.362853][T30021] new mount options do not match the existing superblock, will be ignored [ 296.371600][T30007] loop5: detected capacity change from 0 to 1 [ 296.402687][T30049] new mount options do not match the existing superblock, will be ignored [ 296.411730][T30049] loop4: detected capacity change from 0 to 264192 [ 296.418739][T30007] loop5: p1 p2 p4 [ 296.422562][T30007] loop5: p1 start 487 is beyond EOD, truncated [ 296.428703][T30007] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 296.437437][T30049] new mount options do not match the existing superblock, will be ignored [ 296.446613][T30007] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 296.453845][T30048] loop0: detected capacity change from 0 to 1 [ 296.474918][T30067] loop3: detected capacity change from 0 to 1 [ 296.494615][T30048] loop0: p1 p2 p3 p4 [ 296.498718][T30048] loop0: p1 start 487 is beyond EOD, truncated [ 296.504902][T30048] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 296.512222][T30067] loop3: p1 p2 p3 p4 [ 296.516214][T30067] loop3: p1 start 487 is beyond EOD, truncated [ 296.522399][T30067] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 296.531065][T30048] loop0: p3 start 225 is beyond EOD, truncated [ 296.531274][T30067] loop3: p3 start 225 is beyond EOD, [ 296.537252][T30048] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 296.545569][ T1135] loop5: p1 p2 p4 [ 296.549960][T30067] truncated [ 296.549965][T30067] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 296.564652][ T1135] loop5: p1 start 487 is beyond EOD, truncated [ 296.570815][ T1135] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 296.578690][ T1135] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 296.625173][T30067] loop3: detected capacity change from 0 to 1 [ 296.625180][T30048] loop0: detected capacity change from 0 to 1 [ 296.642889][T30048] loop0: p1 p2 p3 p4 [ 296.646960][T30048] loop0: p1 start 487 is beyond EOD, truncated [ 296.653220][T30048] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 296.660642][T30048] loop0: p3 start 225 is beyond EOD, truncated [ 296.666836][T30048] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 296.674265][T30067] loop3: p1 p2 p3 p4 [ 296.678481][T30067] loop3: p1 start 487 is beyond EOD, truncated [ 296.684674][T30067] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 296.692547][T30067] loop3: p3 start 225 is beyond EOD, truncated [ 296.698700][T30067] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 296.732911][ T1135] loop0: p1 p2 p3 p4 [ 296.737156][ T1135] loop0: p1 start 487 is beyond EOD, truncated [ 296.743387][ T1135] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 296.765387][ T1135] loop0: p3 start 225 is beyond EOD, truncated [ 296.771599][ T1135] loop0: p4 size 3657465856 extends beyond EOD, truncated 08:41:14 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0xfffffffc) 08:41:14 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x80000000000, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) 08:41:14 executing program 5: syz_read_part_table(0x11, 0xa, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 296.880235][T30119] new mount options do not match the existing superblock, will be ignored [ 296.897173][T30119] loop4: detected capacity change from 0 to 264192 [ 296.903908][T30121] loop5: detected capacity change from 0 to 1 [ 296.905403][T30119] new mount options do not match the existing superblock, will be ignored 08:41:14 executing program 1: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x4800) 08:41:14 executing program 3: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201c0ffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:41:14 executing program 0: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0501bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:41:14 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x100000000000000, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 296.952537][T30121] loop5: p1 p2 p4 [ 296.957596][T30121] loop5: p1 start 487 is beyond EOD, truncated [ 296.963849][T30121] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 296.977083][T30121] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 297.032932][T30121] loop5: detected capacity change from 0 to 1 [ 297.044343][T30143] loop3: detected capacity change from 0 to 1 [ 297.045708][T30148] new mount options do not match the existing superblock, will be ignored [ 297.050766][T30144] loop0: detected capacity change from 0 to 1 [ 297.067277][T30148] loop4: detected capacity change from 0 to 264192 [ 297.076291][T30121] loop5: p1 p2 p4 [ 297.083687][T30121] loop5: p1 start 487 is beyond EOD, truncated [ 297.089867][T30121] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 297.092466][T30144] loop0: p1 p2 p3 p4 [ 297.103319][T30143] loop3: p1 p2 p3 p4 [ 297.103404][T30144] loop0: p1 start 487 is beyond EOD, truncated [ 297.107427][T30143] loop3: p1 start 487 is beyond EOD, [ 297.113518][T30144] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 297.113853][T30144] loop0: p3 start 225 is beyond EOD, [ 297.118873][T30143] truncated [ 297.118878][T30143] loop3: p2 size 1073872896 extends beyond EOD, [ 297.125978][T30144] truncated [ 297.125982][T30144] loop0: p4 size 3657465856 extends beyond EOD, [ 297.131321][T30143] truncated [ 297.134264][T30121] loop5: p4 size 3657465856 extends beyond EOD, [ 297.134436][T30144] truncated [ 297.140765][T30121] truncated [ 297.147240][T30143] loop3: p3 start 225 is beyond EOD, [ 297.162127][T30148] new mount options do not match the existing superblock, will be ignored [ 297.162672][T30143] truncated 08:41:14 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x200000000000000, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) 08:41:14 executing program 5: syz_read_part_table(0x12, 0xa, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 297.182832][T30143] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 297.205903][T30168] new mount options do not match the existing superblock, will be ignored [ 297.218525][T30168] loop4: detected capacity change from 0 to 264192 [ 297.230380][T30143] loop3: detected capacity change from 0 to 1 [ 297.230406][T30144] loop0: detected capacity change from 0 to 1 [ 297.262601][T30168] new mount options do not match the existing superblock, will be ignored [ 297.269882][ T1135] loop5: p1 p2 p4 [ 297.275124][T30143] loop3: p1 p2 p3 p4 [ 297.275210][T30144] loop0: p1 p2 p3 p4 08:41:14 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x204000000000000, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 297.279200][T30143] loop3: p1 start 487 is beyond EOD, truncated [ 297.286566][T30144] loop0: p1 start 487 is beyond EOD, [ 297.289312][T30143] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 297.289750][ T1135] loop5: p1 start 487 is beyond EOD, [ 297.294712][T30144] truncated [ 297.301799][ T1135] truncated [ 297.301804][ T1135] loop5: p2 size 1073872896 extends beyond EOD, [ 297.307159][T30144] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 297.310246][ T1135] truncated [ 297.310575][ T1135] loop5: p4 size 3657465856 extends beyond EOD, [ 297.321106][T30143] loop3: p3 start 225 is beyond EOD, [ 297.326989][ T1135] truncated [ 297.336891][T30144] loop0: p3 start 225 is beyond EOD, [ 297.341813][T30143] truncated [ 297.341818][T30143] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 297.360474][T30144] truncated [ 297.363609][T30144] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 297.367022][T30193] new mount options do not match the existing superblock, will be ignored 08:41:14 executing program 0: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0601bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:41:14 executing program 3: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201eeffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 297.380807][T30193] loop4: detected capacity change from 0 to 264192 [ 297.397295][T30195] loop5: detected capacity change from 0 to 1 [ 297.426131][T30193] new mount options do not match the existing superblock, will be ignored [ 297.452159][T30195] loop5: p1 p2 p4 [ 297.456101][T30195] loop5: p1 start 487 is beyond EOD, truncated [ 297.462004][T30218] loop0: detected capacity change from 0 to 1 [ 297.462272][T30195] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 297.476740][T30195] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 297.486583][T30226] loop3: detected capacity change from 0 to 1 [ 297.490281][ T1135] loop5: p1 p2 p4 [ 297.493663][T30218] loop0: p1 p2 p3 p4 [ 297.496528][ T1135] loop5: p1 start 487 is beyond EOD, truncated [ 297.500639][T30218] loop0: p1 start 487 is beyond EOD, [ 297.506624][ T1135] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 297.507166][ T1135] loop5: p4 size 3657465856 extends beyond EOD, [ 297.512025][T30218] truncated [ 297.512030][T30218] loop0: p2 size 1073872896 extends beyond EOD, [ 297.519110][ T1135] truncated [ 297.538048][T30218] truncated [ 297.541386][T30218] loop0: p3 start 225 is beyond EOD, truncated [ 297.547576][T30218] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 297.558646][T30195] loop5: detected capacity change from 0 to 1 [ 297.562499][ T1135] loop0: p1 p2 p3 p4 [ 297.568769][ T1135] loop0: p1 start 487 is beyond EOD, truncated [ 297.574987][ T1135] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 297.582797][ T1135] loop0: p3 start 225 is beyond EOD, truncated [ 297.588989][ T1135] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 297.596638][T30195] loop5: p1 p2 p4 [ 297.600594][T30195] loop5: p1 start 487 is beyond EOD, truncated [ 297.606862][T30195] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 297.615938][T30226] loop3: detected capacity change from 0 to 1 [ 297.620060][T30195] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 297.629995][T30218] loop0: detected capacity change from 0 to 1 08:41:14 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0xfffffffe) 08:41:14 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x300000000000000, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) 08:41:14 executing program 3: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201fdffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 297.673361][T30218] loop0: p1 p2 p3 p4 [ 297.681995][T30218] loop0: p1 start 487 is beyond EOD, truncated [ 297.688165][T30218] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 297.697781][T30218] loop0: p3 start 225 is beyond EOD, truncated [ 297.703975][T30218] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 297.765818][T30272] loop3: detected capacity change from 0 to 1 [ 297.771065][T30274] new mount options do not match the existing superblock, will be ignored [ 297.781190][T30274] loop4: detected capacity change from 0 to 264192 [ 297.792065][T30272] loop3: p1 p2 p3 p4 [ 297.796198][T30272] loop3: p1 start 487 is beyond EOD, truncated [ 297.802480][T30272] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 297.810176][T30272] loop3: p3 start 225 is beyond EOD, truncated [ 297.816367][T30272] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 297.828562][ T1135] loop3: p1 p2 p3 p4 [ 297.832819][ T1135] loop3: p1 start 487 is beyond EOD, truncated [ 297.838986][ T1135] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 297.842416][T30274] new mount options do not match the existing superblock, will be ignored [ 297.847186][ T1135] loop3: p3 start 225 is beyond EOD, truncated [ 297.860792][ T1135] loop3: p4 size 3657465856 extends beyond EOD, truncated 08:41:15 executing program 1: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x4c00) 08:41:15 executing program 5: syz_read_part_table(0x13, 0xa, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:41:15 executing program 0: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0701bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:41:15 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x400000000000000, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 297.917075][T30272] loop3: detected capacity change from 0 to 1 [ 297.947396][T30307] loop0: detected capacity change from 0 to 1 [ 297.948210][T30309] new mount options do not match the existing superblock, will be ignored [ 297.956185][T30311] loop5: detected capacity change from 0 to 1 [ 297.964463][T30309] loop4: detected capacity change from 0 to 264192 [ 297.972538][ T1135] loop3: p1 p2 p3 p4 [ 297.978837][ T1135] loop3: p1 start 487 is beyond EOD, truncated [ 297.985114][ T1135] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 297.992703][ T1135] loop3: p3 start 225 is beyond EOD, truncated [ 297.998888][ T1135] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 298.007753][T30272] loop3: p1 p2 p3 p4 [ 298.012397][T30272] loop3: p1 start 487 is beyond EOD, truncated [ 298.012484][T30311] loop5: p1 p2 p4 [ 298.018584][T30272] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 298.022992][T30307] loop0: p1 p2 p3 p4 [ 298.030079][T30272] loop3: p3 start 225 is beyond EOD, truncated [ 298.034608][T30311] loop5: p1 start 487 is beyond EOD, [ 298.039583][T30272] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 