setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, 0x0, 0x0, 0x0) 13:18:41 executing program 3: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {0x0}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1e) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) 13:18:41 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff82150a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:18:41 executing program 5: r0 = socket$unix(0x1, 0x2, 0x0) mmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0x10, r0, 0x0) 13:18:41 executing program 0: r0 = socket(0x2, 0x1, 0x0) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0x40, &(0x7f0000000040)='dctcp\x00', 0x6) 13:18:41 executing program 5: socket$inet(0x2, 0x0, 0x0) accept$unix(0xffffffffffffffff, 0x0, 0x0) fork() accept(0xffffffffffffff9c, 0x0, 0x0) socket$unix(0x1, 0x0, 0x0) 13:18:41 executing program 0: r0 = socket$unix(0x1, 0x1, 0x0) sendmsg$unix(r0, &(0x7f0000002340)={0x0, 0x0, 0x0}, 0x0) [ 679.390411][ T8394] loop4: detected capacity change from 0 to 264192 [ 679.417539][ T8394] loop4: p1 p2 p3 p4 [ 679.426977][ T8394] loop4: p1 size 11292159 extends beyond EOD, truncated 13:18:41 executing program 0: mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffff9c, 0x0) 13:18:41 executing program 5: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) sendmsg(r0, &(0x7f0000000180)={&(0x7f0000000000)=@un=@abs={0x8}, 0x8, 0x0, 0x0, &(0x7f00000002c0)=[{0x10}], 0x10}, 0x0) 13:18:41 executing program 0: socket(0x10, 0x0, 0xaf) [ 679.452863][ T8394] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 679.530863][ T8394] loop4: detected capacity change from 0 to 264192 13:18:44 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36c6d614", 0xc9}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0xffffffffffffffff, r1, 0x0, 0x0) 13:18:44 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) connect(r0, &(0x7f0000000080)=@un=@file={0xa}, 0xa) 13:18:44 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef", 0x2f}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, 0x0, 0x0, 0x0) 13:18:44 executing program 3: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {0x0}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1e) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) 13:18:44 executing program 0: r0 = socket$unix(0x1, 0x2, 0x0) recvmsg(r0, &(0x7f0000001100)={0x0, 0x0, &(0x7f00000000c0)=[{0x0}], 0x1, &(0x7f0000000100)=""/4096, 0x1000}, 0xc2) 13:18:44 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff83150a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:18:44 executing program 5: fchownat(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x6400) 13:18:44 executing program 0: r0 = socket$unix(0x1, 0x2, 0x0) sendmsg$unix(r0, &(0x7f0000000240)={&(0x7f0000000000)=@file={0xa}, 0xa, 0x0}, 0x0) 13:18:44 executing program 5: sendto$inet(0xffffffffffffff9c, &(0x7f00000001c0)="8c19ec0a364cb000000040519b4e587fcd624ca2dcf83ed4a9022812a09fde3ae54a6692a090f92b1927db738d06e0cf08644bbbfe5a51d430808a87116fb1559d6468af94517b53e51d3041fdf39eea96f5392b2b007d9284f283d25362b1eb2711a46554424b55bddbc8730ed001ee84ae5cf9f4049fdf3fc75f205cd8004db34f4ddd675454c23bdc8b97120937a5fc8de613cd37572fba5058ad7790bc59329c752d7112175f0f4317d00f16b7589bc3928d9038362ad958688081e26464482de46f53a6", 0xbe, 0x20108, &(0x7f0000000040)={0x10, 0x2}, 0xfffffffffffffffd) [ 682.388049][ T8470] loop4: detected capacity change from 0 to 264192 13:18:44 executing program 5: r0 = open(&(0x7f0000000040)='./file0\x00', 0x205, 0x0) connect(r0, &(0x7f0000000000)=@in6={0x1c, 0x1c}, 0x1c) 13:18:44 executing program 0: munlock(&(0x7f0000ffa000/0x4000)=nil, 0x4000) shmget(0x3, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmctl$IPC_SET(0x0, 0xd, 0x0) r0 = shmget(0x0, 0x2000, 0x0, &(0x7f0000ffc000/0x2000)=nil) shmctl$IPC_RMID(r0, 0x0) shmctl$IPC_STAT(0x0, 0x2, &(0x7f0000000000)=""/170) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x7, 0x11, 0xffffffffffffff9c, 0x0) shmget$private(0x0, 0x3000, 0x0, &(0x7f0000ffc000/0x3000)=nil) msync(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x0) shmctl$IPC_RMID(0x0, 0x0) [ 682.450785][ T8470] loop4: p1 p2 p3 p4 [ 682.464473][ T8470] loop4: p1 size 11292159 extends beyond EOD, truncated [ 682.484243][ T8470] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:18:44 executing program 5: r0 = socket$inet6_udplite(0x1c, 0x2, 0x88) setsockopt$sock_int(r0, 0xffff, 0x100, 0x0, 0x0) [ 682.560101][ T8470] loop4: detected capacity change from 0 to 264192 [ 682.601048][ T8470] loop4: p1 p2 p3 p4 [ 682.605608][ T8470] loop4: p1 size 11292159 extends beyond EOD, truncated [ 682.617305][ T8470] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 682.627529][ T1036] loop4: p1 p2 p3 p4 [ 682.631755][ T1036] loop4: p1 size 11292159 extends beyond EOD, truncated [ 682.642205][ T1036] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:18:47 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36c6d614", 0xc9}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, 0x0, 0x0, 0x0) 13:18:47 executing program 0: munlock(&(0x7f0000ffa000/0x4000)=nil, 0x4000) shmget(0x3, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmctl$IPC_SET(0x0, 0xd, 0x0) r0 = shmget(0x0, 0x2000, 0x0, &(0x7f0000ffc000/0x2000)=nil) shmctl$IPC_RMID(r0, 0x0) shmctl$IPC_STAT(0x0, 0x2, &(0x7f0000000000)=""/170) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x7, 0x11, 0xffffffffffffff9c, 0x0) shmget$private(0x0, 0x3000, 0x0, &(0x7f0000ffc000/0x3000)=nil) msync(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x0) shmctl$IPC_RMID(0x0, 0x0) 13:18:47 executing program 5: pipe2(0x0, 0x100006) 13:18:47 executing program 3: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1e) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) 13:18:47 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff84150a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:18:47 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef", 0x2f}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, 0x0, 0x0, 0x0) 13:18:47 executing program 5: r0 = socket$unix(0x1, 0x2, 0x0) recvmsg(r0, &(0x7f0000001400)={0x0, 0x0, 0x0}, 0x0) 13:18:47 executing program 0: munlock(&(0x7f0000ffa000/0x4000)=nil, 0x4000) shmget(0x3, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmctl$IPC_SET(0x0, 0xd, 0x0) r0 = shmget(0x0, 0x2000, 0x0, &(0x7f0000ffc000/0x2000)=nil) shmctl$IPC_RMID(r0, 0x0) shmctl$IPC_STAT(0x0, 0x2, &(0x7f0000000000)=""/170) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x7, 0x11, 0xffffffffffffff9c, 0x0) shmget$private(0x0, 0x3000, 0x0, &(0x7f0000ffc000/0x3000)=nil) msync(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x0) shmctl$IPC_RMID(0x0, 0x0) 13:18:47 executing program 0: munlock(&(0x7f0000ffa000/0x4000)=nil, 0x4000) shmget(0x3, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmctl$IPC_SET(0x0, 0xd, 0x0) r0 = shmget(0x0, 0x2000, 0x0, &(0x7f0000ffc000/0x2000)=nil) shmctl$IPC_RMID(r0, 0x0) shmctl$IPC_STAT(0x0, 0x2, &(0x7f0000000000)=""/170) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x7, 0x11, 0xffffffffffffff9c, 0x0) shmget$private(0x0, 0x3000, 0x0, &(0x7f0000ffc000/0x3000)=nil) msync(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x0) shmctl$IPC_RMID(0x0, 0x0) [ 685.392795][ T8555] loop4: detected capacity change from 0 to 243969 13:18:47 executing program 0: open(&(0x7f0000001080)='./file0\x00', 0x0, 0x0) socket$unix(0x1, 0x2, 0x0) r0 = socket$unix(0x1, 0x2, 0x0) accept$unix(r0, &(0x7f0000000080), 0x0) accept4$unix(0xffffffffffffffff, &(0x7f00000010c0)=@abs, &(0x7f0000001100)=0x8, 0x10000000) fork() 13:18:47 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff85150a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 685.435638][ T8555] loop4: p1 p2 p3 p4 [ 685.439763][ T8555] loop4: p1 size 11292159 extends beyond EOD, truncated [ 685.449917][ T8555] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:18:47 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_mreqn(r0, 0x0, 0x9, &(0x7f0000000000)={@local={0xac, 0x14, 0x0}}, 0xc) [ 685.562504][ T8589] loop4: detected capacity change from 0 to 112897 [ 685.607177][ T8589] loop4: p1 p2 p3 p4 [ 685.611319][ T8589] loop4: p1 size 11292159 extends beyond EOD, truncated [ 685.620603][ T8589] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:18:50 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36c6d614", 0xc9}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, 0x0, 0x0, 0x0) 13:18:50 executing program 0: mlock(&(0x7f0000ffc000/0x2000)=nil, 0x2000) mlock(&(0x7f0000ffd000/0x2000)=nil, 0x2000) 13:18:50 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff86150a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:18:50 executing program 3: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1e) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) 13:18:50 executing program 5: fcntl$lock(0xffffffffffffffff, 0xb, &(0x7f0000000000)) 13:18:50 executing program 0: link(&(0x7f0000000000)='./file0/file0/file0\x00', 0x0) 13:18:50 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$sock_timeval(r0, 0xffff, 0x1005, &(0x7f0000000100), 0x10) [ 688.356031][ T8621] loop4: detected capacity change from 0 to 264192 13:18:50 executing program 5: shmctl$IPC_SET(0x0, 0x1, &(0x7f00000000c0)={{0x0, 0x0, 0x0, 0xffffffffffffffff}}) pipe2(&(0x7f0000000040), 0x0) [ 688.405593][ T8621] loop4: p1 p2 p3 p4 [ 688.409861][ T8621] loop4: p1 size 11292159 extends beyond EOD, truncated [ 688.430296][ T8621] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:18:50 executing program 3: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1e) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) 13:18:50 executing program 1: mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) mlock(&(0x7f0000ffd000/0x2000)=nil, 0x2000) 13:18:50 executing program 0: utimensat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x2000) 13:18:50 executing program 5: accept$unix(0xffffffffffffffff, &(0x7f0000000100), &(0x7f0000000180)=0x5d) [ 688.487629][ T8621] loop4: detected capacity change from 0 to 264192 [ 688.543731][ T8621] loop4: p1 p2 p3 p4 [ 688.550008][ T8621] loop4: p1 size 11292159 extends beyond EOD, truncated [ 688.559331][ T8621] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:18:53 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36c6d614", 0xc9}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, 0x0, 0x0, 0x0) 13:18:53 executing program 0: r0 = open(&(0x7f0000000000)='./file0\x00', 0x200, 0x0) accept4$unix(r0, &(0x7f0000000040)=@abs, &(0x7f0000000080)=0x8, 0x0) 13:18:53 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff87150a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:18:53 executing program 1: shmget(0x1, 0x1000, 0x66c, &(0x7f0000fff000/0x1000)=nil) 13:18:53 executing program 5: getegid() shmget(0x1, 0x4000, 0x0, &(0x7f0000ffa000/0x4000)=nil) shmctl$IPC_SET(0x0, 0x1, &(0x7f00000000c0)={{0x0, 0x0, 0x0, 0xffffffffffffffff}}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)) 13:18:53 executing program 1: shmctl$IPC_SET(0x0, 0x1, &(0x7f00000000c0)={{0x0, 0x0, 0x0, 0xffffffffffffffff}}) socket$inet_icmp_raw(0x2, 0x3, 0x1) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)) 13:18:53 executing program 5: fchownat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0xffffffffffffffff, 0x0, 0x0) statfs(&(0x7f0000000580)='./file0/file0\x00', 0x0) 13:18:53 executing program 0: r0 = socket$inet6_udplite(0x1c, 0x2, 0x88) bind$inet6(r0, &(0x7f0000001100)={0x1c, 0x1c, 0x1}, 0x1c) [ 691.407767][ T8698] loop4: detected capacity change from 0 to 264192 [ 691.445762][ T8698] loop4: p1 p2 p3 p4 [ 691.453483][ T8698] loop4: p1 size 11292159 extends beyond EOD, truncated [ 691.461913][ T8698] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:18:53 executing program 3: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f", 0x3e}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1e) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) 13:18:53 executing program 5: setgroups(0x4, &(0x7f00000000c0)=[0x0, 0x0, 0xffffffffffffffff, 0x0]) 13:18:53 executing program 1: mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0xf, 0x10, 0xffffffffffffffff, 0x0) 13:18:53 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff88150a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 691.560330][ T8739] loop4: detected capacity change from 0 to 248065 [ 691.607670][ T8739] loop4: p1 p2 p3 p4 [ 691.616479][ T8739] loop4: p1 size 11292159 extends beyond EOD, truncated [ 691.625262][ T8739] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:18:56 executing program 1: r0 = socket$inet6_udplite(0x1c, 0x2, 0x88) connect(r0, &(0x7f0000000000)=@in={0x10, 0x2}, 0x10) 13:18:56 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_mreqsrc(r0, 0x0, 0x46, &(0x7f00000000c0)={@multicast1, @broadcast}, 0xc) 13:18:56 executing program 5: sendmsg$unix(0xffffffffffffffff, &(0x7f0000001900)={0x0, 0x0, 0x0, 0x0, &(0x7f00000017c0)=[@cred], 0x20}, 0x0) 13:18:56 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff89150a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:18:56 executing program 2: r0 = socket$inet6_udplite(0x1c, 0x2, 0x88) bind(r0, &(0x7f0000000080)=@in={0x10, 0x2}, 0x10) 13:18:56 executing program 0: shmat(0x0, &(0x7f0000ff7000/0x7000)=nil, 0x0) 13:18:56 executing program 5: r0 = msgget(0x0, 0x0) msgctl$IPC_SET(r0, 0x1, &(0x7f00000002c0)={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) [ 694.396480][ T8760] loop4: detected capacity change from 0 to 116993 13:18:56 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) readv(r0, &(0x7f0000000180)=[{&(0x7f0000000000)=""/72, 0x48}], 0x1) r1 = socket$inet_udplite(0x2, 0x2, 0x88) recvfrom$inet(r1, 0x0, 0x73a0b1b, 0x0, 0x0, 0x800e00549) r2 = socket$inet_udplite(0x2, 0x2, 0x88) readv(r2, &(0x7f0000000240)=[{&(0x7f0000000080)=""/112, 0x70}, {0x0}], 0x2) r3 = dup(r2) r4 = socket$inet_udplite(0x2, 0x2, 0x88) recvfrom$inet(r4, 0x0, 0xccf3, 0x0, 0x0, 0x800e005b1) shutdown(r3, 0x0) shutdown(r4, 0x0) [ 694.445761][ T8760] loop4: p1 p2 p3 p4 [ 694.450119][ T8760] loop4: p1 size 11292159 extends beyond EOD, truncated [ 694.483825][ T8760] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:18:56 executing program 3: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f", 0x3e}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1e) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) 13:18:56 executing program 2: r0 = socket$inet6_udplite(0x1c, 0x2, 0x88) setsockopt$sock_int(r0, 0xffff, 0x1014, 0x0, 0x0) 13:18:56 executing program 1: shmat(0x0, &(0x7f0000ffb000/0x2000)=nil, 0x0) fork() 13:18:56 executing program 0: r0 = socket$unix(0x1, 0x2, 0x0) sendmsg$unix(r0, &(0x7f0000001900)={0x0, 0x0, 0x0}, 0x0) [ 694.528613][ T8760] loop4: detected capacity change from 0 to 116993 13:18:56 executing program 1: sendmsg$unix(0xffffffffffffffff, &(0x7f0000001900)={0x0, 0x0, 0x0, 0x0, &(0x7f00000017c0)=[@rights, @rights, @cred, @cred, @cred, @cred], 0xb0}, 0x0) 13:18:56 executing program 2: open(0x0, 0x2, 0x0) 13:18:56 executing program 0: r0 = socket$inet6_udplite(0x1c, 0x2, 0x88) setsockopt$inet6_group_source_req(r0, 0x29, 0x52, &(0x7f0000000080)={0x400, {{0x1c, 0x1c, 0x2}}, {{0x1c, 0x1c, 0x1}}}, 0x108) [ 694.580528][ T8760] loop4: p1 p2 p3 p4 [ 694.584681][ T8760] loop4: p1 size 11292159 extends beyond EOD, truncated [ 694.611950][ T8760] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:18:56 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff8a150a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:18:56 executing program 1: r0 = shmget(0x3, 0x3000, 0x0, &(0x7f0000ffd000/0x3000)=nil) shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x0) shmat(r0, &(0x7f0000ff9000/0x4000)=nil, 0x1000) 13:18:56 executing program 2: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) sendto$inet(r0, 0x0, 0x0, 0x0, &(0x7f0000000100)={0x10, 0x2}, 0x10) 13:18:56 executing program 0: mmap(&(0x7f0000ffa000/0x1000)=nil, 0x1000, 0x0, 0x1010, 0xffffffffffffffff, 0x0) [ 694.737441][ T8838] loop4: detected capacity change from 0 to 264192 [ 694.767064][ T8838] loop4: p1 p2 p3 p4 [ 694.771582][ T8838] loop4: p1 size 11292159 extends beyond EOD, truncated [ 694.781432][ T8838] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:18:57 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) sendmsg$unix(r0, &(0x7f00000011c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x20}, 0x103) 13:18:59 executing program 3: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f", 0x3e}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1e) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) 13:18:59 executing program 2: open(&(0x7f0000000000)='.\x00', 0x200, 0x0) 13:18:59 executing program 1: socketpair(0x2, 0x3, 0x2e, 0x0) 13:18:59 executing program 0: r0 = socket$unix(0x1, 0x2, 0x0) setsockopt$sock_int(r0, 0xffff, 0x1004, &(0x7f0000000a80), 0x4) 13:18:59 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff8b150a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:18:59 executing program 5: r0 = socket$unix(0x1, 0x5, 0x0) sendmsg$unix(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001240)=[{&(0x7f0000000040)="cb", 0x1}], 0x1}, 0x0) 13:18:59 executing program 5: r0 = socket$unix(0x1, 0x2, 0x0) getsockname(r0, &(0x7f0000000080)=@in6, &(0x7f0000001200)=0x1c) 13:18:59 executing program 2: madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0) 13:18:59 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_buf(r0, 0x0, 0x9, 0x0, 0x0) 13:18:59 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$ETHTOOL_MSG_WOL_SET(r0, &(0x7f000000d140)={&(0x7f000000be00)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f000000d100)={&(0x7f000000d180)={0x1ec4, 0x0, 0x0, 0x0, 0x0, {}, [@ETHTOOL_A_WOL_MODES={0x1028, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_SIZE={0x8}, @ETHTOOL_A_BITSET_SIZE={0x8}, @ETHTOOL_A_BITSET_MASK={0x1001, 0x5, "d7df70b1704708b601e70e00e26a0d65588eb23329fd222f88a1f2d68cb4840f35291079d63ba9a157e1d2208134a62cc6c656973deab2f97bbf5aa23df9c8b89da074e463862bb2a6b6b809d97a8c4a032aa519e760d5faa35d91c21f2d6f57923d33471528754b4f6e1bd08db73e04ead0f7111ff71a4b52d4a9700bf7b26733dd3cc16f4eaf19db6527850289ffb6d65169048730a6dab3416aae63ebca3f3e000ba7533c7b4d35796a4bb3e5fc580d030cf8fc71827eebaef2c0db93d393a844d74b1b0f7773c47a4463d5fba2bc14dc591bb53b862cf93e0a119144e351a80ccc266e3321ac7fc041ec69895b8de11ccc28fb0002071ced95e8d97e8d61225cbf627e7f8d1e852acb9b2782a398948f87a8a2ec7fd010d2b3e95548c18bc982e1e2f7385d0472f3416895d4c898a804986fd71a979254834e2c489a427eb196ce331c8082b05b13d3161a22fef3b2cffbbf2a0f5c579d3609bf3a717ded39e254d798d7fcfabb16a5a20a6d5ee62c5212e15cb898187e3cc209a58ded89c000a81d01aca8f2fc4c0d5f15d4d6f61fdf97b686f048c4b4f93f8024fb8b14bd73c90b8c8ad92f6c264ab38cb39e465ae1329a0d7dbcd5ce799ee4bff31067dc34144c4e208e9c6a5fea95d052fb1cba652f93f812a7618f70a6208da42154785eb7da9521aabb18a916e3fabf4e44f4f71662cdac2cf8eef95073b79bed3ed1a88f05b4afcb0c77c67cfffc8fbc81695744356ab8651a140ef0bce6a5cc70e6764f4db49e2300223ddb719d19039b61f10ff2315ff5d17ce2872d7a23833047ca482a983a44b03df779c56a38d02cc623f48972410b1b42ba7da73e56f8d6d222816b0733c55e3fab37eb2a48d7d67cec157dd4bb07849caeec32568f7c94103ccce81c0559f0fa515d443d4cbab4501698e607b3a623b157ef4b58de8d739694c4fb3cb2a2ef7b6d0319fab0458f3f638cb16c61847c8cfee969e0fb0b31848d2947c283c80c44ea4a2c9cfdf7fb38d4463343686be17013cff68c82ba2ef9f7279fe2a72b83c6b7f5a8a98d5bf7a5e1633e0b3cfb5efc835779cec5ff8d44009f699f49f9627259450458b4f4fb41dda08b76362eb7bb6a865793d02265c540a26045e22b29945971c5b88861e04c409204893aca1d3e2c4f6cb6816aaca82e187d25520c7591becff1b7d6b1654d13f2442b9a41619ed2df5243f89af28986867208005f90450d56a529e2ef8d665acb24588703d630f2958d34ebd4a1595ece0cb632bf7977de1782061f272599a8aca303b498ae73487da6de80ca6b4b1e49b4668a640137856e096d57d13f439253ee0b990a4025852d3d8b789e7f72943a2588685c3f9331a0f4d73fe23883966f85005b9b474806f3f0b98987b8fbe0f148dfeb5a682d7e73e5ca6378d90e91adad8f2b6ce07c05371aa435a2186a6fedefc9e46b68854636e42d6d0c596e769aace75b1fc8dc103e04f7691bd0305529eeac05d39816a5ff56aa8eedddcaf5d49b72ec43bb9a3b79ff6ad9dcda3f041b272534f6e2c6550f492b05c65fa3be90e62a524bfa6fe231868ca514820ddc18a6f3f6a7b9271ad1dce20079034acebcf12a6e1a749e36ca3c4af553d604b5a87fc27c8725140b6433a6388635926850ff6cac033c5bff0c91a58a506ef0e2d345de4865d5a5ed0ee8deafad918f3fa7bcf572a5a7bcb52cac60652ea362c5fe5b21d1f749ec5c705786624f1a6b88110ee090ecf8ed8063f78354d3f375507e8b8a5a4c9599a54a303c733ed7ce93c7f9fc860f0bc01dc9cbc457d70f6dd28dea60321ae74e801f32caeac4e17cf72059504d61f8676eb016df399e90e797be5d30af6763b2273dda02ef6453a476886d5718e643abe69c8cd964bde7d4f294b6439e6f0a7290e4238cc5d082bba24226642192f2651dcede0e2a920a5f42282f2f23b5bd54b4e78a3a80a0555fae688fdd21ae6223ad7264ac05663f43ec2e01d45598aecd10fc82c5acd69f1696ba31ba8c99c55263781ab510e42f63abe67652782295fa2af0c36856ef9e82e226fee020a903a7854052e078a1361715b1b0bc5402ebb5135a568f4ff395fd2de957e225a7283c82e9a5435a04a8783994c841a00964d704026a17aa796c9b21f4823f2208bfde174b29b007df89f518472e83618846912e26362396971ba2c1c199836a723f6c7bbdaaaa69693675b61ca9c1ad8df52908628856c2712226561cbeb9ccf7b069a517f66489a75f3496bf6859b18014c11ecc67ef523ecc78819f24e1af7fec10a9aa88582ede3bf2a8910b0bcf8a17399c01fc4b1a840081faef0f8b4eec92ce92b9def35651d0ab899d1494b0b9c40822041cf399e231351887a1ee181032ea470f665ca28616a331bee065b06f601a62aca3207b7087edf49110c99d7391782cb17d687dd9fc7b9a8919f587d9d11e78612353597ceb04d407db1ed6c9a0217f4fa44ce225f74ba5adabd3694bbb34a0b58fddca909710c939017544dc6563e396a8f468196a4e6f67d2caa4f7aeadedff2ad85d996ec89dd53da0280844fbbedb869c523af9e0a01de36a7bb35f9cddd3440cfa83d4be87c5fd3aada57b758dffe6dc2ab5e672a5e2a61805619056b4d6546aa26176f3fb8fbcee68bd40318aea90bfc661ac9e066c0056fc97cd6c2fdb75731c105a321301e2596cc7f186eab3e136e9aa6b983f581fbff3b19eb90b6dbbcd58aaf64733f6f42c7af365aba4aede81b180b723c9ceca3f5e2283c3ce6a9c2c2d2541b8e6582202f8a3d47ee940bbceb286cfca1524c0347f5bc8465fb7ecfd09d339abe329663aa3eafc7f90dd0d29ba99c0d833d5db30b68597b01d02155022823b8d05d768386d2f9d1facbb6ba0c1f9f442f73f8b7a97dad79053a7ffffe4069b4c756d47f273a89e33ee40dfa37a94b184794d9192a214be5855146ad58fe73827c9f7ff0812a3f0e18683169e10a2fc0e5350069d43117d8078f8179156965108662722c921c540a7a2de875b492b568f3b29121d76ae4e6f57c10e2656e1036e609fef6ac83b03492ad986dedd5386114ebcc38fe661f1f9e97209a3a80bd1c2b5fe11ebb6a31b44d102d14575b8de8c079b4fa5ad8fb584770b9e30bf7df939c3edb07abf4b332c6d57c2cb0b6817ea4af263f18c10dd717fe68bd552b307caba24af0f20112a5b003eaa424fda7ec248f7be16f468f21f83add1a70cebced860d4c3f341e96fdec0845fb7d638266d4ce63d18a7cd4affcb4fdbe61149e6e8d3080829ed29520341d0107dd8e08135d58e62cfcb45c61794119339206699858c546c685b43363da8fa604dfb8732ded475cb6953ced891971660e02fa7b3c54755c54b7aa974601721ec7faac0e5c07039f1c7c0cf732ea6ccb6e5f4b8f3f46479ca3b26bbaa0c4ade5d60604fc2a48b430a6b1e28d8e11c6ee68062b1120ed74bf6703561d77ff9cf4f33598f7e76a45b17164d47f9d01b256c73a6ebacda1bc389b863eec0406f07ca64926b1c00a5c343ac118cb86208e3cbdfdb659b2aec2d4bd0b97e96c724611d7580be4b4622dae4a2c1bfca35c8bb0b03ed4521b2b93d24390a5a1397ce622e8228c30e98a72a142216c4ad3e495cb18cdd18f10cc66ee835bc7c4b333f861e8d6ce114fc0c943c8785b670b2ba2ece1950128c655f3cc906b9c8c457f5a23a4dd2e03ecc5a678523edf2f45440bd4a83cf371538b53cad3899f1ed844c02b622da23eaab04d2cf5c255139c8071620d085450d5a2eb72c656f5f03616e86703079a63d6d42f50b6c4fe413ff21b5b4ed4798768b9c8b4c1c0f0e095e64320df7235ebf665edde93a82b2e24f771160a5caaa98e59ec62438dc8eef9caea281b69efd7ae7042ee00066b15d18017d2e214696d97ca0952d0ce815d5e33c8fc2a8336277eae7afbc3232ab787f3a2d05c5815180004533c59a46dd039b37990180bbccd1284d09e3d1c8c0de8aa26c93edff22fcd28557a5d36d49f11b960c28bcf5f4033bfe2a60754599edcb1acb5c714173abce21bba35c99af1170f065711df3cfd4d45c1d53be6eabe84804c64a4639a1b99fa11e5ac70d5dd1b4d89f7521bcf5a4611ef3555405e3f0b9d428e8c86cc00bbdb30dfcbd8678547b981894f9b1077be3e99086f7aa3576977301bf9097132bc9c2ae5d67af8622bbf98203af757a764b0067f59feae79fa074c5133c9ed72307bb232963e4f713f97063900a66b06a081e8f8de5084fbc96686588756e92f1de60cf6a07bb10bea8f75fde8e70083b64c0aa004b35c0f6f251220f245945704e35de20f293092a724f8a615e55ffc8255c5c4a13e240ad1ec1a40da76c67a6edecd7c146bf89004e926dd125591b22a295c904b66025abfafe61ec0422901fef684afa1af4dc61112c3741dd2f8cbacda9055e651b64e4da2cfb685e6215818e1181575e188143b6aa3248720a483960cab541718cba9b1b11892b5239ad026ad0072812d15017303ff2b655a980bd1752ef958173f62a0eaa6631e50b3d6cda1fb29640c06f8d6b3aae4f9271d5df863148d24b5aa3da62794405d2e68bb22c88ae9f8e90d86beca22be7ed5f898228d98b804eb41ebf1b1091341650730a99c04af5fd440bb02a1cd995021bac0034d46c3bbaecce10df5eab4d2627e794d7f00cc70f593e1e5b255f19338219accf2c1f19a2a57659a183b02f2b09eee566eb819526a1d1dc5cc1425aaca4e74fab1ccdd727f71da102cbc08e18bc3298c237c3d6eccb3608e889c0091f66997a069f257c2dc56c5c9c3f32fdc22fb08cff016ea0a5421f001c732d7c242a343ece97f4521f1ef60ce5233d204894071abfb86f89aeba7dd53127394521473de80194307d6eabbf1c31fc9c64f7c8544fded3f54c2e3085661a731b8425b4e012c9f8737005eca8b7913284f588332a7580a48c0fdfa82b58b202ee65c1c88becd11fde03a571819140148bf353ae6b463535d64906c708995833a48be61dcb56f4294742a033bba3232cdc692d154776c2e332d4eb400e8a0a61615bc2a09e33943ee5abb2f6f9df9320399bb80aa62068f35682fd9ab86fca0513bb96db74f603f679669e755e6845c149b8c93f96c6b07a86d49238b6c69862aa4fff20f797586d370e0badc2285a0a99e46365d7e8b0e4bf171036efdfab26a09152c2f8d5e95c4b8282e5f03ec1c081d4e98cd1222aa6583b12a81f449e53f4637964b7a9b089bc25e9d46678d393133e67b2662d514b8f4a714a0dd149683d7a93848322f8e3325a6892155f9216dc79e63a356e244a50d188872f5e62c47bf7ffd06c8b3f36e5fd9b994447693c2e419f6ecaf6bcd848f0d4f689b2d133cbe09cd46c829825cb57bdfdf11743bf658997238aa676a6c087020fc027ded27b6eda02f4cda70ab57d2e8f1a71034e6734414e52cbbc43de733c8a62e582be0827fb418ccefaf373a5371b59d37f5b3a2a0b09e60db74eec76abaa2588841e574cd4763fcb9a1db640c06148952444afd077e6b4ce87643446684acc1d4dba24cc677c11a615cffd62bc869091625b56cb9a41a75ec16af2712354c14c00031b2d79d0db7d3ef77e8033304a22105ee10c1facfc79e0735fa9f11fdd4e01949c33a4012c6ccc76c8bc0fdea6a9107b6600a9441083246783d79d889231d3bf9300a41b790406199d6fef7f9314819fe4c48c06ea2c43aebf94b7196f766fa3824f89dc57cc8bed55b69c9312baae6d97c3a9f1244a568e71f98842630b8b5f438a3d"}, @ETHTOOL_A_BITSET_SIZE={0x8}]}, @ETHTOOL_A_WOL_SOPASS={0x29, 0x3, "5ae7cd73f2b429fccc3a23ea9a4684e5be1ba2fa0db15cd56688c204d13c7a6c40b5b20624"}, @ETHTOOL_A_WOL_SOPASS={0x39, 0x3, "fe908caa664d49b5618884611bec01aecdf1a180cfec52f7859f7270151a490d6c10e63d61295f3e8656dcd70d9d79996b52fbfc75"}, @ETHTOOL_A_WOL_SOPASS={0xe1d, 0x3, "37ab553bd090e781bc070e4abbe46c10968cf8c4cc11b8e9f6e384bbaee12d164455e718826b56b44838599a79ff987ceadd518c8ed8f3ffbd52cfb00db9c3a119f9e06fe906bd8dc654f254947c8d753da4ab5e54b0180fc4326876035e2843b09ab5ffd4a9691e91430982e1ea01ef0aa9181a37c701aa645c23ece82b472c141c2e89e9da8c9da2f52267d92ac573e65a9eefbb9f4da2092815d55ac7d40f90b7ab5731b52f6aa15109a2345397c7c3f7fc338b1a7b6e70ecd5c6ee4e3141e921e7cf28f9775d57f9716cae7d44d37dd780f786939b6a8e2b1c30d0638756e8940c634b1f309b41f0a15eb9e1c0c3e0d68cebe04d719f47ac1d47ad511e64dc986d0d108916564876b5d1a122f68d1ceff941b27c3a0d0a412565968f5aacdc31a9ae058d72017f1b28348b25c8e2e5cbb91b5feab622d195f27d67e07caa22ffad4fee4b5f839120ad267ca8fa6b00db64d2e10d5b7fd9c7570d820e4c69f27b9b29df87e06331d5914983220a25bd910e15a8c6c9466c93d7a5b686ec2e5cd620e0d747a5a85375d889ed926f58b03884b26086621ecf75b5b5687d463f78ec733b5fab1fe1b78bc8fa99e7cdbf3bd3656bece9cf9ee110f58cf1bd30ef934ee452e928ae8e291f5a6d899840558c40af59c8b03cdb69e258b5f6ecf57a271cc198bdfa3e62bce88fe3347268ffcc5ac826f971791868b5e35587b6aefbe7cb71d370c50b8d4242bacfa383b8a626e069a9887cc9cc084f9a9cf2e9f9576753ee8acd5ce38857bfa2aeeaf8ab47ad8afe9b50855d5f5476a0c7a7fc3be22cf238c9029c4ce082101c485a3eee1a23bb6b004aebc055de2896c41223b7321656163563c88f1786e71113f2ee1fe3f5ea40683a9870d746b5903f2bb0394f7aa4a99081fe7a117ec52e51a54f02d60bad62aeb9cb4762fa2326e543b034885290a86db81e132973c1ca4a32f5f283e3234bc8eb78bae4131f02cb59c12b7e5af1d33914550761e1ea93d676f2ad3b99ac681c19ebd213ea4c0b4398d0c55472bac99934554eded18b4a31dfbc5fdbd5c50c7c370b9d488bd2bdeaaa0982f9b677b2fadc28dc1b69725718a91f7e71f3e4fefcedeb347c7a1808a81ed4c5a2c80eaf92a300da21c57abb491a36bc762ee84b741d69c671b473f07211714e93dcbaee49ba81219e4ff6d55aa968c01cb8b9de1817743c948ca057ca9a78a3cab291c87c89604109cc93fa37e708b1d3211097c8b19ed69959ac4da7a34d9afb149f9945f6ad9af0f26eea1c65f3931e1a33c0087a37214ca77142953221f924d6b9fc51f9184ed882a849a38d3d1b3463b663897a139dedf0cacf4c597e5ee5ff7f4c2a4fccdbebbaa46985ee64e6e80f68067b00de9b74f4b990495d62210a11b98c4064be932689c2d6f8d50729758cf66c2a2096731d538741b3ae26fbd7c849016b2757ec54d453cc56d178c8becc1be39fe3acc6bd2b5efe48d6da0f12bfd836e8249c795d9bd58591405e2951e277687843e0db43041d2fb2350fb1e393f080096f5ccb8259435625e57a701aeea4e1e7bb34998953334b5d115764a7e7298c4ede23017fd64670fb4d521fcaab1c3b51f9532c4a586730ec21e05f18270f9a652494262d59fb5a379f4e954885133be9cb530cee6693369118a0d5bf1153fdc3a5c718a45cc4b99cd4203b1de042b9473cba6e2c01196d5cc6446f318b7aebc652092b23d501ddc23b786254cf40e786c3c0a322a14ae4943627b3618db8f8877a7af01a39230a359960392db77467450bab218e49afa71aa909907b063563254834c0e6df1dd173a9a1a9dffb1311ede3e23cff74d71f2518fcf623af9f55f8f4eb0da8a8bf35753b8315a8be28f44fd3f6b063aaa7181d6205b29b0cab119ccd91beadcf4e4f0f6f95eb86a9a06db8140ca55755162d012e68732792a19fbe0f975002fcab4bf57d8fc8578ce6267a3a139f7b97deef8ecf13f4e7d85bafde51d374f2c413b04a23de578e017284b8ceeb05daa04a6e6ca8eee27103745cf66aecf15ce43ceee0fad8bc8e79ef6c1538e25ba444b48e541577ebeeaea9be43a87ec33bc0fb5154647718914122429c6428a384d022a98110d67476f46985dd335db096918b664987ca46ce944ec173bf9cc6978b7cb83d5692850fe6b4c6615e5a84a43693523557c43ef43169bfde39e521b0b1ae6a2bf20886a95e473e61b9bfcdf6a4de5c0d8affe5068bb61b55d6905f0261380892d85c8d27614a68580d671d392681a0ed258b7b3f9278d6313341af12341102fd356b6db3d0aa0b9410006179aa216dff7af72640437640836ad5557b61fbf321d08ca1882fc2ce4a16b3703b501d6f30ecf964d75f41d4f3bf2c17790ff4c6e559d5c1ea7e817bf3159a6e5e1ef76f54e61909d016e45b182a0476458f3099ff375e80a4b8053e4b38396131ebb4afdca63441970be9fab797d5c81ba2f0e87335c4903fa1dc8767318b56fc802a5949cfa51efa892f5351303f4c1729c71d7fe95d8a57219211673bd740225c45198d5e92b06551a0fc021ccd8785bda4ef197ac7f6c96e1c2f12e86409f7b28f71a5a3545c56e945cd02215de16e40887393353d6073bf843e96d0c6ab99256c6ea1f21289459cc99073042ef567e9ce9b49f7b5078174f59e1f65f3288e300684ab9edf4a68c6e197ef764c00d651ca4785fc711ad6e0996e356e787efd3a96702fa5e5355fb02411a241c7171ae3693bd2359e95718370dea2857dd9e7c75f03357a445c6a8aec3a9000baf1c3754cf99ebc5a409c72b5a36baf7b0772f0db26168f00b50c8ade80785ed8b5f90fdb437eef9b1c1af3bac84c8b0cc78d2f523b0c518c5391b2269455523666f647ee970237b116226ee625be3e229c315318a71757a6eb03468da74a4a967c85d7ea992e0449805e0f10e3a480df0847810ff85491935838ebb0b9943b8be8d9195b10817b18cb51bf6f23015fd2f372faa7d2fb5d7c0bf5c181f8fd32965e3615deaac534782170fa622beecd88d22cfa3b03f20e35a938ea33d4d70487a4da3c9a3177b32588a8af054251ae4442a5b5add8d285e277a68cfbee45c5ce7be0364329498c320d97aa187c1f0a5e003e9b8357605eb1de27e959a112e334900ef9ca5d39a0e7f82c1596804a9161349ce5e24b7396e39a8312b2380d4105f6686de4fcf6a33188e4ce5929972cce1306177f0b2f7854737b5cc7ad8778a385d781f63794e11277d2132e19a9f0c09584eeb6437d1c40822c07cafe50c2b5682c62ec17df75d84aa40985d9df83acc8673a86c7406346e18b480ac87a7949fbaa386a822d1922d3fa157318ea1f9188680473a4e0269a12558112c05441ace91d391726bb59e7d32c87d3e833d473b9ba7c2f6b0857e4dd7310f66447bc540e90d0ea557eba05ff17551a46bc3b0e7e5669ad3fd5cb107b71ee7d0764ae8fb3832e28410e0fe655362aca91bf0c7167a04da4e51c5b1678a9603a8c814e00c6e90c36cd4e156532531d887807060cc2c0147d75fb18ea50bf0dac86f796923785662d6847e4b1b97a1c81e8a685bf0331ffde14a1dcd8903809e0fb6b5e44e9f76f525241ce0dc5f6eb3a693205528b4d36852bb2d93d7d02be4dbe1a64e1840ad0e75500d85cdcf4e1aa35aecbc92759078903a7df2be4d48389fd37b739a6d8437d05b6dc7f61d4451056538640d62bfc7376d4ba6db48520a9c96a218587cf579b76dc913cbc813ba7d0ff77dddd3d35e12f7e6145eb1aba2f1d33ca51f890a5155d7051d743ed83f49ae526c49c8fa0c93fe611133debc80fae814824e897b27a2ebbed97613ae1117e6736a201ad2a00249f8a1adb17b822c7c4556ba87d7ff7691a947d86720b8b295909212cc0250f29dc84be9d1c86f15f7d8eaae7ff5b45f52820a193ffc44ffe343cd937ec333fffed295c5746760bc7ad75009f39752828a0d4ea6f3b5186ff06ca5f82857bc6b2b0f2ac35af4f8d4d4d679561841793becc9ad26992983f984f7b987e69ec1c5aece372e0efa71ab776b3c232953e047fa6d8680fb32dad212a06cb3fbd574eac7d0b4ffabd9bf398cff60c185821340857e7313fc7b33a53b92bb60a75869a19921c1469c44b3af892b4df09402a4dc1a457abe9f59f930fa1df92b832166c56c1b633628bf74c6f132f226fd4f923f75908e40d535fe0f9cd12d08ded0b575a5555ffece24ca266c01320bf3bc551bb7d875e4763eba0569c370e2624adebffc1fe72f1976970d2e5ae17b1fdab7a8ee3e183d6f336ccad9b8b0c0150ad9b1ac0389c13817dccb4acc4ef5c6515744d0ed47f93821008cad31fdda1ecde5b4584b64c93d076dd074d0690498ebc4915c81624ff5237c894535a295675018c8fd7b7ea91773f1f372ee1b31de49655633f9d9dedfd708fc13d36b6f4317452a65c7e69a1199429187f6eefc3af0faa8f7a8bd145e6f805269d2281594edd4de6e2946433fe157254b79bafc0da5ddc9bf1eff9094b6e80e8c45cdc3911c92df4a1cf3c806c7e9dcbc7da856afbb01b2332401707a89c4d9ff554054d6c486ff7b2c6bd6a2dfc284b1a539aa0e4898133ec92128027891da1dd9df15df51df4d01dc27278029209d420ed2f9fcb3a0a5b5198415f758b0355f9aa4aa752c7ea619ff61f6f9f02e54ef5bf74a3b4cbdc5608589ad6f493fc33ea4fc69d87663913d829af964ba5d8cc203fc75b21e34875da023dbf9e5b9f37116e33516e9ee5259987b3418643974523fe4129b1baf7b5b0784ae955c63e54730719a0512495438d9bf5e36308373d363ed5f0695a9df27a46eea4f29f932fe3def1753e76c25b8227c081957445528d33830570e29c1980b4fef7cc3dadc2d0501918adf7b7c87e64cfe9b16526f79c868e72771549d3cc09dfefae199fc7d1931a42c24a5c992f813bd5a39c351d96026c5e6fa051c6dee305841e6850e276d15d10277fa2135000fbd6cc6182b056bda7328742de9927c9ab671896a1aab3b2a662b53890cc1184fbcd57c1fa17841b1a1fa075bf436a830472ce7ffcb360c64c61af0b2531ac08447c2396fabc470b0e0262d9"}]}, 0x1ec4}}, 0x0) 13:18:59 executing program 5: getresuid(&(0x7f00000003c0), &(0x7f0000000400), 0x0) [ 697.626346][ T8894] loop4: detected capacity change from 0 to 264192 13:18:59 executing program 1: pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) bind(r0, &(0x7f00000001c0)=@in6={0x1c, 0x1c, 0x3}, 0x1c) [ 697.675694][ T8894] loop4: p1 p2 p3 p4 [ 697.681165][ T8894] loop4: p1 size 11292159 extends beyond EOD, truncated [ 697.708701][ T8894] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:19:02 executing program 3: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d", 0x5d}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1e) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) 13:19:02 executing program 2: r0 = socket$inet6_udplite(0x1c, 0x2, 0x88) setsockopt$inet6_IPV6_RTHDRDSTOPTS(r0, 0x29, 0x23, 0x0, 0x0) getsockopt$inet6_buf(r0, 0x29, 0x32, 0x0, &(0x7f0000001280)) 13:19:02 executing program 0: r0 = socket$inet6_udplite(0x1c, 0x2, 0x88) setsockopt$inet6_buf(r0, 0x29, 0x55, 0x0, 0x0) 13:19:02 executing program 5: r0 = socket$inet(0x2, 0x3, 0x0) setsockopt$sock_timeval(r0, 0xffff, 0x1005, &(0x7f00000000c0)={0x0, 0x9}, 0x10) 13:19:02 executing program 1: madvise(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0) 13:19:02 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff8c150a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:19:02 executing program 1: getresuid(&(0x7f00000003c0), 0x0, &(0x7f0000000440)) [ 700.644195][ T8950] loop4: detected capacity change from 0 to 252161 13:19:02 executing program 1: utimensat(0xffffffffffffffff, 0x0, &(0x7f0000000080)={{0x0, 0x18000000000}}, 0x0) 13:19:02 executing program 0: mlock(&(0x7f0000ffc000/0x1000)=nil, 0x1000) munmap(&(0x7f0000fed000/0x13000)=nil, 0x13000) 13:19:02 executing program 5: statfs(&(0x7f0000000580)='./file0/file0\x00', 0x0) 13:19:02 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x8, &(0x7f0000000140), 0x4) [ 700.686876][ T8950] loop4: p1 p2 p3 p4 [ 700.702349][ T8950] loop4: p1 size 11292159 extends beyond EOD, truncated 13:19:02 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendto$unix(r0, 0x0, 0x0, 0x18, 0x0, 0x0) [ 700.729482][ T8950] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:19:05 executing program 3: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d", 0x5d}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1e) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) 13:19:05 executing program 2: r0 = shmget(0x1, 0x4000, 0x2ac, &(0x7f0000ffa000/0x4000)=nil) shmctl$IPC_RMID(r0, 0x0) 13:19:05 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff8d150a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:19:05 executing program 0: open$dir(0x0, 0xb43f9eaa90f616ac, 0x0) 13:19:05 executing program 1: munmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000) fork() 13:19:05 executing program 5: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_mreqsrc(r0, 0x0, 0x48, &(0x7f00000000c0)={@multicast1, @remote={0xac, 0x14, 0x0}, @rand_addr=0xfffffffb}, 0xc) 13:19:05 executing program 2: r0 = fork() wait4(r0, 0x0, 0x1, &(0x7f0000000040)) 13:19:05 executing program 0: r0 = socket(0x2, 0x1, 0x0) connect$inet(r0, &(0x7f00000000c0)={0x15, 0x2}, 0x10) 13:19:05 executing program 5: r0 = socket$unix(0x1, 0x2, 0x0) sendmsg$unix(r0, &(0x7f00000016c0)={&(0x7f0000000080)=ANY=[], 0xa, &(0x7f0000001600)=[{&(0x7f00000000c0)="13a5d31e2cdc5310934e7c8a994d0b93e8f82fb8a059d2cf86e72372fae814c66369b51bdaf62278fcd82f23423a29cf05cf263f4bb1bb4a882cec366c868f23f83ae5ba847ddcbf18", 0x49}, {&(0x7f0000000140)="25b54f0fc79fc4557fe0dd9b660b2c38b07b26bfd75837b1d0041230987c5e5f80494af9e519dbc68b2bd7b4582de9b54a7d77db7a707b0db0f045b6a69129a4379de8e8755d31558761b91695289f0adf9d43175114bf1913e7eed7236292a439718632343454da2e078bb48c9df09440088436101cb931cb6713792b55bc249b5ca1f680ea1a2e465f18d03f37fed92b87287c0afab25740df21860251cbcce6db5cad75302a75e66c2636cd2ead6e9a0a7ce06169451577599e468d97867e", 0xc0}, {&(0x7f0000000200)="77323e0cc6f8452a1fdf722e4095f34a77e33d4e74553e5c9c730bc0b33808a3e567f3a08d2add5e0545c2979c30f8cca4cd5b23216d049accdd8d84e0fbda612de086d693eb27eb079a07a8a0f3df6d8b638da46f1e54d7e4b020a0197359a9a432603b402f83c9c5808e36b917f70090", 0x71}, {&(0x7f0000000280)="0b1b37f8ce195b310219a513784884756289270d716cf57fdcb645b86cd133eea67b4f210a70e1618190c2dad82d02cc8ab9547c33ef967298d26a3f50ace45adc4e503aae3aedb9da0840fe61d873f12627ae9e9f9fad0610e9f903c216572cf028ca2d36d8ea52d2ca72e8ca0ff490", 0x70}, {&(0x7f0000000300)="63e0ec53d492dc332561e118651657c51e63eaf9f7f44684a47e47c4e6891a719e47496221b2489e45f0d9fa27dcd8a2dab0d1c2166412f27ce70bd252eba84a3d4a5be62a4bc0c3b00db57f417ab667110ee46f443e78ac0876d9315a168a9ce12c3b59a71b76142474d3b3a4026f3e377e56169241edfe725584924545c9f0245dccd3939a02881f0c0ee77c153651fcc59d", 0x93}, {&(0x7f00000003c0)="f341c60660fee3bbbdd78181fa05919d89a8c90bb22d3efae066e72590c3b6a4920654800b96886e8759ea88169d1911fdb782b23165b39d8fcc8515af4ef6f3e11d64256a87abe508250592db23a203587f1b78d25480a1176c654531c9513eadd2e2791f47acb351e2e07f3ec1364943cd6b39dfcf0da351", 0x79}, {&(0x7f0000000440)="437ef80e046265599535f3931ee279ab00db8e37fccabbb59b01f6b2f12deaca9d0587bc0ee994c6daf4286e3bf0721ae7d09b41ec3a6e87e2bd2a92cac9d13f9b27b310271d71253ee0f427e7dc9ede3d92dddf48f58d6adf1f46d17028e36ec4c2d76e12e88c56b3df7a9d489a5d17f18457283437765692d2069b84268c98698c87cca2a66e", 0x87}, {&(0x7f0000000500)="75a6f294564188344ce271c0e59461841f50bf57a35e0f7fe58d77ead6a99188c02921cb6d812d3863aa83ff92b80eb006a6c35e3d9aa9b6b68d6ba65bb4126ca5e220589105a3e5080eeae2ad3bc9da93c61c00f41eed0c25bba96bf863fc48b60ac924ded13bb0a60883663fb4ac0eee280372ed51609f43c70c1ea6983bab5ac7f8ce955a1db617ca7843b3113def1241e45891b398bab59677fb2c94288c281d608fcd8a77a41570b611acab1d07e4513869274b0539a266b4d5047e7c72289f262daabd9370ba8f434c7e523ea4f74ced053f89d834862364ed74d52fc6a860420e702cd1e5741f0d57d86550dabc5240224a2ed907e96a1ab11f8129e5beaee5c170e87e93d8488f53b3240640292b0e04a33bb0cc72c48e7a36bec5bc9aa9eda184dfb8b79a5ca19b5faa5d368b30685849c498bf7950a8f655164a54f6cf96e8bc0a6e3c51b9168ab3699c8e82db341c1d2eb5555ffb4fb1e80d39ac96509e9e82ee237fa9ae647277aa913b429770b1496f95f254380fd8e74b4a357d7581edfa03ef7ab1407e8ed1d7fdef48e9937de445a814a9f9e8dc691d99e8d51a67e9ea6cd73abe0d169373fee8a92e3f8ac6d5ff53c9e2c243998accf2cabb353319e8650d3c82e6331f0fe44d8a167a0291b5ee3c8c7fbef2a9a514883137152f66b14064666c83ee1fa20fd72578998e2dd80e3158a18209a21eb3597848f743b33d31fe7449d6a58938023f54788878b6010c1031a300650179f204fb681008ade3e0cd8eabbbb91ce415dd0b8e0ad2d11048a18f25ac442df2128ad7d4d3cac66f3a48f0e8ad881e4de7e951ef7af623802596f508f45f8412b318123575708b5da6630137d0bb34454a9158fd56a841fc916d090c21993b1c083352656362de3377a7f89cd838a190f5fc50dc41d4be88a3baa5081ce7da42e444a2d268422583872ab12294db951732f82caef21b5b07d879fcf667790ef770479fb4f863699811aff9d26529834d37dbe0f2bea8206b490550038f05d9b84b8fa8510e4997ecd3a45356f702a6bae3039a721c6dc01a49fa1afde47f1bb4cb9cff42d9295cb750b247c95794b64d3cba3ec981606afe436aa1dafdabaa07b47568f39eb62374947dcac1e74ce453b796fc4755164736bc1554b20fa92df213db866cd01943fde12d16af32041c9342ec462a14f614f54942325b025fa8a076cda700d43b660cfeb96f3e974713a918f3413d437a14c60e72d5c6c64af2f30a062c01eaf82c21b5480865aebdf8e5793fbf82cdbcaca3cb36214945cf8db8db49f220732990c9f7df0c5f1ea79a43df73c77e0685605338dc8aac7145c3a351df8f7d4c909d4a2b5722ab5bdaf0b988ab893625a9add82d030432e13e10ce976d595673aca3235ac3b691821dd6b1b53bd892e58c2ddc95e74d4c3ed46bc354cbd9b5da05582cf183b8281477f21a9c75ca3fcc9fff5b0a19940a0df11f823f067573fd9a49d00c7fed880e1dbb8e553e8be2f5306b11b021fc", 0x438}], 0x8}, 0x0) 13:19:05 executing program 1: clock_gettime(0xf, &(0x7f00000000c0)) 13:19:05 executing program 2: open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) lchown(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) [ 703.680127][ T9012] loop4: detected capacity change from 0 to 121089 [ 703.745818][ T9012] loop4: p1 p2 p3 p4 [ 703.758614][ T9012] loop4: p1 size 11292159 extends beyond EOD, truncated [ 703.767166][ T9012] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:19:05 executing program 5: r0 = socket$unix(0x1, 0x2, 0x0) recvfrom(r0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 703.830051][ T9012] loop4: detected capacity change from 0 to 121089 [ 703.896441][ T9012] loop4: p1 p2 p3 p4 [ 703.901472][ T9012] loop4: p1 size 11292159 extends beyond EOD, truncated [ 703.909976][ T9012] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:19:08 executing program 3: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d", 0x5d}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1e) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) 13:19:08 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) fcntl$lock(r0, 0xc, &(0x7f0000000140)) 13:19:08 executing program 2: fchownat(0xffffffffffffffff, &(0x7f0000000040)='\x00', 0x0, 0xffffffffffffffff, 0x0) 13:19:08 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_mreqn(r0, 0x0, 0x5, &(0x7f0000000100), 0xc) 13:19:08 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff8e150a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:19:08 executing program 5: r0 = open(&(0x7f0000000080)='./file1\x00', 0x200, 0x0) symlinkat(&(0x7f0000000040)='./file0/file0\x00', r0, &(0x7f00000000c0)='./file0\x00') 13:19:08 executing program 2: getgroups(0x3, &(0x7f00000002c0)=[0x0, 0x0, 0x0]) setresgid(0x0, 0x0, r0) 13:19:08 executing program 0: setgroups(0x4, &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0]) setreuid(0x0, 0x0) 13:19:08 executing program 5: r0 = shmget(0x1, 0x4000, 0x0, &(0x7f0000ffa000/0x4000)=nil) shmctl$IPC_STAT(r0, 0x2, 0x0) 13:19:08 executing program 1: utimensat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0) 13:19:08 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_mreqsrc(r0, 0x0, 0x46, &(0x7f0000000040)={@multicast2, @multicast1, @local={0xac, 0x14, 0x0}}, 0xc) [ 706.720255][ T9083] loop4: detected capacity change from 0 to 264192 13:19:08 executing program 2: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_mreqn(r0, 0x0, 0xd, &(0x7f0000000000), 0x46) [ 706.779496][ T9083] loop4: p1 p2 p3 p4 [ 706.783684][ T9083] loop4: p1 size 11292159 extends beyond EOD, truncated [ 706.800299][ T9083] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:19:11 executing program 3: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010", 0x6d}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1e) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) 13:19:11 executing program 5: open(0x0, 0x40000, 0x0) 13:19:11 executing program 1: openat(0xffffffffffffffff, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) 13:19:11 executing program 2: accept4$unix(0xffffffffffffffff, &(0x7f00000010c0)=@abs, 0x0, 0x0) fork() 13:19:11 executing program 0: open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) open(&(0x7f0000000100)='./file2\x00', 0x0, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x200, 0x0) 13:19:11 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff8f150a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:19:11 executing program 2: recvfrom$unix(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f00000000c0)=@file={0xa}, 0xa) 13:19:11 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x200, 0x0) fstatfs(r0, 0x0) 13:19:11 executing program 5: futimesat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)) [ 709.743502][ T9143] loop4: detected capacity change from 0 to 264192 13:19:11 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_mreqsrc(r0, 0x0, 0x46, &(0x7f00000000c0)={@multicast1, @remote={0xac, 0x14, 0x0}, @rand_addr=0x8001}, 0xc) 13:19:12 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x8, &(0x7f0000000140)=0x3, 0x4) 13:19:12 executing program 5: r0 = socket$inet6_tcp(0x1c, 0x1, 0x0) setsockopt$inet6_buf(r0, 0x29, 0x0, 0x0, 0x0) [ 709.788473][ T9143] loop4: p1 p2 p3 p4 [ 709.796966][ T9143] loop4: p1 size 11292159 extends beyond EOD, truncated [ 709.827079][ T9143] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 709.920378][ T9143] loop4: detected capacity change from 0 to 264192 [ 709.975712][ T9143] loop4: p1 p2 p3 p4 [ 709.979821][ T9143] loop4: p1 size 11292159 extends beyond EOD, truncated [ 709.988699][ T9143] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:19:14 executing program 2: accept4(0xffffffffffffff9c, 0x0, 0x0, 0x0) 13:19:14 executing program 1: open(&(0x7f0000000340)='./file0\x00', 0x40208, 0x0) 13:19:14 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) sendto(r0, 0x0, 0x0, 0x0, &(0x7f0000000180)=@in6={0x1c, 0x1c, 0x3}, 0x1c) 13:19:14 executing program 5: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) getsockopt$inet_mreqn(r0, 0x0, 0x9, 0x0, &(0x7f0000000040)) 13:19:14 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff90150a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:19:14 executing program 3: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010", 0x6d}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1e) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) 13:19:14 executing program 2: socket(0x0, 0x0, 0x3a) [ 712.775090][ T9211] loop4: detected capacity change from 0 to 256257 [ 712.807643][ T9211] loop4: p1 p2 p3 p4 [ 712.817200][ T9211] loop4: p1 size 11292159 extends beyond EOD, truncated 13:19:15 executing program 5: recvmsg(0xffffffffffffffff, &(0x7f00000006c0)={&(0x7f0000000340)=@in6, 0x1c, &(0x7f0000000a40), 0xffffffffffffff18, &(0x7f0000000600)=""/150, 0x9f}, 0x0) 13:19:15 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_mreqsrc(r0, 0x0, 0x49, &(0x7f00000000c0)={@rand_addr, @broadcast, @remote={0xac, 0x14, 0x0}}, 0xc) 13:19:15 executing program 1: r0 = socket$unix(0x1, 0x2, 0x0) sendmsg$unix(r0, &(0x7f00000007c0)={&(0x7f0000000040)=@file={0xa}, 0xa, 0x0, 0x0, &(0x7f0000000700)=[@cred], 0x20}, 0x20181) 13:19:15 executing program 2: r0 = socket$unix(0x1, 0x2, 0x0) recvmsg(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f00000000c0)=""/52, 0x34}], 0x1}, 0x400c0) [ 712.842498][ T9211] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:19:15 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_buf(r0, 0x0, 0x51, 0x0, 0x0) 13:19:15 executing program 0: getresgid(0x0, &(0x7f00000011c0), 0x0) 13:19:15 executing program 5: r0 = socket$unix(0x1, 0x2, 0x0) setsockopt$sock_int(r0, 0xffff, 0x4, &(0x7f0000000140), 0x4) 13:19:15 executing program 5: r0 = socket$inet6_tcp(0x1c, 0x1, 0x0) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0x40, &(0x7f00000000c0)='cubic\x00', 0x3) 13:19:15 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) sendmsg$unix(r0, &(0x7f00000011c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x20}, 0x0) [ 712.947799][ T9211] loop4: detected capacity change from 0 to 256257 13:19:15 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff91150a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 713.029165][ T1036] loop4: p1 p2 p3 p4 [ 713.033301][ T1036] loop4: p1 size 11292159 extends beyond EOD, truncated [ 713.042146][ T1036] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 713.051938][ T9211] loop4: p1 p2 p3 p4 [ 713.056104][ T9211] loop4: p1 size 11292159 extends beyond EOD, truncated [ 713.064584][ T9211] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 713.155570][ T9292] loop4: detected capacity change from 0 to 125185 [ 713.195570][ T9292] loop4: p1 p2 p3 p4 [ 713.199666][ T9292] loop4: p1 size 11292159 extends beyond EOD, truncated [ 713.207813][ T9292] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 713.218746][ T1036] loop4: p1 p2 p3 p4 [ 713.222895][ T1036] loop4: p1 size 11292159 extends beyond EOD, truncated [ 713.231408][ T1036] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 713.277324][ T9292] loop4: detected capacity change from 0 to 125185 [ 713.335830][ T9292] loop4: p1 p2 p3 p4 [ 713.340028][ T9292] loop4: p1 size 11292159 extends beyond EOD, truncated [ 713.348470][ T9292] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:19:17 executing program 3: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010", 0x6d}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1e) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) 13:19:17 executing program 2: r0 = socket$inet6_tcp(0x1c, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000040)={0x1c, 0x1c, 0x3}, 0x1c) 13:19:17 executing program 0: symlinkat(&(0x7f0000000000)='./file0\x00', 0xffffffffffffffff, 0x0) 13:19:17 executing program 5: r0 = socket$unix(0x1, 0x2, 0x0) sendmsg$unix(r0, &(0x7f00000007c0)={&(0x7f0000000040)=@file={0xa}, 0xa, 0x0, 0x0, &(0x7f0000000700)=[@cred], 0x20}, 0x0) 13:19:17 executing program 1: r0 = socket$inet6_udplite(0x1c, 0x2, 0x88) setsockopt$sock_int(r0, 0xffff, 0x100, &(0x7f0000000040), 0x4) 13:19:17 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff92150a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:19:18 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x200, 0x0) fstatfs(r0, &(0x7f00000000c0)) 13:19:18 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$unix(r0, &(0x7f0000003140)={0x0, 0x0, &(0x7f00000025c0)=[{&(0x7f0000001240)="b63f02689fda223846974f1ecdf263aea2674630e1658cc9509d255a7321e5b0ac1a569f22a5f43afb5e06cf93f58caa8cf2da0524a6f12674b5cdcd70938cf021e9842844064a931a5897ed1bc96e1fdfd6c884e72645ae2516e867df3040db9e64244db39ea4e0652b45b3b9776bd7a0635c9fb6d3647d4cd76b071cc761307c373b33939f2d237a057b547ba4723619ebfdff9278417bd4af11ce7ef8e4145b59f592576df1d88735e9b77a24d87adeddfc230d44553e27411be1e3af9c8c2ec19c901b8c0a4467cb0cd747ed3a12ef2fe4d60706a09bb6538e752469a41adc681ab38e266ae9c9e07dbbe59567cc31c202d14669aee4a31fc408", 0xfc}, {&(0x7f0000001340)="e265c1832dc00569cdf354dbcf479d4c1418ae99a1c709ecf6e8ca8faac0fcab6fad823ff3aa0395e9b3a374c329fd4e3e7809873964c4fc203c22b8dd37da4be7ecdb7413f330780088277a051a0afd53b84d10ee85ff195ea412c710e04a38c9006b67d526438a72d34a5b70c82c5beb6b0adeb396d9bfc2fab7bd6e7f66a952db0bfb408dfed364b9d126f082f249a4e5014ea8cd634e5c530163da806cc8f30f72e86102c55ad8c090b9c455057dc156f70f3b2eebe53db9f8ea49a117ce8a0af9d4790b58b71290816a3bebf2328307ac64fef7ab613dadf9ad5aaf0f00bfecea2724068fa6ae42c297ffbdfb5c94facfe5d380e9525e5d4b125713f94d39f5fb32771c54839e969103dd2f92f18ef1d387b6bfce1abde056bd73dd0c995e50bbd9b81a179b57941af19cad07beea71a5405040fec1b76580e1e619fe3a60706f9619c464d9dc873cbd1aec35d361cfdd470cb060b193f36d2881ee5607b392bbb5afc8a83860f5f331940243f8db31469c493bb30ddb0ff9a5cf92aedd0705c1a900588b13ba20018650630c103544b61120e77e254819879f96830ee36b8e692a93ae17f669b4eaef7fa3ef8ca8cad8f7d088487480eea8f899f596e11c267a44c2dad3cc4a68feaba3c00cee6eee67988b4c70d503eafc8987024d23aeba43e0f89d25cfdc42284e28fe22461aabe9e9b99c470a7b5e539016f7a110b8eef0613d4171c1da9446038c7ceb742c17f11f3fbb7192aadfb273e78ccc1e1f4f8e63a343c9128188ed2e0460181f898d3491e1bfbab252aa228f150652229a538b58cf77aae78b97e33bc77c80cb6c227241dc8372497cfc4b450a9db3183822530a07121a2ea4e8ce3c701f3a6a1f612c5d7db9b49f202a859ef191aeb2a65d713a464cd19cc17f84bccecde1ec55118dfb0dc555ab50ddd8dfbe2baff4fd10b9c905505f7fad6f938db9a180629bb99f57b093c8759a7c7cfacfc9dcb88c1331ae1d1412ba47cb4a19c0c550824d26042ddb9c9995c702266c2b096a5fca7aeaa7268a1fd58fd510ec0b794cf209b009ebad5bec8122dda602cf94c715558c944bec7ff71fca0b1818e51b746366affe2c902826af7ad27e8fa5a34a767f25ec6b2b987283232c49ed5fdabe4f26ccb48c5b4fa507bf7b3547dd1461d80b73b55997706669f51442224c1163e61c69385fd8b8c90945d6aa3b4ec0cabac16855e95e300610df0eff28759d8e410a0baa0acad62cd70ffba5421a7db998bbda3be47895540b333a1b224bf94f99234b9ec17b440e890241616bd6cd07415cc5a7a6bf729e32328d9bf2ccf4ff10c4db58c67a6601f3721b98157b10a934f5576e4f2058cc286b8ead11fd12c2b7ead3b07ae9d121eeca40701aab6ea258880ed0058666af54b5c98877d0381a9fa4808b0b8ea5af68ee1775a6701a5cb78173da9d9ac45155360dcd25a6be2070e02e8465d334f3780e7304b10d7cfd9189e0f4c10663f57117797d2150b192b965e6be77b79b6e766e1fb5d1f0acfe6d0a69acac2a801e814ae8ca5d46ff5a7b84f55d6ff6de7be1c748a4581aee211bd40dcb75a04a7aa49d8bda37b73a35f6d2b28795a5d0c3b1f09181e7b541bcae91986f4e4e94e9ae60fc29aaa2329d4226f06c1ca43348a6b656ca31289d1beaecafa46d38262c9921e57d28e757997464ce07832932bb1b2e7ed2a6907f0c383318e65fd89594a6dc41570935b67bc89621b5ec08d5f7ed53f02c9ea2acc469145b0ef6c7bb6de36d4efd3fe78c5af769150adecadb1100318ea946a27f2c17b05d4a905cee255dd882a52f48f17cf87020cb8a30623aebd1b3089cef8277ad8411dca279e6ef3b43598cc4765dfe4ab78e0ecf5d9ff9bc733ee5a82bba115c33508de501d771fe4c7e0cc14a3c9f071e145559071601415ff1eb99f10e15af08184049eeeefe46eddf618a748e5288cad3395b9ec6f9f5761b1a7fda01b1b41cbe1db22d1854e6dd397fe1c17491e27a4625ca9df39ba829954407be030aa8b5db4a038d0a9c3dbbf87817428b833753250e7d26022f7170cb20cbe8b1115adcbab865b42f439b2a2da748431ec11644dd22b036056da4a181837187ee4f37a3d1062d815de12b286f127797f145e8b5b21c893bd5446f24cebad40ceeceb7bc11bbc950690e448dcd81753aa290f1f30824c5f65ee298797098203ff1257150df6febe3fc8ba57a7fc405aeb23a6181348cc6739bd4ba7cb373383218b58659879394360df4af86fbb5b5e04559b5ddbe5c1c8bb13f6015c1257cdba7f4207af8b1ef1e596c384e2c169257127ef5dd8c7d137ee2660db9f1916e067120db69bf943fbf9437116ef33d6a316dba169adb36d54e9c8ec205920a6f8dbfe19c4c27f24f4bbc74e691f3f28b07187f8e9e134a40e208eb64865f51920664a658451f9aaec7a0a6ccfd4a02d7061da8e40c644f5d3578e0332cac145d8affcc53afb32c70441fb3cda1ca2c26a4243175270feeaa60c9049781f2a03b14b3db3198592055af686e6555a2f6a12ba5633386c395e5fc0c853cc35f7311f547dac309d968fd5b8b04bed9d17aced7bbbabb9305cc77c0dbe9de95a61d66b2731b4ebd8f2b5381e07e42097af25ac48c101f9c63655d70470d263e2f4258350d5d0a13284eb80bb00f17e2baf06d6e589f65404583e25258453eeb56c80614cfc00207ba2ef7f96e1daa6645b507cc04bcd769778ef1dfb951aa50539c682542c9ee6728c037acbf9ada40125455ac2dc600b0a181fa654cfed4d77c8de4991dc887a7de5c392ee14ed844e7e9c52158ec712b7e7b3975c1951de718c9ddd9b7d2c5a22a177d75895ebe6dab8dd6d11be24799d57eca63e0c8dd62e5d2ea2aaecde65171137bb4fd07bf90fa0ae3c698ea2f56a7d74658dedade31756edf533dff40ed3e2949153fa7af6a6aa8b730b65e1ea12b899e02c82fa5405d4301bc26f25d8d99324dd4a207114da81eb558f75cd101da196628c650a311c34eff499343cd30582db6c77e8c9af3bfa57dfac5ff511237ed4516ed4888887bdb305f94caef44af3167dedefebfbdaf5c77b84f3141369480a192ce28995dda7de720828b155ffd0cc4fed368d7a605097dae7ef7a7acc3444ce9ec1fb09c658e2ffca04d41f86291a053d2854d00ee0fe5f61812a61425f2db1b95ee08c9d556ef3741345530c0bd3acdadd303112483fa4a94ce6ca1d8ff6619044b6451781b1b95b3b82e6f8b24c987d8c759d15570d903a93d6bf99cb2f684a0628d1ee18c11476df1304ff1569ee6ffaad728334d74fdfb210ca43c9c5fc1f673d45b7ec732b7fd090ed2ce9ccdbeb696d0706c83e725ee9c1a6c7c449317d8398804eee332683429f42b212fc9cf972ba545086579a4acc6ca91c53d29c24cbb4ffa67d19bc4d589082a7b3449d01bac21590249b2eb194f5df51127f242c8bc9466da150eebd49deed161e70282111032135035427431a12778c55b7d0c0cfaa607e95e3e8b0c890acffb7c4ffcf803026a8cd3fd879c058e877c44e4f9991070a3c9f423b4b71a1a60421cec4a383f554d7fdd22f4f4199dcdbfb19df41e582357ad8ca83c148236946210ac26b3df8c76a5cdc7485cb369d0f1868a1685ac9ed65e390af6cb31e44a56d5e1d7d378a77407a7ae6934df1caeca2bcb607c1c92eff211272ccfc1c337bcb912e920b4e080e955994e9945a3e3509800ae8693f9b64256ad96f2d4ed8c80f7f9901e98ca830fd1aacb5364809b026888a7a9765c1bb3e7b8b6a4edb408ba0f526969fb25baa21e015223f32b34b31a3612ffc1ec7e9c0306d9dd76ddf6275ffc9449da0a3c84906e0647a59fc8eac810c8d3b521f5624f7ed6b8fed27fa57b22fc98a6ed66ac6659038a5d9b42bd40933d44818c7e46bd3291518c4a3eb8e323c3f758ce200041ad72e5f851aee1e4afba73d29d30cb66fda48009789bda84b0715cf6fe29602b3b2734bb2ff9d8aef99846637bf205d4ca68969daccb6291da5d9bd2ad8de5433022097145093c32f076c6db427ccbf7dff09d8a10dd6c04f87834802db772ec5cbbfb3c629c3722d317358405589b04ea4c06c8b42f081a1fd875e0644e271c5956d35dce893e767c99f3acb6ac0f201817bc83b372f1a14e8752809f906828e5b4d7b191f0a519d148dc3d57a482d5d5fe5c31c5f9d181d8eca8d03158028429f475f7e3593bbb76d5ced2def820b7f8a2303bd0c1f8b397a8f479fb295bdbf42b9c828f98bdcf3e6eb7e8a15438472b2e8d938717760610aee966da8fc8f9a84ce1af815c65aa26eb808bbea9360f2c8110d4c9b396e367c1caa5e6ed650edb2e46a8823ef65790bc6b03fde8889fb647b03e8b2a7528aaf29c49ce08c5025c676e24242810478a736d0c76778209f8e73d24d18726297c29b51c29c15aedecd3093b57cf8e09f817d058d8db441b28713e31d0c4ace34887f6c1fbab26624c47ff6f99a6b59330a58514b6c38831132487b8a8255f1f4d4f129a21be54be894df6d9317d9dbd02cba3e57091a28f54b5759be84eaab802f1fdbcbd40f91b236f43ff141691d12f5e80a28674aeaf1a1bc963836451344c956d9855eecaca824b06b1d7d329805b411e5095af1113929918508b49a70f38a86adca2447239994f21b8c83b31ad18106fd5e57793ced285c3bea6a9bb623e70c58ac84339a4167327b09cb47ca6ac3b76ec9b483de4e5932d182727b919542963586aa94fe1a340a54c81486a0865ef7328c714c5f893aef3b862dd0c330a82cc3c2c77b92f7cdde08ed2b36cd6e3f0fc534cf52858926ddd82d631533f7b550dcf8238067f425d2c6d2ba972a67b8feb72b3007ff1cbe3e4ab3bfb3790f0cc7733a19c07b9541d96cdc2e5584f96142a5517ecb633ae27d706b69e829635364bd09ce37dfe4b4ff1d83720707ecf377603155944e4682a37f82e1d30b1a9a53ee5f1ad910806ee7998edc2dacdcd3f412344650ee3e13ecfb924c9747807aec2bde1fdd7f7c7694aaa413163795814e5c28124194838f580e6b299bd099ac1e0a12de8fbbcc3487da718e16432370d42a483e8fa314647aff8719468144ea0b47216f62432108116bcb1e4f7f8870b1104ada2f17a0f30d32d63f74e7bb74f564eb88f0d6d44755d7414c888321f8a0d8be56286e5b18db1aa426896d397ae95e340b2030487d8155fc0cd89e4fbe6590ab70ad7bcc7f29bb898a0d11d9918d8b97a7902dc58390709d44c43c2045ed8eeab23a6ffa091416854e90ed5794b30541771d9a207b7622ed645a87bae068e23abe0fea66f8a80c29de403b905c6f971ae3cbc912b689ad09ee3b061562fb9f5a979dea42d8ea721be4ce1281ddfd963e298249830d8180136c2867643aa94324e838d2cac3d0533f8ece9666b56d1a3027a403db77bf495fd446aec681a646615dc9716d88dac000b6915b0c7a4a598924db27c7d4cf886cb9a14c4556df04921270ab6cc29d2a10658f42fa0f2e8b34820dc8bc931e99b6894a4678b27243cc54b5ee0f30833041ed02ac7a2e515d5ce1e069d59d83d4e5ebe0f430e0e9a312c7e96e898b4f13d8779e6dd0d5e3fc3b406eb7bfc6c3e1d0002a9370d0c419fce4071968b4cf269e7e0804d44d09a0465645322dd80", 0xfad}], 0x2}, 0x0) 13:19:18 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) readv(r0, &(0x7f0000000280)=[{&(0x7f0000000080)=""/5, 0x5}], 0x1) r1 = socket$inet_udplite(0x2, 0x2, 0x88) recvfrom$inet(r1, 0x0, 0xcf1c, 0x0, 0x0, 0x800e00551) r2 = socket$inet_udplite(0x2, 0x2, 0x88) recvmsg(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000013c0)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1}, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) recvfrom$inet(r3, 0x0, 0xffffff68, 0x0, 0x0, 0x800e00547) shutdown(r2, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000003600)={0x0, 0x0, &(0x7f00000025c0)=[{0x0}], 0x1}, 0x0) pipe2(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write(r4, &(0x7f0000000d80)="827cdd78c443b24d44c586d37951c430bbbd631fe2719ca007eb084b3af7d021402a5b37356394be4f27df09410322143e8288b5820d044a7ee2fdda201404678a5ec1a2e52dc00ee8ad4bb1946ea0be61189f752845eeb89cb982bf7491277d7d0a3a93b9964da0e3dc8c3f9876b81b1ed3042d2de02305a4346a8e0ab245748277cdf2e0127c4412b319fe0007ac841303a862159e0998d4ca6d9cee94751f1a7885b4f59c948ea786cb90139c3acfc204671d18ca81d2a86fccc8f4141cdfeb61f399c2d5047f11a7f7ffd07d7315cc5599882fe80b58ce2835794e2fa744917b9104114b33fcffff7fc48d60841c64703ccb4ef8b5945308d39679661dc7742bc4fc855aec385f48c22e370cc3375c0149e4a70f2440a07c05e9d87fb12c865b2a64a811bfedbf86666c58f71ee8fcfc6b629b75fd890b93f5cd67d19c67d32e60a5cdf01fe1c8ed71960e780d385e59f5454e15fd4bfc000000c7c85e605adef08c9df5ebb66239e79b71b8d7d027a01e48d0a4c0f8a48e5ab6789254312772", 0x2c63) shutdown(r3, 0x0) [ 715.845371][ T9339] loop4: detected capacity change from 0 to 264192 13:19:18 executing program 0: fcntl$lock(0xffffffffffffffff, 0x69bf9a4e23ab5e1, 0x0) 13:19:18 executing program 5: recvfrom$inet(0xffffffffffffffff, &(0x7f0000000000)=""/16, 0x10, 0x0, &(0x7f0000000040)={0x10, 0x2}, 0xffffffffffffff64) 13:19:18 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) connect(r0, &(0x7f0000000140)=@in={0x10, 0x2}, 0x10) [ 715.933100][ T9339] loop4: p1 p2 p3 p4 [ 715.941691][ T9339] loop4: p1 size 11292159 extends beyond EOD, truncated [ 715.957366][ T9339] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:19:21 executing program 3: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e", 0x75}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1e) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) 13:19:21 executing program 5: getgroups(0x3, &(0x7f00000000c0)=[0x0, 0x0, 0xffffffffffffffff]) setresgid(0x0, r0, 0x0) 13:19:21 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$sock_timeval(r0, 0xffff, 0x1005, 0x0, 0x0) 13:19:21 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff93150a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:19:21 executing program 1: r0 = shmget(0x3, 0x3000, 0x0, &(0x7f0000ffd000/0x3000)=nil) shmat(r0, &(0x7f0000ff9000/0x4000)=nil, 0x1000) 13:19:21 executing program 2: open(&(0x7f0000000040)='./file0\x00', 0x205, 0x0) lchown(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) 13:19:21 executing program 1: socket$inet(0x2, 0x20000003, 0x0) 13:19:21 executing program 5: r0 = shmget(0x1, 0x4000, 0x0, &(0x7f0000ffa000/0x4000)=nil) shmctl$IPC_STAT(r0, 0x2, &(0x7f0000000080)=""/130) 13:19:21 executing program 2: r0 = socket$unix(0x1, 0x2, 0x0) sendmsg$unix(r0, &(0x7f0000000380)={&(0x7f0000000240)=@abs={0x8}, 0x8, 0x0}, 0xf) 13:19:21 executing program 0: shmat(0x0, &(0x7f0000ffe000/0x1000)=nil, 0x0) [ 718.869849][ T9405] loop4: detected capacity change from 0 to 264192 13:19:21 executing program 0: r0 = socket$inet6_tcp(0x1c, 0x1, 0x0) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0x40, 0x0, 0x0) [ 718.919327][ T9405] loop4: p1 p2 p3 p4 [ 718.923663][ T9405] loop4: p1 size 11292159 extends beyond EOD, truncated 13:19:21 executing program 5: socket$unix(0x1, 0x2, 0x0) sendmsg$unix(0xffffffffffffffff, 0x0, 0x0) [ 718.966334][ T9405] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:19:24 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_mreqsrc(r0, 0x0, 0x46, &(0x7f00000000c0)={@empty, @remote={0xac, 0x14, 0x0}, @broadcast}, 0xc) 13:19:24 executing program 3: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e", 0x75}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1e) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) 13:19:24 executing program 2: getgroups(0x3, &(0x7f00000002c0)=[0x0, 0x0, 0x0]) 13:19:24 executing program 0: r0 = socket$inet6_udplite(0x1c, 0x2, 0x88) bind$inet6(r0, &(0x7f0000000040)={0x1c, 0x1c, 0x3}, 0x1c) 13:19:24 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff94150a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:19:24 executing program 5: socket(0x1, 0x0, 0x40) 13:19:24 executing program 2: sendmsg$unix(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001180)=ANY=[], 0xf8}, 0x0) fork() 13:19:24 executing program 5: pipe2(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) accept$inet6(r0, &(0x7f0000000140), &(0x7f0000000180)=0x1c) 13:19:24 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r0, &(0x7f0000000040)="fb", 0x1, 0x5, &(0x7f00000000c0)={0x10, 0x2}, 0x10) 13:19:24 executing program 1: r0 = socket$unix(0x1, 0x2, 0x0) setsockopt$sock_int(r0, 0xffff, 0x1018, &(0x7f0000001180), 0x4) 13:19:24 executing program 0: r0 = socket$unix(0x1, 0x2, 0x0) recvfrom$unix(r0, &(0x7f0000000080)=""/105, 0x69, 0xc0, 0x0, 0x0) [ 721.917923][ T9463] loop4: detected capacity change from 0 to 260353 13:19:24 executing program 2: msync(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x0) 13:19:24 executing program 5: getpeername$inet6(0xffffffffffffffff, 0x0, &(0x7f0000000140)) [ 721.971722][ T9463] loop4: p1 p2 p3 p4 [ 721.984355][ T9463] loop4: p1 size 11292159 extends beyond EOD, truncated [ 722.022239][ T9463] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 722.095588][ T9463] loop4: detected capacity change from 0 to 260353 [ 722.157851][ T9463] loop4: p1 p2 p3 p4 [ 722.161991][ T9463] loop4: p1 size 11292159 extends beyond EOD, truncated [ 722.170826][ T9463] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:19:27 executing program 3: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e", 0x75}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1e) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) 13:19:27 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_mreqsrc(r0, 0x0, 0x46, &(0x7f0000000000)={@multicast1, @remote={0xac, 0x14, 0x0}, @loopback}, 0xc) 13:19:27 executing program 0: getsockname$inet6(0xffffffffffffff9c, 0x0, 0x0) 13:19:27 executing program 5: r0 = socket(0x2, 0x1, 0x0) sendto(r0, &(0x7f0000001280)="1d77c57c16eb5158caed03d9c0f6dca3", 0x10, 0x104, &(0x7f0000000280)=@in={0x10, 0x2}, 0x10) 13:19:27 executing program 2: r0 = socket$inet6_udplite(0x1c, 0x2, 0x88) bind$inet6(r0, &(0x7f0000000000)={0x1c, 0x1c, 0x1}, 0x1c) 13:19:27 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff95150a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:19:27 executing program 1: r0 = socket$inet6_tcp(0x1c, 0x1, 0x0) setsockopt$inet6_int(r0, 0x29, 0x48, &(0x7f0000000000), 0x4) 13:19:27 executing program 2: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$sock_timeval(r0, 0xffff, 0x0, 0x0, 0x0) [ 724.963488][ T9536] loop4: detected capacity change from 0 to 129281 13:19:27 executing program 5: fchown(0xffffffffffffffff, 0x0, 0xffffffffffffffff) 13:19:27 executing program 0: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$binfmt_elf64(r0, &(0x7f00000004c0)=ANY=[], 0x78) 13:19:27 executing program 2: clone(0x10040d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x204) timer_settime(0x0, 0x0, 0x0, 0x0) rt_sigsuspend(&(0x7f0000000280)={[0x7]}, 0x8) [ 725.005558][ T9536] loop4: p1 p2 p3 p4 [ 725.009927][ T9536] loop4: p1 size 11292159 extends beyond EOD, truncated 13:19:27 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff96150a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 725.048341][ T9536] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 725.148119][ T9575] loop4: detected capacity change from 0 to 264192 [ 725.185615][ T9575] loop4: p1 p2 p3 p4 [ 725.189817][ T9575] loop4: p1 size 11292159 extends beyond EOD, truncated [ 725.199546][ T9575] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:19:30 executing program 3: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d9399", 0x79}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1e) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) 13:19:30 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r2 = socket$inet6(0xa, 0x80001, 0x0) setsockopt$inet6_MCAST_JOIN_GROUP(r2, 0x29, 0x2a, &(0x7f0000000340)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88) setsockopt$inet6_MCAST_JOIN_GROUP(r2, 0x29, 0x2a, &(0x7f0000000000)={0xb, {{0xa, 0x0, 0x0, @mcast2}}}, 0x88) 13:19:30 executing program 5: pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) perf_event_open(0x0, 0x0, 0xffffdfffffffffff, 0xffffffffffffffff, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) 13:19:30 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000300), 0x0, &(0x7f00000000c0)={[{@fat=@nocase}]}) 13:19:30 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff97150a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:19:30 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) fcntl$lock(r0, 0x7, 0x0) 13:19:30 executing program 1: pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) vmsplice(r0, &(0x7f0000000880)=[{&(0x7f0000000380)="9f", 0x1}], 0x1, 0x0) 13:19:30 executing program 2: timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080)) clone(0x10040d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x204) rt_sigsuspend(&(0x7f0000000280), 0x8) 13:19:30 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000300), 0x0, &(0x7f00000000c0)={[{@fat=@nocase}]}) [ 727.995543][ T9616] FAT-fs (loop0): bogus number of reserved sectors [ 728.002129][ T9616] FAT-fs (loop0): Can't find a valid FAT filesystem [ 728.003762][ T9623] loop4: detected capacity change from 0 to 264192 [ 728.065773][ T9623] loop4: p1 p2 p3 p4 [ 728.070076][ T9623] loop4: p1 size 11292159 extends beyond EOD, truncated [ 728.078936][ T9623] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 728.103434][ T9652] FAT-fs (loop0): bogus number of reserved sectors 13:19:30 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff98150a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 728.110036][ T9652] FAT-fs (loop0): Can't find a valid FAT filesystem 13:19:30 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000300), 0x0, &(0x7f00000000c0)={[{@fat=@nocase}]}) [ 728.196904][ T9664] loop4: detected capacity change from 0 to 264192 [ 728.235756][ T9664] loop4: p1 p2 p3 p4 [ 728.239934][ T9664] loop4: p1 size 11292159 extends beyond EOD, truncated 13:19:30 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff99150a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 728.245437][ T9668] FAT-fs (loop0): bogus number of reserved sectors [ 728.253503][ T9668] FAT-fs (loop0): Can't find a valid FAT filesystem [ 728.259050][ T9664] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 728.338870][ T9685] loop4: detected capacity change from 0 to 133377 [ 728.375631][ T9685] loop4: p1 p2 p3 p4 [ 728.379744][ T9685] loop4: p1 size 11292159 extends beyond EOD, truncated [ 728.388796][ T9685] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:19:33 executing program 3: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d9399", 0x79}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1e) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) 13:19:33 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000300), 0x0, &(0x7f00000000c0)={[{@fat=@nocase}]}) 13:19:33 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff9a150a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:19:33 executing program 2: timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080)) clone(0x10040d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x204) rt_sigsuspend(&(0x7f0000000280), 0x8) 13:19:33 executing program 5: r0 = syz_open_dev$loop(&(0x7f0000000040), 0x0, 0x0) ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r0, 0x125e, 0x0) 13:19:33 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x210000, 0x0) perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080)) clone(0x10040d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x204) rt_sigsuspend(&(0x7f0000000280), 0x8) 13:19:33 executing program 5: r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000040)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x600}], 0x0, &(0x7f00000000c0)) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r0, 0x40106614, 0x0) [ 731.033050][ T9715] loop4: detected capacity change from 0 to 44288 [ 731.065833][ T9715] loop4: p1 p2 p3 p4 [ 731.069928][ T9728] FAT-fs (loop0): bogus number of reserved sectors [ 731.076500][ T9728] FAT-fs (loop0): Can't find a valid FAT filesystem 13:19:33 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001300)=[{&(0x7f0000001640)=""/4096, 0x1000}], 0x1, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/igmp6\x00') preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0, 0x0) 13:19:33 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sysvipc/msg\x00', 0x0, 0x0) read(r0, &(0x7f0000000740)=""/122, 0x7a) [ 731.083043][ T9715] loop4: p1 size 11292159 extends beyond EOD, truncated [ 731.092527][ T9715] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 731.097191][ T9738] loop5: detected capacity change from 0 to 6 [ 731.108743][ T9738] FAT-fs (loop5): Directory bread(block 6) failed 13:19:33 executing program 0: openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) 13:19:33 executing program 0: timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080)) timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r1 = epoll_create1(0x0) epoll_pwait(r1, &(0x7f00000000c0)=[{}], 0x1, 0x8000000, &(0x7f0000000040), 0x8) 13:19:33 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sysvipc/msg\x00', 0x0, 0x0) read(r0, &(0x7f0000000740)=""/122, 0x7a) [ 731.194060][ T9715] loop4: detected capacity change from 0 to 44288 [ 731.241203][ T9715] loop4: p1 p2 p3 p4 [ 731.246839][ T9715] loop4: p1 size 11292159 extends beyond EOD, truncated [ 731.255126][ T9715] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:19:36 executing program 3: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d9399", 0x79}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1e) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) 13:19:36 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff9b150a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:19:36 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sysvipc/msg\x00', 0x0, 0x0) read(r0, &(0x7f0000000740)=""/122, 0x7a) 13:19:36 executing program 0: pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r2, 0x0) clock_gettime(0x0, 0x0) 13:19:36 executing program 2: timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080)) clone(0x10040d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x204) rt_sigsuspend(&(0x7f0000000280), 0x8) 13:19:36 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x210000, 0x0) perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080)) clone(0x10040d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x204) rt_sigsuspend(&(0x7f0000000280), 0x8) 13:19:36 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sysvipc/msg\x00', 0x0, 0x0) read(r0, &(0x7f0000000740)=""/122, 0x7a) [ 734.059700][ T9807] loop4: detected capacity change from 0 to 264192 [ 734.095582][ T9807] loop4: p1 p2 p3 p4 [ 734.099702][ T9807] loop4: p1 size 11292159 extends beyond EOD, truncated 13:19:36 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x4) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) write$binfmt_elf64(r0, &(0x7f0000001b40)=ANY=[], 0x78) 13:19:36 executing program 5: mount(0x0, &(0x7f0000000440)='.