er_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3a3, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) [ 1279.445613][T19169] alloc_pages+0x382/0x3d0 [ 1279.450033][T19169] folio_alloc+0x1a/0x20 [ 1279.454272][T19169] filemap_alloc_folio+0x53/0xf0 [ 1279.459275][T19169] page_cache_ra_unbounded+0x1c0/0x430 [ 1279.464750][T19169] ondemand_readahead+0x4f8/0x700 [ 1279.469781][T19169] page_cache_sync_ra+0xaf/0xe0 [ 1279.474643][T19169] filemap_read+0x3d8/0x1720 [ 1279.479303][T19169] generic_file_read_iter+0x75/0x2c0 [ 1279.484588][T19169] ? __fsnotify_parent+0x340/0x440 [ 1279.489819][T19169] ext4_file_read_iter+0x1db/0x290 [ 1279.494996][T19169] generic_file_splice_read+0x24f/0x330 [ 1279.500630][T19169] ? splice_shrink_spd+0x60/0x60 [ 1279.505570][T19169] splice_direct_to_actor+0x2aa/0x650 [ 1279.511011][T19169] ? do_splice_direct+0x190/0x190 [ 1279.516053][T19169] do_splice_direct+0x106/0x190 [ 1279.520912][T19169] do_sendfile+0x675/0xc40 [ 1279.525360][T19169] __x64_sys_sendfile64+0x102/0x140 [ 1279.530589][T19169] do_syscall_64+0x44/0xa0 [ 1279.535081][T19169] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1279.540980][T19169] RIP: 0033:0x7f18cb6c4ae9 [ 1279.545395][T19169] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1279.565024][T19169] RSP: 002b:00007f18c941a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1279.573514][T19169] RAX: ffffffffffffffda RBX: 00007f18cb7d8020 RCX: 00007f18cb6c4ae9 [ 1279.581577][T19169] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000006 [ 1279.589557][T19169] RBP: 00007f18c941a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1279.597525][T19169] R10: 0000000000201000 R11: 0000000000000246 R12: 0000000000000002 [ 1279.605524][T19169] R13: 00007ffde93a391f R14: 00007f18c941a300 R15: 0000000000022000 [ 1279.613505][T19169] [ 1279.630395][T19169] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=35144 sclass=netlink_xfrm_socket pid=19169 comm=syz-executor.4 23:12:17 executing program 3: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80002200) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x80000001) [ 1279.645925][T19169] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=34247 sclass=netlink_xfrm_socket pid=19169 comm=syz-executor.4 [ 1279.660503][T19169] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=53893 sclass=netlink_xfrm_socket pid=19169 comm=syz-executor.4 [ 1279.677114][T19169] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=53481 sclass=netlink_xfrm_socket pid=19169 comm=syz-executor.4 23:12:17 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa50000000fff0000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1279.725277][T19227] loop2: detected capacity change from 0 to 1 23:12:18 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3a4, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:12:18 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500000406000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1279.813130][T19227] loop2: detected capacity change from 0 to 1 23:12:18 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa5000000feff0000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:18 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201000) (fail_nth: 13) 23:12:18 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3a5, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) [ 1280.010857][T19442] loop2: detected capacity change from 0 to 1 23:12:18 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000200887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1280.076782][T19442] loop2: detected capacity change from 0 to 1 [ 1280.146116][T19448] FAULT_INJECTION: forcing a failure. [ 1280.146116][T19448] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1280.159615][T19448] CPU: 0 PID: 19448 Comm: syz-executor.4 Tainted: G W 5.15.0-syzkaller #0 [ 1280.169478][T19448] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1280.179535][T19448] Call Trace: [ 1280.182813][T19448] [ 1280.185743][T19448] dump_stack_lvl+0xd6/0x122 [ 1280.190415][T19448] dump_stack+0x11/0x1b [ 1280.194585][T19448] should_fail+0x23c/0x250 [ 1280.199012][T19448] __alloc_pages+0x102/0x330 [ 1280.203605][T19448] alloc_pages+0x382/0x3d0 [ 1280.208106][T19448] folio_alloc+0x1a/0x20 [ 1280.212698][T19448] filemap_alloc_folio+0x53/0xf0 [ 1280.217644][T19448] page_cache_ra_unbounded+0x1c0/0x430 [ 1280.223144][T19448] ondemand_readahead+0x4f8/0x700 [ 1280.228249][T19448] page_cache_sync_ra+0xaf/0xe0 [ 1280.233110][T19448] filemap_read+0x3d8/0x1720 [ 1280.237714][T19448] generic_file_read_iter+0x75/0x2c0 [ 1280.243021][T19448] ? __fsnotify_parent+0x340/0x440 [ 1280.248207][T19448] ext4_file_read_iter+0x1db/0x290 [ 1280.253332][T19448] generic_file_splice_read+0x24f/0x330 [ 1280.259041][T19448] ? splice_shrink_spd+0x60/0x60 [ 1280.263987][T19448] splice_direct_to_actor+0x2aa/0x650 [ 1280.269370][T19448] ? do_splice_direct+0x190/0x190 [ 1280.274446][T19448] do_splice_direct+0x106/0x190 [ 1280.279312][T19448] do_sendfile+0x675/0xc40 [ 1280.283768][T19448] __x64_sys_sendfile64+0x102/0x140 [ 1280.289049][T19448] do_syscall_64+0x44/0xa0 [ 1280.293480][T19448] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1280.299438][T19448] RIP: 0033:0x7f18cb6c4ae9 [ 1280.303945][T19448] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1280.325613][T19448] RSP: 002b:00007f18c941a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1280.334048][T19448] RAX: ffffffffffffffda RBX: 00007f18cb7d8020 RCX: 00007f18cb6c4ae9 23:12:18 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80002700) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x80000001) 23:12:18 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3a6, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:12:18 executing program 3: mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000240)='sysfs\x00', 0x0, 0x0) open$dir(&(0x7f0000000000)='./bus\x00', 0x400, 0xa) chdir(&(0x7f0000000200)='./file0\x00') rename(&(0x7f0000000080)='./bus\x00', &(0x7f00000000c0)='./file1\x00') 23:12:18 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500000007000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1280.342232][T19448] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000006 [ 1280.350204][T19448] RBP: 00007f18c941a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1280.358325][T19448] R10: 0000000000201000 R11: 0000000000000246 R12: 0000000000000002 [ 1280.366301][T19448] R13: 00007ffde93a391f R14: 00007f18c941a300 R15: 0000000000022000 [ 1280.374300][T19448] 23:12:18 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000800887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1280.416793][T19448] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=35144 sclass=netlink_xfrm_socket pid=19448 comm=syz-executor.4 [ 1280.441186][T19448] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=34247 sclass=netlink_xfrm_socket pid=19448 comm=syz-executor.4 23:12:18 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201000) (fail_nth: 14) 23:12:18 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3a7, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:12:18 executing program 3: r0 = syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000180)='./file0\x00', 0x100000000, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f0000000100000000000000000000000020000064e7000020000000d1f4655fd1f4655f0100ffff53efe80001000000d0f4655f00000000002b000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="030000000400000025", 0x9, 0x7fd}, {&(0x7f0000000080)="ed41000000ed0000d0f4655fd1f4655fd1f4651f000100000000040002", 0x1d, 0x1600}], 0x60440, &(0x7f0000000000)=ANY=[]) getdents64(r0, 0x0, 0x0) 23:12:18 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000040000800887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1280.553326][T19659] loop2: detected capacity change from 0 to 1 [ 1280.673052][T19659] loop2: detected capacity change from 0 to 1 23:12:18 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3a8, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) [ 1280.739974][T19771] FAULT_INJECTION: forcing a failure. [ 1280.739974][T19771] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1280.753213][T19771] CPU: 0 PID: 19771 Comm: syz-executor.4 Tainted: G W 5.15.0-syzkaller #0 [ 1280.763107][T19771] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1280.773216][T19771] Call Trace: [ 1280.776538][T19771] [ 1280.779464][T19771] dump_stack_lvl+0xd6/0x122 [ 1280.784062][T19771] dump_stack+0x11/0x1b 23:12:19 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000009000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1280.786273][T19773] loop3: detected capacity change from 0 to 264192 [ 1280.788239][T19771] should_fail+0x23c/0x250 [ 1280.799253][T19771] __alloc_pages+0x102/0x330 [ 1280.803898][T19771] alloc_pages+0x382/0x3d0 [ 1280.808328][T19771] folio_alloc+0x1a/0x20 [ 1280.812658][T19771] filemap_alloc_folio+0x53/0xf0 [ 1280.817592][T19771] page_cache_ra_unbounded+0x1c0/0x430 [ 1280.823071][T19771] ondemand_readahead+0x4f8/0x700 [ 1280.828130][T19771] page_cache_sync_ra+0xaf/0xe0 [ 1280.833011][T19771] filemap_read+0x3d8/0x1720 [ 1280.837647][T19771] generic_file_read_iter+0x75/0x2c0 [ 1280.842925][T19771] ? __fsnotify_parent+0x340/0x440 [ 1280.848049][T19771] ext4_file_read_iter+0x1db/0x290 [ 1280.853205][T19771] generic_file_splice_read+0x24f/0x330 [ 1280.858795][T19771] ? splice_shrink_spd+0x60/0x60 [ 1280.863795][T19771] splice_direct_to_actor+0x2aa/0x650 [ 1280.869239][T19771] ? do_splice_direct+0x190/0x190 [ 1280.874277][T19771] do_splice_direct+0x106/0x190 [ 1280.879137][T19771] do_sendfile+0x675/0xc40 [ 1280.883558][T19771] __x64_sys_sendfile64+0x102/0x140 [ 1280.888768][T19771] do_syscall_64+0x44/0xa0 [ 1280.893193][T19771] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1280.899098][T19771] RIP: 0033:0x7f18cb6c4ae9 [ 1280.903501][T19771] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1280.923224][T19771] RSP: 002b:00007f18c941a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1280.931794][T19771] RAX: ffffffffffffffda RBX: 00007f18cb7d8020 RCX: 00007f18cb6c4ae9 23:12:19 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000001887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1280.939833][T19771] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000006 [ 1280.947808][T19771] RBP: 00007f18c941a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1280.955777][T19771] R10: 0000000000201000 R11: 0000000000000246 R12: 0000000000000002 [ 1280.963892][T19771] R13: 00007ffde93a391f R14: 00007f18c941a300 R15: 0000000000022000 [ 1280.971872][T19771] 23:12:19 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3a9, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) [ 1281.007485][T19773] loop3: detected capacity change from 0 to 264192 23:12:19 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500000008000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:19 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80002a00) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x80000001) 23:12:19 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201000) (fail_nth: 15) 23:12:19 executing program 3: r0 = socket$inet_udp(0x2, 0x2, 0x0) r1 = accept4$inet(r0, &(0x7f0000000140)={0x2, 0x0, @broadcast}, &(0x7f0000000180)=0x10, 0x800) setsockopt$inet_msfilter(r1, 0x0, 0x29, &(0x7f00000001c0)={@rand_addr=0x64010100, @local, 0x1, 0x2, [@multicast2, @dev={0xac, 0x14, 0x14, 0x20}]}, 0x18) setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, &(0x7f0000008000)={0x1, {{0x2, 0x0, @multicast2}}}, 0x88) getsockopt$inet_buf(r0, 0x0, 0x30, &(0x7f0000008000), &(0x7f0000007ffd)) setsockopt$inet_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, &(0x7f0000000000), 0x4) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201000) recvfrom$inet(r2, &(0x7f0000000040)=""/185, 0xb9, 0x40, &(0x7f0000000100)={0x2, 0x4e24, @multicast1}, 0x10) 23:12:19 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000002887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:19 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3aa, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) [ 1281.176376][T19985] loop2: detected capacity change from 0 to 1 23:12:19 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000402887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1281.272899][T19985] loop2: detected capacity change from 0 to 1 [ 1281.296820][T19998] FAULT_INJECTION: forcing a failure. [ 1281.296820][T19998] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1281.310071][T19998] CPU: 0 PID: 19998 Comm: syz-executor.4 Tainted: G W 5.15.0-syzkaller #0 23:12:19 executing program 3: creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000380)={0x0, 0x0, 0xc, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735", 0x0, 0x0, 0x0, 0x0, 0x0}) syz_open_dev$sg(0x0, 0x7, 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x5}, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, 0x0) ioctl$BTRFS_IOC_TREE_SEARCH_V2(0xffffffffffffffff, 0xc0709411, 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080)={0xc0000004}) epoll_pwait(0xffffffffffffffff, &(0x7f00000000c0)=[{}], 0x1, 0x0, 0x0, 0x0) r1 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r0, 0xd000943d, 0x0) ioctl$BTRFS_IOC_TREE_SEARCH(r1, 0xd0009411, &(0x7f0000000500)={{0x0, 0x3, 0x7, 0x78, 0x2, 0x1, 0x2, 0x3, 0x7f, 0xffffffff, 0x0, 0x40, 0x42dc, 0x7, 0xffffffff00000000}}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000005fc40)={0x7, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r2}], 0x1, "2225300ff82aee"}) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) execve(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000000)=[&(0x7f0000000100)='\xfc|\xf5\x13\xd4\xf6P\xc5]F\xc1Z\x87\xf0\x9b1\xaa\x8d\x7f\xfb;\xca\x8b\xc5s\xda\xde\xf1~\x9e\xe0$\x8d\x95\x80=l\x1d\x1db\xfb8MI\xd1\x140x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000140)=0x14) sendmsg$BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000280)={&(0x7f0000001500)=ANY=[@ANYBLOB="6000000052889ab6de28fef04784398a9e1fd7ea41c04df30ae4ba33a7fd12f490a697d4d934f2ba802f0e5f509056d02b1d08358608c3603e8517c6711b0f4d0807ab385b7b9d1f50c8ee1bbc8d60b706ed337219ef86dce4faedc51a614cae9e38b3957a7f80b1527456b5eba07431c402cb455bec55c8be2e21dd0bbf1d74d24f08ab825964f4d0892f7c7f5a4e9d590af45a561b5454199a2504de405351c4051bf3c10c8c5130617c02dd0fb3f71d368e913c155b7739cd7c0d79484c3cd82153653ae766c28d5b870d7f54969a3c0dd000ca52ac2d5e2b15455fd60db228440c1a3ed5f80c99ed5308b83fd5df6e01d373decce78372420d7d24df899864bc5ff66fcac6a1c7a73b4b608ad27be6a76c4c8a9a63421978e1c65c0bded1e6718f88ef6d41c67a114692e4c5995e9f4c8c0dcebc6a14ab296531cf5646faf44a7150d2a0a4cbe01df5037ad2623be548ae447508b75e1d66ee327c9bd57cc94249964afc8a72c751c5b980879f9e2e80f2d83a6232a523edc36dd81596661c0e692f47e73ddad456e5e3b75b6398f315553bb93579ab07652200802816487e3180f4b56e648e947f14ea4524806d0c548b0dab3d556c7faa601fb7ba867e1b1e40b9bef138375303fe920ba0be28fe7323230ab31986c4f9d1a5cb26e7d936717ed17548883c86eaaeaeb3fce02f5b62a3efd99aa73c134b61b6103398a1b7e89033ee4678ebfe06d753470be80e34a578d698f3af33b2e649754df8d3853602a9731e0c95f6c662ada9cf89f97f8ba5de912e864dc2ec499fb674e74755275e3adcbd9d46e04359ce468e7f15d41070aa8ae58b2d11ffe735050a39f83c3eea67c2378d2bc6", @ANYRES16=0x0, @ANYBLOB="100026bd7000fddbdf2502000000060028000000000008002b0080000000080034000300000008000600", @ANYRES32=0x0, @ANYBLOB="080000000a0009000180e1000003000008000b000000000008000700ae72469cd2cd546f2153e6a89e6ae11ce84ef8f8de9c11ca02cd063e95f429008bc3f9e6dd2d0bb2906ceddeecb2af9443d70000000000000000", @ANYRES32=r3, @ANYBLOB], 0x60}, 0x1, 0x0, 0x0, 0x4040}, 0x440000c1) request_key(&(0x7f0000000200)='user\x00', &(0x7f0000000240)={'syz', 0x1}, 0x0, 0x0) [ 1281.319972][T19998] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1281.330041][T19998] Call Trace: [ 1281.333326][T19998] [ 1281.336310][T19998] dump_stack_lvl+0xd6/0x122 [ 1281.340914][T19998] dump_stack+0x11/0x1b [ 1281.345079][T19998] should_fail+0x23c/0x250 [ 1281.349514][T19998] __alloc_pages+0x102/0x330 [ 1281.354285][T19998] alloc_pages+0x382/0x3d0 [ 1281.358749][T19998] folio_alloc+0x1a/0x20 [ 1281.363153][T19998] filemap_alloc_folio+0x53/0xf0 [ 1281.368185][T19998] page_cache_ra_unbounded+0x1c0/0x430 [ 1281.373679][T19998] ondemand_readahead+0x4f8/0x700 [ 1281.378808][T19998] page_cache_sync_ra+0xaf/0xe0 [ 1281.383702][T19998] filemap_read+0x3d8/0x1720 [ 1281.388306][T19998] generic_file_read_iter+0x75/0x2c0 [ 1281.393694][T19998] ? __fsnotify_parent+0x340/0x440 [ 1281.398820][T19998] ext4_file_read_iter+0x1db/0x290 [ 1281.403953][T19998] generic_file_splice_read+0x24f/0x330 [ 1281.409581][T19998] ? splice_shrink_spd+0x60/0x60 [ 1281.414549][T19998] splice_direct_to_actor+0x2aa/0x650 [ 1281.419930][T19998] ? do_splice_direct+0x190/0x190 [ 1281.425017][T19998] do_splice_direct+0x106/0x190 [ 1281.429881][T19998] do_sendfile+0x675/0xc40 [ 1281.434482][T19998] __x64_sys_sendfile64+0x102/0x140 [ 1281.439700][T19998] do_syscall_64+0x44/0xa0 [ 1281.444153][T19998] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1281.450112][T19998] RIP: 0033:0x7f18cb6c4ae9 [ 1281.454586][T19998] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1281.474292][T19998] RSP: 002b:00007f18c941a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1281.482827][T19998] RAX: ffffffffffffffda RBX: 00007f18cb7d8020 RCX: 00007f18cb6c4ae9 [ 1281.490802][T19998] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000006 [ 1281.498778][T19998] RBP: 00007f18c941a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1281.506775][T19998] R10: 0000000000201000 R11: 0000000000000246 R12: 0000000000000002 [ 1281.514750][T19998] R13: 00007ffde93a391f R14: 00007f18c941a300 R15: 0000000000022000 23:12:19 executing program 3: creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000380)={0x0, 0x0, 0xc, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735", 0x0, 0x0, 0x0, 0x0, 0x0}) syz_open_dev$sg(0x0, 0x7, 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x5}, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, 0x0) ioctl$BTRFS_IOC_TREE_SEARCH_V2(0xffffffffffffffff, 0xc0709411, 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080)={0xc0000004}) epoll_pwait(0xffffffffffffffff, &(0x7f00000000c0)=[{}], 0x1, 0x0, 0x0, 0x0) r1 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r0, 0xd000943d, 0x0) ioctl$BTRFS_IOC_TREE_SEARCH(r1, 0xd0009411, &(0x7f0000000500)={{0x0, 0x3, 0x7, 0x78, 0x2, 0x1, 0x2, 0x3, 0x7f, 0xffffffff, 0x0, 0x40, 0x42dc, 0x7, 0xffffffff00000000}}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000005fc40)={0x7, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r2}], 0x1, "2225300ff82aee"}) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) execve(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000000)=[&(0x7f0000000100)='\xfc|\xf5\x13\xd4\xf6P\xc5]F\xc1Z\x87\xf0\x9b1\xaa\x8d\x7f\xfb;\xca\x8b\xc5s\xda\xde\xf1~\x9e\xe0$\x8d\x95\x80=l\x1d\x1db\xfb8MI\xd1\x140x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000140)=0x14) sendmsg$BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000280)={&(0x7f0000001500)=ANY=[@ANYBLOB="6000000052889ab6de28fef04784398a9e1fd7ea41c04df30ae4ba33a7fd12f490a697d4d934f2ba802f0e5f509056d02b1d08358608c3603e8517c6711b0f4d0807ab385b7b9d1f50c8ee1bbc8d60b706ed337219ef86dce4faedc51a614cae9e38b3957a7f80b1527456b5eba07431c402cb455bec55c8be2e21dd0bbf1d74d24f08ab825964f4d0892f7c7f5a4e9d590af45a561b5454199a2504de405351c4051bf3c10c8c5130617c02dd0fb3f71d368e913c155b7739cd7c0d79484c3cd82153653ae766c28d5b870d7f54969a3c0dd000ca52ac2d5e2b15455fd60db228440c1a3ed5f80c99ed5308b83fd5df6e01d373decce78372420d7d24df899864bc5ff66fcac6a1c7a73b4b608ad27be6a76c4c8a9a63421978e1c65c0bded1e6718f88ef6d41c67a114692e4c5995e9f4c8c0dcebc6a14ab296531cf5646faf44a7150d2a0a4cbe01df5037ad2623be548ae447508b75e1d66ee327c9bd57cc94249964afc8a72c751c5b980879f9e2e80f2d83a6232a523edc36dd81596661c0e692f47e73ddad456e5e3b75b6398f315553bb93579ab07652200802816487e3180f4b56e648e947f14ea4524806d0c548b0dab3d556c7faa601fb7ba867e1b1e40b9bef138375303fe920ba0be28fe7323230ab31986c4f9d1a5cb26e7d936717ed17548883c86eaaeaeb3fce02f5b62a3efd99aa73c134b61b6103398a1b7e89033ee4678ebfe06d753470be80e34a578d698f3af33b2e649754df8d3853602a9731e0c95f6c662ada9cf89f97f8ba5de912e864dc2ec499fb674e74755275e3adcbd9d46e04359ce468e7f15d41070aa8ae58b2d11ffe735050a39f83c3eea67c2378d2bc6", @ANYRES16=0x0, @ANYBLOB="100026bd7000fddbdf2502000000060028000000000008002b0080000000080034000300000008000600", @ANYRES32=0x0, @ANYBLOB="080000000a0009000180e1000003000008000b000000000008000700ae72469cd2cd546f2153e6a89e6ae11ce84ef8f8de9c11ca02cd063e95f429008bc3f9e6dd2d0bb2906ceddeecb2af9443d70000000000000000", @ANYRES32=r3, @ANYBLOB], 0x60}, 0x1, 0x0, 0x0, 0x4040}, 0x440000c1) request_key(&(0x7f0000000200)='user\x00', &(0x7f0000000240)={'syz', 0x1}, 0x0, 0x0) [ 1281.522950][T19998] [ 1281.531306][ C0] sd 0:0:1:0: tag#6838 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s [ 1281.541279][ C0] sd 0:0:1:0: tag#6838 CDB: opcode=0xe5 (vendor) [ 1281.547637][ C0] sd 0:0:1:0: tag#6838 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c [ 1281.556716][ C0] sd 0:0:1:0: tag#6838 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d [ 1281.565769][ C0] sd 0:0:1:0: tag#6838 CDB[20]: ba 23:12:19 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000003887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:19 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3ab, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:12:19 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201000) (fail_nth: 16) 23:12:19 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500000009000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:19 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80002d00) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x80000001) [ 1281.607865][ C0] sd 0:0:1:0: tag#6843 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s [ 1281.617715][ C0] sd 0:0:1:0: tag#6843 CDB: opcode=0xe5 (vendor) [ 1281.624773][ C0] sd 0:0:1:0: tag#6843 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c [ 1281.633830][ C0] sd 0:0:1:0: tag#6843 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d [ 1281.642860][ C0] sd 0:0:1:0: tag#6843 CDB[20]: ba 23:12:20 executing program 3: creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000380)={0x0, 0x0, 0xc, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735", 0x0, 0x0, 0x0, 0x0, 0x0}) syz_open_dev$sg(0x0, 0x7, 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x5}, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, 0x0) ioctl$BTRFS_IOC_TREE_SEARCH_V2(0xffffffffffffffff, 0xc0709411, 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080)={0xc0000004}) epoll_pwait(0xffffffffffffffff, &(0x7f00000000c0)=[{}], 0x1, 0x0, 0x0, 0x0) r1 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x5}, 0x0, 0x0, 0x9, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r0, 0xd000943d, 0x0) ioctl$BTRFS_IOC_TREE_SEARCH(r1, 0xd0009411, &(0x7f0000000500)={{0x0, 0x3, 0x7, 0x78, 0x2, 0x1, 0x2, 0x3, 0x7f, 0xffffffff, 0x0, 0x40, 0x42dc, 0x7, 0xffffffff00000000}}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000005fc40)={0x7, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r2}], 0x1, "2225300ff82aee"}) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) execve(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000000)=[&(0x7f0000000100)='\xfc|\xf5\x13\xd4\xf6P\xc5]F\xc1Z\x87\xf0\x9b1\xaa\x8d\x7f\xfb;\xca\x8b\xc5s\xda\xde\xf1~\x9e\xe0$\x8d\x95\x80=l\x1d\x1db\xfb8MI\xd1\x140x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000140)=0x14) sendmsg$BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000280)={&(0x7f0000001500)=ANY=[@ANYBLOB="6000000052889ab6de28fef04784398a9e1fd7ea41c04df30ae4ba33a7fd12f490a697d4d934f2ba802f0e5f509056d02b1d08358608c3603e8517c6711b0f4d0807ab385b7b9d1f50c8ee1bbc8d60b706ed337219ef86dce4faedc51a614cae9e38b3957a7f80b1527456b5eba07431c402cb455bec55c8be2e21dd0bbf1d74d24f08ab825964f4d0892f7c7f5a4e9d590af45a561b5454199a2504de405351c4051bf3c10c8c5130617c02dd0fb3f71d368e913c155b7739cd7c0d79484c3cd82153653ae766c28d5b870d7f54969a3c0dd000ca52ac2d5e2b15455fd60db228440c1a3ed5f80c99ed5308b83fd5df6e01d373decce78372420d7d24df899864bc5ff66fcac6a1c7a73b4b608ad27be6a76c4c8a9a63421978e1c65c0bded1e6718f88ef6d41c67a114692e4c5995e9f4c8c0dcebc6a14ab296531cf5646faf44a7150d2a0a4cbe01df5037ad2623be548ae447508b75e1d66ee327c9bd57cc94249964afc8a72c751c5b980879f9e2e80f2d83a6232a523edc36dd81596661c0e692f47e73ddad456e5e3b75b6398f315553bb93579ab07652200802816487e3180f4b56e648e947f14ea4524806d0c548b0dab3d556c7faa601fb7ba867e1b1e40b9bef138375303fe920ba0be28fe7323230ab31986c4f9d1a5cb26e7d936717ed17548883c86eaaeaeb3fce02f5b62a3efd99aa73c134b61b6103398a1b7e89033ee4678ebfe06d753470be80e34a578d698f3af33b2e649754df8d3853602a9731e0c95f6c662ada9cf89f97f8ba5de912e864dc2ec499fb674e74755275e3adcbd9d46e04359ce468e7f15d41070aa8ae58b2d11ffe735050a39f83c3eea67c2378d2bc6", @ANYRES16=0x0, @ANYBLOB="100026bd7000fddbdf2502000000060028000000000008002b0080000000080034000300000008000600", @ANYRES32=0x0, @ANYBLOB="080000000a0009000180e1000003000008000b000000000008000700ae72469cd2cd546f2153e6a89e6ae11ce84ef8f8de9c11ca02cd063e95f429008bc3f9e6dd2d0bb2906ceddeecb2af9443d70000000000000000", @ANYRES32=r3, @ANYBLOB], 0x60}, 0x1, 0x0, 0x0, 0x4040}, 0x440000c1) request_key(&(0x7f0000000200)='user\x00', &(0x7f0000000240)={'syz', 0x1}, 0x0, 0x0) [ 1281.727184][ C1] sd 0:0:1:0: tag#6833 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s [ 1281.737076][ C1] sd 0:0:1:0: tag#6833 CDB: opcode=0xe5 (vendor) [ 1281.743513][ C1] sd 0:0:1:0: tag#6833 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c [ 1281.752587][ C1] sd 0:0:1:0: tag#6833 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d [ 1281.761638][ C1] sd 0:0:1:0: tag#6833 CDB[20]: ba 23:12:20 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000004887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:20 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3ac, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) [ 1281.902675][T20223] loop2: detected capacity change from 0 to 1 [ 1281.942201][T20227] FAULT_INJECTION: forcing a failure. [ 1281.942201][T20227] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1281.955538][T20227] CPU: 0 PID: 20227 Comm: syz-executor.4 Tainted: G W 5.15.0-syzkaller #0 [ 1281.965371][T20227] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1281.975431][T20227] Call Trace: [ 1281.978706][T20227] [ 1281.981705][T20227] dump_stack_lvl+0xd6/0x122 [ 1281.986299][T20227] dump_stack+0x11/0x1b [ 1281.990454][T20227] should_fail+0x23c/0x250 [ 1281.994876][T20227] __alloc_pages+0x102/0x330 [ 1281.999466][T20227] alloc_pages+0x382/0x3d0 [ 1282.003940][T20227] folio_alloc+0x1a/0x20 [ 1282.008179][T20227] filemap_alloc_folio+0x53/0xf0 [ 1282.013116][T20227] page_cache_ra_unbounded+0x1c0/0x430 [ 1282.018657][T20227] ondemand_readahead+0x4f8/0x700 [ 1282.023686][T20227] page_cache_sync_ra+0xaf/0xe0 [ 1282.028565][T20227] filemap_read+0x3d8/0x1720 [ 1282.033318][T20227] generic_file_read_iter+0x75/0x2c0 [ 1282.038652][T20227] ? __fsnotify_parent+0x340/0x440 [ 1282.043840][T20227] ext4_file_read_iter+0x1db/0x290 [ 1282.048955][T20227] generic_file_splice_read+0x24f/0x330 [ 1282.054503][T20227] ? splice_shrink_spd+0x60/0x60 [ 1282.059473][T20227] splice_direct_to_actor+0x2aa/0x650 [ 1282.065560][T20227] ? do_splice_direct+0x190/0x190 [ 1282.070584][T20227] do_splice_direct+0x106/0x190 [ 1282.075568][T20227] do_sendfile+0x675/0xc40 [ 1282.079992][T20227] __x64_sys_sendfile64+0x102/0x140 [ 1282.085191][T20227] do_syscall_64+0x44/0xa0 [ 1282.089683][T20227] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1282.095584][T20227] RIP: 0033:0x7f18cb6c4ae9 [ 1282.100006][T20227] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1282.119633][T20227] RSP: 002b:00007f18c941a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1282.128331][T20227] RAX: ffffffffffffffda RBX: 00007f18cb7d8020 RCX: 00007f18cb6c4ae9 [ 1282.136346][T20227] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000006 [ 1282.144422][T20227] RBP: 00007f18c941a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1282.152487][T20227] R10: 0000000000201000 R11: 0000000000000246 R12: 0000000000000002 [ 1282.160453][T20227] R13: 00007ffde93a391f R14: 00007f18c941a300 R15: 0000000000022000 [ 1282.168440][T20227] [ 1282.190356][ C1] sd 0:0:1:0: tag#6813 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s 23:12:20 executing program 3: ioctl$BLKPG(0xffffffffffffffff, 0x1269, &(0x7f0000000040)={0x0, 0x0, 0x67, &(0x7f00000000c0)="46b0df1176b81a17f5d6e38b8abc322f7cb8b2296ead694d147e84c0827d52d2280fb906493e7c72f1920eb0c558a41cbe1190e0b526d7411b7ef5f61074e42b2feee82d1d83213922d8c29e2378bef320e4e64ef182f83a0d806f59ef9a4a95ce33fd917ea42e"}) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f00000000c0)=ANY=[], 0x230) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r0, 0x0) fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0) r1 = fsmount(0xffffffffffffffff, 0x0, 0x7c) openat$cgroup_ro(r1, &(0x7f0000000140)='freezer.state\x00', 0x0, 0x0) 23:12:20 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000005887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1282.200217][ C1] sd 0:0:1:0: tag#6813 CDB: opcode=0xe5 (vendor) [ 1282.206590][ C1] sd 0:0:1:0: tag#6813 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c [ 1282.215623][ C1] sd 0:0:1:0: tag#6813 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d [ 1282.224672][ C1] sd 0:0:1:0: tag#6813 CDB[20]: ba [ 1282.237255][T20223] loop2: detected capacity change from 0 to 1 23:12:20 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa50000000a000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:20 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3ad, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:12:20 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000006887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:20 executing program 3: r0 = memfd_create(&(0x7f0000000040)='\x00\xac=\x9d\xd2\xdb\xe6\xbf\xb4\x91\x1b\x80\x93\x81v\xc5o\xa4k\x012>\xa1\x9c\x86x\x1c\x9f\x97z\xd9c\xecR\xd6\xe8\xf3Y\x12\"p^\xc1\x0f\x00\x00\x00\x00\x00\x00\x00t\x00\x00\x00\x00\x00\x00\x00\x05\x00\x00\x00\x00', 0x0) write(r0, &(0x7f0000000080)="30e6ca4096", 0x5) sendfile(r0, r0, &(0x7f0000001000), 0xfec) r1 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r1, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x0, 0x0, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x0, 0x0, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x1000004, 0x30, r2, 0x21ba1000) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0), 0x2004000, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@version_9p2000}, {@version_L}, {@access_client}], [{@dont_appraise}, {@hash}]}}) ioctl$KDFONTOP_SET(r3, 0x4b66, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x6, 0x0, 0x0}) 23:12:20 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201000) (fail_nth: 17) [ 1282.478703][T20340] loop2: detected capacity change from 0 to 1 [ 1282.582328][T20340] loop2: detected capacity change from 0 to 1 23:12:20 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3ae, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) [ 1282.696177][T20455] FAULT_INJECTION: forcing a failure. [ 1282.696177][T20455] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1282.709484][T20455] CPU: 1 PID: 20455 Comm: syz-executor.4 Tainted: G W 5.15.0-syzkaller #0 [ 1282.719292][T20455] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1282.729558][T20455] Call Trace: [ 1282.732830][T20455] [ 1282.735752][T20455] dump_stack_lvl+0xd6/0x122 [ 1282.740428][T20455] dump_stack+0x11/0x1b [ 1282.744580][T20455] should_fail+0x23c/0x250 [ 1282.748999][T20455] __alloc_pages+0x102/0x330 [ 1282.753594][T20455] alloc_pages+0x382/0x3d0 [ 1282.758000][T20455] folio_alloc+0x1a/0x20 [ 1282.762238][T20455] filemap_alloc_folio+0x53/0xf0 [ 1282.767179][T20455] page_cache_ra_unbounded+0x1c0/0x430 [ 1282.772734][T20455] ondemand_readahead+0x4f8/0x700 [ 1282.777786][T20455] page_cache_sync_ra+0xaf/0xe0 [ 1282.782641][T20455] filemap_read+0x3d8/0x1720 [ 1282.787274][T20455] generic_file_read_iter+0x75/0x2c0 [ 1282.792552][T20455] ? __fsnotify_parent+0x340/0x440 [ 1282.797757][T20455] ext4_file_read_iter+0x1db/0x290 [ 1282.802902][T20455] generic_file_splice_read+0x24f/0x330 [ 1282.808477][T20455] ? splice_shrink_spd+0x60/0x60 [ 1282.813434][T20455] splice_direct_to_actor+0x2aa/0x650 [ 1282.818854][T20455] ? do_splice_direct+0x190/0x190 [ 1282.823931][T20455] do_splice_direct+0x106/0x190 [ 1282.828790][T20455] do_sendfile+0x675/0xc40 [ 1282.833202][T20455] __x64_sys_sendfile64+0x102/0x140 [ 1282.838410][T20455] do_syscall_64+0x44/0xa0 [ 1282.842825][T20455] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1282.848721][T20455] RIP: 0033:0x7f18cb6c4ae9 [ 1282.853124][T20455] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1282.872770][T20455] RSP: 002b:00007f18c941a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1282.881180][T20455] RAX: ffffffffffffffda RBX: 00007f18cb7d8020 RCX: 00007f18cb6c4ae9 [ 1282.889146][T20455] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000006 23:12:21 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80003200) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x80000001) 23:12:21 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000406887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:21 executing program 3: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000100)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000340)={0x6, 0x80, 0x1f, 0x4, 0xe1, 0x2, 0x0, 0x1, 0x2002, 0x2, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x3, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, @perf_bp={&(0x7f00000001c0), 0xd}, 0xffba313ebc987a35, 0x4, 0x8000, 0x7, 0xc7a, 0x1, 0x1000, 0x0, 0x10000, 0x0, 0x2}, 0x0, 0x4, 0xffffffffffffffff, 0xb) mount(&(0x7f0000000080)=@md0, &(0x7f00000000c0)='./file0/../file0\x00', &(0x7f0000000140)='coda\x00', 0x40000, &(0x7f0000000180)='%\x00') statfs(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=""/147) 23:12:21 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa50000000b000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1282.897199][T20455] RBP: 00007f18c941a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1282.905161][T20455] R10: 0000000000201000 R11: 0000000000000246 R12: 0000000000000002 [ 1282.913427][T20455] R13: 00007ffde93a391f R14: 00007f18c941a300 R15: 0000000000022000 [ 1282.921392][T20455] 23:12:21 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000007887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:21 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3af, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:12:21 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./mnt\x00', 0x0, 0x5, &(0x7f0000000200)=[{&(0x7f0000010000)="1000000040000000030000002b00000005000000010000000000000000000000002000000020000010000000000000009f09c75f0000ffff53ef0100010000009f09c75f000000000000000001000000000000000b0000008000000038000000c20201006b04000076b65be2f6da47278c750525a5b65a09", 0x78, 0xfffffffffffffff8}, {&(0x7f0000000140)="0000000000000000b6200000ede2de4df49d4f87b54a3176cfd4eb4f010040000c000000000000009f09c75f8284b02338a8a9e1dfa319ef2851c5d4e3628f267ad44e1ad05fc4ed9aa865eca0da4fa0782791994913f5e06b405b71da082cff81e9ca84664334ea2708e62c1dce7c21", 0x70, 0x78f}, {&(0x7f0000000080)="0100000000009bf1dcbc2323516800000000000000000000000000000401000012", 0x21, 0x560}, {&(0x7f00000100e0)="00000000000000000000000000000000000000000104", 0x16, 0x640}, {&(0x7f00000000c0)="000000000000000000000000000000000000000000000000000000005178aedb", 0x20, 0x7e0}], 0x800451, &(0x7f0000010f60)) r0 = creat(&(0x7f0000000040)='./mnt\x00', 0x52) recvmsg$unix(r0, &(0x7f0000000440)={&(0x7f0000000280), 0x6e, &(0x7f0000000c00)=[{&(0x7f0000000300)=""/118, 0x76}, {&(0x7f0000000b40)=""/183, 0xb7}], 0x2, &(0x7f0000000380)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xb0}, 0x12040) r5 = dup2(r3, r1) ioctl$SG_IO(r5, 0x2285, &(0x7f0000000ac0)={0x53, 0xfffffffffffffffc, 0x24, 0x7f, @scatter={0x7, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000480)=""/190, 0xbe}, {&(0x7f0000000540)=""/37, 0x25}, {&(0x7f0000000580)=""/110, 0x6e}, {&(0x7f0000000600)=""/56, 0x38}, {&(0x7f0000000640)=""/218, 0xda}, {&(0x7f0000000740)=""/236, 0xec}, {&(0x7f0000000840)=""/101, 0x65}]}, &(0x7f0000000940)="56da7c06fb623857eee83b544f969e5af48de8cd737b9c8fdb758397f9a6eb170cd75fdf", &(0x7f0000000980)=""/246, 0x1, 0x10003, 0x0, &(0x7f0000000a80)}) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f00000001c0)={{0x1, 0x1, 0x18, r4, {r2}}, './mnt\x00'}) ioctl$SG_SCSI_RESET(r6, 0x2284, 0x0) [ 1283.168519][T20565] loop2: detected capacity change from 0 to 1 23:12:21 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201000) (fail_nth: 18) 23:12:21 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000008887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1283.253961][T20565] loop2: detected capacity change from 0 to 1 23:12:21 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3b0, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:12:21 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa50000000c000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1283.315716][T20615] loop3: detected capacity change from 0 to 16383 [ 1283.327979][T20615] EXT4-fs (loop3): VFS: Can't find ext4 filesystem [ 1283.355132][T20615] loop3: detected capacity change from 0 to 16383 [ 1283.362751][T20615] EXT4-fs (loop3): VFS: Can't find ext4 filesystem 23:12:21 executing program 3: syz_mount_image$tmpfs(&(0x7f0000000080), &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)={[{@nr_blocks={'nr_blocks', 0x3d, [0x30, 0x65]}}]}) openat(0xffffffffffffffff, &(0x7f0000000000)='./file1\x00', 0x402200, 0x88) [ 1283.454270][T20683] FAULT_INJECTION: forcing a failure. [ 1283.454270][T20683] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1283.467558][T20683] CPU: 0 PID: 20683 Comm: syz-executor.4 Tainted: G W 5.15.0-syzkaller #0 [ 1283.477368][T20683] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1283.487434][T20683] Call Trace: [ 1283.490713][T20683] [ 1283.493645][T20683] dump_stack_lvl+0xd6/0x122 [ 1283.498261][T20683] dump_stack+0x11/0x1b [ 1283.502419][T20683] should_fail+0x23c/0x250 [ 1283.507015][T20683] __alloc_pages+0x102/0x330 [ 1283.511612][T20683] alloc_pages+0x382/0x3d0 [ 1283.516127][T20683] folio_alloc+0x1a/0x20 [ 1283.520384][T20683] filemap_alloc_folio+0x53/0xf0 [ 1283.525328][T20683] page_cache_ra_unbounded+0x1c0/0x430 [ 1283.530930][T20683] ondemand_readahead+0x4f8/0x700 [ 1283.536001][T20683] page_cache_sync_ra+0xaf/0xe0 [ 1283.540931][T20683] filemap_read+0x3d8/0x1720 [ 1283.545537][T20683] generic_file_read_iter+0x75/0x2c0 [ 1283.550861][T20683] ? __fsnotify_parent+0x340/0x440 [ 1283.556499][T20683] ext4_file_read_iter+0x1db/0x290 [ 1283.561656][T20683] generic_file_splice_read+0x24f/0x330 [ 1283.567320][T20683] ? splice_shrink_spd+0x60/0x60 [ 1283.572317][T20683] splice_direct_to_actor+0x2aa/0x650 [ 1283.577767][T20683] ? do_splice_direct+0x190/0x190 [ 1283.582848][T20683] do_splice_direct+0x106/0x190 [ 1283.587906][T20683] do_sendfile+0x675/0xc40 [ 1283.592329][T20683] __x64_sys_sendfile64+0x102/0x140 [ 1283.597617][T20683] do_syscall_64+0x44/0xa0 [ 1283.602043][T20683] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1283.607953][T20683] RIP: 0033:0x7f18cb6c4ae9 [ 1283.612370][T20683] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1283.632195][T20683] RSP: 002b:00007f18c941a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1283.640714][T20683] RAX: ffffffffffffffda RBX: 00007f18cb7d8020 RCX: 00007f18cb6c4ae9 23:12:21 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80003300) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x80000001) 23:12:21 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000009887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:21 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3b1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) [ 1283.648782][T20683] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000006 [ 1283.656763][T20683] RBP: 00007f18c941a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1283.664815][T20683] R10: 0000000000201000 R11: 0000000000000246 R12: 0000000000000002 [ 1283.672793][T20683] R13: 00007ffde93a391f R14: 00007f18c941a300 R15: 0000000000022000 [ 1283.680797][T20683] 23:12:21 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa50000000000000a887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:21 executing program 3: socket$inet6_tcp(0xa, 0x3, 0x87) sendmsg$NL80211_CMD_STOP_SCHED_SCAN(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0xa}, 0xc, &(0x7f00000000c0)={0x0}}, 0x0) 23:12:22 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201000) (fail_nth: 19) [ 1283.734221][T20795] loop2: detected capacity change from 0 to 1 23:12:22 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa50000000000000b887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1283.832219][T20795] loop2: detected capacity change from 0 to 1 23:12:22 executing program 3: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x141042, 0x0) write$binfmt_script(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[@ANYRES32=r0], 0x78) pwritev(r0, &(0x7f0000000000)=[{&(0x7f0000000080)="ed", 0x1}], 0x1, 0x0, 0x0) fallocate(r0, 0x4, 0x0, 0xfffffefeffc) write(r0, &(0x7f0000000140)="d5", 0x1) r1 = open(&(0x7f0000000700)='./bus\x00', 0x101042, 0x0) openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/class/virtio-ports', 0x840, 0x8) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x9, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet(0x2, 0x6000000000000003, 0x6) r3 = memfd_create(&(0x7f00000003c0)='\xff\x00l\x1e\xa00x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3b2, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:12:22 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa50000000d000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1283.974954][T20907] FAULT_INJECTION: forcing a failure. [ 1283.974954][T20907] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1283.988261][T20907] CPU: 1 PID: 20907 Comm: syz-executor.4 Tainted: G W 5.15.0-syzkaller #0 [ 1283.998538][T20907] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1284.009969][T20907] Call Trace: [ 1284.013238][T20907] [ 1284.016165][T20907] dump_stack_lvl+0xd6/0x122 [ 1284.020739][T20907] dump_stack+0x11/0x1b [ 1284.024896][T20907] should_fail+0x23c/0x250 [ 1284.029293][T20907] __alloc_pages+0x102/0x330 [ 1284.033964][T20907] alloc_pages+0x382/0x3d0 [ 1284.038441][T20907] folio_alloc+0x1a/0x20 [ 1284.042730][T20907] filemap_alloc_folio+0x53/0xf0 [ 1284.047668][T20907] page_cache_ra_unbounded+0x1c0/0x430 [ 1284.053295][T20907] ondemand_readahead+0x4f8/0x700 [ 1284.058304][T20907] page_cache_sync_ra+0xaf/0xe0 [ 1284.063145][T20907] filemap_read+0x3d8/0x1720 [ 1284.067721][T20907] generic_file_read_iter+0x75/0x2c0 [ 1284.073007][T20907] ? __fsnotify_parent+0x340/0x440 [ 1284.078178][T20907] ext4_file_read_iter+0x1db/0x290 [ 1284.083331][T20907] generic_file_splice_read+0x24f/0x330 [ 1284.088858][T20907] ? splice_shrink_spd+0x60/0x60 [ 1284.093774][T20907] splice_direct_to_actor+0x2aa/0x650 [ 1284.099161][T20907] ? do_splice_direct+0x190/0x190 [ 1284.104180][T20907] do_splice_direct+0x106/0x190 [ 1284.109049][T20907] do_sendfile+0x675/0xc40 [ 1284.113513][T20907] __x64_sys_sendfile64+0x102/0x140 [ 1284.118691][T20907] do_syscall_64+0x44/0xa0 [ 1284.123091][T20907] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1284.128973][T20907] RIP: 0033:0x7f18cb6c4ae9 [ 1284.133408][T20907] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1284.153004][T20907] RSP: 002b:00007f18c941a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1284.161484][T20907] RAX: ffffffffffffffda RBX: 00007f18cb7d8020 RCX: 00007f18cb6c4ae9 [ 1284.169443][T20907] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000006 [ 1284.177419][T20907] RBP: 00007f18c941a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1284.185368][T20907] R10: 0000000000201000 R11: 0000000000000246 R12: 0000000000000002 [ 1284.193326][T20907] R13: 00007ffde93a391f R14: 00007f18c941a300 R15: 0000000000022000 [ 1284.201369][T20907] [ 1284.220337][T20907] selinux_netlink_send: 230 callbacks suppressed [ 1284.220354][T20907] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=35144 sclass=netlink_xfrm_socket pid=20907 comm=syz-executor.4 [ 1284.252636][T20907] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=34247 sclass=netlink_xfrm_socket pid=20907 comm=syz-executor.4 [ 1284.265992][T20907] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=53893 sclass=netlink_xfrm_socket pid=20907 comm=syz-executor.4 [ 1284.280226][T20907] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=53481 sclass=netlink_xfrm_socket pid=20907 comm=syz-executor.4 23:12:22 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa50000000000000c887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:22 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3b3, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) [ 1284.429004][ C0] sd 0:0:1:0: tag#6793 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s [ 1284.438902][ C0] sd 0:0:1:0: tag#6793 CDB: opcode=0xe5 (vendor) [ 1284.445244][ C0] sd 0:0:1:0: tag#6793 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c [ 1284.454281][ C0] sd 0:0:1:0: tag#6793 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d [ 1284.463304][ C0] sd 0:0:1:0: tag#6793 CDB[20]: ba [ 1284.499759][T21015] loop2: detected capacity change from 0 to 1 [ 1284.598755][T21015] loop2: detected capacity change from 0 to 1 23:12:22 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80003400) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x80000001) 23:12:22 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201000) (fail_nth: 20) 23:12:22 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa50000000000000d887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:22 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3b4, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:12:22 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa50000000e000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:23 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa50000000000000e887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1284.842962][T21129] FAULT_INJECTION: forcing a failure. [ 1284.842962][T21129] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1284.856232][T21129] CPU: 0 PID: 21129 Comm: syz-executor.4 Tainted: G W 5.15.0-syzkaller #0 [ 1284.866671][T21129] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1284.876769][T21129] Call Trace: [ 1284.880056][T21129] [ 1284.882989][T21129] dump_stack_lvl+0xd6/0x122 [ 1284.887590][T21129] dump_stack+0x11/0x1b [ 1284.891783][T21129] should_fail+0x23c/0x250 [ 1284.896228][T21129] __alloc_pages+0x102/0x330 [ 1284.900834][T21129] alloc_pages+0x382/0x3d0 [ 1284.905283][T21129] folio_alloc+0x1a/0x20 [ 1284.909531][T21129] filemap_alloc_folio+0x53/0xf0 [ 1284.914557][T21129] page_cache_ra_unbounded+0x1c0/0x430 [ 1284.920094][T21129] ondemand_readahead+0x4f8/0x700 [ 1284.925140][T21129] page_cache_sync_ra+0xaf/0xe0 [ 1284.930047][T21129] filemap_read+0x3d8/0x1720 [ 1284.934684][T21129] generic_file_read_iter+0x75/0x2c0 [ 1284.939989][T21129] ? __fsnotify_parent+0x340/0x440 [ 1284.945112][T21129] ext4_file_read_iter+0x1db/0x290 [ 1284.950234][T21129] generic_file_splice_read+0x24f/0x330 [ 1284.955885][T21129] ? splice_shrink_spd+0x60/0x60 [ 1284.960836][T21129] splice_direct_to_actor+0x2aa/0x650 [ 1284.966230][T21129] ? do_splice_direct+0x190/0x190 [ 1284.971267][T21129] do_splice_direct+0x106/0x190 [ 1284.976209][T21129] do_sendfile+0x675/0xc40 [ 1284.980663][T21129] __x64_sys_sendfile64+0x102/0x140 [ 1284.985889][T21129] do_syscall_64+0x44/0xa0 [ 1284.990324][T21129] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1284.996245][T21129] RIP: 0033:0x7f18cb6c4ae9 [ 1285.000672][T21129] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1285.020772][T21129] RSP: 002b:00007f18c941a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1285.029249][T21129] RAX: ffffffffffffffda RBX: 00007f18cb7d8020 RCX: 00007f18cb6c4ae9 [ 1285.037226][T21129] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000006 [ 1285.045201][T21129] RBP: 00007f18c941a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1285.053211][T21129] R10: 0000000000201000 R11: 0000000000000246 R12: 0000000000000002 [ 1285.061251][T21129] R13: 00007ffde93a391f R14: 00007f18c941a300 R15: 0000000000022000 [ 1285.069234][T21129] 23:12:23 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3b5, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) [ 1285.111332][T21176] loop2: detected capacity change from 0 to 1 23:12:23 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa50000000000000f887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1285.207687][T21176] loop2: detected capacity change from 0 to 1 23:12:23 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000010887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:23 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa50000000f000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:23 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3b6, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) [ 1285.302246][T21129] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=35144 sclass=netlink_xfrm_socket pid=21129 comm=syz-executor.4 [ 1285.337659][T21129] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=34247 sclass=netlink_xfrm_socket pid=21129 comm=syz-executor.4 [ 1285.351466][T21129] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=53893 sclass=netlink_xfrm_socket pid=21129 comm=syz-executor.4 [ 1285.365056][T21129] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=53481 sclass=netlink_xfrm_socket pid=21129 comm=syz-executor.4 [ 1285.401451][T21129] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=49 sclass=netlink_xfrm_socket pid=21129 comm=syz-executor.4 [ 1285.414304][T21129] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=61 sclass=netlink_xfrm_socket pid=21129 comm=syz-executor.4 23:12:23 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201000) (fail_nth: 21) 23:12:23 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80003500) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x80000001) 23:12:23 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000011887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:23 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3b7, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) [ 1285.558055][T21376] loop2: detected capacity change from 0 to 1 [ 1285.689104][T21454] FAULT_INJECTION: forcing a failure. [ 1285.689104][T21454] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1285.702415][T21454] CPU: 0 PID: 21454 Comm: syz-executor.4 Tainted: G W 5.15.0-syzkaller #0 [ 1285.712247][T21454] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1285.722319][T21454] Call Trace: [ 1285.725599][T21454] [ 1285.728524][T21454] dump_stack_lvl+0xd6/0x122 [ 1285.733120][T21454] dump_stack+0x11/0x1b 23:12:23 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000012887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1285.737274][T21454] should_fail+0x23c/0x250 [ 1285.741699][T21454] __alloc_pages+0x102/0x330 [ 1285.746294][T21454] alloc_pages+0x382/0x3d0 [ 1285.750757][T21454] folio_alloc+0x1a/0x20 [ 1285.755095][T21454] filemap_alloc_folio+0x53/0xf0 [ 1285.760035][T21454] page_cache_ra_unbounded+0x1c0/0x430 [ 1285.765528][T21454] ondemand_readahead+0x4f8/0x700 [ 1285.770595][T21454] page_cache_sync_ra+0xaf/0xe0 [ 1285.775472][T21454] filemap_read+0x3d8/0x1720 [ 1285.780076][T21454] generic_file_read_iter+0x75/0x2c0 [ 1285.785540][T21454] ? __fsnotify_parent+0x340/0x440 [ 1285.790713][T21454] ext4_file_read_iter+0x1db/0x290 [ 1285.795888][T21454] generic_file_splice_read+0x24f/0x330 [ 1285.801454][T21454] ? splice_shrink_spd+0x60/0x60 [ 1285.806419][T21454] splice_direct_to_actor+0x2aa/0x650 [ 1285.811975][T21454] ? do_splice_direct+0x190/0x190 [ 1285.817077][T21454] do_splice_direct+0x106/0x190 [ 1285.821937][T21454] do_sendfile+0x675/0xc40 [ 1285.826355][T21454] __x64_sys_sendfile64+0x102/0x140 [ 1285.831559][T21454] do_syscall_64+0x44/0xa0 [ 1285.836023][T21454] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1285.842031][T21454] RIP: 0033:0x7f18cb6c4ae9 [ 1285.846531][T21454] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1285.866149][T21454] RSP: 002b:00007f18c941a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1285.874564][T21454] RAX: ffffffffffffffda RBX: 00007f18cb7d8020 RCX: 00007f18cb6c4ae9 23:12:24 executing program 3: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) r3 = fcntl$dupfd(r2, 0x406, 0xffffffffffffffff) fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x0, 0x0, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) splice(r2, &(0x7f0000000240)=0x1000000000000005, r0, &(0x7f0000000440)=0x2, 0xf0b3, 0xb) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='mounts\x00') r5 = dup2(r1, r4) mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000000), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r5}, 0x2c, {'wfdno', 0x3d, r4}}) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r0, 0xc0189379, &(0x7f0000000340)={{0x1, 0x1, 