298.048540][T30307] loop0: p1 start 487 is beyond EOD, [ 298.052104][T30311] truncated [ 298.052109][T30311] loop5: p2 size 1073872896 extends beyond EOD, truncated 08:41:15 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x500000000000000, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 298.054453][T30309] new mount options do not match the existing superblock, will be ignored [ 298.057482][T30307] truncated [ 298.057487][T30307] loop0: p2 size 1073872896 extends beyond EOD, [ 298.061026][T30311] loop5: p4 size 3657465856 extends beyond EOD, [ 298.067739][T30307] truncated [ 298.077728][T30307] loop0: p3 start 225 is beyond EOD, [ 298.079594][T30311] truncated [ 298.104347][T30307] truncated [ 298.107436][T30307] loop0: p4 size 3657465856 extends beyond EOD, truncated 08:41:15 executing program 3: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bf0200ffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 298.129755][T30335] new mount options do not match the existing superblock, will be ignored [ 298.147024][T30335] loop4: detected capacity change from 0 to 264192 [ 298.159110][T30307] loop0: detected capacity change from 0 to 1 [ 298.161543][T30311] loop5: detected capacity change from 0 to 1 08:41:15 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x600000000000000, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 298.191217][T30354] loop3: detected capacity change from 0 to 1 [ 298.192770][T30335] new mount options do not match the existing superblock, will be ignored [ 298.205843][ C1] ================================================================== [ 298.205862][ C1] BUG: KCSAN: data-race in __do_munmap / acct_account_cputime [ 298.205883][ C1] [ 298.205887][ C1] write to 0xffff8881079318c0 of 8 bytes by task 30357 on cpu 0: [ 298.205898][ C1] __do_munmap+0xf94/0x1330 [ 298.205913][ C1] mmap_region+0x58a/0x13e0 [ 298.205925][ C1] do_mmap+0x77d/0xc90 [ 298.205935][ C1] vm_mmap_pgoff+0xf9/0x1d0 [ 298.205949][ C1] ksys_mmap_pgoff+0x2a8/0x380 [ 298.205963][ C1] do_syscall_64+0x4a/0x90 [ 298.205978][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 298.205993][ C1] [ 298.205995][ C1] read to 0xffff8881079318c0 of 8 bytes by interrupt on cpu 1: [ 298.206005][ C1] acct_account_cputime+0x15a/0x1a0 [ 298.206022][ C1] update_process_times+0x5c/0x150 [ 298.206039][ C1] tick_sched_timer+0x191/0x210 [ 298.206053][ C1] __run_hrtimer+0x160/0x480 [ 298.206065][ C1] hrtimer_interrupt+0x380/0xaf0 [ 298.206076][ C1] __sysvec_apic_timer_interrupt+0x6f/0x1c0 [ 298.206092][ C1] sysvec_apic_timer_interrupt+0x64/0x80 [ 298.206109][ C1] asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 298.206124][ C1] console_unlock+0x8e8/0xb30 [ 298.206139][ C1] vprintk_emit+0x125/0x3d0 [ 298.206154][ C1] vprintk_default+0x22/0x30 [ 298.206169][ C1] vprintk+0x15a/0x170 [ 298.206178][ C1] printk+0x62/0x87 08:41:15 executing program 5: syz_read_part_table(0x24, 0xa, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 298.206196][ C1] cgroup1_get_tree+0x771/0x880 [ 298.206216][ C1] vfs_get_tree+0x4a/0x1a0 [ 298.206233][ C1] path_mount+0x11d4/0x1ce0 [ 298.206247][ C1] __se_sys_mount+0x23d/0x2e0 [ 298.206258][ C1] __x64_sys_mount+0x63/0x70 [ 298.206271][ C1] do_syscall_64+0x4a/0x90 [ 298.206290][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 298.206308][ C1] [ 298.206311][ C1] value changed: 0x0000000000005353 -> 0x0000000000004b53 [ 298.206321][ C1] [ 298.206323][ C1] Reported by Kernel Concurrency Sanitizer on: [ 298.206337][ C1] CPU: 1 PID: 30335 Comm: syz-executor.4 Not tainted 5.13.0-rc5-syzkaller #0 [ 298.206356][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 298.206365][ C1] ================================================================== [ 298.221311][T30311] loop5: p1 p2 p4 [ 298.231774][ T1135] loop0: p1 p2 p3 p4 [ 298.234449][T30311] loop5: p1 start 487 is beyond EOD, [ 298.237220][ T1135] loop0: p1 start 487 is beyond EOD, [ 298.241201][T30311] truncated [ 298.241205][T30311] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 298.252721][T30311] loop5: p4 size 3657465856 extends beyond EOD, [ 298.254540][ T1135] truncated [ 298.254544][ T1135] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 298.258468][ T1135] loop0: p3 start 225 is beyond EOD, [ 298.258947][T30311] truncated [ 298.264841][ T1135] truncated [ 298.264845][ T1135] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 298.270074][T30364] new mount options do not match the existing superblock, will be ignored [ 298.281494][T30354] loop3: p1 p2 p3 p4 [ 298.291368][T30307] loop0: p1 p2 p3 p4 [ 298.294818][T30354] loop3: p1 start 487 is beyond EOD, [ 298.300069][T30307] loop0: p1 start 487 is beyond EOD, [ 298.305429][T30354] truncated [ 298.305435][T30354] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 298.305985][T30354] loop3: p3 start 225 is beyond EOD, [ 298.311073][T30307] truncated [ 298.311078][T30307] loop0: p2 size 1073872896 extends beyond EOD, [ 298.317041][T30354] truncated [ 298.317046][T30354] loop3: p4 size 3657465856 extends beyond EOD, 08:41:15 executing program 0: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0801bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 298.321688][T30307] truncated [ 298.330276][T30364] loop4: detected capacity change from 0 to 264192 [ 298.330753][T30354] truncated [ 298.340992][T30307] loop0: p3 start 225 is beyond EOD, truncated [ 298.561145][T30307] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 298.585077][T30354] loop3: detected capacity change from 0 to 1 08:41:15 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x1000000000000) [ 298.603394][T30364] new mount options do not match the existing superblock, will be ignored [ 298.613310][T30354] loop3: p1 p2 p3 p4 [ 298.617430][T30354] loop3: p1 start 487 is beyond EOD, truncated [ 298.623641][T30354] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 298.631365][T30389] loop5: detected capacity change from 0 to 1 [ 298.642831][T30354] loop3: p3 start 225 is beyond EOD, truncated 08:41:15 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x604000000000000, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 298.649051][T30354] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 298.652763][T30398] loop0: detected capacity change from 0 to 1 [ 298.657116][ T1135] loop5: p1 p2 p4 [ 298.666300][ T1135] loop5: p1 start 487 is beyond EOD, truncated [ 298.672480][ T1135] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 298.680559][ T1135] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 298.682414][T30407] new mount options do not match the existing superblock, will be ignored [ 298.697141][T30389] loop5: p1 p2 p4 08:41:15 executing program 3: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bf0300ffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 298.698129][T30407] loop4: detected capacity change from 0 to 264192 [ 298.701068][T30389] loop5: p1 start 487 is beyond EOD, truncated [ 298.712026][T30398] loop0: p1 p2 p3 p4 [ 298.714014][T30389] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 298.717992][T30398] loop0: p1 start 487 is beyond EOD, truncated [ 298.731192][T30398] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 298.731340][T30413] netlink: 1312 bytes leftover after parsing attributes in process `syz-executor.2'. [ 298.742450][T30398] loop0: p3 start 225 is beyond EOD, truncated 08:41:15 executing program 1: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x6000) [ 298.748300][T30389] loop5: p4 size 3657465856 extends beyond EOD, [ 298.754000][T30398] loop0: p4 size 3657465856 extends beyond EOD, [ 298.754007][T30389] truncated [ 298.754012][T30398] truncated [ 298.763290][T30407] new mount options do not match the existing superblock, will be ignored [ 298.787254][T30398] loop0: detected capacity change from 0 to 1 08:41:15 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x700000000000000, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 298.801804][T30431] loop3: detected capacity change from 0 to 1 [ 298.829868][T30440] new mount options do not match the existing superblock, will be ignored [ 298.839180][T30398] loop0: p1 p2 p3 p4 [ 298.842108][T30431] loop3: p1 p2 p3 p4 [ 298.844209][T30398] loop0: p1 start 487 is beyond EOD, truncated [ 298.847655][T30431] loop3: p1 start 487 is beyond EOD, truncated [ 298.853334][T30398] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 298.859558][T30431] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 298.871788][T30398] loop0: p3 start 225 is beyond EOD, truncated 08:41:16 executing program 0: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0901bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 298.878303][T30440] loop4: detected capacity change from 0 to 264192 [ 298.880189][T30398] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 298.880284][T30389] loop5: detected capacity change from 0 to 1 [ 298.888243][T30431] loop3: p3 start 225 is beyond EOD, truncated [ 298.906221][T30431] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 298.914833][ T1135] loop0: p1 p2 p3 p4 [ 298.918900][ T1135] loop0: p1 start 487 is beyond EOD, truncated [ 298.925073][ T1135] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 298.932747][T30389] loop5: p1 p2 p4 [ 298.936614][T30440] new mount options do not match the existing superblock, will be ignored [ 298.945972][T30389] loop5: p1 start 487 is beyond EOD, truncated [ 298.951495][ T1135] loop0: p3 start 225 is beyond EOD, truncated [ 298.952586][T30389] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 298.958825][ T1135] loop0: p4 size 3657465856 extends beyond EOD, truncated 08:41:16 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x800000000000000, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) 08:41:16 executing program 5: syz_read_part_table(0x25, 0xa, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 298.977734][T30431] loop3: detected capacity change from 0 to 1 [ 298.983395][T30389] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 299.005477][T30473] new mount options do not match the existing superblock, will be ignored [ 299.017289][T30473] loop4: detected capacity change from 0 to 264192 [ 299.026074][ T1135] loop3: p1 p2 p3 p4 [ 299.030321][ T1135] loop3: p1 start 487 is beyond EOD, truncated [ 299.036514][ T1135] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 299.040902][T30481] loop0: detected capacity change from 0 to 1 [ 299.044374][ T1135] loop3: p3 start 225 is beyond EOD, truncated [ 299.055935][ T1135] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 299.062764][T30473] new mount options do not match the existing superblock, will be ignored [ 299.072414][T30481] loop0: p1 p2 p3 p4 08:41:16 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x900000000000000, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 299.076766][T30481] loop0: p1 start 487 is beyond EOD, truncated [ 299.077177][T30431] loop3: p1 p2 p3 p4 [ 299.083006][T30481] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 299.086978][T30431] loop3: p1 start 487 is beyond EOD, truncated [ 299.100306][T30431] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 299.107807][T30431] loop3: p3 start 225 is beyond EOD, truncated [ 299.113995][T30431] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 299.120576][T30481] loop0: p3 start 225 is beyond EOD, truncated [ 299.127299][T30481] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 299.138911][T30498] loop5: detected capacity change from 0 to 1 [ 299.155827][T30506] new mount options do not match the existing superblock, will be ignored [ 299.165045][T30506] loop4: detected capacity change from 0 to 264192 [ 299.173946][T30498] loop5: p1 p2 p4 [ 299.177857][ T1135] loop3: p1 p2 p3 p4 08:41:16 executing program 3: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bf0400ffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 299.180996][T30498] loop5: p1 start 487 is beyond EOD, truncated [ 299.185059][ T1135] loop3: p1 start 487 is beyond EOD, truncated [ 299.187990][T30498] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 299.194148][ T1135] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 299.202704][T30498] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 299.210827][T30506] new mount options do not match the existing superblock, will be ignored 08:41:16 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0xa00000000000000, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 299.218873][ T1135] loop3: p3 start 225 is beyond EOD, truncated [ 299.232542][ T1135] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 299.238968][T30481] loop0: detected capacity change from 0 to 1 [ 299.258980][T30498] loop5: detected capacity change from 0 to 1 [ 299.262175][T30530] new mount options do not match the existing superblock, will be ignored [ 299.282093][T30481] loop0: p1 p2 p3 p4 [ 299.286269][T30481] loop0: p1 start 487 is beyond EOD, truncated [ 299.292457][T30481] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 299.304246][T30530] loop4: detected capacity change from 0 to 264192 [ 299.311150][T30481] loop0: p3 