\x00', &(0x7f0000000500)='dax\x00', 0x0, 0x0) 13:19:36 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff9c150a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 734.110408][ T9807] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:19:36 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff9d150a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:19:36 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000040)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x600}], 0x0, &(0x7f00000000c0)) utime(&(0x7f0000000080)='./file0\x00', &(0x7f0000000140)) [ 734.223104][ T9850] loop5: detected capacity change from 0 to 6 [ 734.233420][ T9853] loop4: detected capacity change from 0 to 137473 [ 734.252721][ T9850] FAT-fs (loop5): Directory bread(block 6) failed [ 734.286911][ T9853] loop4: p1 p2 p3 p4 [ 734.296034][ T9853] loop4: p1 size 11292159 extends beyond EOD, truncated [ 734.305214][ T9853] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 734.386197][ T9853] loop4: detected capacity change from 0 to 137473 [ 734.425896][ T9853] loop4: p1 p2 p3 p4 [ 734.430133][ T9853] loop4: p1 size 11292159 extends beyond EOD, truncated [ 734.439242][ T9853] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:19:39 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff9e150a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:19:39 executing program 3: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8", 0x7b}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1e) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) 13:19:39 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000040)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x600}], 0x0, &(0x7f00000000c0)) utime(&(0x7f0000000080)='./file0\x00', &(0x7f0000000140)) 13:19:39 executing program 2: timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080)) clone(0x10040d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x204) rt_sigsuspend(&(0x7f0000000280), 0x8) 13:19:39 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x210000, 0x0) perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080)) clone(0x10040d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x204) rt_sigsuspend(&(0x7f0000000280), 0x8) 13:19:39 executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000300), 0x0, &(0x7f00000000c0)={[{@fat=@nocase}]}) [ 737.098044][ T9904] loop4: detected capacity change from 0 to 44288 [ 737.113775][ T9912] loop5: detected capacity change from 0 to 6 [ 737.137182][ T9910] FAT-fs (loop0): bogus number of reserved sectors 13:19:39 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000040)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x600}], 0x0, &(0x7f00000000c0)) utime(&(0x7f0000000080)='./file0\x00', &(0x7f0000000140)) [ 737.143716][ T9910] FAT-fs (loop0): Can't find a valid FAT filesystem [ 737.150699][ T9912] FAT-fs (loop5): Directory bread(block 6) failed [ 737.153236][ T9904] loop4: p1 p2 p3 p4 [ 737.167513][ T9904] loop4: p1 size 11292159 extends beyond EOD, truncated [ 737.177538][ T9904] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:19:39 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff9f150a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 737.217834][ T9910] FAT-fs (loop0): bogus number of reserved sectors [ 737.224380][ T9910] FAT-fs (loop0): Can't find a valid FAT filesystem 13:19:39 executing program 0: socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r0, 0x0) pselect6(0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={0x0}) 13:19:39 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000040)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x600}], 0x0, &(0x7f00000000c0)) utime(&(0x7f0000000080)='./file0\x00', &(0x7f0000000140)) [ 737.295380][ T9942] loop5: detected capacity change from 0 to 6 [ 737.319793][ T9942] FAT-fs (loop5): Directory bread(block 6) failed 13:19:39 executing program 0: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ppoll(&(0x7f0000000040)=[{r0}], 0x1, &(0x7f0000000080), 0x0, 0x0) [ 737.357406][ T9955] loop4: detected capacity change from 0 to 264192 [ 737.395178][ T9955] loop4: p1 p2 p3 p4 [ 737.399522][ T9955] loop4: p1 size 11292159 extends beyond EOD, truncated 13:19:39 executing program 0: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=@newpolicy={0xb8, 0x13, 0x1, 0x0, 0x0, {{@in=@local, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0xa, 0x80, 0x80, 0x0, 0x0, 0xffffffffffffffff}}}, 0xb8}}, 0x0) 13:19:39 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffa0150a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 737.410089][ T9955] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 737.429325][ T9972] loop5: detected capacity change from 0 to 6 [ 737.448508][ T9972] FAT-fs (loop5): Directory bread(block 6) failed [ 737.509254][ T9988] loop4: detected capacity change from 0 to 264192 [ 737.574974][ T9988] loop4: p1 p2 p3 p4 [ 737.579227][ T9988] loop4: p1 size 11292159 extends beyond EOD, truncated [ 737.588140][ T9988] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:19:42 executing program 3: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8", 0x7b}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1e) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) 13:19:42 executing program 5: add_key$keyring(&(0x7f0000000000), 0x0, 0x0, 0x0, 0xffffffffffffffff) r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ftruncate(r0, 0x1) lseek(r0, 0x1200, 0x0) r1 = getpgid(0x0) add_key$fscrypt_v1(0x0, 0x0, 0x0, 0x0, 0x0) add_key(&(0x7f00000002c0)='encrypted\x00', &(0x7f0000000340)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd) sendmsg$nl_generic(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)={0x20, 0x33, 0x100, 0x70bd2d, 0x0, {0x3}, [@typed={0xc, 0x81, 0x0, 0x0, @u64=0x7000}]}, 0x20}, 0x1, 0x0, 0x0, 0x4041}, 0x0) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x509, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x10000}, 0x0, 0x0, 0x0, 0xc, 0x8}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = open(&(0x7f00000000c0)='./bus\x00', 0x80082, 0x1d2) keyctl$setperm(0x5, 0x0, 0x12001000) add_key(&(0x7f0000000300)='.request_key_auth\x00', &(0x7f00000003c0)={'syz', 0x1}, &(0x7f0000000400)="6d05d84ed0fab10073b9a36fe5b0458497f8a91a89858d498cea317c497e6cd0537519be518601c22417851ce09cd044630c4eb0d5fe7877e194b7dbbf56fa00a80635257f6795da028d3dba6697fb41f4bb6d086609c74ab9e2a2cbdbfffa7e40fdd9aff727c5e9f2604b0cabfa09d1d18113519a115a684089279cd6ff7e791c68cfa93b7dbba16c4a5602c19015c9adf682ddcbc4e3a0caf01c6a44f7f83362694081fe2191d4880454d4ca31", 0xae, 0x0) sendfile(r0, r2, 0x0, 0x8400fffffffa) r3 = open(&(0x7f0000000100)='./bus\x00', 0x141042, 0x0) setsockopt$inet6_IPV6_HOPOPTS(r3, 0x29, 0x36, &(0x7f0000000240)=ANY=[@ANYBLOB="1301000000000000000100c2040000000900000000000000"], 0x18) fallocate(r3, 0x20, 0x0, 0xfffffeff000) socket$inet_udp(0x2, 0x2, 0x0) signalfd4(r0, &(0x7f0000000200)={[0x22]}, 0x8, 0x80800) fallocate(r3, 0x0, 0x0, 0x10000101) 13:19:42 executing program 0: pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) vmsplice(r1, &(0x7f0000000380)=[{&(0x7f00000002c0)='\r', 0x1}], 0x1, 0x0) 13:19:42 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffa1150a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:19:42 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDSETKEYCODE(r0, 0x4b4d, &(0x7f0000001340)) 13:19:42 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x210000, 0x0) perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) timer_create(0x0, &(0x7f0000000300)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080)) clone(0x10040d00, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x204) rt_sigsuspend(&(0x7f0000000280), 0x8) 13:19:42 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001300)=[{&(0x7f0000001640)=""/4096, 0x1000}], 0x1, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/igmp6\x00') preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0, 0x0) [ 740.146341][T10014] loop4: detected capacity change from 0 to 141569 13:19:42 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffa2150a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:19:42 executing program 2: syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="200000008000000006000000660000000f00000000000000bdc896857454b3a2004000000040000020000000d3f4655fd4f4655f0100ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000000080)=ANY=[]) [ 740.191349][T10014] loop4: p1 p2 p3 p4 [ 740.196523][T10014] loop4: p1 size 11292159 extends beyond EOD, truncated [ 740.222915][T10014] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 740.284476][T10039] loop2: detected capacity change from 0 to 4 [ 740.313349][T10039] EXT4-fs (loop2): Invalid log block size: 2241251517 13:19:42 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000040)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x600}], 0x0, &(0x7f00000000c0)={[{@fat=@umask}]}) [ 740.330418][T10055] loop4: detected capacity change from 0 to 44288 [ 740.362218][T10039] loop2: detected capacity change from 0 to 4 [ 740.371231][T10062] loop5: detected capacity change from 0 to 6 [ 740.378586][T10039] EXT4-fs (loop2): Invalid log block size: 2241251517 [ 740.384197][T10062] FAT-fs (loop5): Directory bread(block 6) failed [ 740.392568][T10055] loop4: p1 p2 p3 p4 [ 740.398720][T10055] loop4: p1 size 11292159 extends beyond EOD, truncated 13:19:42 executing program 5: r0 = socket$inet6(0xa, 0x80001, 0x0) setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000000340)={0x100000001, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88) setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000000000)={0x0, {{0xa, 0x0, 0x0, @mcast2}}}, 0x88) setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000001480)=ANY=[@ANYBLOB="01000000000000000a004e2100000000ff010000000000000000000000000001"], 0x410) 13:19:42 executing program 2: pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet6(0xa, 0x3, 0x2c) connect$inet6(r2, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c) setsockopt$inet6_int(r2, 0x29, 0x3e, &(0x7f00000000c0)=0x10000, 0x4) write$binfmt_misc(r1, &(0x7f0000000080)=ANY=[], 0x2bb98205) splice(r0, 0x0, r2, 0x0, 0x4ff9c, 0x0) [ 740.417463][T10055] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 740.467427][T10023] print_req_error: 35 callbacks suppressed [ 740.467441][T10023] blk_update_request: I/O error, dev loop4, sector 8 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 740.473609][T10037] blk_update_request: I/O error, dev loop4, sector 44160 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 740.495205][T10075] blk_update_request: I/O error, dev loop4, sector 44160 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 740.502010][ T616] blk_update_request: I/O error, dev loop4, sector 44160 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 740.513224][T10074] blk_update_request: I/O error, dev loop4, sector 233 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 740.518995][ T616] buffer_io_error: 23 callbacks suppressed [ 740.519005][ T616] Buffer I/O error on dev loop4p1, logical block 5520, async page read [ 740.531246][T10055] __loop_clr_fd: partition scan of loop4 failed (rc=-16) [ 740.554665][ T616] blk_update_request: I/O error, dev loop4, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 740.565704][ T616] Buffer I/O error on dev loop4p2, logical block 8, async page read [ 740.573801][ T616] blk_update_request: I/O error, dev loop4, sector 9 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 740.584728][ T616] Buffer I/O error on dev loop4p2, logical block 9, async page read [ 740.589435][T10055] loop4: detected capacity change from 0 to 44288 [ 740.592756][ T616] blk_update_request: I/O error, dev loop4, sector 10 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 740.610250][ T616] Buffer I/O error on dev loop4p2, logical block 10, async page read [ 740.645650][T10055] loop_reread_partitions: partition scan of loop4 () failed (rc=-16) 13:19:45 executing program 3: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8", 0x7b}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1e) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) 13:19:45 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg(r0, &(0x7f0000002180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x1f0}, 0x0) 13:19:45 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$MPTCP_PM_CMD_DEL_ADDR(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000100)={0x0}}, 0x0) 13:19:45 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffa3150a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:19:45 executing program 0: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) ioctl$RTC_SET_TIME(r0, 0x4024700a, 0x0) 13:19:45 executing program 2: mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0) 13:19:45 executing program 2: r0 = socket$netlink(0x10, 0x3, 0xf) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r0, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000180)={0x0}}, 0x0) 13:19:45 executing program 5: add_key$fscrypt_v1(&(0x7f0000000a00), &(0x7f0000000a40)={'fscrypt:', @desc3}, 0x0, 0x0, 0x0) 13:19:45 executing program 0: syz_open_procfs(0x0, &(0x7f0000000000)='attr/current\x00') 13:19:45 executing program 1: syz_open_procfs(0xffffffffffffffff, &(0x7f0000001300)='children\x00') 13:19:45 executing program 2: syz_open_procfs(0x0, &(0x7f0000002140)='net/ip_tables_names\x00') 13:19:45 executing program 0: shmat(0x0, &(0x7f00004ad000/0x4000)=nil, 0x5000) r0 = shmat(0x0, &(0x7f0000ff9000/0x4000)=nil, 0x7000) shmdt(r0) [ 743.206188][T10121] loop4: detected capacity change from 0 to 264192 [ 743.281375][T10121] loop4: p1 p2 p3 p4 [ 743.287517][T10121] loop4: p1 size 11292159 extends beyond EOD, truncated [ 743.331404][T10121] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:19:48 executing program 3: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac", 0x7c}], 0x3, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1e) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) 13:19:48 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg(r0, &(0x7f0000000d40)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000800)=[{0x18, 0x0, 0x0, "9a"}, {0x10}], 0x28}, 0x5044) 13:19:48 executing program 1: r0 = add_key$keyring(&(0x7f0000000580), &(0x7f00000005c0)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff) request_key(&(0x7f00000004c0)='logon\x00', &(0x7f0000000500)={'syz', 0x0}, &(0x7f0000000540)='ethtool\x00', r0) 13:19:48 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$DEVLINK_CMD_SB_PORT_POOL_SET(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYRESDEC], 0x90}}, 0x0) 13:19:48 executing program 2: mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x1) 13:19:48 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffa4150a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:19:48 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) getpeername(r0, &(0x7f0000000040)=@isdn, &(0x7f00000000c0)=0x80) 13:19:48 executing program 1: perf_event_open(&(0x7f0000940000)={0x2, 0x80, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() rt_sigtimedwait(&(0x7f0000000400)={[0xfff]}, 0xffffffffffffffff, 0x0, 0x8) tkill(r0, 0xb) 13:19:48 executing program 0: keyctl$search(0xa, 0x0, &(0x7f0000002780)='keyring\x00', &(0x7f00000027c0)={'syz', 0x3}, 0x0) [ 746.216362][T10188] loop4: detected capacity change from 0 to 264192 13:19:48 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x6, 0x6, 0x0) keyctl$instantiate(0xc, 0x0, 0x0, 0x2a, 0x0) 13:19:48 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$DEVLINK_CMD_SB_PORT_POOL_SET(r0, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0) [ 746.258892][T10188] loop4: p1 p2 p3 p4 [ 746.263123][T10188] loop4: p1 size 11292159 extends beyond EOD, truncated 13:19:48 executing program 0: add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd) [ 746.305632][T10188] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:19:51 executing program 2: clock_gettime(0x0, &(0x7f0000000d40)={0x0, 0x0}) pselect6(0x40, &(0x7f0000000c80), 0x0, 0x0, &(0x7f0000000d80)={0x0, r0+10000000}, 0x0) 13:19:51 executing program 3: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac", 0x7c}], 0x3, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1e) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) 13:19:51 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffa5150a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:19:51 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x0) recvmmsg(r0, &(0x7f0000005c00)=[{{&(0x7f0000000040)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast2}}}, 0x80, &(0x7f0000000580)=[{0x0}, {&(0x7f0000000100)=""/216, 0xd8}], 0x2, &(0x7f0000000600)=""/42, 0x2a}}], 0x1, 0x0, &(0x7f0000005e40)) syz_genetlink_get_family_id$wireguard(&(0x7f0000000000), r0) 13:19:51 executing program 0: syz_open_procfs(0x0, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000300)='setgroups\x00') 13:19:51 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) recvmmsg(r0, &(0x7f0000005c00)=[{{&(0x7f0000000040)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast2}}}, 0x80, &(0x7f0000000580)=[{&(0x7f00000000c0)=""/10, 0xfffffffffffffea8}, {&(0x7f0000000100)=""/216, 0xd8}, {&(0x7f0000000200)=""/34, 0x22}, {&(0x7f0000000240)=""/209, 0xd1}, {&(0x7f0000000340)=""/166, 0xa6}, {&(0x7f0000000400)=""/127, 0x7f}, {&(0x7f0000000480)=""/194, 0xc2}], 0x7, &(0x7f0000000600)=""/42, 0x2a}}, {{&(0x7f0000000640)=@x25, 0x80, &(0x7f0000001a80)=[{&(0x7f00000006c0)}, {&(0x7f0000000700)=""/181, 0xb5}, {&(0x7f00000007c0)=""/73, 0x49}, {&(0x7f0000000840)=""/168, 0xa8}, {&(0x7f0000000900)=""/4096, 0x1000}, {&(0x7f0000001900)=""/129, 0x81}, {&(0x7f00000019c0)=""/180, 0xb4}], 0x7, &(0x7f0000001b00)=""/182, 0xb6}}, {{&(0x7f0000001bc0)=@ipx, 0x80, &(0x7f0000005540)=[{&(0x7f0000001c40)=""/43, 0x2b}, {&(0x7f0000001c80)=""/4096, 0x1000}], 0x2, &(0x7f0000002cc0)=""/30, 0x1e}}, {{&(0x7f0000002d00)=@can, 0x80, &(0x7f0000002f00)=[{&(0x7f0000002d80)=""/155, 0x9b}, {&(0x7f0000002e40)=""/139, 0x8b}], 0x2, &(0x7f0000002f40)=""/4096, 0x1000}}, {{&(0x7f0000003f40)=@l2={0x1f, 0x0, @none}, 0x80, &(0x7f0000005400)=[{&(0x7f0000003fc0)=""/212, 0xd4}, {&(0x7f00000040c0)}, {&(0x7f0000004100)=""/4096, 0x1000}, {&(0x7f0000005100)=""/84, 0x54}, {&(0x7f0000005180)=""/92, 0x5c}, {&(0x7f0000005200)=""/204, 0xcc}, {&(0x7f0000005300)=""/241, 0xf1}], 0x7, &(0x7f0000005480)}}, {{&(0x7f00000054c0)=@qipcrtr, 0x80, &(0x7f0000005580)=[{&(0x7f0000005540)}], 0x1, &(0x7f0000005fc0)=""/126, 0x7e}}, {{&(0x7f0000005640)=@generic, 0x80, &(0x7f0000005880)=[{&(0x7f00000056c0)=""/120, 0x78}, {&(0x7f0000005740)=""/180, 0xb4}, {&(0x7f0000005800)=""/99, 0x63}], 0x3, &(0x7f00000058c0)=""/225, 0xe1}}, {{&(0x7f00000059c0)=@qipcrtr, 0x80, &(0x7f0000005ac0)=[{&(0x7f0000005a40)=""/82, 0x52}], 0x1, &(0x7f0000005b00)=""/213, 0xd5}}], 0x8, 0x0, &(0x7f0000005e40)) 13:19:51 executing program 0: prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f0000000000)) prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f0000000b00)) 13:19:51 executing program 3: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac", 0x7c}], 0x3, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1e) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) 13:19:51 executing program 1: socket$netlink(0x10, 0x3, 0xd6d961deb163df36) [ 749.236887][T10241] loop4: detected capacity change from 0 to 145665 13:19:51 executing program 0: openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.net/syz0\x00', 0x200002, 0x0) 13:19:51 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) connect$netlink(r0, &(0x7f0000000040)=@proc={0x10, 0x0, 0x25dfdbfd}, 0xc) [ 749.295711][T10241] loop4: p1 p2 p3 p4 [ 749.301099][T10241] loop4: p1 size 11292159 extends beyond EOD, truncated [ 749.317728][T10256] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'. [ 749.327359][T10241] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:19:51 executing program 1: syz_open_procfs(0x0, &(0x7f0000000140)='net/ip6_flowlabel\x00') [ 749.449208][T10272] blk_update_request: I/O error, dev loop4, sector 8 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 749.456866][T10240] blk_update_request: I/O error, dev loop4, sector 145536 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 749.462381][T10279] blk_update_request: I/O error, dev loop4, sector 145536 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 749.472306][T10241] __loop_clr_fd: partition scan of loop4 failed (rc=-16) [ 749.485902][T10278] blk_update_request: I/O error, dev loop4, sector 233 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 749.495898][ T616] blk_update_request: I/O error, dev loop4, sector 145536 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 749.514225][ T616] Buffer I/O error on dev loop4p1, logical block 145536, async page read [ 749.515074][T10241] loop4: detected capacity change from 0 to 145665 [ 749.522841][ T616] blk_update_request: I/O error, dev loop4, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 749.540219][ T616] Buffer I/O error on dev loop4p2, logical block 8, async page read [ 749.588226][T10241] loop_reread_partitions: partition scan of loop4 () failed (rc=-16) 13:19:51 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) recvmmsg(r0, &(0x7f0000005c00)=[{{0x0, 0x0, &(0x7f0000000580)=[{&(0x7f00000000c0)=""/10, 0xa}], 0x1}}], 0x1, 0x0, 0x0) syz_genetlink_get_family_id$wireguard(&(0x7f0000000000), r0) 13:19:51 executing program 0: shmat(0x0, &(0x7f0000ffa000/0x2000)=nil, 0xf000) r0 = shmget$private(0x0, 0xc000, 0x0, &(0x7f0000ff4000/0xc000)=nil) shmat(r0, &(0x7f0000ffc000/0x4000)=nil, 0x4000) [ 749.804268][T10309] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. 13:19:52 executing program 5: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) write$cgroup_type(r0, 0x0, 0x0) 13:19:52 executing program 1: clock_gettime(0x0, &(0x7f0000000d40)={0x0, 0x0}) pselect6(0x40, &(0x7f0000000c80), 0x0, 0x0, &(0x7f0000000d80)={0x0, r0+10000000}, &(0x7f0000000e00)={&(0x7f0000000dc0), 0x8}) 13:19:52 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffa6150a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:19:52 executing program 0: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000300)='setgroups\x00') fchownat(r0, &(0x7f0000000340)='./file0\x00', 0xee00, 0x0, 0x1000) [ 750.085630][T10310] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'. 13:19:52 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) recvmmsg(r0, &(0x7f0000003080)=[{{0x0, 0x0, 0x0}}], 0x1, 0x12020, 0x0) [ 750.177063][T10318] loop4: detected capacity change from 0 to 44288 [ 750.240806][T10318] loop4: p1 p2 p3 p4 [ 750.245600][T10318] loop4: p1 size 11292159 extends beyond EOD, truncated [ 750.268410][T10318] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 750.582619][T10344] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. 13:19:54 executing program 0: r0 = shmat(0x0, &(0x7f0000ffd000/0x3000)=nil, 0xf000) shmat(0x0, &(0x7f0000ff9000/0x4000)=nil, 0x7000) shmdt(r0) 13:19:54 executing program 3: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac", 0x7c}], 0x3, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1e) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) 13:19:54 executing program 5: pselect6(0x0, 0x0, &(0x7f0000000cc0), 0x0, &(0x7f0000000d80), 0x0) 13:19:54 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffa7150a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:19:54 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x5}]}) 13:19:54 executing program 2: openat$procfs(0xffffffffffffff9c, &(0x7f0000000380)='/proc/mdstat\x00', 0x0, 0x0) 13:19:54 executing program 0: socket$inet6(0xa, 0x1e57fcb0d3a88915, 0x0) 13:19:54 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) recvmmsg(r0, &(0x7f0000005c00)=[{{0x0, 0x0, &(0x7f0000000580)=[{0x0}, {0x0}, {&(0x7f0000000480)=""/194, 0xc2}], 0x3}}], 0x1, 0x0, 0x0) syz_genetlink_get_family_id$wireguard(&(0x7f0000000000), r0) 13:19:54 executing program 1: openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0x4000, 0x0) 13:19:54 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) sendmsg(r0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0) [ 752.341688][T10357] loop4: detected capacity change from 0 to 264192 [ 752.366239][T10357] loop4: p1 p2 p3 p4 [ 752.370546][T10357] loop4: p1 size 11292159 extends beyond EOD, truncated 13:19:54 executing program 0: openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0) 13:19:54 executing program 1: syz_open_dev$rtc(&(0x7f0000000080), 0xc353, 0x20040) 13:19:54 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x0) recvmmsg(r0, &(0x7f0000005c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x10002, 0x0) syz_genetlink_get_family_id$wireguard(&(0x7f0000000000), r0) [ 752.398580][T10357] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 752.462214][T10387] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. [ 752.526526][T10403] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'. [ 752.536376][T10403] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'. [ 753.208920][T10406] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. 13:19:57 executing program 3: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac", 0x7c}], 0x3, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1e) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) 13:19:57 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$DEVLINK_CMD_SB_PORT_POOL_GET(r0, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x14}, 0x14}}, 0x0) 13:19:57 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffa8150a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:19:57 executing program 1: add_key(&(0x7f0000000200)='rxrpc_s\x00', 0x0, 0x0, 0x0, 0xfffffffffffffffe) prctl$PR_SET_SECUREBITS(0x1c, 0x0) 13:19:57 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$DEVLINK_CMD_SB_PORT_POOL_SET(r0, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYRESDEC], 0x90}}, 0x0) 13:19:57 executing program 2: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) r1 = fork() wait4(r1, 0x0, 0x0, 0x0) tkill(r0, 0x40) 13:19:57 executing program 5: syz_open_procfs(0xffffffffffffffff, &(0x7f0000000780)='net/ip_vs\x00') 13:19:57 executing program 0: openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x10d40, 0x0) 13:19:57 executing program 1: shmat(0x0, &(0x7f0000ffc000/0x1000)=nil, 0x6000) r0 = shmat(0x0, &(0x7f0000ff9000/0x4000)=nil, 0x7000) shmdt(r0) [ 755.359872][T10414] loop4: detected capacity change from 0 to 264192 13:19:57 executing program 3: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac", 0x7c}], 0x3, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1e) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) 13:19:57 executing program 0: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r0, 0x0, 0x0) [ 755.405229][T10414] loop4: p1 p2 p3 p4 [ 755.410818][T10414] loop4: p1 size 11292159 extends beyond EOD, truncated [ 755.433913][T10414] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:19:57 executing program 5: socket(0x0, 0x1004, 0x0) 13:19:57 executing program 1: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r0, &(0x7f00000002c0)={&(0x7f0000000040)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @private0}}, 0x80, 0x0}, 0x0) 13:19:57 executing program 0: r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000780), 0x0, 0x0) fallocate(r0, 0x20, 0x0, 0x5915) 13:19:57 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffa9150a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:19:57 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$DEVLINK_CMD_SB_PORT_POOL_SET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[], 0x90}}, 0x0) 13:19:57 executing program 0: r0 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCDELRT(r0, 0x890c, &(0x7f0000000580)={0x0, @l2tp={0x2, 0x0, @loopback}, @generic={0x0, "7ff398933ed0e5e232ed8ad61461"}, @l2, 0x5}) [ 755.537966][T10414] loop4: detected capacity change from 0 to 264192 [ 755.767082][T10488] loop4: detected capacity change from 0 to 149761 [ 755.815640][T10488] loop4: p1 p2 p3 p4 [ 755.820422][T10488] loop4: p1 size 11292159 extends beyond EOD, truncated [ 755.830761][T10488] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:20:00 executing program 2: r0 = socket$inet6(0xa, 0x3, 0xff) setsockopt$inet6_int(r0, 0x29, 0x16, &(0x7f0000000000), 0x4) 13:20:00 executing program 5: open(&(0x7f0000000380)='./file0\x00', 0x281c0, 0x0) 13:20:00 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000400), 0x4000, 0x0) 13:20:00 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffaa150a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 758.379026][T10514] loop4: detected capacity change from 0 to 44288 13:20:00 executing program 3: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac", 0x7c}], 0x3, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1e) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) 13:20:00 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x100012, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x100000000000008d, 0x4, 0x0) keyctl$instantiate_iov(0x14, 0x0, 0x0, 0x0, 0x0) 13:20:00 executing program 5: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='attr/current\x00') execveat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x100) 13:20:00 executing program 0: socket$inet(0x2, 0x1, 0x7f) 13:20:00 executing program 2: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x100012, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x100000000000008d, 0x4, 0x0) eventfd(0x0) [ 758.421350][T10514] loop4: p1 p2 p3 p4 [ 758.426664][T10514] loop4: p1 size 11292159 extends beyond EOD, truncated [ 758.444046][T10514] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:20:00 executing program 1: pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000d80), 0x0) 13:20:00 executing program 2: r0 = socket$netlink(0x10, 0x3, 0xa) sendmsg$TIPC_NL_MEDIA_SET(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001300)={0x0}}, 0x0) 13:20:00 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffab150a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:20:00 executing program 5: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x100012, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x100000000000008d, 0x4, 0x0) getgroups(0x0, 0x0) 13:20:00 executing program 1: r0 = shmat(0x0, &(0x7f0000ffa000/0x2000)=nil, 0xf000) shmdt(r0) shmat(0x0, &(0x7f0000ff9000/0x4000)=nil, 0x7000) 13:20:00 executing program 2: r0 = shmget$private(0x0, 0x400000, 0x0, &(0x7f0000c00000/0x400000)=nil) shmat(r0, &(0x7f0000e82000/0x4000)=nil, 0x7000) shmat(0x0, &(0x7f0000ffb000/0x1000)=nil, 0x5853dedad33d7987) 13:20:00 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) shutdown(r0, 0x0) [ 758.610794][T10572] loop4: detected capacity change from 0 to 264192 [ 758.665540][T10572] loop4: p1 p2 p3 p4 [ 758.669664][T10572] loop4: p1 size 11292159 extends beyond EOD, truncated [ 758.693010][T10572] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 758.708434][ T1036] loop4: p1 p2 p3 p4 [ 758.712623][ T1036] loop4: p1 size 11292159 extends beyond EOD, truncated [ 758.721361][ T1036] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 758.767188][T10572] loop4: detected capacity change from 0 to 264192 [ 758.818766][T10572] loop4: p1 p2 p3 p4 [ 758.823378][T10572] loop4: p1 size 11292159 extends beyond EOD, truncated [ 758.844608][T10572] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 758.877033][ T1036] loop4: p1 p2 p3 p4 [ 758.881131][ T1036] loop4: p1 size 11292159 extends beyond EOD, truncated [ 758.889941][ T1036] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:20:03 executing program 3: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac", 0x7c}], 0x3, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1e) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) 13:20:03 executing program 5: perf_event_open(&(0x7f0000940000)={0x2, 0x80, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0xff) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000400)={@loopback, 0x0, 0x1, 0x0, 0x3}, 0x20) 13:20:03 executing program 2: shmat(0x0, &(0x7f0000800000/0x800000)=nil, 0x6000) 13:20:03 executing program 0: syz_open_procfs(0x0, &(0x7f0000000480)='net/dev_mcast\x00') 13:20:03 executing program 1: socket$inet6_udp(0xa, 0x2, 0x0) select(0x40, &(0x7f0000000140), 0x0, &(0x7f00000001c0)={0x8}, &(0x7f0000000200)) 13:20:03 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffac150a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:20:03 executing program 2: openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x20000, 0x0) 13:20:03 executing program 5: openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) 13:20:03 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_CAP_ACK(r0, 0x10e, 0xa, &(0x7f0000000000)=0x7f, 0x4) [ 761.525396][T10635] loop4: detected capacity change from 0 to 264192 13:20:03 executing program 1: request_key(&(0x7f0000000940)='user\x00', 0x0, 0x0, 0x0) 13:20:03 executing program 2: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r0, &(0x7f00000002c0)={&(0x7f0000000040)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @private0}}, 0x80, 0x0}, 0x40000143) 13:20:03 executing program 0: r0 = perf_event_open(&(0x7f0000940000)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x2}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_RESET(r0, 0x2403, 0x0) [ 761.575545][T10635] loop4: p1 p2 p3 p4 [ 761.579602][T10635] loop4: p1 size 11292159 extends beyond EOD, truncated [ 761.643955][T10635] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 761.738024][T10635] loop4: detected capacity change from 0 to 264192 [ 761.799602][T10635] loop4: p1 p2 p3 p4 [ 761.803937][T10635] loop4: p1 size 11292159 extends beyond EOD, truncated [ 761.812454][T10635] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:20:06 executing program 3: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac", 0x7c}], 0x3, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1e) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) 13:20:06 executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff}) read$char_raw(r0, &(0x7f0000000200)={""/58587}, 0xe600) 13:20:06 executing program 5: inotify_add_watch(0xffffffffffffffff, 0x0, 0x30000060) 13:20:06 executing program 1: openat$zero(0xffffffffffffff9c, &(0x7f0000002640), 0x400, 0x0) 13:20:06 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) recvmmsg(r0, &(0x7f0000005c00)=[{{0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000100)=""/216, 0xd8}], 0x1}}], 0x1, 0x0, 0x0) syz_genetlink_get_family_id$wireguard(&(0x7f0000000000), r0) 13:20:06 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffad150a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:20:06 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) getpeername(r0, 0x0, &(0x7f00000000c0)) 13:20:06 executing program 1: r0 = shmat(0x0, &(0x7f0000ffc000/0x1000)=nil, 0x6000) shmdt(r0) shmat(0x0, &(0x7f0000ff9000/0x4000)=nil, 0x7000) 13:20:06 executing program 5: clock_gettime(0x0, &(0x7f0000000d40)) [ 764.583623][T10710] loop4: detected capacity change from 0 to 153857 [ 764.618825][T10710] loop4: p1 p2 p3 p4 [ 764.623124][T10710] loop4: p1 size 11292159 extends beyond EOD, truncated 13:20:06 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) recvmmsg(r0, &(0x7f0000005c00)=[{{&(0x7f0000000040)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast2}}}, 0x80, 0x0, 0x0, &(0x7f0000000600)=""/42, 0x2a}}], 0x1, 0x0, &(0x7f0000005e40)) syz_genetlink_get_family_id$wireguard(&(0x7f0000000000), r0) 13:20:06 executing program 5: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x220940, 0x0) recvfrom$packet(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 13:20:06 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffae150a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 764.631559][T10724] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 764.643181][T10710] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 764.734159][T10746] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. [ 764.738157][T10747] loop4: detected capacity change from 0 to 44288 [ 764.804025][T10747] loop4: p1 p2 p3 p4 [ 764.808286][T10747] loop4: p1 size 11292159 extends beyond EOD, truncated [ 764.816683][T10747] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 764.872334][T10747] loop4: detected capacity change from 0 to 44288 [ 764.915774][T10747] loop4: p1 p2 p3 p4 [ 764.920366][T10747] loop4: p1 size 11292159 extends beyond EOD, truncated [ 764.931035][T10747] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 765.402940][T10778] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 765.493416][T10781] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. 13:20:09 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffaf150a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:20:09 executing program 5: shmat(0x0, &(0x7f0000ffa000/0x2000)=nil, 0xf000) 13:20:09 executing program 2: openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000340)='/proc/self/attr/sockcreate\x00', 0x2, 0x0) 13:20:09 executing program 3: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac", 0x7c}], 0x4, 0x0) ptrace$setopts(0xffffffffffffffff, r0, 0x0, 0x0) tkill(r0, 0x1e) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) 13:20:09 executing program 0: shmat(0x0, &(0x7f0000ffc000/0x1000)=nil, 0x6000) shmat(0x0, &(0x7f0000ff9000/0x4000)=nil, 0x7000) 13:20:09 executing program 1: faccessat(0xffffffffffffffff, 0x0, 0x100) 13:20:09 executing program 1: request_key(&(0x7f0000000200)='user\x00', &(0x7f0000000240)={'syz', 0x0}, &(0x7f0000000280)='veth0\x00', 0xfffffffffffffffe) 13:20:09 executing program 2: r0 = socket$inet6_udp(0xa, 0x2, 0x0) getsockopt$netlink(r0, 0x10e, 0x0, 0x0, 0x0) 13:20:09 executing program 5: waitid(0x0, 0x0, &(0x7f0000000140), 0x8, 0x0) 13:20:09 executing program 0: pipe(&(0x7f0000000080)={0xffffffffffffffff}) read$char_raw(r0, 0x0, 0x0) 13:20:09 executing program 3: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac", 0x7c}], 0x4, 0x0) ptrace$setopts(0xffffffffffffffff, r0, 0x0, 0x0) tkill(r0, 0x1e) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) [ 767.629318][T10796] loop4: detected capacity change from 0 to 264192 13:20:09 executing program 3: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac", 0x7c}], 0x4, 0x0) ptrace$setopts(0xffffffffffffffff, r0, 0x0, 0x0) tkill(r0, 0x1e) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) [ 767.675464][T10796] loop4: p1 p2 p3 p4 [ 767.679751][T10796] loop4: p1 size 11292159 extends beyond EOD, truncated 13:20:09 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffb0150a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:20:09 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCDELRT(r0, 0x890c, 0x0) 13:20:09 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000002c80)={0xffffffffffffffff}) sendto(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 13:20:09 executing program 1: syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/if_inet6\x00') 13:20:09 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r0, &(0x7f0000000040)={&(0x7f0000000000), 0x1, &(0x7f0000000180)={0x0}}, 0x0) 13:20:09 executing program 3: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac", 0x7c}], 0x4, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(r0, 0x1e) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) [ 767.736358][T10796] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:20:10 executing program 2: syz_open_dev$rtc(&(0x7f0000000080), 0x0, 0x20040) 13:20:10 executing program 1: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$RTC_EPOCH_READ(r0, 0x8008700d, 0x0) 13:20:10 executing program 5: syz_open_procfs(0x0, &(0x7f0000000440)='fd/4\x00') 13:20:10 executing program 3: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac", 0x7c}], 0x4, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(r0, 0x1e) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) 13:20:10 executing program 0: request_key(&(0x7f0000000200)='user\x00', &(0x7f0000000240)={'syz', 0x0}, 0x0, 0xfffffffffffffffe) add_key$keyring(&(0x7f0000002800), &(0x7f0000002840)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffd) 13:20:10 executing program 5: r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffb000/0x1000)=nil) r1 = shmat(r0, &(0x7f0000ffd000/0x3000)=nil, 0xf000) shmat(0x0, &(0x7f0000ff9000/0x4000)=nil, 0x7000) shmdt(r1) [ 767.879221][T10853] loop4: detected capacity change from 0 to 264192 [ 767.969862][T10853] loop4: p1 p2 p3 p4 [ 767.977982][T10853] loop4: p1 size 11292159 extends beyond EOD, truncated [ 767.991169][T10853] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 768.062736][T10853] loop4: detected capacity change from 0 to 264192 13:20:10 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffb1150a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:20:10 executing program 2: openat$incfs(0xffffffffffffffff, 0x0, 0x400001, 0x0) 13:20:10 executing program 3: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac", 0x7c}], 0x4, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(r0, 0x1e) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) 13:20:10 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) sendmsg$inet(r0, &(0x7f0000000780)={&(0x7f00000000c0)={0x2, 0x0, @private}, 0x10, &(0x7f00000004c0)=[{0x0}, {0x0}], 0x2, &(0x7f00000007c0)=[@ip_retopts={{0x24, 0x0, 0x7, {[@rr={0x7, 0x13, 0x0, [@empty, @rand_addr, @local, @broadcast]}]}}}], 0x28}, 0x20000841) 13:20:10 executing program 0: prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f0000000000)) keyctl$unlink(0x9, 0x0, 0xfffffffffffffffe) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/l2cap\x00') r1 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_RINGS_SET(r0, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x50, r1, 0x400, 0x70bd2a, 0x25dfdbff, {}, [@ETHTOOL_A_RINGS_TX={0x8, 0x9, 0x7}, @ETHTOOL_A_RINGS_RX_JUMBO={0x8, 0x8, 0x10000}, @ETHTOOL_A_RINGS_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_RINGS_RX={0x8, 0x6, 0x9098}, @ETHTOOL_A_RINGS_RX_JUMBO={0x8, 0x8, 0x1}, @ETHTOOL_A_RINGS_RX_MINI={0x8, 0x7, 0x3ff}, @ETHTOOL_A_RINGS_RX={0x8, 0x6, 0x8000}]}, 0x50}, 0x1, 0x0, 0x0, 0x10}, 0x4000000) r2 = add_key(&(0x7f0000000200)='rxrpc_s\x00', &(0x7f0000000240)={'syz', 0x2}, &(0x7f0000000280)="870b013ed250ef36ac3e032c60f75c62c7748560b9a41f600721ba4fce37c6642db871eb24286afe9c1d8ad9fc1f26dcebc84455660d4926da05bbdd72f5acebeac3b0ab76cbc2a4cfe85b65320d5c266ec8155a0cf65082c530612a0129e3065107520653af76fc01a5f13eaa2892dfaad10d5b4460f8ac79746de5ebd1236ce6b08a455fc4a10048dac738392dc97ae060c21a3b406dcb47d339dc0ecf8be7c6bdd6cb7bc1f5908e49ed3b120889199c459d58d5eb6c8387b1ed2fcfd1f5f663fd5f706bc0850d92f466e4f498fe8285c5625f01d9b7706a0c6e8b0e278df626412e5a1a95120bd5adb448fb70b136889ebf694579c875b296646a8b380c", 0xff, 0xfffffffffffffffe) ioctl$sock_SIOCDELRT(r0, 0x890c, &(0x7f00000003c0)={0x0, @tipc=@name={0x1e, 0x2, 0x2, {{0x40, 0x4}}}, @phonet={0x23, 0x3f, 0x6, 0xee}, @tipc=@name={0x1e, 0x2, 0x3, {{0x43, 0x1}}}, 0x92e, 0x0, 0x0, 0x0, 0x8001, &(0x7f0000000380)='vlan1\x00', 0x0, 0x3b6dfc6a, 0x2000}) r3 = socket(0x1e, 0x800, 0x100) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000680)={'batadv_slave_0\x00', 0x0}) ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r3, 0x89f0, &(0x7f0000000740)={'syztnl0\x00', &(0x7f00000006c0)={'gre0\x00', r4, 0x700, 0x1, 0x2, 0x101, {{0x11, 0x4, 0x1, 0x14, 0x44, 0x65, 0x0, 0x78, 0x4, 0x0, @rand_addr=0x64010100, @multicast2, {[@ssrr={0x89, 0xf, 0x37, [@private=0xa010101, @loopback, @dev={0xac, 0x14, 0x14, 0x2d}]}, @ssrr={0x89, 0x1f, 0x3a, [@local, @multicast1, @private=0xa010102, @remote, @multicast2, @multicast2, @multicast2]}]}}}}}) sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r0, &(0x7f0000000900)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000008c0)={&(0x7f00000007c0)={0xcc, 0x0, 0x800, 0x70bd2d, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x5}, @MPTCP_PM_ATTR_ADDR={0x2c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @private=0xa010101}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x4}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x7}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x1}, @MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2={0xfc, 0x2, '\x00', 0x1}}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r5}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x6}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_ADDR={0x24, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x4}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @local}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r4}]}]}, 0xcc}, 0x1, 0x0, 0x0, 0x4801}, 0x80) request_key(&(0x7f0000000940)='user\x00', &(0x7f0000000980)={'syz', 0x3}, &(0x7f00000009c0)='syztnl0\x00', r2) add_key$fscrypt_v1(&(0x7f0000000a00), &(0x7f0000000a40)={'fscrypt:', @desc3}, &(0x7f0000000a80)={0x0, "a947214c8d87ac4d79d5c30b8bcbbce2795d4f22ea4676baf352619849f94e979dfc62dbdc7ac8454cbe2c877dbebdfb487b74524f4369801f902445ebf4462e", 0x39}, 0x48, r2) 13:20:10 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg(r0, &(0x7f0000000d40)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000800)=[{0x10}], 0x10}, 0x5044) [ 768.105993][T10853] loop4: p1 p2 p3 p4 [ 768.110208][T10853] loop4: p1 size 11292159 extends beyond EOD, truncated [ 768.118366][T10853] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:20:10 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffb2150a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:20:10 executing program 1: r0 = socket$packet(0x11, 0x2, 0x300) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000000)) 13:20:10 executing program 3: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac", 0x7c}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(0x0, 0x1e) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) 13:20:10 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x0) recvmmsg(r0, &(0x7f0000005c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) syz_genetlink_get_family_id$wireguard(&(0x7f0000000000), r0) 13:20:10 executing program 2: openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0xcecc2, 0x0) 13:20:10 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_NO_ENOBUFS(r0, 0x10e, 0x5, 0x0, 0x4f) 13:20:10 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/udp\x00') ioctl$RTC_EPOCH_SET(r0, 0x4008700e, 0x0) 13:20:10 executing program 2: perf_event_open(&(0x7f0000940000)={0x2, 0x80, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e22, @dev}, 0x10) 13:20:10 executing program 1: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xfd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) add_key$keyring(&(0x7f0000000140), &(0x7f0000000100)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe) r0 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000100)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffd) request_key(&(0x7f0000000400)='keyring\x00', &(0x7f0000000440)={'syz', 0x0}, 0x0, r0) 13:20:10 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) recvmmsg(r0, &(0x7f0000001980)=[{{0x0, 0x0, 0x0}}], 0x1, 0x1, 0x0) [ 768.300938][T10939] loop4: detected capacity change from 0 to 44288 13:20:10 executing program 1: pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) write(0xffffffffffffffff, &(0x7f0000000080)='_', 0x1) r2 = socket$inet6(0xa, 0x3, 0x2c) connect$inet6(r2, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000080)=ANY=[], 0x2bb98205) socket$inet6_udp(0xa, 0x2, 0x0) socketpair$unix(0x1, 0x0, 0x0, 0x0) dup(0xffffffffffffffff) getpeername$packet(0xffffffffffffffff, 0x0, 0x0) ioctl$sock_inet6_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000240)={@local, @empty, @local, 0x0, 0x0, 0x0, 0x100, 0x0, 0x20c200a2}) splice(r0, 0x0, r2, 0x0, 0x4ff9c, 0x0) 13:20:10 executing program 2: syz_open_procfs$namespace(0x0, &(0x7f0000000340)='ns/net\x00') [ 768.351010][T10958] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'. [ 768.378628][T10939] loop4: p1 p2 p3 p4 [ 768.389022][T10939] loop4: p1 size 11292159 extends beyond EOD, truncated [ 768.401788][T10939] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 768.472729][T10939] loop4: detected capacity change from 0 to 44288 [ 768.528063][T10939] loop4: p1 p2 p3 p4 [ 768.532282][T10939] loop4: p1 size 11292159 extends beyond EOD, truncated [ 768.540460][T10939] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:20:10 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffb3150a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:20:10 executing program 0: perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 768.669336][T11004] loop4: detected capacity change from 0 to 264192 [ 768.706497][T11004] loop4: p1 p2 p3 p4 [ 768.710613][T11004] loop4: p1 size 11292159 extends beyond EOD, truncated [ 768.719404][T11004] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 768.777232][T11004] loop4: detected capacity change from 0 to 264192 [ 768.815602][T11004] loop4: p1 p2 p3 p4 [ 768.819871][T11004] loop4: p1 size 11292159 extends beyond EOD, truncated [ 768.829228][T11004] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 769.104377][T11035] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'. 13:20:13 executing program 3: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac", 0x7c}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(0x0, 0x1e) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) 13:20:13 executing program 2: r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000000), 0x20402, 0x0) fallocate(r0, 0x8, 0x0, 0x9) 13:20:13 executing program 0: openat$null(0xffffffffffffff9c, &(0x7f0000000780), 0x0, 0x0) getrusage(0x0, &(0x7f0000000200)) 13:20:13 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffb4150a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:20:13 executing program 5: clock_gettime(0x0, &(0x7f0000000d40)={0x0, 0x0}) pselect6(0x40, &(0x7f0000000c80), 0x0, &(0x7f0000000d00)={0x59b}, &(0x7f0000000d80)={0x0, r0+10000000}, &(0x7f0000000e00)={&(0x7f0000000dc0)={[0x62fc]}, 0x8}) 13:20:13 executing program 1: clock_gettime(0x0, &(0x7f0000000d40)={0x0, 0x0}) pselect6(0x0, 0x0, 0x0, &(0x7f0000000d00), &(0x7f0000000d80)={0x0, r0+10000000}, &(0x7f0000000e00)={&(0x7f0000000dc0)={[0x62fc]}, 0x8}) 13:20:13 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) perf_event_open(&(0x7f0000940000)={0x2, 0x80, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='cubic\x00', 0x6) 13:20:13 executing program 0: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg(r0, &(0x7f0000002180)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001f80)=ANY=[], 0x1f0}, 0x0) 13:20:13 executing program 5: clock_gettime(0x0, &(0x7f0000000d40)={0x0}) pselect6(0x0, 0x0, 0x0, &(0x7f0000000d00), &(0x7f0000000d80)={r0}, &(0x7f0000000e00)={&(0x7f0000000dc0)={[0x62fc]}, 0x8}) 13:20:13 executing program 2: futimesat(0xffffffffffffffff, &(0x7f0000000200)='./file0\x00', &(0x7f0000000280)={{}, {0x0, 0xea60}}) [ 771.282164][T11050] loop4: detected capacity change from 0 to 264192 13:20:13 executing program 0: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/crypto\x00', 0x0, 0x0) write$cgroup_freezer_state(r0, 0x0, 0x0) 13:20:13 executing program 0: mlock(&(0x7f0000ffd000/0x2000)=nil, 0x2000) munmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000) [ 771.341614][T11050] loop4: p1 p2 p3 p4 [ 771.357159][T11050] loop4: p1 size 11292159 extends beyond EOD, truncated [ 771.372955][T11050] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 771.434323][T11050] loop4: detected capacity change from 0 to 264192 13:20:16 executing program 3: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac", 0x7c}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(0x0, 0x1e) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) 13:20:16 executing program 2: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$PERF_EVENT_IOC_RESET(r0, 0x2403, 0x0) 13:20:16 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) fallocate(r0, 0x20, 0x0, 0x9) 13:20:16 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffb5150a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:20:16 executing program 1: name_to_handle_at(0xffffffffffffff9c, 0x0, &(0x7f0000000040)=@nfs={0x90, 0x24, {0x0, 0x0, 0x0, 0x80, "5dd2e7d660ef1585db196d17fe663b55ae7568ae80e6a956fe35cabff9e8b65761c4d329beca2fe6787283b9763c19ad6b59512c0cb881c10b38840f96da852856f8f52e1f628461a62e07778c819bdd04c4bf934cf5baf382e337b20f1cebc7cff973a8812e7f43ff2af7b707e342bb1f68170ef0df088aa0fe42c37a503794"}}, 0x0, 0x0) clock_gettime(0x0, &(0x7f0000000240)) 13:20:16 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$DEVLINK_CMD_SB_PORT_POOL_GET(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={0x0}}, 0x0) 13:20:16 executing program 0: r0 = socket$netlink(0x10, 0x3, 0xf) sendmsg$SEG6_CMD_SET_TUNSRC(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000000c0)={0x0}}, 0x0) [ 774.282513][T11107] loop4: detected capacity change from 0 to 162049 [ 774.317949][T11107] loop4: p1 p2 p3 p4 [ 774.322219][T11107] loop4: p1 size 11292159 extends beyond EOD, truncated 13:20:16 executing program 2: perf_event_open(&(0x7f0000940000)={0x2, 0x80, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0xff) recvfrom(r0, 0x0, 0x0, 0x2000, 0x0, 0x0) 13:20:16 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffb6150a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:20:16 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000004480)={0x0, 0x0, &(0x7f0000004400)=[{&(0x7f0000000040)={0x10}, 0x10}, {0x0}, {&(0x7f0000000880)={0x10}, 0x10}], 0x3}, 0x0) [ 774.331287][T11107] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:20:16 executing program 5: syz_genetlink_get_family_id$devlink(&(0x7f0000000580), 0xffffffffffffffff) 13:20:16 executing program 0: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001300)='children\x00') ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0x0) [ 774.402942][T11132] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11132 comm=syz-executor.1 [ 774.415832][T11132] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11132 comm=syz-executor.1 [ 774.456613][T11131] loop4: detected capacity change from 0 to 44288 [ 774.525614][T11131] loop4: p1 p2 p3 p4 [ 774.530336][T11131] loop4: p1 size 11292159 extends beyond EOD, truncated [ 774.545453][T11131] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:20:19 executing program 3: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac", 0x7c}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x0) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) 13:20:19 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) connect$netlink(r0, &(0x7f0000000080)=@unspec, 0xc) 13:20:19 executing program 2: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000300)='setgroups\x00') fchownat(r0, &(0x7f0000000340)='./file0\x00', 0xee00, 0x0, 0x0) 13:20:19 executing program 0: r0 = add_key$keyring(&(0x7f0000002800), &(0x7f0000002840)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffd) keyctl$search(0xa, r0, &(0x7f0000002880)='id_resolver\x00', &(0x7f00000028c0)={'syz', 0x2}, 0x0) 13:20:19 executing program 5: syz_open_procfs(0x0, &(0x7f0000000380)='status\x00') 13:20:19 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffb7150a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:20:19 executing program 1: symlinkat(&(0x7f0000000040)='./file0\x00', 0xffffffffffffffff, 0x0) 13:20:19 executing program 0: socket$inet6_udp(0xa, 0x2, 0x0) select(0x40, &(0x7f0000000140), 0x0, &(0x7f0000000000)={0x8}, &(0x7f0000000200)={0x0, 0xea60}) 13:20:19 executing program 5: perf_event_open(&(0x7f0000940000)={0x2, 0x80, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x40) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 13:20:19 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$MPTCP_PM_CMD_DEL_ADDR(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0}}, 0x0) sendmsg$MPTCP_PM_CMD_SET_LIMITS(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000840)={0x14, 0x0, 0x4}, 0x14}}, 0x0) 13:20:19 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) sendmsg$inet(r0, 0x0, 0x0) [ 777.349738][T11184] loop4: detected capacity change from 0 to 264192 13:20:19 executing program 5: clock_gettime(0x0, &(0x7f0000000d40)={0x0}) pselect6(0x40, &(0x7f0000000c80), &(0x7f0000000cc0), 0x0, &(0x7f0000000d80)={r0}, &(0x7f0000000e00)={&(0x7f0000000dc0)={[0x62fc]}, 0x8}) [ 777.408455][T11184] loop4: p1 p2 p3 p4 [ 777.421275][T11184] loop4: p1 size 11292159 extends beyond EOD, truncated [ 777.446785][T11184] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 777.526886][T11188] blk_update_request: I/O error, dev loop4, sector 264064 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 777.532167][T11184] __loop_clr_fd: partition scan of loop4 failed (rc=-16) [ 777.540934][T11178] blk_update_request: I/O error, dev loop4, sector 8 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 777.560012][T11184] loop4: detected capacity change from 0 to 264192 [ 777.560251][ T881] blk_update_request: I/O error, dev loop4, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 777.577578][ T881] Buffer I/O error on dev loop4p2, logical block 8, async page read [ 777.610858][T11184] loop_reread_partitions: partition scan of loop4 () failed (rc=-16) 13:20:22 executing program 3: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac", 0x7c}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x0) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) 13:20:22 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000007a40)) 13:20:22 executing program 2: r0 = socket$packet(0x11, 0x2, 0x300) recvmsg(r0, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x0) 13:20:22 executing program 1: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0) 13:20:22 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffb8150a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:20:22 executing program 5: syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000000)='ns/mnt\x00') 13:20:22 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) recvmsg(r0, &(0x7f0000001380)={0x0, 0x0, 0x0}, 0x0) 13:20:22 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x100012, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x100000000000008d, 0x4, 0x0) epoll_create(0x6c) [ 780.374377][T11246] loop4: detected capacity change from 0 to 264192 [ 780.397863][T11246] loop4: p1 p2 p3 p4 [ 780.409451][T11246] loop4: p1 size 11292159 extends beyond EOD, truncated 13:20:22 executing program 0: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) syz_genetlink_get_family_id$devlink(&(0x7f0000000180), r0) 13:20:22 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) bind$netlink(r0, &(0x7f0000000000)={0x10, 0x0, 0x25dfdbff, 0x100}, 0xc) [ 780.422067][T11246] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:20:22 executing program 0: prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f0000000000)) arch_prctl$ARCH_GET_FS(0x1003, &(0x7f0000000640)) 13:20:22 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) recvmmsg(r0, &(0x7f0000005c00)=[{{0x0, 0x0, &(0x7f0000000580)=[{&(0x7f00000000c0)=""/10, 0xa}, {&(0x7f0000000100)=""/216, 0xd8}], 0x2, &(0x7f0000000600)=""/42, 0x2a}}], 0x1, 0x0, &(0x7f0000005e40)) syz_genetlink_get_family_id$wireguard(&(0x7f0000000000), r0) [ 780.568522][T11289] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 781.349489][T11299] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. 13:20:25 executing program 3: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac", 0x7c}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x0) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) 13:20:25 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffb9150a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:20:25 executing program 1: syz_open_procfs(0x0, &(0x7f0000000040)='net/l2cap\x00') 13:20:25 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000004480)={&(0x7f0000000000)=@proc={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000004400)=[{&(0x7f0000000040)={0xb0, 0x0, 0x0, 0x0, 0x0, "", [@generic="413d636636032e939a8cd722ad3d7eb9a82d381bd525fb34756a055646f3be80c6a6e8a193c903ca37a0c2b3fa0e9cd47150fb55e62d394970f5a54a429a2bedf6b17a11458351f8718bb4e556f06aa0e1228189d0191d958c4b62a8fb17d4c6e014252f17ca768b90390af2cc612c7f6c8fc561664ecd41e2dcd3e180add0330f2b520d37034b854e2ff5caeb8cd0bd5bbbb77516d369c2b3ff598050"]}, 0xb0}, {&(0x7f0000000100)={0x6c8, 0x0, 0x0, 0x0, 0x0, "", [@generic="005816eb605befeb8ca9ac3d721722a269b511cda3bea16cd5aa112d5444863f26ebe87eb069dd1de4ae2695214e366242ad65916ee8c57c63da262cd9834d0051157e9e5b52667f113c9fd72ad0838de5d7cf4d926ce635df55dabc94e611720753e24b10046e4d72d45148f38e3508b50801d06f2a6a4d1230e3042af77252814afd4597f595687f7765a857e3d542ce8573c20328ff7e6860145e5bbffa596ea7154879666d4cdcd503fe0b962f22b79e3708b1738b5cb8e6e75611322fb9e7565a03282903f473b0", @nested={0x259, 0x0, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}, @typed={0xfd, 0x0, 0x0, 0x0, @binary="16dc0f13817a722a21c0f502d2e6bf52a832e585570223dae281375139fbf2370e09f8933c913f59fe4485ba003d0d0dea13586012e60f08ec654e81b0d04c63e8cf48acf44a20b5c182e36fc3debf3c92bd03d89447fcb713c22f30a7956ff16af57f7786eb2fd7977ceaf8cd692083518c500fd69af6bc79ba5268ddd15155cbdb3053905217342a5663309c719dcc5a073519f470c26e215065600b50cbb3d7b642406e6b4b785b5dbe9c5630f0e9b41a75830ce9d9f907569318f438360c983eb4029cdf311d9e62a2c146db5a44fe55afe85d86d99b7a77559358a89b511fce042b3752afe955634c6469551d84d6cca02bc6e7c1b9d8"}, @typed={0x19, 0x0, 0x0, 0x0, @binary="b88e4b01fe5eb413eba2f027a7a989f5974c853cdd"}, @generic="638a28b0c3192d0ddc72e5df3c07bf8f9f775d49c9d4eaf607f999bbd1", @generic="5c25db552802800a519cdaf669051ce8bc891f166f7057414601c019e4b213d6c7b8dec391d343b857694035f5d78d714b8ac6820993a40adb37a5f4f50621a33db55ee690fc790b2595dc0b011b3b0e038111473b11573192ec03bd4ae27e86deaa349eb3408638294f00d70857bf0cc79ddfdb6efa3c2e5ac06d42004c53597b45e03c35e8f3b1cc1d1d0b4507e4e8ef368cebd477138fcee97a060ab8ea2ef60406c88985775dd393c372504e297deaa57fbde2c3ca11ad0159189b259e88ebe9b9560f187e3fe7", @typed={0x8, 0x0, 0x0, 0x0, @pid}, @generic="a2412830581d14514f326d92ef0bbb6ebd08ad18458d8d1d2474ec6f497e2519f3a9b633e4f437569ea15fa2a15d3ddd6c78bfa1c6f7", @generic="c4b839066878ea09eb"]}, @nested={0x45, 0x0, 0x0, 0x1, [@generic="b437b1aa3a1614cace35f0667238c93269cdcb49cf4b3d0ad1b217c54bfd5507ed30ab2a1aad6741cdc66e0e6424b7f6655cc4c503f4b7fef0176e", @generic="95de2a7b3ef2"]}, @generic="299444804f8e42efe35e1ac9d33b635cb1ab4cbd52d6e74916f50032a513ba440698f94d5fd55afc1d198df01b71e8b15c28f1b020ff28ac9c18546b2895d54311aa4906b2beba74f645023d5a39f3bafb621cce9ca70e7781f23f4c6f0450b54b806fbdf7cb6b6c3a405d6525dc3eaa44084a941fffc701ccd3956ae5a8db08e30fdabf99f55b5c029af0d9828dca0af31f4bc545ba9177ecbc9befc07f2ed0b23d1d220241a154f7ddb0ade60dc216ed1a531bdb319229180875969a551f30a248c4e5f9b45817c1da5afd3042d8aba7d545af3f88c10845289298202700d8abb1801cb271d14956877f43b0e74b1e634904", @nested={0x251, 0x0, 0x0, 0x1, [@generic="8db8a9b4f2331db5ff3712142c606ac93a58dd008e79aae1245d78453e94569f42c4737a24fe75db912f1e1edfd9e2a3fa699be45e7d2f61c80273a37a9d", @generic="929f850757d1b608acafcdff921282515e72cb8112d620713896684e7a68a41d1bef018abd612e753462b51dd3698cb4c5dbb45ba2c62b32dc386c", @generic="0e544c092ebe05d29b1fef5c06ae9ba7812b0dc37245028158d39d4c9f780c4c38e6ebe3427c61a513aa083ebe1601bb324bae3d5d434fba414611350ccc0bd250f55c0361eb462d5ac4c907e70e3c5db682eda6cc9ea54ef87f721db1212accef3959f6bba6fd7d7f313a7fcaa236e98eed957113984175228b0868215286dc330ebaa963f20030f9f4b4bc25d3254bd5dec96de0669c6d33c9c906470493d3a3926cc2aacbd749f61f2e2e2a5d04e054f44ab2a3264e192242d2fce58d", @generic="5af1cff7a92381", @generic="f28a119f47667b1abd1ac4f9c535856381a5f794d693d1dfa061aee02c9ff4ac9bf319f9c726f7f402381880bd94d388eea6bcb5ccb7eb8a1fd7d2742fb747a4c4e9c935846e2f5475b6cad65a3ec4b4c5a01759e5ae34e9c737698a05bfb30d91079ada281bd48ef95bc46ea1f182af59f40a97717929171aaa9884ad20672350df51d455676ff524052dbedb973f6da40fcb1d161d50774902ce3896287a0c3c28a541759234f3ea6ea862986d3fb069507cdf530c912e36c60a76f1220898cb7f0f6cdaf7", @generic="d37bfa75c6934ad3ecc81bea31ce922185a140f76b640ca1b2efd9d982e31a2dcaf0f46ae116462f07d60e85fc06661cfbfaadce5dd22a1e1b48d6f30d312ed0f1de8dfff489270629"]}]}, 0x6c8}, {&(0x7f0000000880)={0x174c, 0x0, 0x0, 0x0, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee00}, @typed={0x6, 0x0, 0x0, 0x0, @str='!\x00'}, @typed={0xc, 0x0, 0x0, 0x0, @u64}, @typed={0x7, 0x0, 0x0, 0x0, @str=':\\\x00'}, @nested={0x1715, 0x0, 0x0, 0x1, [@generic="23263e05cb754d5eb0e0fc9f8f5d7310e3aab37823e20a005afb879c7353ab739f412a13ea8e0450916ac6c7abb434f1795c7d183666d04d7643757e6f7f5238129ebbcf8c7a15c5b837343da5978ae1bccf5412a23719a9553a8f9a32e22926d26c1f745fbf2af03876dd81bec3dcbcc912dcd9d6d3c86d739b1c9511d23dc09d72927879b43d6fcf59653b4b70a2240a01c7db91c2f20e87f3a9454dda4eee15bc9e8d05354dbc14798e73df7c42d905f07dae59ab06244fe07f2b9750df67c58e549d0e947650b09e21c0d734bcbfa5b2b8ef7e18a1d725efbeac4559dfce9097dabfe99e76d3d112c56c19795809bdad16ad08642976df9f23933d8fda492a763a39fca805d7bb719f158b212b932a0fb05edd9dea7d16f784c1895892f87e12fe292eeeb9643e1faf4c3c8aad9121d32bf24a53190910447757ce468e5d0d4eeb7774fbd5713ff8f3cf727917c3b13cb6d57924fec3e51f5b841df66be0482cc47917cff6f54094a834aafeff404322e468772ef8c118b3831aa96304514efd06c6487e3660dab34c85e68db190cc2ea1c93e832b2e92d8f230ba5adc7c1c194213ae0dbd67d51a3e7c3115f6391fe34fc012a775442778853025ce561b5ce80bab7849a070066527af326e5e6464ccf47099084245ae83c940db200bafccd7e189e15da6a0ccae17c5d5e799bda3b0bda96f387f25973ea93d1b1fdbb61aa95bf7dce3bdebc7dc0c166ec5ff735316e1a961333661267e6447e30cc0845a4b961fdc339fc075d0b2cb011082aeb880e1d8a63c8a45c6299231116fb588c82d7ae13c9492c580088eec37504a0ea344127bfc8d22728865dd584539ec3ae9f041824ac783aea3e2beeae191064e8bfca5e85c22d051f0c7311b8856719e816e35cef77b7f8a2bde7a2fcedd557eaecc153c2d18ccada45031bc0538c6c32f87fe2d435448e366c61597c7453c994c712be44bc7b612a265b5705e5b3bc8a63e58af803d98adbb05fa43f3018b1f2d38c2e17e41b7140c22fb38816f2efcd7f7446d25d677129e13be15b07e4415b193b2734bd36c2d9475f3649f24d5af7a413dc2debcf4939e26b189b95df9e0a69757b5a2e2080ccc4707a3664d2dc501a8b3ef3dd784e600473e3b7ca0cb6637133b15387d0ac4b0347cf725e0df1246933fcb761c105c588c96acaa6a787235dedb8345660a7264a39ccc7b119a7584de7d0e240164dde3287b697a71cd174a9a4f1f20344499a627a34843748985618a25d4d615860e70a0136ea635e79372ad617f2110858fcfa33649755d3b62cd99438a3802890ba6971fa4351dfc7800e55d785142172d02c14a338e322585c610ea43b442bdf6a74a9a5f6e5e9b7fea8aa6cfdd79feb0603f1fa3a7f853d91c34ff0a5fb5a191c759a8e1c63300fb2b78c082f0500509ea9044786f8dfa612ef3a76080083b4147d2f1257a955ef592c9024f6a53011b0c2456d758107855c8b242d0ff43530e71f4f63a11c4b19291f6194df7801c326ac9871a5c874f983d189c1c72de1ed673c8f952dfbe9e82c2033caf03f642a89a02cab1cc8520921b91d5b7670351d24e70b90a917b85ee8b6687df425a628a5c476f5e753af52762e1ba2c52bff5b96959f3a559c52242064263cc11615b4d3803d225dd5bbeafc1ed8f9d13b4d506985e8f6e9ac06bdfa6df153f175a75127183f064de2257e6684168a73fd4f1bb0fc1ac2cc49581b1816bf946658493aebed86622b5e0fd1ded1f599d4b5c032a8fdb6eed81fc7702a532702c232b6346e1f915ae1a8cf72f8329a504d639346cd000280bbeac2747d25ad8f328361adda7fc425080b55d0433eb78828c0201bd2106684ad8e32fa68d8a93c111b65760316d2c78aa40c18889d5633e236f92bb4629de3899a19c012bef8be7f0de0bb24c662c9877b56d18c4ffc61a6cf88ae1ce4b8b830ec566c72a7346789a6f0f1e1955141f58bf4187963f55c5b6c74162d29a83ecfe41a02c3b9df6f2aa5d84a6ede651188538d868d5460ed9e821bdb3daceb07c8f55cef38e9c70d4031e263aa9352a0b803535f0bd24ee3a407c38593aeced6ad6ab39a280b86188dc836e98e3b309f0a04d1be23ba73fcf5cec93044fd2460c589d7370ca4e9f7baed1ecd3cdc625e44bbc5e449ce9bca92fad3709dd019d4acb1704f715e0a1f747ee67362d1a33b73ee331ed58bc9d8c35e62dc228415cb0af1b34488fdaba56fb8bb362fc40aa0f432cbc4cda8c95f377b3481fb9da4ff3abaa3cec014a58548f29797c4c8aa24ec69402cbf4d34f0cf02b2053843d8ca62ed5aa00e2c64f306e6e1496052523e394871a2e7a6c4345bced7e8112109026e40951d27db08c4d45d3faac2b5ab5e0734ed9de45d7ba69d1c834f76ee63830d723ba9b6c11f512cf2bc957b5a47f7c02b0e8e9856453d7d855f074ab6340bc870623c05644033095a30794a1aa4b63a5ccd39c833be4b347d23dd7f2d75963b6c39021259e735130b739cb0821f72468164c345d5aecb32f84d785315c35c0a4b69b0524b128d403a4bfa88ccd667b6d23fd6d387d88e0cc39a977f8da47f84cc094b35851030210c994ec9b8e641290ac382268e87805b3ffb5433e6a2e2b0bbb2e627e4bb9b81fdaf92a19cf896980a2dac015a74e2e8dc395497d759660fbeddbd425cdc678430b09c850c78e0c5c8cdadeeb5b49dc33702c359d6d70fbc6c32da8b90e2e54fc144eb0ef3f883a66a592daa8e1eeafbcd88f40d50a934e81104f05cdd1bfaa48dd7a805d9b7fb0e6453c7f9a322c620a590c98a340288e416878125ccbddee47e7730acabf83987bc88dbaffab0abaf8d705d92f25964aa446f80e3a792d8e11cc782abe43efde9b8e2c656733785c72ee6b149ab89d87793609dbd1ce2fefd156bf81ba5c68b5f5d9a7592a12eb69503cfefa947a383c27a6c67e26990665643ad18d2a02cae74668a2d05a98205feea3cde4bee29bbcaf041c0370086427d6a0d38209634e79e86affcb4b3bf4e86557e3d72bb61a55818599f0a1b79e961df5fac364b12cd5432cda3391c359fc5e71cd320aac773d2891d469b9a6b14567e7d32875487db328830f08344f01a5074433078a3e3334e4a392942400367ed93655dccb775959e383db44d91dddafd66930febeea42ad8590461e45ea639bd11ef011bdc624bc155c97f27fa01199dbc569861b5be567a2cd9a0b6a8bf94f8ef2833133e4050a987e243ee5f4e3ff5745c3e711f674c702562998765d4548873c4520b81a34a03762208e3f24a60745c2cb6ae4fa19efbc189afd9d2d43800c57d09fa4e0dddd08fa4349ba0b4d4e37a112c364846580aad68ac76eceea5116286fd605b60604d2fc38795d5cbb93acad2505df3f24f32f8470247c740ff88d25ff70a5913287797ff2d26d29986bcfc66cf29daba97995d8df338494c56ac5f35d68c16fbf08ea60b33d5232ab64451d2a1193a374896e57e68e53ee072180016f4cd714a7b3d6bf63a73b732ec4426e7fd25162d75446be5801129f9521bbdf3181c54df69f395f6f32798ec7960bfd538e7f2dc2eb7f43045000aef40ead297658c5a4954c0d34a842ed593bb6281e33583cc733861ae884f10fa59f2bdcd1c6218291a65a0c3fd5c4caa2c050a294d4e961e0a87608af757d5a1c13edefb9cd962a679395b849d29aa9a7e83b571231ffc53b2a812301087dc3e79a5e1aafccd0075462000fd73bf1fae62b5c40823c098ea33d803adcd70a488c4c8dea6b2ee06148f419ccd6dd9a3668de60348c1f94eaddcd5a2e3ffe196c748efca5a05497f56893f0e138a83acca5f4b40e93d71c4a5c2b6e0d06642445b759810418a03475e21c5cf46e2231c947d76d7964d89a03f16a293870af045fda094bb93d31e3837e381b8121f1eac46b9cf39289123c2e3d8a1f300ec928d82bd42e7dde25c9d6fce1eb6e8f4b399f0253fc53e1310196f8d87af09fc9cc4223d714ec7dfaffd09520160af62d5d0eed5575950dd0850bc53f2ceb535e1aaf2e3e916f93a692af869dbed2a0a2f51d6cb5eeb3583fe8f10fcf356252553c25a2f7772edb4365e4ca46c200473fee71a6e7f1a4dd97dec77b1b6556396fb24f402fb39985a2f523c24375e25b6b162eee939250b5d513db7b37b03267d47bc879e9ebb7042bc474c8bbd6547188b824b9c2c69eb764b81b5ae93ec66bff1708b6f70bdc7d69dcd35160fe6a4680c281004b062f2a1d7f7399d54ce064939fa6d940649378d47d2b3678e3a82b421d2ef745d8122530cf8f2df7cef46055757f8ad561e6eff2d3abed46757fe44b1c5b838f194ca8f0b96d4a865042541d9f27a724d4fec22e08153eacaf395347044071e71a836b4f4b62a8ea67d563f83ffda40e1055c78e96d20164798c5a85d7a976c54a8ec32126c072711c02d7f0a3a3127a631829b1058c865cdd6a0a9542956159209561347f2c185160ab84394f9411d2c3c26bfe196f6ed528a42bfd3a551091d1476d6f04d6cc384c2557d8c53341db824b1d4bff7a6e10f0fa04017e23b1b541fde904f0009e4aded75dee4ba0be18dc756a886b0c7e5af815025dfafe3313378d1986f77f10d19bda4250c84ecd8e35715d0a7fc768b3a223beffc907843974f0b30dbf5bf991a622a644ae91bdf3eb7966bc2537221dd9069d9b211b733ee4f5be0c3d2fd65b547be40990d3b4059431ecdc659c8aa77abf6586e6e6ff159d38d75c32f97f68e41fe958a7df4abda057b44fd3ca9ac36c89c64ebdab9998a0996703bcd45d20958756835d027ea54328b48cf823a15ddfab4e1190a5f70fcd454a2a47fe65014c7d33d7d8666d76459d8f6104154c2f5c57d8e1483ce98667d193f009dfaf9ac17b0246ac6893a10064ee001f8a738a0becc74cf631e8308fdb8b053d0f4aa37343504127211b28e31c414ee8bb46614a26174b60f287afbdba0c494fe628e3b13185b4ad3a2de7acbd300ea9bac386b3f745587fb6e25fdeea4770e6faff19e509f839c743f06ff1791c78828716cfe517ab5f6868548392a3de1fd77f2060e44505b4a3d8127f1a615f9adf8e90d5c69afca68a911ebb35be4f6c50ff71d788de52042dbf2763a8160d558868726210106106879e2523d0c58783df00c168b8cdde3ccd4781fa7f908b3aaeaa1bd2a07ad373dee19297f1eb186dfa43a9f1a034c8ed3938cacb0d9073534086aa143ba0c538184a4d87f9b1eddbc3ac00b404bf5017deec4bfadc2e6029c30b4428271b00daf0232edd30c48614c091fb908de2dd6af009ac4c49b98c9092c46b270d7dd993d7897a3bbd4550c17a010ca70ccf6067df71c44b7229b826b9bdbc5088dd2fbf09bdccff2e1a2c34e575f310ab0bd00b8bc19265abfb3647eb540bf014e90b765c78f8316dda7d0d7821d2f5a74206f6ff278130f9fc2b492b55da1976e6a3ffb3d7eb4a0c34e7571af05f2caf09eac4f5581f542c92c9ce34b8b214fa46de1b0cb1f89b545b24ccb081f91985b75510984592109c3782adbb011e9b6f55680058418565f03d9dc86a85066f4e8583634793e627c9dec87e0a84ea23b005baafd3384d6703e4eda54dc0ee8f3324f96c176208eedfae01c0a55e706d3dcb0d0dc27785eb9343321dfd202cdab07d9e5edd6fc87106e4507f3761efdb3cdbf36e10e7187a9194e4d48ff8c5b8a54155b1f944ffc0d84da755d6c73068fee5b1a8a4c9f72c1c0519c20668577dcc8b24dc289d5fcd641c1a4bbe5900fefd7258c63d", @generic="413601745635f87e33642b329777a1dc4eae2866c9be831c1bbf8e66e986d63fea06467a3054398c4bfb9b513ae1be97073c439111de761323f5616a7bd8b8fe3f7303b0c833d1971ef280a65ffd21ea1571d4a654c751df313016be79ecc824b47a565a2cdb6202e0750a0cd86ac0a0c64fd87c57fb5acd0a4a2b0df5654e1be5184a187d7c5b7302030ae76efa9cf67d103a750ebf23ffa0952b800a3c85d8b46731e0c167c7293a1c08db544372047c1f7ee0c719f3cd5483f07d3f7006ba5c1f524bc2e0538f0f05c82ca6dab2260a05e7245b3a0c01586a796dfc47ccf971c5286a02d77b35284efd9095efc3d35b7c2fdcce4a907e99cd6515ff567a8f91ea30daddbae98de1dadd48cfe9c13cdbcec79338c25d06fb0cf802bb11b35e229e6fa367d6668feb7c266ed7aed24968a32dff38eda4c1697abba50e07e0edb23471280704ee211ef300ed2b0e3e63f976baef04d324e5812969dd1f582f8fc4927f4cc826bcf822372715e5fa1dc121dfc481af07f5d8e98474bee4c4b5cdd4aea6f26db6280ad6f50f216615ba7aaeafe67ed02f9056b9e01e17996796f152a1ddeaf608d8a8b6f5a5c3c59d4d220f3614ece2df02367ea21c601cd9a8634119e8e966cd884152d7e637102697d098259d5ccfad030495cab49c64f442b50af7ab34e549ca402551d690cf0435aba77285cec87244b900365bc0081adb57178d992dfdfa2441fc382b4384c8c88074e169683ccc952669d548ee2fe86353d0bfa2568bfe7a024750bdf147bbd28babc9f3466a983f65759d24cb37cfdaee4e82653367906b714c8d57e4426dd4450acc802f810803eb9476ba3e621d307f99faea1125fd51574aac5c0055c0347d3dedf9490b4b43d8b8b19d109cbc3907c8675af5d6e99340d485d5af9fa35cbc09173fb8d1e3c94bff385f8af91e13f9eeb25fafb2a2c7af4939867e15bb51ab62264832b247e80ad9cdb31fb08ec1019d659041c844e2e3ab89aff5cbdc7a6fb219963fe5c09a928b7ee5db9d5f427de8e33d1bd82b200607a0b2239700eabfc6456cbaf408496ad551d2e1cd54dce912d85346358f9c7fd50911b0047a1f5776966d6146f0c879c4ecb56ab38a8224a0c62d2c48905ca42b3102eec8e10e6e59b7e4fe9198ffd36cc1bdba3813b44351d433f51ee6cd67b3722dbabafba3356b7d5e347ef80f043eb2a2563bbdfd652f3ba75de96b96e4c672bf8a2723590b4d618e22d482044d6342af1812081e571cad90611f71db2f54df2075be6e05a2abf56692e27aaafdbb8f2ae4b780900ef07a4047bdc005e83f00258a9937810c6fa9a26483d68848d9b217a5d6454b163ee27310586e400a4100e39819cd50e3e061e74048be1dcb68204793b980aa4e1d590c03f60dca70889aa04bf057d9f12ccf610e4b6981d9e626b84c8b2df13d61a32f63c3cdb1005f7b14987e1a77eb1f26c5352638c61b22f2692d8aacde60715f80d42ecf321b50aa23c6914b5a1b493d23fcd94c94f16fe0cd66e20b97196504ecc9475bd8252543528dbe6ebf5bb6d6a2fc6863a0ce9e0f3235d59652bac305aa5c2ea2390b3d69f6261f033e714799a3e4297f92ffba0e60ee728b772acbf0b71a214f854c9e2134f6d3e493ca2010f3fbf95ed650cc79aa5844995d54241128ce224eecf78a13736d528bc59bdb71aac250c0ab995ffa3e88a8c9b71b0759bbc762d52dd2f535b36c660bc28803382b7e5b9c46f8bcdf11805553d5184b3b57bd29dcfff1503dd0e637153cb3665d12dde6bf59caa8e7259a690451c8a48c7f14b11218ca136da4cd07ddd95463aad5e1ababd78acd139ac427401b1451b0688e7a081b71a4d1e7340a041c917a079e6594c962bd9a3686c125d3c843fe8759fb28f9529b9221046467cdca5d5ed2bee1d191c5ae76f8241fe29a57d134091dd88c04e275d7afc036b0f4eec9513166f14df71bfdf8f3d4aab1a128de3774c6eb748524be31bcfd29d081f9d0e2afee48b32023f20d5cdb6c0a8728e49e540612e1c6c68ac3f9336553e7cfc8d28345a6c732522aaa2d6aaf2a4ff1f5d683ce942ee6a5720c1e8466ac02d5057c967c8f4a66239115a44dc5748462df3694994af036cb9bd7dc55d0ef5af5800db2ce3938d4d9ba817a218767c8242d2ea7a5cf9deba798cbce72bed2eb10c07146f102eb395bf27d2a137a1252f31837d6ba2e50ecb6198bb1acb4927723fc7638f1b04c97d38391eb65a1b4b45339ea860a94725f3aea583a827718ffc4f5125f95a465a9d339c14a6d8f92590a2c018e3681ae829125298b91a33a598677f8fa3f4410521f046840dd4ae38e545f28d10594c07f126ca81cb965f50cbc721c5b719f380977939ffe23e034679a5fd5ce7836a48b4648355fe999dac9e3debb40516e758195649af52f08fba5a292cd7ddf7449013d9094a15389b268c0388f7967f813c0e65f806c0cf7f2232ca0f534b19dded0b2c1b2499b20aa084f83ef298f92a9c787981482349a694caf1a923680f18724cc64cdf5e774132c63ff9e"]}]}, 0x174c}], 0x3}, 0x0) 13:20:25 executing program 5: socket$inet6_udp(0xa, 0x2, 0x0) select(0x40, &(0x7f0000000140), 0x0, &(0x7f00000001c0)={0x8}, 0x0) 13:20:25 executing program 0: r0 = socket$inet6_udp(0xa, 0x2, 0x0) sendmsg$inet(r0, &(0x7f0000000780)={0x0, 0x0, 0x0}, 0x0) 13:20:25 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x4, &(0x7f0000000040)=[{0x5}, {}, {0x3, 0x0, 0x0, 0x5e3}, {}]}) 13:20:25 executing program 1: r0 = inotify_init() inotify_add_watch(r0, 0x0, 0x2) [ 783.406589][T11308] loop4: detected capacity change from 0 to 166145 [ 783.426048][T11317] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11317 comm=syz-executor.2 [ 783.439130][T11317] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11317 comm=syz-executor.2 13:20:25 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c) recvmmsg(r0, &(0x7f00000002c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c) ioctl$SIOCGSTAMPNS(r0, 0x8907, &(0x7f0000000000)) [ 783.452503][T11317] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11317 comm=syz-executor.2 13:20:25 executing program 1: sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(0xffffffffffffffff, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) setrlimit(0x6, 0x0) recvmmsg(r1, &(0x7f00000000c0)=[{{0x0, 0x0, 0x0}}], 0x2b, 0x0, 0x0) pipe(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0xfffffd82) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8486, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7ffffffffffff, 0xffffffffffffffff, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f0000000240)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200), 0x175d900f) 13:20:25 executing program 0: perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_setup(0x1ff, &(0x7f0000000400)=0x0) io_getevents(r0, 0x0, 0x0, 0x0, 0x0) [ 783.498921][T11308] loop4: p1 p2 p3 p4 [ 783.503076][T11308] loop4: p1 size 11292159 extends beyond EOD, truncated [ 783.517417][T11308] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 783.578893][T11308] loop4: detected capacity change from 0 to 166145 13:20:25 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffba150a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 783.621450][T11308] loop4: p1 p2 p3 p4 [ 783.625960][T11308] loop4: p1 size 11292159 extends beyond EOD, truncated [ 783.634913][T11308] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 783.644687][ T1036] loop4: p1 p2 p3 p4 [ 783.649090][ T1036] loop4: p1 size 11292159 extends beyond EOD, truncated [ 783.657495][ T1036] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 783.695057][ C0] Scheduler tracepoints stat_sleep, stat_iowait, stat_blocked and stat_runtime require the kernel parameter schedstats=enable or kernel.sched_schedstats=1 [ 783.762286][T11375] loop4: detected capacity change from 0 to 44288 [ 783.815697][T11375] loop4: p1 p2 p3 p4 [ 783.819946][T11375] loop4: p1 size 11292159 extends beyond EOD, truncated [ 783.829750][T11375] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:20:28 executing program 3: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac", 0x7c}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1e) ptrace$cont(0xffffffffffffffff, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) 13:20:28 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4) bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e21, @local}, 0x10) connect$inet(r1, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000000)=[@mss, @timestamp, @window, @mss, @window, @window], 0x200002d4) setsockopt$inet_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f0000000200), 0x88) 13:20:28 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4) connect$inet(r0, &(0x7f0000000180)={0x2, 0x0, @local}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000040)=[@mss, @timestamp, @window, @mss, @window, @timestamp], 0x200000000000018a) 13:20:28 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffbb150a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:20:28 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000340)="66530700ae897094e7b126b097eaa769be6d05c41bd34e677d114b654b499374a8db38f8c44f7b7d9ce423c26f45958dc387cf4c2e1fea4b7a3dfc8ea6a7efefe48dd9e05485b4ff15f715134d82ce9c0952d644157684e3dae491de7642a7c52cc2d523be91b5877341e0e1dcc2025aa18c9228103b66e1d49d31d322dbecfa758aa49e4b422ffd4513c3d29e5b1db802a67fc626c1c26798e8d3fcea709d0bfe87e7d8ee5a045b2cc14fc7199731f8acca2e06441c3cf9112bb170cff9a94c182c736be392a725de4d79632d65574cd4237137c2d92f39f350e4288308b3e2", 0xe0}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x5) tkill(r1, 0x34) ptrace$cont(0x18, r1, 0x0, 0x0) sendmsg$inet(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)=[{0x0}], 0x1}, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) exit_group(0x0) 13:20:28 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x300000b, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) writev(r1, &(0x7f0000000100)=[{&(0x7f0000000000)="390000001300034700bb65e1c3e4ffff06000000010000004500000025000000190004000400ad000200000000000006040000000000000000", 0x39}], 0x1) r2 = socket$netlink(0x10, 0x3, 0xc) writev(r2, &(0x7f0000000040)=[{&(0x7f0000199fe1)="1f00000002031900000007000000068100ed853b09000100010100ff3ffe58", 0x1f}], 0x1) r3 = socket$netlink(0x10, 0x3, 0x0) writev(r3, &(0x7f0000000240)=[{&(0x7f0000000280)="390000001300034700bb65e1c3e4ffff06000000010000005600000025000000190004000400fc63a2985001000000c19e0e1879d632911f7c", 0x39}], 0x1) 13:20:28 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f00000002c0)="390000001300034700bb65e1c3e4ffff060000001a0000004500000025000000190004000400ad000200000000000006040000000000000000", 0x39}], 0x1) 13:20:28 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000340)="66530700ae897094e7b126b097eaa769be6d05c41bd34e677d114b654b499374a8db38f8c44f7b7d9ce423c26f45958dc387cf4c2e1fea4b7a3dfc8ea6a7efefe48dd9e05485b4ff15f715134d82ce9c0952d644157684e3dae491de7642a7c52cc2d523be91b5877341e0e1dcc2025aa18c9228103b66e1d49d31d322dbecfa758aa49e4b422ffd4513c3d29e5b1db802a67fc626c1c26798e8d3fcea709d0bfe87e7d8ee5a045b2cc14fc7199731f8acca2e06441c3cf9112bb170cff9a94c182c736be392a725de4d79632d65574c", 0xd0}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x5) tkill(r1, 0x34) ptrace$cont(0x18, r1, 0x0, 0x0) sendmsg$inet(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)=[{0x0}], 0x1}, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) exit_group(0x0) 13:20:28 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000780)={0x0, &(0x7f00000007c0)}) ftruncate(0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, &(0x7f00000001c0)=0x1, 0x4) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @remote}, 0x10) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000040)=0x2, 0x4) sendmmsg(r0, &(0x7f0000007f40)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000400)="9f", 0x2bf}], 0x1}}, {{0x0, 0x0, &(0x7f0000000a00)=[{&(0x7f0000000940)='!', 0x1}], 0x1}}], 0x127ad, 0x0) setsockopt$inet_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f00000000c0)={@in={{0x2, 0x0, @dev}}, 0x0, 0x0, 0x3f, 0x0, "011e1f312af8f112ef80ca791a9e3700d026e26498bb74c36671a7bf3b73ebe5a98c5e4718a488cd3adccbf61b482886e36dbebc1eed5918fee04c2900669fb6f91a3dce7a8b4201c65a29979c0f7cd2"}, 0xd8) [ 786.444890][T11405] netlink: 'syz-executor.2': attribute type 4 has an invalid length. [ 786.455227][T11408] loop4: detected capacity change from 0 to 264192 13:20:28 executing program 1: r0 = perf_event_open$cgroup(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0xc0189436, 0x7fffffefafff) 13:20:28 executing program 0: syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736617e43c00088020000200000004f8000020004000000000000000000001", 0x25}, {0x0, 0x57, 0x200000000010ffd}], 0x0, &(0x7f0000000240)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) open(&(0x7f0000000240)='./file0\x00', 0x141042, 0x0) [ 786.495604][T11408] loop4: p1 p2 p3 p4 [ 786.499845][T11408] loop4: p1 size 11292159 extends beyond EOD, truncated [ 786.502015][T11424] netlink: 'syz-executor.1': attribute type 4 has an invalid length. [ 786.517668][T11405] netlink: 'syz-executor.2': attribute type 4 has an invalid length. [ 786.529052][T11408] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 786.532035][T11429] netlink: 'syz-executor.2': attribute type 4 has an invalid length. 