0x18, r4}, './file0\x00'}) ioctl$SG_GET_LOW_DMA(r6, 0x227a, &(0x7f0000000400)) r7 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r7, 0x2007fff) r8 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r8, r7, 0x0, 0x201000) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000005db40)={0x101, [], 0x1, "3a2843e9fe6118"}) fsmount(r7, 0x0, 0x84) sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r1, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000100)={0x34, 0x0, 0x400, 0x70bd2c, 0x25dfdbfb, {}, [@BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x8000}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x2}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x7f}]}, 0x34}, 0x1, 0x0, 0x0, 0x40811}, 0x4040010) ioctl$FIBMAP(r2, 0x1, &(0x7f00000002c0)=0xb2) [ 1285.882557][T21454] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000006 [ 1285.890530][T21454] RBP: 00007f18c941a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1285.898508][T21454] R10: 0000000000201000 R11: 0000000000000246 R12: 0000000000000002 [ 1285.906483][T21454] R13: 00007ffde93a391f R14: 00007f18c941a300 R15: 0000000000022000 [ 1285.914620][T21454] [ 1285.926071][T21376] loop2: detected capacity change from 0 to 1 23:12:24 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500000010000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:24 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3b8, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:12:24 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000020887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1286.035104][T21566] program syz-executor.3 is using a deprecated SCSI ioctl, please convert it to SG_IO 23:12:24 executing program 3: r0 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0xfffffffffffffffd, 0x2, 0x8, 0xfe, 0x0, 0x100000000, 0x10000, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x1, @perf_config_ext={0x2, 0x6500097f}, 0x3200, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0xa, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x3, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) clone(0x0, 0x0, 0x0, 0x0, 0x0) clone(0x82000400, &(0x7f00000002c0)="38682d7ca96dc0645a008b98af4e354a672ab5924cff7248ddfef1fac8064e4828a38c02fd298e4f0614f2bb91227745b240fadb97aec90c4f5694fa3c8dcb29f31564d959f4b60a4bba418aa07a0ccd1b3a1cce2cf55ea52e27e3a266f54d43752e8a54d09ba64cc04a0eaf1a9fd5fb1fef28c3b5d0f5f8462a4211d19f2179e0c8e13937cab5266cfc2abc90b1c4d31971fad0401ce8c4377241fc024a5b853c908d37fdb30252b388454e95b5393b6888773ea0d82e56b8a82726e84cf40078874a617846316b8f1657a0ff32eaf81f2fea1c20090b9db3c84a792411700c2a90d8328d89c3c1e0afe440469ec1982b73f9acf85d977bdbcec279", &(0x7f00000003c0), &(0x7f0000000400), &(0x7f0000000440)="489dd4fdba7a9489cb371b0e83134e12659ac82643768cbd5baa022190609570b9b042ae794148df19f837cdc65fa4bab60508cbe9a39bf1dfacf6da7122fb24f97c4fe86951ee65749fba125f1c306a8d5bfdfade11cddd09ec9903b8ea320ae52bc0fb6336ec7377275ac849") ioctl$VFAT_IOCTL_READDIR_BOTH(r1, 0x82307201, &(0x7f0000000080)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}]) ioctl$PERF_EVENT_IOC_RESET(r0, 0x2403, 0xb9) 23:12:24 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201000) (fail_nth: 22) 23:12:24 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000022887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1286.179110][T21572] loop2: detected capacity change from 0 to 1 23:12:24 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3b9, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) [ 1286.277892][T21572] loop2: detected capacity change from 0 to 1 [ 1286.320970][T21686] FAULT_INJECTION: forcing a failure. [ 1286.320970][T21686] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1286.334240][T21686] CPU: 0 PID: 21686 Comm: syz-executor.4 Tainted: G W 5.15.0-syzkaller #0 [ 1286.344054][T21686] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1286.354139][T21686] Call Trace: [ 1286.357428][T21686] [ 1286.360400][T21686] dump_stack_lvl+0xd6/0x122 [ 1286.365011][T21686] dump_stack+0x11/0x1b [ 1286.369184][T21686] should_fail+0x23c/0x250 [ 1286.373614][T21686] __alloc_pages+0x102/0x330 [ 1286.378262][T21686] alloc_pages+0x382/0x3d0 [ 1286.382681][T21686] folio_alloc+0x1a/0x20 [ 1286.386970][T21686] filemap_alloc_folio+0x53/0xf0 [ 1286.391908][T21686] page_cache_ra_unbounded+0x1c0/0x430 [ 1286.397402][T21686] ondemand_readahead+0x4f8/0x700 [ 1286.402472][T21686] page_cache_sync_ra+0xaf/0xe0 [ 1286.407332][T21686] filemap_read+0x3d8/0x1720 [ 1286.411944][T21686] generic_file_read_iter+0x75/0x2c0 [ 1286.417229][T21686] ? __fsnotify_parent+0x340/0x440 [ 1286.422405][T21686] ext4_file_read_iter+0x1db/0x290 [ 1286.427643][T21686] generic_file_splice_read+0x24f/0x330 [ 1286.433277][T21686] ? splice_shrink_spd+0x60/0x60 [ 1286.438214][T21686] splice_direct_to_actor+0x2aa/0x650 [ 1286.443593][T21686] ? do_splice_direct+0x190/0x190 [ 1286.448628][T21686] do_splice_direct+0x106/0x190 [ 1286.453670][T21686] do_sendfile+0x675/0xc40 [ 1286.458205][T21686] __x64_sys_sendfile64+0x102/0x140 [ 1286.463415][T21686] do_syscall_64+0x44/0xa0 [ 1286.468912][T21686] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1286.474820][T21686] RIP: 0033:0x7f18cb6c4ae9 [ 1286.479234][T21686] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1286.498847][T21686] RSP: 002b:00007f18c941a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1286.507271][T21686] RAX: ffffffffffffffda RBX: 00007f18cb7d8020 RCX: 00007f18cb6c4ae9 23:12:24 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80003f00) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x80000001) 23:12:24 executing program 3: r0 = open(&(0x7f0000000180)='./bus\x00', 0x1eb142, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800006, 0x11, r0, 0x0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) ftruncate(r1, 0x2008001) io_submit(0x0, 0x1, &(0x7f0000008e80)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}]) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000000)) [ 1286.515299][T21686] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000006 [ 1286.523306][T21686] RBP: 00007f18c941a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1286.531293][T21686] R10: 0000000000201000 R11: 0000000000000246 R12: 0000000000000002 [ 1286.539366][T21686] R13: 00007ffde93a391f R14: 00007f18c941a300 R15: 0000000000022000 [ 1286.547347][T21686] 23:12:24 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500000011000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:24 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000025887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:24 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201000) (fail_nth: 23) 23:12:24 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3ba, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:12:24 executing program 3: clone(0x80040300, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) r1 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r1, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x0, 0x0, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) vmsplice(r1, &(0x7f0000000000)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="66530700ae897094e7b129b097eaa769be6d05c41b3a19ba4012c117e931b24e239a7353e71f8f2a9e1821905e913026a13acef70aecb2b9b3734d2e74c3ff0d28a58fe67970a3eaa77e26aced0b2c7879c1d3be77b6c92dd639629c0325254e15992119ff8dcfee0a38ca3241db9d5e3ed19eedb2da251a", 0xc4}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x30) ptrace$cont(0x18, r0, 0x0, 0x0) wait4(0x0, 0x0, 0x0, 0x0) tkill(r0, 0xb) r2 = gettid() process_vm_writev(r2, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) exit_group(0x0) 23:12:25 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa50000000000003f887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:25 executing program 3: ioctl$BTRFS_IOC_SUBVOL_CREATE_V2(0xffffffffffffffff, 0x50009418, &(0x7f0000000200)={{}, 0x0, 0x0, @unused, @name="4bc3c75e48c04b6c064b8c0da38bf881c3aa22783006240c7405859fceb82df26a346f0e83f55c6630f3c58c661a0122192aafeb655669a8353e318592695939fa0a0d8732aff0a2c2f8aea134c3f0e0772a8e438f873a02ef08aa01addcb863b976f4122aa053091feae7b6a454122105929600ba634a3776095746ee5209de920b7efaf14b01227146f9d9d7bd5b9de801a544f10051af6e10246a3ce049a77e322a32a343fdcd753ba4695c0663dee19b8757f1925a0b73e31a9353240ac88fe322503176294055dcfd025cc8c515d25a02283fd7b504dc05fa82d51b89fe0ad29f5984cb9e2da0f8dbb70b3c8e29e74b1ed2a53def65e5c4985c6c0eef30e921224b4b4ed48d9d4d61849a8af3f74270b4bef05c393a92f406c5aa5eb86dec5e931623ef63991a59765af782f6c60a02e5d21c11551e009bbe3845b1da395057f33924fdae28ba771f2036f1a1cf0bf1de795102767d17f5c098df076415d535670b7270a6bf4786e4a8266824ee837d1d2b28b5bf3a65f8bcec4c47a81c4d28df3a0eaf1de1ea3e083d08d184f477ea8990e5254889399ac205180c84be05b4a4a472cb93d4e01650a00447bd29b781c2aceb01f60c5d154bed2fb0336e71ec264c8c2eadd93ce5a69623447c101083003d4fbd2dce8464cdf10096ab631de294a89ec641821db5db855f0cb46f652cbe7d619862e0c73992e9e7b269aa72276a9e54898f77d22b512e450327be8a37a2df735e283762477c65a777343d850ff9ff9478e5759e7d3e40727de2192c8eff0766342a9d4dfe16e0f5aa628e2a3f6e4d408e79bbbf81db3e68c41d2ae29cdb8191a1f9a42d06d738314b11ed92d25027399c6f7dc8a3036424d88928bff7ae9712967c1bc5cc26b360545a8f22f28ca121841cf02e2b8422074e6ac246fd134490775752201bc39ba6610a7eff8571bb3fd5c70b82e83bf7c808ecfbe994f8342baccd82dc8a18fd7dbdab76a0ab93ec4c3f0a16f645cbf04141d1380108ece0afd76623e2942c94e92c230f1b8f7ef18850e09e157d3ea4ae5b339364c32786a8f075af92421f1866a9b333a28f5f61c15e65d71c6ba2eff04b914a45f97e5b31ae95035bedbea5524fccb7a1ad88d4569d9f7d135f49d92d6d8c0798883839d6497cc27a98ff145cfb7bececcce784d30462cb9529b6221d83d349da4811148a30f45e8057de474c57f4074c04e827d0652f96f28e8b71c32442545d4690408373d70272ce69adc3dd457586530ed286753097743c271d35561a659208c5a9b276a21d8ced64c9d4e187ba19393638423ea012ca3f3cfa8c48301570defec3beb553de0043811bfe2d1ec131509f6aa4d26c1508c1333e65a2ab2ef4bdd7bca20c7a700eb3311837e95d1f61e042fa90cdb85062ead234666d219afaa51f6317d1da1938d78356b0331a3948096899513cc455c6e3e3246023d36bb4643c4a62b86ac3ec6858d2a024b902376c450b89de88d2e80284e1eacf60dd3ba1ebd792836b23e2e1504a70d9d0aaea2c30d6ff18cc9977561e5f20116ae019aa4a491c36e52a0428139dd4862e457144e7669d1aa8c789d285234b74157f3eefe45b85f99d91dd6ff333e8f762c863574624b869e8767fb00fdb2aa5f67203865b7507b1137e958a1d1dc798e544a4005506372b32629f672bcd8ef10b6957f5bbc8da3be3ce18a1776d459e35c3e8c00538602d331b8203a7a5f38856deb9e0e8b20021ee31e12e749493c031ce21815ef841bffda89c93d63866a1aba31c7525d372e81fd96c2585799670ec211f6c615e39dfdc5c0174ce4c5f9c2f03cd403d94461ebea1e0dfe060e10c9973164850888a6dce6108b8589913725cbb0b244df5e2f0026a6614976d0e0ddf7c6cba937427722281a02085ffa6a36c356e11b2d9c775c85fdc966e8408d3440d70780c0ba7820d0296a71803e965d1733ef0a01815321d03b44877d873182bb72dc6c33af92476b1f0274821a075fefa509c901d6e352b630f7fc56cd7a692e33feb0a2f7a6a7ca8a84bad3aa09ae2c08db614e0362b8ab3b97daf772582f9576e3f1c8b2e09d2d55ca4123a9188f2930a780189ab3730a5eaebb16b8239fddd31c8b36f2731b9636d094caaebad25c4d6e72a116fe4dc8996005dab1aed5cc5dd53ad681213fae918a81f12c1c7865c001e2f1f148cbedca0828fcd797e5d61546daae267b233c663131e46028c3b8e30ee04f39505dedc153ad08f837091bd9c4e1fdec29b4064543849fddb30a8d9218b1eab45028b5a5824773633c0dcb53fd6aa03158bcb8e42bfbacfa8dc3ff971adc36fc31245fa6aef79b827a36809e084fb29f69d040606392a61a8d3f56759189d55bd654859924172b8fa7120e82681728f363acfa2b92edee67d4287ac8d89342765609481d1bbe981c1cee05305741db2fbdef213853fa0fbec3b023747529ba285cb9aaf4450d7fb32f35056ea509dbaf394aeaf56fac7dc1079ab01648c3dba213bb04eee8b261343d1f1cac42ced613da2467bf1c1ceeb9d2657b3ba981c87a4f5e1138b901564b0f78a6e1d05568f4d48a841e047288255d05c17413c1fab0455e415f5d8a8b107345a5c0f8fe645b292ad7a70eb7336302e14ad32c12191c6e274ac89dab2e06ec752c84582e9578a215e8dcf2670d7d262c4aaf57d6bf122d32dab6d221f9cdb424f5541c2364edc92744eb2c2888d2a845e732d2d7add1af8076b1a9da6396f87506121ed8dc5c8dfe6e97a1741185c67a78ffad95b3a05fe99ab3927b2e7bac24ff8249995dca973622b29e9bfd3e793421f44a58d32e518e2a75cfd17141417f22ffe0a8c95c7fc7c8bd78d71787131eea1f27b6e0bef1ef7bd2f1b669f82a35cebed6ebbb8249de3589a9bc5c7ae25917f81d90c248dc755fff8a039f36d967ec6f3d6244a9177cb3eb79ecba7eca28a94e71e8f02c77ded922c91b3abbb53ae8ddff4ab47dcbdb8521f4182935e2df8314439a0562a8e1b447bcd968d248df4f101e02a34a5c0cc8c55a9ec73a7f52452e775a2fee449fefe105ef3ea5530c418179f60d2a4569a91bf8c69222816d0804445b5cb53bb6e898883510cfebc42fac24d0b3d785a5d5ca4649b826a186071ed3f98d2c7543a3e0df24d74d9391ce766a4dc70c6d08cdb6af4f75bc4f9bbc0a5e80859efef6dcc1aa3a2e776509d23a33fcf83d0ea1ee8e0875fc0e80a7f4c489c604afa0f550fcd49466bea92191523650aa445bfc1b0eb0e01e4e1094fe97522962118b91fb513841d87958e7996f39e8c070280dbdb3e999c252e70cec5188f78a9162b260f8e8f99fd9b3df875e584d98296752d448df46dc4246755121a1cafcc828c0ca6dd4655c66450f7bd5d329bddf970090c0549b833b47c40ae891d68cf2986d4571d6a0e9c6b326442583d04f0468d8ade4638e149bab2470554364a6427896b9069683d70568373df0f2b8b675d0135de74fcba823a126a75bce3dfd21fec07e73656440949bce1a6f4d79623f326e10a657dca20d79de31164d196ff44f37cfafe8a90d29d134efc82db36e5eb633d208fa330cd6cd5c4cb501e1ce97cd856398687c0ce47386ca039d5612829e0f8d0260e61a2d2922113ee7e9f0fa3de6afbd89ef6bca7300174830bff3f947ae4499fd357041bd8aebd3c80d17120e42837d856aeb03d219fccd0a52440a593b7fd9dff080b2e89dfebf0548fc9a18e335d60f393f06781534281d6d4d36a66e5a641a30d04ebf6cf78966a5629a44e6f02ad3e3c26ca32423485ae68f946f4c48cf5e912fb3ff5c74b60e840cc6e341fb770fae39d9c693f27fa007d2721e0db8bd2ecfb9b9d4eb4b819b081b5f67945b0ab0b8ade0f2e036b56e7178493ec795c9022caecff6e0fc81b97d57b6cf225f268586720519bb6fab0c4a33b55df853c8667acb9e96e94924237a68aa05aecc6a4e1af2e89aed086185c5b9444da34fa9e210a2ae7a8aa59dfd1a7297c641f06c274833bdbef7988b8cbef65e030bad5efcff9bab562f1a65d8b64ee2f0247feec41bace55b8fb51fc0b04a15c3fcd09be371696bbbc6ee76830ef1f4ffba28446e36bf39d489f0250fbf9d588623e1f6b62d874f9b76bc86517f7ed8d8a1bf82b5e2ba392658cc317227258aa7f2aae9c4a636b9698f85bc4fe577e246d04531c8fe6ad38386baccf3a6ad7429b78acabdebe0805f17b5a43aacd00b42d86b9d127b25feb950c12eab58e7a2600864afa643f3e5b50dd8d89beb6410b674397c79fbf351e63b0680620871c08f7d06b2a4aa222d299a10b31fb28cbc4c170eea4c4d8033c5d4ea4bece9f048bd63961c25e63e941f3248d6af72f7a814bc16b51e22b54e7c84e9f3076f59b505e6e84838c955ad8be00dd594fca33595c2ab85f80a197cd045f738294704f516c23d7a11d0e26a41a834c6f19f48179b27953917f065ecf275ca7bdca5819ff48cbc993a8853e85bf5c8e81f00b9cb3f25e16bd611e7fa5fb2beed364578b6871d4bbcc8363467b4123c844e894933dd2b703044afba08d3564c801e83efd11dc6aa153249a153718235c015f030c6576f8d8a03fce268a5934fd30187e386699d4c85cde2b9e56bb0da27d40de33c996023489378a09719e85623bf1b7fd36d0f33980d99afe2be5ae115146ecf55028ae41650ee83e8b12c09c0bae234aaba04c42da9f5f7552f11567543f83957dd087e56d4d3d7318445e7a74827bc266fba8518e1bcf2bc2f7906a3606f1628d7550d7ddebade6f58fb9b1a2fd8a2013de98b1200c398b066197a1ab281e11a93e33c7b8514b98d574a09ba9cbae385baeac17759baaed0779803b7964f4d57e1e4f8d3e16e3602dfe4715597056ebcc6ec84de6b71bd3e196a2897a3852868eaf70c0fc8651b9ff779220d44989f0d20adb763b1be1b65dfb1dcdf8f1078df8b461b185bf17385ed61a7457fa348b6ea495643a78b4c8ddf521991527060bc38292ff278881be04e27e24c5ef9988b2f4449f7eeca220a269fa49609370dc6a3b230fc86787d33696927e4bbb1e2f91c9d55a1f2416ee30076c0446d9afd77732591e6a8cff4b0b5e04ff1ce2baa995041b8149ac8b98c4f6d2e8382bc38629aa926ff14d50ed8e7260978abe23fa595ee07a227f0d7f7f979aeaadcac84ee183cd3c75f90f76e85405556f4b2da9e7e29ff5251c3a8c8bf9010b93d84530841c19fefaa1ef92b65618b1b26e004433eca2d21ad371bc1f2edca16424a4af47f72727ce884fe9d7410a241dea87a4f3b18712dd0badf6d382c3023ac8ca03a24b5e6df5417ab0ddb9a2da98510b07d6c37df45a0afd9df8bb659b656396e87eccbb52c558f859c409e4f5fd6cb36e7d973d5e828bcefdff27abc30d5a83d75a6af749ea798d30560732fb329e9081b8d5dd7734637dbfeb5af293de4ec884a58aa1769aee4aa04764049d1dc41215704cfab6fc962b550618018140fb16843f9838a4b8d3b6fd374a580ddaef28fa571ce313498b4c7cd33c84b1de77b37323089f46880abe99924033a699d01574ee2ec6a7dcd56f6168fdbc5a94f3e1ab7a6ec80c43639053d1ea74768d0e9aac2b2c6ea719c9ccb18a46c04fb8a4d08eb983c47fbec7ba674bd8e07e9fee44b78ee0a948340813554a6ee3b64d3bfc31e226783f6329a3836a741e6ccde80126b24f63d3"}) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) signalfd(0xffffffffffffffff, 0x0, 0x0) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201000) sendmsg$nl_generic(r2, &(0x7f0000001380)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000001340)={&(0x7f0000001280)={0xb4, 0x33, 0x200, 0x70bd2c, 0x25dfdbfb, {0x16}, [@typed={0x9d, 0x30, 0x0, 0x0, @binary="924d1d89712e7e7effdad370ee958f60fa272f37bc02b98a646db57c3d9a0e02b0502f78b23ded1d0a26023ee7443b86e6bfdcadd3dc5a3e2184e7745850df5516b75cbaa7f0afc18daa60aa77d527074262722f34d4455c9d91e5ae7c9aa623367b679c01a0e3e1d6814d63a0c9d8513dfa4436c8b0142697ca7dee38a6e3f529719dc6e5cf7fb7164d14d62ecb94c5eedc2e83061efc0c30"}]}, 0xb4}, 0x1, 0x0, 0x0, 0x4000001}, 0x4000000) ioctl$BTRFS_IOC_BALANCE_PROGRESS(0xffffffffffffffff, 0x84009422, 0x0) recvmsg$unix(r1, &(0x7f0000001700)={&(0x7f00000013c0), 0x6e, &(0x7f0000001540)=[{&(0x7f0000001440)=""/45, 0x2d}, {&(0x7f0000001480)=""/173, 0xad}], 0x2, &(0x7f0000001580)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x150}, 0x2) sendfile(r0, r4, 0x0, 0x5) writev(r0, &(0x7f0000000080)=[{&(0x7f0000000100)="8e0e9b4b081b28559b334a", 0x12e9}], 0x1) r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) write$binfmt_misc(r1, &(0x7f0000001200)={'syz1', "cdc8893a009ea0287c718272abdbafe687f81454268fcbcb292d362bca9e34888ad20c9e1991f3f50a5e45a7dee924caa78ec7b644734ce8e03ceb336f6d5edb21387c4c531a31c5ac7234961cf85de2"}, 0x54) ioctl$SG_IO(r5, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x0, 0x0, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) write$binfmt_script(r5, &(0x7f0000000000)={'#! ', './file0', [{0x20, ':,$'}, {}, {0x20, ',&{+\x00'}, {0x20, '-\xa8%*\x98'}, {}, {0x20, ').#+-@]'}], 0xa, "9d54d25cfc14b9caefb1973df198dcdc3b2fb2613d63551295263268e76046bcc661c74ca27af9d8acc8ba204186c0f260d0164c249f1079728a366f1d7cb5b3b59b4d60efb2b65fb5c4e52bb44f7afc3fe1f76ebd9d21"}, 0x7c) write(0xffffffffffffffff, &(0x7f0000000140)="4934ff918946b41a737c1adca4bc231ac29b0832525ccdf68e05828de23a35ba3890a668fb8d8d48f0fe945e57ac1976cb9942a2ffd079eda2e3b8fcf33060d3fb8da663045c3919585805d2f03c601ff92b800e5e2463c136a4e54c24210a98d64d4b1df28e6a5d28643039cf4b3bbfe1e950dbccbd64b2989d647cb099924ba6534b303d227ddf9c424961b533b326883736cf70a42d1b1569b757b47a54cd8e32260fd1f1e78d6b036d2316", 0xad) ioctl$PIO_FONTRESET(r0, 0x4b6d, 0x0) [ 1286.770164][T21806] loop2: detected capacity change from 0 to 1 [ 1286.848070][T21911] FAULT_INJECTION: forcing a failure. [ 1286.848070][T21911] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1286.861352][T21911] CPU: 0 PID: 21911 Comm: syz-executor.4 Tainted: G W 5.15.0-syzkaller #0 [ 1286.871183][T21911] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1286.881244][T21911] Call Trace: [ 1286.884563][T21911] [ 1286.887496][T21911] dump_stack_lvl+0xd6/0x122 [ 1286.892098][T21911] dump_stack+0x11/0x1b [ 1286.896256][T21911] should_fail+0x23c/0x250 [ 1286.900855][T21911] __alloc_pages+0x102/0x330 [ 1286.905442][T21911] alloc_pages+0x382/0x3d0 [ 1286.909860][T21911] folio_alloc+0x1a/0x20 [ 1286.914099][T21911] filemap_alloc_folio+0x53/0xf0 [ 1286.919111][T21911] page_cache_ra_unbounded+0x1c0/0x430 [ 1286.924723][T21911] ondemand_readahead+0x4f8/0x700 [ 1286.929746][T21911] page_cache_sync_ra+0xaf/0xe0 [ 1286.934588][T21911] filemap_read+0x3d8/0x1720 [ 1286.939180][T21911] generic_file_read_iter+0x75/0x2c0 [ 1286.944505][T21911] ? __fsnotify_parent+0x340/0x440 [ 1286.949645][T21911] ext4_file_read_iter+0x1db/0x290 [ 1286.954746][T21911] generic_file_splice_read+0x24f/0x330 [ 1286.960279][T21911] ? splice_shrink_spd+0x60/0x60 [ 1286.965225][T21911] splice_direct_to_actor+0x2aa/0x650 [ 1286.970654][T21911] ? do_splice_direct+0x190/0x190 [ 1286.975666][T21911] do_splice_direct+0x106/0x190 [ 1286.980505][T21911] do_sendfile+0x675/0xc40 [ 1286.984908][T21911] __x64_sys_sendfile64+0x102/0x140 [ 1286.990097][T21911] do_syscall_64+0x44/0xa0 [ 1286.994555][T21911] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1287.000464][T21911] RIP: 0033:0x7f18cb6c4ae9 [ 1287.004867][T21911] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1287.024464][T21911] RSP: 002b:00007f18c941a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1287.032914][T21911] RAX: ffffffffffffffda RBX: 00007f18cb7d8020 RCX: 00007f18cb6c4ae9 [ 1287.040873][T21911] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000006 23:12:25 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3bb, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) [ 1287.048926][T21911] RBP: 00007f18c941a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1287.056881][T21911] R10: 0000000000201000 R11: 0000000000000246 R12: 0000000000000002 [ 1287.064840][T21911] R13: 00007ffde93a391f R14: 00007f18c941a300 R15: 0000000000022000 [ 1287.072845][T21911] [ 1287.088968][T21806] loop2: detected capacity change from 0 to 1 23:12:25 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000040887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:25 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500000012000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:25 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80004000) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x80000001) 23:12:25 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3bc, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:12:25 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201000) (fail_nth: 24) 23:12:25 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000080040887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:25 executing program 3: r0 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r0, 0x2007fff) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r1, r0, 0x0, 0x201000) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000500)) ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f0000000000)={0x1, 0x0, 0x20, 0x18, 0x19b, &(0x7f00000000c0)}) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x0, 0x0, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fcntl$getflags(r2, 0x408) syz_read_part_table(0x0, 0x1, &(0x7f00000004c0)=[{&(0x7f0000000040)="0201a5ffffff0a000000ff45ac0000ffffffa9000800000000000000024000ffffff82000000e1000000887700720030070082ffffff00000000008000db55aa", 0x40}]) [ 1287.400935][T22028] loop2: detected capacity change from 0 to 1 [ 1287.467949][T22028] loop2: detected capacity change from 0 to 1 23:12:25 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3bd, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:12:25 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000048887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:25 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500000020000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1287.587659][T22139] FAULT_INJECTION: forcing a failure. [ 1287.587659][T22139] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1287.600955][T22139] CPU: 0 PID: 22139 Comm: syz-executor.4 Tainted: G W 5.15.0-syzkaller #0 [ 1287.610797][T22139] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1287.620860][T22139] Call Trace: [ 1287.624149][T22139] [ 1287.627147][T22139] dump_stack_lvl+0xd6/0x122 [ 1287.631847][T22139] dump_stack+0x11/0x1b [ 1287.636009][T22139] should_fail+0x23c/0x250 [ 1287.640444][T22139] __alloc_pages+0x102/0x330 [ 1287.645079][T22139] alloc_pages+0x382/0x3d0 [ 1287.649582][T22139] folio_alloc+0x1a/0x20 [ 1287.653831][T22139] filemap_alloc_folio+0x53/0xf0 [ 1287.658783][T22139] page_cache_ra_unbounded+0x1c0/0x430 [ 1287.664335][T22139] ondemand_readahead+0x4f8/0x700 [ 1287.669492][T22139] page_cache_sync_ra+0xaf/0xe0 [ 1287.674494][T22139] filemap_read+0x3d8/0x1720 [ 1287.679081][T22139] generic_file_read_iter+0x75/0x2c0 [ 1287.684363][T22139] ? __fsnotify_parent+0x340/0x440 [ 1287.689487][T22139] ext4_file_read_iter+0x1db/0x290 [ 1287.694682][T22139] generic_file_splice_read+0x24f/0x330 [ 1287.700252][T22139] ? splice_shrink_spd+0x60/0x60 [ 1287.705196][T22139] splice_direct_to_actor+0x2aa/0x650 [ 1287.710966][T22139] ? do_splice_direct+0x190/0x190 [ 1287.716036][T22139] do_splice_direct+0x106/0x190 [ 1287.720923][T22139] do_sendfile+0x675/0xc40 [ 1287.725438][T22139] __x64_sys_sendfile64+0x102/0x140 [ 1287.730740][T22139] do_syscall_64+0x44/0xa0 [ 1287.735248][T22139] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1287.741243][T22139] RIP: 0033:0x7f18cb6c4ae9 [ 1287.745661][T22139] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1287.765837][T22139] RSP: 002b:00007f18c941a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1287.774287][T22139] RAX: ffffffffffffffda RBX: 00007f18cb7d8020 RCX: 00007f18cb6c4ae9 23:12:26 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa50000000000004c887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:26 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3be, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) [ 1287.782266][T22139] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000006 [ 1287.790244][T22139] RBP: 00007f18c941a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1287.798222][T22139] R10: 0000000000201000 R11: 0000000000000246 R12: 0000000000000002 [ 1287.806217][T22139] R13: 00007ffde93a391f R14: 00007f18c941a300 R15: 0000000000022000 [ 1287.814177][T22139] 23:12:26 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201000) (fail_nth: 25) 23:12:26 executing program 3: pwritev2(0xffffffffffffffff, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x307e00}], 0xc2, 0x4200, 0x8, 0x3) r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x0, 0x0, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) dup2(0xffffffffffffffff, r0) [ 1287.896352][T22253] loop2: detected capacity change from 0 to 1 [ 1287.959464][T22253] loop2: detected capacity change from 0 to 1 23:12:26 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3bf, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:12:26 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000068887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:26 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500000022000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:26 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80008100) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x80000001) 23:12:26 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x0, 0x0, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f000004c600)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x0, [{}, {}, {}, {0x0, r2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r2}], 0x1, "2156816c73038c"}) r3 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r3, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x0, 0x0, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000002400)='./file0\x00', 