start 225 is beyond EOD, truncated [ 299.312277][T30498] loop5: p1 p2 p4 [ 299.317336][T30481] loop0: p4 size 3657465856 extends beyond EOD, truncated 08:41:16 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0xb00000000000000, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 299.321320][T30498] loop5: p1 start 487 is beyond EOD, truncated [ 299.334502][T30498] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 299.342367][T30498] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 299.342891][ T1135] loop0: p1 p2 p3 p4 [ 299.354627][T30530] new mount options do not match the existing superblock, will be ignored [ 299.364917][T30538] loop3: detected capacity change from 0 to 1 [ 299.372352][ T1135] loop0: p1 start 487 is beyond EOD, truncated [ 299.378600][ T1135] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 299.386401][ T1135] loop0: p3 start 225 is beyond EOD, truncated [ 299.392589][ T1135] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 299.402340][T30556] new mount options do not match the existing superblock, will be ignored [ 299.413587][T30538] loop3: p1 p2 p3 p4 [ 299.417728][T30538] loop3: p1 start 487 is beyond EOD, truncated [ 299.420338][T30556] loop4: detected capacity change from 0 to 264192 08:41:16 executing program 5: syz_read_part_table(0x26, 0xa, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:41:16 executing program 0: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0a01bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:41:16 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0xc00000000000000, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 299.423975][T30538] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 299.437875][T30538] loop3: p3 start 225 is beyond EOD, truncated [ 299.444113][T30538] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 299.452665][T30556] new mount options do not match the existing superblock, will be ignored [ 299.503355][T30573] loop5: detected capacity change from 0 to 1 [ 299.506115][T30572] new mount options do not match the existing superblock, will be ignored [ 299.519458][T30572] loop4: detected capacity change from 0 to 264192 [ 299.529428][T30538] loop3: detected capacity change from 0 to 1 [ 299.532226][T30573] loop5: p1 p2 p4 [ 299.536368][T30581] loop0: detected capacity change from 0 to 1 [ 299.539521][T30573] loop5: p1 start 487 is beyond EOD, truncated [ 299.551922][T30573] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 299.559516][T30573] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 299.572540][T30538] loop3: p1 p2 p3 p4 [ 299.572591][T30572] new mount options do not match the existing superblock, will be ignored [ 299.572645][T30581] loop0: p1 p2 p3 p4 [ 299.576725][T30538] loop3: p1 start 487 is beyond EOD, truncated [ 299.595470][T30538] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 299.596032][T30581] loop0: p1 start 487 is beyond EOD, truncated [ 299.608824][T30581] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 299.617341][ T1135] loop5: p1 p2 p4 [ 299.620706][T30538] loop3: p3 start 225 is beyond EOD, truncated [ 299.621229][ T1135] loop5: p1 start 487 is beyond EOD, truncated [ 299.627364][T30538] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 299.633520][ T1135] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 299.642537][T30581] loop0: p3 start 225 is beyond EOD, truncated 08:41:16 executing program 1: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x6800) 08:41:16 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x10000000000000) 08:41:16 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0xd00000000000000, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 299.654083][T30581] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 299.685338][ T1135] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 299.686831][T30610] new mount options do not match the existing superblock, will be ignored 08:41:16 executing program 3: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bf0500ffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 299.707710][T30610] loop4: detected capacity change from 0 to 264192 [ 299.733973][T30610] new mount options do not match the existing superblock, will be ignored [ 299.746986][T30625] netlink: 1312 bytes leftover after parsing attributes in process `syz-executor.2'. 08:41:16 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0xe00000000000000, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 299.747464][T30581] loop0: detected capacity change from 0 to 1 [ 299.756507][T30573] loop5: detected capacity change from 0 to 1 [ 299.791299][T30637] new mount options do not match the existing superblock, will be ignored [ 299.800805][T30573] loop5: p1 p2 p4 [ 299.805044][ T1135] loop0: p1 p2 p3 p4 [ 299.809245][T30573] loop5: p1 start 487 is beyond EOD, truncated [ 299.813709][ T1135] loop0: p1 start 487 is beyond EOD, truncated [ 299.815428][T30573] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 299.821557][ T1135] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 299.832281][T30573] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 299.837148][T30637] loop4: detected capacity change from 0 to 264192 [ 299.851309][T30645] loop3: detected capacity change from 0 to 1 08:41:17 executing program 5: syz_read_part_table(0x2e, 0xa, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 299.852135][ T1135] loop0: p3 start 225 is beyond EOD, truncated [ 299.863526][ T1135] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 299.871854][T30581] loop0: p1 p2 p3 p4 [ 299.876518][T30581] loop0: p1 start 487 is beyond EOD, truncated [ 299.882759][T30581] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 299.890238][T30581] loop0: p3 start 225 is beyond EOD, truncated [ 299.896476][T30581] loop0: p4 size 3657465856 extends beyond EOD, truncated 08:41:17 executing program 0: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="1001bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:41:17 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x1000000000000000, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 299.903029][T30637] new mount options do not match the existing superblock, will be ignored [ 299.904494][T30645] loop3: p1 p2 p3 p4 [ 299.922202][T30645] loop3: p1 start 487 is beyond EOD, truncated [ 299.928368][T30645] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 299.940394][T30645] loop3: p3 start 225 is beyond EOD, truncated [ 299.946617][T30645] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 299.958768][T30668] loop5: detected capacity change from 0 to 1 [ 299.967952][T30671] new mount options do not match the existing superblock, will be ignored [ 299.977605][T30671] loop4: detected capacity change from 0 to 264192 [ 299.986999][T30645] __loop_clr_fd: partition scan of loop3 failed (rc=-16) [ 299.992464][T30668] loop5: p1 p2 p4 [ 299.996957][T30645] loop3: detected capacity change from 0 to 1 08:41:17 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x1100000000000000, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 299.997902][T30668] loop5: p1 start 487 is beyond EOD, truncated [ 300.009976][T30668] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 300.017889][T30671] new mount options do not match the existing superblock, will be ignored [ 300.025199][T30645] loop3: p1 p2 p3 p4 [ 300.030416][T30645] loop3: p1 start 487 is beyond EOD, truncated [ 300.032414][T30668] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 300.036582][T30645] loop3: p2 size 1073872896 extends beyond EOD, truncated 08:41:17 executing program 3: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bf02ffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 300.060413][T30645] loop3: p3 start 225 is beyond EOD, truncated [ 300.066628][T30645] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 300.071959][T30696] new mount options do not match the existing superblock, will be ignored [ 300.084054][T30694] loop0: detected capacity change from 0 to 1 [ 300.086486][T30696] loop4: detected capacity change from 0 to 264192 [ 300.108647][T30668] loop5: detected capacity change from 0 to 1 [ 300.132580][T30696] new mount options do not match the existing superblock, will be ignored [ 300.132613][ T1135] loop0: p1 p2 p3 p4 [ 300.145442][T30668] loop5: p1 p2 p4 [ 300.145594][ T1135] loop0: p1 start 487 is beyond EOD, truncated [ 300.149737][T30668] loop5: p1 start 487 is beyond EOD, truncated [ 300.155354][ T1135] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 300.161498][T30668] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 300.169017][ T1135] loop0: p3 start 225 is beyond EOD, truncated 08:41:17 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x1200000000000000, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 300.181865][ T1135] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 300.190498][T30668] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 300.203666][T30694] loop0: p1 p2 p3 p4 [ 300.207701][T30694] loop0: p1 start 487 is beyond EOD, truncated [ 300.213903][T30694] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 300.216670][T30728] new mount options do not match the existing superblock, will be ignored 08:41:17 executing program 5: syz_read_part_table(0x48, 0xa, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 300.222005][T30694] loop0: p3 start 225 is beyond EOD, truncated [ 300.229784][T30726] loop3: detected capacity change from 0 to 1 [ 300.235805][T30694] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 300.258979][T30728] loop4: detected capacity change from 0 to 264192 [ 300.302392][T30726] loop3: p1 p2 p3 p4 [ 300.306917][T30726] loop3: p1 start 487 is beyond EOD, truncated [ 300.312741][T30741] loop5: detected capacity change from 0 to 1 [ 300.313100][T30726] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 300.320074][T30728] new mount options do not match the existing superblock, will be ignored [ 300.336220][T30726] loop3: p3 start 225 is beyond EOD, truncated [ 300.342468][T30726] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 300.355579][T30694] loop0: detected capacity change from 0 to 1 [ 300.363318][ T1135] loop5: p1 p2 p4 [ 300.367163][ T1135] loop5: p1 start 487 is beyond EOD, truncated [ 300.373381][ T1135] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 300.381198][ T1135] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 300.388961][T30694] loop0: p1 p2 p3 p4 [ 300.392991][T30694] loop0: p1 start 487 is beyond EOD, truncated [ 300.394115][T30741] loop5: p1 p2 p4 [ 300.399219][T30694] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 300.410205][T30726] loop3: detected capacity change from 0 to 1 [ 300.410312][T30741] loop5: p1 start 487 is beyond EOD, truncated [ 300.422215][T30694] loop0: p3 start 225 is beyond EOD, truncated [ 300.422469][T30741] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 300.428601][T30694] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 300.436923][T30741] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 300.456860][T30726] loop3: p1 p2 p3 p4 [ 300.461011][T30726] loop3: p1 start 487 is beyond EOD, truncated [ 300.467195][T30726] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 300.475191][T30726] loop3: p3 start 225 is beyond EOD, truncated [ 300.481478][T30726] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 300.490102][ T1135] loop3: p1 p2 p3 p4 08:41:17 executing program 1: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x6c00) 08:41:17 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x2000000000000000, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) 08:41:17 executing program 0: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="1701bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:41:17 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x30000000000000) [ 300.502371][ T1135] loop3: p1 start 487 is beyond EOD, truncated [ 300.508558][ T1135] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 300.529536][ T1135] loop3: p3 start 225 is beyond EOD, truncated [ 300.535759][ T1135] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 300.543845][T30741] loop5: detected capacity change from 0 to 1 08:41:17 executing program 3: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bf03ffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 300.566298][T30793] loop0: detected capacity change from 0 to 1 [ 300.573547][T30796] new mount options do not match the existing superblock, will be ignored [ 300.583419][T30796] loop4: detected capacity change from 0 to 264192 [ 300.590482][ T1135] loop5: p1 p2 p4 [ 300.594923][ T1135] loop5: p1 start 487 is beyond EOD, truncated [ 300.601093][ T1135] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 300.608390][T30793] loop0: p1 p2 p3 p4 08:41:17 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x2010000000000000, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 300.608803][ T1135] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 300.612948][T30793] loop0: p1 start 487 is beyond EOD, truncated [ 300.621373][T30805] netlink: 1312 bytes leftover after parsing attributes