13:20:28 executing program 5: mlock(&(0x7f0000ffc000/0x2000)=nil, 0x2000) mprotect(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0) [ 786.576146][T11429] netlink: 'syz-executor.2': attribute type 4 has an invalid length. [ 786.594836][T11408] loop4: detected capacity change from 0 to 264192 [ 786.614269][T11454] loop0: detected capacity change from 0 to 264192 [ 786.641740][T11408] loop4: p1 p2 p3 p4 [ 786.645931][T11408] loop4: p1 size 11292159 extends beyond EOD, truncated [ 786.656339][T11408] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 786.659648][T11454] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 786.695124][T10936] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 13:20:31 executing program 3: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac", 0x7c}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1e) ptrace$cont(0xffffffffffffffff, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) 13:20:31 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = open(&(0x7f00000009c0)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x11, r1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4) connect$inet(r0, &(0x7f0000000180)={0x2, 0x0, @local}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000000)=[@mss, @timestamp, @window, @mss, @window, @window], 0x200002d4) 13:20:31 executing program 2: sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(0xffffffffffffffff, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) getpid() r0 = socket$inet6(0xa, 0x2, 0x0) setrlimit(0x6, 0x0) recvmmsg(r0, &(0x7f00000000c0)=[{{0x0, 0x0, 0x0}}], 0x2b, 0x0, 0x0) pipe(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0xfffffd82) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8486, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7ffffffffffff, 0xffffffffffffffff, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x6100) write$cgroup_type(0xffffffffffffffff, &(0x7f0000000200), 0x175d900f) 13:20:31 executing program 5: r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c) setsockopt$inet6_int(r0, 0x29, 0x3, &(0x7f0000000000)=0x3f, 0x4) recvmmsg(r0, &(0x7f0000002900)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_opts(r1, 0x29, 0x3b, &(0x7f0000000200)=@fragment, 0x8) sendto$inet6(r1, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c) 13:20:31 executing program 0: open(&(0x7f00000009c0)='./bus\x00', 0x141042, 0x0) r0 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) lchown(&(0x7f00000001c0)='./bus\x00', 0x0, r1) r2 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) lchown(&(0x7f00000001c0)='./bus\x00', 0x0, r3) 13:20:31 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffbc150a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:20:31 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x10, 0xffffffffffffffff, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f00000002c0)="390000001300034700bb65e1c3e4ffff060000001a0000004500000025000000190004000400ad000200000000000006040000000000000000", 0x39}], 0x1) 13:20:31 executing program 1: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_opts(r0, 0x29, 0x3b, &(0x7f0000000200)=@fragment, 0x8) getsockopt$inet6_opts(r0, 0x29, 0x3b, &(0x7f0000000040)=""/68, &(0x7f00000000c0)=0x44) [ 789.476384][T11501] loop4: detected capacity change from 0 to 264192 13:20:31 executing program 1: perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x32842900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) creat(0x0, 0x0) 13:20:31 executing program 2: sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(0xffffffffffffffff, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) setrlimit(0x6, 0x0) recvmmsg(r1, &(0x7f00000000c0)=[{{0x0, 0x0, 0x0}}], 0x2b, 0x0, 0x0) pipe(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0xfffffd82) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8486, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7ffffffffffff, 0xffffffffffffffff, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f0000000240)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200), 0x175d900f) [ 789.536584][T11501] loop4: p1 p2 p3 p4 [ 789.544783][T11501] loop4: p1 size 11292159 extends beyond EOD, truncated [ 789.558947][T11510] netlink: 'syz-executor.0': attribute type 4 has an invalid length. [ 789.569751][T11501] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:20:31 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) get_robust_list(0x0, &(0x7f0000000240)=0x0, &(0x7f0000000280)) 13:20:31 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_PASTESEL(r0, 0x541c, &(0x7f0000001840)) [ 789.602398][ T25] audit: type=1400 audit(1621084831.759:20): avc: denied { sys_admin } for pid=11526 comm="syz-executor.1" capability=21 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=cap_userns permissive=1 [ 789.650415][T11513] blk_update_request: I/O error, dev loop4, sector 233 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 789.655428][T11531] blk_update_request: I/O error, dev loop4, sector 264064 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 789.662266][T11501] __loop_clr_fd: partition scan of loop4 failed (rc=-16) [ 789.680110][T11511] blk_update_request: I/O error, dev loop4, sector 264064 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 789.694961][T11504] blk_update_request: I/O error, dev loop4, sector 8 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 789.707470][ T616] blk_update_request: I/O error, dev loop4, sector 233 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 789.718724][ T616] Buffer I/O error on dev loop4p3, logical block 1, async page read [ 789.734752][ T616] blk_update_request: I/O error, dev loop4, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 789.745799][ T616] Buffer I/O error on dev loop4p2, logical block 8, async page read [ 789.757607][ T881] blk_update_request: I/O error, dev loop4, sector 9 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 789.768633][ T881] Buffer I/O error on dev loop4p2, logical block 9, async page read [ 789.776476][T11501] loop4: detected capacity change from 0 to 264192 [ 789.778232][ T881] blk_update_request: I/O error, dev loop4, sector 264064 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 789.796794][ T881] Buffer I/O error on dev loop4p1, logical block 33008, async page read [ 789.835619][T11501] loop_reread_partitions: partition scan of loop4 () failed (rc=-16) 13:20:34 executing program 3: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac", 0x7c}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1e) ptrace$cont(0xffffffffffffffff, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) 13:20:34 executing program 1: r0 = socket(0x29, 0x2, 0x0) sendmsg$BATADV_CMD_GET_TRANSTABLE_LOCAL(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x34000}}, 0x0) 13:20:34 executing program 0: perf_event_open(&(0x7f0000000040)={0x2, 0xd1, 0x6a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$tmpfs(&(0x7f00000004c0), &(0x7f0000000500)='./bus\x00', 0x0, 0x0, &(0x7f0000001ac0), 0x0, &(0x7f0000001b80)=ANY=[]) 13:20:34 executing program 2: sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(0xffffffffffffffff, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) setrlimit(0x6, 0x0) recvmmsg(r1, &(0x7f00000000c0)=[{{0x0, 0x0, 0x0}}], 0x2b, 0x0, 0x0) pipe(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0xfffffd82) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8486, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7ffffffffffff, 0xffffffffffffffff, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f0000000240)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200), 0x175d900f) 13:20:34 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffbd150a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:20:34 executing program 5: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_opts(r0, 0x29, 0x3b, &(0x7f0000000200)=@fragment, 0x8) setsockopt$inet6_int(r0, 0x29, 0x38, &(0x7f0000000040)=0x9, 0x4) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c) setsockopt$inet6_opts(r0, 0x29, 0x36, &(0x7f0000000100)=ANY=[], 0x8) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c) r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) recvmmsg(r0, &(0x7f00000009c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 13:20:34 executing program 1: sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(0xffffffffffffffff, 0x0, 0x4000880) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) setrlimit(0x0, 0x0) recvmmsg(r1, &(0x7f00000000c0)=[{{0x0, 0x0, 0x0}}], 0x2b, 0x0, 0x0) pipe(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0xfffffd82) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8486, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7ffffffffffff, 0xffffffffffffffff, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f0000000240)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200), 0x175d900f) [ 792.482442][T11580] loop4: detected capacity change from 0 to 170241 13:20:34 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffbe150a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:20:34 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x300000b, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) writev(r0, &(0x7f0000000100)=[{&(0x7f00000002c0)="390000001300034700bb65e1c3e4ffff060000001a0000004500000025000000190004000400ad000200000000000006040000000000000000", 0x39}], 0x1) [ 792.525587][T11580] loop4: p1 p2 p3 p4 [ 792.529830][T11580] loop4: p1 size 11292159 extends beyond EOD, truncated [ 792.543644][T11580] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:20:34 executing program 2: sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(0xffffffffffffffff, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) setrlimit(0x6, 0x0) recvmmsg(r1, &(0x7f00000000c0)=[{{0x0, 0x0, 0x0}}], 0x2b, 0x0, 0x0) pipe(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0xfffffd82) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8486, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7ffffffffffff, 0xffffffffffffffff, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f0000000240)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200), 0x175d900f) 13:20:34 executing program 0: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x188012, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x100000000000008d, 0x4, 0x0) ioctl$RTC_SET_TIME(r0, 0x4024700a, 0x0) [ 792.590273][T11612] netlink: 'syz-executor.0': attribute type 4 has an invalid length. [ 792.600139][T11616] netlink: 'syz-executor.0': attribute type 4 has an invalid length. [ 792.622054][T11614] loop4: detected capacity change from 0 to 44288 13:20:34 executing program 1: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d) bind$inet(r0, &(0x7f0000000440)={0x2, 0x4e23, @broadcast}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4) setsockopt$sock_int(r0, 0x1, 0x0, &(0x7f0000000600)=0x1801, 0x4) sendmmsg(r0, &(0x7f0000004800)=[{{0x0, 0x0, &(0x7f0000002d00)=[{&(0x7f0000000200)="046837a94c18418c35f9fed27f3f1b0ac0e5d3127ce99d08bde4fb5e148532910895d8d492510fbc626ae415bf2bb16ba6aff62613a4e16d1081cbbcf04dfa425c52db999c72fb355ac34fe9848d3ae03b6a66da5501992ed3457ce9abbe094afb982c78025d321b2f0b96e2c5bad1d816fa44e95923c19cdec8dca5a4f540cf40f16924760af50631b90ea49c76d3d0a42991339bd4ba97ed666c4601be6586a12a86a7bcef4ad3a859cc8f075972259f3d9a4cb40c56ece56a67ecdc924b2cdee2946b2d83", 0xc6}, {&(0x7f0000002340)="718891", 0x3}], 0x2}}, {{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="8937cc9d9afa064524eb42331ba3c46dbba08b9d0257db7da5a9f150", 0x1c}], 0x1}}, {{0x0, 0x0, &(0x7f0000002540)=[{&(0x7f0000002440)}], 0x1}}], 0x3, 0x0) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x10, 0x0, 0x27) [ 792.668458][T11614] loop4: p1 p2 p3 p4 [ 792.677955][T11614] loop4: p1 size 11292159 extends beyond EOD, truncated [ 792.689272][T11614] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:20:37 executing program 3: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac", 0x7c}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1e) ptrace$cont(0x18, 0x0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) 13:20:37 executing program 0: r0 = socket(0x29, 0x2, 0x0) syz_genetlink_get_family_id$fou(&(0x7f0000001340), r0) sendmsg$TCPDIAG_GETSOCK(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0) 13:20:37 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffbf150a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:20:37 executing program 1: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001240)={0xffffffffffffffff}) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000001500)={'batadv_slave_0\x00'}) 13:20:37 executing program 2: sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(0xffffffffffffffff, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) setrlimit(0x6, 0x0) recvmmsg(r1, &(0x7f00000000c0)=[{{0x0, 0x0, 0x0}}], 0x2b, 0x0, 0x0) pipe(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0xfffffd82) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8486, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7ffffffffffff, 0xffffffffffffffff, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f0000000240)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200), 0x175d900f) 13:20:37 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001240)) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, 0x0) 13:20:37 executing program 5: pselect6(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x3}, &(0x7f0000000100), 0x0) 13:20:37 executing program 1: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001240)) 13:20:37 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SEG6_CMD_SETHMAC(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={0x0}}, 0x0) 13:20:37 executing program 5: r0 = socket(0x29, 0x2, 0x0) sendmsg$BATADV_CMD_GET_DAT_CACHE(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x14}, 0x14}}, 0x0) sendmsg$BATADV_CMD_GET_TRANSTABLE_LOCAL(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14}, 0x14}}, 0x48080) [ 795.510529][T11673] loop4: detected capacity change from 0 to 264192 13:20:37 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SEG6_CMD_SETHMAC(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={0x0}}, 0x4a052f0b5d978d77) [ 795.561358][T11673] loop4: p1 p2 p3 p4 [ 795.569546][T11673] loop4: p1 size 11292159 extends beyond EOD, truncated [ 795.587789][T11673] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:20:37 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nbd(&(0x7f00000001c0), r1) sendmsg$NBD_CMD_RECONFIGURE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)={0x1c, r2, 0x1, 0x0, 0x0, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x0}]}, 0x1c}}, 0x0) 13:20:40 executing program 3: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac", 0x7c}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1e) ptrace$cont(0x18, 0x0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) 13:20:40 executing program 0: r0 = socket(0x29, 0x2, 0x0) sendmsg$BATADV_CMD_GET_TRANSTABLE_LOCAL(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x48080) 13:20:40 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SEG6_CMD_SETHMAC(r0, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x0) 13:20:40 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0150a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:20:40 executing program 5: r0 = socket(0x29, 0x2, 0x0) sendmsg$BATADV_CMD_GET_TRANSTABLE_LOCAL(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0}, 0x300}, 0x0) 13:20:40 executing program 1: r0 = socket(0x29, 0x2, 0x0) sendmsg$BATADV_CMD_GET_DAT_CACHE(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={0x0}}, 0x40880) 13:20:40 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NBD_CMD_STATUS(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x0, 0x90d1dd88c4ff781f}, 0x14}}, 0x0) 13:20:40 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SEG6_CMD_SETHMAC(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={0x0}}, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000000440), r0) 13:20:40 executing program 1: r0 = socket(0x2a, 0x2, 0x0) getsockname(r0, 0x0, &(0x7f00000000c0)) 13:20:40 executing program 5: r0 = socket(0x18, 0x0, 0x1) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8995, &(0x7f0000000000)={'batadv_slave_1\x00'}) [ 798.543696][T11748] loop4: detected capacity change from 0 to 264192 13:20:40 executing program 2: r0 = socket(0x28, 0x1, 0x0) syz_genetlink_get_family_id$fou(&(0x7f0000001340), r0) [ 798.597468][T11748] loop4: p1 p2 p3 p4 [ 798.617085][T11748] loop4: p1 size 11292159 extends beyond EOD, truncated 13:20:40 executing program 0: r0 = socket(0x29, 0x2, 0x0) syz_genetlink_get_family_id$fou(&(0x7f0000001340), r0) [ 798.644886][T11748] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 798.736980][T11748] loop4: detected capacity change from 0 to 264192 [ 798.795628][T11748] loop4: p1 p2 p3 p4 [ 798.799691][T11748] loop4: p1 size 11292159 extends beyond EOD, truncated [ 798.808470][T11748] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 798.817990][ T1036] loop4: p1 p2 p3 p4 [ 798.822375][ T1036] loop4: p1 size 11292159 extends beyond EOD, truncated [ 798.830504][ T1036] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:20:43 executing program 3: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac", 0x7c}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1e) ptrace$cont(0x18, 0x0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) 13:20:43 executing program 1: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001240)={0xffffffffffffffff}) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, 0x0) 13:20:43 executing program 5: syz_genetlink_get_family_id$SEG6(&(0x7f0000000280), 0xffffffffffffffff) syz_genetlink_get_family_id$batadv(&(0x7f0000000440), 0xffffffffffffffff) 13:20:43 executing program 2: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d) bind$inet(r0, &(0x7f0000000440)={0x2, 0x4e23, @broadcast}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0x1801, 0x4) sendmmsg(r0, &(0x7f0000004800)=[{{0x0, 0x0, &(0x7f0000002d00)=[{&(0x7f0000000200)="046837a94c18418c35f9fed27f3f1b0ac0e5d3127ce99d08bde4fb5e148532910895d8d492510fbc626ae415bf2bb16ba6aff62613a4e16d1081cbbcf04dfa425c52db999c72fb355ac34fe9848d3ae03b6a66da5501992ed3457ce9abbe094afb982c78025d321b2f0b96e2c5bad1d816fa44e95923c19cdec8dca5a4f540cf40f16924760af50631b90ea49c76d3d0a42991339bd4ba97ed666c4601be6586a12a86a7bcef4ad3a859cc8f075972259f3d9a4cb40c56ece56a67ecdc924b2cdee2946b2d83", 0xc6}, {&(0x7f0000002340)="718891", 0x3}], 0x2}}], 0x1, 0x0) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x10, 0x0, 0x27) 13:20:43 executing program 0: r0 = socket$inet6(0x10, 0x3, 0x0) sendto$inet6(r0, &(0x7f0000000240)="1c0000001200050f0c1000000049b23e9b200a00080001c000000001", 0x1c, 0x0, 0x0, 0x0) recvfrom$inet6(r0, 0x0, 0x0, 0x0, 0x0, 0x0) recvfrom$inet6(r0, 0x0, 0x34, 0x0, 0x0, 0x0) recvfrom$inet6(r0, &(0x7f0000000000)=""/114, 0x314aaee635b9c1b6, 0x0, 0x0, 0xfffffffffffffeeb) write(0xffffffffffffffff, &(0x7f0000000000)="15000000140007", 0x7) sendto$inet6(0xffffffffffffffff, &(0x7f0000000000)="ffad000010", 0x5, 0x0, 0x0, 0x0) r1 = socket$inet6(0x10, 0x3, 0x0) sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0) sendto$inet6(r1, &(0x7f0000000000)='\x00', 0x10a69, 0x10, 0x0, 0x4b6ae4f95a5de3b2) 13:20:43 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff00160a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:20:43 executing program 1: openat$random(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r0 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000000), 0x2, 0x0) fsetxattr(r0, &(0x7f00000000c0)=@known='trusted.overlay.redirect\x00', 0x0, 0x0, 0x1) 13:20:43 executing program 5: mprotect(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0) sigaltstack(&(0x7f0000ffc000/0x3000)=nil, 0x0) [ 801.556911][T11835] loop4: detected capacity change from 0 to 264192 13:20:43 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff40160a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 801.602743][T11849] netlink: 44256 bytes leftover after parsing attributes in process `syz-executor.0'. [ 801.625682][T11835] loop4: p1 p2 p3 p4 [ 801.629921][T11835] loop4: p1 size 11292159 extends beyond EOD, truncated [ 801.641494][T11835] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:20:43 executing program 5: mlock(&(0x7f0000ffc000/0x2000)=nil, 0x2000) mincore(&(0x7f0000ff9000/0x4000)=nil, 0x4000, &(0x7f0000000000)=""/197) mlock(&(0x7f0000ff9000/0x4000)=nil, 0x4000) 13:20:43 executing program 1: r0 = socket(0xa, 0x2, 0x0) getsockopt$IPT_SO_GET_REVISION_TARGET(r0, 0x29, 0x12, 0x0, &(0x7f0000000340)) 13:20:43 executing program 1: syz_genetlink_get_family_id$SEG6(0x0, 0xffffffffffffffff) syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff) [ 801.734882][T11879] loop4: detected capacity change from 0 to 264192 [ 801.800216][T11879] loop4: p1 p2 p3 p4 [ 801.808155][T11879] loop4: p1 size 11292159 extends beyond EOD, truncated [ 801.828695][T11879] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:20:46 executing program 3: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac", 0x7c}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1e) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xffffffffffffffff, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) 13:20:46 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d) bind$inet(r0, &(0x7f0000000440)={0x2, 0x4e23, @broadcast}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0x1801, 0x4) sendmmsg(r0, &(0x7f0000004800)=[{{0x0, 0x0, &(0x7f0000002d00)=[{&(0x7f0000000200)="046837a94c18418c35f9fed27f3f1b0ac0", 0x11}], 0x1}}, {{0x0, 0x0, &(0x7f00000003c0)=[{0x0}], 0x1}}, {{0x0, 0x0, &(0x7f0000002540)=[{0x0}], 0x1}}], 0x3, 0x0) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x10, 0x0, 0x27) 13:20:46 executing program 1: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_opts(r0, 0x29, 0x3b, &(0x7f0000000200)=@fragment, 0x8) setsockopt$inet6_int(r0, 0x29, 0x38, &(0x7f0000000040)=0x9, 0x4) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c) setsockopt$inet6_opts(r0, 0x29, 0x36, &(0x7f0000000100)=ANY=[], 0x8) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c) recvmmsg(r0, &(0x7f00000009c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 13:20:46 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff80160a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:20:46 executing program 0: r0 = socket$inet6_udplite(0x1c, 0x2, 0x88) getsockopt$sock_int(r0, 0xffff, 0x400, &(0x7f0000000000), &(0x7f0000000080)=0x4) 13:20:46 executing program 2: setreuid(0xee00, 0xee00) syz_mount_image$tmpfs(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 13:20:46 executing program 2: setreuid(0xee00, 0x0) setreuid(0x0, 0xffffffffffffffff) 13:20:46 executing program 5: socketpair(0x26, 0x5, 0x9, &(0x7f0000000200)) [ 804.600586][T11916] loop4: detected capacity change from 0 to 264192 [ 804.637408][T11916] loop4: p1 p2 p3 p4 13:20:46 executing program 0: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffb2150a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:20:46 executing program 2: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 804.652437][T11916] loop4: p1 size 11292159 extends beyond EOD, truncated [ 804.681216][T11916] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:20:46 executing program 5: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9401eff0a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 804.698250][T11943] loop0: detected capacity change from 0 to 44288 [ 804.738849][T11943] loop0: p1 p2 p3 p4 [ 804.748795][T11943] loop0: p1 size 11292159 extends beyond EOD, truncated [ 804.759681][T11943] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 804.766979][T11916] loop4: detected capacity change from 0 to 264192 [ 804.773691][T11949] loop2: detected capacity change from 0 to 44288 13:20:47 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36c6d6", 0xc8}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) [ 804.816264][T11949] loop2: p1 p2 p3 p4 [ 804.820815][T11965] loop5: detected capacity change from 0 to 88321 [ 804.829335][T11949] loop2: p1 size 11292159 extends beyond EOD, truncated [ 804.842491][T11949] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 804.881437][T11965] loop5: p1 p2 p3 p4 [ 804.885533][T11916] loop4: p1 p2 p3 p4 [ 804.889642][T11916] loop4: p1 size 11292159 extends beyond EOD, truncated [ 804.902019][T11965] loop5: p1 size 11292159 extends beyond EOD, truncated [ 804.921084][T11916] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 804.924350][T11965] loop5: p4 size 3657465856 extends beyond EOD, truncated 13:20:49 executing program 3: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac", 0x7c}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1e) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xffffffffffffffff, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) 13:20:49 executing program 2: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:20:49 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0160a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:20:49 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36", 0xc6}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:20:49 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66", 0x97}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) [ 807.611093][T12025] loop4: detected capacity change from 0 to 44288 [ 807.630622][T12031] loop2: detected capacity change from 0 to 44288 13:20:49 executing program 2: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:20:49 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff00170a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 807.665577][T12025] loop4: p1 p2 p3 p4 [ 807.669892][T12025] loop4: p1 size 11292159 extends beyond EOD, truncated [ 807.677467][T12031] loop2: p1 p2 p3 p4 [ 807.679169][T12025] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 807.684883][T12031] loop2: p1 size 11292159 extends beyond EOD, truncated [ 807.699325][T12031] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 807.771522][T12066] loop2: detected capacity change from 0 to 44288 [ 807.772552][T12065] loop4: detected capacity change from 0 to 104705 [ 807.805825][T12066] loop2: p1 p2 p3 p4 [ 807.810084][T12066] loop2: p1 size 11292159 extends beyond EOD, truncated 13:20:50 executing program 2: syz_read_part_table(0x0, 0x0, 0x0) 13:20:50 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36c6d6", 0xc8}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) [ 807.817840][T12065] loop4: p1 p2 p3 p4 [ 807.818317][T12066] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 807.822367][T12065] loop4: p1 size 11292159 extends beyond EOD, truncated [ 807.839347][ T1036] loop2: p1 p2 p3 p4 [ 807.843666][ T1036] loop2: p1 size 11292159 extends beyond EOD, truncated [ 807.852462][T12065] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 807.861236][ T1036] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 807.897636][T12032] blk_update_request: I/O error, dev loop4, sector 104576 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 807.912093][T12042] blk_update_request: I/O error, dev loop4, sector 8 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 807.923626][T12065] __loop_clr_fd: partition scan of loop4 failed (rc=-16) [ 807.925085][T12036] blk_update_request: I/O error, dev loop4, sector 233 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 807.948473][T12065] loop4: detected capacity change from 0 to 104705 [ 807.948832][ T881] blk_update_request: I/O error, dev loop4, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 807.966108][ T881] Buffer I/O error on dev loop4p2, logical block 8, async page read 13:20:50 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff40170a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 807.994708][T12065] loop_reread_partitions: partition scan of loop4 () failed (rc=-16) 13:20:50 executing program 2: syz_read_part_table(0x0, 0x0, 0x0) [ 808.089010][T12116] loop4: detected capacity change from 0 to 170241 13:20:50 executing program 2: syz_read_part_table(0x0, 0x0, 0x0) [ 808.148805][T12116] loop4: p1 p2 p3 p4 [ 808.159797][T12116] loop4: p1 size 11292159 extends beyond EOD, truncated [ 808.169800][T12116] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 808.236625][T12116] loop4: detected capacity change from 0 to 170241 [ 808.278357][T12116] loop4: p1 p2 p3 p4 [ 808.282768][T12116] loop4: p1 size 11292159 extends beyond EOD, truncated [ 808.291216][T12116] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 808.387174][T12032] blk_update_request: I/O error, dev loop4, sector 170112 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 808.390235][T12106] blk_update_request: I/O error, dev loop4, sector 8 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 808.400375][T12093] blk_update_request: I/O error, dev loop4, sector 233 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 808.410924][ T881] blk_update_request: I/O error, dev loop4, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 808.423037][T12091] blk_update_request: I/O error, dev loop4, sector 170112 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 808.432330][ T881] Buffer I/O error on dev loop4p2, logical block 8, async page read [ 808.444238][ T1796] __loop_clr_fd: partition scan of loop4 failed (rc=-16) [ 808.459543][ T616] blk_update_request: I/O error, dev loop4, sector 170112 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 808.471033][ T616] Buffer I/O error on dev loop4p1, logical block 170112, async page read [ 808.479496][ T616] Buffer I/O error on dev loop4p2, logical block 9, async page read [ 808.487601][ T616] Buffer I/O error on dev loop4p2, logical block 10, async page read [ 808.495759][ T616] Buffer I/O error on dev loop4p2, logical block 11, async page read [ 808.503974][ T616] Buffer I/O error on dev loop4p2, logical block 12, async page read [ 808.512090][ T616] Buffer I/O error on dev loop4p2, logical block 13, async page read [ 808.520186][ T616] Buffer I/O error on dev loop4p2, logical block 14, async page read [ 808.528261][ T616] Buffer I/O error on dev loop4p2, logical block 15, async page read 13:20:52 executing program 3: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac", 0x7c}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1e) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xffffffffffffffff, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) 13:20:52 executing program 2: syz_read_part_table(0x0, 0x0, &(0x7f0000000000)) 13:20:52 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff80170a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:20:52 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36", 0xc6}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:20:52 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66", 0x97}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) [ 810.665402][T12181] loop4: detected capacity change from 0 to 235777 [ 810.697364][T12181] loop4: p1 p2 p3 p4 [ 810.701523][T12181] loop4: p1 size 11292159 extends beyond EOD, truncated 13:20:52 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0170a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 810.710099][T12181] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:20:52 executing program 2: syz_read_part_table(0x0, 0x0, &(0x7f0000000000)) 13:20:52 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff00180a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 810.819354][T12223] loop4: detected capacity change from 0 to 264192 [ 810.861579][T12223] loop4: p1 p2 p3 p4 [ 810.866702][T12223] loop4: p1 size 11292159 extends beyond EOD, truncated [ 810.876780][T12223] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:20:53 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36c6d6", 0xc8}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:20:53 executing program 2: syz_read_part_table(0x0, 0x0, &(0x7f0000000000)) 13:20:53 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff40180a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 810.967185][T12253] loop4: detected capacity change from 0 to 264192 13:20:53 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{0x0, 0x0, 0x1c0}]) [ 811.015977][T12253] loop4: p1 p2 p3 p4 [ 811.031156][T12253] loop4: p1 size 11292159 extends beyond EOD, truncated [ 811.043996][T12260] loop2: detected capacity change from 0 to 1 [ 811.045988][T12253] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 811.107079][T12253] loop4: detected capacity change from 0 to 264192 [ 811.159389][T12253] loop4: p1 p2 p3 p4 [ 811.163683][T12253] loop4: p1 size 11292159 extends beyond EOD, truncated [ 811.173300][T12253] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:20:55 executing program 3: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac", 0x7c}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1e) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) 13:20:55 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{0x0, 0x0, 0x1c0}]) 13:20:55 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff80180a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:20:55 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36", 0xc6}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:20:55 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66", 0x97}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) [ 813.692816][T12295] loop4: detected capacity change from 0 to 264192 [ 813.700433][T12297] loop2: detected capacity change from 0 to 1 13:20:55 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{0x0, 0x0, 0x1c0}]) [ 813.746678][T12295] loop4: p1 p2 p3 p4 [ 813.751381][T12295] loop4: p1 size 11292159 extends beyond EOD, truncated [ 813.760958][T12295] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 813.823701][T12295] loop4: detected capacity change from 0 to 264192 [ 813.834441][T12325] loop2: detected capacity change from 0 to 1 13:20:56 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000040), 0x0, 0x1c0}]) [ 813.880712][ T1036] loop4: p1 p2 p3 p4 [ 813.890625][ T1036] loop4: p1 size 11292159 extends beyond EOD, truncated [ 813.902216][ T1036] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 813.912084][T12295] loop4: p1 p2 p3 p4 [ 813.917222][T12295] loop4: p1 size 11292159 extends beyond EOD, truncated 13:20:56 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36c6d6", 0xc8}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$cont(0x9, r1, 0x0, 0x0) [ 813.928441][T12295] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:20:56 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0180a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 813.960274][T12351] loop2: detected capacity change from 0 to 1 [ 813.982010][ T1036] loop4: p1 p2 p3 p4 [ 813.986994][ T1036] loop4: p1 size 11292159 extends beyond EOD, truncated [ 813.997026][ T1036] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:20:56 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000040), 0x0, 0x1c0}]) [ 814.058860][T12373] loop4: detected capacity change from 0 to 44288 [ 814.087945][T12373] loop4: p1 p2 p3 p4 [ 814.093982][T12377] loop2: detected capacity change from 0 to 1 [ 814.096196][T12373] loop4: p1 size 11292159 extends beyond EOD, truncated 13:20:56 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff00190a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:20:56 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000040), 0x0, 0x1c0}]) [ 814.109628][T12373] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 814.188510][T12393] loop4: detected capacity change from 0 to 100609 [ 814.247797][T12393] loop4: p1 p2 p3 p4 [ 814.256010][T12393] loop4: p1 size 11292159 extends beyond EOD, truncated [ 814.263211][T12399] loop2: detected capacity change from 0 to 1 [ 814.264490][T12393] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 814.314749][T12393] loop4: detected capacity change from 0 to 100609 [ 814.345686][T12393] loop4: p1 p2 p3 p4 [ 814.350712][T12393] loop4: p1 size 11292159 extends beyond EOD, truncated [ 814.360158][T12393] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 814.447474][T12302] print_req_error: 168 callbacks suppressed [ 814.447488][T12302] blk_update_request: I/O error, dev loop4, sector 233 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 814.447755][T12327] blk_update_request: I/O error, dev loop4, sector 100480 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 814.453985][ T881] blk_update_request: I/O error, dev loop4, sector 233 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 814.469131][T12292] blk_update_request: I/O error, dev loop4, sector 8 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 814.478340][ T881] buffer_io_error: 141 callbacks suppressed [ 814.478353][ T881] Buffer I/O error on dev loop4p3, logical block 1, async page read [ 814.491146][ T1796] __loop_clr_fd: partition scan of loop4 failed (rc=-16) [ 814.511752][T12326] blk_update_request: I/O error, dev loop4, sector 100480 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 814.521229][ T616] blk_update_request: I/O error, dev loop4, sector 100480 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 814.549044][ T616] Buffer I/O error on dev loop4p4, logical block 100480, async page read [ 814.558303][ T616] blk_update_request: I/O error, dev loop4, sector 100480 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 814.570253][ T616] Buffer I/O error on dev loop4p1, logical block 100480, async page read [ 814.578973][ T616] blk_update_request: I/O error, dev loop4, sector 100481 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 814.591690][ T616] Buffer I/O error on dev loop4p1, logical block 100481, async page read [ 814.601303][ T616] blk_update_request: I/O error, dev loop4, sector 100481 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 814.614854][ T616] Buffer I/O error on dev loop4p4, logical block 100481, async page read [ 814.624137][ T616] blk_update_request: I/O error, dev loop4, sector 100482 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 814.637314][ T616] Buffer I/O error on dev loop4p1, logical block 100482, async page read [ 814.646850][ T616] Buffer I/O error on dev loop4p4, logical block 100482, async page read [ 814.657167][ T616] Buffer I/O error on dev loop4p1, logical block 100483, async page read [ 814.666322][ T616] Buffer I/O error on dev loop4p4, logical block 100483, async page read [ 814.676043][ T616] Buffer I/O error on dev loop4p1, logical block 100484, async page read 13:20:58 executing program 3: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac", 0x7c}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1e) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) 13:20:58 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ff", 0x20, 0x1c0}]) 13:20:58 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff40190a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:20:58 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66", 0x97}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$cont(0x9, r1, 0x0, 0x0) 13:20:58 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36", 0xc6}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$cont(0x9, r1, 0x0, 0x0) 13:20:58 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ff", 0x20, 0x1c0}]) [ 816.724159][T12435] loop2: detected capacity change from 0 to 1 [ 816.732499][T12440] loop4: detected capacity change from 0 to 166145 [ 816.769235][T12440] loop4: p1 p2 p3 p4 [ 816.783350][T12440] loop4: p1 size 11292159 extends beyond EOD, truncated [ 816.795878][T12440] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 816.809590][T12457] loop2: detected capacity change from 0 to 1 13:20:59 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ff", 0x20, 0x1c0}]) [ 816.872834][T12440] loop4: detected capacity change from 0 to 166145 [ 816.906195][T12477] loop2: detected capacity change from 0 to 1 [ 816.916140][T12440] loop4: p1 p2 p3 p4 13:20:59 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36c6d6", 0xc8}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$cont(0x9, r1, 0x0, 0x0) 13:20:59 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff80190a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 816.922351][T12440] loop4: p1 size 11292159 extends beyond EOD, truncated [ 816.933069][T12440] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:20:59 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e1000000887712720030", 0x30, 0x1c0}]) 13:20:59 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e1000000887712720030", 0x30, 0x1c0}]) [ 817.054693][T12493] loop2: detected capacity change from 0 to 1 [ 817.083640][T12503] loop4: detected capacity change from 0 to 231681 13:20:59 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0190a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 817.116532][T12503] loop4: p1 p2 p3 p4 [ 817.120638][T12503] loop4: p1 size 11292159 extends beyond EOD, truncated [ 817.135388][T12503] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 817.150625][T12514] loop2: detected capacity change from 0 to 1 [ 817.199938][T12524] loop4: detected capacity change from 0 to 264192 [ 817.235805][T12524] loop4: p1 p2 p3 p4 [ 817.240872][T12524] loop4: p1 size 11292159 extends beyond EOD, truncated [ 817.260494][T12524] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 817.323102][T12524] loop4: detected capacity change from 0 to 264192 [ 817.374757][T12524] loop4: p1 p2 p3 p4 [ 817.381974][T12524] loop4: p1 size 11292159 extends beyond EOD, truncated [ 817.391216][T12524] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:21:01 executing program 3: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac", 0x7c}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1e) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) 13:21:01 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e1000000887712720030", 0x30, 0x1c0}]) 13:21:01 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff001a0a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:21:01 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36", 0xc6}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$cont(0x9, r1, 0x0, 0x0) 13:21:01 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66", 0x97}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$cont(0x9, r1, 0x0, 0x0) [ 819.757517][T12563] loop4: detected capacity change from 0 to 264192 [ 819.768743][T12573] loop2: detected capacity change from 0 to 1 13:21:02 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff0000", 0x38, 0x1c0}]) 13:21:02 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff401a0a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 819.815597][T12563] loop4: p1 p2 p3 p4 [ 819.820866][T12563] loop4: p1 size 11292159 extends beyond EOD, truncated [ 819.841363][T12563] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 819.894650][T12590] loop2: detected capacity change from 0 to 1 [ 819.939931][T12603] loop4: detected capacity change from 0 to 264192 13:21:02 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36c6d6", 0xc8}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$cont(0x9, r1, 0x0, 0x0) 13:21:02 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff0000", 0x38, 0x1c0}]) [ 820.005040][T12603] loop4: p1 p2 p3 p4 [ 820.011481][T12603] loop4: p1 size 11292159 extends beyond EOD, truncated [ 820.021314][T12603] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 820.043750][T12615] loop2: detected capacity change from 0 to 1 [ 820.089812][T12603] loop4: detected capacity change from 0 to 264192 13:21:02 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff0000", 0x38, 0x1c0}]) 13:21:02 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff801a0a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 820.154898][T12603] loop4: p1 p2 p3 p4 [ 820.164483][T12603] loop4: p1 size 11292159 extends beyond EOD, truncated [ 820.173804][T12603] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 820.191889][T12637] loop2: detected capacity change from 0 to 1 13:21:02 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff000000000080", 0x3c, 0x1c0}]) [ 820.311750][T12649] loop2: detected capacity change from 0 to 1 [ 820.368257][T12651] loop4: detected capacity change from 0 to 264192 [ 820.409860][T12651] loop4: p1 p2 p3 p4 [ 820.414498][T12651] loop4: p1 size 11292159 extends beyond EOD, truncated [ 820.424282][T12651] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 820.468632][T12651] loop4: detected capacity change from 0 to 264192 [ 820.525676][T12651] loop4: p1 p2 p3 p4 [ 820.529963][T12651] loop4: p1 size 11292159 extends beyond EOD, truncated [ 820.538356][T12651] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:21:04 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff000000000080", 0x3c, 0x1c0}]) 13:21:04 executing program 3: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac", 0x7c}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1e) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, 0x0) ptrace$cont(0x9, r0, 0x0, 0x0) 13:21:04 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc01a0a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:21:04 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36", 0xc6}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$cont(0x9, r1, 0x0, 0x0) 13:21:04 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66", 0x97}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$cont(0x9, r1, 0x0, 0x0) 13:21:04 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff000000000080", 0x3c, 0x1c0}]) [ 822.764478][T12688] loop2: detected capacity change from 0 to 1 13:21:05 executing program 3: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac", 0x7c}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1e) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, 0x0) ptrace$cont(0x9, r0, 0x0, 0x0) [ 822.818676][T12698] loop4: detected capacity change from 0 to 44288 [ 822.866166][T12698] loop4: p1 p2 p3 p4 [ 822.870493][T12698] loop4: p1 size 11292159 extends beyond EOD, truncated [ 822.882514][T12718] loop2: detected capacity change from 0 to 1 [ 822.883309][T12698] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 822.960875][T12698] loop4: detected capacity change from 0 to 44288 [ 822.996205][T12698] loop4: p1 p2 p3 p4 [ 823.000335][T12698] loop4: p1 size 11292159 extends beyond EOD, truncated [ 823.008819][T12698] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:21:05 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36c6d6", 0xc8}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:21:05 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da", 0x3e, 0x1c0}]) 13:21:05 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff001b0a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 823.040472][ T1036] loop4: p1 p2 p3 p4 [ 823.044562][ T1036] loop4: p1 size 11292159 extends beyond EOD, truncated [ 823.066932][ T1036] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 823.077460][T12749] loop2: detected capacity change from 0 to 1 13:21:05 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da", 0x3e, 0x1c0}]) 13:21:05 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da", 0x3e, 0x1c0}]) [ 823.215938][T12765] loop2: detected capacity change from 0 to 1 [ 823.239585][T12766] loop4: detected capacity change from 0 to 96513 13:21:05 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55", 0x3f, 0x1c0}]) [ 823.267719][T12775] loop2: detected capacity change from 0 to 1 [ 823.285707][T12766] loop4: p1 p2 p3 p4 [ 823.289923][T12766] loop4: p1 size 11292159 extends beyond EOD, truncated [ 823.300752][T12766] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:21:05 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55", 0x3f, 0x1c0}]) [ 823.344187][T12786] loop2: detected capacity change from 0 to 1 [ 823.355164][T12766] loop4: detected capacity change from 0 to 96513 [ 823.391829][T12766] loop4: p1 p2 p3 p4 [ 823.396106][T12766] loop4: p1 size 11292159 extends beyond EOD, truncated [ 823.404568][T12766] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 823.421291][T12803] loop2: detected capacity change from 0 to 1 [ 823.437788][ T1036] loop4: p1 p2 p3 p4 13:21:05 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff401b0a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 823.441902][ T1036] loop4: p1 size 11292159 extends beyond EOD, truncated [ 823.452240][ T1036] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 823.515926][T12823] loop4: detected capacity change from 0 to 162049 [ 823.575708][T12823] loop4: p1 p2 p3 p4 [ 823.580296][T12823] loop4: p1 size 11292159 extends beyond EOD, truncated [ 823.588653][T12823] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 823.649727][T12823] loop4: detected capacity change from 0 to 162049 [ 823.705659][T12823] loop4: p1 p2 p3 p4 [ 823.709785][T12823] loop4: p1 size 11292159 extends beyond EOD, truncated [ 823.718510][T12823] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:21:07 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36", 0xc6}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:21:07 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55", 0x3f, 0x1c0}]) 13:21:07 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff801b0a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:21:08 executing program 3: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac", 0x7c}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1e) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, 0x0) ptrace$cont(0x9, r0, 0x0, 0x0) [ 825.810474][T12865] loop2: detected capacity change from 0 to 1 [ 825.820978][T12870] loop4: detected capacity change from 0 to 227585 [ 825.865605][T12870] loop4: p1 p2 p3 p4 [ 825.873711][T12870] loop4: p1 size 11292159 extends beyond EOD, truncated [ 825.885766][T12870] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:21:08 executing program 3: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac", 0x7c}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1e) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0xffffffffffffffff, r0, 0x0, 0x0) 13:21:08 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66", 0x97}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:21:08 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36c6d6", 0xc8}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:21:08 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40}]) 13:21:08 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc01b0a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:21:08 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40}]) [ 826.095969][T12909] loop4: detected capacity change from 0 to 264192 [ 826.135535][T12909] loop4: p1 p2 p3 p4 13:21:08 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff001c0a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 826.139728][T12909] loop4: p1 size 11292159 extends beyond EOD, truncated [ 826.148883][T12909] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:21:08 executing program 2: syz_read_part_table(0x0, 0x1, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40}]) [ 826.314140][T12936] loop4: detected capacity change from 0 to 264192 [ 826.365699][T12936] loop4: p1 p2 p3 p4 [ 826.369918][T12936] loop4: p1 size 11292159 extends beyond EOD, truncated [ 826.380805][T12936] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:21:10 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36", 0xc6}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:21:10 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff401c0a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:21:10 executing program 2: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff401a0a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 828.827984][T12967] loop4: detected capacity change from 0 to 264192 [ 828.840022][T12966] loop2: detected capacity change from 0 to 264192 [ 828.856279][T12967] loop4: p1 p2 p3 p4 [ 828.860371][T12967] loop4: p1 size 11292159 extends beyond EOD, truncated [ 828.870048][T12967] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:21:11 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff801c0a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 828.875566][T12966] loop2: p1 p2 p3 p4 [ 828.886427][T12966] loop2: p1 size 11292159 extends beyond EOD, truncated [ 828.902907][T12966] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 828.958574][T12988] loop4: detected capacity change from 0 to 264192 [ 829.012798][T12988] loop4: p1 p2 p3 p4 [ 829.019771][T12988] loop4: p1 size 11292159 extends beyond EOD, truncated [ 829.032550][T12988] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:21:11 executing program 3: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac", 0x7c}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1e) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0xffffffffffffffff, r0, 0x0, 0x0) 13:21:11 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66", 0x97}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:21:11 executing program 2: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff40190a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:21:11 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc01c0a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:21:11 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36c6d6", 0xc8}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:21:11 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66", 0x97}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:21:11 executing program 3: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac", 0x7c}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1e) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0xffffffffffffffff, r0, 0x0, 0x0) [ 829.135652][T13018] loop2: detected capacity change from 0 to 166145 [ 829.156702][T13030] loop4: detected capacity change from 0 to 44288 13:21:11 executing program 2: syz_read_part_table(0x0, 0x0, &(0x7f0000000000)) [ 829.197056][T13018] loop2: p1 p2 p3 p4 [ 829.201244][T13018] loop2: p1 size 11292159 extends beyond EOD, truncated [ 829.209634][T13030] loop4: p1 p2 p3 p4 [ 829.213989][T13030] loop4: p1 size 11292159 extends beyond EOD, truncated [ 829.222577][T13018] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 829.227648][T13030] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:21:14 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff001d0a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:21:14 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36", 0xc6}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:21:14 executing program 2: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a90013ff0a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 831.868639][T13078] loop4: detected capacity change from 0 to 92417 [ 831.875911][T13075] loop2: detected capacity change from 0 to 264192 [ 831.915728][T13075] loop2: p1 p2 p3 p4 [ 831.920080][T13075] loop2: p1 size 11292159 extends beyond EOD, truncated [ 831.937356][T13075] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 831.945928][T13078] loop4: p1 p2 p3 p4 [ 831.950069][T13078] loop4: p1 size 11292159 extends beyond EOD, truncated 13:21:14 executing program 2: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0204a9ffffff0a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 831.965066][T13078] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:21:14 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff401d0a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 832.075634][T13105] loop2: detected capacity change from 0 to 44288 13:21:14 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36c6d6", 0xc8}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:21:14 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66", 0x97}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) [ 832.122756][T13105] loop2: p1 p2 p3 p4 [ 832.127044][T13105] loop2: p1 size 11292159 extends beyond EOD, truncated [ 832.146821][T13105] loop2: p4 size 3657465856 extends beyond EOD, truncated [ 832.154172][T13114] loop4: detected capacity change from 0 to 157953 13:21:14 executing program 3: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac", 0x7c}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1e) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, 0x0, 0x0, 0x0) [ 832.217781][T13097] print_req_error: 134 callbacks suppressed [ 832.217795][T13097] blk_update_request: I/O error, dev loop2, sector 44160 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 832.238063][T13076] blk_update_request: I/O error, dev loop2, sector 8 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 832.256364][T13096] blk_update_request: I/O error, dev loop2, sector 233 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 13:21:14 executing program 2: perf_event_open(&(0x7f0000000cc0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fallocate(r1, 0x0, 0x0, 0x100) perf_event_open(&(0x7f0000000100)={0x0, 0x80, 0x0, 0x3d, 0xff, 0x0, 0x0, 0x7fff, 0x10004, 0x2, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x3, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0xfffffffb, 0x0, @perf_bp={&(0x7f0000000040)}, 0x408, 0x0, 0x73, 0x4, 0x7, 0x6, 0x7fff, 0x0, 0x100, 0x0, 0x5}, 0x0, 0x1000004, r1, 0x1) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r2, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d) pipe2(0x0, 0x0) r3 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000180), 0x400442, 0x0) r4 = socket$inet_udp(0x2, 0x2, 0x0) sendto$inet(r0, &(0x7f00000001c0)="436097926cca2eb26c21ba5398f7404d840751dd894ff39dcde5455c2598a1ae25b08282019a6ec7436f91ce0b4bacd4748dff29165d588188c0c531bd8bc29ca7cf991dc98cc7f945388bb2004e4fb78e82091a5e82743bddd50b71358f98ef52910055fbf757bec4c5eae7baf9c62e606d341569c69f2166d4271168342b6ed07098d9d6376f2c7d4d24b971161678c8bfcca8da34fa995b211fb94ca5f069ab999cb94f688c5290976311154b65e6c6", 0xb1, 0x4000001, &(0x7f0000000080)={0x2, 0x4e23, @rand_addr=0x64010100}, 0x10) tee(r3, r4, 0x0, 0x2) bind$inet(r2, &(0x7f0000000280)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r2, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r2, &(0x7f00000012c0)="1a268a927f1f6588b967480241ba78600453f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27) [ 832.267811][T13105] __loop_clr_fd: partition scan of loop2 failed (rc=-16) [ 832.269156][T13098] blk_update_request: I/O error, dev loop2, sector 44160 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 832.287807][T13114] loop4: p1 p2 p3 p4 [ 832.293159][T13114] loop4: p1 size 11292159 extends beyond EOD, truncated [ 832.322316][ T881] blk_update_request: I/O error, dev loop2, sector 233 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 832.326238][T13114] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 832.334223][ T881] buffer_io_error: 115 callbacks suppressed [ 832.334235][ T881] Buffer I/O error on dev loop2p3, logical block 1, async page read [ 832.355342][ T881] blk_update_request: I/O error, dev loop2, sector 44160 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 832.366593][ T881] Buffer I/O error on dev loop2p4, logical block 5520, async page read [ 832.374940][ T881] blk_update_request: I/O error, dev loop2, sector 44160 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 832.386364][ T881] Buffer I/O error on dev loop2p1, logical block 5520, async page read [ 832.394621][ T881] blk_update_request: I/O error, dev loop2, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 832.405519][ T881] Buffer I/O error on dev loop2p2, logical block 8, async page read [ 832.413527][ T881] blk_update_request: I/O error, dev loop2, sector 9 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 832.424506][ T881] Buffer I/O error on dev loop2p2, logical block 9, async page read [ 832.432538][ T881] blk_update_request: I/O error, dev loop2, sector 10 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 832.444468][ T881] Buffer I/O error on dev loop2p2, logical block 10, async page read [ 832.452599][ T881] Buffer I/O error on dev loop2p2, logical block 11, async page read [ 832.460717][ T881] Buffer I/O error on dev loop2p2, logical block 12, async page read 13:21:14 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff801d0a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 832.468846][ T881] Buffer I/O error on dev loop2p2, logical block 13, async page read [ 832.477240][ T881] Buffer I/O error on dev loop2p2, logical block 14, async page read [ 832.528235][T13163] loop4: detected capacity change from 0 to 223489 [ 832.600697][T13163] loop4: p1 p2 p3 p4 [ 832.604945][T13163] loop4: p1 size 11292159 extends beyond EOD, truncated [ 832.614446][T13163] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 832.629467][ T1036] loop4: p1 p2 p3 p4 [ 832.634028][ T1036] loop4: p1 size 11292159 extends beyond EOD, truncated [ 832.643025][ T1036] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:21:14 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc01d0a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 832.697373][T13163] loop4: detected capacity change from 0 to 223489 [ 832.853076][T13201] loop4: detected capacity change from 0 to 264192 [ 832.895582][T13201] loop4: p1 p2 p3 p4 [ 832.899783][T13201] loop4: p1 size 11292159 extends beyond EOD, truncated [ 832.908706][T13201] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 832.918897][ T1036] loop4: p1 p2 p3 p4 [ 832.923187][ T1036] loop4: p1 size 11292159 extends beyond EOD, truncated [ 832.931957][ T1036] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 832.977565][T13201] loop4: detected capacity change from 0 to 264192 [ 833.028315][T13201] loop4: p1 p2 p3 p4 [ 833.039460][T13201] loop4: p1 size 11292159 extends beyond EOD, truncated [ 833.048216][T13201] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:21:15 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff001e0a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:21:15 executing program 2: r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) openat$cgroup_procs(r0, &(0x7f0000000000)='tasks\x00', 0x2, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000180), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_MESH(r1, &(0x7f0000000280)={0x0, 0x4000000, &(0x7f0000000240)={&(0x7f00000001c0)={0x1c, r2, 0xf, 0x0, 0x0, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r3}]}, 0x1c}}, 0x0) open(&(0x7f0000000300)='./file0\x00', 0x341080, 0x40) sendmsg$BATADV_CMD_GET_HARDIF(r0, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x24, r2, 0x8, 0x70bd28, 0x25dfdbff, {}, [@BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x2}]}, 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x4000811) perf_event_open(&(0x7f0000000cc0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fallocate(r4, 0x0, 0x0, 0x100) perf_event_open(&(0x7f0000000100)={0x0, 0x80, 0x0, 0x3d, 0xff, 0x0, 0x0, 0x400000007fff, 0x10004, 0x2, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x3, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0xfffffffb, 0x0, @perf_bp={&(0x7f0000000040)}, 0x408, 0x0, 0x73, 0x4, 0x7, 0x6, 0x7fff, 0x0, 0x100, 0x0, 0x5}, 0x0, 0x1000004, r4, 0x1) r5 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r5, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d) pipe2(0x0, 0x0) openat$rfkill(0xffffffffffffff9c, &(0x7f0000000180), 0x400442, 0x0) bind$inet(r5, &(0x7f0000000280)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r5, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r5, &(0x7f0000001340)="2cf109f937926e34f8330f8d26e734c27b6554795fc56cddc59cd291892e0855d50dc3ad199b0e4827994c665d90257d2188a8f6fcec8fcb6615278690a527c56b256620cb61dfc86b6145842971907652103ac7585f00323097ef5c83ab5f6486199cef601aba8883a761f7e1c550ce20f9e669a1a791624d94973623369608a03fc5072caf4d9d5ec2d8ed00e95144740713a5dce3c448975b04e6d48b45008a861b923f9a25da098b75f21604cac1cbabfb694cc844589f4330bdf90f94b69a87c7c47000d9cb9fee8c197267e04f5236c82d7980d9439cb4d6de66514bd1f829ee5276bf66a56ec2ce95c2af1f43df69144005b42259e4ffec815b5ffef88894831702a908bcc1c0b9ec91cb161aa972d79d57c6d376f12126ec04298f4f73379ece649a63b0eaa509696e212ee86682c9f18cd9465ce96d660660fcf86c6d76369f64666292e56acc4c7386a6e4a5d2521ed7b389d327b8d8088be2e102674006df76bbbd8d81dd0ce5a5da6ae27b47b1b6418c460a6463644f56a90a2352b980e47d56aee507fd568b9c90e2da99ba681b278662458d88cf9d3ec23a4a75d7ec814b697b444c8a5926fb80165d02b0dd49df67951738b67caaa83f6a12b748143764c77803da30c59cbec046474650a3a9a39f347025f89b716a8d37d636cd48de1ec72180d470505389aec68218b1f96ac26eafe3aa8b3bc0278e80e2b8f7c38e61706f1bf88650510e53ebb15a665504ea74e63ae26ef82f22085503ede00f2b8ff560caffc9fdbcb3a1ec4d55a764a273a35b3638b3542136fd09686cb9953c74b06cbde4c70c48c81beb1cae7dc5e60f177a0efeeb6740f9d0eed2d6aecb89b146e882073646ffefc0a45c67bcb966a5e2998329536e9613ae2f3ff03ff4cb514fd56da3b0c9c1e07c262cacfab07cd00c2215fa2f84e731c4554dffffdb337c074ecea7d30cf90fce388d5ab09e44e14c9babdb3ce7dcd25ae59d769e9f3e6499f018bf9aae5d70f80e8b0c9db2b5dff52ac6977266e8d354c8e7860c57cf58f03c9332fde69b5abcd1acde4a7225c2e210b8dbd95725decfaf510834443805e748b96f207e52c4f1504c8eb4610f56a6c80f5e29444a61a3098539222bc604c34085286f886a970357a739b50e88ab6839fd7fd6a8640dfe72e47643fada62da48c9f9064816d15640e8d180fa9bf0970a51bdd04867a8c61373b03294c79018d33cceb8d8f80c0feb9744ad4c235084bcd9a32e234a297f101894068b1e000893832832bddcb8419695c1b93081a498acbfda0ab62abdd8e893a2e39a14e3329f087fc77bf76dd7a9fb20511eb2e606da768680db98dbf0d1a0ce618f14009fd91d88e8218db63c3d61e42755e1cbaba3547c23e905077a1c60458c812f0b8edb32c4edfe0379b52e62a2ee277f56bb36ca1b019b245d94064783cbcbbe8e3d275d4335ff52a5f52cb101e67d239f9aff8070ecca27922f040795a2ebc5d7cfa9a33f24c5020aa8ea4fd6dcccce653934657ec3e0f3f8cfda8d7582942d50cde90e6dcf293213d4818b956faebc4812bdf35534c770a55239f9e0940f5b0b5fb202d70d2257ba94776eda05367f3c7652b6abc6e7fa006113d87853d8db19b14fbca3a1ead7eb15cd65bff8a8ffc15c3ecc377d54f4d9c2a9034e57f5a43111569186e7537f45a9f4971167caaa2b5d409df3e70875c85baa7fa9ebdbd0f9cf89e1accc7fcb587f4d385d87c734f799220371f67f343be67b2da0d9f2a631a018470545e4c9812da6c85bf509523c2da3d66148d42fc8cf032e617d22a486a589de9e28fbaaf3962260f72110ad0a2ae902992a12d2ad8b93a350a125e2bd90b3be1a1e4a3a20a0ba10a54757cbbb02964016a60c9856d38f705c2dab24bfa2cc6663645f3aafc97bb8d7e7a756106186c5e8c5f40801c2258abfdaa7b3a491cb2d13d4868c61f69ec7ad41a46501d46f112b1b5883fac31ab19105cb3a427cfc7b2533317ffd58094c8e86dc844353aecf924c06f7d65ef943a9b9d30ad9092537d27f94254b19ab7b8448f2e63c3b621361cf4efb46591ca5c9a52f5ac3ff9a0e56cbdf1585b3f3ee2cf60f2b55b6a92d0fcf16a84b6898e13fe8a6c83d8a1d4b352fd33876d27b3de7d05a973edd5ff352bc70a2a16ac049acf609ec84db35229ddd40420771ca237f803009aa611b105e7ac0d69bc437f0c18736104ce44871ebbab7c80eebec77cba583f08d60e42fe2042351b53c01ff9d2677635997345a2e14a9864e8535325f83ad02e0f56de768fe88bdcfb511ff84a3a6369437bec9fae7179afe2d7327713dfd474ea3123b19defb18bb65fe346998077b35ab78ae35f11e632be413f08d5dd3317376e27a3f0626294ed7e67ece22b32d512d621c9ebc7e19cb57ea8fb357761b1c97fc7b6c99ef397884128b0f93a4fe46ee3e3a208426088fbec7f6abff246cd015b645d53ec6e077988c6c4205d128dca4724ccefaa702bd18ce57d9e7e767247b5654c88a23acfa20d5c994dd758ca8946ee6daa53bb54b9601d1b076a1354ac579290aa652089eb1f0740f5b502ad83342c8ddde451956e8fd947889bc2daa6fe7b9676beff3af8a198c51be4cb491a6a8ea75c7cda57e5c055cf5a678b391fc6d95a30344715551b397af812733a86ad30b1063a87b53f11608209450b0607d3a57f40cb9c52591d1c3c99620bad701622d5964191cb97676a37bc164c27dccec8e5442897536bb556f1e398292d340dd45de9e40d5f3c990be667678c48ed7f24ae193c47fdbf1e2aa695a0a1aade8c4104ff2255130164cbfcdb3f9a6d3b5ff6956780721cca96f59fb773a67e8cc91dc7907bdc43980e41af21f89157c8b730598d4f17d61b75b7711adf2c0704ab329d45cb06ec6a59b5a1287c3b1c80ba7d0b529a1810e673bca77dfd06435e5d4cff5eabbd7bb91a01d6a1e86a5e081605297f4869081eec93c7d1e51f9b8c7ba1de83aa366c52ac7005cab558a91f19afaa6e5696f0f3fa5b153ff93fd8ec71f0b72e3454ce31f743317e08ad295c37b3285d13943408ae1d79057a59d95a8ee2512acd5c8b111099c694c87ad1bbc3145317db5ce59ba7613caf225be59b1271aa2fec8d7fa6cedb5f3cb3c628840284544665b108b04c815620cac0dfb4da1ec32f92ec3ad4f1953e767a258bebf23deee4b0be1b72e4bb658d42f2f514b63355a75dc3206e09afcb6cfa8aedecb47d0e29f300b9c1fffb23ca64cdb42dea712c117edbdd44b460ece88c80f586dc51fc3c49628f3d931abedb68509a00645c854dc323140d65ee7c99c4ca17aeb2aa90ebbca326f47fde3223c47634a53ce2f4c3ef644a84f46a324648575750f1b83a80ce79e869af45bddd238fe1f00d875a0e29bb50510115627f434dec308f02ab1c4ebe3fed493838e680a6306d88b5810caea902c3e1f5a614d854f0c7c625691029f8452ca9e5a5ab5001854c4a6a60cfe22342b5e176bba43a5b6bbc747ca1ee7701d29ae039d371affe4cd5b4c38a9ede2af01a10de9a9b2bd0c8a35a495f9ecbf54547e13e3e907227a5a21ec7d430768c4572dd2c677bd97adfb3dd9b877e4ea12ee5b50b83638627ceebb11256f237523d42dde6529b56adab2342889a68696c9afb7f5b069d9a376f71c7d1512e915c73f3f99fe5ee75c59bea0709c415cfdffdbaf2f5a5e0403356d0bc7a4b1cb8004b35362f002ac51c3eebe5967043ebc58fc04c758501725f6bf2939efe0587aae4422f406e3a1830009c7d18d9e4164aa1d41da8836f8586ac397d7e6146d9ca7759ef1fda2150eebe5662a234c975b6c7ef57b9c78b2463d17c79a4a91356864af19cbfa06b040920aeebe4d8c766e3273d1106b6b4e40347ddad2b9ae6333533c9de11b7ec2ec94a7488ed109e2312339e3799d414f5052b5795bb741cfb470655e1a7c3070b53e368b671efbf8d6c17fce419cb99c7bf15f22587cb740bce57edc114383729beabd1601558cca3300289d424071d5c2652754215a82d4494418c90add170b3162351bfb6b611dcaccf58af5f2d38e16aea422d5cb111d8f03df75ace52a06b2e100b4dca943e1d61c24b2069e974e8794a196d01a7ef2fc91a3421395e019267d638548fcb476816d8775cde2bd69aa23074f90266ad072a4807b29a4248299d355ee41e5a2dfa00bef7381143ae978583eb396776242dc04bbc4999f01fd28bc4d334a425679d3efffa375a9cd3eae5f93e2635f2f272b74428427385f9f2c033c6e05847e9a463127d02170838825f26c33a09e9cf4725d61593ddaeac69f5ccf17cfecbae053063a04b8753131890902dd31741c1e2c01209639fce05f5336b8a6ed7663275de593827a485e83566846094faa426f7935a13587ecf32fe24d9bcce91b4641289ec22cacf4e43a858b8322993e73c9e122fac8516daf6a3b11ec7edb4daffb307d5f302de21e8c83a09d11da4bccb905ab4902172f5401293ac9ca1f77a115bbab4899f37c6e838f1e9ae19b5ae5c93dc0ad20742cc91ac269c377ebd28267d04d53b0d687a928b707de1c92f2b122e3535f516384c08bac6717971a9ab61e9ad809831ce9b626f4e8e586222a9ad1271712f4a9584a513eb727657002a094d149b51d0d5e31b80af09b145419f11a41bcd019cec38592730a599757ed36f760f152dcf5b68d3104b623696161212245022006ffbe2571c493f8c12abeea8a50a0d23001a44a2194d0118b609bda977b9a83759df80a4b17feb1d4da598d7392b3181bd3c83b438197c6f6842beafbb28efcdca9dc649a78bc17eb409437498a61f03b650a0a2a5c9a3344fa928d6ce1af5a7074b154b97740b79e67661500ba2d498b4389051767518eea25a14bea59d47552760a88a0e5c439964dfc77b096334aa31247bae0c8668b9942fcf0126bafc3ff96008d5b0ab8bcbbc6d6d3873f070566f0fbd247204efde7b2998cb2b03e1a1c18fd03dda4586d2e82d7a11c3fae8ddfd767c1f5744506b88cdad3133852c5dec231e0ca8b5fdedcfaf7f89126302f522d08acfdebb2bef00eb93012fc1cb6eb7cf6b4b5ee51e96dabb8daf51244a695afccfcd3d157755c205ae516ff9324fa6961447625d13f160fde3520c9a26ba4e521812f3e84315273774d00d0f40c56f5bd8fdb9f50ae96e33e0b3e02ed92b551da0eeea47b99495f5db3644baaf82a37456a5d61144020bb5eb9eb517431d4b8d234ab22bd490749a9d58f355c63d17836b8e764031e78056ce374891b0022465b450e2c69e6d2d4c0c659d290fc9b10c1b1f5f1b5e466e6f2f8208fcae0f1e2b48d10fca7c99606938fd933880a1d9544fdfb81e9191c5f53ae485ef8d70d99878092fb3f39088868a0dfdceccf010ba081835e38bdf28a0f42a3618c039b666b5a98d16a7c70ceab19dbe5858293d6ed945964024ad88ac4d8cbea059fd3d5331da89dd3d80c98468a010d243850eef91d3b8bf9bde55fc1eeb760b4b031589a1a4f66c0e5942f00f977dd99bc39676ab4f53a981b893fa96fadf123d1020c82ef9391c3ba10f70561504122f39173774cd2829d3cc3074ae803041edbf9cf8166fe2e729fa0bc95f63486d4eacfcdc31e4ca9d3922461d61d68424d773699b379397e2afaa2a3f067950386f8a9ffabf5bdcb435427670c0a51bbc3cc61a61aec0d9025f9dff9735ed9cfea3b54a2366e0451b44630fd1c9349077c144da69b5b654d10d33ebdab3e081cd34b4e182227655734d5860500193713278fe149c6", 0x1000, 0x0, &(0x7f00000002c0)={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) sendto$inet(r5, &(0x7f00000012c0)="1a268a927f1f6588b967480241ba78600453f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27) [ 833.096978][ T1036] loop4: p1 p2 p3 p4 [ 833.101477][ T1036] loop4: p1 size 11292159 extends beyond EOD, truncated [ 833.110390][ T1036] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 833.197001][T13250] loop4: detected capacity change from 0 to 264192 [ 833.255633][T13250] loop4: p1 p2 p3 p4 [ 833.260039][T13250] loop4: p1 size 11292159 extends beyond EOD, truncated [ 833.269245][T13250] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:21:17 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff401e0a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:21:17 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36", 0xc6}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:21:17 executing program 2: perf_event_open(&(0x7f0000000cc0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fallocate(r1, 0x0, 0x0, 0x100) perf_event_open(&(0x7f0000000100)={0x0, 0x80, 0x0, 0x3d, 0xff, 0x0, 0x0, 0x7fff, 0x10004, 0x2, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x3, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0xfffffffb, 0x0, @perf_bp={&(0x7f0000000040)}, 0x408, 0x0, 0x73, 0x4, 0x7, 0x6, 0x7fff, 0x0, 0x100, 0x0, 0x5}, 0x0, 0x1000004, r1, 0x1) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_START_NAN(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x1c, r3, 0xedf9546337a3cb3f, 0x0, 0x0, {{0x5}, {@val={0x4}, @void}}}, 0x1c}}, 0x0) sendmsg$NL80211_CMD_DEL_MPATH(r0, &(0x7f00000002c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x7c, r3, 0x2, 0x70bd2c, 0x25dfdbfb, {{}, {@val={0x8}, @val={0xc, 0x99, {0x4, 0x1a}}}}, [@NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @device_b}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @device_b}]}, 0x7c}}, 0x80) r4 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d) pipe2(0x0, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000340)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_MPATH(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000400)={&(0x7f0000000480)=ANY=[@ANYBLOB="6400f1eefb0000", @ANYRES16=r3, @ANYBLOB="04002cbd7000fbdbdf251700000008000300", @ANYRES32=r5, @ANYBLOB="0a001a0008021100000100000a000600ffffffffffff00000a00060008021100000100000a001a0008021100000100000a001a0008021100000100000a000600ffffffffffff0000"], 0x64}, 0x1, 0x0, 0x0, 0x4000}, 0x8090) openat$rfkill(0xffffffffffffff9c, &(0x7f0000000180), 0x400442, 0x0) bind$inet(r4, &(0x7f0000000280)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r4, &(0x7f00000012c0)="1a268a927f1f6588b967480241ba78600453f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27) [ 834.886693][T13291] netlink: 'syz-executor.2': attribute type 3 has an invalid length. [ 834.895226][T13288] loop4: detected capacity change from 0 to 264192 [ 834.925603][T13288] loop4: p1 p2 p3 p4 [ 834.929805][T13288] loop4: p1 size 11292159 extends beyond EOD, truncated 13:21:17 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff801e0a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 834.938315][T13288] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 835.017840][T13302] loop4: detected capacity change from 0 to 264192 [ 835.067182][T13302] loop4: p1 p2 p3 p4 [ 835.071419][T13302] loop4: p1 size 11292159 extends beyond EOD, truncated [ 835.081507][T13302] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:21:17 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36c6d6", 0xc8}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:21:17 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66", 0x97}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:21:17 executing program 3: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac", 0x7c}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1e) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, 0x0, 0x0, 0x0) 13:21:17 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc01e0a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:21:17 executing program 3: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac", 0x7c}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1e) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, 0x0, 0x0, 0x0) [ 835.260978][T13341] loop4: detected capacity change from 0 to 44288 13:21:17 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff001f0a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 835.324301][T13341] loop4: p1 p2 p3 p4 [ 835.329098][T13341] loop4: p1 size 11292159 extends beyond EOD, truncated [ 835.339237][T13341] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 835.402189][T13364] loop4: detected capacity change from 0 to 88321 13:21:17 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff401f0a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 835.445139][T13364] loop4: p1 p2 p3 p4 [ 835.449450][T13364] loop4: p1 size 11292159 extends beyond EOD, truncated [ 835.458803][T13364] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 835.527450][T13381] loop4: detected capacity change from 0 to 153857 [ 835.575878][T13381] loop4: p1 p2 p3 p4 [ 835.580190][T13381] loop4: p1 size 11292159 extends beyond EOD, truncated [ 835.591671][T13381] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:21:17 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff801f0a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:21:17 executing program 2: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0e01a9ffffff0a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 835.707319][T13400] loop4: detected capacity change from 0 to 219393 [ 835.745667][T13400] loop4: p1 p2 p3 p4 [ 835.749888][T13400] loop4: p1 size 11292159 extends beyond EOD, truncated [ 835.760139][T13400] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 835.790629][T13423] loop2: detected capacity change from 0 to 44288 [ 835.824319][T13423] loop2: p1 p2 p3 p4 [ 835.828723][T13423] loop2: p1 size 11292159 extends beyond EOD, truncated [ 835.838040][T13423] loop2: p4 size 3657465856 extends beyond EOD, truncated 13:21:20 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc01f0a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:21:20 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36", 0xc6}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:21:20 executing program 2: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0a01a9ffffff0a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 837.897987][T13453] loop4: detected capacity change from 0 to 264192 [ 837.909444][T13456] loop2: detected capacity change from 0 to 44288 [ 837.935694][T13453] loop4: p1 p2 p3 p4 [ 837.939988][T13453] loop4: p1 size 11292159 extends beyond EOD, truncated [ 837.947517][T13456] loop2: p1 p2 p3 p4 [ 837.949251][T13453] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 837.958020][T13456] loop2: p1 size 11292159 extends beyond EOD, truncated [ 837.970707][T13456] loop2: p4 size 3657465856 extends beyond EOD, truncated 13:21:20 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36c6d6", 0xc8}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:21:20 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66", 0x97}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:21:20 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff00200a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:21:20 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r1, 0xc0506617, &(0x7f0000000000)={@desc={0x1, 0x0, @desc4}, 0x10, 0x0, '\x00', @d}) preadv(r1, &(0x7f0000000140)=[{&(0x7f0000000240)=""/197, 0xc5}, {&(0x7f0000000080)=""/53, 0x35}, {&(0x7f0000000100)=""/31, 0x1f}], 0x3, 0xffff88b1, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f00000005c0)={0x2, 0x80, 0x4d, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x111c, 0x10000000, 0x0, 0x7, 0x80000000000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fcntl$lock(0xffffffffffffffff, 0x0, 0x0) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) [ 838.220488][T13498] loop4: detected capacity change from 0 to 264192 [ 838.265561][T13498] loop4: p1 p2 p3 p4 [ 838.270321][T13498] loop4: p1 size 11292159 extends beyond EOD, truncated [ 