0xff7ffffffffff000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000300000000f000000000000000200000002000000008000000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000000002", 0x5a, 0x400}, {&(0x7f0000010400)="02000000030000000400000030000f", 0xf, 0x1000}, {&(0x7f0000010500)="ffff000000000000ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x1002, 0x2000}, {&(0x7f0000012600)="ed41000000100000dbf4655fdcf4655fdcf4655f000000000000040008", 0x1d, 0x4200}], 0x0, &(0x7f00000000c0)=ANY=[@ANYRES64, @ANYRES16=r0, @ANYRESHEX=r0, @ANYRES64, @ANYRES64=r0, @ANYRES64=r1, @ANYRES16=r3]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f00000002c0)='./bus\x00', 0x0) r4 = creat(&(0x7f0000000080)='./bus/file0\x00', 0x0) ioctl$EXT4_IOC_GROUP_EXTEND(r4, 0x40086607, &(0x7f0000000340)=0x81) faccessat2(r4, &(0x7f0000000100)='./file0\x00', 0x22, 0x1100) [ 1288.114960][T22367] FAULT_INJECTION: forcing a failure. [ 1288.114960][T22367] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1288.128300][T22367] CPU: 0 PID: 22367 Comm: syz-executor.4 Tainted: G W 5.15.0-syzkaller #0 [ 1288.138125][T22367] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1288.148195][T22367] Call Trace: [ 1288.151472][T22367] [ 1288.154399][T22367] dump_stack_lvl+0xd6/0x122 [ 1288.159024][T22367] dump_stack+0x11/0x1b [ 1288.163190][T22367] should_fail+0x23c/0x250 [ 1288.167675][T22367] __alloc_pages+0x102/0x330 [ 1288.172263][T22367] alloc_pages+0x382/0x3d0 [ 1288.176682][T22367] folio_alloc+0x1a/0x20 [ 1288.180968][T22367] filemap_alloc_folio+0x53/0xf0 [ 1288.185906][T22367] page_cache_ra_unbounded+0x1c0/0x430 [ 1288.191371][T22367] ondemand_readahead+0x4f8/0x700 [ 1288.196405][T22367] page_cache_sync_ra+0xaf/0xe0 [ 1288.201269][T22367] filemap_read+0x3d8/0x1720 [ 1288.205864][T22367] generic_file_read_iter+0x75/0x2c0 [ 1288.211153][T22367] ? __fsnotify_parent+0x340/0x440 [ 1288.216275][T22367] ext4_file_read_iter+0x1db/0x290 [ 1288.221469][T22367] generic_file_splice_read+0x24f/0x330 [ 1288.227044][T22367] ? splice_shrink_spd+0x60/0x60 [ 1288.232006][T22367] splice_direct_to_actor+0x2aa/0x650 [ 1288.237433][T22367] ? do_splice_direct+0x190/0x190 [ 1288.242478][T22367] do_splice_direct+0x106/0x190 [ 1288.247435][T22367] do_sendfile+0x675/0xc40 [ 1288.251892][T22367] __x64_sys_sendfile64+0x102/0x140 [ 1288.257166][T22367] do_syscall_64+0x44/0xa0 [ 1288.261725][T22367] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1288.267631][T22367] RIP: 0033:0x7f18cb6c4ae9 [ 1288.272080][T22367] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1288.291717][T22367] RSP: 002b:00007f18c941a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1288.300139][T22367] RAX: ffffffffffffffda RBX: 00007f18cb7d8020 RCX: 00007f18cb6c4ae9 [ 1288.308115][T22367] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000006 23:12:26 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa50000000000006c887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1288.316095][T22367] RBP: 00007f18c941a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1288.324075][T22367] R10: 0000000000201000 R11: 0000000000000246 R12: 0000000000000002 [ 1288.332050][T22367] R13: 00007ffde93a391f R14: 00007f18c941a300 R15: 0000000000022000 [ 1288.340029][T22367] [ 1288.352459][T22372] loop3: detected capacity change from 0 to 264192 [ 1288.379186][T22372] EXT4-fs (loop3): Unrecognized mount option "ÿÿÿÿÿÿÿÿ" or missing value [ 1288.401482][T22376] loop2: detected capacity change from 0 to 1 [ 1288.424247][T22372] EXT4-fs warning (device sda1): ext4_resize_begin:73: There are errors in the filesystem, so online resizing is not allowed [ 1288.444221][T22427] loop3: detected capacity change from 0 to 264192 [ 1288.461564][T22427] EXT4-fs (loop3): Unrecognized mount option "ÿÿÿÿÿÿÿÿ" or missing value 23:12:26 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3c0, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:12:26 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201000) (fail_nth: 26) 23:12:26 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x1819c0, 0x0) ioctl$VT_SETMODE(r2, 0x5602, &(0x7f0000000440)={0x0, 0xc, 0x100, 0x8001, 0x80}) ioctl$TCSETA(r0, 0x5406, &(0x7f0000000040)={0x3f, 0x1, 0xe9c1, 0x8f, 0x6, "c6358db119b5bf2a"}) ioctl$SG_IO(r1, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x80, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3906e057f0f", 0x0, 0x0, 0x0, 0x0, 0x0}) syz_open_dev$ptys(0xc, 0x3, 0x1) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xc0f10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x0, 0x0, @buffer={0x0, 0xbf, &(0x7f0000001480)=""/191}, 0x0, 0x0, 0x0, 0x20, 0x2, 0x0}) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f0000000180)=ANY=[@ANYBLOB="0100000001cb005c538677735d748b707989e1156437ffad2379be56e560e8f3732ada76213fe8c5d5f12846", @ANYRES32=r3, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00./file0\x00']) syz_open_procfs$namespace(0xffffffffffffffff, 0x0) syz_open_procfs(0x0, 0x0) r4 = socket$inet6(0x10, 0x2, 0x0) sendto$inet6(r4, &(0x7f0000000240)="900000001c001f4d154a817393278bff0a80a578020000000300740014000100ac1414bb0542d6401051a2d708f37ac8da1a297e0099c5ac0000c5b068d0bf46d323456536016466fc621c9ce921202ab78dcaaf6c3efed495a46215be0000760700c0c80cefd285810258ba86c9d2896c6d3bca2d0000000b0015009e49", 0x7e, 0x0, 0x0, 0x0) r5 = socket$inet6(0x10, 0x2, 0x0) sendto$inet6(r5, &(0x7f0000000240)="900000001c001f4d154a817393278bff0a80a578020000000300740014000100ac1414bb0542d6401051a2d708f37ac8da1a297e0099c5ac0000c5b068d0bf46d323456536016466fc621c9ce921202ab78dcaaf6c3efed495a46215be0000760700c0c80cefd285810258ba86c9d2896c6d3bca2d0000000b0015009e49a6560641263da4de1df32c1739d7fbee9aa2", 0x90, 0x0, 0x0, 0x0) sendto$inet6(r5, &(0x7f0000001600)="900000001d001f4d154a817393278bff0a0ba578020000000404840014000100ac1414bb0542d6401051a2d708f37ac8c61a297e0099c5ac0000c5b068d0bf46d3f02df51e8d62439c01800000000000006536016466fcb78dcaaf6c3efed495a46215be0000766436c0c804efd28581d158ba86c9d2896c0e54ade3020a3fd76cd916052754596d3bca2d00a754b6ad88985665d43546fa3f15d2bcfb907442668986ae83300efde2ccac37cce5b22f326c81a5190d509355635ec6e4296b", 0xbf, 0x24004000, 0x0, 0x0) r6 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000100), 0x20340, 0x0) recvfrom$inet6(r6, &(0x7f0000000480)=""/4096, 0x1000, 0x100, &(0x7f0000000140)={0xa, 0x4e21, 0x2b, @private1={0xfc, 0x1, '\x00', 0x1}, 0x4}, 0x1c) 23:12:26 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000074887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1288.493986][T22376] loop2: detected capacity change from 0 to 1 23:12:26 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500000025000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:26 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3c1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) [ 1288.722127][T22589] FAULT_INJECTION: forcing a failure. [ 1288.722127][T22589] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1288.735397][T22589] CPU: 0 PID: 22589 Comm: syz-executor.4 Tainted: G W 5.15.0-syzkaller #0 [ 1288.745220][T22589] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1288.755322][T22589] Call Trace: [ 1288.758755][T22589] [ 1288.761688][T22589] dump_stack_lvl+0xd6/0x122 [ 1288.766284][T22589] dump_stack+0x11/0x1b [ 1288.770503][T22589] should_fail+0x23c/0x250 [ 1288.774931][T22589] __alloc_pages+0x102/0x330 [ 1288.779530][T22589] alloc_pages+0x382/0x3d0 [ 1288.784064][T22589] folio_alloc+0x1a/0x20 [ 1288.788314][T22589] filemap_alloc_folio+0x53/0xf0 [ 1288.793263][T22589] page_cache_ra_unbounded+0x1c0/0x430 [ 1288.798818][T22589] ondemand_readahead+0x4f8/0x700 [ 1288.803860][T22589] page_cache_sync_ra+0xaf/0xe0 [ 1288.808825][T22589] filemap_read+0x3d8/0x1720 [ 1288.813479][T22589] generic_file_read_iter+0x75/0x2c0 [ 1288.818826][T22589] ? __fsnotify_parent+0x340/0x440 [ 1288.823994][T22589] ext4_file_read_iter+0x1db/0x290 [ 1288.829118][T22589] generic_file_splice_read+0x24f/0x330 [ 1288.834680][T22589] ? splice_shrink_spd+0x60/0x60 [ 1288.839666][T22589] splice_direct_to_actor+0x2aa/0x650 [ 1288.845091][T22589] ? do_splice_direct+0x190/0x190 [ 1288.850131][T22589] do_splice_direct+0x106/0x190 [ 1288.854993][T22589] do_sendfile+0x675/0xc40 [ 1288.859421][T22589] __x64_sys_sendfile64+0x102/0x140 [ 1288.864763][T22589] do_syscall_64+0x44/0xa0 [ 1288.869247][T22589] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1288.875312][T22589] RIP: 0033:0x7f18cb6c4ae9 [ 1288.879849][T22589] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1288.899551][T22589] RSP: 002b:00007f18c941a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1288.908113][T22589] RAX: ffffffffffffffda RBX: 00007f18cb7d8020 RCX: 00007f18cb6c4ae9 23:12:27 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80008200) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x80000001) 23:12:27 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa50000000000007a887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1288.916103][T22589] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000006 [ 1288.924097][T22589] RBP: 00007f18c941a1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1288.932145][T22589] R10: 0000000000201000 R11: 0000000000000246 R12: 0000000000000002 [ 1288.940185][T22589] R13: 00007ffde93a391f R14: 00007f18c941a300 R15: 0000000000022000 [ 1288.948223][T22589] [ 1289.002718][ C1] sd 0:0:1:0: tag#6831 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s [ 1289.012589][ C1] sd 0:0:1:0: tag#6831 CDB: opcode=0xe5 (vendor) [ 1289.018974][ C1] sd 0:0:1:0: tag#6831 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c [ 1289.028001][ C1] sd 0:0:1:0: tag#6831 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 6e 05 7f [ 1289.037037][ C1] sd 0:0:1:0: tag#6831 CDB[20]: 0f 23:12:27 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201000) (fail_nth: 27) [ 1289.061483][T22597] netlink: 96 bytes leftover after parsing attributes in process `syz-executor.3'. [ 1289.074993][ C1] sd 0:0:1:0: tag#6838 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s [ 1289.075362][T22605] loop2: detected capacity change from 0 to 1 [ 1289.084863][ C1] sd 0:0:1:0: tag#6838 CDB: opcode=0xe5 (vendor) [ 1289.097447][ C1] sd 0:0:1:0: tag#6838 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c 23:12:27 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000240)="e5db32734e096d26e2c735d135121c921bda40a0585ba8d47d34f3904cf12dba00", 0x0, 0x101, 0x0, 0x0, 0x0}) fcntl$lock(0xffffffffffffffff, 0x40d, 0x0) open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f0000000280)=""/136, 0x88}], 0x1, 0x0, 0x0) pwritev2(0xffffffffffffffff, &(0x7f0000000240), 0x0, 0x4200, 0x0, 0x3) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x2, 0x1, 0x5, 0x0, 0x0, 0x8, 0x8001a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_config_ext, 0x42390, 0x0, 0x400, 0x6, 0x8, 0xfffffff7, 0x0, 0x0, 0x4, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) preadv(0xffffffffffffffff, &(0x7f00000008c0)=[{&(0x7f00000000c0)=""/127, 0x7f}, {&(0x7f0000000500)=""/103, 0x67}, {&(0x7f0000000580)=""/232, 0xe8}, {&(0x7f0000000680)=""/233, 0xe9}, {&(0x7f0000000780)=""/186, 0xba}, {0x0}, {&(0x7f0000000340)=""/33, 0x21}, {&(0x7f0000000140)=""/90, 0x5a}, {0x0}, {&(0x7f00000044c0)=""/4096, 0x1000}], 0xa, 0x0, 0x0) r1 = socket$inet(0x2, 0x3, 0x1b) mmap(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x0, 0x100010, r1, 0x57ec2000) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x0, 0x0, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0}) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, r2, &(0x7f0000000040)={0x2002}) unshare(0x62020400) gettid() dup2(0xffffffffffffffff, 0xffffffffffffffff) clone(0x0, 0x0, 0x0, 0x0, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, 0x0) clone(0x11824900, &(0x7f0000000080)="c2c0", &(0x7f00000001c0), &(0x7f0000000440), &(0x7f00000024c0)="afbbfc07d73bbc841ece1e655be4d0cd8c6eac610735962badd36e0d2971a19b70e8d8eeb10f046751c86347cf761a2561ff36b19751812096ff5e474e8bf25f3b49be02c63dcf64627be56e695737d210ac36f246ccb182b7a32ba42c362d45e0f6a87d5bcce462b979966694e7adf3f0c8b4bfbae6b9c38727a5a92b6de419e3ba29d8586847a0eaad28e427b1a385075a4cd1e201136b156720db9c1e7f06a78f7bcd0cb93510c1df1ccbe1babd2dd72437af2ed455a9014fb476823306fcbf5c0f5b29a0890f2c98329317bfdc917123029e63014baa7d8065940ac11b23f0d426cc5a9c21a88a1d830fb032dca90adf6c2a240e8f39b66426af4354b569c1faf1075321e6e675ececdef81fc6cb495890fec7a321633cc570abcf0b0e20a90e0f3c6f50714da011cfef95abc8366f2109548f8036c3d99a1b8bbdfbef9fff54d5f63b3e2dabe75bb79828cdd5a36cc45c99a26630ed2815f631383795853f491bcfc1250cc83ec074424a5fe91cbf579dc2c2413e07464331c6d6c706445fbc95df2554186df97d24084659fe4c0c5b9cf6e7eb65135e832a25468344310a3156f839cfe84f9352c6fc23db889a06e97521cdb7b60e8742891a40aa7e8d0b2e734d5cb07cb8ee0546e45433fcc80f1b80b0214787fb84e78eb21de662782629048a0961819ed5b32d88bf60ac5b19c6d8efc04d0a5c23fcc57d8ae8da398321603921162dc3f42224f2dbac9c916d18e885ae787b972075faca52b40d5a132a0b3ad7fb6993f3bc7668b3b8747160476d9f0d44bfb3b026ae99bb33163a5f1311cd1bf57e2b33a2bd91afebae1e8aacecb26046732f6ea7f9c2342c20845f69cb34d55eeb4fbb467a5116090421f3ecaa23045850ba9caccd9eb3ebfa590597454ed2c7a98fcfaa8a003cf1ec6743956e2c31a775af6c58c4739439b83995cb5d6234b74fc78e44f2947c7e5555de40249cc4ea529ff2bff7f23350216891af66d0edb21a70881da81e01ed9d6f55c0ed2e33157403df93ae7251394de08338f3d81968e871a9acccb664c16c69d272fae68b1ccd9606f68ec9a63e6754eb9593e4a9f55ecc3b3fc8a6384716b15ebbd08e0d76c02f13a998a625e1a95bee7c7312263788a730520911892e467f7d15c86f3b22a5e6145950802acfdb65468714c83c2fed4ad033365ecb98dc2119cb3d35dcaa2e358f595201e565556f187bb43fd4472de91c5a85f2e1faf76addf06793d8f7c127142cf24a5d2429ae300328197376a5f0cc6b9c63497b226a7a0eebd5ce098b8229eb3648fb2b90ecbc198baa6b5e535c0b24f0ec4169dc24fef264ffc965a478dd84752acc1204959ef90fe5c1d1b2905f670142511c6de0c02e7228122cb961b3b9e47ee50832fc2ceaa013824c826d80049cf5cb50865a3b1f2fdbc37e7c47f5d4d21339a9f2769b296b33b6736c60e9ccf2b2a52fd96d3d60b7619c6003e50ec55a0851b6d422dfd1092d3e8a2fae34598dedda22aab8766e2d955aae330d8fbf0526f8eba76ca881a0d2d1bdc17a9a41e10fe1d62bf52b1f77d416478b104695b1c047a5d1604279055f4c096e2357b44c2dad81f6c287010162b84fde4d5e1625d8a7ef550b94e82b3f8e418bb5e38a94a502d1968af69ea3365e322955177a05589660b6827d8cdc06ca4d34be25e77ce533aa4a1b98a9ccebf0df8ec20404e6241962ee3c8dca273a5eb4b460bf57d68b33d033f881481c143d118c4e3d2d06b42e4c767278067d44efbbbc890b3db92070d27075929a17d2bbf8fcefc54578302e838a1c259882649313450a8be7684f918ffed0b7bfc5301d09125e20e1be2603c7976a1da331a414b7d08c03b7e35cf6ee262ae2cdff3c42b28d0e42e3cbdf2727022df16a4646fe431fdcb95b7569e764557adfa2682bef9e54c770280b884e482a168abe0420c97413c7500f3ce9085d572f1c130713d60c3881ccf05a710f56dde53efb14289941f70e9f6728af07ed6ed3215d58666134289f0e340abe75de36dd120a66df654b7cf9894dd9d0f07282cf4dbbc2b8b1f882c41878e8614a881963964ce9a0331dc8aa1d8af7c81e11cccb2df55eff3120dbc88db1a133b05d7f64fbaa62908ae20158b9da904f3051b6f18164db4b4d7a3ee6744185b54c00be2d8f1d4483310e550714b532b99a0ba8890e8a984bc9388b228f0112346195249cc9c7a58601cf9972c62124104270a858998fcc43d1ce188446e736c96528eb521582e08289c51f0e13ded99730ad813d4d21460ac47a8a15b18c6eaf13d9daf0a34ad51e9f5bff3e9463dbb1b728b668764120a081cd5a228dab188da0dd7f36012540469d05ba6ddb5add3493ba0f54536c906ed6cc4e86cea58d209bae591755c12f292423afc2e1ef44ec95a0d361fc89de7d26f15cc38f3a0e2076c2d3c549531a0fc2201bd97864a696e3414ba06597afa1ef116a26c142629eb8741c61b45834ed41bcd5bf522157a40447e875029ee0c0c2b43818d3") ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, 0x0) 23:12:27 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3c2, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) [ 1289.106493][ C1] sd 0:0:1:0: tag#6838 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 6e 05 7f [ 1289.115534][ C1] sd 0:0:1:0: tag#6838 CDB[20]: 0f [ 1289.122736][T22619] netlink: 96 bytes leftover after parsing attributes in process `syz-executor.3'. 23:12:27 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa50000000000017d887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1289.225941][T22605] loop2: detected capacity change from 0 to 1 23:12:27 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa50000003f000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1289.350779][ C0] sd 0:0:1:0: tag#6795 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s [ 1289.361573][ C0] sd 0:0:1:0: tag#6795 CDB: opcode=0xe5 (vendor) [ 1289.368098][ C0] sd 0:0:1:0: tag#6795 CDB[00]: e5 db 32 73 4e 09 6d 26 e2 c7 35 d1 35 12 1c 92 [ 1289.377151][ C0] sd 0:0:1:0: tag#6795 CDB[10]: 1b da 40 a0 58 5b a8 d4 7d 34 f3 90 4c f1 2d ba [ 1289.386199][ C0] sd 0:0:1:0: tag#6795 CDB[20]: 00 [ 1289.417870][ T23] audit: type=1400 audit(1636067547.636:737): avc: denied { map } for pid=22706 comm="syz-executor.3" path="socket:[134478]" dev="sockfs" ino=134478 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 1289.441694][ T23] audit: type=1400 audit(1636067547.636:738): avc: denied { read } for pid=22706 comm="syz-executor.3" path="socket:[134478]" dev="sockfs" ino=134478 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 23:12:27 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201000) [ 1289.454495][ C0] sd 0:0:1:0: tag#6807 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s [ 1289.475381][ C0] sd 0:0:1:0: tag#6807 CDB: opcode=0xe5 (vendor) [ 1289.481707][ C0] sd 0:0:1:0: tag#6807 CDB[00]: e5 db 32 73 4e 09 6d 26 e2 c7 35 d1 35 12 1c 92 [ 1289.490834][ C0] sd 0:0:1:0: tag#6807 CDB[10]: 1b da 40 a0 58 5b a8 d4 7d 34 f3 90 4c f1 2d ba [ 1289.499876][ C0] sd 0:0:1:0: tag#6807 CDB[20]: 00 23:12:27 executing program 3: r0 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r0, 0x2007fff) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r1, r0, 0x0, 0x201000) perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x42, 0x24, 0x2, 0x0, 0xffff, 0x20080, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x4, @perf_bp={&(0x7f00000002c0), 0x3}, 0x8, 0x7, 0x3, 0xc, 0x7f, 0xf2, 0x3, 0x0, 0x4, 0x0, 0x1e24}, 0xffffffffffffffff, 0xa, r0, 0x2) perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40010, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2000000, 0x80010, r0, 0x4d214000) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) clone(0x40000000, &(0x7f00000000c0)="d2358c99c268ff384472b0ab4ad3928e1d63848171d67dd2f0208a207898a081ff1b8c2987981932901782777fc648887a6f8e67265f7373458bded0a706ce964675a01bb80ffca76f2ba897443a227471a90a1c73cc5871c4f18cf88cf5da5381fdac0585da44cae7abd0b72a18972957965edc14515a762a84841394f28768b795481caf18e83eab1973fc996311e9e76adb30ab7acf1ae8", &(0x7f0000000000), &(0x7f0000000180), &(0x7f00000001c0)="0d81cb5ac2a7457bd0a8623dc651b050361e68739a94943cc2c4b406df77158e656cd82d2053f892922e124ec4b28add05154b67b0da7a76429ff2efeaf9493cfd66570f4cfab977f0e5d6bd888048df1860bb8e126f4eb7bd94a8232a7b403ca60e14cd8f107981024701aeaeb66edceffdccb1524271ef615d4d5711c4f9b7ead674d0a7104dc36bdf1a2ada964288fcd3b501d86fde170798b978582ff327c6207489a8aeb3aedbcf97f123f6523631d535c926e3067395fb859d5dc74bf2e96a053ddbd1") 23:12:27 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3c3, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:12:27 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa5000000ffffff80887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1289.729821][T22824] loop2: detected capacity change from 0 to 1 23:12:28 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa5000000000001a3887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1289.827342][T22824] loop2: detected capacity change from 0 to 1 [ 1289.859679][T22937] selinux_netlink_send: 282 callbacks suppressed [ 1289.859696][T22937] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=35144 sclass=netlink_xfrm_socket pid=22937 comm=syz-executor.4 [ 1289.897683][T22937] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=34247 sclass=netlink_xfrm_socket pid=22937 comm=syz-executor.4 [ 1289.911844][T22937] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=53893 sclass=netlink_xfrm_socket pid=22937 comm=syz-executor.4 [ 1289.925639][T22937] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=53481 sclass=netlink_xfrm_socket pid=22937 comm=syz-executor.4 [ 1289.949090][T22937] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=49 sclass=netlink_xfrm_socket pid=22937 comm=syz-executor.4 [ 1289.962725][T22937] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=61 sclass=netlink_xfrm_socket pid=22937 comm=syz-executor.4 23:12:28 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80008300) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x80000001) 23:12:28 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3c4, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:12:28 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, &(0x7f0000000000)='\x00') bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20, @empty}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r1 = getpid() sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x2, 0x0, 0x0, 0x9}, 0x0) sched_setattr(r1, &(0x7f0000000240)={0x38, 0x2, 0x8, 0x0, 0x4, 0x0, 0xfffffffffffffffc, 0x0, 0x400}, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x1, './bus\x00'}, 0x6e) sendto$inet(r0, &(0x7f00000002c0)="6a9842ca9fa8ae3b454e13b63007ef09dc02b9e4f815ee5a86daa65c3ebf4eee5249d86cd90c23b75ebbecbca28704a2e0302e929c210d79851fdbb22adfca5800292425c76ec69044477e34655702583dce85aee9dc48aa53d191df90d3d64056c52f3576b1de1c34a873f3225b52ef23970e9df0b12af3a9ed27066e7d605c70b450901d907d1acdc9adc682f04abdc4578225c7c3cf227655cad21feb961881183478a876", 0xa6, 0x4081, &(0x7f0000000180)={0x2, 0x4e20, @remote}, 0x10) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setattr(r1, &(0x7f0000000080)={0x38}, 0x0) r4 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r4, 0x2007fff) r5 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r5, r4, 0x0, 0x201000) openat$cgroup_ro(r4, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0) sendto$inet(r0, &(0x7f0000000140), 0xffffffffffffff58, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10) recvfrom(r0, &(0x7f0000000480)=""/110, 0xfffffe32, 0x700, 0x0, 0xfffffffffffffecb) 23:12:28 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500000040000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1289.975494][T22937] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=108 sclass=netlink_xfrm_socket pid=22937 comm=syz-executor.4 [ 1289.988352][T22937] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=103 sclass=netlink_xfrm_socket pid=22937 comm=syz-executor.4 [ 1290.001213][T22937] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=129 sclass=netlink_xfrm_socket pid=22937 comm=syz-executor.4 [ 1290.014309][T22937] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=161 sclass=netlink_xfrm_socket pid=22937 comm=syz-executor.4 23:12:28 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa5000000ffffffc9887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:28 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x200002) 23:12:28 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3c5, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) [ 1290.193588][T22975] loop2: detected capacity change from 0 to 1 [ 1290.257407][T22975] loop2: detected capacity change from 0 to 1 23:12:28 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa5000000fffffff6887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:28 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500080040000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:28 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3c6, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:12:28 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa5000000fffffdfd887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1290.530323][T23170] loop2: detected capacity change from 0 to 1 23:12:28 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa5000000fffffffe887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1290.597821][T23170] loop2: detected capacity change from 0 to 1 23:12:28 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80008700) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x80000001) 23:12:28 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x200008) 23:12:29 executing program 3: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80008200) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x80000001) 23:12:29 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3c7, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:12:29 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500000048000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:29 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000fff887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:29 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x20000f) 23:12:29 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80009000) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x80000001) 23:12:29 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa5000000ffffefff887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1291.146133][T23494] loop2: detected capacity change from 0 to 1 23:12:29 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3c8, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) [ 1291.220546][T23494] loop2: detected capacity change from 0 to 1 23:12:29 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa50000004c000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:29 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa5000000ffefffff887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:29 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3c9, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:12:29 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x200010) [ 1291.461279][T23809] loop2: detected capacity change from 0 to 1 [ 1291.547287][T23809] loop2: detected capacity change from 0 to 1 23:12:29 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa5000000fdfdffff887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:29 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500000068000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:29 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r1, 0x2007fff) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r2, r1, 0x0, 0x201000) sendmsg$nl_xfrm(r2, &(0x7f0000000300)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000200)=@getpolicy={0x90, 0x15, 0x4, 0x70bd2b, 0x25dfdbfd, {{@in6=@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x29}}, @in6=@ipv4={'\x00', '\xff\xff', @empty}, 0x4e23, 0xfffd, 0x4e22, 0x54, 0x2, 0x20, 0xa0, 0x2, 0x0, 0xffffffffffffffff}, 0x6e6bb1, 0x2}, [@extra_flags={0x8, 0x18, 0x6}, @srcaddr={0x14, 0xd, @in=@private=0xa010100}, @XFRMA_SET_MARK={0x8, 0x1d, 0x1000}, @lastused={0xc, 0xf, 0xffffffff}, @tfcpad={0x8, 0x16, 0xbaf}, @proto={0x5, 0x19, 0x3c}]}, 