in process `syz-executor.2'. [ 300.625676][T30793] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 300.636680][T30796] new mount options do not match the existing superblock, will be ignored [ 300.648354][T30793] loop0: p3 start 225 is beyond EOD, truncated [ 300.657142][T30793] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 300.664533][T30741] loop5: p1 p2 p4 [ 300.673283][T30741] loop5: p1 start 487 is beyond EOD, truncated [ 300.679465][T30741] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 300.685764][T30820] new mount options do not match the existing superblock, will be ignored [ 300.689377][T30816] loop3: detected capacity change from 0 to 1 [ 300.700389][T30741] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 300.702464][T30820] loop4: detected capacity change from 0 to 264192 08:41:17 executing program 5: syz_read_part_table(0x4c, 0xa, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 300.732260][T30816] loop3: p1 p2 p3 p4 [ 300.736375][T30816] loop3: p1 start 487 is beyond EOD, truncated [ 300.742677][T30816] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 300.747685][T30820] new mount options do not match the existing superblock, will be ignored [ 300.765411][T30816] loop3: p3 start 225 is beyond EOD, truncated [ 300.771603][T30816] loop3: p4 size 3657465856 extends beyond EOD, truncated 08:41:17 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x2500000000000000, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 300.776143][T30793] loop0: detected capacity change from 0 to 1 [ 300.799773][T30840] new mount options do not match the existing superblock, will be ignored [ 300.809187][T30840] loop4: detected capacity change from 0 to 264192 [ 300.812250][T30793] loop0: p1 p2 p3 p4 [ 300.819927][T30793] loop0: p1 start 487 is beyond EOD, truncated 08:41:18 executing program 0: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="2601bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 300.826123][T30793] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 300.828232][T30816] loop3: detected capacity change from 0 to 1 [ 300.840213][T30793] loop0: p3 start 225 is beyond EOD, truncated [ 300.846523][T30793] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 300.860845][T30859] loop5: detected capacity change from 0 to 1 [ 300.893143][T30816] loop3: p1 p2 p3 p4 [ 300.893241][T30840] new mount options do not match the existing superblock, will be ignored [ 300.898330][T30816] loop3: p1 start 487 is beyond EOD, truncated [ 300.906234][T30859] loop5: p1 p2 p4 [ 300.912166][T30816] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 300.916026][T30859] loop5: p1 start 487 is beyond EOD, truncated [ 300.929269][T30859] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 300.932861][T30816] loop3: p3 start 225 is beyond EOD, truncated 08:41:18 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x3f00000000000000, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 300.942600][T30816] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 300.946404][T30859] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 300.958123][ T1135] loop3: p1 p2 p3 p4 [ 300.962513][ T1135] loop3: p1 start 487 is beyond EOD, truncated [ 300.968739][ T1135] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 300.977879][T30880] loop0: detected capacity change from 0 to 1 [ 300.984883][ T1135] loop3: p3 start 225 is beyond EOD, truncated 08:41:18 executing program 3: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bf04ffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 300.988499][T30884] new mount options do not match the existing superblock, will be ignored [ 300.991057][ T1135] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 301.002304][T30884] loop4: detected capacity change from 0 to 264192 [ 301.014722][T30859] loop5: detected capacity change from 0 to 1 [ 301.022646][T30880] loop0: p1 p2 p3 p4 [ 301.026696][T30880] loop0: p1 start 487 is beyond EOD, truncated [ 301.032927][T30880] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 301.040883][T30880] loop0: p3 start 225 is beyond EOD, truncated [ 301.047070][T30880] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 301.072407][T30859] loop5: p1 p2 p4 [ 301.076300][T30859] loop5: p1 start 487 is beyond EOD, truncated [ 301.081024][T30884] new mount options do not match the existing superblock, will be ignored 08:41:18 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x4000080000000000, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 301.082495][T30859] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 301.098611][T30859] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 301.110380][T30880] loop0: detected capacity change from 0 to 1 [ 301.132492][T30880] loop0: p1 p2 p3 p4 [ 301.136694][T30880] loop0: p1 start 487 is beyond EOD, truncated [ 301.142868][T30880] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 301.152721][ T1135] loop5: p1 p2 p4 [ 301.152803][T30880] loop0: p3 start 225 is beyond EOD, truncated [ 301.157379][ T1135] loop5: p1 start 487 is beyond EOD, [ 301.162609][T30880] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 301.172406][T30918] new mount options do not match the existing superblock, will be ignored [ 301.175096][ T1135] truncated [ 301.175100][ T1135] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 301.187119][T30922] loop3: detected capacity change from 0 to 1 [ 301.194931][T30918] loop4: detected capacity change from 0 to 264192 [ 301.200807][ T1135] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 301.232902][T30922] loop3: p1 p2 p3 p4 [ 301.237054][T30922] loop3: p1 start 487 is beyond EOD, truncated [ 301.243255][T30922] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 301.250613][T30922] loop3: p3 start 225 is beyond EOD, truncated [ 301.256900][T30922] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 301.294273][T30922] loop3: detected capacity change from 0 to 1 [ 301.352479][T30922] loop3: p1 p2 p3 p4 [ 301.356619][T30922] loop3: p1 start 487 is beyond EOD, truncated [ 301.362797][T30922] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 301.390442][T30922] loop3: p3 start 225 is beyond EOD, truncated 08:41:18 executing program 1: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x7400) 08:41:18 executing program 5: syz_read_part_table(0x54, 0xa, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:41:18 executing program 0: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="3101bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:41:18 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x100000000000000) 08:41:18 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x4800000000000000, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) 08:41:18 executing program 3: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bf05ffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 301.397093][T30922] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 301.464117][T30970] loop0: detected capacity change from 0 to 1 [ 301.502443][T30970] loop0: p1 p2 p3 p4 [ 301.506602][T30970] loop0: p1 start 487 is beyond EOD, truncated [ 301.512793][T30970] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 301.540435][T30980] loop5: detected capacity change from 0 to 1 [ 301.551127][T30970] loop0: p3 start 225 is beyond EOD, truncated [ 301.557347][T30970] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 301.562634][T30982] new mount options do not match the existing superblock, will be ignored [ 301.581826][T30982] loop4: detected capacity change from 0 to 264192 [ 301.589012][T30985] loop3: detected capacity change from 0 to 1 [ 301.599832][T30993] netlink: 1312 bytes leftover after parsing attributes in process `syz-executor.2'. [ 301.612337][T30980] loop5: p1 p2 p4 [ 301.616223][T30980] loop5: p1 start 487 is beyond EOD, truncated [ 301.622481][T30980] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 301.631576][T30985] loop3: p1 p2 p3 p4 [ 301.635761][T30985] loop3: p1 start 487 is beyond EOD, truncated [ 301.636902][T30982] new mount options do not match the existing superblock, will be ignored [ 301.641950][T30985] loop3: p2 size 1073872896 extends beyond EOD, truncated 08:41:18 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x4c00000000000000, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 301.677436][T30980] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 301.687437][T30970] loop0: detected capacity change from 0 to 1 [ 301.690339][T30985] loop3: p3 start 225 is beyond EOD, truncated [ 301.699683][T30985] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 301.745355][T31010] new mount options do not match the existing superblock, will be ignored [ 301.761395][T30970] loop0: p1 p2 p3 p4 [ 301.782724][T30970] loop0: p1 start 487 is beyond EOD, truncated [ 301.788923][T30970] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 301.791917][T30980] loop5: detected capacity change from 0 to 1 [ 301.796886][T30985] loop3: detected capacity change from 0 to 1 [ 301.809521][T31010] loop4: detected capacity change from 0 to 264192 [ 301.817355][T30970] loop0: p3 start 225 is beyond EOD, truncated [ 301.823545][T30970] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 301.831394][T30985] loop3: p1 p2 p3 p4 [ 301.836854][T30985] loop3: p1 start 487 is beyond EOD, truncated 08:41:19 executing program 0: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="6401bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:41:19 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x6800000000000000, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 301.839213][T31010] new mount options do not match the existing superblock, will be ignored [ 301.843075][T30985] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 301.851086][ T1135] loop0: p1 p2 p3 p4 [ 301.863408][T30985] loop3: p3 start 225 is beyond EOD, truncated [ 301.863474][T30980] loop5: p1 p2 p4 [ 301.869735][T30985] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 301.878043][T30980] loop5: p1 start 487 is beyond EOD, truncated [ 301.886802][T30980] loop5: p2 size 1073872896 extends beyond EOD, truncated 08:41:19 executing program 3: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfff0200e70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 301.887030][ T1135] loop0: p1 start 487 is beyond EOD, truncated [ 301.900085][ T1135] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 301.907707][ T1135] loop0: p3 start 225 is beyond EOD, truncated [ 301.911528][T31039] new mount options do not match the existing superblock, will be ignored [ 301.913980][ T1135] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 301.923556][T30980] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 301.933583][T31039] loop4: detected capacity change from 0 to 264192 08:41:19 executing program 5: syz_read_part_table(0x55, 0xa, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:41:19 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x6c00000000000000, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 301.985090][T31039] new mount options do not match the existing superblock, will be ignored [ 302.013908][T31054] loop3: detected capacity change from 0 to 1 [ 302.024022][T31059] new mount options do not match the existing superblock, will be ignored [ 302.033183][T31059] loop4: detected capacity change from 0 to 264192 [ 302.052503][ T1135] loop3: p1 p2 p3 p4 [ 302.056755][ T1135] loop3: p1 start 487 is beyond EOD, truncated [ 302.057029][T31059] new mount options do not match the existing superblock, will be ignored [ 302.062956][ T1135] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 302.082148][T31074] loop5: detected capacity change from 0 to 1 [ 302.082823][ T1135] loop3: p3 start 225 is beyond EOD, truncated [ 302.094393][ T1135] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 302.098573][T31076] loop0: detected capacity change from 0 to 1 [ 302.108470][T31054] loop3: p1 p2 p3 p4 [ 302.112562][T31054] loop3: p1 start 487 is beyond EOD, truncated [ 302.118714][T31054] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 302.126246][T31054] loop3: p3 start 225 is beyond EOD, truncated [ 302.132429][T31054] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 302.142258][T31074] loop5: p1 p2 p4 [ 302.146189][T31074] loop5: p1 start 487 is beyond EOD, truncated [ 302.152453][T31074] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 302.159866][T31076] loop0: p1 p2 p3 p4 [ 302.160092][T31074] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 302.164362][T31076] loop0: p1 start 487 is beyond EOD, truncated [ 302.177130][T31076] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 302.184560][T31076] loop0: p3 start 225 is beyond EOD, truncated [ 302.190703][T31076] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 302.201652][T31054] loop3: detected capacity change from 0 to 1 [ 302.208591][ T1135] loop0: p1 p2 p3 p4 [ 302.212910][ T1135] loop0: p1 start 487 is beyond EOD, truncated [ 302.219056][ T1135] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 302.227295][ T1135] loop0: p3 start 225 is beyond EOD, truncated [ 