838.281888][T13498] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:21:20 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff00300a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:21:20 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66", 0x97}], 0x4, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:21:20 executing program 2: perf_event_open(&(0x7f0000000cc0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fallocate(r0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000100)={0x0, 0x80, 0x0, 0x3d, 0xff, 0x81, 0x0, 0x7fff, 0x10004, 0x2, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x3, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0xfffffffb, 0x0, @perf_bp={&(0x7f0000000040)}, 0x408, 0x0, 0x73, 0x4, 0x7, 0x6, 0x0, 0x0, 0x100, 0x0, 0x5}, 0x0, 0x1000004, r0, 0x1) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d) pipe2(0x0, 0x0) openat$rfkill(0xffffffffffffff9c, &(0x7f0000000180), 0x400442, 0x0) bind$inet(r1, &(0x7f0000000280)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) sendto$inet(0xffffffffffffffff, &(0x7f0000000100), 0x0, 0x0, &(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x10) r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000200), 0xd9956fb0ee3e1b69, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$lock(r3, 0x6, &(0x7f0000002000)={0x1}) fcntl$lock(r3, 0x7, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x8000}) fcntl$lock(r3, 0x24, &(0x7f0000000100)={0x0, 0x0, 0x2000000}) newfstatat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x4000) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000001c0), 0x200000, &(0x7f0000000480)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB="2c70726976706f72742c6e6f657874656e642c756e616d653d5e9425292c6d6d61702c61707072616973655f747970653d696d617369672c657569643c", @ANYRESDEC=r4, @ANYBLOB="2c736d61636b66736861743d2f6465762f72666b696c6c002c646566636f6e746578743d756e636f6e66696e65645f752c7375626a5f747970653d2f6465762f72666b696c6c002c6d61736b3d4d41595f415050454e442c7365636c6162656c2c7365636c6162656c2c6f626a5f74b1838f7ddde57970653d2f6465762f72666b696c6c002c00"]) sendto$inet(r1, &(0x7f00000012c0)="1a268a927f1f6588b967480241ba78600453f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27) 13:21:20 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$F2FS_IOC_GET_PIN_FILE(r0, 0x8004f50e, &(0x7f0000000000)) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) perf_event_open(&(0x7f00000005c0)={0x2, 0x80, 0x4d, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fcntl$lock(0xffffffffffffffff, 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(0xffffffffffffffff, 0x2405, r0) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) r3 = inotify_init() preadv(r3, &(0x7f0000000080)=[{&(0x7f0000000240)=""/202, 0xca}, {&(0x7f0000000040)=""/45, 0x2d}, {&(0x7f00000003c0)=""/240, 0xf0}, {&(0x7f00000004c0)=""/205, 0xcd}], 0x4, 0xfffffe01, 0x1) 13:21:20 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66", 0x97}], 0x4, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:21:20 executing program 3 (fault-call:0 fault-nth:0): syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 838.348028][T13527] loop4: detected capacity change from 0 to 264192 [ 838.385617][T13527] loop4: p1 p2 p3 p4 [ 838.389754][T13527] loop4: p1 size 11292159 extends beyond EOD, truncated [ 838.414861][T13537] FAULT_INJECTION: forcing a failure. [ 838.414861][T13537] name failslab, interval 1, probability 0, space 0, times 0 [ 838.415433][T13527] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 838.427740][T13537] CPU: 0 PID: 13537 Comm: syz-executor.3 Not tainted 5.13.0-rc1-syzkaller #0 [ 838.443736][T13537] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 838.453957][T13537] Call Trace: [ 838.457242][T13537] dump_stack+0x137/0x19d [ 838.461662][T13537] should_fail+0x23c/0x250 [ 838.466061][T13537] ? __se_sys_memfd_create+0xfb/0x390 [ 838.471458][T13537] __should_failslab+0x81/0x90 [ 838.479595][T13537] should_failslab+0x5/0x20 [ 838.484228][T13537] __kmalloc+0x66/0x340 [ 838.488495][T13537] ? strnlen_user+0x137/0x1c0 [ 838.493267][T13537] __se_sys_memfd_create+0xfb/0x390 [ 838.501110][T13537] ? syscall_trace_enter+0x153/0x290 [ 838.506447][T13537] __x64_sys_memfd_create+0x2d/0x40 [ 838.511654][T13537] do_syscall_64+0x4a/0x90 [ 838.516085][T13537] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 838.522122][T13537] RIP: 0033:0x4665d9 [ 838.526018][T13537] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 838.545723][T13537] RSP: 002b:00007f6a6ab38e98 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 838.554176][T13537] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 00000000004665d9 [ 838.562197][T13537] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004bee66 [ 838.570173][T13537] RBP: 000000000000000d R08: 0000000000000000 R09: 0000000000000000 [ 838.578147][T13537] R10: 000000000000000d R11: 0000000000000246 R12: 0000000008100000 [ 838.586119][T13537] R13: 00007ffe993f41ef R14: 00000000015a0000 R15: 0000000000022000 13:21:23 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36", 0xc6}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:21:23 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66", 0x97}], 0x4, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:21:23 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36c6d6", 0xc8}], 0x4, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:21:23 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff00400a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:21:23 executing program 3 (fault-call:0 fault-nth:1): syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:21:23 executing program 2 (fault-call:7 fault-nth:0): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) 13:21:23 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) [ 841.202319][T13573] FAULT_INJECTION: forcing a failure. [ 841.202319][T13573] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 841.208495][T13577] loop4: detected capacity change from 0 to 264192 [ 841.216203][T13573] CPU: 0 PID: 13573 Comm: syz-executor.3 Not tainted 5.13.0-rc1-syzkaller #0 [ 841.231511][T13573] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 841.235145][T13569] FAULT_INJECTION: forcing a failure. [ 841.235145][T13569] name failslab, interval 1, probability 0, space 0, times 0 [ 841.241573][T13573] Call Trace: [ 841.241584][T13573] dump_stack+0x137/0x19d [ 841.241609][T13573] should_fail+0x23c/0x250 [ 841.267069][T13573] should_fail_usercopy+0x16/0x20 [ 841.272258][T13573] _copy_from_user+0x1c/0xd0 [ 841.276905][T13573] __se_sys_memfd_create+0x137/0x390 [ 841.282212][T13573] ? syscall_trace_enter+0x153/0x290 [ 841.287523][T13573] __x64_sys_memfd_create+0x2d/0x40 [ 841.297399][T13573] do_syscall_64+0x4a/0x90 [ 841.301935][T13573] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 841.308190][T13573] RIP: 0033:0x4665d9 [ 841.313563][T13573] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 841.333615][T13573] RSP: 002b:00007f6a6ab38e98 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 841.342059][T13573] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 00000000004665d9 13:21:23 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36c6d6", 0xc8}], 0x4, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) [ 841.350050][T13573] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004bee66 [ 841.358141][T13573] RBP: 000000000000000d R08: 0000000000000000 R09: 0000000000000000 [ 841.366151][T13573] R10: 000000000000000d R11: 0000000000000246 R12: 0000000008100000 [ 841.374232][T13573] R13: 00007ffe993f41ef R14: 00000000015a0000 R15: 0000000000022000 [ 841.382307][T13569] CPU: 1 PID: 13569 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 841.391093][T13569] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 13:21:23 executing program 3 (fault-call:0 fault-nth:2): syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:21:23 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36c6d6", 0xc8}], 0x4, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) [ 841.401247][T13569] Call Trace: [ 841.404553][T13569] dump_stack+0x137/0x19d [ 841.409347][T13569] should_fail+0x23c/0x250 [ 841.413883][T13569] __should_failslab+0x81/0x90 [ 841.418708][T13569] ? __iomap_dio_rw+0xf1/0xad0 [ 841.423633][T13569] should_failslab+0x5/0x20 [ 841.428550][T13569] kmem_cache_alloc_trace+0x49/0x310 [ 841.434942][T13569] __iomap_dio_rw+0xf1/0xad0 [ 841.439691][T13569] ? get_page_from_freelist+0x53e/0x800 [ 841.445246][T13569] ? ext4_orphan_add+0x7a/0x5f0 [ 841.450210][T13569] ? file_update_time+0x1bd/0x3e0 [ 841.455223][T13569] iomap_dio_rw+0x30/0x70 [ 841.459725][T13569] ? ext4_file_write_iter+0x4b1/0x11d0 [ 841.465376][T13569] ext4_file_write_iter+0xa04/0x11d0 [ 841.470686][T13569] ? ext4_file_write_iter+0x4b1/0x11d0 [ 841.476316][T13569] ? rw_verify_area+0x136/0x250 [ 841.481196][T13569] vfs_write+0x69d/0x770 [ 841.485525][T13569] ksys_write+0xce/0x180 [ 841.489853][T13569] __x64_sys_write+0x3e/0x50 [ 841.494526][T13569] do_syscall_64+0x4a/0x90 [ 841.498951][T13569] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 841.505023][T13569] RIP: 0033:0x4665d9 [ 841.508993][T13569] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 841.528825][T13569] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 841.538141][T13569] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 841.546116][T13569] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 841.554082][T13569] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 841.562167][T13569] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 841.570225][T13569] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 [ 841.581174][T13577] loop4: p1 p2 p3 p4 [ 841.593174][T13577] loop4: p1 size 11292159 extends beyond EOD, truncated 13:21:23 executing program 2 (fault-call:7 fault-nth:1): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) 13:21:23 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) [ 841.618709][T13577] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 841.625827][T13596] FAULT_INJECTION: forcing a failure. [ 841.625827][T13596] name failslab, interval 1, probability 0, space 0, times 0 [ 841.638505][T13596] CPU: 0 PID: 13596 Comm: syz-executor.3 Not tainted 5.13.0-rc1-syzkaller #0 [ 841.647278][T13596] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 841.657751][T13596] Call Trace: [ 841.661117][T13596] dump_stack+0x137/0x19d [ 841.665458][T13596] should_fail+0x23c/0x250 [ 841.669938][T13596] ? shmem_alloc_inode+0x22/0x30 [ 841.674897][T13596] __should_failslab+0x81/0x90 [ 841.679925][T13596] ? shmem_match+0xa0/0xa0 [ 841.684353][T13596] should_failslab+0x5/0x20 [ 841.688887][T13596] kmem_cache_alloc+0x46/0x2f0 [ 841.693648][T13596] ? do_anonymous_page+0x411/0x8b0 [ 841.698827][T13596] ? fsnotify_perm+0x59/0x2e0 [ 841.703554][T13596] ? shmem_match+0xa0/0xa0 [ 841.708002][T13596] shmem_alloc_inode+0x22/0x30 [ 841.713002][T13596] new_inode_pseudo+0x38/0x1c0 [ 841.717797][T13596] new_inode+0x21/0x120 [ 841.721966][T13596] shmem_get_inode+0xa1/0x480 [ 841.726640][T13596] __shmem_file_setup+0xf1/0x1d0 [ 841.731839][T13596] shmem_file_setup+0x37/0x40 [ 841.736712][T13596] __se_sys_memfd_create+0x1eb/0x390 [ 841.742024][T13596] ? syscall_trace_enter+0x153/0x290 [ 841.747590][T13596] __x64_sys_memfd_create+0x2d/0x40 [ 841.753339][T13596] do_syscall_64+0x4a/0x90 [ 841.757984][T13596] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 841.765104][T13596] RIP: 0033:0x4665d9 [ 841.769104][T13596] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 841.789663][T13596] RSP: 002b:00007f6a6ab38e98 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 841.798263][T13596] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 00000000004665d9 [ 841.806229][T13596] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004bee66 [ 841.814196][T13596] RBP: 000000000000000d R08: 0000000000000000 R09: 0000000000000000 [ 841.822390][T13596] R10: 000000000000000d R11: 0000000000000246 R12: 0000000008100000 [ 841.830447][T13596] R13: 00007ffe993f41ef R14: 00000000015a0000 R15: 0000000000022000 [ 841.844966][T13602] FAULT_INJECTION: forcing a failure. [ 841.844966][T13602] name failslab, interval 1, probability 0, space 0, times 0 [ 841.858264][T13602] CPU: 1 PID: 13602 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 841.867497][T13602] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 841.878188][T13602] Call Trace: [ 841.882009][T13602] dump_stack+0x137/0x19d [ 841.886507][T13602] should_fail+0x23c/0x250 [ 841.892714][T13602] ? ext4_init_io_end+0x2d/0xa0 [ 841.897871][T13602] __should_failslab+0x81/0x90 [ 841.902966][T13602] should_failslab+0x5/0x20 [ 841.907590][T13602] kmem_cache_alloc+0x46/0x2f0 [ 841.912417][T13602] ext4_init_io_end+0x2d/0xa0 [ 841.917105][T13602] ext4_writepages+0x6a5/0x1d10 [ 841.921981][T13602] ? __wake_up+0x8d/0xc0 [ 841.926393][T13602] ? __list_del_entry_valid+0x54/0xc0 [ 841.932366][T13602] ? __inc_numa_state+0x10/0x50 [ 841.937635][T13602] ? rmqueue_pcplist+0x152/0x190 [ 841.942562][T13602] ? ext4_readpage+0x140/0x140 [ 841.947321][T13602] do_writepages+0x7b/0x150 [ 841.951945][T13602] filemap_write_and_wait_range+0x20a/0x390 [ 841.957945][T13602] __iomap_dio_rw+0x500/0xad0 [ 841.962643][T13602] ? ext4_orphan_add+0x7a/0x5f0 [ 841.967488][T13602] ? file_update_time+0x1bd/0x3e0 [ 841.972501][T13602] iomap_dio_rw+0x30/0x70 [ 841.976937][T13602] ? ext4_file_write_iter+0x4b1/0x11d0 [ 841.982405][T13602] ext4_file_write_iter+0xa04/0x11d0 [ 841.987841][T13602] ? ext4_file_write_iter+0x4b1/0x11d0 [ 841.993388][T13602] ? rw_verify_area+0x136/0x250 [ 841.998403][T13602] vfs_write+0x69d/0x770 [ 842.002629][T13602] ksys_write+0xce/0x180 [ 842.006874][T13602] __x64_sys_write+0x3e/0x50 [ 842.011577][T13602] do_syscall_64+0x4a/0x90 [ 842.016163][T13602] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 842.022077][T13602] RIP: 0033:0x4665d9 [ 842.025954][T13602] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 842.046244][T13602] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 842.054663][T13602] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 842.062620][T13602] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 842.070581][T13602] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 842.078556][T13602] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 842.086512][T13602] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 13:21:26 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36", 0xc6}], 0x4, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:21:26 executing program 3 (fault-call:0 fault-nth:3): syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:21:26 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff00500a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:21:26 executing program 2 (fault-call:7 fault-nth:2): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) 13:21:26 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36", 0xc6}], 0x4, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) [ 843.924424][T13625] FAULT_INJECTION: forcing a failure. [ 843.924424][T13625] name failslab, interval 1, probability 0, space 0, times 0 [ 843.937088][T13625] CPU: 0 PID: 13625 Comm: syz-executor.3 Not tainted 5.13.0-rc1-syzkaller #0 [ 843.945952][T13625] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 843.956011][T13625] Call Trace: [ 843.958239][T13626] loop4: detected capacity change from 0 to 252161 [ 843.959291][T13625] dump_stack+0x137/0x19d [ 843.970110][T13625] should_fail+0x23c/0x250 13:21:26 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36", 0xc6}], 0x4, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) [ 843.974649][T13625] ? security_inode_alloc+0x30/0x180 [ 843.981252][T13625] __should_failslab+0x81/0x90 [ 843.986031][T13625] should_failslab+0x5/0x20 [ 843.990649][T13625] kmem_cache_alloc+0x46/0x2f0 [ 843.996699][T13625] security_inode_alloc+0x30/0x180 [ 844.001832][T13625] inode_init_always+0x20b/0x420 [ 844.006952][T13625] ? shmem_match+0xa0/0xa0 [ 844.011352][T13625] new_inode_pseudo+0x73/0x1c0 [ 844.016186][T13625] new_inode+0x21/0x120 [ 844.020331][T13625] shmem_get_inode+0xa1/0x480 [ 844.025014][T13625] __shmem_file_setup+0xf1/0x1d0 [ 844.030000][T13625] shmem_file_setup+0x37/0x40 [ 844.034744][T13625] __se_sys_memfd_create+0x1eb/0x390 [ 844.040100][T13625] ? syscall_trace_enter+0x153/0x290 [ 844.045394][T13625] __x64_sys_memfd_create+0x2d/0x40 [ 844.050622][T13625] do_syscall_64+0x4a/0x90 [ 844.055076][T13625] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 844.060967][T13625] RIP: 0033:0x4665d9 [ 844.064841][T13625] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 844.084850][T13625] RSP: 002b:00007f6a6ab38e98 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 844.093261][T13625] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 00000000004665d9 [ 844.101214][T13625] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004bee66 [ 844.109168][T13625] RBP: 000000000000000d R08: 0000000000000000 R09: 0000000000000000 [ 844.117128][T13625] R10: 000000000000000d R11: 0000000000000246 R12: 0000000008100000 [ 844.125101][T13625] R13: 00007ffe993f41ef R14: 00000000015a0000 R15: 0000000000022000 [ 844.139035][T13628] FAULT_INJECTION: forcing a failure. [ 844.139035][T13628] name failslab, interval 1, probability 0, space 0, times 0 [ 844.151746][T13628] CPU: 1 PID: 13628 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 844.160648][T13628] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 844.170711][T13628] Call Trace: 13:21:26 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:21:26 executing program 3 (fault-call:0 fault-nth:4): syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 844.173991][T13628] dump_stack+0x137/0x19d [ 844.178306][T13628] should_fail+0x23c/0x250 [ 844.182700][T13628] ? __es_insert_extent+0x51f/0xe70 [ 844.188001][T13628] __should_failslab+0x81/0x90 [ 844.192838][T13628] should_failslab+0x5/0x20 [ 844.197325][T13628] kmem_cache_alloc+0x46/0x2f0 [ 844.202186][T13628] __es_insert_extent+0x51f/0xe70 [ 844.207244][T13628] ext4_es_insert_extent+0x1bb/0x19d0 [ 844.212646][T13628] ? percpu_counter_add_batch+0x69/0xd0 [ 844.218203][T13628] ext4_map_blocks+0xa4c/0xef0 [ 844.222958][T13628] ? ext4_iomap_begin+0x3e2/0x620 [ 844.227961][T13628] ? __cond_resched+0x11/0x40 [ 844.232637][T13628] ext4_iomap_begin+0x4a3/0x620 [ 844.237514][T13628] iomap_apply+0x8d/0x400 [ 844.241827][T13628] __iomap_dio_rw+0x5af/0xad0 [ 844.246523][T13628] ? __iomap_dio_rw+0xad0/0xad0 [ 844.251359][T13628] iomap_dio_rw+0x30/0x70 [ 844.255677][T13628] ? ext4_file_write_iter+0x4b1/0x11d0 [ 844.261193][T13628] ext4_file_write_iter+0xa04/0x11d0 [ 844.266473][T13628] ? ext4_file_write_iter+0x4b1/0x11d0 [ 844.271932][T13628] ? rw_verify_area+0x136/0x250 [ 844.276772][T13628] vfs_write+0x69d/0x770 [ 844.281014][T13628] ksys_write+0xce/0x180 [ 844.285306][T13628] __x64_sys_write+0x3e/0x50 [ 844.289888][T13628] do_syscall_64+0x4a/0x90 [ 844.294291][T13628] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 844.300294][T13628] RIP: 0033:0x4665d9 [ 844.304180][T13628] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 844.324305][T13628] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 844.332770][T13628] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 844.340997][T13628] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000004 [ 844.348983][T13628] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 844.357010][T13628] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 844.364981][T13628] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 [ 844.389174][T13626] loop4: p1 p2 p3 p4 [ 844.393305][T13626] loop4: p1 size 11292159 extends beyond EOD, truncated [ 844.403594][T13646] FAULT_INJECTION: forcing a failure. [ 844.403594][T13646] name failslab, interval 1, probability 0, space 0, times 0 [ 844.416259][T13646] CPU: 0 PID: 13646 Comm: syz-executor.3 Not tainted 5.13.0-rc1-syzkaller #0 [ 844.425036][T13646] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 844.435111][T13646] Call Trace: [ 844.438563][T13646] dump_stack+0x137/0x19d [ 844.442892][T13646] should_fail+0x23c/0x250 [ 844.447376][T13646] ? __d_alloc+0x36/0x370 [ 844.451740][T13646] __should_failslab+0x81/0x90 [ 844.456548][T13646] should_failslab+0x5/0x20 [ 844.461165][T13646] kmem_cache_alloc+0x46/0x2f0 [ 844.463767][T13626] loop4: p4 size 3657465856 extends beyond EOD, [ 844.466055][T13646] ? __init_rwsem+0x59/0x70 [ 844.466077][T13646] __d_alloc+0x36/0x370 [ 844.472522][T13626] truncated [ 844.484283][T13646] ? current_time+0xdb/0x190 [ 844.488964][T13646] d_alloc_pseudo+0x1a/0x50 [ 844.493558][T13646] alloc_file_pseudo+0x63/0x130 [ 844.498409][T13646] __shmem_file_setup+0x14c/0x1d0 [ 844.503504][T13646] shmem_file_setup+0x37/0x40 [ 844.508195][T13646] __se_sys_memfd_create+0x1eb/0x390 [ 844.513546][T13646] ? syscall_trace_enter+0x153/0x290 [ 844.518849][T13646] __x64_sys_memfd_create+0x2d/0x40 [ 844.524171][T13646] do_syscall_64+0x4a/0x90 [ 844.528589][T13646] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 844.534567][T13646] RIP: 0033:0x4665d9 13:21:26 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff00600a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:21:26 executing program 2 (fault-call:7 fault-nth:3): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) 13:21:26 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) [ 844.538467][T13646] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 844.558171][T13646] RSP: 002b:00007f6a6ab38e98 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 844.566592][T13646] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 00000000004665d9 [ 844.574572][T13646] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004bee66 [ 844.582669][T13646] RBP: 000000000000000d R08: 0000000000000000 R09: 0000000000000000 [ 844.590764][T13646] R10: 000000000000000d R11: 0000000000000246 R12: 0000000008100000 [ 844.598744][T13646] R13: 00007ffe993f41ef R14: 00000000015a0000 R15: 0000000000022000 [ 844.619159][T13669] FAULT_INJECTION: forcing a failure. [ 844.619159][T13669] name failslab, interval 1, probability 0, space 0, times 0 [ 844.631927][T13669] CPU: 0 PID: 13669 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 844.640722][T13669] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 844.650805][T13669] Call Trace: [ 844.654148][T13669] dump_stack+0x137/0x19d [ 844.658558][T13669] should_fail+0x23c/0x250 [ 844.662978][T13669] ? ext4_alloc_io_end_vec+0x2e/0xd0 [ 844.668279][T13669] __should_failslab+0x81/0x90 [ 844.673055][T13669] should_failslab+0x5/0x20 [ 844.677582][T13669] kmem_cache_alloc+0x46/0x2f0 [ 844.682448][T13669] ext4_alloc_io_end_vec+0x2e/0xd0 [ 844.687599][T13669] ext4_writepages+0xa8d/0x1d10 [ 844.692462][T13669] ? __list_del_entry_valid+0x54/0xc0 [ 844.697834][T13669] ? __inc_numa_state+0x10/0x50 [ 844.702684][T13669] ? rmqueue_pcplist+0x152/0x190 [ 844.707657][T13669] ? ext4_readpage+0x140/0x140 [ 844.712539][T13669] do_writepages+0x7b/0x150 [ 844.712832][T13683] loop4: detected capacity change from 0 to 219393 [ 844.717056][T13669] filemap_write_and_wait_range+0x20a/0x390 [ 844.717083][T13669] __iomap_dio_rw+0x500/0xad0 [ 844.717106][T13669] ? ext4_orphan_add+0x7a/0x5f0 [ 844.739052][T13669] ? file_update_time+0x1bd/0x3e0 [ 844.744066][T13669] iomap_dio_rw+0x30/0x70 [ 844.748382][T13669] ? ext4_file_write_iter+0x4b1/0x11d0 [ 844.753828][T13669] ext4_file_write_iter+0xa04/0x11d0 [ 844.759164][T13669] ? ext4_file_write_iter+0x4b1/0x11d0 [ 844.764656][T13669] ? rw_verify_area+0x136/0x250 [ 844.769490][T13669] vfs_write+0x69d/0x770 [ 844.773713][T13669] ksys_write+0xce/0x180 [ 844.777934][T13669] __x64_sys_write+0x3e/0x50 [ 844.782617][T13669] do_syscall_64+0x4a/0x90 [ 844.787118][T13669] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 844.793036][T13669] RIP: 0033:0x4665d9 [ 844.796905][T13669] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 844.816556][T13669] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 844.825178][T13669] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 844.833146][T13669] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 844.841273][T13669] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 844.849225][T13669] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 844.857372][T13669] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 [ 844.896117][T13683] loop4: p1 p2 p3 p4 [ 844.900533][T13683] loop4: p1 size 11292159 extends beyond EOD, truncated [ 844.909775][T13683] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:21:27 executing program 3 (fault-call:0 fault-nth:5): syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:21:27 executing program 2 (fault-call:7 fault-nth:4): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) 13:21:27 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:21:27 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff00700a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 845.137860][T13708] FAULT_INJECTION: forcing a failure. [ 845.137860][T13708] name failslab, interval 1, probability 0, space 0, times 0 [ 845.149474][T13711] loop4: detected capacity change from 0 to 186625 [ 845.150543][T13708] CPU: 0 PID: 13708 Comm: syz-executor.3 Not tainted 5.13.0-rc1-syzkaller #0 [ 845.166124][T13708] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 845.176193][T13708] Call Trace: [ 845.179462][T13708] dump_stack+0x137/0x19d [ 845.183859][T13708] should_fail+0x23c/0x250 [ 845.188300][T13708] ? __alloc_file+0x2e/0x1a0 [ 845.192951][T13708] __should_failslab+0x81/0x90 [ 845.197728][T13708] should_failslab+0x5/0x20 [ 845.202232][T13708] kmem_cache_alloc+0x46/0x2f0 [ 845.207235][T13708] ? inode_doinit_with_dentry+0x382/0x950 [ 845.213001][T13708] __alloc_file+0x2e/0x1a0 [ 845.217407][T13708] alloc_empty_file+0xcd/0x1c0 [ 845.222178][T13708] alloc_file+0x3a/0x280 [ 845.226408][T13708] alloc_file_pseudo+0xe2/0x130 [ 845.231265][T13708] __shmem_file_setup+0x14c/0x1d0 [ 845.236513][T13708] shmem_file_setup+0x37/0x40 [ 845.241266][T13708] __se_sys_memfd_create+0x1eb/0x390 [ 845.246563][T13708] ? syscall_trace_enter+0x153/0x290 [ 845.251878][T13708] __x64_sys_memfd_create+0x2d/0x40 [ 845.257163][T13708] do_syscall_64+0x4a/0x90 [ 845.261819][T13708] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 845.267707][T13708] RIP: 0033:0x4665d9 [ 845.271598][T13708] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 845.291192][T13708] RSP: 002b:00007f6a6ab38e98 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 845.299618][T13708] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 00000000004665d9 [ 845.307617][T13708] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004bee66 [ 845.315676][T13708] RBP: 000000000000000d R08: 0000000000000000 R09: 0000000000000000 [ 845.323864][T13708] R10: 000000000000000d R11: 0000000000000246 R12: 0000000008100000 13:21:27 executing program 3 (fault-call:0 fault-nth:6): syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 845.331827][T13708] R13: 00007ffe993f41ef R14: 00000000015a0000 R15: 0000000000022000 [ 845.341632][T13709] FAULT_INJECTION: forcing a failure. [ 845.341632][T13709] name failslab, interval 1, probability 0, space 0, times 0 [ 845.354456][T13709] CPU: 1 PID: 13709 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 845.364063][T13709] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 845.374185][T13709] Call Trace: [ 845.377509][T13709] dump_stack+0x137/0x19d [ 845.382003][T13709] should_fail+0x23c/0x250 [ 845.386429][T13709] ? ext4_mb_new_blocks+0x2e7/0x1f90 [ 845.391837][T13709] __should_failslab+0x81/0x90 [ 845.398253][T13709] should_failslab+0x5/0x20 [ 845.403698][T13709] kmem_cache_alloc+0x46/0x2f0 [ 845.408480][T13709] ext4_mb_new_blocks+0x2e7/0x1f90 [ 845.413596][T13709] ? ext4_get_branch+0x27d/0x2e0 [ 845.418538][T13709] ? ext4_inode_to_goal_block+0x1bd/0x1d0 [ 845.424246][T13709] ext4_ind_map_blocks+0xaab/0x1620 [ 845.429479][T13709] ? release_pages+0x8d0/0x900 [ 845.434514][T13709] ? percpu_counter_add_batch+0x69/0xd0 [ 845.440177][T13709] ? ext4_es_lookup_extent+0x36b/0x490 [ 845.446206][T13709] ext4_map_blocks+0x6d2/0xef0 [ 845.451047][T13709] mpage_map_one_extent+0x10d/0x360 [ 845.456336][T13709] ext4_writepages+0xc1a/0x1d10 [ 845.461878][T13709] ? __list_del_entry_valid+0x54/0xc0 [ 845.467247][T13709] ? __inc_numa_state+0x10/0x50 [ 845.472109][T13709] ? rmqueue_pcplist+0x152/0x190 [ 845.477047][T13709] ? ext4_readpage+0x140/0x140 [ 845.482499][T13709] do_writepages+0x7b/0x150 [ 845.487363][T13709] filemap_write_and_wait_range+0x20a/0x390 [ 845.493721][T13709] __iomap_dio_rw+0x500/0xad0 [ 845.498613][T13709] ? ext4_orphan_add+0x7a/0x5f0 [ 845.503693][T13709] ? file_update_time+0x1bd/0x3e0 [ 845.508788][T13709] iomap_dio_rw+0x30/0x70 [ 845.513675][T13709] ? ext4_file_write_iter+0x4b1/0x11d0 [ 845.519315][T13709] ext4_file_write_iter+0xa04/0x11d0 [ 845.524679][T13709] ? ext4_file_write_iter+0x4b1/0x11d0 [ 845.530196][T13709] ? rw_verify_area+0x136/0x250 [ 845.535055][T13709] vfs_write+0x69d/0x770 [ 845.539282][T13709] ksys_write+0xce/0x180 [ 845.543503][T13709] __x64_sys_write+0x3e/0x50 [ 845.548087][T13709] do_syscall_64+0x4a/0x90 [ 845.552508][T13709] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 845.558457][T13709] RIP: 0033:0x4665d9 [ 845.562440][T13709] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 845.582043][T13709] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 845.590446][T13709] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 845.598426][T13709] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000004 [ 845.606400][T13709] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 845.614380][T13709] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 845.622438][T13709] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 [ 845.654902][T13711] loop4: p1 p2 p3 p4 [ 845.659491][T13711] loop4: p1 size 11292159 extends beyond EOD, truncated [ 845.667793][T13722] FAULT_INJECTION: forcing a failure. [ 845.667793][T13722] name failslab, interval 1, probability 0, space 0, times 0 [ 845.679139][T13711] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 845.680586][T13722] CPU: 1 PID: 13722 Comm: syz-executor.3 Not tainted 5.13.0-rc1-syzkaller #0 [ 845.696388][T13722] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 845.706523][T13722] Call Trace: [ 845.709796][T13722] dump_stack+0x137/0x19d [ 845.714122][T13722] should_fail+0x23c/0x250 [ 845.718679][T13722] ? security_file_alloc+0x30/0x190 [ 845.723876][T13722] __should_failslab+0x81/0x90 [ 845.728666][T13722] should_failslab+0x5/0x20 [ 845.733243][T13722] kmem_cache_alloc+0x46/0x2f0 [ 845.738018][T13722] security_file_alloc+0x30/0x190 [ 845.743037][T13722] __alloc_file+0x83/0x1a0 [ 845.747484][T13722] alloc_empty_file+0xcd/0x1c0 [ 845.752273][T13722] alloc_file+0x3a/0x280 [ 845.756573][T13722] alloc_file_pseudo+0xe2/0x130 [ 845.761433][T13722] __shmem_file_setup+0x14c/0x1d0 [ 845.766472][T13722] shmem_file_setup+0x37/0x40 [ 845.771236][T13722] __se_sys_memfd_create+0x1eb/0x390 [ 845.776520][T13722] ? syscall_trace_enter+0x153/0x290 [ 845.781801][T13722] __x64_sys_memfd_create+0x2d/0x40 [ 845.787070][T13722] do_syscall_64+0x4a/0x90 [ 845.791485][T13722] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 845.797466][T13722] RIP: 0033:0x4665d9 [ 845.801351][T13722] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 845.821233][T13722] RSP: 002b:00007f6a6ab38e98 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 845.832013][T13722] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 00000000004665d9 [ 845.839992][T13722] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004bee66 13:21:28 executing program 2 (fault-call:7 fault-nth:5): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) [ 845.848070][T13722] RBP: 000000000000000d R08: 0000000000000000 R09: 0000000000000000 [ 845.856137][T13722] R10: 000000000000000d R11: 0000000000000246 R12: 0000000008100000 [ 845.864980][T13722] R13: 00007ffe993f41ef R14: 00000000015a0000 R15: 0000000000022000 13:21:28 executing program 3 (fault-call:0 fault-nth:7): syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 845.932129][T13734] FAULT_INJECTION: forcing a failure. [ 845.932129][T13734] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 845.945615][T13734] CPU: 0 PID: 13734 Comm: syz-executor.3 Not tainted 5.13.0-rc1-syzkaller #0 [ 845.954786][T13734] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 845.965213][T13734] Call Trace: [ 845.969189][T13734] dump_stack+0x137/0x19d [ 845.973557][T13734] should_fail+0x23c/0x250 [ 845.978048][T13734] __alloc_pages+0x102/0x320 [ 845.982631][T13734] alloc_pages_vma+0x391/0x660 [ 845.987389][T13734] shmem_getpage_gfp+0x980/0x1410 [ 845.992418][T13734] ? mls_context_isvalid+0x76/0x1e0 [ 845.997675][T13734] shmem_write_begin+0x7e/0x100 [ 846.002562][T13734] generic_perform_write+0x196/0x3a0 [ 846.007878][T13734] ? file_update_time+0x1bd/0x3e0 [ 846.012904][T13734] __generic_file_write_iter+0x161/0x300 [ 846.018547][T13734] ? generic_write_checks+0x250/0x290 [ 846.023963][T13734] generic_file_write_iter+0x75/0x130 [ 846.029335][T13734] vfs_write+0x69d/0x770 [ 846.033617][T13734] __x64_sys_pwrite64+0xf5/0x150 [ 846.038634][T13734] do_syscall_64+0x4a/0x90 [ 846.043092][T13734] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 846.048988][T13734] RIP: 0033:0x419777 [ 846.052876][T13734] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 846.072490][T13734] RSP: 002b:00007f6a6ab38e70 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 846.080906][T13734] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000419777 [ 846.088878][T13734] RDX: 0000000000000040 RSI: 0000000020000040 RDI: 0000000000000004 [ 846.096848][T13734] RBP: 000000000000000d R08: 0000000000000000 R09: 0000000000000000 [ 846.104820][T13734] R10: 00000000000001c0 R11: 0000000000000293 R12: 0000000000000004 [ 846.112859][T13734] R13: 0000000000000004 R14: 0000000020000000 R15: 0000000000000000 [ 846.125091][T13734] loop3: detected capacity change from 0 to 44288 [ 846.144101][T13733] FAULT_INJECTION: forcing a failure. [ 846.144101][T13733] name failslab, interval 1, probability 0, space 0, times 0 [ 846.156908][T13733] CPU: 1 PID: 13733 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 846.165734][T13733] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 846.177542][T13733] Call Trace: [ 846.181452][T13733] dump_stack+0x137/0x19d [ 846.185787][T13733] should_fail+0x23c/0x250 [ 846.190200][T13733] ? ext4_mb_new_blocks+0x70f/0x1f90 [ 846.195485][T13733] __should_failslab+0x81/0x90 [ 846.200269][T13733] should_failslab+0x5/0x20 [ 846.204776][T13733] kmem_cache_alloc+0x46/0x2f0 [ 846.209705][T13733] ext4_mb_new_blocks+0x70f/0x1f90 [ 846.214829][T13733] ? bh_uptodate_or_lock+0x57/0xf0 [ 846.220643][T13733] ? ext4_get_branch+0x28e/0x2e0 [ 846.225641][T13733] ext4_ind_map_blocks+0xaab/0x1620 [ 846.230939][T13733] ? percpu_counter_add_batch+0x69/0xd0 [ 846.236500][T13733] ? ext4_es_lookup_extent+0x36b/0x490 [ 846.242083][T13733] ext4_map_blocks+0x6d2/0xef0 [ 846.246904][T13733] mpage_map_one_extent+0x10d/0x360 [ 846.252387][T13733] ext4_writepages+0xc1a/0x1d10 [ 846.257257][T13733] ? __list_del_entry_valid+0x54/0xc0 [ 846.262672][T13733] ? __inc_numa_state+0x10/0x50 [ 846.267525][T13733] ? rmqueue_pcplist+0x152/0x190 [ 846.272476][T13733] ? ext4_readpage+0x140/0x140 [ 846.277255][T13733] do_writepages+0x7b/0x150 [ 846.281777][T13733] filemap_write_and_wait_range+0x20a/0x390 [ 846.287670][T13733] __iomap_dio_rw+0x500/0xad0 [ 846.292363][T13733] ? ext4_orphan_add+0x7a/0x5f0 [ 846.297337][T13733] ? file_update_time+0x1bd/0x3e0 [ 846.302454][T13733] iomap_dio_rw+0x30/0x70 [ 846.306858][T13733] ? ext4_file_write_iter+0x4b1/0x11d0 [ 846.312318][T13733] ext4_file_write_iter+0xa04/0x11d0 [ 846.317617][T13733] ? ext4_file_write_iter+0x4b1/0x11d0 [ 846.323205][T13733] ? rw_verify_area+0x136/0x250 [ 846.328118][T13733] vfs_write+0x69d/0x770 [ 846.332382][T13733] ksys_write+0xce/0x180 [ 846.336638][T13733] __x64_sys_write+0x3e/0x50 [ 846.341261][T13733] do_syscall_64+0x4a/0x90 [ 846.345680][T13733] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 846.351654][T13733] RIP: 0033:0x4665d9 [ 846.355633][T13733] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 846.375246][T13733] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 846.383686][T13733] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 846.391672][T13733] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 846.399745][T13733] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 846.407736][T13733] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 846.415754][T13733] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 13:21:29 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:21:29 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff00900a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:21:29 executing program 3 (fault-call:0 fault-nth:8): syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:21:29 executing program 2 (fault-call:7 fault-nth:6): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) [ 847.410125][T13764] FAULT_INJECTION: forcing a failure. [ 847.410125][T13764] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 847.423413][T13764] CPU: 1 PID: 13764 Comm: syz-executor.3 Not tainted 5.13.0-rc1-syzkaller #0 [ 847.429040][T13765] loop4: detected capacity change from 0 to 121089 [ 847.432294][T13764] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 847.432309][T13764] Call Trace: [ 847.432317][T13764] dump_stack+0x137/0x19d [ 847.432364][T13764] should_fail+0x23c/0x250 [ 847.432381][T13764] should_fail_usercopy+0x16/0x20 [ 847.432400][T13764] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 847.472346][T13764] ? shmem_write_begin+0x7e/0x100 [ 847.477484][T13764] generic_perform_write+0x1e4/0x3a0 [ 847.482839][T13764] ? file_update_time+0x1bd/0x3e0 [ 847.487922][T13764] __generic_file_write_iter+0x161/0x300 [ 847.493829][T13764] ? generic_write_checks+0x250/0x290 [ 847.499197][T13764] generic_file_write_iter+0x75/0x130 [ 847.504633][T13764] vfs_write+0x69d/0x770 [ 847.508935][T13764] __x64_sys_pwrite64+0xf5/0x150 [ 847.513853][T13764] do_syscall_64+0x4a/0x90 [ 847.518286][T13764] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 847.524164][T13764] RIP: 0033:0x419777 [ 847.528088][T13764] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 847.547805][T13764] RSP: 002b:00007f6a6ab38e70 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 13:21:29 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) [ 847.556317][T13764] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000419777 [ 847.564296][T13764] RDX: 0000000000000040 RSI: 0000000020000040 RDI: 0000000000000004 [ 847.572251][T13764] RBP: 000000000000000d R08: 0000000000000000 R09: 0000000000000000 [ 847.580262][T13764] R10: 00000000000001c0 R11: 0000000000000293 R12: 0000000000000004 [ 847.588227][T13764] R13: 0000000000000004 R14: 0000000020000000 R15: 0000000000000000 [ 847.608684][T13767] FAULT_INJECTION: forcing a failure. [ 847.608684][T13767] name failslab, interval 1, probability 0, space 0, times 0 [ 847.621411][T13767] CPU: 1 PID: 13767 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 847.630255][T13767] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 847.640300][T13767] Call Trace: [ 847.643582][T13767] dump_stack+0x137/0x19d [ 847.648000][T13767] should_fail+0x23c/0x250 [ 847.652408][T13767] ? mempool_alloc_slab+0x16/0x20 [ 847.657707][T13767] __should_failslab+0x81/0x90 [ 847.662468][T13767] should_failslab+0x5/0x20 [ 847.667035][T13767] kmem_cache_alloc+0x46/0x2f0 [ 847.671800][T13767] mempool_alloc_slab+0x16/0x20 [ 847.676649][T13767] ? mempool_free+0x130/0x130 [ 847.681361][T13767] mempool_alloc+0x8c/0x300 [ 847.685850][T13767] ? unlock_page_memcg+0xc3/0xe0 [ 847.690766][T13767] bio_alloc_bioset+0xcc/0x480 [ 847.695561][T13767] ext4_bio_write_page+0x7c5/0xa40 [ 847.700669][T13767] ext4_writepages+0x1050/0x1d10 [ 847.705654][T13767] ? __list_del_entry_valid+0x54/0xc0 [ 847.711128][T13767] ? __inc_numa_state+0x10/0x50 [ 847.715965][T13767] ? rmqueue_pcplist+0x152/0x190 [ 847.720990][T13767] ? ext4_readpage+0x140/0x140 [ 847.725759][T13767] do_writepages+0x7b/0x150 [ 847.730283][T13767] filemap_write_and_wait_range+0x20a/0x390 [ 847.736223][T13767] __iomap_dio_rw+0x500/0xad0 [ 847.740888][T13767] ? ext4_orphan_add+0x7a/0x5f0 [ 847.745776][T13767] ? file_update_time+0x1bd/0x3e0 [ 847.750879][T13767] iomap_dio_rw+0x30/0x70 [ 847.755201][T13767] ? ext4_file_write_iter+0x4b1/0x11d0 [ 847.760649][T13767] ext4_file_write_iter+0xa04/0x11d0 [ 847.765955][T13767] ? ext4_file_write_iter+0x4b1/0x11d0 [ 847.771443][T13767] ? rw_verify_area+0x136/0x250 [ 847.776339][T13767] vfs_write+0x69d/0x770 [ 847.780570][T13767] ksys_write+0xce/0x180 [ 847.784806][T13767] __x64_sys_write+0x3e/0x50 [ 847.789423][T13767] do_syscall_64+0x4a/0x90 [ 847.793861][T13767] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 847.799761][T13767] RIP: 0033:0x4665d9 [ 847.803653][T13767] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 847.823336][T13767] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 847.832443][T13767] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 847.840465][T13767] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000004 [ 847.848521][T13767] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 13:21:30 executing program 2 (fault-call:7 fault-nth:7): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) [ 847.857083][T13767] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 847.865064][T13767] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 [ 847.887445][T13765] loop4: p1 p2 p3 p4 [ 847.908595][T13765] loop4: p1 size 11292159 extends beyond EOD, truncated [ 847.916233][T13764] loop3: detected capacity change from 0 to 44288 [ 847.928599][T13765] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 847.945833][T13785] FAULT_INJECTION: forcing a failure. [ 847.945833][T13785] name failslab, interval 1, probability 0, space 0, times 0 [ 847.959367][T13785] CPU: 0 PID: 13785 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 847.968253][T13785] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 847.978529][T13785] Call Trace: [ 847.981919][T13785] dump_stack+0x137/0x19d [ 847.986441][T13785] should_fail+0x23c/0x250 [ 847.990864][T13785] ? mempool_alloc_slab+0x16/0x20 [ 847.995928][T13785] __should_failslab+0x81/0x90 [ 848.000710][T13785] should_failslab+0x5/0x20 [ 848.005325][T13785] kmem_cache_alloc+0x46/0x2f0 [ 848.010184][T13785] mempool_alloc_slab+0x16/0x20 [ 848.015052][T13785] ? mempool_free+0x130/0x130 [ 848.019895][T13785] mempool_alloc+0x8c/0x300 [ 848.024533][T13785] ? unlock_page_memcg+0xc3/0xe0 [ 848.029477][T13785] bio_alloc_bioset+0xcc/0x480 [ 848.034285][T13785] ext4_bio_write_page+0x7c5/0xa40 [ 848.039400][T13785] ext4_writepages+0x1050/0x1d10 [ 848.044337][T13785] ? __list_del_entry_valid+0x54/0xc0 [ 848.049834][T13785] ? __inc_numa_state+0x10/0x50 [ 848.054696][T13785] ? rmqueue_pcplist+0x152/0x190 [ 848.059620][T13785] ? ext4_readpage+0x140/0x140 [ 848.064390][T13785] do_writepages+0x7b/0x150 [ 848.068901][T13785] filemap_write_and_wait_range+0x20a/0x390 [ 848.074787][T13785] __iomap_dio_rw+0x500/0xad0 [ 848.079475][T13785] ? ext4_orphan_add+0x7a/0x5f0 [ 848.084336][T13785] ? file_update_time+0x1bd/0x3e0 [ 848.089426][T13785] iomap_dio_rw+0x30/0x70 [ 848.093909][T13785] ? ext4_file_write_iter+0x4b1/0x11d0 [ 848.099482][T13785] ext4_file_write_iter+0xa04/0x11d0 [ 848.104789][T13785] ? ext4_file_write_iter+0x4b1/0x11d0 [ 848.110373][T13785] ? rw_verify_area+0x136/0x250 [ 848.116244][T13785] vfs_write+0x69d/0x770 [ 848.120660][T13785] ksys_write+0xce/0x180 [ 848.124893][T13785] __x64_sys_write+0x3e/0x50 [ 848.129586][T13785] do_syscall_64+0x4a/0x90 [ 848.134014][T13785] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 848.139924][T13785] RIP: 0033:0x4665d9 13:21:30 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) [ 848.143855][T13785] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 848.163646][T13785] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 848.172220][T13785] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 848.180237][T13785] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 848.188249][T13785] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 848.196313][T13785] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 848.204288][T13785] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 [ 848.219016][T13764] loop3: p1 p2 p3 p4 [ 848.223138][T13764] loop3: p1 size 11292159 extends beyond EOD, truncated [ 848.223940][T13783] print_req_error: 80 callbacks suppressed [ 848.223951][T13783] blk_update_request: I/O error, dev loop4, sector 8 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 848.237103][T13793] blk_update_request: I/O error, dev loop4, sector 233 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 848.248033][T13765] __loop_clr_fd: partition scan of loop4 failed (rc=-16) [ 848.260504][T13764] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 848.270598][T13794] blk_update_request: I/O error, dev loop4, sector 120960 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 848.283938][T13771] blk_update_request: I/O error, dev loop4, sector 120960 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 848.286776][ T616] blk_update_request: I/O error, dev loop4, sector 120960 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 848.307854][ T616] buffer_io_error: 56 callbacks suppressed 13:21:30 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff00a00a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:21:30 executing program 3: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 848.307867][ T616] Buffer I/O error on dev loop4p4, logical block 120960, async page read [ 848.322148][ T616] blk_update_request: I/O error, dev loop4, sector 120961 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 848.333490][ T616] Buffer I/O error on dev loop4p4, logical block 120961, async page read [ 848.341946][ T616] blk_update_request: I/O error, dev loop4, sector 120962 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 848.354002][ T616] Buffer I/O error on dev loop4p4, logical block 120962, async page read 13:21:30 executing program 2 (fault-call:7 fault-nth:8): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) [ 848.362570][ T616] blk_update_request: I/O error, dev loop4, sector 120963 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 848.374065][ T616] Buffer I/O error on dev loop4p4, logical block 120963, async page read [ 848.375366][T13810] loop4: detected capacity change from 0 to 88321 [ 848.382518][ T616] blk_update_request: I/O error, dev loop4, sector 120964 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 848.400218][ T616] Buffer I/O error on dev loop4p4, logical block 120964, async page read [ 848.438149][T13810] loop_reread_partitions: partition scan of loop4 () failed (rc=-16) [ 848.470151][T13822] FAULT_INJECTION: forcing a failure. [ 848.470151][T13822] name failslab, interval 1, probability 0, space 0, times 0 [ 848.483011][T13822] CPU: 0 PID: 13822 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 848.491770][T13822] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 848.501826][T13822] Call Trace: [ 848.505090][T13822] dump_stack+0x137/0x19d [ 848.509423][T13822] should_fail+0x23c/0x250 [ 848.513870][T13822] ? mempool_alloc_slab+0x16/0x20 [ 848.519002][T13822] __should_failslab+0x81/0x90 [ 848.523778][T13822] should_failslab+0x5/0x20 [ 848.528314][T13822] kmem_cache_alloc+0x46/0x2f0 [ 848.533100][T13822] ? mempool_alloc_slab+0x16/0x20 [ 848.538151][T13822] mempool_alloc_slab+0x16/0x20 [ 848.543085][T13822] ? mempool_free+0x130/0x130 [ 848.547858][T13822] mempool_alloc+0x8c/0x300 [ 848.552371][T13822] ? unlock_page_memcg+0xc3/0xe0 [ 848.557304][T13822] bio_alloc_bioset+0x1af/0x480 [ 848.562223][T13822] ext4_bio_write_page+0x7c5/0xa40 [ 848.567333][T13822] ext4_writepages+0x1050/0x1d10 [ 848.572304][T13822] ? __list_del_entry_valid+0x54/0xc0 [ 848.577665][T13822] ? __inc_numa_state+0x10/0x50 [ 848.582683][T13822] ? rmqueue_pcplist+0x152/0x190 [ 848.587677][T13822] ? ext4_readpage+0x140/0x140 [ 848.592523][T13822] do_writepages+0x7b/0x150 [ 848.597124][T13822] filemap_write_and_wait_range+0x20a/0x390 [ 848.603133][T13822] __iomap_dio_rw+0x500/0xad0 [ 848.607898][T13822] ? ext4_orphan_add+0x7a/0x5f0 [ 848.612787][T13822] ? file_update_time+0x1bd/0x3e0 [ 848.617901][T13822] iomap_dio_rw+0x30/0x70 [ 848.622260][T13822] ? ext4_file_write_iter+0x4b1/0x11d0 [ 848.627785][T13822] ext4_file_write_iter+0xa04/0x11d0 [ 848.633298][T13822] ? ext4_file_write_iter+0x4b1/0x11d0 [ 848.638927][T13822] ? rw_verify_area+0x136/0x250 [ 848.643853][T13822] vfs_write+0x69d/0x770 [ 848.648101][T13822] ksys_write+0xce/0x180 [ 848.652343][T13822] __x64_sys_write+0x3e/0x50 [ 848.656943][T13822] do_syscall_64+0x4a/0x90 [ 848.661354][T13822] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 848.667275][T13822] RIP: 0033:0x4665d9 [ 848.671320][T13822] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 848.690935][T13822] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 848.699346][T13822] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 848.707325][T13822] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 848.715818][T13822] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 848.723831][T13822] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 848.731795][T13822] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 13:21:30 executing program 2 (fault-call:7 fault-nth:9): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) [ 848.789127][T13810] loop4: detected capacity change from 0 to 88321 [ 848.816742][T13838] loop3: detected capacity change from 0 to 44288 [ 848.836004][T13810] loop4: p1 p2 p3 p4 [ 848.840376][T13810] loop4: p1 size 11292159 extends beyond EOD, truncated [ 848.851043][T13838] loop3: p1 p2 p3 p4 [ 848.857041][T13844] FAULT_INJECTION: forcing a failure. [ 848.857041][T13844] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 848.860350][T13838] loop3: p1 size 11292159 extends beyond EOD, [ 848.870247][T13844] CPU: 0 PID: 13844 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 848.870273][T13844] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 848.870284][T13844] Call Trace: [ 848.870292][T13844] dump_stack+0x137/0x19d [ 848.876488][T13838] truncated [ 848.886081][T13844] should_fail+0x23c/0x250 [ 848.886108][T13844] __alloc_pages+0x102/0x320 [ 848.886127][T13844] kmem_getpages+0x1a/0xd0 [ 848.909237][T13810] loop4: p4 size 3657465856 extends beyond EOD, [ 848.912143][T13844] cache_grow_begin+0x4c/0x1a0 [ 848.916851][T13810] truncated [ 848.921253][T13844] cache_alloc_refill+0x326/0x3d0 [ 848.930506][T13838] loop3: p4 size 3657465856 extends beyond EOD, [ 848.932330][T13844] ? should_fail+0xd6/0x250 [ 848.935462][T13838] truncated [ 848.940445][T13844] ? mempool_alloc_slab+0x16/0x20 [ 848.959372][T13844] kmem_cache_alloc+0x26c/0x2f0 [ 848.964316][T13844] ? mempool_alloc_slab+0x16/0x20 [ 848.970057][T13844] mempool_alloc_slab+0x16/0x20 [ 848.975261][T13844] ? mempool_free+0x130/0x130 [ 848.979944][T13844] mempool_alloc+0x8c/0x300 [ 848.984532][T13844] ? unlock_page_memcg+0xc3/0xe0 [ 848.989481][T13844] bio_alloc_bioset+0x1af/0x480 [ 848.994620][T13844] ext4_bio_write_page+0x7c5/0xa40 [ 849.000304][T13844] ext4_writepages+0x1050/0x1d10 [ 849.005246][T13844] ? __list_del_entry_valid+0x54/0xc0 [ 849.010621][T13844] ? __inc_numa_state+0x10/0x50 [ 849.015472][T13844] ? rmqueue_pcplist+0x152/0x190 [ 849.020431][T13844] ? ext4_readpage+0x140/0x140 [ 849.025200][T13844] do_writepages+0x7b/0x150 [ 849.030224][T13844] filemap_write_and_wait_range+0x20a/0x390 [ 849.036238][T13844] __iomap_dio_rw+0x500/0xad0 [ 849.041362][T13844] ? ext4_orphan_add+0x7a/0x5f0 [ 849.046864][T13844] ? file_update_time+0x1bd/0x3e0 [ 849.052115][T13844] iomap_dio_rw+0x30/0x70 [ 849.058120][T13844] ? ext4_file_write_iter+0x4b1/0x11d0 [ 849.064326][T13844] ext4_file_write_iter+0xa04/0x11d0 [ 849.069700][T13844] ? ext4_file_write_iter+0x4b1/0x11d0 [ 849.075562][T13844] ? rw_verify_area+0x136/0x250 [ 849.080521][T13844] vfs_write+0x69d/0x770 [ 849.084780][T13844] ksys_write+0xce/0x180 [ 849.089018][T13844] __x64_sys_write+0x3e/0x50 [ 849.095145][T13844] do_syscall_64+0x4a/0x90 [ 849.099578][T13844] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 849.105495][T13844] RIP: 0033:0x4665d9 [ 849.109393][T13844] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 849.130054][T13844] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 849.139824][T13844] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 849.148265][T13844] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 849.157763][T13844] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 849.165754][T13844] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 849.173867][T13844] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 13:21:31 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff00b00a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 849.306296][T13874] loop4: detected capacity change from 0 to 55553 [ 849.365622][T13874] loop4: p1 p2 p3 p4 [ 849.369848][T13874] loop4: p1 size 11292159 extends beyond EOD, truncated [ 849.378226][T13874] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:21:32 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66", 0x97}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:21:32 executing program 2 (fault-call:7 fault-nth:10): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) 13:21:32 executing program 3: syz_read_part_table(0x2, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:21:32 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff00c00a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 850.431067][T13891] loop4: detected capacity change from 0 to 44288 [ 850.449476][T13894] loop3: detected capacity change from 0 to 44288 [ 850.466158][T13896] FAULT_INJECTION: forcing a failure. [ 850.466158][T13896] name failslab, interval 1, probability 0, space 0, times 0 [ 850.479074][T13896] CPU: 0 PID: 13896 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 850.487960][T13896] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 850.498029][T13896] Call Trace: [ 850.501396][T13896] dump_stack+0x137/0x19d [ 850.505823][T13896] should_fail+0x23c/0x250 [ 850.510251][T13896] ? xas_create+0x96b/0xb30 [ 850.514747][T13896] __should_failslab+0x81/0x90 [ 850.519517][T13896] should_failslab+0x5/0x20 [ 850.524010][T13896] kmem_cache_alloc+0x46/0x2f0 [ 850.528830][T13896] xas_create+0x96b/0xb30 [ 850.533199][T13896] xas_store+0x70/0xca0 [ 850.537372][T13896] ? xas_find_conflict+0x422/0x4c0 [ 850.542616][T13896] __add_to_page_cache_locked+0x1eb/0x4e0 [ 850.548780][T13896] ? workingset_activation+0x270/0x270 [ 850.554245][T13896] add_to_page_cache_lru+0xa0/0x1b0 [ 850.559554][T13896] pagecache_get_page+0x6a3/0x900 [ 850.564573][T13896] ext4_block_zero_page_range+0xa0/0x620 [ 850.570204][T13896] ext4_truncate+0x6c2/0xa80 [ 850.575322][T13896] ext4_file_write_iter+0x106c/0x11d0 [ 850.581423][T13896] ? rw_verify_area+0x136/0x250 [ 850.586283][T13896] vfs_write+0x69d/0x770 [ 850.590541][T13896] ksys_write+0xce/0x180 [ 850.594781][T13896] __x64_sys_write+0x3e/0x50 [ 850.599440][T13896] do_syscall_64+0x4a/0x90 [ 850.603887][T13896] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 850.609805][T13896] RIP: 0033:0x4665d9 [ 850.618036][T13896] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 850.638361][T13896] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 850.646815][T13896] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 850.655255][T13896] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 850.663515][T13896] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 850.671514][T13896] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 850.679510][T13896] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 [ 850.694289][T13891] loop4: p1 p2 p3 p4 [ 850.699523][T13894] loop3: p1 p2 p3 p4 [ 850.703570][T13894] loop3: p1 size 11292159 extends beyond EOD, truncated [ 850.703772][T13891] loop4: p1 size 11292159 extends beyond EOD, truncated [ 850.721403][T13894] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 850.735947][T13891] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:21:33 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:21:33 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66", 0x97}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:21:33 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff00d00a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:21:33 executing program 2 (fault-call:7 fault-nth:11): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) 13:21:33 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36c6d6", 0xc8}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:21:33 executing program 3: syz_read_part_table(0x3, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:21:33 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66", 0x97}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:21:33 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66", 0x97}], 0x4, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(0x0, 0x1e) ptrace$cont(0x18, 0x0, 0x0, 0x0) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, 0x0, 0x0, 0x0) 13:21:33 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36c6d6", 0xc8}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:21:33 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36c6d6", 0xc8}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:21:33 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66", 0x97}], 0x4, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(0x0, 0x1e) ptrace$cont(0x18, 0x0, 0x0, 0x0) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, 0x0, 0x0, 0x0) 13:21:33 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36c6d6", 0xc8}], 0x4, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(0x0, 0x1e) ptrace$cont(0x18, 0x0, 0x0, 0x0) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, 0x0, 0x0, 0x0) [ 851.327181][T13948] loop3: detected capacity change from 0 to 44288 [ 851.348934][T13950] loop4: detected capacity change from 0 to 264192 [ 851.372472][T13953] FAULT_INJECTION: forcing a failure. [ 851.372472][T13953] name failslab, interval 1, probability 0, space 0, times 0 [ 851.385800][T13953] CPU: 0 PID: 13953 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 851.395306][T13953] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 851.405754][T13953] Call Trace: [ 851.409032][T13953] dump_stack+0x137/0x19d [ 851.413361][T13953] should_fail+0x23c/0x250 [ 851.418050][T13953] ? xas_create+0x96b/0xb30 [ 851.422807][T13953] __should_failslab+0x81/0x90 [ 851.428111][T13953] should_failslab+0x5/0x20 [ 851.433829][T13953] kmem_cache_alloc+0x46/0x2f0 [ 851.438678][T13953] xas_create+0x96b/0xb30 [ 851.443208][T13953] xas_store+0x70/0xca0 [ 851.448617][T13953] ? xas_find_conflict+0x422/0x4c0 [ 851.455769][T13953] __add_to_page_cache_locked+0x1eb/0x4e0 [ 851.461537][T13953] ? workingset_activation+0x270/0x270 [ 851.467845][T13953] add_to_page_cache_lru+0xa0/0x1b0 [ 851.473085][T13953] pagecache_get_page+0x6a3/0x900 [ 851.478320][T13953] ext4_block_zero_page_range+0xa0/0x620 [ 851.484775][T13953] ext4_truncate+0x6c2/0xa80 [ 851.489355][T13953] ext4_file_write_iter+0x106c/0x11d0 [ 851.494988][T13953] ? rw_verify_area+0x136/0x250 [ 851.499866][T13953] vfs_write+0x69d/0x770 [ 851.504103][T13953] ksys_write+0xce/0x180 [ 851.508349][T13953] __x64_sys_write+0x3e/0x50 [ 851.513014][T13953] do_syscall_64+0x4a/0x90 [ 851.517730][T13953] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 851.524263][T13953] RIP: 0033:0x4665d9 [ 851.528456][T13953] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 851.551537][T13953] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 851.560311][T13953] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 851.568280][T13953] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 851.576349][T13953] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 851.585607][T13953] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 851.594371][T13953] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 [ 851.627230][T13950] loop4: p1 p2 p3 p4 [ 851.631596][T13950] loop4: p1 size 11292159 extends beyond EOD, truncated [ 851.632345][T13948] loop3: p1 p2 p3 p4 [ 851.660826][T13950] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 851.664054][T13948] loop3: p1 size 11292159 extends beyond EOD, truncated [ 851.707767][T13948] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 851.767901][T13948] loop3: detected capacity change from 0 to 44288 [ 851.804222][T13948] loop3: p1 p2 p3 p4 [ 851.808348][T13948] loop3: p1 size 11292159 extends beyond EOD, truncated [ 851.816996][T13948] loop3: p4 size 3657465856 extends beyond EOD, truncated 13:21:36 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36", 0xc6}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:21:36 executing program 2 (fault-call:7 fault-nth:12): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) 13:21:36 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66", 0x97}], 0x4, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(0x0, 0x1e) ptrace$cont(0x18, 0x0, 0x0, 0x0) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, 0x0, 0x0, 0x0) 13:21:36 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36c6d6", 0xc8}], 0x4, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(0x0, 0x1e) ptrace$cont(0x18, 0x0, 0x0, 0x0) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, 0x0, 0x0, 0x0) 13:21:36 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff00e00a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:21:36 executing program 3: syz_read_part_table(0x4, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:21:36 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66", 0x97}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:21:36 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66", 0x97}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:21:36 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36c6d6", 0xc8}], 0x4, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(0x0, 0x1e) ptrace$cont(0x18, 0x0, 0x0, 0x0) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, 0x0, 0x0, 0x0) [ 853.973151][T14029] loop3: detected capacity change from 0 to 44288 [ 853.982327][T14026] FAULT_INJECTION: forcing a failure. [ 853.982327][T14026] name failslab, interval 1, probability 0, space 0, times 0 [ 853.996053][T14026] CPU: 1 PID: 14026 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 854.002809][T14032] loop4: detected capacity change from 0 to 264192 [ 854.004825][T14026] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 13:21:36 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36c6d6", 0xc8}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:21:36 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36", 0xc6}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) [ 854.022016][T14026] Call Trace: [ 854.025294][T14026] dump_stack+0x137/0x19d [ 854.029717][T14026] should_fail+0x23c/0x250 [ 854.034158][T14026] ? mempool_alloc_slab+0x16/0x20 [ 854.039196][T14026] __should_failslab+0x81/0x90 [ 854.044136][T14026] should_failslab+0x5/0x20 [ 854.048643][T14026] kmem_cache_alloc+0x46/0x2f0 [ 854.053412][T14026] mempool_alloc_slab+0x16/0x20 [ 854.058289][T14026] ? mempool_free+0x130/0x130 [ 854.062988][T14026] mempool_alloc+0x8c/0x300 [ 854.067585][T14026] ? ext4_es_lookup_extent+0x36b/0x490 13:21:36 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36c6d6", 0xc8}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:21:36 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66", 0x97}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) [ 854.073077][T14026] bio_alloc_bioset+0xcc/0x480 [ 854.077912][T14026] ? ext4_map_blocks+0x597/0xef0 [ 854.082860][T14026] submit_bh_wbc+0x130/0x330 [ 854.087555][T14026] submit_bh+0x21/0x30 [ 854.091631][T14026] ? __wait_on_buffer+0x60/0x60 [ 854.098139][T14026] ext4_read_bh+0xdf/0x190 [ 854.102672][T14026] ext4_read_bh_lock+0x44/0xd0 [ 854.107450][T14026] ext4_block_zero_page_range+0x350/0x620 [ 854.113532][T14026] ext4_truncate+0x6c2/0xa80 [ 854.119274][T14026] ext4_file_write_iter+0x106c/0x11d0 [ 854.124798][T14026] ? rw_verify_area+0x136/0x250 [ 854.129733][T14026] vfs_write+0x69d/0x770 [ 854.133976][T14026] ksys_write+0xce/0x180 [ 854.138221][T14026] __x64_sys_write+0x3e/0x50 [ 854.142785][T14026] do_syscall_64+0x4a/0x90 [ 854.147195][T14026] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 854.153107][T14026] RIP: 0033:0x4665d9 [ 854.157006][T14026] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 854.176756][T14026] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 854.185176][T14026] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 854.193132][T14026] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 854.201087][T14026] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 854.209056][T14026] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 13:21:36 executing program 2 (fault-call:7 fault-nth:13): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) 13:21:36 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36", 0xc6}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) [ 854.217038][T14026] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 13:21:36 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36c6d6", 0xc8}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) [ 854.289060][T14032] loop4: p1 p2 p3 p4 [ 854.293128][T14032] loop4: p1 size 11292159 extends beyond EOD, truncated [ 854.300276][T14029] loop3: p1 p2 p3 p4 [ 854.304307][T14029] loop3: p1 size 11292159 extends beyond EOD, truncated [ 854.334914][T14029] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 854.345821][T14032] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 854.374138][T14075] FAULT_INJECTION: forcing a failure. [ 854.374138][T14075] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 854.387415][T14075] CPU: 0 PID: 14075 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 854.396391][T14075] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 854.406448][T14075] Call Trace: [ 854.409738][T14075] dump_stack+0x137/0x19d [ 854.414068][T14075] should_fail+0x23c/0x250 [ 854.419088][T14075] __alloc_pages+0x102/0x320 [ 854.423677][T14075] alloc_pages+0x21d/0x310 [ 854.428139][T14075] __page_cache_alloc+0x4d/0xf0 [ 854.433012][T14075] pagecache_get_page+0x5f4/0x900 [ 854.438039][T14075] grab_cache_page_write_begin+0x3f/0x70 [ 854.443864][T14075] ext4_da_write_begin+0x305/0x820 [ 854.448988][T14075] ? iov_iter_fault_in_readable+0x1b5/0x3a0 [ 854.454915][T14075] generic_perform_write+0x196/0x3a0 [ 854.460232][T14075] ext4_buffered_write_iter+0x2f2/0x3f0 [ 854.465784][T14075] ext4_file_write_iter+0xd01/0x11d0 [ 854.471078][T14075] ? rw_verify_area+0x136/0x250 [ 854.475937][T14075] vfs_write+0x69d/0x770 [ 854.480185][T14075] ksys_write+0xce/0x180 [ 854.484417][T14075] __x64_sys_write+0x3e/0x50 [ 854.489004][T14075] do_syscall_64+0x4a/0x90 [ 854.493422][T14075] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 854.499333][T14075] RIP: 0033:0x4665d9 [ 854.503233][T14075] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 854.523692][T14075] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 854.532112][T14075] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 854.540084][T14075] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 854.548053][T14075] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 854.556023][T14075] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 854.564007][T14075] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 [ 854.602314][T14029] loop3: detected capacity change from 0 to 44288 [ 854.605436][T14032] loop4: detected capacity change from 0 to 264192 [ 854.621445][T14029] loop3: p1 p2 p3 p4 [ 854.628191][T14032] loop4: p1 p2 p3 p4 [ 854.633306][T14029] loop3: p1 size 11292159 extends beyond EOD, truncated [ 854.637949][T14032] loop4: p1 size 11292159 extends beyond EOD, truncated [ 854.641584][T14029] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 854.651029][T14032] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:21:36 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff00f00a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:21:36 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36c6d6", 0xc8}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:21:36 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36", 0xc6}], 0x4, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(0x0, 0x1e) ptrace$cont(0x18, 0x0, 0x0, 0x0) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, 0x0, 0x0, 0x0) 13:21:36 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66", 0x97}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:21:36 executing program 2 (fault-call:7 fault-nth:14): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) 13:21:36 executing program 3: syz_read_part_table(0x5, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:21:36 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36", 0xc6}], 0x4, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(0x0, 0x1e) ptrace$cont(0x18, 0x0, 0x0, 0x0) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, 0x0, 0x0, 0x0) [ 854.744373][T14129] FAULT_INJECTION: forcing a failure. [ 854.744373][T14129] name failslab, interval 1, probability 0, space 0, times 0 [ 854.757039][T14129] CPU: 0 PID: 14129 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 854.765825][T14129] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 854.775989][T14129] Call Trace: [ 854.779274][T14129] dump_stack+0x137/0x19d [ 854.783617][T14129] should_fail+0x23c/0x250 [ 854.788053][T14129] ? xas_create+0x96b/0xb30 [ 854.792603][T14129] __should_failslab+0x81/0x90 [ 854.797421][T14129] should_failslab+0x5/0x20 [ 854.801929][T14129] kmem_cache_alloc+0x46/0x2f0 [ 854.806763][T14129] xas_create+0x96b/0xb30 [ 854.811093][T14129] ? __blk_mq_delay_run_hw_queue+0x2d2/0x2f0 [ 854.817124][T14129] xas_store+0x70/0xca0 [ 854.821294][T14129] ? xas_find_conflict+0xb9/0x4c0 [ 854.826339][T14129] __add_to_page_cache_locked+0x1eb/0x4e0 [ 854.832085][T14129] ? workingset_activation+0x270/0x270 [ 854.837561][T14129] add_to_page_cache_lru+0xa0/0x1b0 [ 854.842790][T14129] pagecache_get_page+0x6a3/0x900 [ 854.847825][T14129] grab_cache_page_write_begin+0x3f/0x70 [ 854.853747][T14129] ext4_da_write_begin+0x305/0x820 [ 854.858865][T14129] ? iov_iter_fault_in_readable+0x1b5/0x3a0 [ 854.864761][T14129] generic_perform_write+0x196/0x3a0 [ 854.870048][T14129] ext4_buffered_write_iter+0x2f2/0x3f0 [ 854.875675][T14129] ext4_file_write_iter+0xd01/0x11d0 [ 854.881088][T14129] ? rw_verify_area+0x136/0x250 [ 854.885946][T14129] vfs_write+0x69d/0x770 [ 854.890189][T14129] ksys_write+0xce/0x180 [ 854.894428][T14129] __x64_sys_write+0x3e/0x50 [ 854.899024][T14129] do_syscall_64+0x4a/0x90 [ 854.903487][T14129] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 854.909402][T14129] RIP: 0033:0x4665d9 [ 854.913297][T14129] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 854.932903][T14129] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 13:21:37 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36", 0xc6}], 0x4, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(0x0, 0x1e) ptrace$cont(0x18, 0x0, 0x0, 0x0) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, 0x0, 0x0, 0x0) [ 854.941342][T14129] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 854.949352][T14129] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 854.957327][T14129] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 854.965469][T14129] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 854.973452][T14129] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 13:21:37 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36", 0xc6}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:21:37 executing program 2 (fault-call:7 fault-nth:15): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) 13:21:37 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36", 0xc6}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) [ 855.002038][T14143] loop3: detected capacity change from 0 to 44288 [ 855.045605][T14143] loop3: p1 p2 p3 p4 [ 855.052991][T14143] loop3: p1 size 11292159 extends beyond EOD, truncated [ 855.062036][T14143] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 855.075627][ T1036] loop3: p1 p2 p3 p4 [ 855.080031][ T1036] loop3: p1 size 11292159 extends beyond EOD, truncated [ 855.083929][T14169] loop4: detected capacity change from 0 to 264192 13:21:37 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36", 0xc6}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) [ 855.088347][ T1036] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 855.114748][T14172] FAULT_INJECTION: forcing a failure. [ 855.114748][T14172] name failslab, interval 1, probability 0, space 0, times 0 [ 855.127528][T14172] CPU: 0 PID: 14172 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 855.136337][T14172] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 855.146396][T14172] Call Trace: [ 855.149672][T14172] dump_stack+0x137/0x19d [ 855.154009][T14172] should_fail+0x23c/0x250 [ 855.158564][T14172] ? __es_insert_extent+0x51f/0xe70 [ 855.163770][T14172] __should_failslab+0x81/0x90 [ 855.168554][T14172] should_failslab+0x5/0x20 [ 855.173064][T14172] kmem_cache_alloc+0x46/0x2f0 [ 855.177826][T14172] __es_insert_extent+0x51f/0xe70 [ 855.182845][T14172] ? xas_create+0xae3/0xb30 [ 855.187519][T14172] ext4_es_insert_delayed_block+0xfb/0x370 [ 855.193315][T14172] ? ext4_claim_free_clusters+0x5b/0x80 [ 855.198907][T14172] ext4_da_get_block_prep+0x582/0x9b0 [ 855.204284][T14172] __block_write_begin_int+0x4a2/0x1060 [ 855.209908][T14172] ? ext4_da_release_space+0x230/0x230 [ 855.215452][T14172] ? ext4_da_write_begin+0x410/0x820 [ 855.220793][T14172] ? ext4_da_release_space+0x230/0x230 [ 855.226243][T14172] __block_write_begin+0x2b/0x40 [ 855.231197][T14172] ext4_da_write_begin+0x4c8/0x820 [ 855.236343][T14172] generic_perform_write+0x196/0x3a0 [ 855.241676][T14172] ext4_buffered_write_iter+0x2f2/0x3f0 [ 855.247224][T14172] ext4_file_write_iter+0xd01/0x11d0 [ 855.252535][T14172] ? rw_verify_area+0x136/0x250 [ 855.257436][T14172] vfs_write+0x69d/0x770 [ 855.261677][T14172] ksys_write+0xce/0x180 [ 855.265903][T14172] __x64_sys_write+0x3e/0x50 [ 855.270493][T14172] do_syscall_64+0x4a/0x90 [ 855.274895][T14172] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 855.280782][T14172] RIP: 0033:0x4665d9 [ 855.284672][T14172] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 855.304270][T14172] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 855.314515][T14172] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 855.322495][T14172] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 855.330521][T14172] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 855.338475][T14172] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 855.346432][T14172] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 [ 855.354894][T14169] loop4: p1 p2 p3 p4 [ 855.358985][T14169] loop4: p1 size 11292159 extends beyond EOD, truncated [ 855.376399][T14169] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 855.395379][ T1036] loop4: p1 p2 p3 p4 [ 855.399876][ T1036] loop4: p1 size 11292159 extends beyond EOD, truncated [ 855.410848][ T1036] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:21:37 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff02000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 855.468714][T14169] loop4: detected capacity change from 0 to 264192 [ 855.565248][T14215] loop4: detected capacity change from 0 to 264192 [ 855.617429][T14215] loop4: p1 p2 p3 p4 [ 855.622013][T14215] loop4: p1 size 11292159 extends beyond EOD, truncated [ 855.650076][T14215] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:21:39 executing program 3: syz_read_part_table(0x6, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:21:39 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36", 0xc6}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:21:39 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66", 0x97}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:21:39 executing program 2 (fault-call:7 fault-nth:16): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) 13:21:39 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36c6d6", 0xc8}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:21:39 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff03000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 857.740863][T14237] loop3: detected capacity change from 0 to 44288 [ 857.765666][T14245] loop4: detected capacity change from 0 to 264192 [ 857.787520][T14243] FAULT_INJECTION: forcing a failure. [ 857.787520][T14243] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 857.800625][T14243] CPU: 0 PID: 14243 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 857.810438][T14243] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 857.813576][T14245] loop4: p1 p2 p3 p4 [ 857.820558][T14243] Call Trace: [ 857.820570][T14243] dump_stack+0x137/0x19d [ 857.820598][T14243] should_fail+0x23c/0x250 [ 857.824940][T14245] loop4: p1 size 11292159 extends beyond EOD, [ 857.827962][T14243] should_fail_usercopy+0x16/0x20 [ 857.832262][T14245] truncated [ 857.834393][T14245] loop4: p4 size 3657465856 extends beyond EOD, [ 857.836831][T14243] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 857.836860][T14243] generic_perform_write+0x1e4/0x3a0 [ 857.842997][T14245] truncated [ 857.872093][T14243] ext4_buffered_write_iter+0x2f2/0x3f0 [ 857.877715][T14243] ext4_file_write_iter+0xd01/0x11d0 [ 857.883005][T14243] ? rw_verify_area+0x136/0x250 [ 857.887861][T14243] vfs_write+0x69d/0x770 [ 857.892128][T14243] ksys_write+0xce/0x180 [ 857.896373][T14243] __x64_sys_write+0x3e/0x50 [ 857.900962][T14243] do_syscall_64+0x4a/0x90 [ 857.905450][T14243] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 857.911365][T14243] RIP: 0033:0x4665d9 [ 857.915239][T14243] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 857.934845][T14243] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 857.943276][T14243] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 857.951360][T14243] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 857.959334][T14243] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 857.967351][T14243] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 857.975400][T14243] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 [ 857.984962][T14237] loop3: p1 p2 p3 p4 13:21:40 executing program 2 (fault-call:7 fault-nth:17): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) 13:21:40 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff04000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 857.989389][T14237] loop3: p1 size 11292159 extends beyond EOD, truncated [ 857.998310][T14237] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 858.070411][T14237] loop3: detected capacity change from 0 to 44288 [ 858.076770][T14285] FAULT_INJECTION: forcing a failure. [ 858.076770][T14285] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 858.090164][T14285] CPU: 1 PID: 14285 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 858.098983][T14285] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 858.109029][T14285] Call Trace: [ 858.112290][T14285] dump_stack+0x137/0x19d [ 858.116604][T14285] should_fail+0x23c/0x250 [ 858.121021][T14285] __alloc_pages+0x102/0x320 [ 858.125604][T14285] alloc_pages+0x21d/0x310 [ 858.130049][T14285] __page_cache_alloc+0x4d/0xf0 [ 858.134878][T14285] pagecache_get_page+0x5f4/0x900 [ 858.139897][T14285] grab_cache_page_write_begin+0x3f/0x70 [ 