0x90}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000) sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in=@loopback, @in6=@private2}, {@in=@local, 0x0, 0x33}, @in6=@mcast1, {}, {}, {}, 0x0, 0x2000, 0xa}, [@algo_auth={0x48, 0x1, {{'md5\x00'}}}]}, 0x138}}, 0x0) 23:12:29 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3ca, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:12:29 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000080ffffff887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:29 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80009100) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x80000001) [ 1291.741664][T23921] loop2: detected capacity change from 0 to 1 [ 1291.819571][T23921] loop2: detected capacity change from 0 to 1 23:12:30 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x200018) 23:12:30 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3cb, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:12:30 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa5000000c9ffffff887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:30 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa50000006c000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:30 executing program 3: r0 = socket$inet6(0xa, 0x100000003, 0x3c) r1 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x6}, 0x4) setsockopt$packet_fanout_data(r1, 0x107, 0x16, &(0x7f0000000100)={0x2, &(0x7f00000000c0)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x6}]}, 0x10) setsockopt$packet_tx_ring(r1, 0x107, 0xd, &(0x7f0000000140)=@req3={0x2f1a, 0x5, 0x6, 0x5, 0xbb30, 0x0, 0x4}, 0x1c) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201000) setsockopt$packet_fanout_data(r2, 0x107, 0x16, &(0x7f0000000200)={0x1, &(0x7f00000001c0)=[{0x9, 0x1, 0x7}]}, 0x10) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x2}]}, 0x10) r4 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r4, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x0, 0x0, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) sendfile(r0, r4, &(0x7f0000000240)=0x200, 0xfffffffffffff7fc) sendto$inet6(r0, &(0x7f0000000000), 0x0, 0x0, &(0x7f0000000180)={0xa, 0x4e23, 0x0, @loopback={0x0, 0xac141409}}, 0x1c) 23:12:30 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa5000000f6ffffff887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1292.062963][T24144] loop2: detected capacity change from 0 to 1 23:12:30 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3cc, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:12:30 executing program 3: r0 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r0, 0x2007fff) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r1, r0, 0x0, 0x201000) r2 = io_uring_setup(0x1c52, &(0x7f0000000000)={0x0, 0xd988, 0x4, 0x1, 0x0, 0x0, r0}) io_uring_register$IORING_REGISTER_EVENTFD(r2, 0x3, 0x0, 0x1) [ 1292.147393][T24144] loop2: detected capacity change from 0 to 1 23:12:30 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa5000000feffffff887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:30 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500000074000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:30 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x200078) 23:12:30 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80009200) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x80000001) 23:12:30 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3cd, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:12:30 executing program 3: r0 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r0, 0x2007fff) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r1, r0, 0x0, 0x201000) ioctl$TCXONC(r0, 0x540a, 0x1) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in=@loopback, @in6=@private2}, {@in=@local, 0x20000000, 0x33}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0xa}, [@algo_auth={0x48, 0x1, {{'md5\x00'}}}]}, 0x138}}, 0x0) recvmmsg$unix(r0, &(0x7f0000002dc0)=[{{&(0x7f0000000200), 0x6e, &(0x7f0000001780)=[{&(0x7f0000000280)=""/178, 0xb2}, {&(0x7f0000000340)=""/147, 0x93}, {&(0x7f0000000400)=""/205, 0xcd}, {&(0x7f0000000500)=""/133, 0x85}, {&(0x7f00000005c0)}, {&(0x7f0000000600)=""/4096, 0x1000}, {&(0x7f0000001600)=""/211, 0xd3}, {&(0x7f0000001700)=""/83, 0x53}], 0x8, &(0x7f0000001800)=[@cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x68}}, {{0x0, 0x0, &(0x7f0000001a40)=[{&(0x7f0000001880)=""/135, 0x87}, {&(0x7f0000001940)=""/8, 0x8}, {&(0x7f0000001980)=""/129, 0x81}], 0x3, &(0x7f0000001a80)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x60}}, {{&(0x7f0000001b00)=@abs, 0x6e, &(0x7f0000001d00)=[{&(0x7f0000001b80)=""/125, 0x7d}, {&(0x7f0000001c00)=""/122, 0x7a}, {&(0x7f0000001c80)=""/100, 0x64}], 0x3, &(0x7f0000001d40)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x10}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x80}}, {{&(0x7f0000001dc0)=@abs, 0x6e, &(0x7f0000002040)=[{&(0x7f0000001e40)=""/228, 0xe4}, {&(0x7f0000001f40)=""/135, 0x87}], 0x2, &(0x7f0000002080)=[@cred={{0x1c}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0}}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x108}}, {{&(0x7f00000021c0), 0x6e, &(0x7f0000002840)=[{&(0x7f0000002240)=""/129, 0x81}, {&(0x7f0000002300)=""/178, 0xb2}, {&(0x7f00000023c0)=""/200, 0xc8}, {&(0x7f00000024c0)=""/27, 0x1b}, {&(0x7f0000002500)=""/172, 0xac}, {&(0x7f00000025c0)=""/237, 0xed}, {&(0x7f00000026c0)=""/90, 0x5a}, {&(0x7f0000002740)=""/202, 0xca}], 0x8, &(0x7f00000028c0)=[@cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x80}}, {{0x0, 0x0, &(0x7f0000002d40)=[{&(0x7f0000002940)=""/206, 0xce}, {&(0x7f0000002a40)=""/159, 0x9f}, {&(0x7f0000002b00)=""/88, 0x58}, {&(0x7f0000002b80)=""/163, 0xa3}, {&(0x7f0000002c40)=""/10, 0xa}, {&(0x7f0000002c80)=""/33, 0x21}, {&(0x7f0000002cc0)=""/111, 0x6f}], 0x7}}], 0x6, 0x10000, &(0x7f0000002f40)={0x77359400}) sendmsg$nl_xfrm(r2, &(0x7f0000003100)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000030c0)={&(0x7f0000002f80)=@updsa={0x11c, 0x1a, 0x300, 0x70bd2b, 0x25dfdbfd, {{@in=@multicast2, @in6=@empty, 0x4e24, 0x0, 0x4e23, 0x9, 0x2, 0x80, 0x0, 0x3b, 0x0, r3}, {@in=@broadcast, 0x4d4, 0x3c}, @in=@remote, {0xa8e, 0x40, 0x5000000000, 0x3aab, 0x6, 0x9, 0x7fff, 0x7}, {0x1, 0x3, 0x7fff, 0x14ce742c}, {0x4, 0x8, 0xa3}, 0x70bd25, 0x3501, 0xa, 0x4, 0x3}, [@XFRMA_IF_ID={0x8}, @replay_esn_val={0x24, 0x17, {0x2, 0x70bd2b, 0x70bd2b, 0x70bd25, 0x70bd2c, 0xb9b, [0x1, 0x2]}}]}, 0x11c}, 0x1, 0x0, 0x0, 0x40004014}, 0x20000854) 23:12:30 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000020000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1292.423285][T24466] loop2: detected capacity change from 0 to 1 23:12:30 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3ce, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) [ 1292.479103][T24466] loop2: detected capacity change from 0 to 1 23:12:30 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa50000007a000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:30 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000030000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:30 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000000)={0x20, 0x6a, 0x1, 0x0, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @pid}, @typed={0x8, 0x1, 0x0, 0x0, @uid}]}, 0x20}], 0x1}, 0x0) ftruncate(r0, 0x400) 23:12:31 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000040000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:31 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3cf, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) [ 1292.724217][T24686] loop2: detected capacity change from 0 to 1 23:12:31 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x200300) 23:12:31 executing program 3: sendmsg$ETHTOOL_MSG_FEATURES_GET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYRES64, @ANYRES64, @ANYBLOB="4b39f133ebf74edd"], 0xe8}}, 0x0) clone(0x84020000, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000380)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0, 0x29}, {&(0x7f0000001880)=""/102388, 0xfff7}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r1 = gettid() rt_sigqueueinfo(r1, 0x30, &(0x7f00000002c0)) [ 1292.777524][T24686] loop2: detected capacity change from 0 to 1 23:12:31 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x8000a000) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x80000001) 23:12:31 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000050000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:31 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa50000017d000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:31 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3d0, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:12:31 executing program 3: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80000, 0xd, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000700100000f000000000000000000000004000000000002000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d6f4655f000000000000000001000000000000000b0000000004000008000000d2c201001203", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000c7b2a4502ed64a6eb421652eb677bbba010040", 0x1f, 0x4e0}, {&(0x7f0000010300)="0300000004", 0x5, 0x640}, {&(0x7f0000010400)="03000000040000000500000017000f000300040000000000000000000f008551", 0x20, 0x800}, {&(0x7f0000010e00)="ed41000000040000d6f4655fd7f4655fd7f4655f00000000000004002000000000000800050000000af301000400000000000000000000000100000030", 0x3d, 0x1800}, {&(0x7f0000011000)="8081000000180000d6f4655fd6f4655fd6f4655f00000000000001002000000010000800000000000af302000400000000000000000000000200000050000000020000000400000052", 0x49, 0x1c00}, {&(0x7f0000011100)="8081000000180000d6f4655fd6f4655fd6f4655f00000000000001002000000010000800000000000af302000400000000000000000000000200000060000000020000000400000062", 0x49, 0x2000}, {&(0x7f0000011400)="ed4100003c000000d7f4655fd7f4655fd7f4655f0000000000000200000000000000001003000000020000000d0000001000050166696c65300000000e0000002800050766696c653100000000000000000000000000000000000000000000000000000097bbe33d00000000000000000000000000000000000000000000000020000000681d5748681d5748681d5748d7f4655f681d57480000000000000000000002ea0407000000000000000000000000000064617461", 0xb8, 0x4000}, {&(0x7f0000011b00)="020000000c0001022e000000020000000c0002022e2e00000b00000014000a026c6f73742b666f756e6400000c0000001000050266696c6530", 0x39, 0xc000}, {&(0x7f0000012700)="111fc0d901000000803a0900803a09000000000006", 0x15, 0x14000}, {0x0}, {&(0x7f0000012d00)="2719c0d901000000803a0900803a09000000000006", 0x15, 0x18000}, {0x0}], 0x0, &(0x7f0000000d80)=ANY=[@ANYBLOB="00e0fbae66877baf4087dcc5bf20248b6338df8ef3ae0c846ff9f4ade1c1768f02b574f41cab414e5f4c77d4880ec6660c2765ba11bd446ad2f7ec6b8cc3b65fc9e340255e004c29df8e7fcb145caa4b70d9039d47c0926efc599dcc47e0246865cdd0777e206d3666b7e9dcc5da923fb57d44783f"]) syz_mount_image$tmpfs(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x1, 0x4, &(0x7f0000000500)=[{&(0x7f00000001c0)="b23d834fa7af2c8d73c2a055af68554975cd1ef6c6c917366857f55b994f29d9987707ffb1af8d67acee3b7a", 0x2c, 0xffff}, {&(0x7f0000000340)="db404866f7af6cb9e46fc5052896475f8b91274d2b15e9019227883876512effa746868f10f8d96f32a6a022caa7daf349bba0976bcfab699c18eed86a55580b6e442cd6aff15d5cad496ead0a7845d2fe3ab8ecddec23fdaba1e1bfb0c8d3db80298af11da3169afbc789", 0x6b, 0x6}, {&(0x7f00000003c0)="e1f1c5623f0f4b27b0df39df054b9180f7d2602b2f8b028e173be6f7d08d1500c1554483373d44fa57ed53452990d72e85281e34e68fb4170b663682df92173c947eb476482b3c9018f443d30e4ed70c425582428964b85367ffa1e6be9d96703b391101c5a3523bae42746d498f1dc95d93a3e93107d0afd87b8cbc48adf3bad3de26c6694d14c28c26bf9553722f739e0ae988a75f6b86149efcdbda4b680713956593f6067fbc20cebf93c212e2c7f508fbe5ce85a279da1402af397e68f0845c8e5fb4b1e11ad965aa47aa8bb5fcacd6bc2bc30fe457b7734288f90c4ac8d3bf4e9c6403a6a03036489829334baad1f8", 0xf2, 0x7f}, {&(0x7f00000004c0)="a5544affcf0147d6bf658e57233b3379a436", 0x12, 0x1f}], 0x2000000, &(0x7f0000000580)={[{@nr_blocks={'nr_blocks', 0x3d, [0x38, 0x32, 0x65, 0x2d, 0x7c, 0x65, 0x33, 0x0]}}], [{@subj_type={'subj_type', 0x3d, 'ext4\x00'}}, {@smackfshat={'smackfshat', 0x3d, '@['}}, {@uid_eq={'uid', 0x3d, 0xee01}}]}) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f00000000c0)='./file1\x00', 0x40) r0 = syz_mount_image$nfs4(&(0x7f0000000600), &(0x7f0000000640)='./file0\x00', 0xba, 0x8, &(0x7f0000000b80)=[{&(0x7f0000000680)="8f57df9cf8d5e7c11be9caae78b3965bb21568d686deb265c4e8cc74541875c0d582f1e580dbac2885b1a22aaacf261298e9603924fbc236ac6e5e510f3b723e6f3ab8a9519536daecefa732f97502959f58dc51e9f904dbbbb2516ca9f959191ca99b1236903b1a98482b99a1f3d54d922ecb6fbb5648726ca559cd8ff8b5c473f7fd0d52344b622ba7801240a4fc91865e11", 0x93, 0x3915}, {&(0x7f0000000740)="7fddd6dc2d32a2baa1bf059d69f23c82976e1ecef390836b579f7e8a8d5e728fb143c40b10121611248be33bdb128c47bdfb765d8159e6b85ec9eb996a711959ab4651f34c079f6f7db46ab3a87fa1d10fd2f7769443cfded263aea583ceba664e768301d935155447aad65e3bab2e105f2918b77614838789ffcd821f4c8e0bcbd3ef30c9de1fb11b437db82ca082a2ef82032b05336f", 0x97, 0x1}, {&(0x7f0000000800)="e94766974dd2fb61fec74dfde4efe3cb9b9e593c9b03dea2db5865e6b3677c637aa669bd687d7fa2bb370dc668e171e7bf1b28cdb7269323ba96fcc12e37450673ed5cdd6028945e65c1d604933a65ed8fa1da7cba7bf3e3dcd7d6c43c40aa2f4cbf0dec15e2ed71f56110b20e5ef04e85df4d7c8aad9859f5b29ef87679dff1ec48cc6042de1d90f4", 0x89, 0x5}, {&(0x7f00000008c0)="87a6da5c15bc7343cb51b59395a44e8167d6468cfcbe3340bf741082051e120ea73c8fef08b4", 0x26, 0x5}, {&(0x7f0000000900)="07971fa8cbc30717979da3ed24eeafe694d34081c4736da9a9f4edaefe55c3d51f17a7e700fccb8cce87937785e8ec49f9f7bf9ce27bcd5a95902910ac6befb21d54b21ed5a394b61acb5704457dfd9c676e2dc15f09122dffb01165ae45bee64af363539631e8937b9fd677c31981cf7d16f51611021bd2d05406806d9cd2af3456c60035dcfd4fa90c13fe66be8173d162f0d59afff4c7c161b95927f78273f18b742802e049b67325447812b2c2b4e473a3", 0xb3, 0x4000000000000}, {&(0x7f00000009c0)="fa3ccb6560cb9a47def86a2525bfcfe930cc3741a21281e5c1955f8e0d4dd9e63df97e9d2981621e3d6a4e5413cac67716b4e03a15b68f266367cceb0efee36f57a908c80cf966a6271965cc36e68d58ad048cdf1cfad3a1403ae2d60b28210e44c46c3a74f345cf330837", 0x6b, 0x2}, {&(0x7f0000000a40)="38ffb132a3efa4fb72290d276d4cd54fd385b36b11184729cdc1a69c2f998d60d6a35a9df5832da89b0b4a5d9a36d6a82ba31f35299410d58c130634c565ac581b1d22f62274b3bf4a9f0a8f235e00c2e604efcaa400e1e5f24c9caf74b89cb11a8bdcd5d968efb8df2955dc7cf892664e05c75a4b373c314dc6c2236080a725dc7157bd2713823e7b4c", 0x8a, 0x2}, {&(0x7f0000000b00)="2a3047ee4a0e0cbd2ac493ee0d79c0a4add6478ab670acb091b8497965e6f2fb6e87a8856e419ff687236bb29abc418cb803161103f8b925ca48f6a69d4ddbf121e545034e34507daed87ff4447f0ab867b95a7e46f3a4a413648fdb40f7a67a05bf0ee61c6e", 0x66, 0x26b9}], 0x0, &(0x7f0000000c40)={[{'@['}, {'smackfshat'}, {'ext4\x00'}, {'nr_blocks'}], [{@smackfshat={'smackfshat', 0x3d, 'smackfshat'}}]}) r1 = syz_open_dev$vcsa(&(0x7f0000000cc0), 0x6, 0x0) move_mount(r0, &(0x7f0000000c80)='./file1\x00', r1, &(0x7f0000000d00)='./file1\x00', 0x60) open(&(0x7f0000000d40)='./file0\x00', 0x8000, 0x41) rmdir(&(0x7f0000000080)='./file0\x00') [ 1293.142164][T24911] loop2: detected capacity change from 0 to 1 [ 1293.153928][T24914] loop3: detected capacity change from 0 to 1024 23:12:31 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000060000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1293.191920][T24914] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 1293.216404][T24914] EXT4-fs error (device loop3): __ext4_new_inode:1072: comm syz-executor.3: reserved inode found cleared - inode=1 [ 1293.233072][ T23] audit: type=1400 audit(1636067551.456:739): avc: denied { remove_name } for pid=24910 comm="syz-executor.3" name="file0" dev="loop3" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 1293.234938][T25067] EXT4-fs error (device loop3): ext4_lookup:1789: inode #12: comm syz-executor.3: deleted inode referenced: 14 [ 1293.256274][ T23] audit: type=1400 audit(1636067551.456:740): avc: denied { rmdir } for pid=24910 comm="syz-executor.3" name="file0" dev="loop3" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 23:12:31 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x200500) 23:12:31 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3d1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:12:31 executing program 3: syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000080)=[{&(0x7f00000002c0)="eb3c8f000000732e66617400020101000240008080f801", 0x17}, {0x0, 0x56, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') creat(&(0x7f0000000140)='./bus\x00', 0x0) r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$FITRIM(r0, 0xc0185879, &(0x7f0000000400)={0x2000, 0x10001}) openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x210000, 0x24) r1 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r1, 0x2007fff) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r2, r1, 0x0, 0x201000) sendmsg$TIPC_NL_BEARER_DISABLE(r1, &(0x7f0000000300)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000440)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="040026bd7000fedbdf2502000000400004803c000780080001000a0000000800020004000000080001001d0000000000000000010000080001001700000008000300ffffff7f080003000080000098917eb54007daf318025ccda03b87333d9d7c1fa372a66ddc6b239461b49f5e224c6fe8bbd013d3f4aa0e8eca62fc3a9055f4d0bc805af1d7557863078607d55bdcae50be5d2fb51888efb378817c8e9ea2240f9763d0d73b673e60569844b780778ca34b5b1ae73ddebf6e8edcc8f00a70de3a22901a0bd3ed24c58b37e96d67f4ffc5c4e15a36f1e58b5fdc5c4b310820ae84db90bde0d94563202b6248aa9742d78b914615215df3c23992acd98e28aa3c225ae10bd8d88d9b"], 0x54}, 0x1, 0x0, 0x0, 0x24040004}, 0x4) [ 1293.281011][T24914] EXT4-fs error (device loop3): ext4_lookup:1789: inode #12: comm syz-executor.3: deleted inode referenced: 13 [ 1293.321157][T24911] loop2: detected capacity change from 0 to 1 23:12:31 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa5ffffff80000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:31 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000070000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1293.541477][T25218] loop3: detected capacity change from 0 to 16 [ 1293.564084][T25218] syz-executor.3: attempt to access beyond end of device [ 1293.564084][T25218] loop3: rw=3, want=24, limit=16 [ 1293.582286][T25218] syz-executor.3: attempt to access beyond end of device 23:12:31 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3d2, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) [ 1293.582286][T25218] loop3: rw=2051, want=149, limit=16 [ 1293.584574][T25233] loop2: detected capacity change from 0 to 1 [ 1293.658013][T25233] loop2: detected capacity change from 0 to 1 23:12:32 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x8000b000) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x80000001) 23:12:32 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) syz_open_dev$tty1(0xc, 0x4, 0x4) write$binfmt_elf64(r0, &(0x7f0000000000)={{0xe, 0x9b, 0x3b, 0x7, 0x39, 0x0, 0x0, 0x0, 0x46d, 0x0, 0x0, 0x0, 0x0, 0x40}, [{}]}, 0x78) 23:12:32 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000080000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:32 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa5000001a3000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:32 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3d3, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:12:32 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x200600) 23:12:32 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000090000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:32 executing program 3: perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = msgget$private(0x0, 0x0) msgrcv(0xffffffffffffffff, &(0x7f0000000100)={0x0, ""/234}, 0xf2, 0x1, 0x0) msgctl$IPC_INFO(r0, 0x3, &(0x7f0000000080)=""/118) r1 = msgget$private(0x0, 0x0) msgsnd(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="8100000000000000"], 0x8, 0x0) msgctl$IPC_RMID(r1, 0x0) setresgid(0x0, 0xee01, 0x0) r2 = msgget$private(0x0, 0x0) r3 = geteuid() setreuid(r3, 0xffffffffffffffff) getresuid(0x0, 0x0, &(0x7f00000000c0)=0x0) msgctl$IPC_SET(r2, 0x1, &(0x7f0000000100)={{0x0, r4, 0x0, r3, 0x0, 0x20, 0xff7f}, 0x0, 0x0, 0x7, 0x8, 0x3, 0x9, 0x1, 0xe, 0x8, 0x3, 0xffffffffffffffff}) msgctl$IPC_RMID(r2, 0x0) r5 = fork() r6 = gettid() kcmp(r6, r5, 0xbdb2d69e909536f2, 0xffffffffffffffff, 0xffffffffffffffff) [ 1294.014157][T25449] loop2: detected capacity change from 0 to 1 23:12:32 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3d4, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:12:32 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa5000000000a0000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1294.150977][T25449] loop2: detected capacity change from 0 to 1 23:12:32 executing program 3: open(&(0x7f0000000400)='./bus\x00', 0x1044042, 0x0) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000004c0), 0x690702) r1 = dup(r0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) writev(r1, &(0x7f0000000040)=[{&(0x7f0000000080)="fa5e", 0x2}], 0x1) r3 = socket$inet6(0xa, 0x5, 0x6) preadv(r3, &(0x7f0000000000), 0x0, 0x7f, 0x5) preadv(r3, &(0x7f00000006c0)=[{&(0x7f00000001c0)=""/173, 0xad}, {&(0x7f0000000500)=""/230, 0xe6}, {&(0x7f00000000c0)=""/96, 0x60}, {&(0x7f0000000340)=""/87, 0x57}, {&(0x7f0000000440)=""/90, 0x5a}, {&(0x7f0000000600)=""/148, 0x94}], 0x6, 0x0, 0x3) mount$9p_fd(0x0, &(0x7f0000000140)='./bus\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000880)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB="8bfb4c9d44d1f55a3ba7f0ffc0339e3ddaaf9ada4162"]) r4 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r4, 0x2007fff) r5 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r5, r4, 0x0, 0x201000) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_INFO(r4, 0x40bc5311, &(0x7f00000007c0)={0x4355, 0x2, 'client1\x00', 0xffffffff80000000, "bed716761fb0fd9f", "44ccb558d564a5982ac2206d78a98bba9a39dba3218abc2af9151c7b5d4cb179", 0x10000, 0x6}) 23:12:32 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa5ffffffc9000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1294.382007][T25774] loop2: detected capacity change from 0 to 1 [ 1294.386924][T25771] 9pnet: Insufficient options for proto=fd [ 1294.412960][T25777] 9pnet: Insufficient options for proto=fd [ 1294.478077][T25774] loop2: detected capacity change from 0 to 1 23:12:32 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x8000b800) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x80000001) 23:12:32 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3d5, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:12:32 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x200630) 23:12:32 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa5000000000b0000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:32 executing program 3: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x8) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x10080, 0x0, 0x0, 0x7, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(0xffffffffffffffff, 0x21f6, 0x0, 0x6, &(0x7f0000000140)={[0x3]}, 0x8) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0xfffffffe, 0x0, 0x0, 0x0}) sendmsg$NL80211_CMD_START_SCHED_SCAN(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="100008005822875340eb4c0bce472b13c560cda37ddf3b3aef24b979b8c1a9045cbb3d2241c2893be152f5c30a7324dae0076b5a88b072ed8b368fbb894bf2b5584fd3066b5ac289be", @ANYRES16=0x0, @ANYBLOB="aba31a64464e062343c69266484e"], 0x28}}, 0x0) clock_gettime(0x0, 0x0) sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, 0x0, 0x0) r3 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r3, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x0, 0x0, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$FITRIM(0xffffffffffffffff, 0xc0185879, &(0x7f00000001c0)={0xe3, 0x8, 0x8}) ppoll(&(0x7f0000000000), 0x0, &(0x7f00000000c0), 0x0, 0x0) syz_open_dev$sg(0x0, 0x8, 0x0) tee(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x4) vmsplice(0xffffffffffffffff, &(0x7f0000000180)=[{&(0x7f0000000440)="3160daf2396d74c691dcc076754c6ef9adcea97657af6662d79ded0fbf63a63b59e63e7bc30025e1112893fe8bfe66dfebef2a7f3f43134508b77e9124a8b059924321b83eff2858d254836c0ea2b5817cb491a124bea9a1d3cc45659e85eceb651d33a85028680e53b22d26961f95092ad1b52b59d0082e43108716dd915ccd", 0x80}, {&(0x7f0000000100)="2692a424e041758ca25a18795f1f08aa4e333c7741e4111a71b9ff99a295971771a1bac2", 0x24}], 0x2, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x8000001b) 23:12:32 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa5fffffff6000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:32 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa5000000000c0000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1294.649987][ C0] sd 0:0:1:0: tag#6784 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s [ 1294.659862][ C0] sd 0:0:1:0: tag#6784 CDB: opcode=0xe5 (vendor) [ 1294.666241][ C0] sd 0:0:1:0: tag#6784 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c [ 1294.675285][ C0] sd 0:0:1:0: tag#6784 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d [ 1294.684457][ C0] sd 0:0:1:0: tag#6784 CDB[20]: ba [ 1294.694453][T25791] loop2: detected capacity change from 0 to 1 23:12:33 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3d6, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:12:33 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa5000000000d0000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1294.796642][T25791] loop2: detected capacity change from 0 to 1 23:12:33 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa5fffffdfd000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:33 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x200700) 23:12:33 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3d7, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) [ 1295.099801][T26103] loop2: detected capacity change from 0 to 1 [ 1295.208932][T26103] loop2: detected capacity change from 0 to 1 [ 1295.242737][T26105] selinux_netlink_send: 121 callbacks suppressed [ 1295.242783][T26105] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=35144 sclass=netlink_xfrm_socket pid=26105 comm=syz-executor.4 23:12:33 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x8000bb00) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x80000001) 23:12:33 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa5000000000e0000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:33 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa5fffffffe000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:33 executing program 3: set_mempolicy(0x1, &(0x7f00000000c0)=0x5, 0x6) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x7a05, 0x1700) write$cgroup_int(r0, &(0x7f0000000200), 0x43400) pwritev2(r0, &(0x7f0000000040)=[{&(0x7f0000000000)="cb", 0xf000}], 0x1, 0x0, 0x0, 0xc) ioctl$FS_IOC_MEASURE_VERITY(r0, 