302.233485][ T1135] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 302.237530][T31074] loop5: detected capacity change from 0 to 1 [ 302.252275][T31054] loop3: p1 p2 p3 p4 [ 302.256355][T31054] loop3: p1 start 487 is beyond EOD, truncated [ 302.262518][T31054] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 302.270171][T31054] loop3: p3 start 225 is beyond EOD, truncated [ 302.276581][T31054] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 302.277731][T31076] loop0: detected capacity change from 0 to 1 [ 302.292269][T31074] loop5: p1 p2 p4 [ 302.296036][T31074] loop5: p1 start 487 is beyond EOD, truncated [ 302.302293][T31074] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 302.310527][T31074] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 302.319336][ T1135] loop5: p1 p2 p4 [ 302.330404][T31076] loop0: p1 p2 p3 p4 08:41:19 executing program 1: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x7a00) 08:41:19 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x7400000000000000, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) 08:41:19 executing program 5: syz_read_part_table(0x60, 0xa, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 302.333834][ T1135] loop5: p1 start 487 is beyond EOD, truncated [ 302.335405][T31076] loop0: p1 start 487 is beyond EOD, truncated [ 302.340530][ T1135] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 302.346672][T31076] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 302.347630][T31076] loop0: p3 start 225 is beyond EOD, truncated [ 302.367140][T31076] loop0: p4 size 3657465856 extends beyond EOD, truncated 08:41:19 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x200000000000000) 08:41:19 executing program 3: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfff0300e70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 302.387075][ T1135] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 302.415550][T31134] loop3: detected capacity change from 0 to 1 [ 302.424783][T31139] new mount options do not match the existing superblock, will be ignored 08:41:19 executing program 0: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0202bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 302.433890][T31139] loop4: detected capacity change from 0 to 264192 [ 302.449439][T31134] loop3: p1 p2 p3 p4 [ 302.453531][T31143] loop5: detected capacity change from 0 to 1 [ 302.453680][T31134] loop3: p1 start 487 is beyond EOD, truncated [ 302.465812][T31134] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 302.474133][T31139] new mount options do not match the existing superblock, will be ignored 08:41:19 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x7a00000000000000, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 302.474217][T31134] loop3: p3 start 225 is beyond EOD, truncated [ 302.483571][T31157] netlink: 1312 bytes leftover after parsing attributes in process `syz-executor.2'. [ 302.488852][T31134] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 302.514293][T31143] loop5: p1 p2 p4 [ 302.518047][T31143] loop5: p1 start 487 is beyond EOD, truncated [ 302.520940][T31162] new mount options do not match the existing superblock, will be ignored [ 302.524203][T31143] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 302.540891][T31143] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 302.553294][T31134] loop3: detected capacity change from 0 to 1 [ 302.559460][T31162] loop4: detected capacity change from 0 to 264192 [ 302.564302][ T1135] loop5: p1 p2 p4 [ 302.567444][T31178] loop0: detected capacity change from 0 to 1 [ 302.569712][ T1135] loop5: p1 start 487 is beyond EOD, truncated [ 302.581910][ T1135] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 302.589513][ T1135] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 302.592550][T31134] loop3: p1 p2 p3 p4 [ 302.600893][T31178] loop0: p1 p2 p3 p4 [ 302.605573][T31162] new mount options do not match the existing superblock, will be ignored [ 302.606880][T31178] loop0: p1 start 487 is beyond EOD, truncated [ 302.615703][T31134] loop3: p1 start 487 is beyond EOD, [ 302.620257][T31178] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 302.620633][T31178] loop0: p3 start 225 is beyond EOD, 08:41:19 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x8cffffff00000000, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 302.625675][T31134] truncated [ 302.632771][T31178] truncated [ 302.632776][T31178] loop0: p4 size 3657465856 extends beyond EOD, [ 302.638111][T31134] loop3: p2 size 1073872896 extends beyond EOD, [ 302.641222][T31178] truncated [ 302.660039][T31134] truncated [ 302.663812][T31134] loop3: p3 start 225 is beyond EOD, truncated [ 302.669980][T31134] loop3: p4 size 3657465856 extends beyond EOD, truncated 08:41:19 executing program 3: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfff0400e70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:41:19 executing program 5: syz_read_part_table(0x63, 0xa, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 302.690388][T31195] new mount options do not match the existing superblock, will be ignored [ 302.705880][ T1135] loop3: p1 p2 p3 p4 [ 302.711502][ T1135] loop3: p1 start 487 is beyond EOD, truncated [ 302.717701][ T1135] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 302.725727][ T1135] loop3: p3 start 225 is beyond EOD, truncated [ 302.727883][T31195] loop4: detected capacity change from 0 to 264192 [ 302.731889][ T1135] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 302.746563][T31178] loop0: detected capacity change from 0 to 1 [ 302.747897][T31212] loop5: detected capacity change from 0 to 1 08:41:19 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0xcf7d278900000000, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 302.782706][T31195] new mount options do not match the existing superblock, will be ignored [ 302.790894][T31178] loop0: p1 p2 p3 p4 [ 302.795674][T31178] loop0: p1 start 487 is beyond EOD, truncated [ 302.801737][T31212] loop5: p1 p2 p4 [ 302.801839][T31178] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 302.805732][T31212] loop5: p1 start 487 is beyond EOD, truncated [ 302.815567][T31178] loop0: p3 start 225 is beyond EOD, [ 302.818875][T31212] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 302.820350][T31212] loop5: p4 size 3657465856 extends beyond EOD, [ 302.824257][T31178] truncated [ 302.824262][T31178] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 302.848139][T31212] truncated [ 302.869386][T31228] loop3: detected capacity change from 0 to 1 08:41:20 executing program 0: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0203bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 302.872503][T31230] new mount options do not match the existing superblock, will be ignored [ 302.885192][T31230] loop4: detected capacity change from 0 to 264192 [ 302.893364][ T1135] loop5: p1 p2 p4 [ 302.897101][ T1135] loop5: p1 start 487 is beyond EOD, truncated [ 302.903288][ T1135] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 302.911390][ T1135] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 302.932536][T31228] loop3: p1 p2 p3 p4 [ 302.936739][T31228] loop3: p1 start 487 is beyond EOD, truncated [ 302.937214][T31230] new mount options do not match the existing superblock, will be ignored [ 302.942926][T31228] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 302.967458][T31228] loop3: p3 start 225 is beyond EOD, truncated [ 302.973705][T31228] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 302.977742][T31212] loop5: detected capacity change from 0 to 1 [ 302.988733][T31252] loop0: detected capacity change from 0 to 1 [ 302.989315][ T1135] loop3: p1 p2 p3 p4 [ 302.998854][ T1135] loop3: p1 start 487 is beyond EOD, truncated [ 303.005109][ T1135] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 303.012728][ T1135] loop3: p3 start 225 is beyond EOD, truncated [ 303.018997][ T1135] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 303.032528][T31252] loop0: p1 p2 p3 p4 [ 303.036612][T31252] loop0: p1 start 487 is beyond EOD, truncated [ 303.042819][T31252] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 303.050623][T31228] loop3: detected capacity change from 0 to 1 [ 303.055589][T31252] loop0: p3 start 225 is beyond EOD, truncated [ 303.062873][T31252] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 303.072702][T31228] loop3: p1 p2 p3 p4 [ 303.076908][T31228] loop3: p1 start 487 is beyond EOD, truncated [ 303.083194][T31228] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 303.091254][T31228] loop3: p3 start 225 is beyond EOD, truncated [ 303.097442][T31228] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 303.105509][T31252] loop0: detected capacity change from 0 to 1 [ 303.152319][T31252] loop0: p1 p2 p3 p4 [ 303.157176][ T1135] loop3: p1 p2 p3 p4 [ 303.161177][T31252] loop0: p1 start 487 is beyond EOD, truncated [ 303.164814][ T1135] loop3: p1 start 487 is beyond EOD, truncated [ 303.167377][T31252] loop0: p2 size 1073872896 extends beyond EOD, [ 303.173524][ T1135] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 303.175539][ T1135] loop3: p3 start 225 is beyond EOD, [ 303.179867][T31252] truncated [ 303.180291][T31252] loop0: p3 start 225 is beyond EOD, [ 303.186979][ T1135] truncated [ 303.186984][ T1135] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 303.211142][T31252] truncated [ 303.214239][T31252] loop0: p4 size 3657465856 extends beyond EOD, truncated 08:41:20 executing program 1: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0xb80a) 08:41:20 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0xf6ffffff00000000, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) 08:41:20 executing program 5: syz_read_part_table(0x68, 0xa, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:41:20 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x300000000000000) 08:41:20 executing program 3: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfff0500e70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:41:20 executing program 0: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0204bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 303.299835][T31307] loop5: detected capacity change from 0 to 1 [ 303.305557][T31312] new mount options do not match the existing superblock, will be ignored [ 303.315528][T31313] loop0: detected capacity change from 0 to 1 [ 303.319622][T31314] loop3: detected capacity change from 0 to 1 [ 303.322880][T31312] loop4: detected capacity change from 0 to 264192 [ 303.328480][T31307] loop5: p1 p2 p4 [ 303.337906][T31307] loop5: p1 start 487 is beyond EOD, truncated [ 303.344079][T31307] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 303.351708][T31307] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 303.360257][ T1135] loop5: p1 p2 p4 [ 303.364438][ T1135] loop5: p1 start 487 is beyond EOD, truncated [ 303.370610][ T1135] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 303.371011][T31326] netlink: 1312 bytes leftover after parsing attributes in process `syz-executor.2'. [ 303.379145][T31312] new mount options do not match the existing superblock, will be ignored [ 303.389869][T31314] loop3: p1 p2 p3 p4 08:41:20 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0xfdfdffff00000000, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 303.400044][T31313] loop0: p1 p2 p3 p4 [ 303.404701][T31313] loop0: p1 start 487 is beyond EOD, truncated [ 303.410862][T31313] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 303.412373][T31314] loop3: p1 start 487 is beyond EOD, truncated [ 303.419688][ T1135] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 303.424149][T31314] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 303.433421][T31313] loop0: p3 start 225 is beyond EOD, truncated [ 303.444644][T31313] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 303.462584][ T1135] loop0: p1 p2 p3 p4 [ 303.462699][T31314] loop3: p3 start 225 is beyond EOD, truncated [ 303.466794][ T1135] loop0: p1 start 487 is beyond EOD, truncated [ 303.472813][T31314] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 303.478948][ T1135] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 303.495404][ T1135] loop0: p3 start 225 is beyond EOD, truncated [ 303.500427][T31352] new mount options do not match the existing superblock, will be ignored [ 303.501610][ T1135] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 303.511998][T31307] loop5: detected capacity change from 0 to 1 [ 303.518053][T31352] loop4: detected capacity change from 0 to 264192 [ 303.533393][T31314] loop3: detected capacity change from 0 to 1 [ 303.543203][T31307] loop5: p1 p2 p4 08:41:20 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0xfeffffff00000000, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 303.547319][T31307] loop5: p1 start 487 is beyond EOD, truncated [ 303.551884][T31313] loop0: detected capacity change from 0 to 1 [ 303.553518][T31307] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 303.561796][T31352] new mount options do not match the existing superblock, will be ignored [ 303.575898][T31307] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 