858.145622][T14285] ext4_da_write_begin+0x305/0x820 [ 858.150721][T14285] ? iov_iter_fault_in_readable+0x1b5/0x3a0 [ 858.156598][T14285] generic_perform_write+0x196/0x3a0 [ 858.161889][T14285] ? ext4_da_write_begin+0x820/0x820 [ 858.167155][T14285] ext4_buffered_write_iter+0x2f2/0x3f0 [ 858.172719][T14285] ext4_file_write_iter+0xd01/0x11d0 [ 858.178066][T14285] ? rw_verify_area+0x136/0x250 [ 858.182901][T14285] vfs_write+0x69d/0x770 [ 858.187140][T14285] ksys_write+0xce/0x180 [ 858.191372][T14285] __x64_sys_write+0x3e/0x50 [ 858.196048][T14285] do_syscall_64+0x4a/0x90 [ 858.200505][T14285] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 858.206509][T14285] RIP: 0033:0x4665d9 [ 858.210399][T14285] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 858.230008][T14285] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 858.238415][T14285] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 858.246385][T14285] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 858.254352][T14285] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 858.262303][T14285] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 13:21:40 executing program 2 (fault-call:7 fault-nth:18): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) [ 858.270252][T14285] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 [ 858.300930][T14237] loop3: p1 p2 p3 p4 [ 858.306331][T14237] loop3: p1 size 11292159 extends beyond EOD, truncated [ 858.325942][T14296] loop4: detected capacity change from 0 to 264192 [ 858.327061][T14237] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 858.355762][T14296] loop4: p1 p2 p3 p4 [ 858.360090][T14302] FAULT_INJECTION: forcing a failure. [ 858.360090][T14302] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 858.365601][T14296] loop4: p1 size 11292159 extends beyond EOD, truncated [ 858.373167][T14302] CPU: 0 PID: 14302 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 858.381748][T14296] loop4: p4 size 3657465856 extends beyond EOD, [ 858.388775][T14302] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 858.388789][T14302] Call Trace: [ 858.388797][T14302] dump_stack+0x137/0x19d [ 858.395214][T14296] truncated [ 858.415939][T14302] should_fail+0x23c/0x250 [ 858.420418][T14302] should_fail_usercopy+0x16/0x20 [ 858.425476][T14302] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 858.431580][T14302] generic_perform_write+0x1e4/0x3a0 [ 858.436863][T14302] ? ext4_da_write_begin+0x820/0x820 [ 858.442163][T14302] ext4_buffered_write_iter+0x2f2/0x3f0 [ 858.447946][T14302] ext4_file_write_iter+0xd01/0x11d0 [ 858.453235][T14302] ? rw_verify_area+0x136/0x250 [ 858.458160][T14302] vfs_write+0x69d/0x770 [ 858.462411][T14302] ksys_write+0xce/0x180 [ 858.466646][T14302] __x64_sys_write+0x3e/0x50 [ 858.471229][T14302] do_syscall_64+0x4a/0x90 [ 858.475712][T14302] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 858.481607][T14302] RIP: 0033:0x4665d9 [ 858.485541][T14302] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 858.505630][T14302] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 858.514065][T14302] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 13:21:40 executing program 3: syz_read_part_table(0x7, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:21:40 executing program 2 (fault-call:7 fault-nth:19): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) [ 858.522038][T14302] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 858.530013][T14302] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 858.537986][T14302] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 858.546016][T14302] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 13:21:40 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff05000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 858.638958][T14328] loop3: detected capacity change from 0 to 44288 [ 858.654844][T14325] FAULT_INJECTION: forcing a failure. [ 858.654844][T14325] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 858.668314][T14325] CPU: 1 PID: 14325 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 858.677072][T14325] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 858.687137][T14325] Call Trace: [ 858.690399][T14325] dump_stack+0x137/0x19d [ 858.694809][T14325] should_fail+0x23c/0x250 [ 858.699241][T14325] __alloc_pages+0x102/0x320 [ 858.703845][T14325] alloc_pages+0x21d/0x310 [ 858.708262][T14325] __page_cache_alloc+0x4d/0xf0 [ 858.713098][T14325] pagecache_get_page+0x5f4/0x900 [ 858.718107][T14325] grab_cache_page_write_begin+0x3f/0x70 [ 858.723847][T14325] ext4_da_write_begin+0x305/0x820 [ 858.729000][T14325] ? iov_iter_fault_in_readable+0x1b5/0x3a0 [ 858.734894][T14325] generic_perform_write+0x196/0x3a0 [ 858.740163][T14325] ? ext4_da_write_begin+0x820/0x820 [ 858.745447][T14325] ext4_buffered_write_iter+0x2f2/0x3f0 [ 858.751121][T14325] ext4_file_write_iter+0xd01/0x11d0 [ 858.756749][T14325] ? rw_verify_area+0x136/0x250 [ 858.761611][T14325] vfs_write+0x69d/0x770 [ 858.765935][T14325] ksys_write+0xce/0x180 [ 858.770221][T14325] __x64_sys_write+0x3e/0x50 [ 858.774795][T14325] do_syscall_64+0x4a/0x90 [ 858.779229][T14325] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 858.785130][T14325] RIP: 0033:0x4665d9 [ 858.789021][T14325] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 858.808750][T14325] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 858.817219][T14325] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 858.825717][T14325] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 13:21:41 executing program 2 (fault-call:7 fault-nth:20): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) [ 858.833679][T14325] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 858.841731][T14325] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 858.849738][T14325] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 [ 858.877324][T14331] loop4: detected capacity change from 0 to 44288 [ 858.942364][T14328] loop3: p1 p2 p3 p4 [ 858.946684][T14331] loop4: p1 p2 p3 p4 [ 858.950790][T14328] loop3: p1 size 11292159 extends beyond EOD, truncated [ 858.960254][T14331] loop4: p1 size 11292159 extends beyond EOD, truncated [ 858.974582][T14328] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 858.982881][T14331] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 859.004536][T14340] FAULT_INJECTION: forcing a failure. [ 859.004536][T14340] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 859.018237][T14340] CPU: 1 PID: 14340 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 859.027052][T14340] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 859.037322][T14340] Call Trace: [ 859.040604][T14340] dump_stack+0x137/0x19d [ 859.044950][T14340] should_fail+0x23c/0x250 [ 859.049395][T14340] should_fail_usercopy+0x16/0x20 [ 859.054429][T14340] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 859.060506][T14340] generic_perform_write+0x1e4/0x3a0 [ 859.065793][T14340] ? ext4_da_write_begin+0x820/0x820 [ 859.071133][T14340] ext4_buffered_write_iter+0x2f2/0x3f0 [ 859.076707][T14340] ext4_file_write_iter+0xd01/0x11d0 [ 859.081998][T14340] ? rw_verify_area+0x136/0x250 [ 859.086851][T14340] vfs_write+0x69d/0x770 [ 859.091100][T14340] ksys_write+0xce/0x180 [ 859.095347][T14340] __x64_sys_write+0x3e/0x50 [ 859.100023][T14340] do_syscall_64+0x4a/0x90 [ 859.104438][T14340] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 859.110366][T14340] RIP: 0033:0x4665d9 [ 859.114253][T14340] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 859.133948][T14340] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 859.142366][T14340] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 859.150333][T14340] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 859.158342][T14340] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 859.166308][T14340] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 859.174302][T14340] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 13:21:42 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36", 0xc6}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:21:42 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66", 0x97}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:21:42 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff07000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:21:42 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36c6d6", 0xc8}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:21:42 executing program 2 (fault-call:7 fault-nth:21): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) 13:21:42 executing program 3: syz_read_part_table(0x8, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 860.802638][T14379] loop4: detected capacity change from 0 to 44288 [ 860.803307][T14375] loop3: detected capacity change from 0 to 44288 [ 860.824618][T14373] FAULT_INJECTION: forcing a failure. [ 860.824618][T14373] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 860.838683][T14373] CPU: 0 PID: 14373 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 860.847447][T14373] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 860.857491][T14373] Call Trace: [ 860.860776][T14373] dump_stack+0x137/0x19d [ 860.865174][T14373] should_fail+0x23c/0x250 [ 860.869592][T14373] __alloc_pages+0x102/0x320 [ 860.874181][T14373] alloc_pages+0x21d/0x310 [ 860.878582][T14373] __page_cache_alloc+0x4d/0xf0 [ 860.883418][T14373] pagecache_get_page+0x5f4/0x900 [ 860.888455][T14373] grab_cache_page_write_begin+0x3f/0x70 [ 860.894080][T14373] ext4_da_write_begin+0x305/0x820 [ 860.899197][T14373] ? iov_iter_fault_in_readable+0x1b5/0x3a0 [ 860.905147][T14373] generic_perform_write+0x196/0x3a0 [ 860.910431][T14373] ? ext4_da_write_begin+0x820/0x820 [ 860.915700][T14373] ext4_buffered_write_iter+0x2f2/0x3f0 [ 860.921232][T14373] ext4_file_write_iter+0xd01/0x11d0 [ 860.926504][T14373] ? rw_verify_area+0x136/0x250 [ 860.931430][T14373] vfs_write+0x69d/0x770 [ 860.935668][T14373] ksys_write+0xce/0x180 [ 860.939966][T14373] __x64_sys_write+0x3e/0x50 [ 860.944592][T14373] do_syscall_64+0x4a/0x90 [ 860.949017][T14373] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 860.954985][T14373] RIP: 0033:0x4665d9 [ 860.958873][T14373] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 860.978483][T14373] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 860.986904][T14373] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 860.994896][T14373] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 13:21:43 executing program 2 (fault-call:7 fault-nth:22): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) [ 861.002873][T14373] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 861.010869][T14373] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 861.018840][T14373] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 [ 861.037771][T14379] loop4: p1 p2 p3 p4 [ 861.042518][T14375] loop3: p1 p2 p3 p4 [ 861.049670][T14379] loop4: p1 size 11292159 extends beyond EOD, truncated [ 861.054253][T14375] loop3: p1 size 11292159 extends beyond EOD, truncated [ 861.064385][T14379] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 861.072884][T14375] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 861.097885][T14398] FAULT_INJECTION: forcing a failure. [ 861.097885][T14398] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 861.110981][T14398] CPU: 0 PID: 14398 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 861.120186][T14398] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 861.130299][T14398] Call Trace: [ 861.133614][T14398] dump_stack+0x137/0x19d [ 861.137948][T14398] should_fail+0x23c/0x250 [ 861.142366][T14398] should_fail_usercopy+0x16/0x20 [ 861.147408][T14398] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 861.153554][T14398] generic_perform_write+0x1e4/0x3a0 [ 861.158864][T14398] ? ext4_da_write_begin+0x820/0x820 [ 861.164157][T14398] ext4_buffered_write_iter+0x2f2/0x3f0 [ 861.169751][T14398] ext4_file_write_iter+0xd01/0x11d0 [ 861.175039][T14398] ? rw_verify_area+0x136/0x250 [ 861.179915][T14398] vfs_write+0x69d/0x770 [ 861.184370][T14398] ksys_write+0xce/0x180 [ 861.188612][T14398] __x64_sys_write+0x3e/0x50 [ 861.193194][T14398] do_syscall_64+0x4a/0x90 [ 861.197638][T14398] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 861.203538][T14398] RIP: 0033:0x4665d9 [ 861.207436][T14398] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 861.227094][T14398] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 861.235542][T14398] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 861.243774][T14398] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 13:21:43 executing program 3: syz_read_part_table(0x9, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:21:43 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff08000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:21:43 executing program 2 (fault-call:7 fault-nth:23): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) [ 861.251796][T14398] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 861.259793][T14398] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 861.267939][T14398] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 [ 861.324556][T14412] FAULT_INJECTION: forcing a failure. [ 861.324556][T14412] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 861.338017][T14412] CPU: 0 PID: 14412 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 861.346813][T14412] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 861.357090][T14412] Call Trace: [ 861.360373][T14412] dump_stack+0x137/0x19d [ 861.364707][T14412] should_fail+0x23c/0x250 [ 861.369104][T14412] __alloc_pages+0x102/0x320 [ 861.373718][T14412] alloc_pages+0x21d/0x310 [ 861.378116][T14412] __page_cache_alloc+0x4d/0xf0 [ 861.382957][T14412] pagecache_get_page+0x5f4/0x900 [ 861.388004][T14412] grab_cache_page_write_begin+0x3f/0x70 [ 861.393627][T14412] ext4_da_write_begin+0x305/0x820 [ 861.398793][T14412] ? iov_iter_fault_in_readable+0x1b5/0x3a0 [ 861.404893][T14412] generic_perform_write+0x196/0x3a0 [ 861.410189][T14412] ? ext4_da_write_begin+0x820/0x820 [ 861.415482][T14412] ext4_buffered_write_iter+0x2f2/0x3f0 [ 861.421115][T14412] ext4_file_write_iter+0xd01/0x11d0 [ 861.426397][T14412] ? rw_verify_area+0x136/0x250 [ 861.431366][T14412] vfs_write+0x69d/0x770 [ 861.435587][T14412] ksys_write+0xce/0x180 [ 861.439815][T14412] __x64_sys_write+0x3e/0x50 [ 861.445282][T14412] do_syscall_64+0x4a/0x90 [ 861.451673][T14412] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 861.457732][T14412] RIP: 0033:0x4665d9 [ 861.461658][T14412] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 861.481376][T14412] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 861.489847][T14412] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 861.497898][T14412] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 861.505887][T14412] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 861.513867][T14412] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 13:21:43 executing program 2 (fault-call:7 fault-nth:24): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) [ 861.525592][T14412] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 [ 861.539501][T14404] loop3: detected capacity change from 0 to 44288 [ 861.546484][T14403] loop4: detected capacity change from 0 to 44288 [ 861.606702][T14403] loop4: p1 p2 p3 p4 [ 861.606820][T14404] loop3: p1 p2 p3 p4 [ 861.611235][T14403] loop4: p1 size 11292159 extends beyond EOD, truncated [ 861.619691][T14404] loop3: p1 size 11292159 extends beyond EOD, truncated [ 861.634226][T14403] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 861.652099][T14404] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 861.686078][T14433] FAULT_INJECTION: forcing a failure. [ 861.686078][T14433] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 861.699379][T14433] CPU: 1 PID: 14433 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 861.708269][T14433] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 861.718322][T14433] Call Trace: [ 861.721625][T14433] dump_stack+0x137/0x19d [ 861.725939][T14433] should_fail+0x23c/0x250 [ 861.730418][T14433] should_fail_usercopy+0x16/0x20 [ 861.735440][T14433] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 861.741579][T14433] generic_perform_write+0x1e4/0x3a0 [ 861.746852][T14433] ? ext4_da_write_begin+0x820/0x820 [ 861.752141][T14433] ext4_buffered_write_iter+0x2f2/0x3f0 [ 861.757673][T14433] ext4_file_write_iter+0xd01/0x11d0 [ 861.762946][T14433] ? rw_verify_area+0x136/0x250 [ 861.767786][T14433] vfs_write+0x69d/0x770 [ 861.772038][T14433] ksys_write+0xce/0x180 [ 861.776259][T14433] __x64_sys_write+0x3e/0x50 [ 861.781000][T14433] do_syscall_64+0x4a/0x90 [ 861.785403][T14433] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 861.791484][T14433] RIP: 0033:0x4665d9 [ 861.795380][T14433] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 861.815846][T14433] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 861.824343][T14433] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 13:21:44 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff09000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 861.832334][T14433] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 861.840290][T14433] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 861.848307][T14433] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 861.858528][T14433] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 [ 861.918332][T14457] loop4: detected capacity change from 0 to 44288 [ 861.955566][T14457] loop4: p1 p2 p3 p4 [ 861.959745][T14457] loop4: p1 size 11292159 extends beyond EOD, truncated [ 861.968143][T14457] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 861.978379][ T1036] loop4: p1 p2 p3 p4 [ 861.982435][ T1036] loop4: p1 size 11292159 extends beyond EOD, truncated [ 861.990977][ T1036] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 862.063520][T14457] loop4: detected capacity change from 0 to 44288 [ 862.105630][ T1036] loop4: p1 p2 p3 p4 [ 862.109756][ T1036] loop4: p1 size 11292159 extends beyond EOD, truncated [ 862.118398][ T1036] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 862.128351][T14457] loop4: p1 p2 p3 p4 [ 862.132411][T14457] loop4: p1 size 11292159 extends beyond EOD, truncated [ 862.141350][T14457] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:21:45 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36", 0xc6}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:21:45 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66", 0x97}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:21:45 executing program 3: syz_read_part_table(0xa, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:21:45 executing program 2 (fault-call:7 fault-nth:25): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) 13:21:45 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0f000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:21:45 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36c6d6", 0xc8}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) [ 863.822213][T14522] loop3: detected capacity change from 0 to 44288 [ 863.833713][T14518] loop4: detected capacity change from 0 to 44288 [ 863.853876][T14525] FAULT_INJECTION: forcing a failure. [ 863.853876][T14525] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 863.868574][T14525] CPU: 1 PID: 14525 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 863.875561][T14522] loop3: p1 p2 p3 p4 [ 863.877359][T14525] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 863.881592][T14522] loop3: p1 size 11292159 extends beyond EOD, [ 863.891388][T14525] Call Trace: [ 863.891399][T14525] dump_stack+0x137/0x19d [ 863.891441][T14525] should_fail+0x23c/0x250 [ 863.897611][T14522] truncated [ 863.902218][T14522] loop3: p4 size 3657465856 extends beyond EOD, [ 863.905248][T14525] __alloc_pages+0x102/0x320 [ 863.905272][T14525] alloc_pages+0x21d/0x310 [ 863.905290][T14525] __page_cache_alloc+0x4d/0xf0 [ 863.909692][T14522] truncated [ 863.936153][T14525] pagecache_get_page+0x5f4/0x900 [ 863.941181][T14525] grab_cache_page_write_begin+0x3f/0x70 [ 863.947690][T14525] ext4_da_write_begin+0x305/0x820 [ 863.952847][T14525] ? iov_iter_fault_in_readable+0x1b5/0x3a0 [ 863.958769][T14525] generic_perform_write+0x196/0x3a0 [ 863.966852][T14525] ? ext4_da_write_begin+0x820/0x820 [ 863.972147][T14525] ext4_buffered_write_iter+0x2f2/0x3f0 [ 863.977863][T14525] ext4_file_write_iter+0xd01/0x11d0 [ 863.983199][T14525] ? rw_verify_area+0x136/0x250 [ 863.988139][T14525] vfs_write+0x69d/0x770 [ 863.992472][T14525] ksys_write+0xce/0x180 [ 863.996722][T14525] __x64_sys_write+0x3e/0x50 [ 864.001397][T14525] do_syscall_64+0x4a/0x90 [ 864.005923][T14525] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 864.012208][T14525] RIP: 0033:0x4665d9 [ 864.016091][T14525] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 864.035985][T14525] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 864.044397][T14525] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 864.053092][T14525] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 864.063076][T14525] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 13:21:46 executing program 2 (fault-call:7 fault-nth:26): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) [ 864.071875][T14525] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 864.079838][T14525] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 [ 864.096882][T14518] loop4: p1 p2 p3 p4 [ 864.104768][T14518] loop4: p1 size 11292159 extends beyond EOD, truncated [ 864.135093][T14522] loop3: detected capacity change from 0 to 44288 [ 864.143696][T14518] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 864.155596][T14546] FAULT_INJECTION: forcing a failure. [ 864.155596][T14546] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 864.168873][T14546] CPU: 1 PID: 14546 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 864.177735][T14546] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 864.187801][T14546] Call Trace: [ 864.191074][T14546] dump_stack+0x137/0x19d [ 864.195412][T14546] should_fail+0x23c/0x250 [ 864.199870][T14546] should_fail_usercopy+0x16/0x20 [ 864.204875][T14546] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 864.210945][T14546] generic_perform_write+0x1e4/0x3a0 [ 864.216255][T14546] ? ext4_da_write_begin+0x820/0x820 [ 864.221569][T14546] ext4_buffered_write_iter+0x2f2/0x3f0 [ 864.227110][T14546] ext4_file_write_iter+0xd01/0x11d0 [ 864.232425][T14546] ? rw_verify_area+0x136/0x250 [ 864.237285][T14546] vfs_write+0x69d/0x770 [ 864.241513][T14546] ksys_write+0xce/0x180 [ 864.245808][T14546] __x64_sys_write+0x3e/0x50 [ 864.250400][T14546] do_syscall_64+0x4a/0x90 [ 864.254812][T14546] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 864.260715][T14546] RIP: 0033:0x4665d9 [ 864.264591][T14546] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 864.284502][T14546] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 864.293048][T14546] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 864.301014][T14546] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 864.308978][T14546] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 864.317140][T14546] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 864.325198][T14546] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 13:21:46 executing program 2 (fault-call:7 fault-nth:27): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) [ 864.345155][T14522] loop3: p1 p2 p3 p4 [ 864.349562][T14522] loop3: p1 size 11292159 extends beyond EOD, truncated [ 864.367762][T14518] loop4: detected capacity change from 0 to 44288 [ 864.374682][T14522] loop3: p4 size 3657465856 extends beyond EOD, truncated 13:21:46 executing program 3: syz_read_part_table(0xb, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:21:46 executing program 3: syz_read_part_table(0xc, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 864.402620][T14518] loop4: p1 p2 p3 p4 [ 864.413801][T14518] loop4: p1 size 11292159 extends beyond EOD, truncated [ 864.438865][T14518] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 864.443812][T14569] FAULT_INJECTION: forcing a failure. 13:21:46 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff10000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 864.443812][T14569] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 864.459388][T14569] CPU: 1 PID: 14569 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 864.468159][T14569] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 864.478239][T14569] Call Trace: [ 864.481520][T14569] dump_stack+0x137/0x19d [ 864.485960][T14569] should_fail+0x23c/0x250 [ 864.490378][T14569] __alloc_pages+0x102/0x320 [ 864.495001][T14569] alloc_pages+0x21d/0x310 [ 864.499421][T14569] __page_cache_alloc+0x4d/0xf0 [ 864.504281][T14569] pagecache_get_page+0x5f4/0x900 [ 864.509378][T14569] grab_cache_page_write_begin+0x3f/0x70 [ 864.515043][T14569] ext4_da_write_begin+0x305/0x820 [ 864.520203][T14569] ? iov_iter_fault_in_readable+0x1b5/0x3a0 [ 864.526392][T14569] generic_perform_write+0x196/0x3a0 [ 864.531684][T14569] ? ext4_da_write_begin+0x820/0x820 [ 864.536978][T14569] ext4_buffered_write_iter+0x2f2/0x3f0 [ 864.542626][T14569] ext4_file_write_iter+0xd01/0x11d0 [ 864.547923][T14569] ? rw_verify_area+0x136/0x250 [ 864.552934][T14569] vfs_write+0x69d/0x770 [ 864.557175][T14569] ksys_write+0xce/0x180 [ 864.561409][T14569] __x64_sys_write+0x3e/0x50 [ 864.566118][T14569] do_syscall_64+0x4a/0x90 [ 864.570549][T14569] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 864.576471][T14569] RIP: 0033:0x4665d9 [ 864.580361][T14569] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 13:21:46 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff11000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 864.599991][T14569] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 864.608414][T14569] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 864.616866][T14569] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 864.624844][T14569] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 864.632891][T14569] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 864.640869][T14569] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 [ 864.683436][T14595] loop3: detected capacity change from 0 to 44288 [ 864.725583][T14595] loop3: p1 p2 p3 p4 [ 864.725741][T14610] loop4: detected capacity change from 0 to 51457 [ 864.729719][T14595] loop3: p1 size 11292159 extends beyond EOD, truncated [ 864.744054][T14595] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 864.753583][ T1036] loop3: p1 p2 p3 p4 [ 864.757941][ T1036] loop3: p1 size 11292159 extends beyond EOD, truncated [ 864.765626][T14610] loop4: p1 p2 p3 p4 [ 864.768893][ T1036] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 864.769933][T14610] loop4: p1 size 11292159 extends beyond EOD, truncated [ 864.785005][T14610] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 864.802664][T14595] loop3: detected capacity change from 0 to 44288 [ 864.848346][T14595] loop3: p1 p2 p3 p4 [ 864.857431][T14610] loop4: detected capacity change from 0 to 51457 [ 864.858325][T14595] loop3: p1 size 11292159 extends beyond EOD, truncated [ 864.874451][T14595] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 864.895583][T14610] loop4: p1 p2 p3 p4 [ 864.899782][T14610] loop4: p1 size 11292159 extends beyond EOD, truncated [ 864.908315][T14610] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 864.936813][ T1036] loop3: p1 p2 p3 p4 [ 864.940985][ T1036] loop3: p1 size 11292159 extends beyond EOD, truncated [ 864.949628][ T1036] loop3: p4 size 3657465856 extends beyond EOD, truncated 13:21:48 executing program 2 (fault-call:7 fault-nth:28): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) 13:21:49 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66", 0x97}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:21:49 executing program 3: syz_read_part_table(0xd, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:21:49 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff12000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:21:49 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36", 0xc6}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:21:49 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36c6d6", 0xc8}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) [ 866.791472][T14683] FAULT_INJECTION: forcing a failure. [ 866.791472][T14683] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 866.804681][T14683] CPU: 1 PID: 14683 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 866.813455][T14683] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 866.823664][T14683] Call Trace: [ 866.826963][T14683] dump_stack+0x137/0x19d [ 866.831320][T14683] should_fail+0x23c/0x250 [ 866.836041][T14683] should_fail_usercopy+0x16/0x20 [ 866.841072][T14683] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 866.847143][T14683] generic_perform_write+0x1e4/0x3a0 [ 866.852453][T14683] ? ext4_da_write_begin+0x820/0x820 [ 866.857796][T14683] ext4_buffered_write_iter+0x2f2/0x3f0 [ 866.863349][T14683] ext4_file_write_iter+0xd01/0x11d0 [ 866.867507][T14691] loop3: detected capacity change from 0 to 44288 [ 866.868687][T14683] ? rw_verify_area+0x136/0x250 [ 866.879979][T14683] vfs_write+0x69d/0x770 [ 866.884295][T14683] ksys_write+0xce/0x180 [ 866.888555][T14683] __x64_sys_write+0x3e/0x50 [ 866.893142][T14683] do_syscall_64+0x4a/0x90 [ 866.897564][T14683] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 866.903459][T14683] RIP: 0033:0x4665d9 [ 866.907377][T14683] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 866.927069][T14683] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 13:21:49 executing program 2 (fault-call:7 fault-nth:29): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) [ 866.935486][T14683] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 866.943470][T14683] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 866.951439][T14683] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 866.959407][T14683] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 866.967369][T14683] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 [ 867.039217][T14691] loop3: p1 p2 p3 p4 [ 867.043362][T14691] loop3: p1 size 11292159 extends beyond EOD, truncated [ 867.048632][T14702] loop4: detected capacity change from 0 to 55553 [ 867.055638][T14691] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 867.083965][T14716] FAULT_INJECTION: forcing a failure. [ 867.083965][T14716] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 867.097263][T14716] CPU: 1 PID: 14716 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 867.106054][T14716] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 867.116104][T14716] Call Trace: [ 867.119691][T14716] dump_stack+0x137/0x19d [ 867.124067][T14716] should_fail+0x23c/0x250 [ 867.128583][T14716] __alloc_pages+0x102/0x320 [ 867.133158][T14716] alloc_pages+0x21d/0x310 [ 867.137645][T14716] __page_cache_alloc+0x4d/0xf0 [ 867.142477][T14716] pagecache_get_page+0x5f4/0x900 [ 867.147512][T14716] grab_cache_page_write_begin+0x3f/0x70 [ 867.153198][T14716] ext4_da_write_begin+0x305/0x820 [ 867.158316][T14716] ? iov_iter_fault_in_readable+0x1b5/0x3a0 [ 867.164193][T14716] generic_perform_write+0x196/0x3a0 [ 867.169484][T14716] ? ext4_da_write_begin+0x820/0x820 [ 867.174768][T14716] ext4_buffered_write_iter+0x2f2/0x3f0 [ 867.180390][T14716] ext4_file_write_iter+0xd01/0x11d0 [ 867.185660][T14716] ? rw_verify_area+0x136/0x250 [ 867.190498][T14716] vfs_write+0x69d/0x770 [ 867.194805][T14716] ksys_write+0xce/0x180 [ 867.199054][T14716] __x64_sys_write+0x3e/0x50 [ 867.203705][T14716] do_syscall_64+0x4a/0x90 [ 867.208104][T14716] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 867.214020][T14716] RIP: 0033:0x4665d9 [ 867.217950][T14716] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 867.237539][T14716] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 867.245977][T14716] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 867.253936][T14716] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 867.261912][T14716] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 867.269877][T14716] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 13:21:49 executing program 2 (fault-call:7 fault-nth:30): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) [ 867.277841][T14716] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 [ 867.295712][T14702] loop4: p1 p2 p3 p4 [ 867.299845][T14702] loop4: p1 size 11292159 extends beyond EOD, truncated [ 867.309209][T14702] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 867.324962][T14691] loop3: detected capacity change from 0 to 44288 [ 867.351664][T14734] FAULT_INJECTION: forcing a failure. [ 867.351664][T14734] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 867.364740][T14734] CPU: 1 PID: 14734 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 867.373603][T14734] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 867.383661][T14734] Call Trace: [ 867.386924][T14734] dump_stack+0x137/0x19d [ 867.391380][T14734] should_fail+0x23c/0x250 [ 867.395785][T14734] should_fail_usercopy+0x16/0x20 [ 867.400810][T14734] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 867.406862][T14734] generic_perform_write+0x1e4/0x3a0 [ 867.412164][T14734] ? ext4_da_write_begin+0x820/0x820 [ 867.417437][T14734] ext4_buffered_write_iter+0x2f2/0x3f0 [ 867.422972][T14734] ext4_file_write_iter+0xd01/0x11d0 [ 867.428249][T14734] ? rw_verify_area+0x136/0x250 [ 867.433121][T14734] vfs_write+0x69d/0x770 [ 867.437363][T14734] ksys_write+0xce/0x180 [ 867.441593][T14734] __x64_sys_write+0x3e/0x50 [ 867.446278][T14734] do_syscall_64+0x4a/0x90 [ 867.450686][T14734] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 867.456750][T14734] RIP: 0033:0x4665d9 [ 867.460625][T14734] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 867.480226][T14734] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 867.488628][T14734] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 867.496605][T14734] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 867.504700][T14734] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 867.512717][T14734] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 867.520716][T14734] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 [ 867.541935][T14691] loop3: p1 p2 p3 p4 13:21:49 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff15000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:21:49 executing program 2 (fault-call:7 fault-nth:31): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) 13:21:49 executing program 3: syz_read_part_table(0xe, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 867.547684][T14691] loop3: p1 size 11292159 extends beyond EOD, truncated [ 867.560222][T14691] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 867.619543][T14742] loop4: detected capacity change from 0 to 67841 [ 867.629985][T14745] FAULT_INJECTION: forcing a failure. [ 867.629985][T14745] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 867.643758][T14745] CPU: 1 PID: 14745 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 867.652573][T14745] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 867.662672][T14745] Call Trace: [ 867.666011][T14745] dump_stack+0x137/0x19d [ 867.670343][T14745] should_fail+0x23c/0x250 [ 867.674873][T14745] __alloc_pages+0x102/0x320 [ 867.679463][T14745] alloc_pages+0x21d/0x310 [ 867.684004][T14745] __page_cache_alloc+0x4d/0xf0 [ 867.688839][T14745] pagecache_get_page+0x5f4/0x900 [ 867.693869][T14745] grab_cache_page_write_begin+0x3f/0x70 [ 867.699502][T14745] ext4_da_write_begin+0x305/0x820 [ 867.704629][T14745] ? iov_iter_fault_in_readable+0x1b5/0x3a0 [ 867.710509][T14745] generic_perform_write+0x196/0x3a0 [ 867.715853][T14745] ? ext4_da_write_begin+0x820/0x820 [ 867.721645][T14745] ext4_buffered_write_iter+0x2f2/0x3f0 [ 867.727225][T14745] ext4_file_write_iter+0xd01/0x11d0 [ 867.732507][T14745] ? rw_verify_area+0x136/0x250 [ 867.737373][T14745] vfs_write+0x69d/0x770 [ 867.741619][T14745] ksys_write+0xce/0x180 [ 867.745888][T14745] __x64_sys_write+0x3e/0x50 [ 867.750559][T14745] do_syscall_64+0x4a/0x90 [ 867.754989][T14745] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 867.760902][T14745] RIP: 0033:0x4665d9 [ 867.764890][T14745] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 867.784516][T14745] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 867.792926][T14745] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 867.800907][T14745] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 867.808898][T14745] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 13:21:50 executing program 2 (fault-call:7 fault-nth:32): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) [ 867.816878][T14745] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 867.824866][T14745] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 [ 867.865657][T14742] loop4: p1 p2 p3 p4 [ 867.869746][T14742] loop4: p1 size 11292159 extends beyond EOD, truncated [ 867.878527][T14742] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:21:50 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff16000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 867.924299][T14766] loop3: detected capacity change from 0 to 44288 [ 867.986278][T14766] loop3: p1 p2 p3 p4 [ 867.990373][T14766] loop3: p1 size 11292159 extends beyond EOD, truncated [ 867.999340][T14780] loop4: detected capacity change from 0 to 71937 [ 868.000638][T14766] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 868.013324][T14776] FAULT_INJECTION: forcing a failure. [ 868.013324][T14776] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 868.026453][T14776] CPU: 0 PID: 14776 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 868.035303][T14776] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 868.045384][T14776] Call Trace: [ 868.048670][T14776] dump_stack+0x137/0x19d [ 868.053025][T14776] should_fail+0x23c/0x250 [ 868.057465][T14776] should_fail_usercopy+0x16/0x20 [ 868.062514][T14776] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 868.068607][T14776] generic_perform_write+0x1e4/0x3a0 [ 868.073887][T14776] ? ext4_da_write_begin+0x820/0x820 [ 868.079182][T14776] ext4_buffered_write_iter+0x2f2/0x3f0 [ 868.084846][T14776] ext4_file_write_iter+0xd01/0x11d0 [ 868.090142][T14776] ? rw_verify_area+0x136/0x250 [ 868.095002][T14776] vfs_write+0x69d/0x770 [ 868.099394][T14776] ksys_write+0xce/0x180 [ 868.103744][T14776] __x64_sys_write+0x3e/0x50 [ 868.108336][T14776] do_syscall_64+0x4a/0x90 [ 868.112834][T14776] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 868.118740][T14776] RIP: 0033:0x4665d9 [ 868.122630][T14776] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 868.142452][T14776] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 868.150848][T14776] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 868.158828][T14776] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 868.166870][T14776] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 868.174959][T14776] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 868.183034][T14776] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 [ 868.247685][T14780] loop4: p1 p2 p3 p4 [ 868.257814][T14780] loop4: p1 size 11292159 extends beyond EOD, truncated [ 868.267043][T14780] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:21:52 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66", 0x97}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:21:52 executing program 2 (fault-call:7 fault-nth:33): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) 13:21:52 executing program 3: syz_read_part_table(0xf, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:21:52 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36", 0xc6}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:21:52 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff17000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:21:52 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36c6d6", 0xc8}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) [ 869.878384][T14812] loop3: detected capacity change from 0 to 44288 [ 869.898069][T14810] FAULT_INJECTION: forcing a failure. [ 869.898069][T14810] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 869.911344][T14810] CPU: 1 PID: 14810 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 869.920114][T14810] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 869.930261][T14810] Call Trace: [ 869.933521][T14810] dump_stack+0x137/0x19d [ 869.937896][T14810] should_fail+0x23c/0x250 [ 869.942292][T14810] __alloc_pages+0x102/0x320 [ 869.946907][T14810] alloc_pages+0x21d/0x310 [ 869.951467][T14810] __page_cache_alloc+0x4d/0xf0 [ 869.956320][T14810] pagecache_get_page+0x5f4/0x900 [ 869.961474][T14810] grab_cache_page_write_begin+0x3f/0x70 [ 869.967114][T14810] ext4_da_write_begin+0x305/0x820 [ 869.972257][T14810] ? iov_iter_fault_in_readable+0x1b5/0x3a0 [ 869.978303][T14810] generic_perform_write+0x196/0x3a0 [ 869.983666][T14810] ? ext4_da_write_begin+0x820/0x820 [ 869.989953][T14810] ext4_buffered_write_iter+0x2f2/0x3f0 [ 869.995571][T14810] ext4_file_write_iter+0xd01/0x11d0 [ 870.000856][T14810] ? rw_verify_area+0x136/0x250 [ 870.005705][T14810] vfs_write+0x69d/0x770 [ 870.009953][T14810] ksys_write+0xce/0x180 [ 870.014184][T14810] __x64_sys_write+0x3e/0x50 [ 870.018757][T14810] do_syscall_64+0x4a/0x90 [ 870.023296][T14810] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 870.029217][T14810] RIP: 0033:0x4665d9 [ 870.033103][T14810] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 870.052833][T14810] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 870.061316][T14810] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 870.069284][T14810] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 870.077309][T14810] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 870.085289][T14810] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 870.093259][T14810] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 [ 870.107303][T14820] loop4: detected capacity change from 0 to 76033 [ 870.115936][T14812] loop3: p1 p2 p3 p4 [ 870.120273][T14812] loop3: p1 size 11292159 extends beyond EOD, truncated 13:21:52 executing program 2 (fault-call:7 fault-nth:34): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) [ 870.134942][T14812] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 870.146266][T14820] loop4: p1 p2 p3 p4 [ 870.156901][T14820] loop4: p1 size 11292159 extends beyond EOD, truncated [ 870.167153][T14820] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:21:52 executing program 3: syz_read_part_table(0x10, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:21:52 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff18000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 870.243192][T14846] FAULT_INJECTION: forcing a failure. [ 870.243192][T14846] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 870.256263][T14846] CPU: 1 PID: 14846 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 870.265292][T14846] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 870.275352][T14846] Call Trace: [ 870.278633][T14846] dump_stack+0x137/0x19d [ 870.283014][T14846] should_fail+0x23c/0x250 [ 870.287427][T14846] should_fail_usercopy+0x16/0x20 [ 870.292460][T14846] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 870.298534][T14846] generic_perform_write+0x1e4/0x3a0 [ 870.303805][T14846] ? ext4_da_write_begin+0x820/0x820 [ 870.309087][T14846] ext4_buffered_write_iter+0x2f2/0x3f0 [ 870.315009][T14846] ext4_file_write_iter+0xd01/0x11d0 [ 870.320404][T14846] ? rw_verify_area+0x136/0x250 [ 870.325353][T14846] vfs_write+0x69d/0x770 [ 870.329574][T14846] ksys_write+0xce/0x180 [ 870.333798][T14846] __x64_sys_write+0x3e/0x50 [ 870.338471][T14846] do_syscall_64+0x4a/0x90 [ 870.342879][T14846] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 870.348782][T14846] RIP: 0033:0x4665d9 [ 870.352693][T14846] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 870.372313][T14846] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 870.380726][T14846] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 870.388717][T14846] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 870.396674][T14846] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 870.404673][T14846] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 870.412701][T14846] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 13:21:52 executing program 2 (fault-call:7 fault-nth:35): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) [ 870.440461][T14853] loop3: detected capacity change from 0 to 44288 [ 870.452599][T14867] loop4: detected capacity change from 0 to 80129 [ 870.475776][T14853] loop3: p1 p2 p3 p4 [ 870.479957][T14853] loop3: p1 size 11292159 extends beyond EOD, truncated [ 870.487688][T14867] loop4: p1 p2 p3 p4 [ 870.492060][T14867] loop4: p1 size 11292159 extends beyond EOD, truncated [ 870.500693][T14873] FAULT_INJECTION: forcing a failure. [ 870.500693][T14873] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 870.501388][T14853] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 870.513960][T14873] CPU: 0 PID: 14873 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 870.513984][T14873] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 870.539852][T14873] Call Trace: [ 870.543127][T14873] dump_stack+0x137/0x19d [ 870.547960][T14867] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 870.548161][T14873] should_fail+0x23c/0x250 [ 870.559681][T14873] __alloc_pages+0x102/0x320 [ 870.564321][T14873] alloc_pages+0x21d/0x310 [ 870.568758][T14873] __page_cache_alloc+0x4d/0xf0 [ 870.573695][T14873] pagecache_get_page+0x5f4/0x900 [ 870.578717][T14873] grab_cache_page_write_begin+0x3f/0x70 [ 870.584358][T14873] ext4_da_write_begin+0x305/0x820 [ 870.589472][T14873] ? iov_iter_fault_in_readable+0x1b5/0x3a0 [ 870.595510][T14873] generic_perform_write+0x196/0x3a0 [ 870.600802][T14873] ? ext4_da_write_begin+0x820/0x820 [ 870.606103][T14873] ext4_buffered_write_iter+0x2f2/0x3f0 [ 870.611692][T14873] ext4_file_write_iter+0xd01/0x11d0 [ 870.617551][T14873] ? rw_verify_area+0x136/0x250 [ 870.622424][T14873] vfs_write+0x69d/0x770 [ 870.626661][T14873] ksys_write+0xce/0x180 [ 870.630914][T14873] __x64_sys_write+0x3e/0x50 [ 870.636040][T14873] do_syscall_64+0x4a/0x90 [ 870.640465][T14873] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 870.646361][T14873] RIP: 0033:0x4665d9 [ 870.650252][T14873] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 870.670029][T14873] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 870.678537][T14873] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 870.686514][T14873] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 13:21:52 executing program 3: syz_read_part_table(0x11, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 870.694485][T14873] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 870.702459][T14873] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 870.710535][T14873] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 13:21:52 executing program 2 (fault-call:7 fault-nth:36): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) [ 870.778906][T14904] loop3: detected capacity change from 0 to 44288 [ 870.787386][T14867] loop4: detected capacity change from 0 to 80129 [ 870.825001][T14908] FAULT_INJECTION: forcing a failure. [ 870.825001][T14908] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 870.838510][T14908] CPU: 1 PID: 14908 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 870.847257][T14908] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 870.857626][T14908] Call Trace: [ 870.860904][T14908] dump_stack+0x137/0x19d [ 870.865296][T14908] should_fail+0x23c/0x250 [ 870.869696][T14908] should_fail_usercopy+0x16/0x20 [ 870.874707][T14908] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 870.880776][T14908] generic_perform_write+0x1e4/0x3a0 [ 870.886373][T14908] ? ext4_da_write_begin+0x820/0x820 [ 870.891645][T14908] ext4_buffered_write_iter+0x2f2/0x3f0 [ 870.897266][T14908] ext4_file_write_iter+0xd01/0x11d0 [ 870.902576][T14908] ? rw_verify_area+0x136/0x250 [ 870.907483][T14908] vfs_write+0x69d/0x770 [ 870.911748][T14908] ksys_write+0xce/0x180 [ 870.916008][T14908] __x64_sys_write+0x3e/0x50 [ 870.920610][T14908] do_syscall_64+0x4a/0x90 [ 870.925090][T14908] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 870.930982][T14908] RIP: 0033:0x4665d9 [ 870.934859][T14908] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 870.954466][T14908] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 870.962972][T14908] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 870.971129][T14908] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 870.979087][T14908] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 870.987079][T14908] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 870.995055][T14908] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 [ 871.007453][ T1036] loop3: p1 p2 p3 p4 [ 871.011524][ T1036] loop3: p1 size 11292159 extends beyond EOD, truncated [ 871.020064][ T1036] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 871.029417][T14904] loop3: p1 p2 p3 p4 [ 871.033676][T14904] loop3: p1 size 11292159 extends beyond EOD, truncated [ 871.042844][T14904] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 871.102184][T14904] loop3: detected capacity change from 0 to 44288 [ 871.125674][T14904] loop3: p1 p2 p3 p4 [ 871.129823][T14904] loop3: p1 size 11292159 extends beyond EOD, truncated [ 871.138502][T14904] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 871.148403][ T1036] loop3: p1 p2 p3 p4 [ 871.152500][ T1036] loop3: p1 size 11292159 extends beyond EOD, truncated [ 871.160804][ T1036] loop3: p4 size 3657465856 extends beyond EOD, truncated 13:21:55 executing program 1: mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66", 0x97}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1e) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) 13:21:55 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff19000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:21:55 executing program 2 (fault-call:7 fault-nth:37): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) [ 872.892312][T14961] loop4: detected capacity change from 0 to 84225 [ 872.912480][T14962] FAULT_INJECTION: forcing a failure. [ 872.912480][T14962] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 872.925756][T14962] CPU: 0 PID: 14962 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 872.934521][T14962] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 872.944578][T14962] Call Trace: [ 872.947850][T14962] dump_stack+0x137/0x19d [ 872.952192][T14962] should_fail+0x23c/0x250 [ 872.956678][T14962] __alloc_pages+0x102/0x320 [ 872.961298][T14962] alloc_pages+0x21d/0x310 [ 872.965714][T14962] __page_cache_alloc+0x4d/0xf0 [ 872.970632][T14962] pagecache_get_page+0x5f4/0x900 [ 872.975644][T14962] grab_cache_page_write_begin+0x3f/0x70 [ 872.981271][T14962] ext4_da_write_begin+0x305/0x820 [ 872.986574][T14962] ? iov_iter_fault_in_readable+0x1b5/0x3a0 [ 872.992512][T14962] generic_perform_write+0x196/0x3a0 [ 872.997807][T14962] ? ext4_da_write_begin+0x820/0x820 [ 873.003100][T14962] ext4_buffered_write_iter+0x2f2/0x3f0 [ 873.008699][T14962] ext4_file_write_iter+0xd01/0x11d0 [ 873.013994][T14962] ? rw_verify_area+0x136/0x250 [ 873.020145][T14962] vfs_write+0x69d/0x770 [ 873.024480][T14962] ksys_write+0xce/0x180 [ 873.028842][T14962] __x64_sys_write+0x3e/0x50 [ 873.033502][T14962] do_syscall_64+0x4a/0x90 [ 873.037929][T14962] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 873.043818][T14962] RIP: 0033:0x4665d9 [ 873.047699][T14962] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 873.067353][T14962] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 873.075925][T14962] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 873.083906][T14962] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 13:21:55 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36", 0xc6}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:21:55 executing program 3: syz_read_part_table(0x12, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:21:55 executing program 0: mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36c6d6", 0xc8}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1e) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) [ 873.091933][T14962] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 873.100107][T14962] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 873.108095][T14962] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 13:21:55 executing program 2 (fault-call:7 fault-nth:38): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) [ 873.135543][T14961] loop4: p1 p2 p3 p4 [ 873.146647][T14961] loop4: p1 size 11292159 extends beyond EOD, truncated [ 873.164461][T14961] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 873.166573][T14979] loop3: detected capacity change from 0 to 44288 [ 873.228777][T14979] loop3: p1 p2 p3 p4 [ 873.245078][T14979] loop3: p1 size 11292159 extends beyond EOD, truncated [ 873.248396][T14961] loop4: detected capacity change from 0 to 84225 [ 873.266042][T14979] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 873.284037][T14991] FAULT_INJECTION: forcing a failure. [ 873.284037][T14991] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 873.297275][T14991] CPU: 0 PID: 14991 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 873.306037][T14991] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 873.316094][T14991] Call Trace: [ 873.319370][T14991] dump_stack+0x137/0x19d [ 873.323703][T14991] should_fail+0x23c/0x250 [ 873.328106][T14991] should_fail_usercopy+0x16/0x20 [ 873.333153][T14991] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 873.339217][T14991] generic_perform_write+0x1e4/0x3a0 [ 873.344494][T14991] ? ext4_da_write_begin+0x820/0x820 [ 873.349834][T14991] ext4_buffered_write_iter+0x2f2/0x3f0 [ 873.355372][T14991] ext4_file_write_iter+0xd01/0x11d0 [ 873.360724][T14991] ? rw_verify_area+0x136/0x250 [ 873.365661][T14991] vfs_write+0x69d/0x770 [ 873.369892][T14991] ksys_write+0xce/0x180 [ 873.374208][T14991] __x64_sys_write+0x3e/0x50 [ 873.378785][T14991] do_syscall_64+0x4a/0x90 [ 873.383204][T14991] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 873.389146][T14991] RIP: 0033:0x4665d9 [ 873.393021][T14991] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 873.413422][T14991] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 873.421841][T14991] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 873.429886][T14991] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 873.437980][T14991] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 873.446024][T14991] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 873.454057][T14991] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 [ 873.467477][ T1036] loop4: p1 p2 p3 p4 [ 873.474800][ T1036] loop4: p1 size 11292159 extends beyond EOD, truncated 13:21:55 executing program 2 (fault-call:7 fault-nth:39): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) [ 873.483422][ T1036] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 873.498161][T14961] loop4: p1 p2 p3 p4 [ 873.504070][T14961] loop4: p1 size 11292159 extends beyond EOD, truncated [ 873.512058][T14979] loop3: detected capacity change from 0 to 44288 [ 873.521750][T14961] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 873.541411][T15021] FAULT_INJECTION: forcing a failure. [ 873.541411][T15021] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 873.554920][T15021] CPU: 0 PID: 15021 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 873.555474][ T1036] loop3: p1 p2 p3 p4 [ 873.563773][T15021] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 873.563788][T15021] Call Trace: [ 873.563796][T15021] dump_stack+0x137/0x19d [ 873.568009][ T1036] loop3: p1 size 11292159 extends beyond EOD, [ 873.577917][T15021] should_fail+0x23c/0x250 [ 873.577940][T15021] __alloc_pages+0x102/0x320 [ 873.577958][T15021] alloc_pages+0x21d/0x310 [ 873.581231][ T1036] truncated [ 873.583243][ T1036] loop3: p4 size 3657465856 extends beyond EOD, [ 873.585561][T15021] __page_cache_alloc+0x4d/0xf0 [ 873.585642][T15021] pagecache_get_page+0x5f4/0x900 [ 873.591856][ T1036] truncated [ 873.596258][T15021] grab_cache_page_write_begin+0x3f/0x70 [ 873.634137][T15021] ext4_da_write_begin+0x305/0x820 [ 873.639256][T15021] ? iov_iter_fault_in_readable+0x1b5/0x3a0 [ 873.645190][T15021] generic_perform_write+0x196/0x3a0 [ 873.650800][T15021] ? ext4_da_write_begin+0x820/0x820 [ 873.656093][T15021] ext4_buffered_write_iter+0x2f2/0x3f0 [ 873.661671][T15021] ext4_file_write_iter+0xd01/0x11d0 [ 873.667027][T15021] ? rw_verify_area+0x136/0x250 [ 873.671959][T15021] vfs_write+0x69d/0x770 [ 873.676198][T15021] ksys_write+0xce/0x180 [ 873.680441][T15021] __x64_sys_write+0x3e/0x50 [ 873.685053][T15021] do_syscall_64+0x4a/0x90 [ 873.689485][T15021] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 873.695455][T15021] RIP: 0033:0x4665d9 [ 873.699354][T15021] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 873.719046][T15021] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 873.729506][T15021] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 13:21:55 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff21000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 873.737647][T15021] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 873.745614][T15021] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 873.753586][T15021] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 873.761561][T15021] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 [ 873.777522][T14979] loop3: p1 p2 p3 p4 [ 873.782661][T14979] loop3: p1 size 11292159 extends beyond EOD, truncated 13:21:55 executing program 2 (fault-call:7 fault-nth:40): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) [ 873.803412][T14979] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 873.840581][T15053] loop4: detected capacity change from 0 to 116993 [ 873.846127][T15044] FAULT_INJECTION: forcing a failure. [ 873.846127][T15044] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 873.863590][T15044] CPU: 1 PID: 15044 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 873.872699][T15044] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 873.882783][T15044] Call Trace: [ 873.886912][T15044] dump_stack+0x137/0x19d [ 873.891257][T15044] should_fail+0x23c/0x250 [ 873.895729][T15044] should_fail_usercopy+0x16/0x20 [ 873.901088][T15044] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 873.907153][T15044] generic_perform_write+0x1e4/0x3a0 [ 873.912461][T15044] ? ext4_da_write_begin+0x820/0x820 [ 873.917780][T15044] ext4_buffered_write_iter+0x2f2/0x3f0 [ 873.924536][T15044] ext4_file_write_iter+0xd01/0x11d0 [ 873.929901][T15044] ? rw_verify_area+0x136/0x250 [ 873.934756][T15044] vfs_write+0x69d/0x770 [ 873.938997][T15044] ksys_write+0xce/0x180 [ 873.943247][T15044] __x64_sys_write+0x3e/0x50 [ 873.948089][T15044] do_syscall_64+0x4a/0x90 [ 873.952501][T15044] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 873.958395][T15044] RIP: 0033:0x4665d9 [ 873.962271][T15044] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 873.981980][T15044] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 873.990379][T15044] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 13:21:56 executing program 3: syz_read_part_table(0x13, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 873.998444][T15044] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 874.006406][T15044] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 874.014357][T15044] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 874.022314][T15044] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 13:21:56 executing program 2 (fault-call:7 fault-nth:41): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) [ 874.057742][T15053] loop4: p1 p2 p3 p4 [ 874.062047][T15053] loop4: p1 size 11292159 extends beyond EOD, truncated [ 874.075373][T15053] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 874.089699][ T1036] loop4: p1 p2 p3 p4 [ 874.094143][ T1036] loop4: p1 size 11292159 extends beyond EOD, truncated [ 874.103695][ T1036] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 874.116247][T15071] FAULT_INJECTION: forcing a failure. [ 874.116247][T15071] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 874.130275][T15071] CPU: 0 PID: 15071 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 874.139301][T15071] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 874.149448][T15071] Call Trace: [ 874.152734][T15071] dump_stack+0x137/0x19d [ 874.155401][T15083] loop3: detected capacity change from 0 to 44288 [ 874.157087][T15071] should_fail+0x23c/0x250 [ 874.167966][T15071] __alloc_pages+0x102/0x320 [ 874.172681][T15071] alloc_pages+0x21d/0x310 [ 874.177098][T15071] __page_cache_alloc+0x4d/0xf0 [ 874.181957][T15071] pagecache_get_page+0x5f4/0x900 [ 874.186997][T15071] grab_cache_page_write_begin+0x3f/0x70 [ 874.192721][T15071] ext4_da_write_begin+0x305/0x820 [ 874.197902][T15071] ? iov_iter_fault_in_readable+0x1b5/0x3a0 [ 874.203822][T15071] generic_perform_write+0x196/0x3a0 [ 874.209132][T15071] ? ext4_da_write_begin+0x820/0x820 [ 874.214496][T15071] ext4_buffered_write_iter+0x2f2/0x3f0 [ 874.220203][T15071] ext4_file_write_iter+0xd01/0x11d0 [ 874.225484][T15071] ? rw_verify_area+0x136/0x250 [ 874.230398][T15071] vfs_write+0x69d/0x770 [ 874.234634][T15071] ksys_write+0xce/0x180 [ 874.238869][T15071] __x64_sys_write+0x3e/0x50 [ 874.243447][T15071] do_syscall_64+0x4a/0x90 [ 874.247870][T15071] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 874.253744][T15071] RIP: 0033:0x4665d9 [ 874.257614][T15071] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 874.277200][T15071] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 874.285590][T15071] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 874.293649][T15071] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 874.301609][T15071] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 874.309575][T15071] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 874.317524][T15071] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 [ 874.355490][T15083] loop3: p1 p2 p3 p4 [ 874.359604][T15083] loop3: p1 size 11292159 extends beyond EOD, truncated [ 874.371891][T15083] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 874.382137][ T1036] loop3: p1 p2 p3 p4 [ 874.386569][ T1036] loop3: p1 size 11292159 extends beyond EOD, truncated [ 874.394928][ T1036] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 874.443809][T15083] loop3: detected capacity change from 0 to 44288 [ 874.491398][T15083] loop3: p1 p2 p3 p4 [ 874.506048][T15083] loop3: p1 size 11292159 extends beyond EOD, truncated [ 874.528831][T15083] loop3: p4 size 3657465856 extends beyond EOD, truncated 13:21:58 executing program 2 (fault-call:7 fault-nth:42): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) 13:21:58 executing program 1: mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66", 0x97}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1e) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) 13:21:58 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff22000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 875.908256][T15133] loop4: detected capacity change from 0 to 121089 [ 875.922069][T15131] FAULT_INJECTION: forcing a failure. [ 875.922069][T15131] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 875.935222][T15131] CPU: 1 PID: 15131 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 875.943988][T15131] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 875.954044][T15131] Call Trace: [ 875.957334][T15131] dump_stack+0x137/0x19d [ 875.961651][T15131] should_fail+0x23c/0x250 [ 875.966191][T15131] should_fail_usercopy+0x16/0x20 [ 875.971293][T15131] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 875.977358][T15131] generic_perform_write+0x1e4/0x3a0 [ 875.982749][T15131] ? ext4_da_write_begin+0x820/0x820 [ 875.988100][T15131] ext4_buffered_write_iter+0x2f2/0x3f0 [ 875.993666][T15131] ext4_file_write_iter+0xd01/0x11d0 [ 875.999003][T15131] ? rw_verify_area+0x136/0x250 [ 876.003903][T15131] vfs_write+0x69d/0x770 [ 876.008133][T15131] ksys_write+0xce/0x180 [ 876.012373][T15131] __x64_sys_write+0x3e/0x50 [ 876.016958][T15131] do_syscall_64+0x4a/0x90 [ 876.021376][T15131] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 876.027305][T15131] RIP: 0033:0x4665d9 [ 876.031183][T15131] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 876.050795][T15131] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 876.059312][T15131] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 876.067317][T15131] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 876.075277][T15131] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 876.083254][T15131] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 876.091214][T15131] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 13:21:58 executing program 5: mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36", 0xc6}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1e) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) 13:21:58 executing program 3: syz_read_part_table(0x24, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:21:58 executing program 0: mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36c6d6", 0xc8}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1e) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) 13:21:58 executing program 2 (fault-call:7 fault-nth:43): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) [ 876.147443][T15133] loop4: p1 p2 p3 p4 [ 876.157424][T15133] loop4: p1 size 11292159 extends beyond EOD, truncated [ 876.183907][T15133] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 876.191197][T15142] loop3: detected capacity change from 0 to 44288 13:21:58 executing program 5: mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36", 0xc6}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1e) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) [ 876.206430][T15152] FAULT_INJECTION: forcing a failure. [ 876.206430][T15152] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 876.219905][T15152] CPU: 1 PID: 15152 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 876.228735][T15152] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 876.238808][T15152] Call Trace: [ 876.242124][T15152] dump_stack+0x137/0x19d [ 876.246450][T15152] should_fail+0x23c/0x250 [ 876.250945][T15152] __alloc_pages+0x102/0x320 [ 876.255514][T15152] alloc_pages+0x21d/0x310 [ 876.260002][T15152] __page_cache_alloc+0x4d/0xf0 [ 876.264833][T15152] pagecache_get_page+0x5f4/0x900 [ 876.269843][T15152] grab_cache_page_write_begin+0x3f/0x70 [ 876.275460][T15152] ext4_da_write_begin+0x305/0x820 [ 876.280582][T15152] ? iov_iter_fault_in_readable+0x1b5/0x3a0 [ 876.286516][T15152] generic_perform_write+0x196/0x3a0 [ 876.291784][T15152] ? ext4_da_write_begin+0x820/0x820 [ 876.297215][T15152] ext4_buffered_write_iter+0x2f2/0x3f0 [ 876.302759][T15152] ext4_file_write_iter+0xd01/0x11d0 [ 876.308068][T15152] ? rw_verify_area+0x136/0x250 [ 876.312979][T15152] vfs_write+0x69d/0x770 [ 876.317290][T15152] ksys_write+0xce/0x180 [ 876.321513][T15152] __x64_sys_write+0x3e/0x50 [ 876.326132][T15152] do_syscall_64+0x4a/0x90 [ 876.330547][T15152] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 876.336449][T15152] RIP: 0033:0x4665d9 [ 876.340336][T15152] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 876.359944][T15152] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 876.368365][T15152] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 876.376416][T15152] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 876.384382][T15152] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 876.392352][T15152] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 13:21:58 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff23000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:21:58 executing program 2 (fault-call:7 fault-nth:44): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) [ 876.400303][T15152] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 [ 876.422215][T15142] loop3: p1 p2 p3 p4 [ 876.431157][T15142] loop3: p1 size 11292159 extends beyond EOD, truncated [ 876.444492][T15142] loop3: p4 size 3657465856 extends beyond EOD, truncated 13:21:58 executing program 3: syz_read_part_table(0x25, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 876.483377][T15172] loop4: detected capacity change from 0 to 125185 [ 876.532427][T15182] FAULT_INJECTION: forcing a failure. [ 876.532427][T15182] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 876.545655][T15182] CPU: 1 PID: 15182 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 876.551553][T15172] loop4: p1 p2 p3 p4 [ 876.554511][T15182] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 876.554526][T15182] Call Trace: [ 876.554535][T15182] dump_stack+0x137/0x19d [ 876.558833][T15172] loop4: p1 size 11292159 extends beyond EOD, [ 876.568560][T15182] should_fail+0x23c/0x250 [ 876.568587][T15182] should_fail_usercopy+0x16/0x20 [ 876.571867][T15172] truncated [ 876.575496][T15172] loop4: p4 size 3657465856 extends beyond EOD, [ 876.576175][T15182] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 876.582333][T15172] truncated [ 876.586699][T15182] generic_perform_write+0x1e4/0x3a0 [ 876.615567][T15182] ? ext4_da_write_begin+0x820/0x820 [ 876.620843][T15182] ext4_buffered_write_iter+0x2f2/0x3f0 [ 876.626433][T15182] ext4_file_write_iter+0xd01/0x11d0 [ 876.631797][T15182] ? rw_verify_area+0x136/0x250 [ 876.636729][T15182] vfs_write+0x69d/0x770 [ 876.641001][T15182] ksys_write+0xce/0x180 [ 876.645273][T15182] __x64_sys_write+0x3e/0x50 [ 876.649856][T15182] do_syscall_64+0x4a/0x90 [ 876.654329][T15182] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 876.660228][T15182] RIP: 0033:0x4665d9 [ 876.664193][T15182] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 876.683871][T15182] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 876.692265][T15182] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 876.700771][T15182] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 876.708907][T15182] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 876.716960][T15182] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 876.724920][T15182] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 [ 876.757724][T15141] blk_update_request: I/O error, dev loop4, sector 125056 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 876.757962][T15147] blk_update_request: I/O error, dev loop4, sector 8 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 876.770988][T15143] blk_update_request: I/O error, dev loop4, sector 233 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 876.785329][ T881] blk_update_request: I/O error, dev loop4, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 13:21:58 executing program 2 (fault-call:7 fault-nth:45): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) [ 876.802947][ T881] Buffer I/O error on dev loop4p2, logical block 8, async page read [ 876.811227][ T881] blk_update_request: I/O error, dev loop4, sector 125056 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 876.816291][T15185] loop3: detected capacity change from 0 to 44288 [ 876.822738][ T881] Buffer I/O error on dev loop4p1, logical block 125056, async page read [ 876.838268][ T881] blk_update_request: I/O error, dev loop4, sector 125057 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 876.849759][ T881] Buffer I/O error on dev loop4p1, logical block 125057, async page read [ 876.858198][ T881] blk_update_request: I/O error, dev loop4, sector 125058 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 876.869677][ T881] Buffer I/O error on dev loop4p1, logical block 125058, async page read [ 876.878131][ T881] blk_update_request: I/O error, dev loop4, sector 125059 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 876.889418][ T881] Buffer I/O error on dev loop4p1, logical block 125059, async page read [ 876.897866][ T881] blk_update_request: I/O error, dev loop4, sector 125060 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 876.909235][ T881] Buffer I/O error on dev loop4p1, logical block 125060, async page read [ 876.917775][ T881] blk_update_request: I/O error, dev loop4, sector 125061 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 876.929094][ T881] Buffer I/O error on dev loop4p1, logical block 125061, async page read [ 876.937595][ T881] Buffer I/O error on dev loop4p1, logical block 125062, async page read [ 876.946039][ T881] Buffer I/O error on dev loop4p1, logical block 125063, async page read [ 876.954482][ T881] Buffer I/O error on dev loop4p3, logical block 1, async page read [ 877.000530][T15172] __loop_clr_fd: partition scan of loop4 failed (rc=-16) [ 877.015714][T15185] loop3: p1 p2 p3 p4 [ 877.024652][T15185] loop3: p1 size 11292159 extends beyond EOD, truncated [ 877.037710][T15172] loop4: detected capacity change from 0 to 125185 [ 877.038284][T15185] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 877.061561][T15206] FAULT_INJECTION: forcing a failure. [ 877.061561][T15206] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 877.074883][T15206] CPU: 1 PID: 15206 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 877.083689][T15206] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 877.093858][T15206] Call Trace: [ 877.097138][T15206] dump_stack+0x137/0x19d [ 877.101462][T15206] should_fail+0x23c/0x250 [ 877.105889][T15206] __alloc_pages+0x102/0x320 [ 877.110481][T15206] alloc_pages+0x21d/0x310 [ 877.114980][T15206] __page_cache_alloc+0x4d/0xf0 [ 877.119837][T15206] pagecache_get_page+0x5f4/0x900 [ 877.124858][T15206] grab_cache_page_write_begin+0x3f/0x70 [ 877.130476][T15206] ext4_da_write_begin+0x305/0x820 [ 877.135607][T15206] ? iov_iter_fault_in_readable+0x1b5/0x3a0 [ 877.141935][T15206] generic_perform_write+0x196/0x3a0 [ 877.148130][T15206] ? ext4_da_write_begin+0x820/0x820 [ 877.153519][T15206] ext4_buffered_write_iter+0x2f2/0x3f0 [ 877.159171][T15206] ext4_file_write_iter+0xd01/0x11d0 [ 877.164489][T15206] ? rw_verify_area+0x136/0x250 [ 877.169404][T15206] vfs_write+0x69d/0x770 [ 877.173628][T15206] ksys_write+0xce/0x180 [ 877.177952][T15206] __x64_sys_write+0x3e/0x50 [ 877.182520][T15206] do_syscall_64+0x4a/0x90 [ 877.186938][T15206] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 877.192830][T15206] RIP: 0033:0x4665d9 [ 877.196715][T15206] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 877.216326][T15206] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 877.224879][T15206] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 877.232836][T15206] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 877.240793][T15206] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 13:21:59 executing program 2 (fault-call:7 fault-nth:46): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) [ 877.248746][T15206] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 877.256850][T15206] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 [ 877.311243][T15172] loop4: p1 p2 p3 p4 [ 877.319464][T15185] loop3: detected capacity change from 0 to 44288 [ 877.326271][T15172] loop4: p1 size 11292159 extends beyond EOD, truncated [ 877.335051][T15172] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 877.347830][T15234] FAULT_INJECTION: forcing a failure. [ 877.347830][T15234] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 877.360910][T15234] CPU: 0 PID: 15234 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 877.369676][T15234] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 877.379732][T15234] Call Trace: [ 877.383010][T15234] dump_stack+0x137/0x19d [ 877.387374][T15234] should_fail+0x23c/0x250 [ 877.391789][T15234] should_fail_usercopy+0x16/0x20 [ 877.396813][T15234] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 877.402957][T15234] generic_perform_write+0x1e4/0x3a0 [ 877.408293][T15234] ? ext4_da_write_begin+0x820/0x820 [ 877.413584][T15234] ext4_buffered_write_iter+0x2f2/0x3f0 [ 877.419236][T15234] ext4_file_write_iter+0xd01/0x11d0 [ 877.424537][T15234] ? rw_verify_area+0x136/0x250 [ 877.429460][T15234] vfs_write+0x69d/0x770 [ 877.433705][T15234] ksys_write+0xce/0x180 [ 877.437941][T15234] __x64_sys_write+0x3e/0x50 [ 877.442538][T15234] do_syscall_64+0x4a/0x90 [ 877.446952][T15234] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 877.452854][T15234] RIP: 0033:0x4665d9 [ 877.456748][T15234] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 877.476462][T15234] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 877.485148][T15234] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 877.493208][T15234] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 877.501177][T15234] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 877.509428][T15234] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 877.517500][T15234] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 [ 877.534583][T15185] loop3: p1 p2 p3 p4 [ 877.539288][T15185] loop3: p1 size 11292159 extends beyond EOD, truncated [ 877.549444][T15185] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 877.631223][ T1036] loop3: p1 p2 p3 p4 [ 877.635513][ T1036] loop3: p1 size 11292159 extends beyond EOD, truncated [ 877.644509][ T1036] loop3: p4 size 3657465856 extends beyond EOD, truncated 13:22:01 executing program 1: mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66", 0x97}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1e) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) 13:22:01 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff24000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:22:01 executing program 2 (fault-call:7 fault-nth:47): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) 13:22:01 executing program 3: syz_read_part_table(0x26, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 878.920843][T15276] loop4: detected capacity change from 0 to 129281 [ 878.949598][T15286] FAULT_INJECTION: forcing a failure. [ 878.949598][T15286] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 878.963196][T15286] CPU: 1 PID: 15286 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 878.971962][T15286] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 878.982154][T15286] Call Trace: [ 878.986290][T15286] dump_stack+0x137/0x19d [ 878.990628][T15286] should_fail+0x23c/0x250 [ 878.995146][T15286] __alloc_pages+0x102/0x320 [ 878.999736][T15286] alloc_pages+0x21d/0x310 [ 879.004133][T15286] __page_cache_alloc+0x4d/0xf0 [ 879.008982][T15286] pagecache_get_page+0x5f4/0x900 [ 879.014024][T15286] grab_cache_page_write_begin+0x3f/0x70 [ 879.019694][T15286] ext4_da_write_begin+0x305/0x820 [ 879.024792][T15286] ? iov_iter_fault_in_readable+0x1b5/0x3a0 [ 879.030818][T15286] generic_perform_write+0x196/0x3a0 [ 879.036107][T15286] ? ext4_da_write_begin+0x820/0x820 [ 879.041385][T15286] ext4_buffered_write_iter+0x2f2/0x3f0 [ 879.047007][T15286] ext4_file_write_iter+0xd01/0x11d0 [ 879.052276][T15286] ? rw_verify_area+0x136/0x250 [ 879.057113][T15286] vfs_write+0x69d/0x770 [ 879.061348][T15286] ksys_write+0xce/0x180 [ 879.065640][T15286] __x64_sys_write+0x3e/0x50 [ 879.070230][T15286] do_syscall_64+0x4a/0x90 [ 879.074667][T15286] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 879.080568][T15286] RIP: 0033:0x4665d9 [ 879.084452][T15286] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 879.104062][T15286] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 879.112633][T15286] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 879.120631][T15286] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 879.128595][T15286] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 879.137289][T15286] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 