0xc0046686, &(0x7f0000000280)=ANY=[@ANYBLOB="01009900f559704157a961e8fa1eb95320074cfa1610b574f2f67c4be5c240d87b4c032e4052b17aac58e87d3ecb5f669e77f54bd09e0480844320f17c1751661bbee090360a130dca56781bd4c6762b04d6e69e53943625f81bf45ff9b2708de3ebbb64f99119b899ad56fad0f679c8a3d07206d424d3ae265e12e97d095598c6e72832e5d086c6e9a83ac1c0401b1b40878b4955fc4754fe161d69e6"]) 23:12:33 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3d8, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:12:33 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x200900) 23:12:33 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa5000000000f0000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1295.654352][T26317] loop2: detected capacity change from 0 to 1 23:12:34 executing program 3: r0 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$TCPDIAG_GETSOCK(r0, &(0x7f0000001480)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000040)={&(0x7f0000000100)={0x1354, 0x12, 0x800, 0x70bd28, 0x25dfdbfd, {0x9, 0x0, 0x3f, 0xb0, {0x4e21, 0x4e22, [0x3, 0x0, 0x0, 0x9], [0x8, 0xffffffff, 0x6, 0x6], 0x0, [0x48, 0x6]}, 0x1, 0x9}, [@INET_DIAG_REQ_BYTECODE={0x8f, 0x1, "e78a89db6140b9819dcaf04eb1b8df23e592d79745eb27682733c6166bbc93cab2a8a269bf74af8a6218e9723062d13160c1d32748da23f9f9cc9cabc1eb86dffaa7b388fdb30d241da0855096f4c0eed5102618068edaeef250d0ad4bd38ee7e4189cac49de4e2cee2b713e416b5118f3d7404dbc13d534ffdca5c20dd3c2796fef2cd37f08da95dc13df"}, @INET_DIAG_REQ_BYTECODE={0x1d, 0x1, "29409fb25c6cbacb701b8ad3b9b8d7b7e5e690833267a8045d"}, @INET_DIAG_REQ_BYTECODE={0xfb, 0x1, "4766a94392f78b310b5b1bfa0467c77acc50dfa614c4b343c1687b2cf69f132ec05c8dfc7e75dfb2e71111660463351fcfd0d7301493e3103f4c51b519ee77009a1572816be8e62718f7396815bdf27b115d2256dd379350159827a118738103fb28e1323d493ad83bf0ebf79aabcff0d95984ce1491d0e9a800af121a99fce67b2c55fa523cb37ae9c8b661677b327035e04616483a573a4a5fe85a8c522291f30772097f1887d49b48a45b3734475424fa09420d65878c5e8034bb68b0cc20019db2490243ae44a5b6cf41b1484075eca1fe9f60a590df8a98a28dea40b8920036d9d40d40c91ab1f75466eafa2dadd86e2857bd1c42"}, @INET_DIAG_REQ_BYTECODE={0x44, 0x1, "d4b692d99436824cd420209d461e481643c90b1bf7c76e88df8748e1fab9ce183342bcd618aba24103af3e8fa86b63fdf5b903710373d27857c325e8205564d3"}, @INET_DIAG_REQ_BYTECODE={0x31, 0x1, "a69db98044a8efb456f72707b17e27b002c12d391389a840ffa8c0e52753952e2077bb5ffe530d1f7de6132351"}, @INET_DIAG_REQ_BYTECODE={0x1004, 0x1, "e29e3e90c396d9fa62b84c8b95168613f64d53f7b0afc76907c4960c9ab7f0abe3a3c6a5aa34f70f8ce9567a491c4d966a5052035dc2e635dd091c7ce2d3493999259f8b97561416582ce6fc924f2d35ceafc025979f77fc7b7fc8a30671beb2cd115d8f28ffa38379a037bfc94779839f89ab274464787120b23ab3bed6881b65e6ba3648ea5aabe902befe862ee5980a35620e11e03dcfbc9bab75407f609a010e4b0e8460b4675bbce35c4584815e14872587bcc7a1dbadb1ac02eb2bab1b998b516e071c3bad85d32cb1a3252ee5128e9604aa281e8b5b30bc221ab1d9046185a2328d00e7d21f4f18276b42fa4c5f446fa4a34466703bb177333c43e42bff2067ce3a151cf941e3ad582663e98c5cc9b050f7c7f90e19328924bbaaaa6a243699a4adca9d3f69a1da088e059fd7d2fb9b000ec0f1e98a9e4679d12654e0e780e97aa576356839d932feaf201d8411d4158a833202e40732856bcaa6e0fd1e76af7037b23974e2f7ac1d9e58ae712cb7da14f08f7bd6f3af817dd51181d1bee9e99381d0b79b0313baacbc3dee0fef012f5f927f1ea1000dfcc74094946c2569b696c97a9009efbe385dbf43c30edfa6c41a5035a8f4dd475ee1fba52a123d9f20c715a707596eade885d6f96c75354a83a5d5f117685b5e415409604171f750f22a6eebfdd51e34c4f3a46785f924fecbc17ba343b1de3a46e095f3228295413f2973bc78a82d11ca22d57d4694698fc8d232370ad6fcb3e7202b9fbaacb145ea06b4ca4c72e556bdb6ca59642aafcd254dfaa5f2a4f1e8c98a0b4f33d9ea5ca4dcffb781d611de33759948e2b3df3a8d08f78b8959b9040316715ccaff224f65d9205c2c659c53bd1b8251bad64a726e5f1fff1b4039790446d58f039215f35d8448e89e07bf4929ca9a23a8eb2110ed4755670695a41f909d80067787348e8dc6b6a79677cee70a8f166dc9621be68e4e3541760c89b7623ecf7ef5901f3c36ed19f4b82195150727287429c99be8c6642c8d18270ca861a65b5f15d25bf081cb90309d006b195cc883eef94ca6595e040babbaba70caaa057305028607700d4f21300b9f6ec1968c641751370abac8fbf01497255ad914b54d8199df20bbfecfef6de590a929658b465984cc3b4749952ed356a7a2a279d767a35dc5b05200b24ee27711f3090f34cd069c921e590148216527bd8888116fb97e74e1d34608c71d1485cb3d675c2a795ae826c9d3a05ca11a6a4697267879c62dbbdf0ce3171b2abd3e85e11382924c7466d58db1f36b4539d229a506c2fbf1ee038f6b0a8b92bd8bd03f6ed61d3fbd9d8a885c4a1910f8b88b9daa5353d535f76be8d9cb56c6006fb5580335d500967df02247fa50267d95caacd01692dd38aa46e7b2857c4734e3281c3ac6541ee4496e04d38a50134aafd29d0e68e19d5c185b1eb55df0287e9cb5a978a8276a493613e12dcc8a5e85c924e8e7cca291328e298ed62a82dea2f76e05d3425eeaafbaf6cf2aa361d3c107d640eeeb7e6eeb87cb7c1d2d72b8812ca874db67951d3fed9d82c47b137b569294564c3ae9a427f08832d35d827404990d54cf52aae7edff12de709c193afe28eb827e248887ca33069a6bb4d95427ed8c509c54dc42d32a586bac313111c01c612f6daa9e8de27f4e5032328ef223c610e308d97c5c43d3a2e2caf913831d46e4894371ec8f9b879cadd7c1233a6d251d28f1686fd627f0cdb55a472b75c51cafeed1077baa8f990f0615a57e980f1c9c8af6fae02d00e19567f89fccd2af3b78cd3bcb63d5245bd1a393615106bae126a08418f7f80b257a760444ab256af4a83e61dae6f7e83fc6331e63baa4523eeab9feeef3cb065b57c5779c8eae6cbb1e7aae34e9ba49c58c51bfab6ff1045e07415a4bb4025ce4d371d57c317d633ce7183e856d08224173a5f2d1ca34ab61310217e2c74dbc792792ec9c5972899cbf682de308f86886df32996e6b08a8e3b894abe3afcee14f0042e2b54908287d942ff2152c44e630f008bdace480f4382e55397cdf6b937e126caa337baf574a83996b194835dab8b57629d2c03097a21221f0a09b66e984ad6680771ec454d76cb44f69e13603e3cfda997162553204a191025399c81ff66f9db70911c4d2e1454290b9f5d21c037001728332895d7f7be6a3590a2072afe42deeac724abe467ed1f4d7ee2def760e53425b0aac951f4cab7337db7c75d9620e2d6e8a37391deabbd090cb2c754c430a4bf3e3c39295d759400352ce03b8ca60dc0fbebaa0d6fb16a93ce8101ab70389cfc5a4b01919e560c066f0b73e3623a1717d2f4ffed04a19ceba74fadce508fdbc6f7afb6af7a292aa8cceb8b35e550ad6fb422d0f7e24a7802a529b56accb1e70546dcb34d0f1709788336b3183b3b483d0283a12888e7a902221065b1cb1e6ca2ca87f49659f52ec16013535ed962612420dbf59832590467928659af01e191a5acc45b1e12708092babb5615b4e7b0bcb83227294340f3ca0e17c486e47a1d046fb348ae3c54d1b0c1539a5bee63bfa850650d04108be5890e8a6a70f5cbcef11e7df6fdb6f6f3963ad151dbd2b689a6dd1d0c8440e1eb3efe26b1685df77b3ac079953d6a7e0b6b1becb0d0bb43baa17c693fe0a621324a4d8772ad55c5dc22e15799bc776802ea034f336942e08cd7aeb0ea4c257473ba75dd8f6056941052b21828ee98a4807c2857b5533ab7f994b1de6b7887150c79446187d3fb015b545ed468b17bf7ef2342cae802a1ea09aa2d2d1071be930f5059056ada528a6864e05d49c448aa55d5870dd8082af9e82239f311c09cecc35f40f69bc142030947e4bb5a31117d074f54709b49b3200cf6462f5c345111a1e356f92e651630b28f04b785ba0ea6d8c1b0c75fa5adbf1d54cf6537e0e7c30676442f0f15a350f0ebbb69ef2e263f95ff4f7d22a5575dd340dd63cb7db90bed91b9ab0f8ed97c5dafcc304d46ad511724db7016185239780c470da7b99183899ab83dacf7e0d27bedca1231279f1066d2fc54a260e024b0a3478d4c019986a571dcd246944e87063d727802ef16ecb7e1624d2b2581497b08f635a9f78a45bd9d2eefbc8983ef6737d0eaf7b8ee2b25319624ad148a08d2474ff8e1c872d68bbdb45466683b3ed663f52eceaed7caa96e6bccf8dd1469a23b69e03a5e75d5960d1524cc3887f6b0dfd1f0928be9c785904adc2c8121ff62cd7ab5b33c7b898fac6919eb680b9a2553c2f97c6b5b5a9a252a1a1159906e6dc512b5e00e91a7a90ad226791ac40a51e7ecc3fb91e616847689977dd888047511b7a0f211873a972875991c3496f90370153881ddee499ea85d0fb0b4768a3905d1f3598097912b153c90070a927f3dd7cf9fbbd40e63444afe52899b5ba07acc42c71651b38499755d56d5983caf15df113e7af3089d1ce0532ebe295ad82de34a8efc53d0f21bb60823a5791d0c843b829b63147595a0c989efc077cd4e80e39100dbadea206572b918c1f2da562bb3aee9b5593075c08efcf7bdb948c8168524df6ae4234b752f4beb3d5f7134bc644382cec3030651be54ca8806e0719b72be4d6929a0e630d9f1c2b027927d43b191e3673f246abcc267511c8d4205344270d36b3b0e5abae33a94f463e3f8c34e126c7a38b8f78d2008aa2ea404ac3c9bdafe84987eb975d56d2568cfdb815c59dd11d2139e8e89fba910e2cf54a3ef49af616cd2ff903cf5a17b64d6f529193dcd57bd58377052dbec9c45a4b9afd3fd3cf780a3a714e98879fd683cec5c8c363631f54c815983d8e2800c2cf60feff332dcac340ef62ec68b62bd87a5a877fa1387d5a9b4e816e7362e4c07a28518db492a44f4a7ff3068f726d7b14a392c5af5d2287ace50f361c75b79b2279b096330eafb4eefe5f79d61439c0c305ef598fd37ce71c0db3cd76c7710be98ec4db299fd8a5918b09370ae11440bf657b96c6db6065754d617d6feaed73a2064c493ba83bbea05b0186116ddb957cc187929714f8232f5a7c926b0236218dd96343d2e5cbae01e5ef49254d4d2a6aac57c1e9c7d8a6e500449b0a199a68abf4e4ed70f804e5dad1e3af3058478ee5989f7b2431bccb83d89b5671fb2d4f53552fe3be3ad665f0fe07b350255a709bf1b87c0c1388966ba2b8b632fe7d5f041617e33d728437c871871f9720eb49325f98ff52bb4ba9a8d9d9e7bd64c272411debe59fd6d186d4ad00d53773d38de86e06cd86af50e5367ec3a2ebb70c23351c5057f221c23ec0f67c650c89cf3a6514d6a2aa1bbee03ec0cc65acc1f7ce6e46e324017f99b9f73ec81450b01f02dbb2d17c04e0d11ffeec97a2d607e99115a873b5a6d3953e077ca48d0efc0a1b1904c18738d6fecec6fd63f1558d487022fd2adae08dc33a58e6ac71501ed72d34d99fa87bffd2fbde6601d596cdcebc32836382a5bf5a73b5490de4b7361b13907f30fe0ba76cf72b859d0a2442211baf39ddc7885ae56cb02f87ceffc0416b8fe08a100986de62f468d1083ef2109bba5fbb762bf45c108102000f88888a7b1819dbb4b55b93bd20b01142b0a64de193705433f668897ba3aba934ff73b231c4d3b1c7ba1aac55fddadbbe9efccd1e27e6aeda9dfeba8a5684174b42c23adbe8fddfb3ba12768b5358340b8d0c4c9f9b641309d075deffcfa1ad351bd7997129f5c5845d7ed9340878ac3b7734719a2b2d3f860fa9301b9ef2f226154382fd35a76d2312c95b422317b2c103c6982c94c99bf596e78beccc257739068e4e0c751157b9ad5d75df480bb42238c129c1bcf8b4c94754a46386e89e0bb7ab0e8d22ae19295d0525cfc117c67dcea4a9be1adcc96ba647660d522d0cae7700d89ddd37cb74db817e14c72dc1f2d136e1ce45f3235df6d435df47e4b2f6558c1d7a481220a43e049b4210c59e0b2923f1356ffd074cadb9406e8f035f419af735337a33eb7865b3330d533e011a2f2cc30587f4b67001917f9c53058d2be4f96c6910e062baed2694252d0f3b4949bf223ff1ffe11d263f4a3efdda78cb2b79567eff336365c51b1f87d8a9896a9add49db8e14da655b2e05ade2084ee4af4ac15a0832fac6365f8e66996295dedd2167b81985ff6045d5071b38a07cbe4ad200fd406a6b461054c7caad998a23fbfd5dbc525935583946166c1d112004d357c405738e75b9a91973a3501d8a7413a03c23359563c0fdf3442d4b65a4d579d9bfc2c2dc630142a4152c0ab61e623cc070fa9b0711ac029ebbd7fa749e1210a96316a8e49b9f5cc8d0144548ba48c3244850feac94c5649978508b1da95541443781b59ffb13f419b16cf42c0d8484bc13e56c58fa74d34a20e43ddb0d01db709853e61104bff6dff37404240dcb1ef49527c8cb578eaf4a3615282d1fc3d2d33a3a59cdb49678bafd6aef0e1c2872785aeaef53675acd4f96c23282dd88dd4c0e0eae40db958007830387bdc6ede07d69e940b70c97c4f0eae5ebb0add7a118fc4fb6f938b972bb605a746cab0aca97729b6253743bbbef53976b5acfa6fb956f87b218dd92d7127b1fe5ca4d973845f1f032b3148463d934129542439fb7959e71caa3b9758959356844fe27a79b1205538c5ed1f9e8ce91e25181f025f18acce50cf2c1bf09777e04e3ae97d6d43a6a1f0f5cade3f3002c56fde35471f4d1b16afe18d6f2cb89683967529a78f9eb02515d7e0ba25a5a26049900db85845c5af01c38cdd5f5525ee711ffcdde37bc3fdd460a6ffb942bbf3b59b71a63573c6fdd39e970"}, @INET_DIAG_REQ_BYTECODE={0xdf, 0x1, "c63948e7c309aa37601a6150b9288c6e4e50b720a7acd51ddbcccc0d015cea01349c0cb5a052960264b0dd2600a3d70815e9aae74de679c9a272f9bd591517f426faf697c357ee4f97165ef9bdfa5d35ec38d784211671cfc6b93957db762c40f5c469834470fd9b8d7d39c1ddc05d2733affce2fa9ffa222d794ae3f140cd742a2121c11f4eb7f7c904ff4a90746d08c1bc727a9b0f46bef8a4e24eb0993e7cdca5eb224f471f3e424bfa0620e39c1603b36a2e9940deae841657fc67a37c748757671230f4e70061d8d3e50fb6b49f0c271451b9aec52dc17f4e"}]}, 0x1354}, 0x1, 0x0, 0x0, 0x40000}, 0x4040) sendmsg$SOCK_DIAG_BY_FAMILY(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001600)={0x14, 0x15, 0x1, 0x0, 0x0, {0x2e}}, 0x14}}, 0x0) r1 = socket$netlink(0x10, 0x3, 0xf) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x0, 0x0, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) sendfile(r2, r0, &(0x7f0000001640)=0x6, 0x7fffffff) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001000), 0xffffffffffffffff) sendmsg$NL80211_CMD_DEL_KEY(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x20, r3, 0x1, 0x0, 0x0, {{}, {@void, @val={0xc}}}}, 0x20}}, 0x0) sendmsg$NL80211_CMD_NEW_KEY(0xffffffffffffffff, &(0x7f00000015c0)={&(0x7f00000014c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001580)={&(0x7f0000001500)={0x58, r3, 0x200, 0x70bd2b, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x4, 0x41}}}}, [@NL80211_ATTR_KEY_SEQ={0xb, 0xa, "9d15be157509f6"}, @NL80211_ATTR_KEY={0x14, 0x50, 0x0, 0x1, [@NL80211_KEY_CIPHER={0x8, 0x3, 0xfac05}, @NL80211_KEY_SEQ={0x5, 0x4, '#'}]}, @NL80211_ATTR_KEY_TYPE={0x8, 0x37, 0x1}, @NL80211_ATTR_KEY_TYPE={0x8, 0x37, 0x2}, @NL80211_ATTR_KEY_IDX={0x5}]}, 0x58}, 0x1, 0x0, 0x0, 0x4000}, 0x10) [ 1295.717702][T26317] loop2: detected capacity change from 0 to 1 [ 1295.734871][T26423] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=35144 sclass=netlink_xfrm_socket pid=26423 comm=syz-executor.4 23:12:34 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3d9, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:12:34 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500000fff000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1295.770342][T26423] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=34247 sclass=netlink_xfrm_socket pid=26423 comm=syz-executor.4 [ 1295.784067][T26423] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=53893 sclass=netlink_xfrm_socket pid=26423 comm=syz-executor.4 [ 1295.797289][T26423] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=53481 sclass=netlink_xfrm_socket pid=26423 comm=syz-executor.4 23:12:34 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000100000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:34 executing program 3: ioctl$sock_SIOCOUTQ(0xffffffffffffffff, 0x5411, &(0x7f0000000080)) syz_mount_image$msdos(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0xffc00007, 0x2, &(0x7f0000000240)=[{&(0x7f0000000040)="040800090000ff01e66174000404090a0200027400f8", 0x16}, {&(0x7f00000004c0)="dbed7d4cac17", 0x6, 0x1f}], 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="349296ecd3c7c16eec3fb584b00d1af34372"]) [ 1295.972144][ T23] audit: type=1400 audit(1636067554.196:741): avc: denied { write } for pid=26430 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 1295.993532][ T23] audit: type=1400 audit(1636067554.196:742): avc: denied { nlmsg_read } for pid=26430 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 1296.015962][ T23] audit: type=1400 audit(1636067554.196:743): avc: denied { nlmsg_write } for pid=26430 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 1296.101022][T26536] loop2: detected capacity change from 0 to 1 [ 1296.183138][T26639] loop3: detected capacity change from 0 to 264192 [ 1296.195893][T26536] loop2: detected capacity change from 0 to 1 [ 1296.206072][T26639] FAT-fs (loop3): Unrecognized mount option "4’–ìÓÇÁnì?µ„°óCr" or missing value 23:12:34 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x8000c000) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x80000001) 23:12:34 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3da, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:12:34 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x200a00) 23:12:34 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000110000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:34 executing program 3: r0 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0xfb, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x2034, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x5, 0x3, 0x8, 0x40, 0x0, 0x1c5, 0x20060, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x800, 0x4, @perf_config_ext={0x800, 0x9}, 0x40000, 0x0, 0xc27, 0x5, 0x9, 0x80000001, 0x100, 0x0, 0x8001, 0x0, 0x50}, 0xffffffffffffffff, 0x8, r0, 0xb) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(&(0x7f00000003c0)=ANY=[], &(0x7f00000001c0)='./file0\x00', &(0x7f0000000240)='rpc_pipefs\x00', 0x4, 0x0) r1 = mq_open(&(0x7f0000000000)=':.\x00', 0x1, 0x12b, &(0x7f0000000040)={0xac8f, 0x3, 0x2, 0xaa}) r2 = perf_event_open(&(0x7f0000001900)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8000c150d4e}, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(0xffffffffffffffff, 0x84009422, &(0x7f0000002040)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x8923, &(0x7f00000014c0)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x0e\xc3\xfa\xd1x}\xea\xe3\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f\xd2l9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05\x8e\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ\x00\x00\x00\x00\xec\xd9\xd9\xf0\xd5)\x815a\xcc{#\xc5\xfb\xc5m\xb1\x87f\xeb\xff\x02\x1e3\xdb\xbf\x82\x0f\f\xc9)\x99\x15\x85su]\x18\xde\xe6.\xc0J#ZI\xbb\xf3\xcf\xd7\x90\xe1l\xac\xad\xd5gy\xb9q<\xe0\'w\xca%\xf7\x7f5\xcc\x1a\xe1\xc7\xc0\xe1\x81\xa4\xa3\xca\xb3e\xb0\x18\x8c\xc3\x8flB\x0f\xd8Y.\xef\xbb\x18O\xc8$en\xc0\x1c\xa6,\a\xc3\xbb\xce\x8e{\xba.Y\xfcr\x8b\x01\xe8l_$x5)\x05\xbe\xeb8\xc7>\xaf\xf6*\xbb\xc4gE\xb2\x98\x9e]i8\x98k\xc6O\xdf\xb2\xedd$\x1f\xec\x01\xb8\x18\xb2uCh\x81\xbcKY \xad\xda\xc8\x10\xae\xdf\xbd\x9b\xfc\xf8\x8c\x1d\xce\xcb\xff\xee\xea\xcf?\xa0\xdeB@\xa8\xbd\x9a6\xc5U\ns\x93') mount$bind(&(0x7f0000000080)='./file0\x00', &(0x7f0000001440)='./file0\x00', &(0x7f0000001480), 0x800, 0x0) sendmsg$NLBL_CIPSOV4_C_REMOVE(r6, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000140)={&(0x7f00000017c0)=ANY=[@ANYRES64=r3, @ANYRES32, @ANYRESOCT=r1, @ANYRES64=r5, @ANYRES32, @ANYRES64, @ANYRESHEX], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x40025) ioctl$BTRFS_IOC_SUBVOL_CREATE_V2(r3, 0x50009418, &(0x7f0000000440)={{r2}, 0x0, 0x4, @unused=[0x1fbfffffd, 0x71, 0x8, 0x8000], @devid=r4}) ioctl$BTRFS_IOC_SUBVOL_CREATE_V2(0xffffffffffffffff, 0x50009418, &(0x7f0000000300)={{}, 0x0, 0xc, @unused=[0x1, 0x0, 0x1, 0x7], @devid=r4}) ioctl$BTRFS_IOC_DEV_INFO(r1, 0xd000941e, &(0x7f0000000440)={r4, "fc728e32c8d97b1304edb3bd20361a13"}) mq_open(&(0x7f0000001840)='\x00', 0x40, 0x8df2ce1396248351, &(0x7f0000001880)={0x1, 0x20, 0x70c, 0x7}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f00000001c0)={0x2, 0x2, {0x6, @struct={0x21}, 0x0, 0x7, 0x400, 0x2, 0x5, 0x800, 0x2, @usage=0xf704, 0xffff, 0x2, [0x1000, 0x0, 0x3, 0x62b1949c, 0x100, 0xa72]}, {0x0, @usage=0x1000, r4, 0x1, 0x7, 0x1f, 0x100000001, 0x3, 0x401, @struct={0x40, 0x8}, 0x7fb4, 0xc1e, [0x5, 0x81, 0x3ff, 0x9, 0x40, 0x10000]}, {0x4, @struct={0x6, 0x4}, 0x0, 0x9, 0x7, 0x6, 0x4, 0x3ff, 0x11, @usage=0xb43d, 0x8, 0x800, [0x9f3, 0x5, 0x20, 0x1, 0x800, 0x3f]}, {0x1f, 0xffffffffffffffff, 0x100000001}}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000240)={0x8, 0x1, {0x80, @usage=0x2, 0x0, 0x9, 0x36dd, 0xfffffffffffffff8, 0x7, 0x1, 0x500, @usage=0x2, 0x5, 0x3, [0x3, 0x8, 0x8, 0x2, 0x9, 0x6]}, {0x1f, @usage=0xfff, r4, 0x9, 0xc48, 0x2, 0x8, 0x10001, 0x20, @struct={0x7e34, 0x2}, 0xa7, 0x0, [0x4ce3, 0x4, 0x80000000, 0x3, 0x0, 0x3fe000000]}, {0x1, @struct={0x4, 0x7}, 0x0, 0x6fe3, 0x6, 0x7f, 0x6, 0x5, 0x40, @usage=0x8, 0x6350, 0x1, [0xffffffff, 0x3, 0x1ff, 0x3ff, 0x101, 0xd781]}, {0x1ff, 0x7, 0x8}}) ioctl$BTRFS_IOC_GET_DEV_STATS(0xffffffffffffffff, 0xc4089434, &(0x7f0000000200)={r4, 0x8, 0x1, [0x7f, 0x628f, 0x10001, 0x1, 0x2], [0x4, 0x81, 0x7, 0xfffffffffffffffe, 0x1, 0x4fc6, 0x7, 0x7ff, 0x1, 0x7, 0x7, 0x5, 0x6d5d202d, 0x9, 0x80000001, 0x4, 0x8, 0x5, 0x10100000, 0xfa, 0x20, 0x4, 0x81, 0x69ab, 0x401, 0x3, 0x7, 0x43, 0xffffffff, 0xb14, 0x8, 0x1000000000, 0x4, 0x3, 0x3ff, 0x8, 0x5, 0x4, 0x8, 0xe2, 0x1000, 0x9, 0x4, 0x9, 0x5, 0x8, 0x6, 0x6, 0xe3, 0x6, 0x163451fd, 0xe0, 0x2, 0x2, 0xfffffffffffffff8, 0x8, 0x10000, 0x4, 0x3, 0x2, 0x2, 0x40, 0xc, 0xfffffffffffff8f1, 0x5, 0xeda, 0x10000, 0x4, 0x10001, 0x9, 0xfffffffffffffffe, 0x1, 0xffffffffffffffff, 0x6, 0x8, 0x5, 0x80, 0x8e2, 0x80000000, 0x1, 0x5, 0x1f, 0x7, 0x7, 0x6, 0x4, 0x9, 0x2, 0xb37, 0x159, 0x1000, 0x1, 0x10000, 0x800, 0xb56, 0x7ff, 0xdb, 0x0, 0x10000, 0xfffffffffffffffb, 0x8, 0x1000, 0x8, 0x7, 0x4, 0x3, 0x5, 0xfffffffffffffffe, 0x7fffffff, 0x8, 0x4, 0xfffffffffffffffe, 0x7, 0x5, 0xffffffff, 0x7, 0x7, 0x100000001, 0x1000000009, 0x3, 0x7]}) 23:12:34 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa5ffffefff000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:34 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000120000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1296.410154][T26646] loop2: detected capacity change from 0 to 1 [ 1296.422211][T26650] device lo entered promiscuous mode [ 1296.432431][T26650] Y­4`Ò˜: renamed from lo 23:12:34 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3db, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:12:34 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x3, &(0x7f0000000000)=[{0x5c}, {0x15, 0xe, 0x0, 0x80000}, {0x6, 0x0, 0x0, 0x7ffffdbf}]}) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) [ 1296.477711][T26756] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=35144 sclass=netlink_xfrm_socket pid=26756 comm=syz-executor.4 [ 1296.497812][T26646] loop2: detected capacity change from 0 to 1 [ 1296.514693][T26756] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=34247 sclass=netlink_xfrm_socket pid=26756 comm=syz-executor.4 23:12:34 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa5ffefffff000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1296.530593][T26756] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=53893 sclass=netlink_xfrm_socket pid=26756 comm=syz-executor.4 [ 1296.544436][T26756] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=53481 sclass=netlink_xfrm_socket pid=26756 comm=syz-executor.4 23:12:34 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000220000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:34 executing program 3: syz_mount_image$vfat(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f00000002c0)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15) r2 = dup(r1) write$P9_RLERRORu(r2, &(0x7f0000000140)=ANY=[@ANYBLOB="530000000700004600e208f3beaa4566e4eed357cb7be129ea"], 0x53) r3 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r3, 0x2007fff) r4 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r4, r3, 0x0, 0x201000) write$P9_RLERRORu(r3, &(0x7f0000000040)={0xd, 0x7, 0x1, {{}, 0x14}}, 0xd) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000080)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[], [{@uid_lt}, {@obj_type={'obj_type', 0x3d, '+&'}}], 0x6b}}) [ 1296.742267][T26837] loop2: detected capacity change from 0 to 1 [ 1296.826388][T26837] loop2: detected capacity change from 0 to 1 [ 1296.906563][T26977] 9pnet: p9_errstr2errno: server reported unknown error âó¾ªEfäîÓWË{á)ê 23:12:35 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x8000c700) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x80000001) 23:12:35 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000250000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:35 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3dc, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:12:35 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x200b00) 23:12:35 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa5fdfdffff000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:35 executing program 3: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0) bind$netlink(0xffffffffffffffff, 0x0, 0x0) socket$inet6(0xa, 0x0, 0x6) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x5}, 0x0, 0x0, 0x0, 0x7, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000000280)=ANY=[@ANYBLOB="0100000001008acf3d71e4ba460557000019000000c1a198d8e26a6690735f492d7f64b4d816f42817be4a0fd68b5c2de3d70fac853d0a2df1dbdeb1ea6f7d82bf06e969664dab85dcc753893176", @ANYBLOB="38b244b8967066d63dbc6ec5fd67f02ee6a784f8ec9a51f87fe60520628f500f9abef7e699f5beee45d82ba929b4f014dee7db9d2def0add768ee56f54762f134b65b6d07809a375b2400eb27feb0100b19aab582a1bba1a", @ANYBLOB="00000000000000002e2f6e696e5832db2788ef061cb0eb608e466c65304a00"]) r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) close(r1) sendfile(r1, r2, 0x0, 0x201000) bind$netlink(r2, &(0x7f0000000080)={0x10, 0x0, 0x25dfdbfc, 0x2000}, 0xc) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x1, 0x0, 0x0}) clone(0x70224100, 0x0, 0x0, 0x0, 0x0) [ 1296.958377][T26978] 9pnet: p9_errstr2errno: server reported unknown error âó¾ªEfäîÓWË{á)ê 23:12:35 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000480000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1297.049550][T26984] loop2: detected capacity change from 0 to 1 23:12:35 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3dd, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) [ 1297.136211][T27089] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=35144 sclass=netlink_xfrm_socket pid=27089 comm=syz-executor.4 [ 1297.138901][T26984] loop2: detected capacity change from 0 to 1 23:12:35 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa580ffffff000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1297.246358][ C0] sd 0:0:1:0: tag#6789 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s [ 1297.256256][ C0] sd 0:0:1:0: tag#6789 CDB: opcode=0xe5 (vendor) [ 1297.262619][ C0] sd 0:0:1:0: tag#6789 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c [ 1297.271868][ C0] sd 0:0:1:0: tag#6789 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d [ 1297.280933][ C0] sd 0:0:1:0: tag#6789 CDB[20]: ba 23:12:35 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3de, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:12:35 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa5000000004c0000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:35 executing program 3: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) set_mempolicy(0x2, &(0x7f00000000c0)=0x7, 0x6) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1) clone3(&(0x7f0000000480)={0xc000, &(0x7f0000000100), &(0x7f0000000240), &(0x7f0000000280), {0x9}, &(0x7f00000002c0)=""/125, 0x7d, &(0x7f0000000340)=""/146, &(0x7f0000000400)=[0xffffffffffffffff], 0x1, {r0}}, 0x58) clone3(&(0x7f0000000b00)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 1297.357588][ C1] sd 0:0:1:0: tag#6838 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s [ 1297.367454][ C1] sd 0:0:1:0: tag#6838 CDB: opcode=0xe5 (vendor) [ 1297.373926][ C1] sd 0:0:1:0: tag#6838 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c [ 1297.382951][ C1] sd 0:0:1:0: tag#6838 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d [ 1297.391998][ C1] sd 0:0:1:0: tag#6838 CDB[20]: ba [ 1297.563164][T27312] loop2: detected capacity change from 0 to 1 [ 1297.632932][T27312] loop2: detected capacity change from 0 to 1 23:12:36 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x8000d900) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x80000001) 23:12:36 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x200c00) 23:12:36 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000680000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:36 executing program 3: unshare(0x4a060480) r0 = epoll_create1(0x0) epoll_create1(0x0) close(r0) r1 = socket$unix(0x1, 0x1, 0x0) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201000) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r2, 