303.583580][ T1135] loop3: p1 p2 p3 p4 [ 303.592317][ T1135] loop3: p1 start 487 is beyond EOD, truncated [ 303.598476][ T1135] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 303.605936][ T1135] loop3: p3 start 225 is beyond EOD, truncated [ 303.612084][ T1135] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 303.616292][T31377] new mount options do not match the existing superblock, will be ignored [ 303.619503][T31313] loop0: p1 p2 p3 p4 [ 303.629554][T31377] loop4: detected capacity change from 0 to 264192 [ 303.631985][T31313] loop0: p1 start 487 is beyond EOD, truncated [ 303.641212][T31314] loop3: p1 p2 p3 p4 08:41:20 executing program 5: syz_read_part_table(0x6c, 0xa, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 303.644466][T31313] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 303.645254][T31313] loop0: p3 start 225 is beyond EOD, [ 303.648815][T31314] loop3: p1 start 487 is beyond EOD, [ 303.655558][T31313] truncated [ 303.655564][T31313] loop0: p4 size 3657465856 extends beyond EOD, [ 303.661004][T31314] truncated [ 303.661009][T31314] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 303.669897][T31314] loop3: p3 start 225 is beyond EOD, [ 303.676090][T31313] truncated 08:41:20 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0xfeffffffffffffff, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) 08:41:20 executing program 0: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0205bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 303.687955][T31377] new mount options do not match the existing superblock, will be ignored [ 303.691674][T31314] truncated [ 303.691680][T31314] loop3: p4 size 3657465856 extends beyond EOD, truncated 08:41:20 executing program 3: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfff02ffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 303.743742][T31399] loop5: detected capacity change from 0 to 1 [ 303.744601][T31397] new mount options do not match the existing superblock, will be ignored [ 303.770142][ T1135] loop3: p1 p2 p3 p4 [ 303.772673][T31397] loop4: detected capacity change from 0 to 264192 [ 303.774331][ T1135] loop3: p1 start 487 is beyond EOD, truncated [ 303.786953][ T1135] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 303.788729][T31399] loop5: p1 p2 p4 [ 303.798341][ T1135] loop3: p3 start 225 is beyond EOD, truncated [ 303.798531][T31399] loop5: p1 start 487 is beyond EOD, truncated [ 303.804543][ T1135] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 303.810681][T31399] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 303.819196][T31413] loop0: detected capacity change from 0 to 1 [ 303.825554][T31399] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 303.838649][T31397] new mount options do not match the existing superblock, will be ignored [ 303.872411][T31413] loop0: p1 p2 p3 p4 [ 303.876642][T31413] loop0: p1 start 487 is beyond EOD, truncated [ 303.882883][T31413] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 303.886734][T31423] loop3: detected capacity change from 0 to 1 [ 303.891790][T31413] loop0: p3 start 225 is beyond EOD, truncated [ 303.902396][T31413] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 303.906843][T31399] loop5: detected capacity change from 0 to 1 [ 303.932492][T31423] loop3: p1 p2 p3 p4 [ 303.936573][T31423] loop3: p1 start 487 is beyond EOD, truncated [ 303.942744][T31423] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 303.950693][ T1135] loop5: p1 p2 p4 [ 303.954650][T31413] loop0: detected capacity change from 0 to 1 [ 303.954857][ T1135] loop5: p1 start 487 is beyond EOD, truncated [ 303.966946][ T1135] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 303.975854][T31423] loop3: p3 start 225 is beyond EOD, truncated [ 303.982014][T31423] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 303.989734][ T1135] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 303.998139][T31399] loop5: p1 p2 p4 [ 304.001964][T31399] loop5: p1 start 487 is beyond EOD, truncated [ 304.008139][T31399] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 304.015667][T31413] loop0: p1 p2 p3 p4 [ 304.019888][T31399] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 304.020011][T31413] loop0: p1 start 487 is beyond EOD, truncated [ 304.033255][T31413] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 304.041519][T31413] loop0: p3 start 225 is beyond EOD, truncated [ 304.047748][T31413] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 304.049292][T31423] loop3: detected capacity change from 0 to 1 08:41:21 executing program 1: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x100000) 08:41:21 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0xffffffff00000000, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) 08:41:21 executing program 5: syz_read_part_table(0x74, 0xa, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:41:21 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x400000000000000) 08:41:21 executing program 0: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0206bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:41:21 executing program 3: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfff03ffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 304.092490][T31423] loop3: p1 p2 p3 p4 [ 304.096612][T31423] loop3: p1 start 487 is beyond EOD, truncated [ 304.102784][T31423] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 304.104978][ T1135] loop0: p1 p2 p3 p4 [ 304.112460][T31423] loop3: p3 start 225 is beyond EOD, truncated [ 304.114634][ T1135] loop0: p1 start 487 is beyond EOD, truncated [ 304.120014][T31423] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 304.126179][ T1135] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 304.176477][ T1135] loop0: p3 start 225 is beyond EOD, truncated [ 304.179189][T31478] new mount options do not match the existing superblock, will be ignored [ 304.182715][ T1135] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 304.193110][T31478] loop4: detected capacity change from 0 to 264192 [ 304.198494][T31479] loop5: detected capacity change from 0 to 1 [ 304.239371][T31479] loop5: p1 p2 p4 [ 304.239588][T31493] loop3: detected capacity change from 0 to 1 [ 304.243218][T31479] loop5: p1 start 487 is beyond EOD, truncated [ 304.249845][T31478] new mount options do not match the existing superblock, will be ignored [ 304.255413][T31479] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 304.271588][T31500] netlink: 1312 bytes leftover after parsing attributes in process `syz-executor.2'. [ 304.278948][T31479] loop5: p4 size 3657465856 extends beyond EOD, truncated 08:41:21 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0xfffffffffffffffe, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 304.292457][T31493] loop3: p1 p2 p3 p4 [ 304.296644][T31493] loop3: p1 start 487 is beyond EOD, truncated [ 304.298570][T31506] loop0: detected capacity change from 0 to 1 [ 304.302833][T31493] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 304.316374][T31493] loop3: p3 start 225 is beyond EOD, truncated [ 304.322453][T31506] loop0: p1 p2 p3 p4 [ 304.322536][T31493] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 304.336655][ T1135] loop3: p1 p2 p3 p4 [ 304.336727][T31479] loop5: detected capacity change from 0 to 1 [ 304.340726][ T1135] loop3: p1 start 487 is beyond EOD, truncated [ 304.347155][T31506] loop0: p1 start 487 is beyond EOD, [ 304.352945][ T1135] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 304.360412][T31522] new mount options do not match the existing superblock, will be ignored [ 304.365416][T31506] truncated [ 304.365438][T31506] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 304.372048][T31506] loop0: p3 start 225 is beyond EOD, 08:41:21 executing program 3: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfff04ffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 304.375610][T31522] loop4: detected capacity change from 0 to 264192 [ 304.377250][T31506] truncated [ 304.377254][T31506] loop0: p4 size 3657465856 extends beyond EOD, [ 304.384903][ T1135] loop3: p3 start 225 is beyond EOD, [ 304.389713][T31506] truncated [ 304.414090][ T1135] truncated [ 304.417246][ T1135] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 304.432448][T31479] loop5: p1 p2 p4 [ 304.436899][T31479] loop5: p1 start 487 is beyond EOD, truncated 08:41:21 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0xffffffffffffffff, 0x0, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 304.443105][T31479] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 304.444601][T31522] new mount options do not match the existing superblock, will be ignored [ 304.450562][T31479] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 304.482831][T31506] loop0: detected capacity change from 0 to 1 08:41:21 executing program 5: syz_read_part_table(0x7a, 0xa, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 304.495415][T31549] loop3: detected capacity change from 0 to 1 [ 304.502040][T31551] new mount options do not match the existing superblock, will be ignored [ 304.511363][ T1135] loop0: p1 p2 p3 p4 [ 304.515778][ T1135] loop0: p1 start 487 is beyond EOD, truncated [ 304.521936][ T1135] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 304.527792][T31551] loop4: detected capacity change from 0 to 264192 [ 304.531133][ T1135] loop0: p3 start 225 is beyond EOD, truncated [ 304.536067][T31549] loop3: p1 p2 p3 p4 [ 304.541735][ T1135] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 304.553118][T31549] loop3: p1 start 487 is beyond EOD, truncated [ 304.559268][T31549] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 304.562972][T31551] new mount options do not match the existing superblock, will be ignored [ 304.567945][T31506] loop0: p1 p2 p3 p4 [ 304.582653][T31549] loop3: p3 start 225 is beyond EOD, truncated [ 304.588827][T31549] loop3: p4 size 3657465856 extends beyond EOD, truncated 08:41:21 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 304.592921][T31569] loop5: detected capacity change from 0 to 1 [ 304.598092][T31506] loop0: p1 start 487 is beyond EOD, truncated [ 304.608177][T31506] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 304.619636][T31506] loop0: p3 start 225 is beyond EOD, truncated [ 304.625931][T31506] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 304.631770][T31576] new mount options do not match the existing superblock, will be ignored [ 304.633464][T31569] loop5: p1 p2 p4 08:41:21 executing program 0: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0207bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 304.643207][T31576] loop4: detected capacity change from 0 to 18577 [ 304.651909][T31569] loop5: p1 start 487 is beyond EOD, truncated [ 304.658084][T31569] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 304.666777][T31569] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 304.676934][T31549] loop3: detected capacity change from 0 to 1 [ 304.703013][T31576] new mount options do not match the existing superblock, will be ignored [ 304.712054][T31588] loop0: detected capacity change from 0 to 1 [ 304.719133][ T1135] loop3: p1 p2 p3 p4 [ 304.724125][ T1135] loop3: p1 start 487 is beyond EOD, truncated [ 304.729726][T31569] loop5: detected capacity change from 0 to 1 [ 304.730292][ T1135] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 304.744039][ T1135] loop3: p3 start 225 is beyond EOD, truncated [ 304.750274][ T1135] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 304.752520][T31588] loop0: p1 p2 p3 p4 [ 304.759138][T31569] loop5: p1 p2 p4 [ 304.761423][T31588] loop0: p1 start 487 is beyond EOD, [ 304.765128][T31569] loop5: p1 start 487 is beyond EOD, truncated [ 304.765140][T31569] loop5: p2 size 1073872896 extends beyond EOD, [ 304.770509][T31588] truncated [ 304.770513][T31588] loop0: p2 size 1073872896 extends beyond EOD, [ 304.776665][T31569] truncated [ 304.777034][T31569] loop5: p4 size 3657465856 extends beyond EOD, [ 304.782982][T31588] truncated [ 304.787063][T31588] loop0: p3 start 225 is beyond EOD, [ 304.792395][T31569] truncated [ 304.793958][T31549] loop3: p1 p2 p3 p4 [ 304.795522][T31588] truncated [ 304.795527][T31588] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 304.827651][T31549] loop3: p1 start 487 is beyond EOD, truncated [ 304.833897][T31549] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 304.842087][T31549] loop3: p3 start 225 is beyond EOD, truncated [ 304.848284][T31549] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 304.858888][T31588] loop0: detected capacity change from 0 to 1 [ 304.912572][ T1135] loop0: p1 p2 p3 p4 [ 304.916725][ T1135] loop0: p1 start 487 is beyond EOD, truncated [ 304.923175][ T1135] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 304.930730][ T1135] loop0: p3 start 225 is beyond EOD, truncated [ 304.936981][ T1135] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 304.946260][T31588] loop0: p1 p2 p3 p4 [ 304.950502][T31588] loop0: p1 start 487 is beyond EOD, truncated [ 304.956969][T31588] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 