879.145308][T15286] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 [ 879.156272][T15284] loop3: detected capacity change from 0 to 44288 [ 879.163391][T15276] loop4: p1 p2 p3 p4 13:22:01 executing program 0: mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36c6d6", 0xc8}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1e) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) 13:22:01 executing program 2 (fault-call:7 fault-nth:48): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) [ 879.177467][T15276] loop4: p1 size 11292159 extends beyond EOD, truncated [ 879.187701][T15276] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 879.206488][T15284] loop3: p1 p2 p3 p4 [ 879.211296][T15284] loop3: p1 size 11292159 extends beyond EOD, truncated [ 879.224036][T15284] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 879.244283][T15303] FAULT_INJECTION: forcing a failure. [ 879.244283][T15303] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 879.257368][T15303] CPU: 1 PID: 15303 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 879.266163][T15303] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 879.276224][T15303] Call Trace: [ 879.279507][T15303] dump_stack+0x137/0x19d [ 879.283914][T15303] should_fail+0x23c/0x250 [ 879.288331][T15303] should_fail_usercopy+0x16/0x20 [ 879.293395][T15303] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 879.299599][T15303] generic_perform_write+0x1e4/0x3a0 [ 879.304876][T15303] ? ext4_da_write_begin+0x820/0x820 [ 879.310152][T15303] ext4_buffered_write_iter+0x2f2/0x3f0 [ 879.315744][T15303] ext4_file_write_iter+0xd01/0x11d0 [ 879.321074][T15303] ? rw_verify_area+0x136/0x250 [ 879.325920][T15303] vfs_write+0x69d/0x770 [ 879.330172][T15303] ksys_write+0xce/0x180 [ 879.334415][T15303] __x64_sys_write+0x3e/0x50 [ 879.339515][T15303] do_syscall_64+0x4a/0x90 [ 879.343929][T15303] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 879.350066][T15303] RIP: 0033:0x4665d9 [ 879.354018][T15303] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 879.373621][T15303] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 879.382044][T15303] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 879.390065][T15303] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 879.398036][T15303] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 879.405996][T15303] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 879.414750][T15303] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 13:22:01 executing program 5: mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36", 0xc6}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1e) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) 13:22:01 executing program 2 (fault-call:7 fault-nth:49): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) [ 879.459974][T15284] loop3: detected capacity change from 0 to 44288 [ 879.497987][T15276] loop4: detected capacity change from 0 to 129281 [ 879.515636][T15284] loop3: p1 p2 p3 p4 [ 879.519598][T15329] FAULT_INJECTION: forcing a failure. [ 879.519598][T15329] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 879.519737][T15284] loop3: p1 size 11292159 extends beyond EOD, truncated [ 879.532943][T15329] CPU: 1 PID: 15329 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 879.532970][T15329] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 879.553332][T15284] loop3: p4 size 3657465856 extends beyond EOD, [ 879.558728][T15329] Call Trace: [ 879.558768][T15329] dump_stack+0x137/0x19d [ 879.565094][T15284] truncated [ 879.575758][T15329] should_fail+0x23c/0x250 [ 879.580176][T15329] __alloc_pages+0x102/0x320 [ 879.584808][T15329] alloc_pages+0x21d/0x310 [ 879.589246][T15329] __page_cache_alloc+0x4d/0xf0 [ 879.594096][T15329] pagecache_get_page+0x5f4/0x900 [ 879.599124][T15329] grab_cache_page_write_begin+0x3f/0x70 [ 879.604814][T15329] ext4_da_write_begin+0x305/0x820 [ 879.609946][T15329] ? iov_iter_fault_in_readable+0x1b5/0x3a0 [ 879.615901][T15329] generic_perform_write+0x196/0x3a0 [ 879.621204][T15329] ? ext4_da_write_begin+0x820/0x820 [ 879.626518][T15329] ext4_buffered_write_iter+0x2f2/0x3f0 [ 879.632446][T15329] ext4_file_write_iter+0xd01/0x11d0 [ 879.637863][T15329] ? rw_verify_area+0x136/0x250 [ 879.642812][T15329] vfs_write+0x69d/0x770 [ 879.647068][T15329] ksys_write+0xce/0x180 [ 879.651460][T15329] __x64_sys_write+0x3e/0x50 [ 879.656074][T15329] do_syscall_64+0x4a/0x90 [ 879.660531][T15329] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 879.666436][T15329] RIP: 0033:0x4665d9 [ 879.670328][T15329] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 879.690770][T15329] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 879.699460][T15329] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 879.707443][T15329] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 13:22:01 executing program 2 (fault-call:7 fault-nth:50): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) [ 879.715511][T15329] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 879.723661][T15329] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 879.731636][T15329] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 [ 879.744736][ T1036] loop4: p1 p2 p3 p4 [ 879.749226][ T1036] loop4: p1 size 11292159 extends beyond EOD, truncated [ 879.761527][ T1036] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 879.775125][T15276] loop4: p1 p2 p3 p4 [ 879.779686][T15276] loop4: p1 size 11292159 extends beyond EOD, truncated [ 879.788966][T15276] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 879.799197][T15340] FAULT_INJECTION: forcing a failure. [ 879.799197][T15340] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 879.812316][T15340] CPU: 1 PID: 15340 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 879.821085][T15340] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 879.831201][T15340] Call Trace: [ 879.834741][T15340] dump_stack+0x137/0x19d [ 879.839433][T15340] should_fail+0x23c/0x250 [ 879.843922][T15340] should_fail_usercopy+0x16/0x20 [ 879.849016][T15340] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 879.855608][T15340] generic_perform_write+0x1e4/0x3a0 [ 879.861022][T15340] ? ext4_da_write_begin+0x820/0x820 [ 879.866414][T15340] ext4_buffered_write_iter+0x2f2/0x3f0 [ 879.871981][T15340] ext4_file_write_iter+0xd01/0x11d0 [ 879.878602][T15340] ? rw_verify_area+0x136/0x250 [ 879.883652][T15340] vfs_write+0x69d/0x770 [ 879.888173][T15340] ksys_write+0xce/0x180 [ 879.892520][T15340] __x64_sys_write+0x3e/0x50 [ 879.897096][T15340] do_syscall_64+0x4a/0x90 [ 879.901683][T15340] ? irqentry_exit_to_user_mode+0x5/0x20 [ 879.909663][T15340] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 879.915564][T15340] RIP: 0033:0x4665d9 [ 879.919440][T15340] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 879.939389][T15340] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 879.947799][T15340] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 879.955912][T15340] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 13:22:02 executing program 3: syz_read_part_table(0x2e, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 879.963866][T15340] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 879.972158][T15340] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 879.980196][T15340] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 [ 879.995835][ T1036] loop3: p1 p2 p3 p4 [ 880.002112][ T1036] loop3: p1 size 11292159 extends beyond EOD, truncated 13:22:02 executing program 2 (fault-call:7 fault-nth:51): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) 13:22:02 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff25000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 880.012170][ T1036] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 880.047933][T15365] FAULT_INJECTION: forcing a failure. [ 880.047933][T15365] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 880.061868][T15365] CPU: 0 PID: 15365 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 880.070713][T15365] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 880.080807][T15365] Call Trace: [ 880.084103][T15365] dump_stack+0x137/0x19d [ 880.088437][T15365] should_fail+0x23c/0x250 [ 880.092875][T15365] __alloc_pages+0x102/0x320 [ 880.097470][T15365] alloc_pages+0x21d/0x310 [ 880.101895][T15365] __page_cache_alloc+0x4d/0xf0 [ 880.106784][T15365] pagecache_get_page+0x5f4/0x900 [ 880.111817][T15365] grab_cache_page_write_begin+0x3f/0x70 [ 880.117465][T15365] ext4_da_write_begin+0x305/0x820 [ 880.122587][T15365] ? iov_iter_fault_in_readable+0x1b5/0x3a0 [ 880.128484][T15365] generic_perform_write+0x196/0x3a0 [ 880.133876][T15365] ? ext4_da_write_begin+0x820/0x820 [ 880.139171][T15365] ext4_buffered_write_iter+0x2f2/0x3f0 [ 880.144727][T15365] ext4_file_write_iter+0xd01/0x11d0 [ 880.150051][T15365] ? rw_verify_area+0x136/0x250 [ 880.154914][T15365] vfs_write+0x69d/0x770 [ 880.159155][T15365] ksys_write+0xce/0x180 [ 880.163396][T15365] __x64_sys_write+0x3e/0x50 [ 880.168173][T15365] do_syscall_64+0x4a/0x90 [ 880.172602][T15365] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 880.178553][T15365] RIP: 0033:0x4665d9 [ 880.182452][T15365] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 880.202128][T15365] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 880.210547][T15365] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 880.218645][T15365] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 880.226639][T15365] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 880.234650][T15365] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 880.242632][T15365] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 [ 880.254189][T15364] loop3: detected capacity change from 0 to 44288 [ 880.263029][T15384] loop4: detected capacity change from 0 to 133377 [ 880.296447][T15364] loop3: p1 p2 p3 p4 [ 880.300717][T15364] loop3: p1 size 11292159 extends beyond EOD, truncated [ 880.307920][T15384] loop4: p1 p2 p3 p4 [ 880.308935][T15364] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 880.323109][T15384] loop4: p1 size 11292159 extends beyond EOD, truncated [ 880.333036][T15384] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 880.360354][T15364] loop3: detected capacity change from 0 to 44288 [ 880.387013][T15364] loop3: p1 p2 p3 p4 [ 880.391184][T15364] loop3: p1 size 11292159 extends beyond EOD, truncated [ 880.404314][T15364] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 880.518800][ T1797] __loop_clr_fd: partition scan of loop3 failed (rc=-16) 13:22:04 executing program 1: r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66", 0x97}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:22:04 executing program 2 (fault-call:7 fault-nth:52): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) 13:22:04 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff26000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:22:04 executing program 3: syz_read_part_table(0x48, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 881.941751][T15439] loop3: detected capacity change from 0 to 44288 [ 881.945449][T15440] loop4: detected capacity change from 0 to 137473 [ 881.973777][T15445] FAULT_INJECTION: forcing a failure. [ 881.973777][T15445] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 881.986997][T15445] CPU: 0 PID: 15445 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 881.995871][T15445] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 882.006047][T15445] Call Trace: [ 882.009335][T15445] dump_stack+0x137/0x19d [ 882.013657][T15445] should_fail+0x23c/0x250 [ 882.018072][T15445] should_fail_usercopy+0x16/0x20 [ 882.023225][T15445] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 882.029303][T15445] generic_perform_write+0x1e4/0x3a0 [ 882.034655][T15445] ? ext4_da_write_begin+0x820/0x820 [ 882.039927][T15445] ext4_buffered_write_iter+0x2f2/0x3f0 [ 882.045486][T15445] ext4_file_write_iter+0xd01/0x11d0 [ 882.050808][T15445] ? rw_verify_area+0x136/0x250 [ 882.055711][T15445] vfs_write+0x69d/0x770 [ 882.060023][T15445] ksys_write+0xce/0x180 [ 882.064253][T15445] __x64_sys_write+0x3e/0x50 [ 882.068822][T15445] do_syscall_64+0x4a/0x90 [ 882.073286][T15445] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 882.079265][T15445] RIP: 0033:0x4665d9 [ 882.083142][T15445] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 882.102764][T15445] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 882.111232][T15445] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 882.119186][T15445] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 882.127166][T15445] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 882.135139][T15445] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 882.143108][T15445] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 [ 882.156838][T15440] loop4: p1 p2 p3 p4 [ 882.161372][T15440] loop4: p1 size 11292159 extends beyond EOD, truncated [ 882.170193][T15439] loop3: p1 p2 p3 p4 [ 882.175994][T15439] loop3: p1 size 11292159 extends beyond EOD, truncated [ 882.183864][T15440] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:22:04 executing program 0: r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36c6d6", 0xc8}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:22:04 executing program 2 (fault-call:7 fault-nth:53): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) [ 882.189692][T15439] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 882.281237][T15475] FAULT_INJECTION: forcing a failure. [ 882.281237][T15475] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 882.294498][T15475] CPU: 0 PID: 15475 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 882.303485][T15475] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 882.313585][T15475] Call Trace: [ 882.316867][T15475] dump_stack+0x137/0x19d [ 882.321202][T15475] should_fail+0x23c/0x250 [ 882.325627][T15475] __alloc_pages+0x102/0x320 [ 882.330228][T15475] alloc_pages+0x21d/0x310 [ 882.334643][T15475] __page_cache_alloc+0x4d/0xf0 [ 882.339529][T15475] pagecache_get_page+0x5f4/0x900 [ 882.344577][T15475] grab_cache_page_write_begin+0x3f/0x70 [ 882.350208][T15475] ext4_da_write_begin+0x305/0x820 [ 882.355343][T15475] ? iov_iter_fault_in_readable+0x1b5/0x3a0 [ 882.361241][T15475] generic_perform_write+0x196/0x3a0 [ 882.366529][T15475] ? ext4_da_write_begin+0x820/0x820 [ 882.371928][T15475] ext4_buffered_write_iter+0x2f2/0x3f0 [ 882.377519][T15475] ext4_file_write_iter+0xd01/0x11d0 [ 882.382848][T15475] ? rw_verify_area+0x136/0x250 [ 882.387705][T15475] vfs_write+0x69d/0x770 [ 882.391941][T15475] ksys_write+0xce/0x180 [ 882.396191][T15475] __x64_sys_write+0x3e/0x50 [ 882.400814][T15475] do_syscall_64+0x4a/0x90 [ 882.405236][T15475] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 882.411131][T15475] RIP: 0033:0x4665d9 [ 882.415079][T15475] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 882.434688][T15475] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 882.443121][T15475] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 882.451109][T15475] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 882.459080][T15475] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 882.467067][T15475] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 13:22:04 executing program 5: r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36", 0xc6}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:22:04 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff27000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:22:04 executing program 0: r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36c6d6", 0xc8}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:22:04 executing program 2 (fault-call:7 fault-nth:54): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) [ 882.475037][T15475] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 [ 882.527673][T15439] loop3: detected capacity change from 0 to 44288 [ 882.538852][T15495] loop4: detected capacity change from 0 to 141569 [ 882.556940][T15500] FAULT_INJECTION: forcing a failure. [ 882.556940][T15500] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 882.570012][T15500] CPU: 0 PID: 15500 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 882.578767][T15500] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 882.588825][T15500] Call Trace: [ 882.592096][T15500] dump_stack+0x137/0x19d [ 882.596432][T15500] should_fail+0x23c/0x250 [ 882.601121][T15500] should_fail_usercopy+0x16/0x20 [ 882.606150][T15500] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 882.612266][T15500] generic_perform_write+0x1e4/0x3a0 [ 882.617546][T15500] ? ext4_da_write_begin+0x820/0x820 [ 882.622831][T15500] ext4_buffered_write_iter+0x2f2/0x3f0 [ 882.628378][T15500] ext4_file_write_iter+0xd01/0x11d0 [ 882.633669][T15500] ? rw_verify_area+0x136/0x250 [ 882.638535][T15500] vfs_write+0x69d/0x770 [ 882.642847][T15500] ksys_write+0xce/0x180 [ 882.647080][T15500] __x64_sys_write+0x3e/0x50 [ 882.651730][T15500] do_syscall_64+0x4a/0x90 [ 882.656146][T15500] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 882.662097][T15500] RIP: 0033:0x4665d9 [ 882.665981][T15500] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 882.685749][T15500] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 882.694143][T15500] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 882.702123][T15500] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 882.710074][T15500] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 882.718026][T15500] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 882.726017][T15500] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 13:22:04 executing program 2 (fault-call:7 fault-nth:55): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) [ 882.751785][T15495] loop4: p1 p2 p3 p4 [ 882.755497][T15439] loop3: p1 p2 p3 p4 [ 882.756150][T15495] loop4: p1 size 11292159 extends beyond EOD, truncated [ 882.759791][T15439] loop3: p1 size 11292159 extends beyond EOD, truncated [ 882.763639][T15439] loop3: p4 size 3657465856 extends beyond EOD, truncated 13:22:04 executing program 3: syz_read_part_table(0x4c, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 882.799234][ T1036] loop3: p1 p2 p3 p4 [ 882.799355][T15495] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 882.803518][ T1036] loop3: p1 size 11292159 extends beyond EOD, truncated [ 882.825600][ T1036] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 882.846816][T15522] FAULT_INJECTION: forcing a failure. [ 882.846816][T15522] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 882.860208][T15522] CPU: 0 PID: 15522 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 882.868995][T15522] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 882.879057][T15522] Call Trace: [ 882.882342][T15522] dump_stack+0x137/0x19d [ 882.886679][T15522] should_fail+0x23c/0x250 [ 882.891108][T15522] __alloc_pages+0x102/0x320 [ 882.895800][T15522] alloc_pages+0x21d/0x310 [ 882.900221][T15522] __page_cache_alloc+0x4d/0xf0 [ 882.905064][T15522] pagecache_get_page+0x5f4/0x900 [ 882.910167][T15522] grab_cache_page_write_begin+0x3f/0x70 [ 882.915791][T15522] ext4_da_write_begin+0x305/0x820 [ 882.920912][T15522] ? iov_iter_fault_in_readable+0x1b5/0x3a0 [ 882.926799][T15522] generic_perform_write+0x196/0x3a0 [ 882.932094][T15522] ? ext4_da_write_begin+0x820/0x820 [ 882.937367][T15522] ext4_buffered_write_iter+0x2f2/0x3f0 [ 882.942987][T15522] ext4_file_write_iter+0xd01/0x11d0 [ 882.948350][T15522] ? rw_verify_area+0x136/0x250 [ 882.953215][T15522] vfs_write+0x69d/0x770 [ 882.957453][T15522] ksys_write+0xce/0x180 [ 882.961763][T15522] __x64_sys_write+0x3e/0x50 [ 882.966429][T15522] do_syscall_64+0x4a/0x90 [ 882.970914][T15522] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 882.977029][T15522] RIP: 0033:0x4665d9 [ 882.980979][T15522] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 883.000615][T15522] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 883.009067][T15522] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 883.017059][T15522] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 883.025013][T15522] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 883.033006][T15522] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 883.040975][T15522] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 [ 883.094405][T15495] loop4: detected capacity change from 0 to 141569 [ 883.117526][T15544] loop3: detected capacity change from 0 to 44288 [ 883.166909][T15495] loop4: p1 p2 p3 p4 [ 883.171261][T15495] loop4: p1 size 11292159 extends beyond EOD, truncated [ 883.171442][T15544] loop3: p1 p2 p3 p4 [ 883.183103][T15544] loop3: p1 size 11292159 extends beyond EOD, truncated [ 883.184677][T15495] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 883.201053][T15544] loop3: p4 size 3657465856 extends beyond EOD, truncated 13:22:07 executing program 2 (fault-call:7 fault-nth:56): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) 13:22:07 executing program 1: r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66", 0x97}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:22:07 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff28000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:22:07 executing program 3: syz_read_part_table(0x54, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 884.968674][T15578] loop4: detected capacity change from 0 to 145665 [ 884.988910][T15583] loop3: detected capacity change from 0 to 44288 [ 885.003473][T15587] FAULT_INJECTION: forcing a failure. [ 885.003473][T15587] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 885.016655][T15587] CPU: 1 PID: 15587 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 885.025427][T15587] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 885.035497][T15587] Call Trace: [ 885.038787][T15587] dump_stack+0x137/0x19d [ 885.043187][T15587] should_fail+0x23c/0x250 [ 885.047627][T15587] should_fail_usercopy+0x16/0x20 [ 885.052648][T15587] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 885.058715][T15587] generic_perform_write+0x1e4/0x3a0 [ 885.064008][T15587] ? ext4_da_write_begin+0x820/0x820 [ 885.069325][T15587] ext4_buffered_write_iter+0x2f2/0x3f0 [ 885.074909][T15587] ext4_file_write_iter+0xd01/0x11d0 [ 885.080206][T15587] ? rw_verify_area+0x136/0x250 [ 885.085138][T15587] vfs_write+0x69d/0x770 [ 885.089379][T15587] ksys_write+0xce/0x180 [ 885.093618][T15587] __x64_sys_write+0x3e/0x50 [ 885.098204][T15587] do_syscall_64+0x4a/0x90 [ 885.102638][T15587] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 885.108534][T15587] RIP: 0033:0x4665d9 [ 885.112440][T15587] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 885.132047][T15587] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 885.140462][T15587] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 885.148450][T15587] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 885.156466][T15587] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 885.164458][T15587] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 885.172436][T15587] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 [ 885.187891][T15578] loop4: p1 p2 p3 p4 [ 885.205558][T15583] loop3: p1 p2 p3 p4 [ 885.209942][T15578] loop4: p1 size 11292159 extends beyond EOD, truncated 13:22:07 executing program 2 (fault-call:7 fault-nth:57): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) [ 885.216259][T15583] loop3: p1 size 11292159 extends beyond EOD, truncated [ 885.228736][T15578] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 885.246878][T15583] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 885.261483][T15599] FAULT_INJECTION: forcing a failure. [ 885.261483][T15599] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 885.274871][T15599] CPU: 1 PID: 15599 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 885.283707][T15599] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 885.293881][T15599] Call Trace: [ 885.297170][T15599] dump_stack+0x137/0x19d [ 885.301647][T15599] should_fail+0x23c/0x250 [ 885.306118][T15599] __alloc_pages+0x102/0x320 [ 885.310691][T15599] alloc_pages+0x21d/0x310 [ 885.315129][T15599] __page_cache_alloc+0x4d/0xf0 [ 885.319976][T15599] pagecache_get_page+0x5f4/0x900 [ 885.324987][T15599] grab_cache_page_write_begin+0x3f/0x70 [ 885.330700][T15599] ext4_da_write_begin+0x305/0x820 [ 885.335802][T15599] ? iov_iter_fault_in_readable+0x1b5/0x3a0 [ 885.341703][T15599] generic_perform_write+0x196/0x3a0 [ 885.347053][T15599] ? ext4_da_write_begin+0x820/0x820 [ 885.352327][T15599] ext4_buffered_write_iter+0x2f2/0x3f0 [ 885.357908][T15599] ext4_file_write_iter+0xd01/0x11d0 [ 885.363201][T15599] ? rw_verify_area+0x136/0x250 [ 885.368074][T15599] vfs_write+0x69d/0x770 [ 885.372372][T15599] ksys_write+0xce/0x180 [ 885.377008][T15599] __x64_sys_write+0x3e/0x50 [ 885.381796][T15599] do_syscall_64+0x4a/0x90 [ 885.386629][T15599] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 885.392600][T15599] RIP: 0033:0x4665d9 [ 885.396481][T15599] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 13:22:07 executing program 2 (fault-call:7 fault-nth:58): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) [ 885.416097][T15599] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 885.424561][T15599] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 885.432626][T15599] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 885.440728][T15599] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 885.448702][T15599] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 885.457006][T15599] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 13:22:07 executing program 5: r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36", 0xc6}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:22:07 executing program 3: syz_read_part_table(0x55, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:22:07 executing program 0: r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36c6d6", 0xc8}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:22:07 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff29000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 885.566233][T15625] loop4: detected capacity change from 0 to 149761 [ 885.577835][T15626] loop3: detected capacity change from 0 to 44288 [ 885.587963][T15619] FAULT_INJECTION: forcing a failure. [ 885.587963][T15619] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 885.601153][T15619] CPU: 0 PID: 15619 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 885.609968][T15619] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 885.620022][T15619] Call Trace: [ 885.623394][T15619] dump_stack+0x137/0x19d [ 885.625727][T15625] loop4: p1 p2 p3 p4 [ 885.627713][T15619] should_fail+0x23c/0x250 [ 885.627737][T15619] should_fail_usercopy+0x16/0x20 [ 885.631830][T15625] loop4: p1 size 11292159 extends beyond EOD, [ 885.636158][T15619] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 885.636188][T15619] generic_perform_write+0x1e4/0x3a0 [ 885.641226][T15625] truncated [ 885.649997][T15625] loop4: p4 size 3657465856 extends beyond EOD, [ 885.653477][T15619] ? ext4_da_write_begin+0x820/0x820 [ 885.653512][T15619] ext4_buffered_write_iter+0x2f2/0x3f0 [ 885.658878][T15625] truncated [ 885.661943][T15619] ext4_file_write_iter+0xd01/0x11d0 [ 885.687372][T15619] ? rw_verify_area+0x136/0x250 [ 885.692332][T15619] vfs_write+0x69d/0x770 [ 885.696560][T15619] ksys_write+0xce/0x180 [ 885.700884][T15619] __x64_sys_write+0x3e/0x50 [ 885.705490][T15619] do_syscall_64+0x4a/0x90 [ 885.709904][T15619] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 885.715792][T15619] RIP: 0033:0x4665d9 [ 885.719685][T15619] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 885.739293][T15619] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 885.747692][T15619] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 885.755650][T15619] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 885.763627][T15619] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 885.771588][T15619] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 885.779555][T15619] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 [ 885.802265][T15626] loop3: p1 p2 p3 p4 [ 885.806498][T15626] loop3: p1 size 11292159 extends beyond EOD, truncated 13:22:07 executing program 2 (fault-call:7 fault-nth:59): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) [ 885.815231][T15626] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 885.834022][T15625] loop4: detected capacity change from 0 to 149761 [ 885.858843][T15653] FAULT_INJECTION: forcing a failure. [ 885.858843][T15653] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 885.872536][T15653] CPU: 0 PID: 15653 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 885.881473][T15653] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 885.891725][T15653] Call Trace: [ 885.894993][T15653] dump_stack+0x137/0x19d [ 885.899387][T15653] should_fail+0x23c/0x250 [ 885.903788][T15653] __alloc_pages+0x102/0x320 [ 885.908365][T15653] alloc_pages+0x21d/0x310 [ 885.912792][T15653] __page_cache_alloc+0x4d/0xf0 [ 885.918339][T15653] pagecache_get_page+0x5f4/0x900 [ 885.923472][T15653] grab_cache_page_write_begin+0x3f/0x70 [ 885.929107][T15653] ext4_da_write_begin+0x305/0x820 [ 885.934214][T15653] ? iov_iter_fault_in_readable+0x1b5/0x3a0 [ 885.940135][T15653] generic_perform_write+0x196/0x3a0 [ 885.945420][T15653] ? ext4_da_write_begin+0x820/0x820 [ 885.950759][T15653] ext4_buffered_write_iter+0x2f2/0x3f0 [ 885.956347][T15653] ext4_file_write_iter+0xd01/0x11d0 [ 885.961626][T15653] ? rw_verify_area+0x136/0x250 [ 885.966475][T15653] vfs_write+0x69d/0x770 [ 885.970699][T15653] ksys_write+0xce/0x180 [ 885.974945][T15653] __x64_sys_write+0x3e/0x50 [ 885.979517][T15653] do_syscall_64+0x4a/0x90 [ 885.983928][T15653] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 885.989811][T15653] RIP: 0033:0x4665d9 [ 885.993784][T15653] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 886.013463][T15653] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 886.021875][T15653] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 886.029869][T15653] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 886.037866][T15653] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 886.046121][T15653] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 886.054159][T15653] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 13:22:08 executing program 2 (fault-call:7 fault-nth:60): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) 13:22:08 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff2b000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 886.081001][T15625] loop4: p1 p2 p3 p4 [ 886.085166][T15625] loop4: p1 size 11292159 extends beyond EOD, truncated [ 886.095122][T15625] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 886.114475][T15626] loop3: detected capacity change from 0 to 44288 [ 886.139468][T15672] FAULT_INJECTION: forcing a failure. [ 886.139468][T15672] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 886.152624][T15672] CPU: 0 PID: 15672 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 886.161371][T15672] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 886.171413][T15672] Call Trace: [ 886.174696][T15672] dump_stack+0x137/0x19d [ 886.179029][T15672] should_fail+0x23c/0x250 [ 886.183455][T15672] should_fail_usercopy+0x16/0x20 [ 886.188481][T15672] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 886.194632][T15672] generic_perform_write+0x1e4/0x3a0 [ 886.199936][T15672] ? ext4_da_write_begin+0x820/0x820 [ 886.205262][T15672] ext4_buffered_write_iter+0x2f2/0x3f0 [ 886.210848][T15672] ext4_file_write_iter+0xd01/0x11d0 [ 886.216172][T15672] ? rw_verify_area+0x136/0x250 [ 886.221048][T15672] vfs_write+0x69d/0x770 [ 886.225301][T15672] ksys_write+0xce/0x180 [ 886.229548][T15672] __x64_sys_write+0x3e/0x50 [ 886.234121][T15672] do_syscall_64+0x4a/0x90 [ 886.238527][T15672] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 886.244442][T15672] RIP: 0033:0x4665d9 [ 886.248313][T15672] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 886.268045][T15672] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 886.276440][T15672] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 886.284419][T15672] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 886.292387][T15672] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 886.300564][T15672] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 886.308618][T15672] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 [ 886.335703][T15626] loop3: p1 p2 p3 p4 [ 886.339790][T15626] loop3: p1 size 11292159 extends beyond EOD, truncated [ 886.350468][T15626] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 886.372599][T15686] loop4: detected capacity change from 0 to 157953 [ 886.417718][T15686] loop4: p1 p2 p3 p4 [ 886.421933][T15686] loop4: p1 size 11292159 extends beyond EOD, truncated [ 886.430691][T15686] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:22:10 executing program 1: r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66", 0x97}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:22:10 executing program 2 (fault-call:7 fault-nth:61): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) 13:22:10 executing program 3: syz_read_part_table(0x60, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:22:10 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff2c000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 888.011450][T15717] loop4: detected capacity change from 0 to 162049 [ 888.018089][T15718] loop3: detected capacity change from 0 to 44288 [ 888.041118][T15722] FAULT_INJECTION: forcing a failure. [ 888.041118][T15722] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 888.054418][T15722] CPU: 0 PID: 15722 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 888.063186][T15722] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 888.073501][T15722] Call Trace: [ 888.076777][T15722] dump_stack+0x137/0x19d [ 888.081114][T15722] should_fail+0x23c/0x250 [ 888.085531][T15722] __alloc_pages+0x102/0x320 [ 888.090122][T15722] alloc_pages+0x21d/0x310 [ 888.094589][T15722] __page_cache_alloc+0x4d/0xf0 [ 888.099482][T15722] pagecache_get_page+0x5f4/0x900 [ 888.104499][T15722] grab_cache_page_write_begin+0x3f/0x70 [ 888.110134][T15722] ext4_da_write_begin+0x305/0x820 [ 888.115310][T15722] ? iov_iter_fault_in_readable+0x1b5/0x3a0 [ 888.115379][T15717] loop4: p1 p2 p3 p4 [ 888.121222][T15722] generic_perform_write+0x196/0x3a0 [ 888.121252][T15722] ? ext4_da_write_begin+0x820/0x820 [ 888.128871][T15717] loop4: p1 size 11292159 extends beyond EOD, [ 888.130499][T15722] ext4_buffered_write_iter+0x2f2/0x3f0 [ 888.135864][T15717] truncated [ 888.141972][T15722] ext4_file_write_iter+0xd01/0x11d0 [ 888.142001][T15722] ? rw_verify_area+0x136/0x250 [ 888.142023][T15722] vfs_write+0x69d/0x770 [ 888.152232][T15717] loop4: p4 size 3657465856 extends beyond EOD, [ 888.155957][T15722] ksys_write+0xce/0x180 [ 888.155982][T15722] __x64_sys_write+0x3e/0x50 [ 888.155999][T15722] do_syscall_64+0x4a/0x90 [ 888.160900][T15717] truncated [ 888.165139][T15722] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 888.175367][T15718] loop3: p1 p2 p3 p4 [ 888.175676][T15722] RIP: 0033:0x4665d9 [ 888.175696][T15722] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 888.191103][T15718] loop3: p1 size 11292159 extends beyond EOD, [ 888.193643][T15722] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 888.193668][T15722] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 888.197656][T15718] truncated [ 888.201507][T15722] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 888.243813][T15718] loop3: p4 size 3657465856 extends beyond EOD, 13:22:10 executing program 2 (fault-call:7 fault-nth:62): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) [ 888.244011][T15722] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 888.247161][T15718] truncated [ 888.255085][T15722] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 888.280379][T15722] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 [ 888.360751][T15717] loop4: detected capacity change from 0 to 162049 [ 888.380711][T15750] FAULT_INJECTION: forcing a failure. [ 888.380711][T15750] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 888.393855][T15750] CPU: 0 PID: 15750 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 888.402664][T15750] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 888.412979][T15750] Call Trace: [ 888.416255][T15750] dump_stack+0x137/0x19d [ 888.420673][T15750] should_fail+0x23c/0x250 [ 888.425228][T15750] should_fail_usercopy+0x16/0x20 [ 888.430243][T15750] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 888.436322][T15750] generic_perform_write+0x1e4/0x3a0 [ 888.441606][T15750] ? ext4_da_write_begin+0x820/0x820 [ 888.446951][T15750] ext4_buffered_write_iter+0x2f2/0x3f0 [ 888.452496][T15750] ext4_file_write_iter+0xd01/0x11d0 [ 888.457781][T15750] ? rw_verify_area+0x136/0x250 [ 888.462674][T15750] vfs_write+0x69d/0x770 [ 888.466931][T15750] ksys_write+0xce/0x180 [ 888.471181][T15750] __x64_sys_write+0x3e/0x50 [ 888.475764][T15750] do_syscall_64+0x4a/0x90 [ 888.480202][T15750] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 888.486096][T15750] RIP: 0033:0x4665d9 [ 888.489982][T15750] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 888.509666][T15750] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 888.518164][T15750] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 888.526237][T15750] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 888.534203][T15750] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 888.542238][T15750] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 888.550253][T15750] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 13:22:10 executing program 5: r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36", 0xc6}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:22:10 executing program 3: syz_read_part_table(0x63, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 888.575522][T15717] loop4: p1 p2 p3 p4 [ 888.579574][T15717] loop4: p1 size 11292159 extends beyond EOD, truncated 13:22:10 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36c6d6", 0xc8}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:22:10 executing program 2 (fault-call:7 fault-nth:63): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) 13:22:10 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36c6d6", 0xc8}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) [ 888.635624][T15717] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 888.651378][T15763] loop3: detected capacity change from 0 to 44288 [ 888.682579][T15772] FAULT_INJECTION: forcing a failure. [ 888.682579][T15772] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 888.695829][T15772] CPU: 1 PID: 15772 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 888.704672][T15772] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 888.714742][T15772] Call Trace: [ 888.718017][T15772] dump_stack+0x137/0x19d [ 888.722701][T15772] should_fail+0x23c/0x250 [ 888.727211][T15772] __alloc_pages+0x102/0x320 [ 888.731819][T15772] alloc_pages+0x21d/0x310 [ 888.736271][T15772] __page_cache_alloc+0x4d/0xf0 [ 888.741125][T15772] pagecache_get_page+0x5f4/0x900 [ 888.746167][T15772] grab_cache_page_write_begin+0x3f/0x70 [ 888.751808][T15772] ext4_da_write_begin+0x305/0x820 [ 888.756928][T15772] ? iov_iter_fault_in_readable+0x1b5/0x3a0 [ 888.762825][T15772] generic_perform_write+0x196/0x3a0 [ 888.768109][T15772] ? ext4_da_write_begin+0x820/0x820 [ 888.773395][T15772] ext4_buffered_write_iter+0x2f2/0x3f0 [ 888.779093][T15772] ext4_file_write_iter+0xd01/0x11d0 [ 888.784395][T15772] ? rw_verify_area+0x136/0x250 [ 888.789310][T15772] vfs_write+0x69d/0x770 [ 888.793559][T15772] ksys_write+0xce/0x180 [ 888.797861][T15772] __x64_sys_write+0x3e/0x50 [ 888.802451][T15772] do_syscall_64+0x4a/0x90 [ 888.806883][T15772] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 888.812856][T15772] RIP: 0033:0x4665d9 [ 888.816750][T15772] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 888.836370][T15772] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 888.844859][T15772] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 888.852840][T15772] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 888.860846][T15772] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 888.868938][T15772] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 13:22:11 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff2d000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 888.876940][T15772] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 [ 888.901946][ T1036] loop4: p1 p2 p3 p4 [ 888.906996][ T1036] loop4: p1 size 11292159 extends beyond EOD, truncated [ 888.918190][T15763] loop3: p1 p2 p3 p4 [ 888.922219][T15763] loop3: p1 size 11292159 extends beyond EOD, truncated 13:22:11 executing program 2 (fault-call:7 fault-nth:64): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) [ 888.931100][ T1036] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 888.940503][T15763] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 888.983639][T15797] FAULT_INJECTION: forcing a failure. [ 888.983639][T15797] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 888.996797][T15797] CPU: 1 PID: 15797 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 889.005561][T15797] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 889.015619][T15797] Call Trace: [ 889.018896][T15797] dump_stack+0x137/0x19d [ 889.023236][T15797] should_fail+0x23c/0x250 [ 889.027653][T15797] should_fail_usercopy+0x16/0x20 [ 889.032683][T15797] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 889.038768][T15797] generic_perform_write+0x1e4/0x3a0 [ 889.044090][T15797] ? ext4_da_write_begin+0x820/0x820 [ 889.049377][T15797] ext4_buffered_write_iter+0x2f2/0x3f0 [ 889.054935][T15797] ext4_file_write_iter+0xd01/0x11d0 [ 889.060648][T15797] ? rw_verify_area+0x136/0x250 [ 889.065523][T15797] vfs_write+0x69d/0x770 [ 889.069817][T15797] ksys_write+0xce/0x180 [ 889.074060][T15797] __x64_sys_write+0x3e/0x50 [ 889.078633][T15797] do_syscall_64+0x4a/0x90 [ 889.083061][T15797] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 889.088972][T15797] RIP: 0033:0x4665d9 [ 889.092936][T15797] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 889.112557][T15797] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 889.121087][T15797] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 889.129042][T15797] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 889.137019][T15797] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 889.145493][T15797] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 889.153524][T15797] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 [ 889.188765][T15763] loop3: detected capacity change from 0 to 44288 [ 889.217903][T15763] loop3: p1 p2 p3 p4 [ 889.217911][T15813] loop4: detected capacity change from 0 to 166145 [ 889.222148][T15763] loop3: p1 size 11292159 extends beyond EOD, truncated [ 889.236787][T15763] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 889.285552][T15813] loop4: p1 p2 p3 p4 [ 889.289646][T15813] loop4: p1 size 11292159 extends beyond EOD, truncated [ 889.303867][T15813] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:22:13 executing program 2 (fault-call:7 fault-nth:65): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) 13:22:13 executing program 3: syz_read_part_table(0x68, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:22:13 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66", 0x97}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:22:13 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff2e000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 891.042067][T15854] loop3: detected capacity change from 0 to 44288 [ 891.046734][T15858] loop4: detected capacity change from 0 to 170241 [ 891.069525][T15855] FAULT_INJECTION: forcing a failure. [ 891.069525][T15855] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 891.082778][T15855] CPU: 1 PID: 15855 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 891.091541][T15855] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 891.101869][T15855] Call Trace: [ 891.105162][T15855] dump_stack+0x137/0x19d [ 891.109494][T15855] should_fail+0x23c/0x250 [ 891.113941][T15855] __alloc_pages+0x102/0x320 [ 891.118627][T15855] alloc_pages+0x21d/0x310 [ 891.123100][T15855] __page_cache_alloc+0x4d/0xf0 [ 891.129165][T15855] pagecache_get_page+0x5f4/0x900 [ 891.134217][T15855] grab_cache_page_write_begin+0x3f/0x70 [ 891.139854][T15855] ext4_da_write_begin+0x305/0x820 [ 891.145973][T15855] ? iov_iter_fault_in_readable+0x1b5/0x3a0 [ 891.152349][T15855] generic_perform_write+0x196/0x3a0 [ 891.157667][T15855] ? ext4_da_write_begin+0x820/0x820 [ 891.163563][T15855] ext4_buffered_write_iter+0x2f2/0x3f0 [ 891.169157][T15855] ext4_file_write_iter+0xd01/0x11d0 [ 891.174446][T15855] ? rw_verify_area+0x136/0x250 [ 891.179340][T15855] vfs_write+0x69d/0x770 [ 891.183567][T15855] ksys_write+0xce/0x180 [ 891.187803][T15855] __x64_sys_write+0x3e/0x50 [ 891.192468][T15855] do_syscall_64+0x4a/0x90 [ 891.196884][T15855] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 891.202814][T15855] RIP: 0033:0x4665d9 [ 891.206793][T15855] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 891.226715][T15855] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 891.235233][T15855] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 13:22:13 executing program 2 (fault-call:7 fault-nth:66): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) [ 891.243205][T15855] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 891.251163][T15855] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 891.259117][T15855] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 891.267368][T15855] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 [ 891.305677][T15858] loop4: p1 p2 p3 p4 [ 891.309788][T15858] loop4: p1 size 11292159 extends beyond EOD, truncated [ 891.322407][T15858] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 891.329833][T15854] loop3: p1 p2 p3 p4 [ 891.334473][T15854] loop3: p1 size 11292159 extends beyond EOD, truncated [ 891.343923][T15854] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 891.394526][T15876] FAULT_INJECTION: forcing a failure. [ 891.394526][T15876] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 891.407642][T15876] CPU: 0 PID: 15876 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 891.416451][T15876] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 891.429475][T15876] Call Trace: [ 891.432783][T15876] dump_stack+0x137/0x19d [ 891.437120][T15876] should_fail+0x23c/0x250 [ 891.441547][T15876] should_fail_usercopy+0x16/0x20 [ 891.446576][T15876] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 891.452645][T15876] generic_perform_write+0x1e4/0x3a0 [ 891.457933][T15876] ? ext4_da_write_begin+0x820/0x820 [ 891.463222][T15876] ext4_buffered_write_iter+0x2f2/0x3f0 [ 891.468772][T15876] ext4_file_write_iter+0xd01/0x11d0 [ 891.474073][T15876] ? rw_verify_area+0x136/0x250 [ 891.479135][T15876] vfs_write+0x69d/0x770 [ 891.483474][T15876] ksys_write+0xce/0x180 [ 891.487724][T15876] __x64_sys_write+0x3e/0x50 [ 891.492309][T15876] do_syscall_64+0x4a/0x90 [ 891.496831][T15876] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 891.502729][T15876] RIP: 0033:0x4665d9 [ 891.506652][T15876] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 891.526270][T15876] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 891.534715][T15876] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 891.542744][T15876] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 891.550727][T15876] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 891.558856][T15876] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 891.566826][T15876] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 [ 891.582297][T15862] print_req_error: 112 callbacks suppressed [ 891.582310][T15862] blk_update_request: I/O error, dev loop3, sector 44160 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 891.607064][T15881] blk_update_request: I/O error, dev loop3, sector 44160 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 891.607510][T15880] blk_update_request: I/O error, dev loop3, sector 233 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 891.620930][T15854] __loop_clr_fd: partition scan of loop3 failed (rc=-16) 13:22:13 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36", 0xc6}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:22:13 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff2f000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 891.641299][ T616] blk_update_request: I/O error, dev loop3, sector 44160 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 891.652647][ T616] buffer_io_error: 86 callbacks suppressed [ 891.652660][ T616] Buffer I/O error on dev loop3p4, logical block 5520, async page read [ 891.667276][ T616] blk_update_request: I/O error, dev loop3, sector 233 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 891.678344][ T616] Buffer I/O error on dev loop3p3, logical block 1, async page read [ 891.682256][T15854] loop3: detected capacity change from 0 to 44288 [ 891.686363][ T616] blk_update_request: I/O error, dev loop3, sector 44160 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 891.703983][ T616] Buffer I/O error on dev loop3p1, logical block 5520, async page read [ 891.720863][T15901] loop4: detected capacity change from 0 to 174337 [ 891.733432][T15854] loop3: p1 p2 p3 p4 [ 891.737790][T15854] loop3: p1 size 11292159 extends beyond EOD, truncated 13:22:13 executing program 2 (fault-call:7 fault-nth:67): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) 13:22:13 executing program 3: syz_read_part_table(0x6c, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 891.748022][T15854] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 891.775596][T15901] loop4: p1 p2 p3 p4 [ 891.780257][T15901] loop4: p1 size 11292159 extends beyond EOD, truncated [ 891.790991][T15901] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 891.816917][T15917] FAULT_INJECTION: forcing a failure. [ 891.816917][T15917] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 891.830861][T15917] CPU: 1 PID: 15917 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 891.839710][T15917] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 891.850027][T15917] Call Trace: [ 891.853397][T15917] dump_stack+0x137/0x19d [ 891.857777][T15917] should_fail+0x23c/0x250 [ 891.862697][T15917] __alloc_pages+0x102/0x320 13:22:14 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36c6d6", 0xc8}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) [ 891.867272][T15917] alloc_pages+0x21d/0x310 [ 891.871879][T15917] __page_cache_alloc+0x4d/0xf0 [ 891.876780][T15917] pagecache_get_page+0x5f4/0x900 [ 891.882292][T15917] grab_cache_page_write_begin+0x3f/0x70 [ 891.888374][T15917] ext4_da_write_begin+0x305/0x820 [ 891.893534][T15917] ? iov_iter_fault_in_readable+0x1b5/0x3a0 [ 891.899407][T15917] generic_perform_write+0x196/0x3a0 [ 891.904735][T15917] ? ext4_da_write_begin+0x820/0x820 [ 891.910199][T15917] ext4_buffered_write_iter+0x2f2/0x3f0 [ 891.915892][T15917] ext4_file_write_iter+0xd01/0x11d0 [ 891.921194][T15917] ? rw_verify_area+0x136/0x250 [ 891.926127][T15917] vfs_write+0x69d/0x770 [ 891.930353][T15917] ksys_write+0xce/0x180 [ 891.934598][T15917] __x64_sys_write+0x3e/0x50 [ 891.939250][T15917] do_syscall_64+0x4a/0x90 [ 891.943723][T15917] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 891.949671][T15917] RIP: 0033:0x4665d9 [ 891.953614][T15917] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 891.973260][T15917] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 891.981666][T15917] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 891.989623][T15917] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 891.997639][T15917] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 892.005605][T15917] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 892.013557][T15917] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 13:22:14 executing program 2 (fault-call:7 fault-nth:68): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) 13:22:14 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff30000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 892.105155][T15938] loop3: detected capacity change from 0 to 44288 [ 892.112047][T15944] loop4: detected capacity change from 0 to 178433 [ 892.124401][T15940] FAULT_INJECTION: forcing a failure. [ 892.124401][T15940] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 892.137511][T15940] CPU: 1 PID: 15940 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 892.146268][T15940] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 892.156799][T15940] Call Trace: [ 892.160544][T15940] dump_stack+0x137/0x19d [ 892.166960][T15940] should_fail+0x23c/0x250 [ 892.171418][T15940] should_fail_usercopy+0x16/0x20 [ 892.177408][T15940] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 892.183465][T15940] generic_perform_write+0x1e4/0x3a0 [ 892.193766][T15940] ? ext4_da_write_begin+0x820/0x820 [ 892.200052][T15940] ext4_buffered_write_iter+0x2f2/0x3f0 [ 892.205669][T15940] ext4_file_write_iter+0xd01/0x11d0 [ 892.211576][T15940] ? rw_verify_area+0x136/0x250 [ 892.216480][T15940] vfs_write+0x69d/0x770 [ 892.220703][T15940] ksys_write+0xce/0x180 [ 892.224945][T15940] __x64_sys_write+0x3e/0x50 [ 892.229567][T15940] do_syscall_64+0x4a/0x90 [ 892.233972][T15940] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 892.239851][T15940] RIP: 0033:0x4665d9 [ 892.243741][T15940] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 892.263467][T15940] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 892.272016][T15940] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 892.279988][T15940] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 892.287960][T15940] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 892.295998][T15940] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 13:22:14 executing program 2 (fault-call:7 fault-nth:69): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) [ 892.304115][T15940] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 [ 892.349842][T15944] loop4: p1 p2 p3 p4 [ 892.354061][T15938] loop3: p1 p2 p3 p4 [ 892.354906][T15944] loop4: p1 size 11292159 extends beyond EOD, truncated [ 892.358664][T15938] loop3: p1 size 11292159 extends beyond EOD, truncated [ 892.374344][T15944] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 892.380592][T15938] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 892.407850][T15955] FAULT_INJECTION: forcing a failure. [ 892.407850][T15955] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 892.421226][T15955] CPU: 0 PID: 15955 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 892.430091][T15955] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 892.440996][T15955] Call Trace: [ 892.444277][T15955] dump_stack+0x137/0x19d [ 892.449698][T15955] should_fail+0x23c/0x250 [ 892.454159][T15955] __alloc_pages+0x102/0x320 [ 892.458746][T15955] alloc_pages+0x21d/0x310 [ 892.463165][T15955] __page_cache_alloc+0x4d/0xf0 [ 892.468020][T15955] pagecache_get_page+0x5f4/0x900 [ 892.473058][T15955] grab_cache_page_write_begin+0x3f/0x70 [ 892.480635][T15955] ext4_da_write_begin+0x305/0x820 [ 892.485770][T15955] ? iov_iter_fault_in_readable+0x1b5/0x3a0 [ 892.491678][T15955] generic_perform_write+0x196/0x3a0 [ 892.496970][T15955] ? ext4_da_write_begin+0x820/0x820 [ 892.502311][T15955] ext4_buffered_write_iter+0x2f2/0x3f0 [ 892.508276][T15955] ext4_file_write_iter+0xd01/0x11d0 [ 892.513668][T15955] ? rw_verify_area+0x136/0x250 [ 892.518525][T15955] vfs_write+0x69d/0x770 [ 892.522773][T15955] ksys_write+0xce/0x180 [ 892.527017][T15955] __x64_sys_write+0x3e/0x50 [ 892.532145][T15955] do_syscall_64+0x4a/0x90 [ 892.536640][T15955] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 892.542626][T15955] RIP: 0033:0x4665d9 [ 892.546518][T15955] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 892.566129][T15955] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 892.574675][T15955] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 892.586756][T15955] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 892.594929][T15955] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 13:22:14 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff33000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 892.603011][T15955] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 892.611077][T15955] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 [ 892.686538][T15974] loop4: detected capacity change from 0 to 190721 [ 892.734732][T15974] loop4: p1 p2 p3 p4 [ 892.743696][T15974] loop4: p1 size 11292159 extends beyond EOD, truncated [ 892.752080][T15974] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 892.824834][T15974] loop4: detected capacity change from 0 to 190721 [ 892.868536][T15974] loop4: p1 p2 p3 p4 [ 892.872828][T15974] loop4: p1 size 11292159 extends beyond EOD, truncated [ 892.881586][T15974] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:22:16 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66", 0x97}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:22:16 executing program 3: syz_read_part_table(0x72, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:22:16 executing program 2 (fault-call:7 fault-nth:70): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) [ 894.060893][T16015] loop3: detected capacity change from 0 to 44288 [ 894.088462][T16016] FAULT_INJECTION: forcing a failure. [ 894.088462][T16016] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 894.101646][T16016] CPU: 1 PID: 16016 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 894.111157][T16016] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 894.121231][T16016] Call Trace: [ 894.124526][T16016] dump_stack+0x137/0x19d [ 894.128857][T16016] should_fail+0x23c/0x250 [ 894.133335][T16016] should_fail_usercopy+0x16/0x20 [ 894.138428][T16016] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 894.144570][T16016] generic_perform_write+0x1e4/0x3a0 [ 894.149885][T16016] ? ext4_da_write_begin+0x820/0x820 [ 894.155177][T16016] ext4_buffered_write_iter+0x2f2/0x3f0 [ 894.160813][T16016] ext4_file_write_iter+0xd01/0x11d0 [ 894.166118][T16016] ? rw_verify_area+0x136/0x250 [ 894.170985][T16016] vfs_write+0x69d/0x770 [ 894.175242][T16016] ksys_write+0xce/0x180 [ 894.179742][T16016] __x64_sys_write+0x3e/0x50 [ 894.184330][T16016] do_syscall_64+0x4a/0x90 [ 894.188808][T16016] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 894.195767][T16016] RIP: 0033:0x4665d9 [ 894.199655][T16016] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 894.219365][T16016] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 894.227784][T16016] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 894.235752][T16016] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 894.243796][T16016] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 894.251768][T16016] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 894.259752][T16016] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 [ 894.273327][T16015] loop3: p1 p2 p3 p4 [ 894.277808][T16015] loop3: p1 size 11292159 extends beyond EOD, truncated [ 894.288196][T16015] loop3: p4 size 3657465856 extends beyond EOD, truncated 13:22:16 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36", 0xc6}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:22:16 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff38000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:22:16 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66", 0x97}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:22:16 executing program 3: syz_read_part_table(0x74, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 894.700004][T16054] loop3: detected capacity change from 0 to 44288 [ 894.705039][T16052] loop4: detected capacity change from 0 to 211201 [ 894.735684][T16054] loop3: p1 p2 p3 p4 [ 894.739785][T16054] loop3: p1 size 11292159 extends beyond EOD, truncated [ 894.748456][T16054] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 894.756405][T16052] loop4: p1 p2 p3 p4 [ 894.760473][T16052] loop4: p1 size 11292159 extends beyond EOD, truncated [ 894.780117][T16052] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:22:17 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x10, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36c6d6", 0xc8}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:22:17 executing program 2 (fault-call:7 fault-nth:71): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) 13:22:17 executing program 3: syz_read_part_table(0x7a, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:22:17 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff3c000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 895.086753][T16095] loop3: detected capacity change from 0 to 44288 [ 895.090274][T16096] loop4: detected capacity change from 0 to 227585 [ 895.111915][T16094] FAULT_INJECTION: forcing a failure. [ 895.111915][T16094] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 895.125164][T16094] CPU: 1 PID: 16094 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 895.125558][T16095] loop3: p1 p2 p3 p4 [ 895.133985][T16094] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 895.134002][T16094] Call Trace: [ 895.134010][T16094] dump_stack+0x137/0x19d [ 895.138714][T16095] loop3: p1 size 11292159 extends beyond EOD, [ 895.148328][T16094] should_fail+0x23c/0x250 [ 895.148413][T16094] __alloc_pages+0x102/0x320 [ 895.151698][T16095] truncated [ 895.174404][T16094] alloc_pages+0x21d/0x310 [ 895.178834][T16094] __page_cache_alloc+0x4d/0xf0 [ 895.183714][T16094] pagecache_get_page+0x5f4/0x900 [ 895.188792][T16094] grab_cache_page_write_begin+0x3f/0x70 [ 895.194406][T16094] ext4_da_write_begin+0x305/0x820 [ 895.199510][T16094] ? iov_iter_fault_in_readable+0x1b5/0x3a0 [ 895.205391][T16094] generic_perform_write+0x196/0x3a0 [ 895.210660][T16094] ? ext4_da_write_begin+0x820/0x820 [ 895.216039][T16094] ext4_buffered_write_iter+0x2f2/0x3f0 [ 895.221595][T16094] ext4_file_write_iter+0xd01/0x11d0 [ 895.227125][T16094] ? rw_verify_area+0x136/0x250 [ 895.231977][T16094] vfs_write+0x69d/0x770 [ 895.236281][T16094] ksys_write+0xce/0x180 [ 895.240529][T16094] __x64_sys_write+0x3e/0x50 [ 895.245123][T16094] do_syscall_64+0x4a/0x90 [ 895.249553][T16094] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 895.255524][T16094] RIP: 0033:0x4665d9 [ 895.259484][T16094] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 895.279076][T16094] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 895.287497][T16094] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 895.295453][T16094] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 895.303435][T16094] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 895.311401][T16094] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 895.319355][T16094] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 [ 895.329254][T16095] loop3: p4 size 3657465856 extends beyond EOD, truncated 13:22:17 executing program 2 (fault-call:7 fault-nth:72): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) [ 895.337005][T16096] loop4: p1 p2 p3 p4 [ 895.341106][T16096] loop4: p1 size 11292159 extends beyond EOD, truncated [ 895.349641][T16096] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:22:17 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff3d000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 895.426034][T16095] loop3: detected capacity change from 0 to 44288 [ 895.443215][T16136] loop4: detected capacity change from 0 to 231681 [ 895.452006][T16133] FAULT_INJECTION: forcing a failure. [ 895.452006][T16133] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 895.469493][T16133] CPU: 1 PID: 16133 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 895.478278][T16133] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 895.488312][T16133] Call Trace: [ 895.491578][T16133] dump_stack+0x137/0x19d [ 895.495904][T16133] should_fail+0x23c/0x250 [ 895.500370][T16133] should_fail_usercopy+0x16/0x20 [ 895.505408][T16133] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 895.511488][T16133] generic_perform_write+0x1e4/0x3a0 [ 895.516784][T16133] ? ext4_da_write_begin+0x820/0x820 [ 895.522111][T16133] ext4_buffered_write_iter+0x2f2/0x3f0 [ 895.527772][T16133] ext4_file_write_iter+0xd01/0x11d0 [ 895.533144][T16133] ? rw_verify_area+0x136/0x250 [ 895.537987][T16133] vfs_write+0x69d/0x770 [ 895.542259][T16133] ksys_write+0xce/0x180 [ 895.546514][T16133] __x64_sys_write+0x3e/0x50 [ 895.551086][T16133] do_syscall_64+0x4a/0x90 [ 895.555512][T16133] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 895.561401][T16133] RIP: 0033:0x4665d9 [ 895.565281][T16133] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 895.584933][T16133] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 895.593441][T16133] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 895.601535][T16133] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 895.609497][T16133] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 895.617459][T16133] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 895.625493][T16133] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 [ 895.639634][T16095] loop3: p1 p2 p3 p4 [ 895.645701][T16136] loop4: p1 p2 p3 p4 [ 895.649959][T16136] loop4: p1 size 11292159 extends beyond EOD, truncated [ 895.650986][T16095] loop3: p1 size 11292159 extends beyond EOD, truncated [ 895.666488][T16136] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:22:17 executing program 2 (fault-call:7 fault-nth:73): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) [ 895.674381][T16095] loop3: p4 size 3657465856 extends beyond EOD, truncated 13:22:17 executing program 3: syz_read_part_table(0x90, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 895.729811][T16153] FAULT_INJECTION: forcing a failure. [ 895.729811][T16153] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 895.738899][ T1036] loop3: p1 p2 p3 p4 [ 895.743134][T16153] CPU: 0 PID: 16153 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 895.755916][T16153] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 895.758011][ T1036] loop3: p1 size 11292159 extends beyond EOD, [ 895.766084][T16153] Call Trace: [ 895.766096][T16153] dump_stack+0x137/0x19d [ 895.766121][T16153] should_fail+0x23c/0x250 [ 895.766141][T16153] __alloc_pages+0x102/0x320 [ 895.772279][ T1036] truncated [ 895.778306][ T1036] loop3: p4 size 3657465856 extends beyond EOD, [ 895.779854][T16153] alloc_pages+0x21d/0x310 [ 895.779879][T16153] __page_cache_alloc+0x4d/0xf0 [ 895.784275][ T1036] truncated [ 895.810571][T16153] pagecache_get_page+0x5f4/0x900 [ 895.815718][T16153] grab_cache_page_write_begin+0x3f/0x70 [ 895.821369][T16153] ext4_da_write_begin+0x305/0x820 [ 895.826481][T16153] ? iov_iter_fault_in_readable+0x1b5/0x3a0 [ 895.832372][T16153] generic_perform_write+0x196/0x3a0 [ 895.837716][T16153] ? ext4_da_write_begin+0x820/0x820 [ 895.843097][T16153] ext4_buffered_write_iter+0x2f2/0x3f0 [ 895.848650][T16153] ext4_file_write_iter+0xd01/0x11d0 [ 895.853947][T16153] ? rw_verify_area+0x136/0x250 [ 895.858924][T16153] vfs_write+0x69d/0x770 [ 895.863171][T16153] ksys_write+0xce/0x180 [ 895.867503][T16153] __x64_sys_write+0x3e/0x50 [ 895.872199][T16153] do_syscall_64+0x4a/0x90 [ 895.876617][T16153] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 895.882529][T16153] RIP: 0033:0x4665d9 [ 895.886416][T16153] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 895.906099][T16153] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 895.914515][T16153] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 895.922505][T16153] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 895.930493][T16153] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 895.938480][T16153] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 895.946459][T16153] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 [ 895.997455][T16169] loop3: detected capacity change from 0 to 44288 [ 896.015662][T16169] loop3: p1 p2 p3 p4 [ 896.019736][T16169] loop3: p1 size 11292159 extends beyond EOD, truncated [ 896.028495][T16169] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 896.038505][ T1036] loop3: p1 p2 p3 p4 [ 896.042681][ T1036] loop3: p1 size 11292159 extends beyond EOD, truncated [ 896.051123][ T1036] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 896.088479][T16169] loop3: detected capacity change from 0 to 44288 [ 896.123822][T16169] loop3: p1 p2 p3 p4 [ 896.127987][T16169] loop3: p1 size 11292159 extends beyond EOD, truncated [ 896.136451][T16169] loop3: p4 size 3657465856 extends beyond EOD, truncated 13:22:19 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36", 0xc6}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:22:19 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff3e000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:22:19 executing program 2 (fault-call:7 fault-nth:74): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) 13:22:19 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x10, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66", 0x97}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) [ 897.714301][T16218] loop4: detected capacity change from 0 to 235777 [ 897.757397][T16225] FAULT_INJECTION: forcing a failure. [ 897.757397][T16225] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 897.770506][T16225] CPU: 0 PID: 16225 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 897.779364][T16225] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 897.789415][T16225] Call Trace: [ 897.792693][T16225] dump_stack+0x137/0x19d [ 897.797135][T16225] should_fail+0x23c/0x250 [ 897.801569][T16225] should_fail_usercopy+0x16/0x20 [ 897.806647][T16225] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 897.812697][T16225] generic_perform_write+0x1e4/0x3a0 [ 897.818058][T16225] ? ext4_da_write_begin+0x820/0x820 [ 897.823350][T16225] ext4_buffered_write_iter+0x2f2/0x3f0 [ 897.828944][T16225] ext4_file_write_iter+0xd01/0x11d0 [ 897.834296][T16225] ? rw_verify_area+0x136/0x250 [ 897.839152][T16225] vfs_write+0x69d/0x770 [ 897.843401][T16225] ksys_write+0xce/0x180 [ 897.847638][T16225] __x64_sys_write+0x3e/0x50 [ 897.852220][T16225] do_syscall_64+0x4a/0x90 [ 897.857123][T16225] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 897.863020][T16225] RIP: 0033:0x4665d9 [ 897.867456][T16225] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 897.887074][T16225] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 897.895507][T16225] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 897.903480][T16225] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 897.911434][T16225] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 897.919413][T16225] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 897.927368][T16225] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 [ 897.945401][T16218] loop4: p1 p2 p3 p4 [ 897.949544][T16218] loop4: p1 size 11292159 extends beyond EOD, truncated [ 897.963839][T16218] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:22:20 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x10, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36c6d6", 0xc8}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:22:20 executing program 3: syz_read_part_table(0xad, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:22:20 executing program 2 (fault-call:7 fault-nth:75): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) 13:22:20 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff41000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 898.094387][T16251] loop4: detected capacity change from 0 to 248065 [ 898.106522][T16253] loop3: detected capacity change from 0 to 44288 [ 898.126536][T16260] FAULT_INJECTION: forcing a failure. [ 898.126536][T16260] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 898.139914][T16260] CPU: 0 PID: 16260 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 898.148688][T16260] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 898.158882][T16260] Call Trace: [ 898.162227][T16260] dump_stack+0x137/0x19d [ 898.166597][T16260] should_fail+0x23c/0x250 [ 898.171122][T16260] __alloc_pages+0x102/0x320 [ 898.175720][T16260] alloc_pages+0x21d/0x310 [ 898.180222][T16260] __page_cache_alloc+0x4d/0xf0 [ 898.185075][T16260] pagecache_get_page+0x5f4/0x900 [ 898.190172][T16260] grab_cache_page_write_begin+0x3f/0x70 [ 898.195837][T16260] ext4_da_write_begin+0x305/0x820 [ 898.200953][T16260] ? iov_iter_fault_in_readable+0x1b5/0x3a0 [ 898.206913][T16260] generic_perform_write+0x196/0x3a0 [ 898.212200][T16260] ? ext4_da_write_begin+0x820/0x820 [ 898.217490][T16260] ext4_buffered_write_iter+0x2f2/0x3f0 [ 898.223055][T16260] ext4_file_write_iter+0xd01/0x11d0 [ 898.228353][T16260] ? rw_verify_area+0x136/0x250 [ 898.233570][T16260] vfs_write+0x69d/0x770 [ 898.237820][T16260] ksys_write+0xce/0x180 [ 898.247029][T16260] __x64_sys_write+0x3e/0x50 [ 898.251639][T16260] do_syscall_64+0x4a/0x90 [ 898.256132][T16260] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 898.262036][T16260] RIP: 0033:0x4665d9 [ 898.266085][T16260] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 898.285761][T16260] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 898.294200][T16260] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 898.302235][T16260] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 898.310279][T16260] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 898.318259][T16260] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 898.326241][T16260] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 [ 898.341209][T16253] loop3: p1 p2 p3 p4 [ 898.345767][T16253] loop3: p1 size 11292159 extends beyond EOD, truncated [ 898.347786][T16251] loop4: p1 p2 p3 p4 [ 898.357541][T16253] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 898.360329][T16251] loop4: p1 size 11292159 extends beyond EOD, truncated [ 898.373972][T16251] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:22:20 executing program 3: syz_read_part_table(0xc0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:22:20 executing program 2 (fault-call:7 fault-nth:76): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) 13:22:20 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff42000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 898.506849][T16286] loop3: detected capacity change from 0 to 44288 [ 898.528894][T16288] FAULT_INJECTION: forcing a failure. [ 898.528894][T16288] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 898.529551][T16290] loop4: detected capacity change from 0 to 252161 [ 898.542015][T16288] CPU: 1 PID: 16288 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 898.557288][T16288] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 898.567458][T16288] Call Trace: [ 898.570732][T16288] dump_stack+0x137/0x19d [ 898.575067][T16288] should_fail+0x23c/0x250 [ 898.579462][T16288] should_fail_usercopy+0x16/0x20 [ 898.584465][T16288] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 898.590614][T16288] generic_perform_write+0x1e4/0x3a0 [ 898.595931][T16288] ? ext4_da_write_begin+0x820/0x820 [ 898.601207][T16288] ext4_buffered_write_iter+0x2f2/0x3f0 [ 898.606747][T16288] ext4_file_write_iter+0xd01/0x11d0 [ 898.612146][T16288] ? rw_verify_area+0x136/0x250 [ 898.617021][T16288] vfs_write+0x69d/0x770 [ 898.621269][T16288] ksys_write+0xce/0x180 [ 898.625518][T16288] __x64_sys_write+0x3e/0x50 [ 898.630630][T16288] do_syscall_64+0x4a/0x90 [ 898.635063][T16288] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 898.640966][T16288] RIP: 0033:0x4665d9 [ 898.644857][T16288] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 898.664518][T16288] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 898.672916][T16288] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 898.680930][T16288] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 898.688893][T16288] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 898.696882][T16288] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 898.704904][T16288] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 13:22:20 executing program 2 (fault-call:7 fault-nth:77): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) [ 898.728188][T16286] loop3: p1 p2 p3 p4 [ 898.728417][T16290] loop4: p1 p2 p3 p4 [ 898.732387][T16286] loop3: p1 size 11292159 extends beyond EOD, truncated [ 898.744315][T16290] loop4: p1 size 11292159 extends beyond EOD, truncated [ 898.746163][T16286] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 898.769675][T16290] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 898.847134][T16317] FAULT_INJECTION: forcing a failure. [ 898.847134][T16317] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 898.860430][T16317] CPU: 0 PID: 16317 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 898.869203][T16317] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 898.879366][T16317] Call Trace: [ 898.883085][T16317] dump_stack+0x137/0x19d [ 898.887445][T16317] should_fail+0x23c/0x250 [ 898.891878][T16317] __alloc_pages+0x102/0x320 [ 898.896467][T16317] alloc_pages+0x21d/0x310 [ 898.900974][T16317] __page_cache_alloc+0x4d/0xf0 [ 898.905830][T16317] pagecache_get_page+0x5f4/0x900 [ 898.910897][T16317] grab_cache_page_write_begin+0x3f/0x70 [ 898.916536][T16317] ext4_da_write_begin+0x305/0x820 [ 898.921655][T16317] ? iov_iter_fault_in_readable+0x1b5/0x3a0 [ 898.927549][T16317] generic_perform_write+0x196/0x3a0 [ 898.932854][T16317] ? ext4_da_write_begin+0x820/0x820 [ 898.938150][T16317] ext4_buffered_write_iter+0x2f2/0x3f0 [ 898.943715][T16317] ext4_file_write_iter+0xd01/0x11d0 [ 898.949047][T16317] ? rw_verify_area+0x136/0x250 [ 898.953958][T16317] vfs_write+0x69d/0x770 [ 898.958198][T16317] ksys_write+0xce/0x180 [ 898.962436][T16317] __x64_sys_write+0x3e/0x50 [ 898.967023][T16317] do_syscall_64+0x4a/0x90 [ 898.971514][T16317] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 898.977415][T16317] RIP: 0033:0x4665d9 [ 898.981331][T16317] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 899.000948][T16317] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 899.009384][T16317] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 899.017436][T16317] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 899.025410][T16317] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 899.033386][T16317] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 899.041454][T16317] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 13:22:22 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff43000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:22:22 executing program 3: syz_read_part_table(0x204, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:22:22 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x10, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36", 0xc6}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:22:22 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x10, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66", 0x97}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) [ 900.732164][T16346] loop4: detected capacity change from 0 to 256257 [ 900.780250][T16346] loop4: p1 p2 p3 p4 [ 900.784606][T16346] loop4: p1 size 11292159 extends beyond EOD, truncated [ 900.799295][T16353] loop3: detected capacity change from 0 to 44288 [ 900.818426][T16346] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 900.855562][T16353] loop3: p1 p2 p3 p4 [ 900.859928][T16353] loop3: p1 size 11292159 extends beyond EOD, truncated [ 900.870295][T16353] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 900.877368][T16359] blk_update_request: I/O error, dev loop4, sector 8 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 900.877822][ T881] blk_update_request: I/O error, dev loop4, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 