0xc018937c, &(0x7f00000000c0)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=0xffffffffffffffff, @ANYBLOB="040000000004f7ff2d2f62757300cdf068151b94d283efb2410f12a86f56c2208ac2eb2bd2b03c5c239cffd3e114e7e1feca8f6c5b62a5cba51edd6274631f13869ce861736555fff39cc4b05d8435d1411005d54ece011adc3998cf331183446cc9d6a7fc6975f41735f968ca8092257a58b7342df91f3efb047958ab62b48d4c98e9d9bcae5cb779ca32fd77ef938e11220f40032c8f608a7732baff9f"]) epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r0, &(0x7f0000000040)) epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r3, &(0x7f0000000080)={0x10000000}) shutdown(r1, 0x0) 23:12:36 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3df, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:12:36 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa5c9ffffff000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:36 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa5000000006c0000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1297.863443][T27428] loop2: detected capacity change from 0 to 1 23:12:36 executing program 3: r0 = memfd_create(&(0x7f0000000000)='prodM\xb0\xea\a\x06\x00\xaen/\xce4\x00\x001foCe\xd0\x04\x00\x00\x00\x8at\xa24>X@\rq@\xf2\xe9[\xc9\x10\x04\x00\x00\x00dE\x8bqa\xda>mRv_\xa6%\x1dz\xd0\x11\xe3\x05N\xa1\x84\xea#P\x04\xca\xae\xeb?;Y\xeb\x8f\xec\xb4\xf9\x17\xb7\x04\xc2\xc0\xc6Ww\xbe\x7f\xe8F\x15%\xad\t\xeeD\xb8\xf9\xa8\x06\xa7\xdc\x06\x7f\x00\xc3\x17\x96\x13[\\A\x1dO\x03~Dk\xeb\x80\f\xed\xe4\xe1[\xbd\x9d^\xffj\x9c\x14\xda\xb6v\x1d*1>\x8f\xfc\xcd\x9b3\xa2N*]\x00\x00\x00', 0x6) r1 = syz_open_dev$sg(&(0x7f0000000140), 0x0, 0x220480) ioctl$SG_IO(r1, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x0, 0x0, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, r1) fcntl$addseals(r0, 0x409, 0x12) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x2000) r2 = openat(r0, &(0x7f00000000c0)='./file0\x00', 0x523740, 0x3c2) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000100)={0x0, 0x0, 0x30c, 0xa019}) 23:12:36 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3e0, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) [ 1297.928560][T27428] loop2: detected capacity change from 0 to 1 23:12:36 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa5f6ffffff000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:36 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000740000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:36 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x5) writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)="ae88bff8240200005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {&(0x7f0000000280)="53020000fcffffff7700f80e00000096ef533e4175ed944b2c8db5f80f38d0c291953610c854cda87814abc52fef3f7512a7410944c00ec59306f16ce2b6b786475472f64eaa4adfe16f80f4b5f59982d68851c822850ad5", 0x58}], 0x2) writev(r0, &(0x7f0000000240)=[{&(0x7f0000000140)="ae7cbff8240200005a90f57f0bbd13277bdf124650d2a5c8bb8c43b4607029cb71000000000000000000", 0x2a}], 0x1) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0, {0x8fd}}, './file0\x00'}) ioctl$SG_IO(r1, 0x2285, &(0x7f0000000940)={0x53, 0xffffffffffffffff, 0xe6, 0xff, @scatter={0x9, 0x0, &(0x7f0000000680)=[{&(0x7f0000000080)=""/49, 0x31}, {&(0x7f00000001c0)=""/56, 0x38}, {&(0x7f0000000300)=""/108, 0x6c}, {&(0x7f0000000380)=""/96, 0x60}, {&(0x7f0000000400)=""/178, 0xb2}, {&(0x7f00000004c0)=""/70, 0x46}, {&(0x7f0000000540)=""/253, 0xfd}, {&(0x7f0000000200)=""/53, 0x35}, {&(0x7f0000000640)=""/13, 0xd}]}, &(0x7f0000000740)="245034358fc40cccf6d4242c9f566d971b3c8d8a63b82dfea225eae0fa783763f2a95672cf61c22977422716d3e3192d53b0c351b6a33663e99f86216645e3dc82c4a26349b2efafaf64f8e08389a372773c804e6328aa137bada95fd07458e577c75c2e7791cc89f8ef6a021cadb06aca31b28f7ec93bc97b5ff96319c487ca863912cf8391c6e52ac97d63b7671f49c00b895179a036d6a5d6cc9a8ffb969f452e09590db55225e5c07f1184c19e549d004fbd947f24a994e5a561922d9325c59ddc24ff0cddd2d96c2c196ac1972671baec14c940e7d0ce02b95d876e6a91521e869a672a", &(0x7f0000000840)=""/179, 0x7fffffff, 0x1, 0x0, &(0x7f0000000900)}) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240200005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {&(0x7f0000000280)="53020000fcffffff7700f80e00ef533e4175ed944b2c8db5f80f38d0c291953610c854cda87814ab3fc7ef3f7512a7410944c00ec59306f16ce2090000005472f64eaa4adfe16f80f4b5f59982d68851c822850ad5000000", 0x58}], 0x2) [ 1298.167765][T27543] loop2: detected capacity change from 0 to 1 [ 1298.257854][T27543] loop2: detected capacity change from 0 to 1 23:12:36 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x8000db00) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x80000001) 23:12:36 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x200d00) 23:12:36 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3e1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:12:36 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa5000000007a0000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:36 executing program 3: r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_io_uring_setup(0x10c, &(0x7f0000000000)={0x0, 0x0, 0x6, 0x0, 0x2000}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000001c0)=0x0, &(0x7f0000000200)) syz_io_uring_setup(0x2243, &(0x7f0000000080)={0x0, 0x3210, 0x1, 0x3, 0x36e, 0x0, r1}, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000000100), &(0x7f0000000140)=0x0) r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x6000, @fd=r0, 0x401, &(0x7f0000000580)=[{&(0x7f0000000240)=""/235, 0xeb}, {&(0x7f0000000180)=""/33, 0x21}, {&(0x7f0000000340)=""/171, 0xab}, {&(0x7f0000000400)=""/211, 0xd3}, {&(0x7f0000000500)=""/67, 0x43}], 0x5, 0x4, 0x0, {0x0, r4}}, 0x8) 23:12:36 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa5feffffff000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:36 executing program 3: perf_event_open(&(0x7f0000000380)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x183, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x2be}, &(0x7f0000148000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000340)=0x0, &(0x7f0000000040)=0x0) r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000200)={0x3, &(0x7f0000000000)=[{0x35, 0x0, 0x0, 0x10000}, {0x25}, {0x6, 0x0, 0x0, 0x7fff7ffa}]}) r4 = accept4(0xffffffffffffffff, &(0x7f00000004c0)=@rc, &(0x7f0000000400)=0x80, 0x80000) r5 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendfile(r4, r5, &(0x7f0000000540)=0x1, 0x9) mbind(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x3, &(0x7f00000001c0)=0x40, 0xfff, 0x5) vmsplice(r3, 0x0, 0x0, 0x0) mmap(&(0x7f000014a000/0x1000)=nil, 0x1000, 0x0, 0x1010, r3, 0x688d3000) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x40, &(0x7f0000000140)=0x307e, 0x0, 0x4) r6 = socket$inet(0x2, 0x4000000000000001, 0x0) socket$inet(0x2, 0x4, 0xfffff36a) syz_io_uring_submit(r1, r2, &(0x7f0000000280)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r6, 0x80, &(0x7f0000000200)=@in={0x2, 0x0, @private}}, 0x0) perf_event_open(&(0x7f00000005c0)={0x5, 0x80, 0x1, 0x2, 0xff, 0x46, 0x0, 0x20, 0x30, 0xb, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x7, 0x4, @perf_bp={&(0x7f0000000580)}, 0x8, 0x4, 0x20, 0x2, 0x97, 0x1, 0x3f, 0x0, 0x3, 0x0, 0x2f}, 0x0, 0x10, 0xffffffffffffffff, 0x8) io_uring_enter(r0, 0x45f5, 0x0, 0x0, 0x0, 0x4) r7 = accept4$inet(r6, 0x0, &(0x7f0000000080), 0x80800) io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) getsockopt$inet_buf(r7, 0x0, 0x27, &(0x7f00000000c0)=""/102, &(0x7f0000000180)=0x66) ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000480)=ANY=[@ANYBLOB="080000000000000018000000", @ANYRES32=r7, @ANYBLOB="000000000000000000000000b508861b25ee65f8d9f2302ba73e00000000"]) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, r8, &(0x7f0000000440)={0x2}) 23:12:36 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000900000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1298.484417][T27759] loop2: detected capacity change from 0 to 1 23:12:36 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3e2, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) [ 1298.558487][T27759] loop2: detected capacity change from 0 to 1 23:12:36 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500020000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:36 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000fe0000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:37 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x200e00) [ 1298.847106][T28078] loop2: detected capacity change from 0 to 1 [ 1298.919818][T28078] loop2: detected capacity change from 0 to 1 23:12:37 executing program 3: r0 = socket$inet6(0xa, 0x1, 0x0) r1 = socket$nl_audit(0x10, 0x3, 0x9) sendmsg$AUDIT_ADD_RULE(r1, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) getsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000000c0), &(0x7f0000000100)=0x4) socket$inet6(0xa, 0x3, 0x0) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x2) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r2, 0x40505330, &(0x7f00000000c0)={{}, {0x0, 0x1}, 0x6}) r3 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, 0x0) r4 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r4, 0x2285, &(0x7f0000000380)={0x0, 0x0, 0x19, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d4", 0x0, 0x0, 0x0, 0x0, 0x0}) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0xfc, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffffffffffff}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r4, 0x81f8943c, &(0x7f0000000440)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x0, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {r6}, {0x0, r7}, {}, {}, {0x0, r7}, {}, {r6}, {0x0, 0x0}, {}, {}, {}, {r6}, {r6}, {0x0, r7}, {0x0, r7}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r7}, {}, {}, {0x0, r7}, {}, {0x0, r7}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r7}, {}, {}, {}, {r5}, {r5}, {}, {}, {}, {}, {}, {}, {0x0, r7}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r7}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r7}, {0x0, r7}, {r5, r7}, {}, {}, {}, {}, {}, {}, {}, {r6}, {r5}, {}, {}, {r6, r7}, {}, {0x0, r7}, {0x0, r7}, {}, {}, {r5}, {}, {}, {0x0, r7}, {}, {}, {r6}, {}, {}, {}, {r5}, {}, {}, {}, {r5}, {}, {}, {}, {}, {}, {0x0, r7}, {}, {}, {}, {}, {}, {}, {r5, r7}, {}, {0x0, r7}, {0x0}, {}, {r6}, {}, {0x0, r7}, {0x0}, {}, {r6}, {r5}, {0x0, r7}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r7}, {}, {}, {}, {}, {}, {0x0, r7}, {r6}, {}, {}, {}, {}, {0x0, r7}, {}, {0x0, 0x0}, {r5}, {}, {}, {}, {}, {}, {r6}, {}, {}, {}, {}, {}, {0x0}, {}, {}, {}, {}, {}, {}, {}, {0x0, r7}, {}, {r5}, {r5}, {}, {}, {}, {}, {}, {}, {}, {0x0, r7}, {}, {}, {}, {}, {}, {}, {}, {r6, r7}, {0x0, r7}, {}, {0x0, r7}, {}, {}, {0x0, r7}, {0x0, r7}, {}, {}, {r5}, {0x0, r7}, {r5}, {}, {0x0, r7}, {}, {}, {0x0, r7}, {}, {}, {r6}, {r5, r7}, {}, {}, {}, {r6}, {r6}], 0x0, "2156816c73038c"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, 0x0) write$binfmt_script(r0, &(0x7f0000000040)={'#! ', './file0', [{}, {0x20, 'queue1\x00'}, {0x20, '\x00'}], 0xa, "325f7f3f61cf29fab6bf38b6c69ec03e6891f0f3bfbe2531376ffd"}, 0x31) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000051900)={0xee1, [{r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r10}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r11}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r12}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r8}], 0x0, "b28a8b2be18979"}) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000200)={0x0, 0x0, 0x0, 'queue1\x00'}) write$sndseq(r2, &(0x7f0000000000)=[{0x23, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x0, 0x0}}], 0xfd63) 23:12:37 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x8000dc00) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x80000001) 23:12:37 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa5000000007d0100887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:37 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500030000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:37 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3e3, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:12:37 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000a30100887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:37 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3e4, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:12:37 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) socket$nl_xfrm(0x10, 0x3, 0x6) ioctl$BTRFS_IOC_SCRUB(0xffffffffffffffff, 0xc400941b, 0x0) ioctl$BTRFS_IOC_SCRUB(0xffffffffffffffff, 0xc400941b, 0x0) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff) r2 = open(0x0, 0x0, 0x0) getdents(r2, 0x0, 0x0) sendmsg$NL80211_CMD_REQ_SET_REG(r2, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, 0x0, 0x400, 0x70bd25}, 0x14}, 0x1, 0x0, 0x0, 0x8000}, 0x1) r3 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, 0x0) ioctl$SG_IO(r3, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x0, 0x0}) r4 = perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0xfd, 0x0, 0x0, 0x40080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x5, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xfffffffffffffffc, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x5}, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_TREE_SEARCH(0xffffffffffffffff, 0xd0009411, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000053c40)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r4, 0xd000943d, &(0x7f0000053e40)={0x2e, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r5}, {}, {}, {}, {}, {r5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r7}], 0x9, "7f8ea4e9afbb72"}) write$binfmt_misc(0xffffffffffffffff, 0x0, 0xbd) sendmsg$NL80211_CMD_RELOAD_REGDB(r0, &(0x7f0000000200)={0x0, 0x34000, &(0x7f00000001c0)={&(0x7f0000000180)={0x14, r1, 0x101}, 0x14}}, 0x0) [ 1299.118833][T28194] loop2: detected capacity change from 0 to 1 23:12:37 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x200ec0) 23:12:37 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000040200887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1299.196883][T28194] loop2: detected capacity change from 0 to 1 [ 1299.253118][ C1] sd 0:0:1:0: tag#6834 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s [ 1299.263025][ C1] sd 0:0:1:0: tag#6834 CDB: opcode=0xe5 (vendor) [ 1299.269378][ C1] sd 0:0:1:0: tag#6834 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c [ 1299.278447][ C1] sd 0:0:1:0: tag#6834 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d [ 1299.287500][ C1] sd 0:0:1:0: tag#6834 CDB[20]: ba 23:12:37 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500040000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:37 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3e5, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) [ 1299.296794][T28302] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 1299.308301][ C0] sd 0:0:1:0: tag#6838 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s [ 1299.318680][ C0] sd 0:0:1:0: tag#6838 CDB: opcode=0xe5 (vendor) [ 1299.325041][ C0] sd 0:0:1:0: tag#6838 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c [ 1299.334082][ C0] sd 0:0:1:0: tag#6838 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d [ 1299.343123][ C0] sd 0:0:1:0: tag#6838 CDB[20]: ba 23:12:37 executing program 3: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) set_mempolicy(0x2, &(0x7f00000000c0)=0x7, 0x6) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000180)='0', 0x1}], 0x1) clone3(&(0x7f0000000b00)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = socket$netlink(0x10, 0x3, 0xe) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)={0x24, r5, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x7}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_JOIN_MESH(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)={0x30, r5, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_MESH_ID={0xa}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x30}}, 0x0) sendmsg$NL80211_CMD_GET_MPP(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)={0x28, r5, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_MAC={0xa}]}, 0x28}}, 0x0) sendmsg$NL80211_CMD_CONTROL_PORT_FRAME(r2, &(0x7f0000000280)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000240)={&(0x7f0000000480)={0x2cc, r3, 0x20, 0x70bd2d, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_FRAME={0x28a, 0x33, @data_frame={@qos_no_ht={{@type10={{0x0, 0x2, 0x8, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1}, {0x9}, @from_mac, @device_a, @device_a, {0x8, 0x5}}, {0x3, 0x1, 0x1, 0x0, 0x20}}, {@type11={{0x0, 0x2, 0xe, 0x1, 0x1, 0x1, 0x1, 0x1}, {0x20}, @broadcast, @device_a, @random="7475b29d1b1b", {0x3, 0x5}}, {0xb, 0x1, 0x0, 0x1, 0x1f}}}, @a_msdu=[{@broadcast, @device_b, 0x9f, "5726d0825c08f10470fc56e1b7eb705c3cfbdff9c84217f73b911cc7d80d5ecf0d5fa8fcc30c3c7f0a899dc7bb78db23ed7ee1d09d15a56c1721fd9c2742c287b316997251cf15be982ac3e7cd50f05bc9d5fe53d5a5e3b24854f6f76cc0c6c35480d3c9f1389dd40529de105aaa99840ff7a3b5e8866e33cdde4ff5feeb09cad4e7d836a4a2677d1e03f5115fd7ad913201622744ec886a8ee7f420c76f51"}, {@device_b, @device_a, 0xd8, "f1c376384420d0242a104bb46c122cc24dde18a0f7355664a08c61c31559288ba292b2f311ff752dfc113c3f52f0a9fca6e4e37ea98fd25c69de5885fcc0c92b0c924e6b71e2cf8fa4d559c4caa789d4eb643f8a05a564d8f4f3d91fde76821da215cc8a38c9c0857b3b42985d0482ca9299bc50a80d5e378500f758c564405ae9203f0d61e2169ab5493c543a530a71943a7ed2179b6647ccfcdd8e0cdb6e3cb5ebec5e50d79cacacbc92f839f78617901de60eea8e16d50c2b7edad860cea9977d3e514842715110f040ac8f54752c19f06354647b7130"}, {@device_a, @broadcast, 0xa3, "ed270c60c59a1a2bdc3273548bba14b0b328c97fa42562c08dc1530c5c032b83c4042284c105fd8038dd8df460e4b75b2fd0c3135d3e1df8a6266f1b921f64a4d61f449c4efba68aa293d7f4401168efbcc666489a3c09a5da4a31337211bdef6836035dbdeeec44ff6a785e6f36cf0278b084ae23370b9f4b16ce550c577b09e0993adfcaf67c2fa1c9968a3f67db26efdbfa813aa21074fe6834a49d2027977c36b1"}]}}, @NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT={0x4}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT={0x4}, @NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT={0x4}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x2cc}, 0x1, 0x0, 0x0, 0x90}, 0x40) [ 1299.488812][T28412] loop2: detected capacity change from 0 to 1 [ 1299.608324][T28412] loop2: detected capacity change from 0 to 1 23:12:37 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x8000e000) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x80000001) 23:12:37 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000300887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:37 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3e6, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:12:37 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='blkio.bfq.io_queued\x00', 0x0, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000040)={0x0, ""/256, 0x0, 0x0, 0x0, 0x0, ""/16, ""/16, ""/16, 0x0, 0x0, 0x0, 0x0}) ioctl$BTRFS_IOC_SNAP_DESTROY_V2(r0, 0x5000943f, &(0x7f00000002c0)={{}, r1, 0x0, @inherit={0x68, &(0x7f0000000240)={0x0, 0x4, 0x3f, 0x1, {0x3a, 0x200, 0x8000, 0xff, 0x4}, [0x3, 0x1, 0x100, 0x3]}}, @devid}) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$BTRFS_IOC_DEFRAG(r2, 0x50009402, 0x0) listen(r0, 0x1) r3 = openat$cgroup_ro(r0, &(0x7f00000012c0)='blkio.bfq.idle_time\x00', 0x0, 0x0) r4 = syz_io_uring_complete(0x0) sendmsg$IPCTNL_MSG_CT_DELETE(r4, &(0x7f0000001540)={&(0x7f0000001300)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000001500)={&(0x7f0000001340)={0x1a0, 0x2, 0x1, 0x201, 0x0, 0x0, {0x7, 0x0, 0x1}, [@CTA_NAT_DST={0xc0, 0xd, 0x0, 0x1, [@CTA_NAT_V6_MINIP={0x14, 0x4, @mcast2}, @CTA_NAT_V4_MINIP={0x8, 0x1, @broadcast}, @CTA_NAT_V6_MAXIP={0x14, 0x5, @private1}, @CTA_NAT_V6_MINIP={0x14, 0x4, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, @CTA_NAT_PROTO={0x1c, 0x3, 0x0, 0x1, [@CTA_PROTONAT_PORT_MAX={0x6, 0x2, 0x4e24}, @CTA_PROTONAT_PORT_MAX={0x6, 0x2, 0x4e24}, @CTA_PROTONAT_PORT_MAX={0x6, 0x2, 0x4e21}]}, @CTA_NAT_V4_MAXIP={0x8, 0x2, @multicast1}, @CTA_NAT_PROTO={0x2c, 0x3, 0x0, 0x1, [@CTA_PROTONAT_PORT_MAX={0x6, 0x2, 0x4e22}, @CTA_PROTONAT_PORT_MAX={0x6, 0x2, 0x4e22}, @CTA_PROTONAT_PORT_MAX={0x6, 0x2, 0x4e23}, @CTA_PROTONAT_PORT_MAX={0x6, 0x2, 0x4e20}, @CTA_PROTONAT_PORT_MIN={0x6, 0x1, 0x4e22}]}, @CTA_NAT_V6_MAXIP={0x14, 0x5, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @CTA_NAT_V6_MAXIP={0x14, 0x5, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}]}, @CTA_STATUS={0x8, 0x3, 0x1, 0x0, 0x3400}, @CTA_HELP={0x10, 0x5, 0x0, 0x1, {0xa, 0x1, 'Q.931\x00'}}, @CTA_TUPLE_REPLY={0x38, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x1}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @remote}, {0x8, 0x2, @broadcast}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x2f}}, @CTA_TUPLE_ZONE={0x6}]}, @CTA_MARK={0x8, 0x8, 0x1, 0x0, 0x5}, @CTA_HELP={0x14, 0x5, 0x0, 0x1, {0xe, 0x1, 'irc-20000\x00'}}, @CTA_ID={0x8}, @CTA_PROTOINFO={0x58, 0x4, 0x0, 0x1, @CTA_PROTOINFO_DCCP={0x54, 0x2, 0x0, 0x1, [@CTA_PROTOINFO_DCCP_ROLE={0x5, 0x2, 0x7f}, @CTA_PROTOINFO_DCCP_ROLE={0x5}, @CTA_PROTOINFO_DCCP_ROLE={0x5}, @CTA_PROTOINFO_DCCP_STATE={0x5, 0x1, 0x9}, @CTA_PROTOINFO_DCCP_HANDSHAKE_SEQ={0xc, 0x3, 0x1, 0x0, 0x49}, @CTA_PROTOINFO_DCCP_HANDSHAKE_SEQ={0xc, 0x3, 0x1, 0x0, 0x2}, @CTA_PROTOINFO_DCCP_STATE={0x5, 0x1, 0x81}, @CTA_PROTOINFO_DCCP_ROLE={0x5, 0x2, 0x9}, @CTA_PROTOINFO_DCCP_ROLE={0x5, 0x2, 0x81}]}}]}, 0x1a0}, 0x1, 0x0, 0x0, 0x842}, 0x4000) ioctl$FS_IOC_FIEMAP(r0, 0xc020660b, &(0x7f0000001580)={0x7, 0x9, 0x0, 0x100, 0x5, [{0x1, 0x5, 0x7c, '\x00', 0x709}, {0x1, 0x9a8, 0xcca}, {0x7ff, 0x4, 0x2, '\x00', 0x5}, {0x9, 0x8001, 0x3, '\x00', 0x484}, {0x80000000, 0xfffffffffffffffa, 0x2c2}]}) sendmsg$OSF_MSG_REMOVE(r4, &(0x7f00000019c0)={&(0x7f00000016c0)={0x10, 0x0, 0x0, 0x800020}, 0xc, &(0x7f0000001980)={&(0x7f0000001700)={0x268, 0x1, 0x5, 0x5, 0x0, 0x0, {0x3, 0x0, 0x3}, [{{0x254, 0x1, {{0x1, 0x7fff}, 0x7f, 0x80, 0x1, 0x8, 0x5, 'syz1\x00', "3e101f093816d89a54980320f62e6f1b53024d067e8481edc234c7c6a4a12e63", "de4d2418a00ba61eb95d45a5c07dda530a3d972ebb00c196b2105bf9815f7ee3", [{0x5, 0x6, {0x1, 0x4}}, {0x3, 0x6, {0x0, 0x7fffffff}}, {0x3ff, 0x7, {0x0, 0x2}}, {0x3, 0xffff, {0x3, 0x8}}, {0x800, 0x401, {0x2, 0x1}}, {0x1ff, 0xa3, {0x1}}, {0x40, 0x82d4, {0x1, 0x8b}}, {0x4, 0xfa7, {0xb6cbdf22735fbc12, 0x3}}, {0xae0d, 0xe2, {0x3a7446a246d40cff, 0x1000}}, {0xfff8, 0x282, {0x3, 0x101}}, {0x8001, 0x8, {0x2, 0x9}}, {0x100, 0x4, {0x3, 0x1}}, {0x68, 0x7ff, {0x0, 0x4}}, {0x650, 0x0, {0x0, 0x401}}, {0x47c2, 0xfff, {0x3, 0x4}}, {0x0, 0x6, {0x1, 0x400}}, {0x1ff, 0x8, {0x1, 0x6}}, {0x6, 0x2, {0x0, 0xfffff800}}, {0x56d, 0x2, {0x1, 0x10000}}, {0x6, 0x4, {0x0, 0x5}}, {0x100, 0x38, {0x0, 0x2}}, {0xdb7, 0x4, {0x1, 0x3}}, {0x0, 0x3, {0x0, 0x4}}, {0xd0, 0x1, {0x0, 0x1}}, {0xb7, 0x2, {0x3, 0x20}}, {0x41, 0x200, {0x3, 0x6}}, {0x1}, {0x2, 0x5, {0x0, 0x1}}, {0x800, 0x6, {0x0, 0xffffff0c}}, {0x7, 0xe1, {0x0, 0x4}}, {0x8, 0x3, {0x0, 0x5}}, {0x2000, 0x7, {0x3}}, {0xb974, 0x9, {0x3, 0xffffffff}}, {0xaa00, 0x7ff, {0x3, 0x5}}, {0x6, 0x800, {0x3, 0x2}}, {0x0, 0x9, {0x2, 0x7}}, {0x5, 0x200, {0x1, 0x8d}}, {0x4, 0x3, {0x2, 0x1}}, {0x5, 0xfff, {0x0, 0x7fff}}, {0xffff, 0x7ff, {0x2, 0x6051}}]}}}]}, 0x268}, 0x1, 0x0, 0x0, 0x8000}, 0x400a0) ioctl$BTRFS_IOC_SYNC(0xffffffffffffffff, 0x9408, 0x0) fsync(r4) io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r0, 0x7, &(0x7f0000001a00)=r4, 0x1) r5 = dup(r0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000001a40)) ioctl$sock_SIOCGIFBR(r3, 0x8940, &(0x7f0000001c40)=@generic={0x3, 0x0, 0x7}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f0000001c80)) socket(0x28, 0x800, 0x81) ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(0xffffffffffffffff, 0xc0c89425, &(0x7f0000001f80)={"04c981ce63bd33701b8be3b61c6a2ecd", 0x0, 0x0, {0x0, 0x7}, {0x800, 0x691c}, 0x8, [0x32d4, 0x4, 0x6, 0x5a42, 0x4, 0x7, 0x401, 0x1, 0x80, 0x7ff, 0x401, 0x7, 0x1, 0x40, 0x3f, 0x6]}) 23:12:37 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500050000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:37 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x200f00) 23:12:38 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000020400887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:38 executing program 3: ioctl$KDGKBENT(0xffffffffffffffff, 0x4b46, &(0x7f0000000000)={0x40, 0x4, 0x7e}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000200)={0x3, &(0x7f0000000040)=[{0x3}, {0x25}, {0x6, 0x0, 0x0, 0x7fff7ffe}]}) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) 23:12:38 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3e7, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) [ 1299.880674][T28742] loop2: detected capacity change from 0 to 1 23:12:38 executing program 3: r0 = socket$inet6(0xa, 0x400000000001, 0x0) close(r0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)) r1 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r1, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="e5f432732f4e096d26e2c735d135121c921bda40b8585ba8d47d34f3904cf12dba", 0x0, 0x0, 0x0, 0x100, 0x0}) setsockopt$sock_int(r0, 0x1, 0xc, &(0x7f0000000080)=0x1, 0x4) perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x6e03, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040), 0x4}, 0x0, 0x0, 0x9, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r1, 0x81f8943c, &(0x7f0000000440)) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000640)) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r1, 0x81f8943c, &(0x7f0000001f80)) ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, 0x0) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = io_uring_setup(0x45de, &(0x7f00000009c0)) close_range(r3, 0xffffffffffffffff, 0x2) sendfile(r0, r2, 0x0, 0x201000) r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/vmallocinfo\x00', 0x0, 0x0) preadv(r4, &(0x7f0000000340)=[{&(0x7f0000000640)=""/219, 0xdb}], 0x1, 0x80000001, 0x0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) 23:12:38 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000060400887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1299.947076][T28742] loop2: detected capacity change from 0 to 1 23:12:38 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500060000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1300.108339][ C0] sd 0:0:1:0: tag#6805 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s [ 1300.118341][ C0] sd 0:0:1:0: tag#6805 CDB: opcode=0xe5 (vendor) [ 1300.124707][ C0] sd 0:0:1:0: tag#6805 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c [ 1300.134019][ C0] sd 0:0:1:0: tag#6805 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d [ 1300.143146][ C0] sd 0:0:1:0: tag#6805 CDB[20]: ba [ 1300.204730][T28957] loop2: detected capacity change from 0 to 1 23:12:38 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x8000e500) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x80000001) 