304.964554][T31588] loop0: p3 start 225 is beyond EOD, truncated [ 304.970728][T31588] loop0: p4 size 3657465856 extends beyond EOD, truncated 08:41:22 executing program 1: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x300000) 08:41:22 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x3, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) 08:41:22 executing program 5: syz_read_part_table(0x90, 0xa, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:41:22 executing program 3: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfff05ffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:41:22 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x500000000000000) 08:41:22 executing program 0: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0208bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 305.021721][ T1135] loop0: p1 p2 p3 p4 [ 305.033631][ T1135] loop0: p1 start 487 is beyond EOD, truncated [ 305.039868][ T1135] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 305.065007][T31650] new mount options do not match the existing superblock, will be ignored [ 305.066603][ T1135] loop0: p3 start 225 is beyond EOD, truncated [ 305.073918][T31648] loop3: detected capacity change from 0 to 1 [ 305.079879][ T1135] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 305.086343][T31653] loop5: detected capacity change from 0 to 1 [ 305.100796][T31650] loop4: detected capacity change from 0 to 18577 [ 305.143012][T31648] loop3: p1 p2 p3 p4 [ 305.143109][T31650] new mount options do not match the existing superblock, will be ignored [ 305.147654][T31653] loop5: p1 p2 p4 [ 305.156832][T31668] netlink: 1312 bytes leftover after parsing attributes in process `syz-executor.2'. [ 305.164651][T31648] loop3: p1 start 487 is beyond EOD, truncated [ 305.170313][T31661] loop0: detected capacity change from 0 to 1 [ 305.175097][T31648] loop3: p2 size 1073872896 extends beyond EOD, truncated 08:41:22 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x4, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 305.177280][T31653] loop5: p1 start 487 is beyond EOD, truncated [ 305.194826][T31653] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 305.216711][T31648] loop3: p3 start 225 is beyond EOD, truncated [ 305.222581][T31661] loop0: p1 p2 p3 p4 [ 305.223439][T31648] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 305.227426][T31661] loop0: p1 start 487 is beyond EOD, truncated [ 305.235609][T31677] new mount options do not match the existing superblock, will be ignored [ 305.240650][T31661] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 305.246532][T31661] loop0: p3 start 225 is beyond EOD, truncated [ 305.264262][T31661] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 305.265388][T31653] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 305.280720][T31677] loop4: detected capacity change from 0 to 18577 [ 305.288038][ T1135] loop3: p1 p2 p3 p4 [ 305.292172][ T1135] loop3: p1 start 487 is beyond EOD, truncated [ 305.298320][ T1135] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 305.305992][ T1135] loop3: p3 start 225 is beyond EOD, truncated [ 305.312155][ T1135] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 305.319963][T31677] new mount options do not match the existing superblock, will be ignored [ 305.329601][T31661] loop0: detected capacity change from 0 to 1 08:41:22 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x5, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 305.343896][T31653] loop5: detected capacity change from 0 to 1 [ 305.365320][T31705] new mount options do not match the existing superblock, will be ignored [ 305.374393][T31661] loop0: p1 p2 p3 p4 [ 305.376062][T31705] loop4: detected capacity change from 0 to 18577 [ 305.380587][T31661] loop0: p1 start 487 is beyond EOD, truncated [ 305.386143][ T1135] loop5: p1 p2 p4 [ 305.391681][T31661] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 305.395705][ T1135] loop5: p1 start 487 is beyond EOD, truncated [ 305.404419][T31648] loop3: detected capacity change from 0 to 1 [ 305.408664][ T1135] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 305.409821][ T1135] loop5: p4 size 3657465856 extends beyond EOD, [ 305.416151][T31661] loop0: p3 start 225 is beyond EOD, [ 305.421978][ T1135] truncated [ 305.423986][T31653] loop5: p1 p2 p4 [ 305.428341][T31661] truncated 08:41:22 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x6, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 305.435632][T31653] loop5: p1 start 487 is beyond EOD, [ 305.436773][T31661] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 305.456070][T31653] truncated [ 305.459157][T31653] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 305.467130][T31705] new mount options do not match the existing superblock, will be ignored [ 305.472594][T31648] loop3: p1 p2 p3 p4 [ 305.480243][T31648] loop3: p1 start 487 is beyond EOD, truncated [ 305.486505][T31648] loop3: p2 size 1073872896 extends beyond EOD, truncated 08:41:22 executing program 0: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="020abfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:41:22 executing program 5: syz_read_part_table(0x98, 0xa, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 305.488201][T31653] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 305.513755][T31648] loop3: p3 start 225 is beyond EOD, truncated [ 305.519929][T31648] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 305.530045][T31729] new mount options do not match the existing superblock, will be ignored [ 305.539631][T31729] loop4: detected capacity change from 0 to 18577 08:41:22 executing program 3: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffff02e70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 305.565919][ T1135] loop3: p1 p2 p3 p4 [ 305.569940][ T1135] loop3: p1 start 487 is beyond EOD, truncated [ 305.574414][T31738] loop0: detected capacity change from 0 to 1 [ 305.576119][ T1135] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 305.584210][T31729] new mount options do not match the existing superblock, will be ignored [ 305.598152][ T1135] loop3: p3 start 225 is beyond EOD, truncated [ 305.604344][ T1135] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 305.622603][T31738] loop0: p1 p2 p3 p4 [ 305.626795][T31738] loop0: p1 start 487 is beyond EOD, truncated [ 305.632998][T31738] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 305.635945][T31756] loop5: detected capacity change from 0 to 1 [ 305.640323][T31738] loop0: p3 start 225 is beyond EOD, truncated [ 305.652319][T31738] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 305.662916][T31756] loop5: p1 p2 p4 [ 305.669041][T31756] loop5: p1 start 487 is beyond EOD, truncated [ 305.675331][T31756] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 305.681814][T31765] loop3: detected capacity change from 0 to 1 [ 305.683050][T31756] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 305.715067][T31738] loop0: detected capacity change from 0 to 1 [ 305.722880][ T1135] loop3: p1 p2 p3 p4 [ 305.727434][ T1135] loop3: p1 start 487 is beyond EOD, truncated [ 305.733818][ T1135] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 305.741364][ T1135] loop3: p3 start 225 is beyond EOD, truncated [ 305.747716][ T1135] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 305.752754][T31756] loop5: detected capacity change from 0 to 1 [ 305.754919][T31738] loop0: p1 p2 p3 p4 [ 305.765024][T31738] loop0: p1 start 487 is beyond EOD, truncated [ 305.771226][T31738] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 305.778786][T31765] loop3: p1 p2 p3 p4 [ 305.779351][T31738] loop0: p3 start 225 is beyond EOD, truncated [ 305.783330][T31765] loop3: p1 start 487 is beyond EOD, [ 305.788911][T31738] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 305.801378][T31765] truncated [ 305.804506][T31765] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 305.812176][T31756] loop5: p1 p2 p4 [ 305.816155][T31756] loop5: p1 start 487 is beyond EOD, truncated [ 305.822036][T31765] loop3: p3 start 225 is beyond EOD, truncated [ 305.822304][T31756] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 305.828461][T31765] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 305.838621][T31756] loop5: p4 size 3657465856 extends beyond EOD, truncated 08:41:23 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x7, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) 08:41:23 executing program 0: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="020ebfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:41:23 executing program 1: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x1000000) 08:41:23 executing program 5: syz_read_part_table(0xbe, 0xa, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:41:23 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x600000000000000) [ 305.892706][T31765] loop3: detected capacity change from 0 to 1 [ 305.919415][T31811] loop0: detected capacity change from 0 to 1 [ 305.939215][T31815] new mount options do not match the existing superblock, will be ignored [ 305.949147][ T1135] loop3: p1 p2 p3 p4 [ 305.953371][T31811] loop0: p1 p2 p3 p4 [ 305.956606][ T1135] loop3: p1 start 487 is beyond EOD, truncated [ 305.957465][T31811] loop0: p1 start 487 is beyond EOD, truncated [ 305.963517][ T1135] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 305.969657][T31811] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 305.977806][T31815] loop4: detected capacity change from 0 to 18585 [ 305.984725][T31811] loop0: p3 start 225 is beyond EOD, truncated [ 305.991077][T31823] loop5: detected capacity change from 0 to 1 [ 305.996396][T31811] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 305.997200][T31828] netlink: 1312 bytes leftover after parsing attributes in process `syz-executor.2'. [ 306.010076][ T1135] loop3: p3 start 225 is beyond EOD, truncated [ 306.025334][ T1135] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 306.033466][T31765] loop3: p1 p2 p3 p4 [ 306.037470][T31765] loop3: p1 start 487 is beyond EOD, truncated 08:41:23 executing program 3: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffff03e70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:41:23 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x8, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 306.043637][T31765] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 306.051198][T31765] loop3: p3 start 225 is beyond EOD, truncated [ 306.057376][T31765] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 306.063967][T31823] loop5: p1 p2 p4 [ 306.069749][T31815] new mount options do not match the existing superblock, will be ignored [ 306.078905][T31823] loop5: p1 start 487 is beyond EOD, truncated [ 306.085221][T31823] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 306.093619][T31811] loop0: detected capacity change from 0 to 1 [ 306.100453][T31823] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 306.109583][T31850] new mount options do not match the existing superblock, will be ignored [ 306.119084][T31850] loop4: detected capacity change from 0 to 18844 [ 306.126543][T31811] loop0: p1 p2 p3 p4 [ 306.130617][T31811] loop0: p1 start 487 is beyond EOD, truncated [ 306.136817][T31811] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 306.137372][T31823] loop5: detected capacity change from 0 to 1 [ 306.157016][T31811] loop0: p3 start 225 is beyond EOD, truncated [ 306.159382][T31866] loop3: detected capacity change from 0 to 1 [ 306.163196][T31811] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 306.175908][T31850] new mount options do not match the existing superblock, will be ignored 08:41:23 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x9, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 306.192966][ T1135] loop5: p1 p2 p4 [ 306.194498][T31866] loop3: p1 p2 p3 p4 [ 306.197371][ T1135] loop5: p1 start 487 is beyond EOD, truncated [ 306.201649][T31866] loop3: p1 start 487 is beyond EOD, [ 306.206852][ T1135] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 306.219305][T31866] truncated [ 306.222335][T31879] new mount options do not match the existing superblock, will be ignored [ 306.222404][T31866] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 306.231779][T31879] loop4: detected capacity change from 0 to 18844 08:41:23 executing program 0: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="020fbfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 306.244470][ T1135] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 306.252798][T31866] loop3: p3 start 225 is beyond EOD, truncated [ 306.253887][T31823] loop5: p1 p2 p4 [ 306.259086][T31866] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 306.264814][T31823] loop5: p1 start 487 is beyond EOD, truncated [ 306.273598][T31879] new mount options do not match the existing superblock, will be ignored [ 306.276073][T31823] loop5: p2 size 1073872896 extends beyond EOD, truncated 08:41:23 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0xa, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) 08:41:23 executing program 5: syz_read_part_table(0xc0, 