900.898202][T16346] __loop_clr_fd: partition scan of loop4 failed (rc=-16) [ 900.899586][ T881] Buffer I/O error on dev loop4p2, logical block 8, async page read [ 900.914585][ T881] blk_update_request: I/O error, dev loop4, sector 9 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 900.916222][T16352] blk_update_request: I/O error, dev loop4, sector 256128 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 900.925482][ T881] Buffer I/O error on dev loop4p2, logical block 9, async page read [ 900.945217][ T881] blk_update_request: I/O error, dev loop4, sector 10 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 900.956293][ T881] Buffer I/O error on dev loop4p2, logical block 10, async page read [ 900.960558][T16376] blk_update_request: I/O error, dev loop4, sector 256128 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 900.964377][ T881] blk_update_request: I/O error, dev loop4, sector 11 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 900.977517][T16375] blk_update_request: I/O error, dev loop4, sector 233 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 900.987040][ T881] Buffer I/O error on dev loop4p2, logical block 11, async page read [ 900.987071][ T881] blk_update_request: I/O error, dev loop4, sector 12 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 901.007336][T16346] loop4: detected capacity change from 0 to 256257 [ 901.017840][ T881] Buffer I/O error on dev loop4p2, logical block 12, async page read [ 901.017873][ T881] blk_update_request: I/O error, dev loop4, sector 13 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 901.043444][ T881] Buffer I/O error on dev loop4p2, logical block 13, async page read 13:22:23 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x10, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36c6d6", 0xc8}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:22:23 executing program 2 (fault-call:7 fault-nth:78): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) 13:22:23 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff44000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:22:23 executing program 3: syz_read_part_table(0x300, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 901.075804][T16346] loop_reread_partitions: partition scan of loop4 () failed (rc=-16) 13:22:23 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff45000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 901.153785][T16397] loop3: detected capacity change from 0 to 44288 [ 901.172933][T16395] FAULT_INJECTION: forcing a failure. [ 901.172933][T16395] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 901.186106][T16395] CPU: 0 PID: 16395 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 901.194885][T16395] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 901.205011][T16395] Call Trace: [ 901.208273][T16395] dump_stack+0x137/0x19d [ 901.212600][T16395] should_fail+0x23c/0x250 [ 901.217006][T16395] should_fail_usercopy+0x16/0x20 [ 901.222016][T16395] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 901.228088][T16395] generic_perform_write+0x1e4/0x3a0 [ 901.233378][T16395] ? ext4_da_write_begin+0x820/0x820 [ 901.238743][T16395] ext4_buffered_write_iter+0x2f2/0x3f0 [ 901.244319][T16395] ext4_file_write_iter+0xd01/0x11d0 [ 901.249606][T16395] ? rw_verify_area+0x136/0x250 [ 901.254444][T16395] vfs_write+0x69d/0x770 [ 901.258678][T16395] ksys_write+0xce/0x180 [ 901.262922][T16395] __x64_sys_write+0x3e/0x50 [ 901.267516][T16395] do_syscall_64+0x4a/0x90 [ 901.271936][T16395] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 901.277898][T16395] RIP: 0033:0x4665d9 [ 901.281789][T16395] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 901.301379][T16395] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 901.309776][T16395] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 901.317820][T16395] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 901.325794][T16395] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 901.333844][T16395] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 901.341916][T16395] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 13:22:23 executing program 2 (fault-call:7 fault-nth:79): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) [ 901.355823][T16397] loop3: p1 p2 p3 p4 [ 901.360085][T16397] loop3: p1 size 11292159 extends beyond EOD, truncated [ 901.387195][T16397] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 901.412784][T16420] loop4: detected capacity change from 0 to 264192 [ 901.466134][T16420] loop4: p1 p2 p3 p4 [ 901.470959][T16420] loop4: p1 size 11292159 extends beyond EOD, truncated [ 901.485125][T16420] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 901.513417][T16397] loop3: detected capacity change from 0 to 44288 [ 901.548674][T16427] FAULT_INJECTION: forcing a failure. [ 901.548674][T16427] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 901.562013][T16427] CPU: 1 PID: 16427 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 901.570950][T16427] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 901.581960][T16427] Call Trace: [ 901.585238][T16427] dump_stack+0x137/0x19d [ 901.589570][T16427] should_fail+0x23c/0x250 [ 901.594029][T16427] __alloc_pages+0x102/0x320 [ 901.598632][T16427] alloc_pages+0x21d/0x310 [ 901.603068][T16427] __page_cache_alloc+0x4d/0xf0 [ 901.607944][T16427] pagecache_get_page+0x5f4/0x900 [ 901.612984][T16427] grab_cache_page_write_begin+0x3f/0x70 [ 901.618680][T16427] ext4_da_write_begin+0x305/0x820 [ 901.623830][T16427] ? iov_iter_fault_in_readable+0x1b5/0x3a0 [ 901.629735][T16427] generic_perform_write+0x196/0x3a0 [ 901.635031][T16427] ? ext4_da_write_begin+0x820/0x820 [ 901.640585][T16427] ext4_buffered_write_iter+0x2f2/0x3f0 [ 901.646145][T16427] ext4_file_write_iter+0xd01/0x11d0 [ 901.651452][T16427] ? rw_verify_area+0x136/0x250 [ 901.656336][T16427] vfs_write+0x69d/0x770 [ 901.660603][T16427] ksys_write+0xce/0x180 [ 901.664840][T16427] __x64_sys_write+0x3e/0x50 [ 901.669430][T16427] do_syscall_64+0x4a/0x90 [ 901.673942][T16427] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 901.679843][T16427] RIP: 0033:0x4665d9 [ 901.683883][T16427] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 901.703496][T16427] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 901.711913][T16427] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 901.719882][T16427] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 901.728130][T16427] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 901.736177][T16427] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 13:22:23 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff46000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:22:23 executing program 2 (fault-call:7 fault-nth:80): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) [ 901.744307][T16427] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 [ 901.756664][T16397] loop3: p1 p2 p3 p4 [ 901.760767][T16397] loop3: p1 size 11292159 extends beyond EOD, truncated [ 901.794093][T16397] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 901.818024][T16447] FAULT_INJECTION: forcing a failure. [ 901.818024][T16447] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 901.831179][T16447] CPU: 1 PID: 16447 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 901.839954][T16447] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 901.850010][T16447] Call Trace: [ 901.853303][T16447] dump_stack+0x137/0x19d [ 901.857656][T16447] should_fail+0x23c/0x250 [ 901.862069][T16447] should_fail_usercopy+0x16/0x20 [ 901.867170][T16447] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 901.873256][T16447] generic_perform_write+0x1e4/0x3a0 [ 901.878547][T16447] ? ext4_da_write_begin+0x820/0x820 [ 901.884366][T16447] ext4_buffered_write_iter+0x2f2/0x3f0 [ 901.889995][T16447] ext4_file_write_iter+0xd01/0x11d0 [ 901.895280][T16447] ? rw_verify_area+0x136/0x250 [ 901.900133][T16447] vfs_write+0x69d/0x770 [ 901.904460][T16447] ksys_write+0xce/0x180 [ 901.908704][T16447] __x64_sys_write+0x3e/0x50 [ 901.913292][T16447] do_syscall_64+0x4a/0x90 [ 901.917748][T16447] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 901.927035][T16447] RIP: 0033:0x4665d9 [ 901.930935][T16447] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 901.950544][T16447] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 901.960051][T16447] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 901.968083][T16447] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 901.976229][T16447] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 901.984335][T16447] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 13:22:24 executing program 3: syz_read_part_table(0x368, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:22:24 executing program 2 (fault-call:7 fault-nth:81): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) [ 901.992328][T16447] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 [ 902.005244][T16456] loop4: detected capacity change from 0 to 264192 [ 902.045510][T16456] loop4: p1 p2 p3 p4 [ 902.049994][T16456] loop4: p1 size 11292159 extends beyond EOD, truncated [ 902.059266][T16456] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 902.061348][T16461] FAULT_INJECTION: forcing a failure. [ 902.061348][T16461] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 902.079821][T16461] CPU: 1 PID: 16461 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 902.088575][T16461] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 902.098634][T16461] Call Trace: [ 902.101932][T16461] dump_stack+0x137/0x19d [ 902.106282][T16461] should_fail+0x23c/0x250 [ 902.110707][T16461] __alloc_pages+0x102/0x320 [ 902.115313][T16461] alloc_pages+0x21d/0x310 [ 902.119761][T16461] __page_cache_alloc+0x4d/0xf0 [ 902.124729][T16461] pagecache_get_page+0x5f4/0x900 [ 902.129760][T16461] grab_cache_page_write_begin+0x3f/0x70 [ 902.135401][T16461] ext4_da_write_begin+0x305/0x820 [ 902.140530][T16461] ? iov_iter_fault_in_readable+0x1b5/0x3a0 [ 902.146455][T16461] generic_perform_write+0x196/0x3a0 [ 902.151810][T16461] ? ext4_da_write_begin+0x820/0x820 [ 902.157083][T16461] ext4_buffered_write_iter+0x2f2/0x3f0 [ 902.162618][T16461] ext4_file_write_iter+0xd01/0x11d0 [ 902.167968][T16461] ? rw_verify_area+0x136/0x250 [ 902.172831][T16461] vfs_write+0x69d/0x770 [ 902.177172][T16461] ksys_write+0xce/0x180 [ 902.181412][T16461] __x64_sys_write+0x3e/0x50 [ 902.185997][T16461] do_syscall_64+0x4a/0x90 [ 902.190425][T16461] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 902.196468][T16461] RIP: 0033:0x4665d9 [ 902.200355][T16461] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 902.219980][T16461] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 902.228407][T16461] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 902.236396][T16461] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 902.244373][T16461] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 902.252419][T16461] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 902.260429][T16461] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 [ 902.299705][T16473] loop3: detected capacity change from 0 to 44288 [ 902.360980][T16473] loop3: p1 p2 p3 p4 [ 902.374140][T16473] loop3: p1 size 11292159 extends beyond EOD, truncated [ 902.402166][T16473] loop3: p4 size 3657465856 extends beyond EOD, truncated 13:22:25 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x10, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36", 0xc6}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:22:25 executing program 2 (fault-call:7 fault-nth:82): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) [ 903.796080][T16502] FAULT_INJECTION: forcing a failure. [ 903.796080][T16502] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 903.809190][T16502] CPU: 0 PID: 16502 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 903.818023][T16502] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 903.828065][T16502] Call Trace: [ 903.831333][T16502] dump_stack+0x137/0x19d [ 903.835654][T16502] should_fail+0x23c/0x250 [ 903.840061][T16502] should_fail_usercopy+0x16/0x20 [ 903.845088][T16502] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 903.851491][T16502] generic_perform_write+0x1e4/0x3a0 [ 903.857152][T16502] ? ext4_da_write_begin+0x820/0x820 [ 903.863014][T16502] ext4_buffered_write_iter+0x2f2/0x3f0 [ 903.868549][T16502] ext4_file_write_iter+0xd01/0x11d0 [ 903.875474][T16502] ? rw_verify_area+0x136/0x250 [ 903.880318][T16502] vfs_write+0x69d/0x770 [ 903.884576][T16502] ksys_write+0xce/0x180 [ 903.888908][T16502] __x64_sys_write+0x3e/0x50 [ 903.893479][T16502] do_syscall_64+0x4a/0x90 [ 903.898058][T16502] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 903.903952][T16502] RIP: 0033:0x4665d9 [ 903.907823][T16502] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 903.928552][T16502] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 903.937002][T16502] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 903.944955][T16502] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 903.952924][T16502] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 903.960888][T16502] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 903.968935][T16502] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 13:22:26 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, 0xffffffffffffffff, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36c6d6", 0xc8}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:22:26 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff47000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:22:26 executing program 3: syz_read_part_table(0x3b4, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:22:26 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x10, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66", 0x97}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:22:26 executing program 2 (fault-call:7 fault-nth:83): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) [ 904.157664][T16515] loop4: detected capacity change from 0 to 264192 [ 904.166959][T16512] loop3: detected capacity change from 0 to 44288 [ 904.184519][T16516] FAULT_INJECTION: forcing a failure. [ 904.184519][T16516] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 904.197866][T16516] CPU: 1 PID: 16516 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 904.206617][T16516] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 904.216700][T16516] Call Trace: [ 904.219990][T16516] dump_stack+0x137/0x19d [ 904.224421][T16516] should_fail+0x23c/0x250 [ 904.228862][T16516] __alloc_pages+0x102/0x320 [ 904.233465][T16516] alloc_pages+0x21d/0x310 [ 904.237951][T16516] __page_cache_alloc+0x4d/0xf0 [ 904.242806][T16516] pagecache_get_page+0x5f4/0x900 [ 904.247812][T16516] grab_cache_page_write_begin+0x3f/0x70 [ 904.253426][T16516] ext4_da_write_begin+0x305/0x820 [ 904.258520][T16516] ? iov_iter_fault_in_readable+0x1b5/0x3a0 [ 904.264499][T16516] generic_perform_write+0x196/0x3a0 [ 904.269772][T16516] ? ext4_da_write_begin+0x820/0x820 [ 904.275040][T16516] ext4_buffered_write_iter+0x2f2/0x3f0 [ 904.280657][T16516] ext4_file_write_iter+0xd01/0x11d0 [ 904.285935][T16516] ? rw_verify_area+0x136/0x250 [ 904.290792][T16516] vfs_write+0x69d/0x770 [ 904.295023][T16516] ksys_write+0xce/0x180 [ 904.299247][T16516] __x64_sys_write+0x3e/0x50 [ 904.303901][T16516] do_syscall_64+0x4a/0x90 [ 904.308297][T16516] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 904.314869][T16516] RIP: 0033:0x4665d9 [ 904.318741][T16516] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 904.338451][T16516] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 904.346876][T16516] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 904.354845][T16516] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 904.362823][T16516] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 904.370910][T16516] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 904.378866][T16516] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 [ 904.395758][T16515] loop4: p1 p2 p3 p4 [ 904.400039][T16515] loop4: p1 size 11292159 extends beyond EOD, truncated 13:22:26 executing program 2 (fault-call:7 fault-nth:84): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) 13:22:26 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff48000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 904.407527][T16512] loop3: p1 p2 p3 p4 [ 904.408755][T16515] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 904.418270][T16512] loop3: p1 size 11292159 extends beyond EOD, truncated 13:22:26 executing program 3: syz_read_part_table(0x3da, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 904.460329][T16512] loop3: p4 size 3657465856 extends beyond EOD, truncated 13:22:26 executing program 3: syz_read_part_table(0x3e2, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 904.518480][T16542] loop4: detected capacity change from 0 to 264192 [ 904.552588][T16543] FAULT_INJECTION: forcing a failure. [ 904.552588][T16543] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 904.565851][T16543] CPU: 0 PID: 16543 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 904.574778][T16543] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 904.584859][T16543] Call Trace: [ 904.588143][T16543] dump_stack+0x137/0x19d [ 904.592542][T16543] should_fail+0x23c/0x250 [ 904.596989][T16543] __alloc_pages+0x102/0x320 [ 904.601641][T16543] alloc_pages+0x21d/0x310 [ 904.606080][T16543] __page_cache_alloc+0x4d/0xf0 [ 904.610989][T16543] pagecache_get_page+0x5f4/0x900 [ 904.616076][T16543] grab_cache_page_write_begin+0x3f/0x70 [ 904.621693][T16543] ext4_da_write_begin+0x305/0x820 [ 904.626809][T16543] ? iov_iter_fault_in_readable+0x1b5/0x3a0 [ 904.632707][T16543] generic_perform_write+0x196/0x3a0 [ 904.638001][T16543] ? ext4_da_write_begin+0x820/0x820 [ 904.643380][T16543] ext4_buffered_write_iter+0x2f2/0x3f0 [ 904.648962][T16543] ext4_file_write_iter+0xd01/0x11d0 [ 904.654440][T16543] ? rw_verify_area+0x136/0x250 [ 904.659344][T16543] vfs_write+0x69d/0x770 [ 904.663587][T16543] ksys_write+0xce/0x180 [ 904.667829][T16543] __x64_sys_write+0x3e/0x50 [ 904.672413][T16543] do_syscall_64+0x4a/0x90 [ 904.676810][T16543] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 904.682690][T16543] RIP: 0033:0x4665d9 [ 904.686669][T16543] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 904.706260][T16543] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 904.714663][T16543] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 904.722648][T16543] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 904.730726][T16543] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 904.738700][T16543] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 904.746709][T16543] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 13:22:26 executing program 2 (fault-call:7 fault-nth:85): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) [ 904.766880][T16542] loop4: p1 p2 p3 p4 [ 904.771900][T16542] loop4: p1 size 11292159 extends beyond EOD, truncated [ 904.780726][T16542] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 904.791198][T16560] loop3: detected capacity change from 0 to 44288 [ 904.833434][T16579] FAULT_INJECTION: forcing a failure. [ 904.833434][T16579] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 904.847101][T16579] CPU: 1 PID: 16579 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 904.855909][T16579] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 904.865960][T16579] Call Trace: [ 904.869238][T16579] dump_stack+0x137/0x19d [ 904.873600][T16579] should_fail+0x23c/0x250 [ 904.878038][T16579] __alloc_pages+0x102/0x320 [ 904.882626][T16579] alloc_pages+0x21d/0x310 [ 904.887051][T16579] __page_cache_alloc+0x4d/0xf0 [ 904.891889][T16579] pagecache_get_page+0x5f4/0x900 [ 904.896898][T16579] grab_cache_page_write_begin+0x3f/0x70 [ 904.902549][T16579] ext4_da_write_begin+0x305/0x820 [ 904.907681][T16579] ? iov_iter_fault_in_readable+0x1b5/0x3a0 [ 904.913578][T16579] generic_perform_write+0x196/0x3a0 [ 904.918856][T16579] ? ext4_da_write_begin+0x820/0x820 [ 904.924234][T16579] ext4_buffered_write_iter+0x2f2/0x3f0 [ 904.929769][T16579] ext4_file_write_iter+0xd01/0x11d0 [ 904.935042][T16579] ? rw_verify_area+0x136/0x250 [ 904.939888][T16579] vfs_write+0x69d/0x770 [ 904.944201][T16579] ksys_write+0xce/0x180 [ 904.948448][T16579] __x64_sys_write+0x3e/0x50 [ 904.953019][T16579] do_syscall_64+0x4a/0x90 [ 904.957419][T16579] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 904.963296][T16579] RIP: 0033:0x4665d9 [ 904.967235][T16579] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 904.986844][T16579] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 904.995365][T16579] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 905.003435][T16579] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 905.011402][T16579] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 905.019376][T16579] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 905.027434][T16579] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 [ 905.041206][T16560] loop3: p1 p2 p3 p4 [ 905.045573][T16560] loop3: p1 size 11292159 extends beyond EOD, truncated [ 905.054051][T16560] loop3: p4 size 3657465856 extends beyond EOD, truncated 13:22:28 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x10, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36", 0xc6}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:22:28 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff49000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 906.788556][T16606] loop4: detected capacity change from 0 to 264192 [ 906.855571][T16606] loop4: p1 p2 p3 p4 [ 906.859966][T16606] loop4: p1 size 11292159 extends beyond EOD, truncated [ 906.868370][T16606] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:22:29 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, 0xffffffffffffffff, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36c6d6", 0xc8}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:22:29 executing program 2 (fault-call:7 fault-nth:86): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) 13:22:29 executing program 3: syz_read_part_table(0x402, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:22:29 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff4a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:22:29 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, 0xffffffffffffffff, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66", 0x97}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) [ 907.184373][T16634] loop4: detected capacity change from 0 to 264192 [ 907.194479][T16636] loop3: detected capacity change from 0 to 44288 [ 907.215364][T16635] FAULT_INJECTION: forcing a failure. [ 907.215364][T16635] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 907.228661][T16635] CPU: 0 PID: 16635 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 907.237430][T16635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 907.241625][T16636] loop3: p1 p2 p3 p4 [ 907.247485][T16635] Call Trace: [ 907.247495][T16635] dump_stack+0x137/0x19d [ 907.259142][T16635] should_fail+0x23c/0x250 [ 907.261621][T16636] loop3: p1 size 11292159 extends beyond EOD, [ 907.263667][T16635] __alloc_pages+0x102/0x320 [ 907.263680][T16636] truncated [ 907.263723][T16635] alloc_pages+0x21d/0x310 [ 907.274555][T16636] loop3: p4 size 3657465856 extends beyond EOD, [ 907.277479][T16635] __page_cache_alloc+0x4d/0xf0 [ 907.277506][T16635] pagecache_get_page+0x5f4/0x900 [ 907.277527][T16635] grab_cache_page_write_begin+0x3f/0x70 [ 907.281918][T16636] truncated [ 907.308155][T16635] ext4_da_write_begin+0x305/0x820 [ 907.313285][T16635] ? iov_iter_fault_in_readable+0x1b5/0x3a0 [ 907.319307][T16635] generic_perform_write+0x196/0x3a0 [ 907.324619][T16635] ? ext4_da_write_begin+0x820/0x820 [ 907.329913][T16635] ext4_buffered_write_iter+0x2f2/0x3f0 [ 907.335483][T16635] ext4_file_write_iter+0xd01/0x11d0 [ 907.340796][T16635] ? rw_verify_area+0x136/0x250 [ 907.345743][T16635] vfs_write+0x69d/0x770 [ 907.349999][T16635] ksys_write+0xce/0x180 [ 907.354236][T16635] __x64_sys_write+0x3e/0x50 [ 907.358802][T16635] do_syscall_64+0x4a/0x90 [ 907.363217][T16635] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 907.369109][T16635] RIP: 0033:0x4665d9 [ 907.372999][T16635] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 907.392685][T16635] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 907.401166][T16635] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 907.409145][T16635] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 907.417122][T16635] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 907.425092][T16635] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 13:22:29 executing program 2 (fault-call:7 fault-nth:87): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) 13:22:29 executing program 3: syz_read_part_table(0x406, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 907.433049][T16635] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 [ 907.444000][T16634] loop4: p1 p2 p3 p4 [ 907.448451][T16634] loop4: p1 size 11292159 extends beyond EOD, truncated [ 907.457695][T16634] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 907.530045][T16634] loop4: detected capacity change from 0 to 264192 [ 907.532615][T16673] FAULT_INJECTION: forcing a failure. [ 907.532615][T16673] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 907.549861][T16673] CPU: 1 PID: 16673 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 907.558640][T16673] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 907.568719][T16673] Call Trace: [ 907.572007][T16673] dump_stack+0x137/0x19d [ 907.576394][T16673] should_fail+0x23c/0x250 [ 907.580828][T16673] __alloc_pages+0x102/0x320 [ 907.585500][T16673] alloc_pages+0x21d/0x310 [ 907.589912][T16673] __page_cache_alloc+0x4d/0xf0 [ 907.594772][T16673] pagecache_get_page+0x5f4/0x900 [ 907.599859][T16673] grab_cache_page_write_begin+0x3f/0x70 [ 907.605494][T16673] ext4_da_write_begin+0x305/0x820 [ 907.610758][T16673] ? iov_iter_fault_in_readable+0x1b5/0x3a0 [ 907.616655][T16673] generic_perform_write+0x196/0x3a0 [ 907.622042][T16673] ? ext4_da_write_begin+0x820/0x820 [ 907.627331][T16673] ext4_buffered_write_iter+0x2f2/0x3f0 [ 907.632903][T16673] ext4_file_write_iter+0xd01/0x11d0 [ 907.638306][T16673] ? rw_verify_area+0x136/0x250 [ 907.643167][T16673] vfs_write+0x69d/0x770 [ 907.647494][T16673] ksys_write+0xce/0x180 [ 907.651739][T16673] __x64_sys_write+0x3e/0x50 [ 907.656331][T16673] do_syscall_64+0x4a/0x90 [ 907.660753][T16673] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 907.666734][T16673] RIP: 0033:0x4665d9 [ 907.670627][T16673] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 907.690292][T16673] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 907.698795][T16673] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 907.706795][T16673] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 907.714767][T16673] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 907.722754][T16673] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 13:22:29 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff4b000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:22:29 executing program 2 (fault-call:7 fault-nth:88): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) [ 907.730728][T16673] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 [ 907.748978][T16683] loop3: detected capacity change from 0 to 44288 [ 907.781558][T16686] loop4: detected capacity change from 0 to 264192 [ 907.806489][T16683] loop3: p1 p2 p3 p4 [ 907.810731][T16683] loop3: p1 size 11292159 extends beyond EOD, truncated [ 907.822225][T16694] FAULT_INJECTION: forcing a failure. [ 907.822225][T16694] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 907.823425][T16686] loop4: p1 p2 p3 p4 [ 907.836620][T16694] CPU: 0 PID: 16694 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 907.841897][T16686] loop4: p1 size 11292159 extends beyond EOD, [ 907.849341][T16694] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 907.849356][T16694] Call Trace: [ 907.849365][T16694] dump_stack+0x137/0x19d [ 907.855571][T16686] truncated [ 907.865593][T16694] should_fail+0x23c/0x250 [ 907.865623][T16694] should_fail_usercopy+0x16/0x20 [ 907.885800][T16694] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 907.891899][T16694] generic_perform_write+0x1e4/0x3a0 [ 907.897291][T16694] ? ext4_da_write_begin+0x820/0x820 [ 907.898948][T16686] loop4: p4 size 3657465856 extends beyond EOD, [ 907.902581][T16694] ext4_buffered_write_iter+0x2f2/0x3f0 [ 907.902613][T16694] ext4_file_write_iter+0xd01/0x11d0 [ 907.908970][T16686] truncated [ 907.922966][T16694] ? rw_verify_area+0x136/0x250 [ 907.927842][T16694] vfs_write+0x69d/0x770 [ 907.932089][T16694] ksys_write+0xce/0x180 [ 907.936338][T16694] __x64_sys_write+0x3e/0x50 [ 907.940933][T16694] do_syscall_64+0x4a/0x90 [ 907.945404][T16694] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 907.951324][T16694] RIP: 0033:0x4665d9 [ 907.955300][T16694] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 907.974924][T16694] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 907.983343][T16694] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 907.991348][T16694] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 907.999336][T16694] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 908.007317][T16694] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 908.015292][T16694] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 13:22:30 executing program 2 (fault-call:7 fault-nth:89): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) [ 908.026947][T16683] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 908.070065][T16686] loop4: detected capacity change from 0 to 264192 [ 908.100404][T16712] FAULT_INJECTION: forcing a failure. [ 908.100404][T16712] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 908.113736][T16712] CPU: 0 PID: 16712 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 908.122495][T16712] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 908.133246][T16712] Call Trace: [ 908.136523][T16712] dump_stack+0x137/0x19d [ 908.140838][T16712] should_fail+0x23c/0x250 [ 908.145253][T16712] __alloc_pages+0x102/0x320 [ 908.149917][T16712] alloc_pages+0x21d/0x310 [ 908.154332][T16712] __page_cache_alloc+0x4d/0xf0 [ 908.159190][T16712] pagecache_get_page+0x5f4/0x900 [ 908.164218][T16712] grab_cache_page_write_begin+0x3f/0x70 [ 908.169976][T16712] ext4_da_write_begin+0x305/0x820 [ 908.175080][T16712] ? iov_iter_fault_in_readable+0x1b5/0x3a0 [ 908.180975][T16712] generic_perform_write+0x196/0x3a0 [ 908.186302][T16712] ? ext4_da_write_begin+0x820/0x820 [ 908.191581][T16712] ext4_buffered_write_iter+0x2f2/0x3f0 [ 908.197120][T16712] ext4_file_write_iter+0xd01/0x11d0 [ 908.202406][T16712] ? rw_verify_area+0x136/0x250 [ 908.207318][T16712] vfs_write+0x69d/0x770 [ 908.211644][T16712] ksys_write+0xce/0x180 [ 908.215864][T16712] __x64_sys_write+0x3e/0x50 [ 908.220433][T16712] do_syscall_64+0x4a/0x90 [ 908.224833][T16712] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 908.230746][T16712] RIP: 0033:0x4665d9 [ 908.234674][T16712] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 908.254316][T16712] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 908.262748][T16712] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 908.270714][T16712] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 908.278685][T16712] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 908.286673][T16712] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 908.294641][T16712] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 [ 908.348760][T16683] loop3: detected capacity change from 0 to 44288 [ 908.395605][T16683] loop3: p1 p2 p3 p4 [ 908.399770][T16683] loop3: p1 size 11292159 extends beyond EOD, truncated [ 908.408365][T16683] loop3: p4 size 3657465856 extends beyond EOD, truncated 13:22:31 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, 0xffffffffffffffff, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36", 0xc6}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:22:31 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff4c000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 909.802308][T16741] loop4: detected capacity change from 0 to 264192 [ 909.847475][T16741] loop4: p1 p2 p3 p4 [ 909.851566][T16741] loop4: p1 size 11292159 extends beyond EOD, truncated [ 909.859980][T16741] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:22:32 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, 0xffffffffffffffff, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36c6d6", 0xc8}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:22:32 executing program 2 (fault-call:7 fault-nth:90): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) 13:22:32 executing program 3: syz_read_part_table(0x480, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:22:32 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, 0xffffffffffffffff, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36", 0xc6}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:22:32 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, 0xffffffffffffffff, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66", 0x97}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:22:32 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff4d000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 910.207271][T16765] FAULT_INJECTION: forcing a failure. [ 910.207271][T16765] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 910.211390][T16772] loop3: detected capacity change from 0 to 44288 [ 910.220348][T16765] CPU: 0 PID: 16765 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 910.220375][T16765] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 910.245559][T16765] Call Trace: [ 910.248862][T16765] dump_stack+0x137/0x19d [ 910.253297][T16765] should_fail+0x23c/0x250 [ 910.257719][T16765] should_fail_usercopy+0x16/0x20 [ 910.262774][T16765] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 910.266316][T16779] loop4: detected capacity change from 0 to 264192 [ 910.268959][T16765] generic_perform_write+0x1e4/0x3a0 [ 910.280923][T16765] ? ext4_da_write_begin+0x820/0x820 [ 910.286249][T16765] ext4_buffered_write_iter+0x2f2/0x3f0 [ 910.291983][T16765] ext4_file_write_iter+0xd01/0x11d0 [ 910.297338][T16765] ? rw_verify_area+0x136/0x250 [ 910.302730][T16765] vfs_write+0x69d/0x770 [ 910.307005][T16765] ksys_write+0xce/0x180 [ 910.311393][T16765] __x64_sys_write+0x3e/0x50 [ 910.315999][T16765] do_syscall_64+0x4a/0x90 [ 910.320503][T16765] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 910.326421][T16765] RIP: 0033:0x4665d9 [ 910.330448][T16765] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 13:22:32 executing program 2 (fault-call:7 fault-nth:91): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) [ 910.350144][T16765] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 910.358603][T16765] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 910.366953][T16765] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 910.374910][T16765] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 910.382867][T16765] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 910.390996][T16765] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 [ 910.436332][T16772] loop3: p1 p2 p3 p4 [ 910.440535][T16772] loop3: p1 size 11292159 extends beyond EOD, truncated [ 910.448150][T16779] loop4: p1 p2 p3 p4 [ 910.452594][T16779] loop4: p1 size 11292159 extends beyond EOD, truncated [ 910.461439][T16772] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 910.473063][T16779] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 910.490824][T16796] FAULT_INJECTION: forcing a failure. [ 910.490824][T16796] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 910.504448][T16796] CPU: 0 PID: 16796 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 910.513327][T16796] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 910.523392][T16796] Call Trace: [ 910.526714][T16796] dump_stack+0x137/0x19d [ 910.531094][T16796] should_fail+0x23c/0x250 [ 910.535543][T16796] __alloc_pages+0x102/0x320 [ 910.540254][T16796] alloc_pages+0x21d/0x310 [ 910.544747][T16796] __page_cache_alloc+0x4d/0xf0 [ 910.549608][T16796] pagecache_get_page+0x5f4/0x900 [ 910.554654][T16796] grab_cache_page_write_begin+0x3f/0x70 [ 910.560286][T16796] ext4_da_write_begin+0x305/0x820 [ 910.565407][T16796] ? iov_iter_fault_in_readable+0x1b5/0x3a0 [ 910.571287][T16796] generic_perform_write+0x196/0x3a0 [ 910.576572][T16796] ? ext4_da_write_begin+0x820/0x820 [ 910.581841][T16796] ext4_buffered_write_iter+0x2f2/0x3f0 [ 910.587383][T16796] ext4_file_write_iter+0xd01/0x11d0 [ 910.592656][T16796] ? rw_verify_area+0x136/0x250 [ 910.597490][T16796] vfs_write+0x69d/0x770 [ 910.601752][T16796] ksys_write+0xce/0x180 [ 910.606061][T16796] __x64_sys_write+0x3e/0x50 [ 910.610654][T16796] do_syscall_64+0x4a/0x90 [ 910.615105][T16796] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 910.620992][T16796] RIP: 0033:0x4665d9 [ 910.624866][T16796] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 910.644508][T16796] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 910.652927][T16796] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 910.660885][T16796] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 910.668864][T16796] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 910.676900][T16796] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 13:22:32 executing program 2 (fault-call:7 fault-nth:92): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) [ 910.684875][T16796] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 13:22:32 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff4e000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 910.739280][T16807] FAULT_INJECTION: forcing a failure. [ 910.739280][T16807] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 910.752388][T16807] CPU: 1 PID: 16807 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 910.761368][T16807] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 910.771513][T16807] Call Trace: [ 910.774796][T16807] dump_stack+0x137/0x19d [ 910.779140][T16807] should_fail+0x23c/0x250 [ 910.783628][T16807] should_fail_usercopy+0x16/0x20 [ 910.788639][T16807] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 910.794735][T16807] generic_perform_write+0x1e4/0x3a0 [ 910.800293][T16807] ? ext4_da_write_begin+0x820/0x820 [ 910.805589][T16807] ext4_buffered_write_iter+0x2f2/0x3f0 [ 910.811136][T16807] ext4_file_write_iter+0xd01/0x11d0 [ 910.816775][T16807] ? rw_verify_area+0x136/0x250 [ 910.821794][T16807] vfs_write+0x69d/0x770 [ 910.826083][T16807] ksys_write+0xce/0x180 [ 910.830398][T16807] __x64_sys_write+0x3e/0x50 [ 910.834972][T16807] do_syscall_64+0x4a/0x90 [ 910.839377][T16807] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 910.845266][T16807] RIP: 0033:0x4665d9 [ 910.849208][T16807] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 910.869168][T16807] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 910.877711][T16807] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 13:22:33 executing program 2 (fault-call:7 fault-nth:93): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) [ 910.885670][T16807] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 910.893650][T16807] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 910.901639][T16807] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 910.910042][T16807] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 [ 910.925692][T16772] loop3: detected capacity change from 0 to 44288 [ 910.956158][T16772] loop3: p1 p2 p3 p4 [ 910.964354][T16772] loop3: p1 size 11292159 extends beyond EOD, truncated [ 910.968712][T16824] loop4: detected capacity change from 0 to 264192 [ 910.978034][T16772] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 911.003383][T16829] FAULT_INJECTION: forcing a failure. [ 911.003383][T16829] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 911.016580][T16829] CPU: 0 PID: 16829 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 911.025375][T16829] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 911.035603][T16829] Call Trace: [ 911.038883][T16829] dump_stack+0x137/0x19d [ 911.043211][T16829] should_fail+0x23c/0x250 [ 911.047695][T16829] should_fail_usercopy+0x16/0x20 [ 911.052710][T16829] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 911.058771][T16829] generic_perform_write+0x1e4/0x3a0 [ 911.064040][T16829] ? ext4_da_write_begin+0x820/0x820 [ 911.069353][T16829] ext4_buffered_write_iter+0x2f2/0x3f0 [ 911.074914][T16829] ext4_file_write_iter+0xd01/0x11d0 [ 911.080197][T16829] ? rw_verify_area+0x136/0x250 [ 911.085044][T16829] vfs_write+0x69d/0x770 [ 911.089300][T16829] ksys_write+0xce/0x180 [ 911.093549][T16829] __x64_sys_write+0x3e/0x50 [ 911.098132][T16829] do_syscall_64+0x4a/0x90 [ 911.102647][T16829] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 911.108565][T16829] RIP: 0033:0x4665d9 [ 911.112463][T16829] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 911.132172][T16829] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 911.140676][T16829] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 911.148673][T16829] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 13:22:33 executing program 2 (fault-call:7 fault-nth:94): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) [ 911.156792][T16829] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 911.164795][T16829] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 911.172854][T16829] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 [ 911.195854][T16824] loop4: p1 p2 p3 p4 [ 911.201975][ T1036] loop3: p1 p2 p3 p4 13:22:33 executing program 3: syz_read_part_table(0x4f5, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 911.207201][T16824] loop4: p1 size 11292159 extends beyond EOD, truncated [ 911.219937][ T1036] loop3: p1 size 11292159 extends beyond EOD, truncated [ 911.232013][T16824] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 911.236860][T16841] FAULT_INJECTION: forcing a failure. [ 911.236860][T16841] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 911.252285][T16841] CPU: 1 PID: 16841 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 911.255671][ T1036] loop3: p4 size 3657465856 extends beyond EOD, [ 911.261041][T16841] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 911.261057][T16841] Call Trace: [ 911.261066][T16841] dump_stack+0x137/0x19d [ 911.267399][ T1036] truncated [ 911.277413][T16841] should_fail+0x23c/0x250 [ 911.292515][T16841] should_fail_usercopy+0x16/0x20 [ 911.297557][T16841] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 911.303626][T16841] generic_perform_write+0x1e4/0x3a0 [ 911.308912][T16841] ? ext4_da_write_begin+0x820/0x820 [ 911.314998][T16841] ext4_buffered_write_iter+0x2f2/0x3f0 [ 911.320721][T16841] ext4_file_write_iter+0xd01/0x11d0 [ 911.328590][T16841] ? rw_verify_area+0x136/0x250 [ 911.333450][T16841] vfs_write+0x69d/0x770 [ 911.337713][T16841] ksys_write+0xce/0x180 [ 911.342016][T16841] __x64_sys_write+0x3e/0x50 [ 911.346665][T16841] do_syscall_64+0x4a/0x90 [ 911.351080][T16841] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 911.357011][T16841] RIP: 0033:0x4665d9 [ 911.360988][T16841] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 911.380598][T16841] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 911.389026][T16841] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 911.397002][T16841] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 911.404990][T16841] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 911.412993][T16841] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 911.421060][T16841] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 [ 911.476861][T16852] loop3: detected capacity change from 0 to 44288 [ 911.485100][T16824] loop4: detected capacity change from 0 to 264192 [ 911.525492][T16824] loop4: p1 p2 p3 p4 [ 911.529653][T16824] loop4: p1 size 11292159 extends beyond EOD, truncated [ 911.531434][T16852] loop3: p1 p2 p3 p4 [ 911.538471][T16824] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 911.541378][T16852] loop3: p1 size 11292159 extends beyond EOD, truncated [ 911.556147][T16852] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 911.586090][ T1036] loop4: p1 p2 p3 p4 [ 911.590394][ T1036] loop4: p1 size 11292159 extends beyond EOD, truncated [ 911.598346][T16852] loop3: detected capacity change from 0 to 44288 [ 911.603064][ T1036] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 911.635537][T16852] loop3: p1 p2 p3 p4 [ 911.639685][T16852] loop3: p1 size 11292159 extends beyond EOD, truncated [ 911.651476][T16852] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 911.660873][ T1036] loop3: p1 p2 p3 p4 [ 911.664988][ T1036] loop3: p1 size 11292159 extends beyond EOD, truncated [ 911.673238][ T1036] loop3: p4 size 3657465856 extends beyond EOD, truncated 13:22:35 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36c6d6", 0xc8}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:22:35 executing program 2 (fault-call:7 fault-nth:95): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) 13:22:35 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff4f000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:22:35 executing program 3: syz_read_part_table(0x500, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:22:35 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, 0xffffffffffffffff, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66", 0x97}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:22:35 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, 0xffffffffffffffff, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36", 0xc6}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) [ 913.274939][T16934] loop3: detected capacity change from 0 to 44288 [ 913.290251][T16944] loop4: detected capacity change from 0 to 264192 [ 913.300300][T16937] FAULT_INJECTION: forcing a failure. [ 913.300300][T16937] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 913.313657][T16937] CPU: 1 PID: 16937 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 913.322452][T16937] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 913.332493][T16937] Call Trace: [ 913.335771][T16937] dump_stack+0x137/0x19d [ 913.340106][T16937] should_fail+0x23c/0x250 [ 913.344507][T16937] __alloc_pages+0x102/0x320 [ 913.349076][T16937] alloc_pages+0x21d/0x310 [ 913.353554][T16937] __page_cache_alloc+0x4d/0xf0 [ 913.358398][T16937] pagecache_get_page+0x5f4/0x900 [ 913.363432][T16937] grab_cache_page_write_begin+0x3f/0x70 [ 913.369075][T16937] ext4_da_write_begin+0x305/0x820 [ 913.374198][T16937] ? iov_iter_fault_in_readable+0x1b5/0x3a0 [ 913.380106][T16937] generic_perform_write+0x196/0x3a0 [ 913.385396][T16937] ? ext4_da_write_begin+0x820/0x820 [ 913.390731][T16937] ext4_buffered_write_iter+0x2f2/0x3f0 [ 913.396260][T16937] ext4_file_write_iter+0xd01/0x11d0 [ 913.401539][T16937] ? rw_verify_area+0x136/0x250 [ 913.406409][T16937] vfs_write+0x69d/0x770 [ 913.410652][T16937] ksys_write+0xce/0x180 [ 913.414884][T16937] __x64_sys_write+0x3e/0x50 [ 913.419460][T16937] do_syscall_64+0x4a/0x90 [ 913.423869][T16937] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 913.429786][T16937] RIP: 0033:0x4665d9 [ 913.433693][T16937] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 913.453450][T16937] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 913.461873][T16937] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 913.469837][T16937] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 913.477816][T16937] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 913.485791][T16937] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 913.493779][T16937] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 [ 913.505620][T16934] loop3: p1 p2 p3 p4 [ 913.509653][T16934] loop3: p1 size 11292159 extends beyond EOD, truncated [ 913.518316][T16944] loop4: p1 p2 p3 p4 13:22:35 executing program 2 (fault-call:7 fault-nth:96): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) 13:22:35 executing program 3: syz_read_part_table(0x600, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 913.522641][T16944] loop4: p1 size 11292159 extends beyond EOD, truncated [ 913.534181][T16934] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 913.545727][T16944] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 913.594824][T16957] FAULT_INJECTION: forcing a failure. [ 913.594824][T16957] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 913.608294][T16957] CPU: 0 PID: 16957 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 913.618891][T16957] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 913.629009][T16957] Call Trace: [ 913.632406][T16957] dump_stack+0x137/0x19d [ 913.636750][T16957] should_fail+0x23c/0x250 [ 913.641262][T16957] should_fail_usercopy+0x16/0x20 [ 913.646288][T16957] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 913.652470][T16957] generic_perform_write+0x1e4/0x3a0 [ 913.657783][T16957] ? ext4_da_write_begin+0x820/0x820 [ 913.663062][T16957] ext4_buffered_write_iter+0x2f2/0x3f0 [ 913.668620][T16957] ext4_file_write_iter+0xd01/0x11d0 [ 913.673891][T16957] ? rw_verify_area+0x136/0x250 [ 913.678807][T16957] vfs_write+0x69d/0x770 [ 913.683108][T16957] ksys_write+0xce/0x180 [ 913.687451][T16957] __x64_sys_write+0x3e/0x50 [ 913.692041][T16957] do_syscall_64+0x4a/0x90 [ 913.696601][T16957] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 913.702522][T16957] RIP: 0033:0x4665d9 [ 913.706395][T16957] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 913.726004][T16957] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 913.734394][T16957] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 913.742435][T16957] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 913.750419][T16957] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 913.758372][T16957] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 913.766329][T16957] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 13:22:35 executing program 2 (fault-call:7 fault-nth:97): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) [ 913.792812][T16965] loop3: detected capacity change from 0 to 44288 13:22:36 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff50000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 913.855864][T16965] loop3: p1 p2 p3 p4 [ 913.859968][T16965] loop3: p1 size 11292159 extends beyond EOD, truncated [ 913.863629][T16982] FAULT_INJECTION: forcing a failure. [ 913.863629][T16982] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 913.879562][T16965] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 913.880248][T16982] CPU: 1 PID: 16982 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 913.896075][T16982] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 913.906134][T16982] Call Trace: [ 913.909483][T16982] dump_stack+0x137/0x19d [ 913.913815][T16982] should_fail+0x23c/0x250 [ 913.918231][T16982] __alloc_pages+0x102/0x320 [ 913.922818][T16982] alloc_pages+0x21d/0x310 [ 913.927250][T16982] __page_cache_alloc+0x4d/0xf0 [ 913.932247][T16982] pagecache_get_page+0x5f4/0x900 [ 913.937393][T16982] grab_cache_page_write_begin+0x3f/0x70 [ 913.943042][T16982] ext4_da_write_begin+0x305/0x820 [ 913.948156][T16982] ? iov_iter_fault_in_readable+0x1b5/0x3a0 [ 913.954048][T16982] generic_perform_write+0x196/0x3a0 [ 913.959333][T16982] ? ext4_da_write_begin+0x820/0x820 [ 913.964615][T16982] ext4_buffered_write_iter+0x2f2/0x3f0 [ 913.970160][T16982] ext4_file_write_iter+0xd01/0x11d0 [ 913.975452][T16982] ? rw_verify_area+0x136/0x250 [ 913.980400][T16982] vfs_write+0x69d/0x770 [ 913.984633][T16982] ksys_write+0xce/0x180 [ 913.988864][T16982] __x64_sys_write+0x3e/0x50 [ 913.993553][T16982] do_syscall_64+0x4a/0x90 [ 913.998029][T16982] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 914.003922][T16982] RIP: 0033:0x4665d9 [ 914.007867][T16982] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 914.030612][T16982] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 914.039071][T16982] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 914.047077][T16982] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 13:22:36 executing program 2 (fault-call:7 fault-nth:98): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) [ 914.055080][T16982] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 914.063097][T16982] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 914.071067][T16982] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 [ 914.089592][T16991] loop4: detected capacity change from 0 to 264192 13:22:36 executing program 3: syz_read_part_table(0x604, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 914.139556][T16991] loop4: p1 p2 p3 p4 [ 914.144041][T16991] loop4: p1 size 11292159 extends beyond EOD, truncated [ 914.174936][T16998] FAULT_INJECTION: forcing a failure. [ 914.174936][T16998] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 914.183556][T16991] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 914.188031][T16998] CPU: 1 PID: 16998 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 914.203913][T16998] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 914.213986][T16998] Call Trace: [ 914.217264][T16998] dump_stack+0x137/0x19d [ 914.221778][T16998] should_fail+0x23c/0x250 [ 914.226199][T16998] should_fail_usercopy+0x16/0x20 [ 914.227678][T17012] loop3: detected capacity change from 0 to 44288 [ 914.231228][T16998] iov_iter_copy_from_user_atomic+0x281/0xb60 [ 914.231280][T16998] generic_perform_write+0x1e4/0x3a0 [ 914.231301][T16998] ? ext4_da_write_begin+0x820/0x820 [ 914.254382][T16998] ext4_buffered_write_iter+0x2f2/0x3f0 [ 914.260035][T16998] ext4_file_write_iter+0xd01/0x11d0 [ 914.265350][T16998] ? rw_verify_area+0x136/0x250 [ 914.270230][T16998] vfs_write+0x69d/0x770 [ 914.274473][T16998] ksys_write+0xce/0x180 [ 914.278719][T16998] __x64_sys_write+0x3e/0x50 [ 914.283299][T16998] do_syscall_64+0x4a/0x90 [ 914.287707][T16998] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 914.293582][T16998] RIP: 0033:0x4665d9 [ 914.297499][T16998] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 914.317234][T16998] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 914.325668][T16998] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 914.333730][T16998] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 914.341713][T16998] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 914.349894][T16998] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 914.357851][T16998] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 [ 914.396351][T17012] loop3: p1 p2 p3 p4 [ 914.400567][T17012] loop3: p1 size 11292159 extends beyond EOD, truncated [ 914.410628][T17012] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 914.417033][T16991] loop4: detected capacity change from 0 to 264192 [ 914.492710][T16991] loop4: p1 p2 p3 p4 [ 914.497100][T16991] loop4: p1 size 11292159 extends beyond EOD, truncated [ 914.508678][T16991] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:22:38 executing program 2 (fault-call:7 fault-nth:99): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) 13:22:38 executing program 3: syz_read_part_table(0x700, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:22:38 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36c6d6", 0xc8}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:22:38 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff51000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:22:38 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66", 0x97}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:22:38 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36", 0xc6}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) [ 916.307306][T17052] loop4: detected capacity change from 0 to 264192 [ 916.317432][T17058] loop3: detected capacity change from 0 to 44288 [ 916.326946][T17053] FAULT_INJECTION: forcing a failure. [ 916.326946][T17053] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 916.340193][T17053] CPU: 1 PID: 17053 Comm: syz-executor.2 Not tainted 5.13.0-rc1-syzkaller #0 [ 916.349057][T17053] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 916.359152][T17053] Call Trace: [ 916.362428][T17053] dump_stack+0x137/0x19d [ 916.366763][T17053] should_fail+0x23c/0x250 [ 916.371181][T17053] __alloc_pages+0x102/0x320 [ 916.382799][T17053] alloc_pages+0x21d/0x310 [ 916.387674][T17053] __page_cache_alloc+0x4d/0xf0 [ 916.392523][T17053] pagecache_get_page+0x5f4/0x900 [ 916.397622][T17053] grab_cache_page_write_begin+0x3f/0x70 [ 916.405530][T17053] ext4_da_write_begin+0x305/0x820 [ 916.412310][T17053] ? iov_iter_fault_in_readable+0x1b5/0x3a0 [ 916.418205][T17053] generic_perform_write+0x196/0x3a0 [ 916.423497][T17053] ? ext4_da_write_begin+0x820/0x820 [ 916.428790][T17053] ext4_buffered_write_iter+0x2f2/0x3f0 [ 916.434346][T17053] ext4_file_write_iter+0xd01/0x11d0 [ 916.439660][T17053] ? rw_verify_area+0x136/0x250 [ 916.444590][T17053] vfs_write+0x69d/0x770 [ 916.448832][T17053] ksys_write+0xce/0x180 [ 916.453131][T17053] __x64_sys_write+0x3e/0x50 [ 916.457877][T17053] do_syscall_64+0x4a/0x90 [ 916.462390][T17053] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 916.468322][T17053] RIP: 0033:0x4665d9 [ 916.472258][T17053] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 916.491875][T17053] RSP: 002b:00007f2b61b93188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 916.500298][T17053] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9 [ 916.508480][T17053] RDX: 0000000000043408 RSI: 0000000020000200 RDI: 0000000000000005 [ 916.516470][T17053] RBP: 00007f2b61b931d0 R08: 0000000000000000 R09: 0000000000000000 [ 916.524471][T17053] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003 [ 916.532449][T17053] R13: 00007ffe0cf2382f R14: 00007f2b61b93300 R15: 0000000000022000 [ 916.544424][T17058] loop3: p1 p2 p3 p4 [ 916.549232][T17058] loop3: p1 size 11292159 extends beyond EOD, truncated 13:22:38 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200), 0x43408) [ 916.552236][T17052] loop4: p1 p2 p3 p4 [ 916.558531][T17058] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 916.560998][T17052] loop4: p1 size 11292159 extends beyond EOD, truncated [ 916.580436][T17052] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:22:38 executing program 3: syz_read_part_table(0x900, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:22:38 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x2, 0x43408) [ 916.670398][T17058] loop3: detected capacity change from 0 to 44288 [ 916.710497][T17052] loop4: detected capacity change from 0 to 264192 13:22:38 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff52000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:22:39 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x3, 0x43408) [ 916.748272][T17052] loop4: p1 p2 p3 p4 [ 916.752478][T17052] loop4: p1 size 11292159 extends beyond EOD, truncated [ 916.770947][T17052] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 916.831979][T17111] loop3: detected capacity change from 0 to 44288 13:22:39 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x4, 0x43408) [ 916.891271][T17111] loop3: p1 p2 p3 p4 [ 916.904878][T17111] loop3: p1 size 11292159 extends beyond EOD, truncated [ 916.925875][T17111] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 916.945887][T17133] loop4: detected capacity change from 0 to 264192 13:22:39 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x5, 0x43408) [ 916.987224][T17133] loop4: p1 p2 p3 p4 [ 916.991853][T17133] loop4: p1 size 11292159 extends beyond EOD, truncated [ 917.002426][T17133] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 917.011832][T17111] loop3: detected capacity change from 0 to 44288 13:22:39 executing program 3: syz_read_part_table(0xa00, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 917.167083][T17166] loop3: detected capacity change from 0 to 44288 [ 917.205867][T17166] loop3: p1 p2 p3 p4 [ 917.210092][T17166] loop3: p1 size 11292159 extends beyond EOD, truncated [ 917.219475][T17166] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 917.277414][T17166] loop3: detected capacity change from 0 to 44288 [ 917.325663][T17166] loop3: p1 p2 p3 p4 [ 917.329852][T17166] loop3: p1 size 11292159 extends beyond EOD, truncated [ 917.338146][T17166] loop3: p4 size 3657465856 extends beyond EOD, truncated 13:22:41 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36c6d6", 0xc8}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:22:41 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff53000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:22:41 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x6, 0x43408) 13:22:41 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36", 0xc6}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:22:41 executing program 3: syz_read_part_table(0xb00, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:22:41 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66", 0x97}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:22:41 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x7, 0x43408) [ 919.362000][T17206] loop3: detected capacity change from 0 to 44288 [ 919.384151][T17201] loop4: detected capacity change from 0 to 264192 [ 919.409017][T17206] loop3: p1 p2 p3 p4 [ 919.413361][T17206] loop3: p1 size 11292159 extends beyond EOD, truncated [ 919.424649][T17206] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 919.432361][T17201] loop4: p1 p2 p3 p4 [ 919.437522][T17201] loop4: p1 size 11292159 extends beyond EOD, truncated 13:22:41 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x8, 0x43408) [ 919.457974][T17201] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 919.497626][T17209] blk_update_request: I/O error, dev loop3, sector 8 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 919.505777][T17199] blk_update_request: I/O error, dev loop4, sector 264064 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 919.510535][T17214] blk_update_request: I/O error, dev loop3, sector 44160 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 919.523154][T17227] blk_update_request: I/O error, dev loop3, sector 233 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 919.535858][T17201] __loop_clr_fd: partition scan of loop4 failed (rc=-16) [ 919.546730][T17228] blk_update_request: I/O error, dev loop3, sector 44160 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 919.550604][T17206] __loop_clr_fd: partition scan of loop3 failed (rc=-16) [ 919.578383][ T881] blk_update_request: I/O error, dev loop3, sector 44160 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 919.580342][T17237] blk_update_request: I/O error, dev loop4, sector 233 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 919.589689][ T881] Buffer I/O error on dev loop3p4, logical block 5520, async page read [ 919.603120][T17238] blk_update_request: I/O error, dev loop4, sector 264064 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 919.623080][T17236] blk_update_request: I/O error, dev loop4, sector 8 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 919.628179][ T881] blk_update_request: I/O error, dev loop3, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 919.640763][ T616] Buffer I/O error on dev loop4p1, logical block 33008, async page read [ 919.645167][ T881] Buffer I/O error on dev loop3p2, logical block 8, async page read [ 919.661570][ T881] Buffer I/O error on dev loop3p2, logical block 9, async page read [ 919.669595][ T881] Buffer I/O error on dev loop3p2, logical block 10, async page read [ 919.677690][ T881] Buffer I/O error on dev loop3p2, logical block 11, async page read [ 919.685798][ T881] Buffer I/O error on dev loop3p2, logical block 12, async page read [ 919.689158][T17201] loop4: detected capacity change from 0 to 264192 [ 919.693875][ T881] Buffer I/O error on dev loop3p2, logical block 13, async page read [ 919.693897][ T881] Buffer I/O error on dev loop3p2, logical block 14, async page read [ 919.701366][T17206] loop3: detected capacity change from 0 to 44288 [ 919.709121][ T881] Buffer I/O error on dev loop3p2, logical block 15, async page read 13:22:41 executing program 3: syz_read_part_table(0xc00, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:22:41 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff54000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:22:41 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x9, 0x43408) [ 919.755654][T17201] loop_reread_partitions: partition scan of loop4 () failed (rc=-16) 13:22:42 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0xa, 0x43408) [ 919.863347][T17275] loop3: detected capacity change from 0 to 44288 [ 919.867602][T17278] loop4: detected capacity change from 0 to 264192 [ 919.919327][T17278] loop4: p1 p2 p3 p4 [ 919.924975][T17275] loop3: p1 p2 p3 p4 [ 919.927499][T17278] loop4: p1 size 11292159 extends beyond EOD, truncated [ 919.938532][T17275] loop3: p1 size 11292159 extends beyond EOD, truncated [ 919.938811][T17278] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 919.954697][T17275] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 920.049795][T17278] loop4: detected capacity change from 0 to 264192 13:22:44 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0xb, 0x43408) 13:22:44 executing program 3: syz_read_part_table(0xd00, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:22:44 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, 0x0, 0x0, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36c6d6", 0xc8}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:22:44 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36", 0xc6}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:22:44 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff55000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:22:44 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66", 0x97}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:22:44 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0xc, 0x43408) [ 922.384999][T17326] loop3: detected capacity change from 0 to 44288 [ 922.411940][T17335] loop4: detected capacity change from 0 to 264192 13:22:44 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff56000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 922.435622][T17326] loop3: p1 p2 p3 p4 [ 922.439871][T17326] loop3: p1 size 11292159 extends beyond EOD, truncated [ 922.445535][T17335] loop4: p1 p2 p3 p4 [ 922.449354][T17326] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 922.454790][T17335] loop4: p1 size 11292159 extends beyond EOD, truncated [ 922.472640][T17335] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:22:44 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0xd, 0x43408) [ 922.556003][T17326] loop3: detected capacity change from 0 to 44288 [ 922.573832][T17362] loop4: detected capacity change from 0 to 264192 13:22:44 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0xe, 0x43408) [ 922.613834][T17362] loop4: p1 p2 p3 p4 [ 922.618041][T17326] loop3: p1 p2 p3 p4 [ 922.619242][T17362] loop4: p1 size 11292159 extends beyond EOD, truncated [ 922.622507][T17326] loop3: p1 size 11292159 extends beyond EOD, truncated [ 922.641630][T17362] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 922.649811][T17326] loop3: p4 size 3657465856 extends beyond EOD, truncated 13:22:44 executing program 3: syz_read_part_table(0xe00, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 922.705129][T17362] loop4: detected capacity change from 0 to 264192 13:22:44 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0xf, 0x43408) [ 922.745575][T17362] loop4: p1 p2 p3 p4 [ 922.749720][T17362] loop4: p1 size 11292159 extends beyond EOD, truncated [ 922.758068][T17362] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 922.766416][T17402] loop3: detected capacity change from 0 to 44288 13:22:44 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff57000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 922.805993][T17402] loop3: p1 p2 p3 p4 [ 922.813566][T17402] loop3: p1 size 11292159 extends beyond EOD, truncated [ 922.831876][T17402] loop3: p4 size 3657465856 extends beyond EOD, truncated 13:22:45 executing program 3: syz_read_part_table(0xf00, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 922.930872][T17444] loop4: detected capacity change from 0 to 264192 [ 922.989019][T17444] loop4: p1 p2 p3 p4 [ 922.995962][T17457] loop3: detected capacity change from 0 to 44288 [ 922.999124][T17444] loop4: p1 size 11292159 extends beyond EOD, truncated [ 923.011385][T17444] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 923.036959][T17457] loop3: p1 p2 p3 p4 [ 923.047771][T17457] loop3: p1 size 11292159 extends beyond EOD, truncated [ 923.058558][T17457] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 923.121006][T17444] loop4: detected capacity change from 0 to 264192 [ 923.136062][T17457] loop3: detected capacity change from 0 to 44288 [ 923.175779][T17444] loop4: p1 p2 p3 p4 [ 923.179832][T17444] loop4: p1 size 11292159 extends beyond EOD, truncated [ 923.188582][T17457] loop3: p1 p2 p3 p4 [ 923.192677][T17457] loop3: p1 size 11292159 extends beyond EOD, truncated [ 923.196407][T17444] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 923.203021][T17457] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 923.368466][ T1796] __loop_clr_fd: partition scan of loop4 failed (rc=-16) 13:22:47 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, 0x0, 0x0, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36c6d6", 0xc8}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:22:47 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, 0x0, 0x0, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36", 0xc6}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:22:47 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x10, 0x43408) 13:22:47 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, 0x0, 0x0, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66", 0x97}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:22:47 executing program 3: syz_read_part_table(0x1100, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:22:47 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff58000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 925.431587][T17527] loop4: detected capacity change from 0 to 264192 [ 925.434126][T17525] loop3: detected capacity change from 0 to 44288 [ 925.456985][T17527] loop4: p1 p2 p3 p4 [ 925.461055][T17527] loop4: p1 size 11292159 extends beyond EOD, truncated [ 925.472181][T17527] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:22:47 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x11, 0x43408) [ 925.480398][T17525] loop3: p1 p2 p3 p4 [ 925.485067][T17525] loop3: p1 size 11292159 extends beyond EOD, truncated [ 925.512903][T17525] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 925.572789][T17522] print_req_error: 92 callbacks suppressed [ 925.572846][T17522] blk_update_request: I/O error, dev loop4, sector 233 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 925.572867][ T881] blk_update_request: I/O error, dev loop4, sector 264064 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 925.581403][T17550] blk_update_request: I/O error, dev loop4, sector 264064 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 925.590122][ T881] buffer_io_error: 64 callbacks suppressed 13:22:47 executing program 3: syz_read_part_table(0x1200, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:22:47 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x12, 0x43408) [ 925.590244][ T881] Buffer I/O error on dev loop4p1, logical block 33008, async page read [ 925.602538][T17527] __loop_clr_fd: partition scan of loop4 failed (rc=-16) [ 925.628232][T17551] blk_update_request: I/O error, dev loop4, sector 8 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 925.646508][ T881] blk_update_request: I/O error, dev loop4, sector 233 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 925.657844][ T881] Buffer I/O error on dev loop4p3, logical block 1, async page read [ 925.685375][T17527] loop4: detected capacity change from 0 to 264192 13:22:47 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x13, 0x43408) 13:22:47 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x14, 0x43408) [ 925.729884][T17572] loop3: detected capacity change from 0 to 44288 [ 925.756574][T17527] loop_reread_partitions: partition scan of loop4 () failed (rc=-16) 13:22:48 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff5c000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 925.833173][T17572] loop3: p1 p2 p3 p4 [ 925.837519][T17572] loop3: p1 size 11292159 extends beyond EOD, truncated [ 925.854435][T17572] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 925.868516][T17604] loop4: detected capacity change from 0 to 264192 [ 925.915699][T17604] loop4: p1 p2 p3 p4 [ 925.920141][T17604] loop4: p1 size 11292159 extends beyond EOD, truncated [ 925.929261][T17572] loop3: detected capacity change from 0 to 44288 [ 925.936592][T17604] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 925.946488][ T1036] loop4: p1 p2 p3 p4 [ 925.950718][ T1036] loop4: p1 size 11292159 extends beyond EOD, truncated [ 925.959278][ T1036] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 925.975589][T17572] loop3: p1 p2 p3 p4 [ 925.979849][T17572] loop3: p1 size 11292159 extends beyond EOD, truncated [ 925.988853][T17572] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 925.999751][T17604] loop4: detected capacity change from 0 to 264192 [ 926.036848][ T1036] loop3: p1 p2 p3 p4 [ 926.041063][ T1036] loop3: p1 size 11292159 extends beyond EOD, truncated [ 926.050678][ T1036] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 926.059187][T17604] loop4: p1 p2 p3 p4 [ 926.063240][T17604] loop4: p1 size 11292159 extends beyond EOD, truncated [ 926.073495][T17604] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 926.120944][ T1036] loop4: p1 p2 p3 p4 [ 926.125381][ T1036] loop4: p1 size 11292159 extends beyond EOD, truncated [ 926.134827][ T1036] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:22:50 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, 0x0, 0x0, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36c6d6", 0xc8}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:22:50 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, 0x0, 0x0, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36", 0xc6}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:22:50 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x15, 0x43408) 13:22:50 executing program 3: syz_read_part_table(0x1300, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:22:50 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff60000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:22:50 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, 0x0, 0x0, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66", 0x97}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:22:50 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x16, 0x43408) [ 928.455452][T17697] loop4: detected capacity change from 0 to 264192 [ 928.457528][T17695] loop3: detected capacity change from 0 to 44288 [ 928.517517][T17697] loop4: p1 p2 p3 p4 [ 928.517816][T17695] loop3: p1 p2 p3 p4 [ 928.522071][T17697] loop4: p1 size 11292159 extends beyond EOD, truncated [ 928.531349][T17695] loop3: p1 size 11292159 extends beyond EOD, truncated [ 928.555831][T17697] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:22:50 executing program 3: syz_read_part_table(0x152e, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 928.577163][T17695] loop3: p4 size 3657465856 extends beyond EOD, truncated 13:22:50 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffffcd000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:22:50 executing program 3: syz_read_part_table(0x1544, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:22:50 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x17, 0x43408) [ 928.682878][T17742] loop4: detected capacity change from 0 to 264192 13:22:50 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff03010000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 928.735497][T17742] loop4: p1 p2 p3 p4 [ 928.754935][T17755] loop3: detected capacity change from 0 to 44288 [ 928.755398][T17742] loop4: p1 size 11292159 extends beyond EOD, truncated [ 928.774200][T17742] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 928.782685][T17755] loop3: p1 p2 p3 p4 [ 928.848004][T17755] loop3: p1 size 11292159 extends beyond EOD, truncated [ 928.856890][T17755] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 928.893487][T17755] loop3: detected capacity change from 0 to 44288 [ 928.952340][T17755] loop3: p1 p2 p3 p4 [ 928.960721][T17755] loop3: p1 size 11292159 extends beyond EOD, truncated [ 928.972007][T17755] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 929.037180][ T1036] loop3: p1 p2 p3 p4 [ 929.041284][ T1036] loop3: p1 size 11292159 extends beyond EOD, truncated [ 929.050112][ T1036] loop3: p4 size 3657465856 extends beyond EOD, truncated 13:22:53 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0x0, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36c6d6", 0xc8}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:22:53 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, 0x0, 0x0, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36", 0xc6}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:22:53 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffffc8070000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:22:53 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x18, 0x43408) 13:22:53 executing program 3: syz_read_part_table(0x154b, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:22:53 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, 0x0, 0x0, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66", 0x97}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) [ 931.477508][T17825] loop4: detected capacity change from 0 to 215297 [ 931.493720][T17831] loop3: detected capacity change from 0 to 44288 [ 931.515658][T17825] loop4: p1 p2 p3 p4 [ 931.520872][T17825] loop4: p1 size 11292159 extends beyond EOD, truncated 13:22:53 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x19, 0x43408) [ 931.536626][T17831] loop3: p1 p2 p3 p4 [ 931.540753][T17831] loop3: p1 size 11292159 extends beyond EOD, truncated [ 931.549197][T17825] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 931.551442][T17831] loop3: p4 size 3657465856 extends beyond EOD, truncated 13:22:53 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffffcd070000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:22:53 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x1a, 0x43408) 13:22:53 executing program 3: syz_read_part_table(0x1556, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 931.688748][T17872] loop4: detected capacity change from 0 to 235777 [ 931.712360][T17877] loop3: detected capacity change from 0 to 44288 13:22:53 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x1b, 0x43408) [ 931.737476][T17872] loop4: p1 p2 p3 p4 [ 931.741837][T17872] loop4: p1 size 11292159 extends beyond EOD, truncated [ 931.751533][T17872] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 931.765779][T17877] loop3: p1 p2 p3 p4 [ 931.769985][T17877] loop3: p1 size 11292159 extends beyond EOD, truncated 13:22:54 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff22120000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 931.789924][T17877] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 931.896829][T17912] loop4: detected capacity change from 0 to 264192 [ 931.957877][T17912] loop4: p1 p2 p3 p4 [ 931.962350][T17912] loop4: p1 size 11292159 extends beyond EOD, truncated [ 931.971067][T17912] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:22:56 executing program 3: syz_read_part_table(0x156e, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 934.396638][T17929] loop3: detected capacity change from 0 to 44288 13:22:56 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0x0, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36", 0xc6}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:22:56 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x1c, 0x43408) 13:22:56 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0x0, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36c6d6", 0xc8}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:22:56 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff24120000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:22:56 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0x0, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66", 0x97}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) [ 934.445567][T17929] loop3: p1 p2 p3 p4 [ 934.449727][T17929] loop3: p1 size 11292159 extends beyond EOD, truncated [ 934.458588][T17929] loop3: p4 size 3657465856 extends beyond EOD, truncated 13:22:56 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0x0, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66", 0x97}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:22:56 executing program 3: syz_read_part_table(0x157f, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 934.529452][T17929] loop3: detected capacity change from 0 to 44288 [ 934.548083][T17952] loop4: detected capacity change from 0 to 264192 13:22:56 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x1d, 0x43408) [ 934.579640][T17952] loop4: p1 p2 p3 p4 [ 934.590234][T17952] loop4: p1 size 11292159 extends beyond EOD, truncated [ 934.602563][T17952] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 934.662263][T17952] loop4: detected capacity change from 0 to 264192 [ 934.670870][T17989] loop3: detected capacity change from 0 to 44288 13:22:56 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x1e, 0x43408) [ 934.713559][T17952] loop4: p1 p2 p3 p4 [ 934.717698][T17989] loop3: p1 p2 p3 p4 [ 934.721941][T17989] loop3: p1 size 11292159 extends beyond EOD, truncated [ 934.724053][T17952] loop4: p1 size 11292159 extends beyond EOD, truncated [ 934.737416][T17952] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 934.751992][T17989] loop3: p4 size 3657465856 extends beyond EOD, truncated 13:22:56 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff25120000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:22:56 executing program 3: syz_read_part_table(0x1580, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:22:57 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x21, 0x43408) [ 934.831064][T18011] loop3: detected capacity change from 0 to 44288 [ 934.837722][T18012] loop4: detected capacity change from 0 to 264192 [ 934.885762][T18011] loop3: p1 p2 p3 p4 [ 934.890022][T18011] loop3: p1 size 11292159 extends beyond EOD, truncated [ 934.897086][T18012] loop4: p1 p2 p3 p4 [ 934.902457][T18012] loop4: p1 size 11292159 extends beyond EOD, truncated [ 934.912659][T18012] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 934.922606][T18011] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 934.988595][T18012] loop4: detected capacity change from 0 to 264192 13:22:59 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0x0, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36", 0xc6}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:22:59 executing program 3: syz_read_part_table(0x1590, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:22:59 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff26120000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:22:59 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x22, 0x43408) 13:22:59 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0x0, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36c6d6", 0xc8}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:22:59 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0x0, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66", 0x97}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) [ 937.536998][T18075] loop3: detected capacity change from 0 to 44288 [ 937.575628][T18075] loop3: p1 p2 p3 p4 13:22:59 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x23, 0x43408) [ 937.583090][T18075] loop3: p1 size 11292159 extends beyond EOD, truncated [ 937.590243][T18081] loop4: detected capacity change from 0 to 264192 [ 937.600545][T18075] loop3: p4 size 3657465856 extends beyond EOD, truncated 13:22:59 executing program 3: syz_read_part_table(0x1598, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 937.635249][T18081] loop4: p1 p2 p3 p4 [ 937.645395][T18081] loop4: p1 size 11292159 extends beyond EOD, truncated [ 937.676708][T18081] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:22:59 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x24, 0x43408) [ 937.720501][T18105] loop3: detected capacity change from 0 to 44288 13:22:59 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff29120000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 937.802182][T18105] loop3: p1 p2 p3 p4 [ 937.806513][T18105] loop3: p1 size 11292159 extends beyond EOD, truncated 13:23:00 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x25, 0x43408) [ 937.842978][T18105] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 937.869909][T18135] loop4: detected capacity change from 0 to 44288 [ 937.925639][ T1036] loop4: p1 p2 p3 p4 [ 937.930158][ T1036] loop4: p1 size 11292159 extends beyond EOD, truncated [ 937.939310][ T1036] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 937.940039][T18105] loop3: detected capacity change from 0 to 44288 [ 937.959366][T18135] loop4: p1 p2 p3 p4 [ 937.963641][T18135] loop4: p1 size 11292159 extends beyond EOD, truncated [ 937.972530][T18135] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:23:00 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x26, 0x43408) [ 937.996268][T18105] loop3: p1 p2 p3 p4 [ 938.000592][T18105] loop3: p1 size 11292159 extends beyond EOD, truncated [ 938.010468][T18105] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 938.027220][ T1036] loop3: p1 p2 p3 p4 [ 938.031536][ T1036] loop3: p1 size 11292159 extends beyond EOD, truncated [ 938.042448][ T1036] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 938.046888][T18135] loop4: detected capacity change from 0 to 44288 [ 938.125647][T18135] loop4: p1 p2 p3 p4 [ 938.129893][T18135] loop4: p1 size 11292159 extends beyond EOD, truncated [ 938.139241][T18135] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 938.257224][T18112] blk_update_request: I/O error, dev loop4, sector 8 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 938.261133][T18077] blk_update_request: I/O error, dev loop4, sector 44160 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 938.270205][ T616] blk_update_request: I/O error, dev loop4, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 938.282267][T18127] blk_update_request: I/O error, dev loop4, sector 233 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 938.291866][ T616] Buffer I/O error on dev loop4p2, logical block 8, async page read [ 938.296580][ T616] blk_update_request: I/O error, dev loop4, sector 44160 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 938.306162][T18111] blk_update_request: I/O error, dev loop4, sector 44160 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 938.311281][ T616] Buffer I/O error on dev loop4p1, logical block 5520, async page read [ 938.323505][ T1796] __loop_clr_fd: partition scan of loop4 failed (rc=-16) [ 938.337000][ T616] blk_update_request: I/O error, dev loop4, sector 9 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 938.360273][ T616] Buffer I/O error on dev loop4p2, logical block 9, async page read [ 938.368350][ T616] blk_update_request: I/O error, dev loop4, sector 10 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 938.379329][ T616] Buffer I/O error on dev loop4p2, logical block 10, async page read [ 938.387556][ T616] blk_update_request: I/O error, dev loop4, sector 11 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 938.398566][ T616] Buffer I/O error on dev loop4p2, logical block 11, async page read [ 938.407594][ T616] blk_update_request: I/O error, dev loop4, sector 12 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 938.418896][ T616] Buffer I/O error on dev loop4p2, logical block 12, async page read [ 938.427057][ T616] Buffer I/O error on dev loop4p2, logical block 13, async page read [ 938.436383][ T616] Buffer I/O error on dev loop4p2, logical block 14, async page read [ 938.444472][ T616] Buffer I/O error on dev loop4p2, logical block 15, async page read [ 938.452598][ T616] Buffer I/O error on dev loop4p4, logical block 5520, async page read 13:23:02 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0x0, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36", 0xc6}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:23:02 executing program 3: syz_read_part_table(0x159e, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:23:02 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x27, 0x43408) 13:23:02 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff32420000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:23:02 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36c6d6", 0xc8}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:23:02 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66", 0x97}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:23:02 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x28, 0x43408) [ 940.580096][T18232] loop3: detected capacity change from 0 to 44288 [ 940.593123][T18236] loop4: detected capacity change from 0 to 174337 [ 940.656598][T18232] loop3: p1 p2 p3 p4 [ 940.660704][T18232] loop3: p1 size 11292159 extends beyond EOD, truncated [ 940.670369][T18236] loop4: p1 p2 p3 p4 [ 940.674609][T18236] loop4: p1 size 11292159 extends beyond EOD, truncated [ 940.685820][T18232] loop3: p4 size 3657465856 extends beyond EOD, truncated 13:23:02 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36c6d6", 0xc8}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:23:02 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x29, 0x43408) [ 940.721240][T18236] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:23:02 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66", 0x97}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) [ 940.791390][T18232] loop3: detected capacity change from 0 to 44288 [ 940.803496][T18236] loop4: detected capacity change from 0 to 174337 [ 940.845500][T18232] loop3: p1 p2 p3 p4 [ 940.854378][T18236] loop4: p1 p2 p3 p4 [ 940.863101][T18236] loop4: p1 size 11292159 extends beyond EOD, truncated [ 940.870902][T18232] loop3: p1 size 11292159 extends beyond EOD, truncated 13:23:03 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36c6d6", 0xc8}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:23:03 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x2a, 0x43408) [ 940.896929][T18232] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 940.910488][T18236] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 940.954674][ T1036] loop4: p1 p2 p3 p4 [ 940.958773][ T1036] loop4: p1 size 11292159 extends beyond EOD, truncated [ 940.971531][ T1036] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:23:05 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36", 0xc6}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:23:05 executing program 3: syz_read_part_table(0x159f, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:23:05 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9fffffff8e60400ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:23:05 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66", 0x97}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:23:05 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x2b, 0x43408) 13:23:05 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36c6d6", 0xc8}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:23:05 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36c6d6", 0xc8}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) [ 943.598419][T18354] loop3: detected capacity change from 0 to 44288 [ 943.605042][T18353] loop4: detected capacity change from 0 to 170241 13:23:05 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x2c, 0x43408) [ 943.673911][T18354] loop3: p1 p2 p3 p4 [ 943.682018][T18353] loop4: p1 p2 p3 p4 [ 943.687023][T18354] loop3: p1 size 11292159 extends beyond EOD, truncated [ 943.689794][T18353] loop4: p1 start 262144 is beyond EOD, truncated 13:23:05 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66", 0x97}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:23:05 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36c6d6", 0xc8}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:23:05 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36", 0xc6}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:23:05 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66", 0x97}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) [ 943.718312][T18353] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 943.742679][T18354] loop3: p4 size 3657465856 extends beyond EOD, truncated 13:23:05 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) [ 943.827522][T18353] loop4: detected capacity change from 0 to 170241 [ 943.883957][T18353] loop4: p1 p2 p3 p4 [ 943.896368][T18353] loop4: p1 start 262144 is beyond EOD, truncated [ 943.903380][T18354] loop3: detected capacity change from 0 to 44288 [ 943.913306][T18353] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:23:06 executing program 3: syz_read_part_table(0x15a0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:23:06 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66", 0x97}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:23:06 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x2d, 0x43408) 13:23:06 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36", 0xc6}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:23:06 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0e1a0500ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 943.946116][ T1036] loop3: p1 p2 p3 p4 [ 943.950729][ T1036] loop3: p1 size 11292159 extends beyond EOD, truncated [ 943.959365][ T1036] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 943.968993][T18354] loop3: p1 p2 p3 p4 [ 943.973124][T18354] loop3: p1 size 11292159 extends beyond EOD, truncated [ 943.981925][T18354] loop3: p4 size 3657465856 extends beyond EOD, truncated 13:23:06 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) [ 944.055522][T18456] loop4: detected capacity change from 0 to 264192 [ 944.095514][T18456] loop4: p1 p2 p3 p4 13:23:06 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36", 0xc6}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:23:06 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x2e, 0x43408) [ 944.099893][T18456] loop4: p1 start 327680 is beyond EOD, truncated [ 944.107321][T18466] loop3: detected capacity change from 0 to 44288 [ 944.114187][T18456] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 944.135574][ T1036] loop3: p1 p2 p3 p4 [ 944.140914][ T1036] loop3: p1 size 11292159 extends beyond EOD, truncated 13:23:06 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36", 0xc6}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:23:06 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc66fa38cf96580f7863948853acdca96f9eb86bd531bc4486e8a7fa98272009ea59071c87c4cf1b21dd023f1ef60a8d36", 0xc6}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:23:06 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) [ 944.157907][ T1036] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 944.172076][T18456] loop4: detected capacity change from 0 to 264192 [ 944.176373][T18466] loop3: p1 p2 p3 p4 [ 944.184076][T18466] loop3: p1 size 11292159 extends beyond EOD, truncated [ 944.193082][T18466] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 944.225685][T18456] loop4: p1 p2 p3 p4 [ 944.229963][T18456] loop4: p1 start 327680 is beyond EOD, truncated [ 944.242503][T18456] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 944.272919][T18466] loop3: detected capacity change from 0 to 44288 [ 944.308494][T18466] loop3: p1 p2 p3 p4 [ 944.313370][T18466] loop3: p1 size 11292159 extends beyond EOD, truncated [ 944.321944][T18466] loop3: p4 size 3657465856 extends beyond EOD, truncated 13:23:08 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:23:08 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x2f, 0x43408) 13:23:08 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff7ff10500ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:23:08 executing program 3: syz_read_part_table(0x1961, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 946.842561][T18552] loop4: detected capacity change from 0 to 112897 [ 946.852004][T18560] loop3: detected capacity change from 0 to 44288 13:23:09 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x30, 0x43408) [ 946.885573][T18552] loop4: p1 p2 p3 p4 [ 946.889849][T18552] loop4: p1 start 327680 is beyond EOD, truncated [ 946.902153][T18560] loop3: p1 p2 p3 p4 [ 946.907044][T18560] loop3: p1 size 11292159 extends beyond EOD, truncated [ 946.914831][T18552] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:23:09 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffffff4dac00ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 946.929845][T18560] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 946.994815][T18587] loop4: detected capacity change from 0 to 264192 [ 947.002371][T18560] loop3: detected capacity change from 0 to 44288 [ 947.025703][T18587] loop4: p1 p2 p3 p4 [ 947.029852][T18587] loop4: p1 start 11272192 is beyond EOD, truncated [ 947.040115][T18587] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:23:09 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:23:09 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x31, 0x43408) 13:23:09 executing program 3: syz_read_part_table(0x1c27, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:23:09 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff008000daff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:23:09 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x32, 0x43408) [ 947.102279][T18611] loop3: detected capacity change from 0 to 44288 [ 947.175618][ T1036] loop3: p1 p2 p3 p4 [ 947.179678][ T1036] loop3: p1 size 11292159 extends beyond EOD, truncated [ 947.188038][ T1036] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 947.193348][T18632] loop4: detected capacity change from 0 to 264192 [ 947.196961][T18611] loop3: p1 p2 p3 p4 [ 947.206054][T18611] loop3: p1 size 11292159 extends beyond EOD, truncated [ 947.214420][T18611] loop3: p4 size 3657465856 extends beyond EOD, truncated 13:23:09 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) [ 947.235473][T18632] loop4: p1 p2 p3 p4 [ 947.244182][T18632] loop4: p1 start 3657433088 is beyond EOD, truncated [ 947.252465][T18632] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 947.262751][ T1036] loop4: p1 p2 p3 p4 [ 947.271807][ T1036] loop4: p1 start 3657433088 is beyond EOD, truncated [ 947.280749][T18611] loop3: detected capacity change from 0 to 44288 [ 947.282992][ T1036] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 947.325731][T18611] loop3: p1 p2 p3 p4 [ 947.329911][T18611] loop3: p1 size 11292159 extends beyond EOD, truncated [ 947.336962][T18632] loop4: detected capacity change from 0 to 264192 [ 947.341780][T18611] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 947.395677][ T1036] loop4: p1 p2 p3 p4 [ 947.399847][ T1036] loop4: p1 start 3657433088 is beyond EOD, truncated [ 947.408346][ T1036] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 947.418032][T18632] loop4: p1 p2 p3 p4 [ 947.424026][T18632] loop4: p1 start 3657433088 is beyond EOD, truncated [ 947.432433][T18632] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:23:12 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:23:12 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x33, 0x43408) 13:23:12 executing program 3: syz_read_part_table(0x2000, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:23:12 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a020000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 949.871537][T18715] loop3: detected capacity change from 0 to 44288 [ 949.878254][T18713] loop4: detected capacity change from 0 to 44288 13:23:12 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x34, 0x43408) 13:23:12 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a030000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 949.916693][T18713] loop4: p1 p2 p3 p4 [ 949.920950][T18713] loop4: p1 size 11292159 extends beyond EOD, truncated [ 949.921575][T18715] loop3: p1 p2 p3 p4 [ 949.930172][T18713] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 949.934275][T18715] loop3: p1 size 11292159 extends beyond EOD, truncated [ 949.948777][T18715] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 950.027963][T18747] loop4: detected capacity change from 0 to 264192 [ 950.065522][T18747] loop4: p1 p2 p3 p4 [ 950.069721][T18747] loop4: p1 size 11292159 extends beyond EOD, truncated 13:23:12 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:23:12 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x35, 0x43408) 13:23:12 executing program 3: syz_read_part_table(0x2400, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:23:12 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a040000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 950.088283][T18747] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 950.138287][T18768] loop3: detected capacity change from 0 to 44288 13:23:12 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x36, 0x43408) [ 950.179216][T18768] loop3: p1 p2 p3 p4 [ 950.183310][T18768] loop3: p1 size 11292159 extends beyond EOD, truncated 13:23:12 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) [ 950.223272][T18768] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 950.257307][T18786] loop4: detected capacity change from 0 to 264192 [ 950.297802][T18722] print_req_error: 80 callbacks suppressed [ 950.297811][T18722] blk_update_request: I/O error, dev loop3, sector 44160 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 950.305944][T18768] __loop_clr_fd: partition scan of loop3 failed (rc=-16) [ 950.317261][T18758] blk_update_request: I/O error, dev loop3, sector 233 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 950.334083][T18768] loop3: detected capacity change from 0 to 44288 [ 950.341196][ T881] blk_update_request: I/O error, dev loop3, sector 233 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 950.352416][ T881] buffer_io_error: 56 callbacks suppressed [ 950.352426][ T881] Buffer I/O error on dev loop3p3, logical block 1, async page read [ 950.387726][T18786] loop4: p1 p2 p3 p4 [ 950.396871][T18768] loop_reread_partitions: partition scan of loop3 () failed (rc=-16) [ 950.410760][T18786] loop4: p1 size 11292159 extends beyond EOD, truncated [ 950.435120][T18786] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 950.474904][ T1036] loop3: p1 p2 p3 p4 [ 950.480455][ T1036] loop3: p1 size 11292159 extends beyond EOD, truncated [ 950.494256][ T1036] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 950.498646][T18786] loop4: detected capacity change from 0 to 264192 [ 950.544349][T18786] loop4: p1 p2 p3 p4 [ 950.548852][T18786] loop4: p1 size 11292159 extends beyond EOD, truncated [ 950.558078][T18786] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 950.596735][ T1036] loop4: p1 p2 p3 p4 [ 950.600974][ T1036] loop4: p1 size 11292159 extends beyond EOD, truncated [ 950.609937][ T1036] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 950.657134][T18757] blk_update_request: I/O error, dev loop4, sector 8 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 950.671256][T18733] blk_update_request: I/O error, dev loop4, sector 264064 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 950.684360][T18723] blk_update_request: I/O error, dev loop4, sector 233 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 950.694845][ T881] blk_update_request: I/O error, dev loop4, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 950.697507][T18758] blk_update_request: I/O error, dev loop4, sector 264064 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 950.706672][ T881] Buffer I/O error on dev loop4p2, logical block 8, async page read [ 950.719187][ T1796] __loop_clr_fd: partition scan of loop4 failed (rc=-16) [ 950.726612][ T881] blk_update_request: I/O error, dev loop4, sector 9 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 950.744849][ T881] Buffer I/O error on dev loop4p2, logical block 9, async page read [ 950.752903][ T881] blk_update_request: I/O error, dev loop4, sector 10 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 950.763912][ T881] Buffer I/O error on dev loop4p2, logical block 10, async page read [ 950.772007][ T881] Buffer I/O error on dev loop4p2, logical block 11, async page read [ 950.780120][ T881] Buffer I/O error on dev loop4p2, logical block 12, async page read [ 950.788490][ T881] Buffer I/O error on dev loop4p2, logical block 13, async page read [ 950.796751][ T881] Buffer I/O error on dev loop4p2, logical block 14, async page read [ 950.804857][ T881] Buffer I/O error on dev loop4p2, logical block 15, async page read [ 950.812954][ T881] Buffer I/O error on dev loop4p3, logical block 1, async page read 13:23:15 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}], 0x3, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:23:15 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x37, 0x43408) 13:23:15 executing program 3: syz_read_part_table(0x2500, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:23:15 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a050000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 952.892119][T18861] loop3: detected capacity change from 0 to 44288 [ 952.910189][T18866] loop4: detected capacity change from 0 to 264192 [ 952.958099][T18861] loop3: p1 p2 p3 p4 [ 952.963439][T18866] loop4: p1 p2 p3 p4 [ 952.964631][T18861] loop3: p1 size 11292159 extends beyond EOD, truncated [ 952.967637][T18866] loop4: p1 size 11292159 extends beyond EOD, truncated 13:23:15 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x38, 0x43408) [ 952.999016][T18866] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 953.011780][T18861] loop3: p4 size 3657465856 extends beyond EOD, truncated 13:23:15 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a060000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:23:15 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}], 0x3, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:23:15 executing program 3: syz_read_part_table(0x2600, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:23:15 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x39, 0x43408) [ 953.137362][T18901] loop4: detected capacity change from 0 to 264192 [ 953.203138][T18920] loop3: detected capacity change from 0 to 44288 [ 953.217127][T18901] loop4: p1 p2 p3 p4 [ 953.221495][T18901] loop4: p1 size 11292159 extends beyond EOD, truncated [ 953.235635][T18920] loop3: p1 p2 p3 p4 [ 953.239916][T18920] loop3: p1 size 11292159 extends beyond EOD, truncated [ 953.258864][T18901] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 953.271001][T18920] loop3: p4 size 3657465856 extends beyond EOD, truncated 13:23:15 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x3a, 0x43408) 13:23:15 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a070000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:23:15 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}], 0x3, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) [ 953.402880][T18956] loop4: detected capacity change from 0 to 264192 [ 953.447432][T18956] loop4: p1 p2 p3 p4 [ 953.451545][T18956] loop4: p1 size 11292159 extends beyond EOD, truncated [ 953.461785][T18956] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 953.543350][T18956] loop4: detected capacity change from 0 to 264192 [ 953.585685][T18956] loop4: p1 p2 p3 p4 [ 953.590011][T18956] loop4: p1 size 11292159 extends beyond EOD, truncated [ 953.598852][T18956] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 953.657016][ T1036] loop4: p1 p2 p3 p4 [ 953.661235][ T1036] loop4: p1 size 11292159 extends beyond EOD, truncated [ 953.670681][ T1036] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:23:18 executing program 3: syz_read_part_table(0x271c, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:23:18 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x3b, 0x43408) 13:23:18 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}], 0x3, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:23:18 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a080000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 955.910154][T19004] loop3: detected capacity change from 0 to 44288 13:23:18 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x3c, 0x43408) [ 955.955703][T19004] loop3: p1 p2 p3 p4 [ 955.960013][T19004] loop3: p1 size 11292159 extends beyond EOD, truncated [ 955.968789][T19012] loop4: detected capacity change from 0 to 264192 [ 955.977010][T19004] loop3: p4 size 3657465856 extends beyond EOD, truncated 13:23:18 executing program 3: syz_read_part_table(0x2e00, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 956.016114][T19012] loop4: p1 p2 p3 p4 [ 956.027542][T19012] loop4: p1 size 11292159 extends beyond EOD, truncated [ 956.037201][T19012] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 956.105032][T19042] loop3: detected capacity change from 0 to 44288 13:23:18 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}], 0x3, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:23:18 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x3d, 0x43408) 13:23:18 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a090000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 956.160477][T19042] loop3: p1 p2 p3 p4 [ 956.164535][T19042] loop3: p1 size 11292159 extends beyond EOD, truncated [ 956.174448][T19042] loop3: p4 size 3657465856 extends beyond EOD, truncated 13:23:18 executing program 3: syz_read_part_table(0x2e15, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:23:18 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x3e, 0x43408) [ 956.209567][T19058] loop4: detected capacity change from 0 to 264192 [ 956.267461][T19058] loop4: p1 p2 p3 p4 [ 956.271595][T19058] loop4: p1 size 11292159 extends beyond EOD, truncated [ 956.308835][T19078] loop3: detected capacity change from 0 to 44288 [ 956.321234][T19058] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 956.345554][T19078] loop3: p1 p2 p3 p4 [ 956.349732][T19078] loop3: p1 size 11292159 extends beyond EOD, truncated [ 956.358696][T19078] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 956.387322][T19058] loop4: detected capacity change from 0 to 264192 13:23:18 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}], 0x3, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:23:18 executing program 3: syz_read_part_table(0x3f00, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:23:18 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x41, 0x43408) [ 956.438328][T19058] loop4: p1 p2 p3 p4 [ 956.442375][T19058] loop4: p1 size 11292159 extends beyond EOD, truncated [ 956.479238][T19058] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 956.503840][T19117] loop3: detected capacity change from 0 to 44288 [ 956.574839][T19117] loop3: p1 p2 p3 p4 [ 956.580231][T19117] loop3: p1 size 11292159 extends beyond EOD, truncated [ 956.588730][T19117] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 956.631794][T19117] loop3: detected capacity change from 0 to 44288 [ 956.658459][T19117] loop3: p1 p2 p3 p4 [ 956.662516][T19117] loop3: p1 size 11292159 extends beyond EOD, truncated [ 956.672684][T19117] loop3: p4 size 3657465856 extends beyond EOD, truncated 13:23:21 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a0a0000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:23:21 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x43, 0x43408) 13:23:21 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}], 0x3, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:23:21 executing program 3: syz_read_part_table(0x4000, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 958.942320][T19169] loop4: detected capacity change from 0 to 264192 [ 958.944671][T19170] loop3: detected capacity change from 0 to 44288 [ 958.965624][T19169] loop4: p1 p2 p3 p4 [ 958.969908][T19169] loop4: p1 size 11292159 extends beyond EOD, truncated [ 958.979488][T19169] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 958.996038][T19170] loop3: p1 p2 p3 p4 [ 959.000768][T19170] loop3: p1 size 11292159 extends beyond EOD, truncated [ 959.026266][T19170] loop3: p4 size 3657465856 extends beyond EOD, truncated 13:23:21 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}], 0x3, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:23:21 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a0b0000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:23:21 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x44, 0x43408) 13:23:21 executing program 3: syz_read_part_table(0x4415, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:23:21 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0xf1, 0x43408) [ 959.219001][T19215] loop4: detected capacity change from 0 to 264192 [ 959.225653][T19212] loop3: detected capacity change from 0 to 44288 [ 959.255663][T19212] loop3: p1 p2 p3 p4 [ 959.262321][T19215] loop4: p1 p2 p3 p4 [ 959.269140][T19212] loop3: p1 size 11292159 extends beyond EOD, truncated [ 959.270459][T19215] loop4: p1 size 11292159 extends beyond EOD, truncated [ 959.280375][T19212] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 959.308720][T19215] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 959.349809][T19212] loop3: detected capacity change from 0 to 44288 13:23:21 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}], 0x3, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:23:21 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x204, 0x43408) 13:23:21 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a0c0000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:23:21 executing program 3: syz_read_part_table(0x4800, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:23:21 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x300, 0x43408) [ 959.503695][T19264] loop4: detected capacity change from 0 to 264192 [ 959.506081][T19266] loop3: detected capacity change from 0 to 44288 [ 959.525854][T19264] loop4: p1 p2 p3 p4 [ 959.530191][T19264] loop4: p1 size 11292159 extends beyond EOD, truncated [ 959.539337][T19264] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 959.576263][T19266] loop3: p1 p2 p3 p4 [ 959.591270][T19266] loop3: p1 size 11292159 extends beyond EOD, truncated [ 959.610830][T19266] loop3: p4 size 3657465856 extends beyond EOD, truncated 13:23:24 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {0x0}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:23:24 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a0d0000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 961.941412][T19308] loop4: detected capacity change from 0 to 264192 [ 961.975651][T19308] loop4: p1 p2 p3 p4 [ 961.979838][T19308] loop4: p1 size 11292159 extends beyond EOD, truncated [ 961.988850][T19308] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:23:24 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {0x0}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:23:24 executing program 3: syz_read_part_table(0x4b15, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:23:24 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x402, 0x43408) 13:23:24 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {0x0}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:23:24 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a0e0000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 962.239647][T19340] loop3: detected capacity change from 0 to 44288 [ 962.246653][T19344] loop4: detected capacity change from 0 to 264192 [ 962.265769][T19340] loop3: p1 p2 p3 p4 [ 962.271467][T19340] loop3: p1 size 11292159 extends beyond EOD, truncated [ 962.280975][T19340] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 962.290947][T19344] loop4: p1 p2 p3 p4 [ 962.301376][T19344] loop4: p1 size 11292159 extends beyond EOD, truncated [ 962.312044][T19344] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 962.346695][ T1036] loop4: p1 p2 p3 p4 [ 962.350747][ T1036] loop4: p1 size 11292159 extends beyond EOD, truncated [ 962.362143][ T1036] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:23:24 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {0x0}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:23:24 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x406, 0x43408) 13:23:24 executing program 3: syz_read_part_table(0x4c00, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:23:24 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a0f0000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:23:24 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x408, 0x43408) [ 962.506354][T19396] loop4: detected capacity change from 0 to 264192 13:23:24 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x500, 0x43408) [ 962.555696][T19396] loop4: p1 p2 p3 p4 [ 962.560982][T19401] loop3: detected capacity change from 0 to 44288 [ 962.570660][T19396] loop4: p1 size 11292159 extends beyond EOD, truncated [ 962.580176][T19396] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 962.626161][T19401] loop3: p1 p2 p3 p4 13:23:24 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a100000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 962.646873][T19401] loop3: p1 size 11292159 extends beyond EOD, truncated [ 962.672774][T19401] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 962.731766][T19434] loop4: detected capacity change from 0 to 264192 [ 962.763758][T19434] loop4: p1 p2 p3 p4 [ 962.769156][T19434] loop4: p1 size 11292159 extends beyond EOD, truncated [ 962.785607][T19434] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 962.834784][T19434] loop4: detected capacity change from 0 to 264192 [ 962.886135][T19434] loop4: p1 p2 p3 p4 [ 962.890883][T19434] loop4: p1 size 11292159 extends beyond EOD, truncated [ 962.901817][T19434] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 962.997470][T19433] print_req_error: 53 callbacks suppressed [ 962.997484][T19433] blk_update_request: I/O error, dev loop4, sector 233 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 962.997499][T19400] blk_update_request: I/O error, dev loop4, sector 264064 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 963.003727][ T616] blk_update_request: I/O error, dev loop4, sector 233 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 963.020475][T19419] blk_update_request: I/O error, dev loop4, sector 264064 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 963.027174][ T616] buffer_io_error: 35 callbacks suppressed [ 963.027188][ T616] Buffer I/O error on dev loop4p3, logical block 1, async page read [ 963.038413][T19419] Buffer I/O error on dev loop4p1, logical block 33008, async page read [ 963.053254][T19432] blk_update_request: I/O error, dev loop4, sector 264064 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 963.055577][T19419] blk_update_request: I/O error, dev loop4, sector 8 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 963.063594][ T616] blk_update_request: I/O error, dev loop4, sector 264064 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 963.076974][ T1796] __loop_clr_fd: partition scan of loop4 failed (rc=-16) [ 963.083529][ T616] Buffer I/O error on dev loop4p4, logical block 33008, async page read [ 963.124866][ T616] blk_update_request: I/O error, dev loop4, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 963.136051][ T616] Buffer I/O error on dev loop4p2, logical block 8, async page read [ 963.144032][ T616] blk_update_request: I/O error, dev loop4, sector 9 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 963.154897][ T616] Buffer I/O error on dev loop4p2, logical block 9, async page read [ 963.162917][ T616] blk_update_request: I/O error, dev loop4, sector 10 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 963.174087][ T616] Buffer I/O error on dev loop4p2, logical block 10, async page read [ 963.182206][ T616] Buffer I/O error on dev loop4p2, logical block 11, async page read [ 963.190355][ T616] Buffer I/O error on dev loop4p2, logical block 12, async page read [ 963.198492][ T616] Buffer I/O error on dev loop4p2, logical block 13, async page read [ 963.206635][ T616] Buffer I/O error on dev loop4p2, logical block 14, async page read 13:23:27 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {0x0}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:23:27 executing program 3: syz_read_part_table(0x5400, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:23:27 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x600, 0x43408) 13:23:27 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a110000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:23:27 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {0x0}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) [ 965.259587][T19477] loop4: detected capacity change from 0 to 264192 [ 965.271813][T19481] loop3: detected capacity change from 0 to 44288 [ 965.297539][T19477] loop4: p1 p2 p3 p4 [ 965.304661][T19477] loop4: p1 size 11292159 extends beyond EOD, truncated [ 965.313213][T19477] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 965.325870][T19481] loop3: p1 p2 p3 p4 [ 965.332442][T19481] loop3: p1 size 11292159 extends beyond EOD, truncated [ 965.350069][T19481] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 965.377322][T19477] loop4: detected capacity change from 0 to 264192 [ 965.415674][ T1036] loop4: p1 p2 p3 p4 [ 965.419896][ T1036] loop4: p1 size 11292159 extends beyond EOD, truncated [ 965.424858][T19481] loop3: detected capacity change from 0 to 44288 [ 965.429643][ T1036] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 965.442417][T19477] loop4: p1 p2 p3 p4 [ 965.447019][T19477] loop4: p1 size 11292159 extends beyond EOD, truncated [ 965.455654][T19477] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:23:27 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {0x0}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:23:27 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x604, 0x43408) 13:23:27 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a120000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 965.474565][T19481] loop3: p1 p2 p3 p4 [ 965.478995][T19481] loop3: p1 size 11292159 extends beyond EOD, truncated [ 965.489635][T19481] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 965.502947][ T1036] loop3: p1 p2 p3 p4 [ 965.518581][ T1036] loop3: p1 size 11292159 extends beyond EOD, truncated 13:23:27 executing program 3: syz_read_part_table(0x5500, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:23:27 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x700, 0x43408) [ 965.527374][ T1036] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 965.549360][T19559] loop4: detected capacity change from 0 to 264192 [ 965.595614][T19559] loop4: p1 p2 p3 p4 [ 965.599889][T19559] loop4: p1 size 11292159 extends beyond EOD, truncated [ 965.608543][T19559] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 965.624506][ T1036] loop4: p1 p2 p3 p4 [ 965.629091][T19581] loop3: detected capacity change from 0 to 44288 [ 965.629104][ T1036] loop4: p1 size 11292159 extends beyond EOD, truncated 13:23:27 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x804, 0x43408) [ 965.645387][ T1036] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 965.665664][T19581] loop3: p1 p2 p3 p4 [ 965.669973][T19581] loop3: p1 size 11292159 extends beyond EOD, truncated 13:23:27 executing program 3: syz_read_part_table(0x5615, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 965.691069][T19559] loop4: detected capacity change from 0 to 264192 [ 965.691076][T19581] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 965.725571][T19559] loop4: p1 p2 p3 p4 [ 965.735591][T19559] loop4: p1 size 11292159 extends beyond EOD, truncated [ 965.750028][T19559] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 965.802125][ T1036] loop4: p1 p2 p3 p4 [ 965.806484][ T1036] loop4: p1 size 11292159 extends beyond EOD, truncated [ 965.812620][T19630] loop3: detected capacity change from 0 to 44288 [ 965.821279][ T1036] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 965.845611][T19630] loop3: p1 p2 p3 p4 [ 965.849758][T19630] loop3: p1 size 11292159 extends beyond EOD, truncated [ 965.859428][T19630] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 965.870137][ T1036] loop3: p1 p2 p3 p4 [ 965.874254][ T1036] loop3: p1 size 11292159 extends beyond EOD, truncated [ 965.883841][ T1036] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 965.937171][T19630] loop3: detected capacity change from 0 to 44288 [ 965.992189][T19630] loop3: p1 p2 p3 p4 [ 965.996401][T19630] loop3: p1 size 11292159 extends beyond EOD, truncated [ 966.008496][T19630] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 966.036706][ T1036] loop3: p1 p2 p3 p4 [ 966.043334][ T1036] loop3: p1 size 11292159 extends beyond EOD, truncated [ 966.051960][ T1036] loop3: p4 size 3657465856 extends beyond EOD, truncated 13:23:30 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x900, 0x43408) 13:23:30 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a130000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:23:30 executing program 3: syz_read_part_table(0x6000, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:23:30 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {0x0}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:23:30 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) [ 968.287478][T19699] loop3: detected capacity change from 0 to 44288 [ 968.299016][T19702] loop4: detected capacity change from 0 to 264192 [ 968.325931][T19699] loop3: p1 p2 p3 p4 [ 968.330051][T19699] loop3: p1 size 11292159 extends beyond EOD, truncated [ 968.339021][T19702] loop4: p1 p2 p3 p4 [ 968.343226][T19702] loop4: p1 size 11292159 extends beyond EOD, truncated [ 968.347109][T19699] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 968.365159][T19702] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 968.445056][T19699] loop3: detected capacity change from 0 to 44288 13:23:30 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {0x0}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:23:30 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0xa00, 0x43408) 13:23:30 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a240000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:23:30 executing program 3: syz_read_part_table(0x6119, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:23:30 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0xb00, 0x43408) [ 968.562855][T19749] loop3: detected capacity change from 0 to 44288 [ 968.571353][T19753] loop4: detected capacity change from 0 to 256257 [ 968.615516][T19749] loop3: p1 p2 p3 p4 [ 968.619759][T19749] loop3: p1 size 11292159 extends beyond EOD, truncated [ 968.631085][T19749] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 968.638404][T19753] loop4: p1 p2 p3 p4 [ 968.643011][T19753] loop4: p1 size 11292159 extends beyond EOD, truncated [ 968.652634][T19753] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:23:30 executing program 3: syz_read_part_table(0x6300, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 968.679917][ T1036] loop3: p1 p2 p3 p4 [ 968.686749][ T1036] loop3: p1 size 11292159 extends beyond EOD, truncated [ 968.695166][ T1036] loop3: p4 size 3657465856 extends beyond EOD, truncated 13:23:30 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0xc00, 0x43408) [ 968.722644][T19753] loop4: detected capacity change from 0 to 256257 [ 968.743241][T19794] loop3: detected capacity change from 0 to 44288 [ 968.790293][T19753] loop4: p1 p2 p3 p4 [ 968.793739][T19794] loop3: p1 p2 p3 p4 [ 968.799900][T19753] loop4: p1 size 11292159 extends beyond EOD, truncated [ 968.801340][T19794] loop3: p1 size 11292159 extends beyond EOD, truncated [ 968.829105][T19794] loop3: p4 size 3657465856 extends beyond EOD, truncated 13:23:31 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a250000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:23:31 executing program 3: syz_read_part_table(0x6800, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 968.831689][T19753] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:23:31 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0xd00, 0x43408) [ 968.937269][T19737] print_req_error: 35 callbacks suppressed [ 968.937290][T19737] blk_update_request: I/O error, dev loop4, sector 8 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 968.958590][T19707] blk_update_request: I/O error, dev loop4, sector 256128 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 968.976988][T19718] blk_update_request: I/O error, dev loop4, sector 233 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 968.990488][T19736] blk_update_request: I/O error, dev loop4, sector 256128 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 968.991625][ T881] blk_update_request: I/O error, dev loop4, sector 256128 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 969.003319][ T1796] __loop_clr_fd: partition scan of loop4 failed (rc=-16) [ 969.013981][ T881] buffer_io_error: 23 callbacks suppressed [ 969.013995][ T881] Buffer I/O error on dev loop4p4, logical block 256128, async page read [ 969.026419][T19826] loop3: detected capacity change from 0 to 44288 [ 969.028016][ T881] blk_update_request: I/O error, dev loop4, sector 256129 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 969.055317][ T881] Buffer I/O error on dev loop4p4, logical block 256129, async page read [ 969.064477][ T881] blk_update_request: I/O error, dev loop4, sector 256130 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 969.076012][ T881] Buffer I/O error on dev loop4p4, logical block 256130, async page read [ 969.086690][ T881] blk_update_request: I/O error, dev loop4, sector 256131 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 969.090658][T19838] loop4: detected capacity change from 0 to 248065 [ 969.098711][ T881] Buffer I/O error on dev loop4p4, logical block 256131, async page read [ 969.098743][ T881] blk_update_request: I/O error, dev loop4, sector 256132 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 969.128836][ T881] Buffer I/O error on dev loop4p4, logical block 256132, async page read [ 969.172395][T19826] loop3: p1 p2 p3 p4 [ 969.179539][T19838] loop_reread_partitions: partition scan of loop4 () failed (rc=-16) [ 969.183002][T19826] loop3: p1 size 11292159 extends beyond EOD, truncated [ 969.203335][T19826] loop3: p4 size 3657465856 extends beyond EOD, truncated 13:23:33 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:23:33 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0xe00, 0x43408) 13:23:33 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:23:33 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a2e0000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:23:33 executing program 3: syz_read_part_table(0x6803, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:23:33 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:23:33 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0xf00, 0x43408) [ 971.582479][T19882] loop3: detected capacity change from 0 to 44288 [ 971.585004][T19883] loop4: detected capacity change from 0 to 174337 [ 971.605836][T19882] loop3: p1 p2 p3 p4 [ 971.610759][T19882] loop3: p1 size 11292159 extends beyond EOD, truncated [ 971.619638][T19883] loop4: p1 p2 p3 p4 [ 971.623882][T19883] loop4: p1 size 11292159 extends beyond EOD, truncated 13:23:33 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x1100, 0x43408) [ 971.629400][T19882] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 971.634288][T19883] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:23:33 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a480000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:23:33 executing program 3: syz_read_part_table(0x6c00, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 971.745610][T19924] loop4: detected capacity change from 0 to 264192 [ 971.752979][T19922] loop3: detected capacity change from 0 to 44288 13:23:34 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x1200, 0x43408) [ 971.793796][T19924] loop4: p1 p2 p3 p4 [ 971.800059][T19922] loop3: p1 p2 p3 p4 [ 971.801111][T19924] loop4: p1 size 11292159 extends beyond EOD, truncated [ 971.804744][T19922] loop3: p1 size 11292159 extends beyond EOD, truncated [ 971.825583][T19924] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 971.827075][T19922] loop3: p4 size 3657465856 extends beyond EOD, truncated 13:23:34 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a4c0000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 971.957765][T19946] loop4: detected capacity change from 0 to 264192 [ 971.996999][T19946] loop4: p1 p2 p3 p4 [ 972.015124][T19946] loop4: p1 size 11292159 extends beyond EOD, truncated [ 972.023860][T19946] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:23:36 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:23:36 executing program 3: syz_read_part_table(0x6e15, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 974.320361][T19994] loop3: detected capacity change from 0 to 44288 [ 974.355807][T19994] loop3: p1 p2 p3 p4 [ 974.359936][T19994] loop3: p1 size 11292159 extends beyond EOD, truncated [ 974.369344][T19994] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 974.442159][T19994] loop3: detected capacity change from 0 to 44288 [ 974.479972][T19994] loop3: p1 p2 p3 p4 [ 974.487281][T19994] loop3: p1 size 11292159 extends beyond EOD, truncated [ 974.496001][T19994] loop3: p4 size 3657465856 extends beyond EOD, truncated 13:23:36 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:23:36 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x1300, 0x43408) 13:23:36 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a540000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:23:36 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:23:36 executing program 3: syz_read_part_table(0x7200, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 974.557091][ T1036] loop3: p1 p2 p3 p4 [ 974.565963][ T1036] loop3: p1 size 11292159 extends beyond EOD, truncated [ 974.586708][ T1036] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 974.597167][T20034] loop4: detected capacity change from 0 to 264192 [ 974.632178][T20034] loop4: p1 p2 p3 p4 [ 974.638464][T20039] loop3: detected capacity change from 0 to 44288 [ 974.648534][T20034] loop4: p1 size 11292159 extends beyond EOD, truncated [ 974.662305][T20034] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:23:36 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x1400, 0x43408) [ 974.683331][T20039] loop3: p1 p2 p3 p4 [ 974.689679][T20039] loop3: p1 size 11292159 extends beyond EOD, truncated [ 974.699798][T20039] loop3: p4 size 3657465856 extends beyond EOD, truncated 13:23:36 executing program 3: syz_read_part_table(0x7400, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:23:36 executing program 3: syz_read_part_table(0x7a00, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 974.751692][T20034] loop4: detected capacity change from 0 to 264192 13:23:37 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x1500, 0x43408) 13:23:37 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a550000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 974.887515][T20089] loop3: detected capacity change from 0 to 44288 [ 974.933995][T20089] loop3: p1 p2 p3 p4 [ 974.936708][T20108] loop4: detected capacity change from 0 to 264192 [ 974.938941][T20089] loop3: p1 size 11292159 extends beyond EOD, truncated [ 974.956314][T20089] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 974.995688][T20108] loop4: p1 p2 p3 p4 [ 975.004832][T20108] loop4: p1 size 11292159 extends beyond EOD, truncated [ 975.015363][T20108] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 975.087658][T19997] blk_update_request: I/O error, dev loop4, sector 264064 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 975.102524][T20011] blk_update_request: I/O error, dev loop4, sector 8 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 975.127326][T20010] blk_update_request: I/O error, dev loop4, sector 233 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 975.133465][ T616] blk_update_request: I/O error, dev loop4, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 975.141489][T20067] blk_update_request: I/O error, dev loop4, sector 264064 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 975.151726][ T616] Buffer I/O error on dev loop4p2, logical block 8, async page read [ 975.166327][T20108] __loop_clr_fd: partition scan of loop4 failed (rc=-16) [ 975.173619][ T616] blk_update_request: I/O error, dev loop4, sector 9 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 975.189477][T20108] loop4: detected capacity change from 0 to 264192 [ 975.191813][ T616] Buffer I/O error on dev loop4p2, logical block 9, async page read [ 975.191850][ T616] blk_update_request: I/O error, dev loop4, sector 264064 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 975.219808][ T616] Buffer I/O error on dev loop4p1, logical block 33008, async page read [ 975.256469][T20108] loop_reread_partitions: partition scan of loop4 () failed (rc=-16) 13:23:39 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:23:39 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x1600, 0x43408) 13:23:39 executing program 3: syz_read_part_table(0x7f15, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:23:39 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a600000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:23:39 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:23:39 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b31", 0x64}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:23:39 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x1700, 0x43408) [ 977.614514][T20170] loop3: detected capacity change from 0 to 44288 [ 977.624814][T20171] loop4: detected capacity change from 0 to 264192 [ 977.645967][T20170] loop3: p1 p2 p3 p4 [ 977.651242][T20170] loop3: p1 size 11292159 extends beyond EOD, truncated 13:23:39 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x1800, 0x43408) [ 977.660629][T20171] loop4: p1 p2 p3 p4 [ 977.668452][T20171] loop4: p1 size 11292159 extends beyond EOD, truncated [ 977.669226][T20170] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 977.689986][T20171] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 977.770443][T20175] blk_update_request: I/O error, dev loop4, sector 264064 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 977.771683][T20202] blk_update_request: I/O error, dev loop4, sector 233 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 977.796542][T20204] blk_update_request: I/O error, dev loop4, sector 264064 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 977.800126][ T616] Buffer I/O error on dev loop4p1, logical block 33008, async page read 13:23:39 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x1900, 0x43408) [ 977.814642][T20171] __loop_clr_fd: partition scan of loop4 failed (rc=-16) [ 977.818080][ T616] Buffer I/O error on dev loop4p2, logical block 8, async page read [ 977.834262][ T616] Buffer I/O error on dev loop4p2, logical block 9, async page read [ 977.843233][ T616] Buffer I/O error on dev loop4p2, logical block 10, async page read [ 977.853014][ T616] Buffer I/O error on dev loop4p2, logical block 11, async page read 13:23:40 executing program 3: syz_read_part_table(0x8004, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 977.862274][ T616] Buffer I/O error on dev loop4p2, logical block 12, async page read [ 977.871586][ T616] Buffer I/O error on dev loop4p2, logical block 13, async page read [ 977.892856][T20171] loop4: detected capacity change from 0 to 264192 13:23:40 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x1a00, 0x43408) [ 977.926179][T20222] loop3: detected capacity change from 0 to 44288 [ 977.988449][T20171] loop4: p1 p2 p3 p4 [ 977.993067][T20171] loop4: p1 size 11292159 extends beyond EOD, truncated [ 978.000765][T20222] loop3: p1 p2 p3 p4 [ 978.005078][T20222] loop3: p1 size 11292159 extends beyond EOD, truncated [ 978.024313][T20222] loop3: p4 size 3657465856 extends beyond EOD, truncated 13:23:40 executing program 3: syz_read_part_table(0x8015, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 978.036171][T20171] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 978.100074][ T1036] loop4: p1 p2 p3 p4 [ 978.104639][ T1036] loop4: p1 size 11292159 extends beyond EOD, truncated [ 978.105495][T20262] loop3: detected capacity change from 0 to 44288 [ 978.114277][ T1036] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 978.145552][T20262] loop3: p1 p2 p3 p4 [ 978.150459][T20262] loop3: p1 size 11292159 extends beyond EOD, truncated [ 978.159829][T20262] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 978.219078][T20262] loop3: detected capacity change from 0 to 44288 [ 978.284706][T20262] loop3: p1 p2 p3 p4 [ 978.289617][T20262] loop3: p1 size 11292159 extends beyond EOD, truncated [ 978.301518][T20262] loop3: p4 size 3657465856 extends beyond EOD, truncated 13:23:42 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dc", 0x4c}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:23:42 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a630000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:23:42 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x1b00, 0x43408) 13:23:42 executing program 3: syz_read_part_table(0x9000, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 980.356188][T20305] loop3: detected capacity change from 0 to 44288 [ 980.361763][T20304] loop4: detected capacity change from 0 to 264192 [ 980.396086][T20304] loop4: p1 p2 p3 p4 [ 980.400430][T20305] loop3: p1 p2 p3 p4 [ 980.400485][T20304] loop4: p1 size 11292159 extends beyond EOD, truncated [ 980.405397][T20305] loop3: p1 size 11292159 extends beyond EOD, truncated [ 980.416328][T20304] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 980.432169][T20305] loop3: p4 size 3657465856 extends beyond EOD, truncated 13:23:42 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b", 0x63}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:23:42 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b31", 0x64}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:23:42 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x1c00, 0x43408) 13:23:42 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a680000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:23:42 executing program 3: syz_read_part_table(0x9015, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 980.645733][T20363] loop4: detected capacity change from 0 to 227585 [ 980.659511][T20365] loop3: detected capacity change from 0 to 44288 [ 980.685629][T20363] loop4: p1 p2 p3 p4 13:23:42 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x1d00, 0x43408) [ 980.689714][T20363] loop4: p1 size 11292159 extends beyond EOD, truncated [ 980.701367][T20363] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 980.712161][T20365] loop3: p1 p2 p3 p4 [ 980.717150][T20365] loop3: p1 size 11292159 extends beyond EOD, truncated [ 980.730742][T20365] loop3: p4 size 3657465856 extends beyond EOD, truncated 13:23:42 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x1e00, 0x43408) 13:23:43 executing program 3: syz_read_part_table(0x9815, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 980.830229][T20363] loop4: detected capacity change from 0 to 227585 [ 980.883393][ T1031] ================================================================== [ 980.891531][ T1031] BUG: KCSAN: data-race in ns_capable / proc_cgroup_show [ 980.898559][ T1031] [ 980.901005][ T1031] write to 0xffff8881369d50ac of 4 bytes by task 20403 on cpu 1: [ 980.908815][ T1031] ns_capable+0x86/0xb0 [ 980.912952][ T1031] netlink_sendmsg+0x3ba/0x7c0 [ 980.917696][ T1031] ____sys_sendmsg+0x360/0x4d0 [ 980.922452][ T1031] __sys_sendmsg+0x1ed/0x270 [ 980.927029][ T1031] __x64_sys_sendmsg+0x42/0x50 [ 980.931767][ T1031] do_syscall_64+0x4a/0x90 [ 980.936192][ T1031] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 980.942980][ T1031] [ 980.945290][ T1031] read to 0xffff8881369d50ac of 4 bytes by task 1031 on cpu 0: [ 980.952826][ T1031] proc_cgroup_show+0x640/0x930 [ 980.957678][ T1031] proc_single_show+0x84/0x100 [ 980.962427][ T1031] seq_read_iter+0x2ef/0x910 [ 980.967058][ T1031] seq_read+0x221/0x260 [ 980.971196][ T1031] vfs_read+0x154/0x5d0 [ 980.975371][ T1031] ksys_read+0xce/0x180 [ 980.979518][ T1031] __x64_sys_read+0x3e/0x50 [ 980.984186][ T1031] do_syscall_64+0x4a/0x90 [ 980.988595][ T1031] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 980.994551][ T1031] [ 980.996851][ T1031] Reported by Kernel Concurrency Sanitizer on: [ 981.002985][ T1031] CPU: 0 PID: 1031 Comm: systemd-journal Not tainted 5.13.0-rc1-syzkaller #0 [ 981.011731][ T1031] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 981.021764][ T1031] ================================================================== [ 981.044587][T20363] loop4: p1 p2 p3 p4 [ 981.044623][T20417] loop3: detected capacity change from 0 to 44288 [ 981.050999][T20363] loop4: p1 size 11292159 extends beyond EOD, truncated [ 981.064603][T20363] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 981.078322][T20417] loop3: p1 p2 p3 p4 [ 981.082743][T20417] loop3: p1 size 11292159 extends beyond EOD, truncated [ 981.091257][T20417] loop3: p4 size 3657465856 extends beyond EOD, truncated 13:23:45 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dc", 0x4c}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:23:45 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x1f00, 0x43408) 13:23:45 executing program 3: syz_read_part_table(0x9e15, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:23:45 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a6c0000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 983.382510][T20450] loop4: detected capacity change from 0 to 194817 [ 983.390316][T20448] loop3: detected capacity change from 0 to 44288 [ 983.415541][T20450] loop4: p1 p2 p3 p4 [ 983.419610][T20450] loop4: p1 size 11292159 extends beyond EOD, truncated [ 983.429286][T20448] loop3: p1 p2 p3 p4 [ 983.434373][T20450] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 983.435485][T20448] loop3: p1 size 11292159 extends beyond EOD, truncated [ 983.467781][T20448] loop3: p4 size 3657465856 extends beyond EOD, truncated 13:23:45 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b", 0x63}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:23:45 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b31", 0x64}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:23:45 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x2000, 0x43408) 13:23:45 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a740000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:23:45 executing program 3: syz_read_part_table(0x9f15, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 983.672289][T20506] loop3: detected capacity change from 0 to 44288 [ 983.675526][T20507] loop4: detected capacity change from 0 to 129281 [ 983.707551][T20506] loop3: p1 p2 p3 p4 [ 983.711883][T20506] loop3: p1 size 11292159 extends beyond EOD, truncated 13:23:45 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x2100, 0x43408) 13:23:45 executing program 3: syz_read_part_table(0xa015, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 983.721766][T20506] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 983.730230][T20507] loop4: p1 p2 p3 p4 [ 983.769318][T20507] loop4: p1 size 11292159 extends beyond EOD, truncated [ 983.780427][T20507] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:23:46 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x2200, 0x43408) [ 983.817616][T20531] loop3: detected capacity change from 0 to 44288 [ 983.867976][T20512] print_req_error: 12 callbacks suppressed [ 983.867992][T20512] blk_update_request: I/O error, dev loop4, sector 129152 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 983.868690][T20541] blk_update_request: I/O error, dev loop4, sector 233 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 983.878800][ T616] blk_update_request: I/O error, dev loop4, sector 129152 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 983.891325][T20523] blk_update_request: I/O error, dev loop4, sector 8 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 983.897777][ T616] buffer_io_error: 4 callbacks suppressed [ 983.897788][ T616] Buffer I/O error on dev loop4p1, logical block 129152, async page read [ 983.914523][T20542] blk_update_request: I/O error, dev loop4, sector 129152 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 983.933297][T20531] loop3: p1 p2 p3 p4 [ 983.934882][T20507] __loop_clr_fd: partition scan of loop4 failed (rc=-16) [ 983.947945][ T616] blk_update_request: I/O error, dev loop4, sector 129153 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 983.968639][ T616] Buffer I/O error on dev loop4p1, logical block 129153, async page read [ 983.972571][T20531] loop3: p1 size 11292159 extends beyond EOD, truncated [ 983.982289][ T616] blk_update_request: I/O error, dev loop4, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 983.995617][ T616] Buffer I/O error on dev loop4p2, logical block 8, async page read [ 984.005167][ T616] blk_update_request: I/O error, dev loop4, sector 129154 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 984.007054][T20531] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 984.016598][ T616] Buffer I/O error on dev loop4p1, logical block 129154, async page read [ 984.016628][ T616] blk_update_request: I/O error, dev loop4, sector 129154 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 984.026875][T20507] loop4: detected capacity change from 0 to 129281 [ 984.032168][ T616] Buffer I/O error on dev loop4p4, logical block 129154, async page read [ 984.096200][T20531] loop3: detected capacity change from 0 to 44288 [ 984.125695][T20531] loop3: p1 p2 p3 p4 [ 984.130244][T20531] loop3: p1 size 11292159 extends beyond EOD, truncated [ 984.138584][T20531] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 984.208311][T20512] blk_update_request: I/O error, dev loop4, sector 129152 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 984.208458][ T881] Buffer I/O error on dev loop4p2, logical block 8, async page read [ 984.224435][T20539] Buffer I/O error on dev loop4p3, logical block 1, async page read [ 984.228796][ T881] Buffer I/O error on dev loop4p2, logical block 9, async page read [ 984.244749][ T881] Buffer I/O error on dev loop4p1, logical block 129152, async page read [ 984.253340][ T881] Buffer I/O error on dev loop4p4, logical block 129152, async page read 13:23:48 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a7a0000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:23:48 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x2300, 0x43408) 13:23:48 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dc", 0x4c}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:23:48 executing program 3: syz_read_part_table(0xacf8, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 986.412238][T20595] loop4: detected capacity change from 0 to 80129 [ 986.423398][T20603] loop3: detected capacity change from 0 to 44288 [ 986.456828][T20603] loop3: p1 p2 p3 p4 [ 986.461533][T20603] loop3: p1 size 11292159 extends beyond EOD, truncated [ 986.470619][T20595] loop4: p1 p2 p3 p4 [ 986.474840][T20595] loop4: p1 size 11292159 extends beyond EOD, truncated [ 986.483378][T20603] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 986.494978][T20595] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 986.584129][T20595] loop4: detected capacity change from 0 to 80129 13:23:48 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b", 0x63}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:23:48 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc", 0x96}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:23:48 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x2400, 0x43408) 13:23:48 executing program 3: syz_read_part_table(0xacff, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 986.632316][T20595] loop4: p1 p2 p3 p4 [ 986.643983][T20595] loop4: p1 size 11292159 extends beyond EOD, truncated [ 986.663226][T20595] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:23:48 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a900000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 986.697695][T20658] loop3: detected capacity change from 0 to 44288 [ 986.707998][ T1036] loop4: p1 p2 p3 p4 [ 986.712141][ T1036] loop4: p1 size 11292159 extends beyond EOD, truncated [ 986.721769][ T1036] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 986.735452][T20658] loop3: p1 p2 p3 p4 [ 986.739714][T20658] loop3: p1 size 11292159 extends beyond EOD, truncated 13:23:48 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x2500, 0x43408) [ 986.749429][T20658] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 986.777595][T20673] loop4: detected capacity change from 0 to 264192 [ 986.840465][T20673] loop4: p1 p2 p3 p4 [ 986.844657][T20673] loop4: p1 size 11292159 extends beyond EOD, truncated [ 986.849440][T20658] loop3: detected capacity change from 0 to 44288 [ 986.853930][T20673] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 986.872652][ T1036] loop4: p1 p2 p3 p4 [ 986.877170][ T1036] loop4: p1 size 11292159 extends beyond EOD, truncated 13:23:49 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x2600, 0x43408) 13:23:49 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x2700, 0x43408) [ 986.886352][ T1036] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 986.895507][T20658] loop3: p1 p2 p3 p4 [ 986.899934][T20658] loop3: p1 size 11292159 extends beyond EOD, truncated [ 986.909417][T20658] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 986.930839][T20673] loop4: detected capacity change from 0 to 264192 13:23:49 executing program 3: syz_read_part_table(0xad00, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:23:49 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x2800, 0x43408) [ 986.977821][ T1036] loop3: p1 p2 p3 p4 [ 986.982206][ T1036] loop3: p1 size 11292159 extends beyond EOD, truncated [ 986.985510][T20673] loop4: p1 p2 p3 p4 [ 986.993638][T20673] loop4: p1 size 11292159 extends beyond EOD, truncated [ 987.002379][T20673] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 987.010646][ T1036] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 987.061139][T20748] loop3: detected capacity change from 0 to 44288 [ 987.106133][T20748] loop3: p1 p2 p3 p4 [ 987.110313][T20748] loop3: p1 size 11292159 extends beyond EOD, truncated [ 987.119723][T20748] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 987.129135][ T1036] loop3: p1 p2 p3 p4 [ 987.133254][ T1036] loop3: p1 size 11292159 extends beyond EOD, truncated [ 987.141507][ T1036] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 987.177066][T20748] loop3: detected capacity change from 0 to 44288 [ 987.227000][T20748] loop3: p1 p2 p3 p4 [ 987.231059][T20748] loop3: p1 size 11292159 extends beyond EOD, truncated [ 987.249976][T20748] loop3: p4 size 3657465856 extends beyond EOD, truncated [ 987.297040][ T1036] loop3: p1 p2 p3 p4 [ 987.301336][ T1036] loop3: p1 size 11292159 extends beyond EOD, truncated [ 987.310167][ T1036] loop3: p4 size 3657465856 extends beyond EOD, truncated 13:23:51 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb80", 0x72}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:23:51 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0aad0000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 989.433148][T20819] loop4: detected capacity change from 0 to 190721 [ 989.465635][T20819] loop4: p1 p2 p3 p4 [ 989.469933][T20819] loop4: p1 size 11292159 extends beyond EOD, truncated [ 989.478310][T20819] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:23:51 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x2900, 0x43408) 13:23:51 executing program 3: syz_read_part_table(0xb403, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:23:51 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32f", 0x95}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:23:51 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000001c0)="66530700ae897094e71b0fa1f107000000364603812c66538d750f6ee1d0014e3f0500bb9fb045f2d1c190926c2fef2308004d04003ea1315b9532f3af2f5e153eb78020fa00eb298802d8dcbf11169c111c145129d6f9f6c1f3b18d6d352507f7018b311fef2c560001000010000000fb8019128e7e4d939955f8ac296203784000400f573fbf0000fdffff3c2cd56dbeb4fba32fdc", 0x96}], 0x4, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1e) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) 13:23:51 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0ac00000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) 13:23:51 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x2a00, 0x43408) [ 989.721780][T20847] loop4: detected capacity change from 0 to 44288 [ 989.727351][T20852] loop3: detected capacity change from 0 to 44288 13:23:52 executing program 4: syz_read_part_table(0x0, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a040200ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 989.777574][T20852] loop3: p1 p2 p3 p4 [ 989.781795][T20852] loop3: p1 size 11292159 extends beyond EOD, truncated [ 989.789029][T20847] loop4: p1 p2 p3 p4 [ 989.793168][T20847] loop4: p1 size 11292159 extends beyond EOD, truncated [ 989.804037][T20847] loop4: p4 size 3657465856 extends beyond EOD, truncated [ 989.807222][T20852] loop3: p4 size 3657465856 extends beyond EOD, truncated 13:23:52 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x2b00, 0x43408) [ 989.941259][T20852] loop3: detected capacity change from 0 to 44288 [ 989.952521][T20889] loop4: detected capacity change from 0 to 264192 [ 989.965658][T20852] loop3: p1 p2 p3 p4 [ 989.969987][T20852] loop3: p1 size 11292159 extends beyond EOD, truncated [ 989.978556][T20852] loop3: p4 size 3657465856 extends beyond EOD, truncated 13:23:52 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400009) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'io'}]}, 0x4) write$cgroup_int(r2, &(0x7f0000000200)=0x2c00, 0x43408) [ 989.996268][T20889] loop4: p1 p2 p3 p4 [ 990.000404][T20889] loop4: p1 size 11292159 extends beyond EOD, truncated [ 990.008634][T20889] loop4: p4 size 3657465856 extends beyond EOD, truncated 13:23:52 executing program 3: syz_read_part_table(0xc000, 0xd, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0140a000000ff4dac000000000063070000000000000000024000ffffff82000000e10000008877127200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 990.094851][T20928] loop3: detected capacity change from 0 to 44288 [ 990.125598][T20928] loop3: p1 p2 p3 p4 [ 990.129937][T20928] loop3: p1 size 11292159 extends beyond EOD, truncated [ 990.181002][T20928] loop3: p4 size 3657465856 extends beyond EOD, truncated