0xa, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 306.292048][T31823] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 306.321551][T31866] loop3: detected capacity change from 0 to 1 [ 306.322022][T31898] loop0: detected capacity change from 0 to 1 [ 306.329238][T31903] new mount options do not match the existing superblock, will be ignored [ 306.349995][ T1135] loop5: p1 p2 p4 [ 306.353817][T31903] loop4: detected capacity change from 0 to 18844 [ 306.353972][T31866] loop3: p1 p2 p3 p4 [ 306.364317][T31898] loop0: p1 p2 p3 p4 [ 306.364327][ T1135] loop5: p1 start 487 is beyond EOD, truncated [ 306.368447][T31898] loop0: p1 start 487 is beyond EOD, [ 306.374471][ T1135] loop5: p2 size 1073872896 extends beyond EOD, [ 306.374477][T31898] truncated [ 306.374483][ T1135] truncated [ 306.375541][T31866] loop3: p1 start 487 is beyond EOD, [ 306.379847][T31898] loop0: p2 size 1073872896 extends beyond EOD, [ 306.386179][T31866] truncated [ 306.389255][T31898] truncated [ 306.410258][T31866] loop3: p2 size 1073872896 extends beyond EOD, truncated 08:41:23 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0xb, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 306.412829][T31898] loop0: p3 start 225 is beyond EOD, truncated [ 306.418292][ T1135] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 306.423557][T31898] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 306.432050][T31866] loop3: p3 start 225 is beyond EOD, truncated [ 306.438702][T31903] new mount options do not match the existing superblock, will be ignored [ 306.443904][T31866] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 306.482657][T31925] new mount options do not match the existing superblock, will be ignored [ 306.492181][T31925] loop4: detected capacity change from 0 to 18844 [ 306.519834][T31924] loop5: detected capacity change from 0 to 1 [ 306.522726][T31898] loop0: detected capacity change from 0 to 1 08:41:23 executing program 3: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffff04e70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:41:23 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0xc, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 306.526185][ T1135] loop3: p1 p2 p3 p4 [ 306.537566][T31925] new mount options do not match the existing superblock, will be ignored [ 306.539594][ T1135] loop3: p1 start 487 is beyond EOD, truncated [ 306.552274][ T1135] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 306.562046][ T1135] loop3: p3 start 225 is beyond EOD, truncated [ 306.568284][ T1135] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 306.577205][T31947] new mount options do not match the existing superblock, will be ignored [ 306.586049][T31898] loop0: p1 p2 p3 p4 [ 306.586271][T31924] loop5: p1 p2 p4 [ 306.590225][T31898] loop0: p1 start 487 is beyond EOD, truncated [ 306.594839][T31924] loop5: p1 start 487 is beyond EOD, truncated [ 306.600004][T31898] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 306.606300][T31924] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 306.622773][T31924] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 306.623808][T31898] loop0: p3 start 225 is beyond EOD, truncated [ 306.629936][T31947] loop4: detected capacity change from 0 to 18844 [ 306.636074][T31898] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 306.663657][T31953] loop3: detected capacity change from 0 to 1 [ 306.680483][T31947] new mount options do not match the existing superblock, will be ignored [ 306.694828][T31924] loop5: detected capacity change from 0 to 1 [ 306.707018][T31953] loop3: p1 p2 p3 p4 [ 306.711083][T31953] loop3: p1 start 487 is beyond EOD, truncated [ 306.717286][T31953] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 306.725137][T31953] loop3: p3 start 225 is beyond EOD, truncated [ 306.731311][T31953] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 306.732774][T31924] loop5: p1 p2 p4 [ 306.743022][T31924] loop5: p1 start 487 is beyond EOD, truncated [ 306.745023][ T1135] loop3: p1 p2 p3 p4 [ 306.749315][T31924] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 306.753909][ T1135] loop3: p1 start 487 is beyond EOD, truncated [ 306.761694][T31924] loop5: p4 size 3657465856 extends beyond EOD, [ 306.766600][ T1135] loop3: p2 size 1073872896 extends beyond EOD, truncated 08:41:23 executing program 1: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x2000000) 08:41:23 executing program 0: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0210bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:41:23 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0xd, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) 08:41:23 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)="480500001400", 0x6}], 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x200000000e228, 0x700000000000000) [ 306.768454][ T1135] loop3: p3 start 225 is beyond EOD, [ 306.772967][T31924] truncated [ 306.788530][ T1135] truncated [ 306.791648][ T1135] loop3: p4 size 3657465856 extends beyond EOD, truncated 08:41:24 executing program 5: syz_read_part_table(0xe4, 0xa, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 306.829273][T31992] loop0: detected capacity change from 0 to 1 [ 306.834159][ T1135] loop5: p1 p2 p4 [ 306.838886][T31994] new mount options do not match the existing superblock, will be ignored [ 306.839998][ T1135] loop5: p1 start 487 is beyond EOD, truncated [ 306.850656][T31994] loop4: detected capacity change from 0 to 18844 [ 306.853952][ T1135] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 306.854579][ T1135] loop5: p4 size 3657465856 extends beyond EOD, [ 306.865528][T31953] loop3: detected capacity change from 0 to 1 [ 306.867549][ T1135] truncated [ 306.880072][T32010] netlink: 1312 bytes leftover after parsing attributes in process `syz-executor.2'. [ 306.893109][T31992] loop0: p1 p2 p3 p4 [ 306.894324][T31953] loop3: p1 p2 p3 p4 [ 306.897188][T31992] loop0: p1 start 487 is beyond EOD, truncated [ 306.901592][T31994] new mount options do not match the existing superblock, will be ignored [ 306.907205][T31992] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 306.913383][T31953] loop3: p1 start 487 is beyond EOD, 08:41:24 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0xe, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 306.916412][T31992] loop0: p3 start 225 is beyond EOD, [ 306.922867][T31953] truncated [ 306.922873][T31953] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 306.933042][T31953] loop3: p3 start 225 is beyond EOD, [ 306.933758][T31992] truncated [ 306.936848][T31953] truncated [ 306.943977][T31992] loop0: p4 size 3657465856 extends beyond EOD, [ 306.949331][T31953] loop3: p4 size 3657465856 extends beyond EOD, [ 306.952423][T31992] truncated [ 306.955519][T31953] truncated [ 306.975807][ T1135] loop3: p1 p2 p3 p4 [ 306.979974][ T1135] loop3: p1 start 487 is beyond EOD, truncated [ 306.986156][ T1135] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 306.994151][ T1135] loop3: p3 start 225 is beyond EOD, truncated [ 306.997234][T32025] new mount options do not match the existing superblock, will be ignored [ 307.000313][ T1135] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 307.011012][T32025] loop4: detected capacity change from 0 to 18844 08:41:24 executing program 3: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffff05e70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:41:24 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x10, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 307.036989][T32037] loop5: detected capacity change from 0 to 1 [ 307.041767][T31992] loop0: detected capacity change from 0 to 1 [ 307.050332][ T1135] loop3: p1 p2 p3 p4 [ 307.055009][ T1135] loop3: p1 start 487 is beyond EOD, truncated [ 307.055610][T32025] new mount options do not match the existing superblock, will be ignored [ 307.061193][ T1135] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 307.077287][ T1135] loop3: p3 start 225 is beyond EOD, truncated [ 307.083688][ T1135] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 307.091155][T32037] loop5: p1 p2 p4 [ 307.095022][T32037] loop5: p1 start 487 is beyond EOD, truncated [ 307.101292][T32037] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 307.107057][T32053] new mount options do not match the existing superblock, will be ignored [ 307.117189][T31992] loop0: p1 p2 p3 p4 [ 307.118084][T32037] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 307.121378][T31992] loop0: p1 start 487 is beyond EOD, truncated [ 307.129951][T32053] loop4: detected capacity change from 0 to 18844 [ 307.134643][T31992] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 307.149173][T31992] loop0: p3 start 225 is beyond EOD, truncated [ 307.155468][T31992] loop0: p4 size 3657465856 extends beyond EOD, truncated 08:41:24 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x11, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 307.185375][T32053] new mount options do not match the existing superblock, will be ignored [ 307.194070][T32061] loop3: detected capacity change from 0 to 1 [ 307.200761][T32037] loop5: detected capacity change from 0 to 1 08:41:24 executing program 0: syz_read_part_table(0x0, 0x9, &(0x7f0000000000)=[{&(0x7f00000000c0)="021bbfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 307.228950][T32081] new mount options do not match the existing superblock, will be ignored [ 307.239343][ T1135] loop3: p1 p2 p3 p4 [ 307.243841][T32037] loop5: p1 p2 p4 [ 307.248040][T32037] loop5: p1 start 487 is beyond EOD, truncated [ 307.254446][T32037] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 307.265304][ T1135] loop3: p1 start 487 is beyond EOD, truncated [ 307.271462][ T1135] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 307.278927][T32088] loop0: detected capacity change from 0 to 1 [ 307.280210][T32037] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 307.289158][ T1135] loop3: p3 start 225 is beyond EOD, truncated [ 307.292899][T32081] loop4: detected capacity change from 0 to 18844 [ 307.298310][ T1135] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 307.313121][T32061] loop3: p1 p2 p3 p4 [ 307.317296][T32061] loop3: p1 start 487 is beyond EOD, truncated 08:41:24 executing program 5: syz_read_part_table(0x204, 0xa, &(0x7f0000000000)=[{&(0x7f00000000c0)="0201bfffffffe70100000000000000ffffffee000800000000000000024000ffffffbf000000e10000008877007200300700a9ffffff00000000008000da55aa", 0x40, 0x1c0}]) 08:41:24 executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='cpuset\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x12, &(0x7f0000000400), 0x848002, &(0x7f0000000440)) [ 307.323612][T32061] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 307.331979][T32061] loop3: p3 start 225 is beyond EOD, truncated [ 307.338163][T32061] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 307.345988][T32088] loop0: p1 p2 p3 p4 [ 307.350165][T32088] loop0: p1 start 487 is beyond EOD, truncated [ 307.356346][T32088] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 307.363747][T32088] loop0: p3 start 225 is beyond EOD, truncated [ 307.369892][T32088] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 307.398537][T32114] loop5: detected capacity change from 0 to 1 [ 307.398986][T32112] new mount options do not match the existing superblock, will be ignored [ 307.414853][T32112] loop4: detected capacity change from 0 to 18844 [ 307.424504][T32088] loop0: detected capacity change from 0 to 1 [ 307.433017][ T1135] loop5: p1 p2 p4 [ 307.436909][ T1135] loop5: p1 start 487 is beyond EOD, truncated [ 307.443092][ T1135] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 307.448282][T32112] new mount options do not match the existing superblock, will be ignored [ 307.459045][T32088] loop0: p1 p2 p3 p4 [ 307.459523][ T1135] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 307.463603][T32088] loop0: p1 start 487 is beyond EOD, truncated [ 307.476323][T32088] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 307.484879][T32088] loop0: p3 start 225 is beyond EOD, truncated [ 307.486262][T32114] loop5: p1 p2 p4 [ 307.491034][T32088] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 307.495841][T32114] loop5: p1 start 487 is beyond EOD, truncated [ 307.508069][T32114] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 307.515910][T32114] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 307.544896][ T1135] loop5: p1 p2 p4 [ 307.548911][ T1135] loop5: p1 start 487 is beyond EOD, truncated [ 307.555216][ T1135] loop5: p2 size 1073872896 extends beyond EOD, truncated [ 307.562629][ T1135] loop5: p4 size 3657465856 extends beyond EOD, truncated [ 307.588279][T32114] loop5: detected capacity change from 0 to 1 [ 307.622877][T32114] loop5: p1 p2 p4 [ 307.626712][T32114] loop5: p1 start 487 is beyond EOD, truncated 08:41:24 executing program 1: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r3, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff7f, 0x0, 0x0, 0x0) recvfrom$inet6(r3, &(0x7f0000000000)=""/37, 0x25, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mem