23:12:38 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3e8, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:12:38 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000500887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:38 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201001) [ 1300.297739][T28957] loop2: detected capacity change from 0 to 1 23:12:38 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000600887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:38 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500070000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:38 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3e9, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) [ 1300.405261][T29067] selinux_netlink_send: 46 callbacks suppressed [ 1300.405276][T29067] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=35144 sclass=netlink_xfrm_socket pid=29067 comm=syz-executor.4 [ 1300.426706][T29067] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=34247 sclass=netlink_xfrm_socket pid=29067 comm=syz-executor.4 [ 1300.439983][T29067] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=53893 sclass=netlink_xfrm_socket pid=29067 comm=syz-executor.4 [ 1300.453796][T29067] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=53481 sclass=netlink_xfrm_socket pid=29067 comm=syz-executor.4 [ 1300.541909][T29073] loop2: detected capacity change from 0 to 1 23:12:38 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000040600887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:38 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3ea, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) [ 1300.597064][T29073] loop2: detected capacity change from 0 to 1 [ 1300.943357][ C0] sd 0:0:1:0: tag#6823 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s [ 1300.953222][ C0] sd 0:0:1:0: tag#6823 CDB: opcode=0xe5 (vendor) [ 1300.959920][ C0] sd 0:0:1:0: tag#6823 CDB[00]: e5 f4 32 73 2f 4e 09 6d 26 e2 c7 35 d1 35 12 1c [ 1300.968960][ C0] sd 0:0:1:0: tag#6823 CDB[10]: 92 1b da 40 b8 58 5b a8 d4 7d 34 f3 90 4c f1 2d [ 1300.977996][ C0] sd 0:0:1:0: tag#6823 CDB[20]: ba 23:12:39 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500080000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:39 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201002) 23:12:39 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000700887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:39 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3eb, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:12:39 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x8000ec00) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x80000001) 23:12:39 executing program 3: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x3, &(0x7f0000000040)=[{0x35, 0x0, 0x0, 0x20}, {0xa4}, {0x6, 0x0, 0x0, 0x7fff7ffe}]}) ioctl$BTRFS_IOC_SUBVOL_CREATE(r0, 0x5000940e, &(0x7f00000004c0)={{r0}, "29152761c9e3728b63afd07e122b8b15d5525c7c3e4a1558bffea8f65c9bd99531fd8562b76f222ed52943bf594f1caba2f58a4bb0173c34aa9a971be6970c47e0c17fd4aa5994066df613b61cc0b92445c952afb216115e3f8bfefbcf70d67a0d5b1aeb50760a557ecec9d5ed34ccd9f19a2f0106545dd063322e5ad8b2626e308ae64d7fbe725e198fd7315030b7abef8b1d5141a730e19728226fb745243db2b376524e06b6d2b4b974d2889558782407c796d45a6b4910f0ee322a588a6540b01b51b097bd3079c1fbbf093c2d39bcf8a236861fce36da8fbbce670ee4ec509f9c69eb750285d9e7044dc2db4121514c95d6c92a588362c8d4b5950ad20d123dc49f5e8234f6ff4b5241db6762c95cd0590494fe388d7feb4947d6061159b2c9e42e45d0fb69b5180b16aeacf177ce573534868f6ea2b252d41e730e50bbac130a5109f449ab43a965b655fee3426f1e9a1a7c048b541c9789c58e7b326d8cb0d300eb33023a8a3dc7ae172f5c362b80d98a440aba084c72040395a9db40257dc4f3f56f0182bc90efc44953bef4f40bbbf11faaaec26e4f08ea45f9786e6f87e8eec87e3377d4048087f47e878ea1ab27d4de0d48b5a7b9f61e9938762e41fbd7674097a8275c8411c23e21ce453f112a8a47750b97563aab1f79f0760a0511cd446e0a06aac892376dbcac4321ddd844b74d21348fc0c2b53686c52ce47fc32a5eb0d66c4326513ebcf8b14dc5eb9dfeba079aa828b5a0e54177bad3a53b38313e620794da2fc0e022a63c7b5b9fd2c73f00b70e4c372c9833121fa079361ec6fea609feb4cf0488e1c6085f6446ba1f14327a0854f5c64bd62361f10d57968064feee90ee04ed159cf11a9107c0e92c124b008cc1393234244af1c58d34b1e290fa6739903290315e53b1557e36afc9740b32a3ac1d53acd55c569a9fb674df654bb3b01bb8810625aaff1ebe38c2369b05dadd7303d3ff50f8caf895eabb97774ae963c684718ee453651168c970fddebb9e680b5a8adfea74a08ffecf255ea949bad425272d6bfc4f319b669622630feb9eeb9ed3ea01eeb3e1eaf6d4532b92bd03f3e84935943dcbde3d51ec4659ffb91c1f7c331584681582178d7607efae52c4cb22eab160ef7da4f4909edd6eb85e303d6f6aea8e47308a28cbfa3b3bb2b4023ce8333b795a0f5340f2c5ccf48f29fe8d617ca4ba1dec981671a10a597e966671079f4807273d862b4dddb19b1462367b10da4d34eca2027343d0a51772e3476a42da4549e3d13b6893e56ae6681f680aece206aea46ca36d02914100d26854dee755830a01d33f9809bd518e5b6ad608cdb2424794a1dc6daa6e0cc321cf071568b1ca81177f54012416c346dc8205f2b0388874238d2fa636e58d64f34dbd21249c494f293d3395840a8a177d53f77c42743018b1f6c8a00bed7f112c8e1e16c0a35471f66c3b6f8ba2fb2809a005b99ba13f542e75420d7e4dc4ae9a9662437b0145d7c28ae3c7569ea09137245d5c215d95d0dae0f4aff9a16c21ddc265da0601a1584bf474ab05a43ef288d3e892fdaae971ff1f3b37c0b6f02ba5659542b3b2ba60b2cf395e010fa0c560193f8e27a785897ee2102b66850feffd1bf611abd0ba70db281d5e131598e4182af193a16e72785b0271b49fb2ab698c721d1cdaf16ae774adcc07b3bcb155324d71a9d3aea1592e63c44df0a03db58d4afbc40cbbc8de38ae32e42d949b1f0e225bc94e9be5efcb0844e236d5f9534144bb9524406ae7c7d5e2addde5ae026f25f1693f77481eac7fd8d24cf8eaf06231041234c47a56c2b01487d9cd241a16066b921993a2a469c164d059463a7373f303cb3d0c3023a79487aad6ef4aa26939fe6e9d06e02f4b6219e2977cfc4adaf1f983844fc991200b7c5a451b047b0c7bae03adf0028f0b2cde6b8059cfd1b08cc7d1db323f273dde5d8d24070fefe4c1841175c936237535e6c7d408ff4f1825e46278d908750623d6a0ca44f4c74e2d59667b955f02a06551e9584e504a981b66d9c7dce8cc87ae42647a6ca73b928bff7f997eab88d30dc43da9be152fec98bf78481cb5c896b48e122aa13b5217c3c60b9f5aefb5813b2275b5d2ab0e02558c9da393e4c8c00671d8c7a0bb6273aa4ea8782bef0f546b42e53e1ee6816bc403d8bec2814af1ec17e18f9d87465b3839d2c5760b0ff89f1dbff5e59046e91e1bd443e415ba23bec388e61c8d16f578e5b304c68154b1d63abe8f64533def265b220ae756096d7ff89eec22937a9ed16d3bf7b5677a87e9ac8748c42d300a2b916fa60162f9fb469b690e7c81d971b64662731b866d9c7fecdcdae8b5aa8547050013bba1f8ae59fd3d65759a3673758205bf0ea9e256fbd2cf423665d189b3085f671cedaaf71411568e9741d91e81ad6383b04ee8ecc3e6031a6a974ca027ceb33154df5d580d6cc54d498376492c27e720cea534aba7e0f5983a91386d0ed471db5acacbde9f99358b4db7c438f3e92e0c150c3fcb32bb108a730948d491c62999e21264bc2073f6a1f07418cfdc6dd7865f1cafadb6390782cd53149056fd468d8e5444bd2a834a5391059f6944e8696f28d3e1c368a0f95edf70ce5ab00e0af46ead4929948317a43e66c363e1909b9a5305038945514496d612f6aba3e4a200720b2a2a9c7085556dde443776bdab0249a5ccba6017f5b048eff4cd7582846fa43f2d01242ac2cb258b1fe483b5a307f4eaed5bc73b94b962bf74286cf9065589a0c9eed25617eb47b2724d38b6b64f6aacf9d6d58092b05d69f265e5538996c2d78cc749500a0a2a597c0e2539437c677755933ed440ce4c989b9b2d8ea0c02943ac578248aa398c01df66c7744f063b5c6b302f88f284db9750df9fcdb10bf5e293ed0d97357c31ae9cd4d41060a7446be672805e1db4b61f60b18e55b6f33c28b3643cc964a8bd1f6bd756619ca07d43d67fdfa0381dff9f07f4f5e28bfd53f194e83440679a1a41e478a9598635e37d01b46c79c2368abfd28767ba4e5d1c9df7f0a027e1e11d1c6d2ee575aa190c8103c9485b656be6b3c762524a008f1804c98a7ee9fd123e5fe46db229864af0f8f1043be2ba261f637b453fa6bf8a5efd576c536527b64ddd5e4696a8f0bcbc0328b29a5a9edb1978bc9ddfa75db7b163a840723f8e0e3137dba8ac48c6a41c2f740cb3252bf3bfd5dfc313264dfe1e6026ae907c39b568830c111e334eae690b9aa72a528ae09f5e8b926e26db6cf4e5547f4286168ac6b4b6d28c02516259ddce57d410b1a0147e4fc4a28742b486a2c3f3de46ab66382c688cd87676849971d45a4432619e39f68d79acc73df66a48217519152b85d5c3d8fbde24eea10992bcc6a345cbdba46316753fd2f26948483a2228621bb2aaa28faff43f41ae7acc4aad29a7a9ae3532adc32c2b03386e503f2e4d92aef770851c0c4abcb92962f9c7312a7847dd830cb9957bbd1df5f8392285885386f88de2c65cd6da40128f61879dbd98fcfec94388012b38a963c7e62ec4221faf0cba5daf325b8aaaa75d7e1e095767efd6fe2604502a30b76ae44a31993676f1507edeb96378b62d41e90bbcede924369c75ddab790a2588d74e33f96cfd413dd19211abc44924764519edbc2900d43674f3b81a9c2515981339e5a518a7de1bdcfa908c74fee604aa2cdc3602c71f14f8ffd4c8961b78369fc845c856a2ee6beea0195d54eefcce7853d57951fd0c99071d25a277c88f2fe3849d80ca5dd9c1fd894138ea869f7a37d42ebabb804516d1d20b531e04aa337dd72d3087768e5067cea0090425c9cc807c44cf1ecf86b0ad97777912eed6ba0c1bf7e1fc729212621f678563ee02f20172faee8eff4b8a11b8606a2d1624385db0865127c49e7a1a1b36726e77d551b5e5cbb0761f888a95c082c0027c5c19c2ab27089cf2557a2d36e393b779b07ba863d54f6d7cf09d10b3fa24f90a38418b3f4177105311db8379d3244222fbe145da76e694c69c1d57494eaf8b6ba6dc28a9c12e2e688ee367abce60c7e4ecbab543aef2593dd3d2dab1d953a09a4be5220a528ac67e01d57d7b0ce6e7ca6927a0aa62edf2a82dcf0b4c2cabcb7aca69c35da755bcd714965fbcd4f72e7919f188c153f454db0f79d67bd805db72c85401da972199022bac4ffe3b982c947b2fcceeab8774b9d82d8a5d5b19b6cb62c037c99db9e934fb0c86706f735737dd78c39fd8bd84413d6db7c536ddc536e16b3a49ad1c16f11afe34b4470f5f6d57d3b329fa347bcf6d4daf4cc9fa9e997a0ec00524fafd09ce80fa1add8f0bbe35857cbb735833143a32fd3aef790f7497a574e2855ad7c102e92bf37a56fad44b4bd0edc6de35a85010a4c602d54f7bcb5fa92b093b09b375a9d8b4f9810a15154e3aa6c8cb85965865e28db01f8af89c579e00754728cf2e2351b96a3dcc56c88cce2ec74074ebb49e4a5a2785f10c524075d3a4ceeb34e6ff621df8f0f4f0f11082b119d156900d888917d6701d44122d2b6e676b9b33f6eb7366084d03c1767280dd1099e9b81623ab23c6d2b3a4cb1af712b7022a6325c6cea3bbb008b29ada130d43efb6f5cd0229ab13e63ce666c1fd6020a21b5e033af7f8fd206465b019406904689c5b08ebd0400866140aa0d5aae05981ab0a20d41c4f55cd1f6766fb8a04d543c983ba7b177294ef7ee27842a1739d70cac5279c5265c05368116798186ed1145a234b14a28b5ea76c1f0da8fb573eeda2d3226a2cdb38704c25cd804474db7f5a913e0b695a75fbfd662fd7fa61ae64bdda10859bc52167993b7345ba734fe2c3196c3fd74bde6447059753cb10a6d79486c738171e7e69a7eced981becba399588523d49b0cc835c9bcd19b944df483ae474753458789e5509fec871d961c0a96e05d19c4dbaa8e74fa7997dd268d718eb8d939fb809ad9c1dcb6bc55affaaaa58323012fa4f872bd31b5e38bb62ffc6cb8c2dbffea3426056d8ef835054757d2bd7d9b6d0fdd8932cb9b2f3d78a9e6ac80757ea0cd834fa8f396cc35668ce3b8337aa3278690c9982279dc528bdbe77c58f40ec86e6eb265b5a3ce2793121b20833de6288428689497da1e2c58be705742180c8e99bbd15c4f2c0d1f68cbabd0f21d2b6f5d6d70ac7348d85696fd9892812392546e980b933ecac936dbae179f80d0ec08b3e30dc30e1e8283fce27a3c602973351a1d9389250684091eedb7fe4966cff1af4cee5734c97c32527c3ed0a312af24231d69971e908bf820f64de924a5603e5780296f2609dc8e6218990d892578b078a87ffafdb76c84412dcc2cc89d8eec63dfabaef5e413f6a28ebdf9157954d0beb43771ce39d0f528db990d4531645956ec0867283035eeabbf0a874174a40be1d019a0a9f398f0470745781ecb37ab0de8bd9c5a9317e7b5893316049054eed2872be335d3baa081774b445c8b9ebff6c22d28d1d589c031c4d80b6422bd660a9a6eb3a62bd0ae62e28430e60f2c0d050afc7b5999da02b7838c4dde43d210cc2f63e71c3bf915aac395c43a429acb936686232758d1f30dd85a7a195607380dfa64243c8f956f954284aeedba52391f90ef9453b4cc07f7f90afa24ec248388b41f4b2f3900b9fa582552b169a84673d2f3dc949e3696ee6cc3fef18e61c244d113e0a371a1118c8e5a3fc1769a2696bd28c9703a7866e1ba7628905a0f76c30e5e7a8877a2ef9a3bd7331cfa1451a8e47df45359de2ee9ac89e0449886ebd33c4c9853bf5dd"}) r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x0, 0x0, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fcntl$setflags(r2, 0x2, 0x1) r3 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r3, 0x2007fff) r4 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r4, r3, 0x0, 0x201000) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r1, &(0x7f00000014c0)={0x4}) ioctl$BTRFS_IOC_SCRUB_PROGRESS(r0, 0xc400941d, &(0x7f00000000c0)={0x0, 0x0, 0x8719, 0x1}) 23:12:39 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000900887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1301.104136][T29393] loop2: detected capacity change from 0 to 1 [ 1301.148512][T29404] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=35144 sclass=netlink_xfrm_socket pid=29404 comm=syz-executor.4 [ 1301.167120][T29393] loop2: detected capacity change from 0 to 1 [ 1301.169449][T29404] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=34247 sclass=netlink_xfrm_socket pid=29404 comm=syz-executor.4 23:12:39 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3ec, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:12:39 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500090000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1301.186744][T29404] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=53893 sclass=netlink_xfrm_socket pid=29404 comm=syz-executor.4 [ 1301.200480][T29404] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=53481 sclass=netlink_xfrm_socket pid=29404 comm=syz-executor.4 23:12:39 executing program 3: perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0xfb, 0x0, 0x0, 0x0, 0x0, 0x800000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffffffffffff}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = fsopen(&(0x7f0000000400)='tracefs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='binfmt_misc\x00', &(0x7f0000000140)='binfmt_misc\x00', 0x0) close(r0) 23:12:39 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000a00887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1301.381685][T29515] loop2: detected capacity change from 0 to 1 23:12:39 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3ed, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:12:39 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201003) 23:12:39 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000b00887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1301.478844][T29515] loop2: detected capacity change from 0 to 1 23:12:39 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa5000a0000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:39 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x8000f000) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x80000001) 23:12:39 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000c00887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:39 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3ee, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) [ 1301.663309][T29820] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=35144 sclass=netlink_xfrm_socket pid=29820 comm=syz-executor.4 [ 1301.727709][T29822] loop2: detected capacity change from 0 to 1 [ 1301.736975][T29820] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=34247 sclass=netlink_xfrm_socket pid=29820 comm=syz-executor.4 [ 1301.828490][T29822] loop2: detected capacity change from 0 to 1 23:12:40 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000d00887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:40 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3ef, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:12:40 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa5000b0000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:40 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201004) 23:12:40 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000e00887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1302.117232][T30036] loop2: detected capacity change from 0 to 1 23:12:40 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000f00887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:40 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3f0, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) [ 1302.227850][T30036] loop2: detected capacity change from 0 to 1 23:12:40 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x8000f100) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x80000001) 23:12:40 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000001100887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:40 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa5000c0000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:40 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201005) 23:12:40 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3f1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:12:40 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000001200887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1302.516934][T30254] loop2: detected capacity change from 0 to 1 23:12:40 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3f2, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:12:40 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000002000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1302.607641][T30254] loop2: detected capacity change from 0 to 1 23:12:40 executing program 3: r0 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0xfb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x4a060480) unshare(0x2000000) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, 0x0) unshare(0x30000) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x0, [], 0x1, "2156816c73038c"}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f000004c600)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x0, [{}, {}, {}, {0x0, r2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r2}], 0x1, "2156816c73038c"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000004ab80)={0x7ade, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0}], 0x81, "536f0c937e8358"}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f000004bb80)={0x0}) ioctl$BTRFS_IOC_INO_LOOKUP_USER(r0, 0xd000943e, &(0x7f000004bd80)={0x0, 0x0, "c53e157c97ebefccc225607ee3ebe20b0b5e94dc6404be8eff507ff3da0bf41fc4f12fa18963c6833ca483571e231f9b690ae6a7a12fa4f71003244e26e2e3427b38987316adce072af51e477197e9ecb7888d9b2ef125fe8011cdb799ae9c2de957d22c72ab1007c14d62862f09b5dec1f1f3d265c8059c9354e599c7bbac2a8e830c4056d141b48ac1b2a93817f4ebfcf989ce176d278f03820e00fbd837a7e1b64c4bcc06e854a7f3be3d3039a2cbd35469963a6ce30dce34639553e120ef15c38900582a34edce57c22854482cc299c2a6e8ee225042e698331a76d31f8c308ba2ebdee98384ab408cd1f04df112dde60e5e2d7651e7d04b114d99b9b710", "e2cdb668f43a09313172cca23ab80937f95a43a2a63dfd203f84c9aed9f11923c33e732c5fb71c7cc28a6cd4fa364548589686e40873b8317ed144b0e45b81363f7f129c5430ae72f39a694b6b712d462d3778e396953cbef8d59de8f02ffe5f94bf77f820aa9ee75d9800f38adc2012eafcaee3a6bfa092b57d33793ec22c36a3b2065bee61d39b201aa306b4cb1e405e8cb3d642093b3601d447472d62965e8ee2028909733503d9be73c3fc341eb9dbf0159dae4c406a3f6f2ef17840eb80134c0d2e898ac4a3ea0fa27335bdad3d499008a384e5c55f2ebc46a9419211239ab5740c18dcb27d3ce56b8c827de4165a8acaea80624c4cec4fa097bfee69a15edabe8fb7226fb3439f333e907d0e3a6a366234aa3396e4a222ff44916f23591fc99bb3dea6cfa15111d839ba6d6f9d7b1850a48faec8cf34f9e6b2f8323443b804631e674a565dda89f98987528a7726ba28841ddac4e225f3ca8b11a987aade192745a5bcf5baa2e4b8a9f34ec3dac3997d05f7702a92c1688c20b77c0bc29b4ec3321f4a42f8b1d89dcee349a8d3d8d257fd6bf18622c102fde581ed6392570c5bba01372782a898be33ffb6ef318c7f08010a1a41ec9d885aa0ad53064a2b86011c5efcafc79949250db26a34bde5dc52a9c1dd705d6aa6bbcc02b8caee941ad1bc2e45986f9745b032a53a1ce03a07dc040f9aeab379141c126d38ca2fe260731f927420897d26f16c6a145700dbcbbdcb5dec86040724c0235354060f92956a4f0302f5be39ea4ec2de53160c474219de9a76d9ea1724306569450f5a7b649cd450d03a9ac082eaf890de4193702e564befb25ba4f693410a4c6b826d44dd221dbe270cf655f29604441ae1800421bbcd82a3dd343f6c92919a0d72871837c6ddbd14edec1d2e3c8757fcc564582133cba5d77cc1c9f68881296580e852eb6fab2d196379bc2b4d6957af3391c9cfeff2503df520584680ae62fd1584f1037828aba9029e859e7be57dce65f047d969a7dbfe8e6444ccc264cfdfa1d770eb37400b957890770dac709820f9287b47f113c5697c9944de8dde943c99abc23d90e677459ec471edd818468cf2a520f7fe226bd2de5ff9ac176aac56956b4ce9f94656228f7114aa98f5e101914f9f9a39ee35c962247b80948f54f076b0c1bc4e31ba4cf416cf82b1b3e24d5c6ae5454f1c369c1d27ea6019aae6f97fa06d2ebd0d6d5e669e442ad2d1875aa5eda4a712cd51550bae1854372774687401499fd4997451442e4617a54cff0aabeda069db558b85e322e603e135ba8c407d68bc409a15fc35564ac27f0fd3b4dca7a37b6f8c86f2fc896d86b75e13df5911aaf11595ae45f8980410f074fc26d8d91e6e086f99d53bc40611be32618990013f0a0b89f21ef6403de19ba6ae78b279aac7e9a33191b73a9275f32e5dfbb25035d602f24bedec243202128c95846e252bca3e9b01b9313b4ccc8e856c4dd61d2b21145c1e1b9a78a81fb9cad4e0137a489e92bb24c680f917cf779aaeabf0256a71576734cd38fa692bb33aca71d0b1b79dc05ecca5ff6d2aec951fecad7d3ecb5864e19057259a4ddbcc84bf3efa5b6c2bfa1bf9f4636ec3044e25268d6937820ff615cf471444986717157b8a74bb43637d6f0f4e3b5c53777c0f920f6426523c3e2b25c620a4a4d1fb7114fb1fb0abbe082f4c71a12cea8ccccc7a56212184c5992eb392e9527b038bfc79f45f5d3365bf98388b7a370496a28b826eaef110e44cc58386c258f34398162f26ede92372d5b1616fe0c036c663c50b2e600564197317bd950b7465e0de4bde918c7c2024c85230400e446bb2b1758aab095f29a3f3e9440357b6d9c8b10b54d23e1ef795c9f05bad80de446b8388a975b8846680df9e519c56f807c4400fbba7d46b6d5b851cd0b1667dd8f70a4776641c93ee488438a36a69715b0304dbabde529d36c97ad0b46fb61f46644679da54a947446572503e886677185bf92f27b7dc08d1bcfd2cde326b8fc52df76b05f13a3578929538bb04640bdf042a5f5cee794a6ba15974c842ed0a04bd7be26b949c8ddf69cc768eb310e557bc5e53262043c6c99693ea84be4101a7b32bff64edf5a9fd08fe33e97db9c14fa9e3a2952d5c4e5aec39d84b67a8a85bd47853a36fa456a6640cebae96c62b82b6d63779e8d50381d4a5f90ab91f78fb1d3ef12a37a3366e35ba769828d812555b27ae9b628427ce32138cbf7fc85ec898fb1394e4d37d28021fbb0e51edbec0e01132015cef624c5023113008d7e86dfaf39d0a6ef709416f4ed00abcd5987feb839fcce58a475e2de385f1d5a5b63ee989712882fc7ebf4a2599ec4ee75e3eff2f1a5aeecff1e6d7219617be827d478ff6a8db17dd477a282332f9172cd5bb7867c2dcd6a2f1d338f062ddbb728ff77423160cda2d45a3cf82eacbeddd3ae6d1413b2066ef08b9d985c66af121d3e9a5e284e19057c6d5bfac62319903da69bec9a68ad8a9390d7b770e8225d90c38ccb876b1fa53ae8b98185f9e6c0b4c7957468c4ec3205015ae93595d4fc3b0b74f82518d9b0a5ac91a03588cf30c9b7c8619b8e68a95d69c2dcdf2021360dda9f7e6aa1c4a54950b1af8961281d8bba161ae2a3a82cef7effeb4812bef11248423a51d606162547bbf68e0a63b7d3cc84c46d12f97ea172d09c27e111801404b30600d4ad545b3ea51162788498c7f7eeff4dd4366a0f314883a80466c2d2ccac188d99012733671c57672336db68942879fb14faf824aa2ff45f4e3609405ccc6bfdd26f96a9139577194cd472dcd92fc4fcef55f78630e1d9f3659820d239f2c4b1c8fc9ad346e2b2ac34fd069392fe3d5093bbe992982d3eb8b959d29c807602acf98c40e21cba3b33313e731b911632b15642b44bf50e50de0a28c77100af539b120eb50ffb9e124210c6d341a6d15a3a971d161d3f15c058717cdf5b34ea8867da5dc3492de9b61b76fbcd4af878d997bd77999ae8145f244febb29338f1ab4529aded8745bfcea6217f11b94da5a5b1e063665e32920b9729ac5b47859073e7009d2cd594de7805ba6ea2b569c73defc70cffd13e5fdddd6a750a754177a0389c216e4c9f6344449d2342aed0cdcf489358074bf8694d6a67b0a5624843525a91f46b8c4baf0d04fb1b9f914f050658cc3b040c8be1ddc636a73fe6bb61c6d7850f1de37ae34b78b8540e14b23cf47a50a5eba930b8fc14282d14eb0c9258bb02118051351a605e5a3c172e4406e2206a53bb6e25abc0591ee8576282d347a38f09270e78ed3cfd9ce80c75ee24c30591710f30ad93fa88f132d401ebf4f9a8439c89836939dbf37211aa75e71174e10564f15410e56a9e3dd49c90d7b3f034b762b2824479aa591b10a07a38ad6a60315ba2fed22ee5547b2dba1d3e35cabe8b911912ffe2c794566a66031ff73c024fb9ea86a861bda836f07c7d44e821dfb46c465092ede94f0577f0c48b6c6a43d0b900ed3c7abb56f39e458af11b1fa54eb97d4f07eee757de2f8471f70ca0754410a5ee6cd7c6fe168b2fa4445505db06208632b1ad54465acf6f27d5babf9b0dff0e5f2c0e9b5fef8b26cab0daba8d7b87d942c598202f5b0395b913868d6da60a362a712979ae94538c63eaa004b48000fccef39cc50d3d81c5209257d026f9868f67e052e0a295cdba3668a2d68c022c54561350403f7607c676f019559d542d2f11a097f2954d44ae2aebf9be6e6d46571e0e5c289bdca0e02da70a7556876bbea7809557a481d281a1299c388c7ee66bae8cf471061b4e7f50fe986051dba1ae5828b04b490125b5aafd985f065002f318705e7d34a3f44b64e61e8fef575df73e74f212292ab81b39b636a183f1ce30469cfb20ecd60547833096ccf018b507bfd1038610f439671a127ae3b10270f63acce4ed815cb930996b8244cce7f5f1b4929f8abecb6544b0af75e34bbc7c3b9db270432883223a079880134de582d3d1bc130287dff065de0c75e12f52119671c98e3e74ba33e4cb68e108d0ff841d88a0d162fbb46d787082593f6536076a0a4b3bcba8f6a3d26c736d1d3731edd5951f0f74685c9ae2d30948d457aee47e543c00f64cc15462e231ce2a28c218a47cb9ceb5378424137300eeae046fae6a3794bd92f48c8e486fd5ec91d9fd8e170932877d7248ef405b55e830a3fe5525178204b3bd5aab9bacbc7279647b515713fddafcbb0940851328e643374219d04bb81f4b2d49db3253e71096e2dfa4bd1275825f9c0a802285c90b55589121d807a2a8a7dc7b5a4c77014e7d336aed079eac7a9d1471d93685719d5209393e5694928bde8036cc29d02d09c9c3f4bd5978186dc746c6c8bd2b12a825620762d1dbc0a36ad0a764626ceabceb3530080ff359907c44ffe9d839207ecc0ef175c6cf260527cdcb23954e3b31e43d5444669608d68bbb341d6e93372dfa98bf0b309b2d3f3ecf6bf253f66996b68a51e51eff8da5bf8aa04dc84d923682aa39cee7a8197edbe2c94944a5dad115a78aef065a9a855028b236c4b112ac6893f651d43a5972b6f37a1f664074ab7594d11d76d5af849a0101f8d687967ad0e6bac26f55601666c95bf97e2c2dae4cca9300b160e10fb3dd0fcb7c5be02f9d15d93b434a06f6986aea79e1111e396d210a4f79f0c7ede1a90220f53a0f6044dd366e0577ed19af4108bd3e2c94018cb957306ccb86a4a5094841f5e006ce9dbb923503f673395a9d5c1e5bfdc1efa83e171f12b2ef46b45f0a1e8e84e7de7deda62632cce83721d90e307343bb654ba404f32a695eb0b3e3330fe434b42e7da0b99fd219065c0f0eed6e14f7134a7bd02b82ecfcbe2fb71ebfd1c0506c4ab608abe856e88dbc1a79be8509212eab07723e475798798c7a804031c9d6ff0a364bbef4e95186562e56cc84a3382e3fd39a81dbe6e349cdeb138e6cf26f99590324794f71b2e695d15b5564eb1845b0a3a30f6f3f2924155deaed7f6c7f1adbb2ac78fd38562e83f4305b483b423871f99aa3e03475d18468d15a3ad537094eed5b862f570bf57bab4c449dddb1ac88d4c02e9d71f352d9d4b8819dd06712e738dec3378c14dad1d1eed47aa5dd00adb16d505f478978c2d5552d8e9424f91748395fef16c55b87133fb956959fc35501d8daadb4df47855b93b244b5f4e11d7e74d26b87cce53d30faaf6cd0013e7df2726e1317fa86dda2d5d7aa8937af38bc7332fd6ead9019006e83223ebb1d578fe610abebb0890a011a5396be39affaba08e805068d9d914a35b3d57ff508e3479a80159ae238121162643b27da6618d892a5b2771422788d4705e2635bf64fd36509984f0f58962071992db28d4ed86add71f71758a8000827342215374030734d9b8f47c2d"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r0, 0xd000943d, &(0x7f000004cd80)={0x0, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}], 0x3f, "8f2d4d9cfcd32c"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r0, 0xd000943d, &(0x7f000004dd80)={0x401, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}], 0x1, "34868a1f8450ee"}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f000004c600)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x0, [{}, {}, {}, {0x0, r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r8}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r9}], 0x1, "2156816c73038c"}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f000004c600)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x0, [{}, {}, {}, {0x0, r11}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r10}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r11}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r11}], 0x1, "2156816c73038c"}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f000004c600)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000058c40)={0x0, [{}, {}, {}, {0x0, r13}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r12}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r13}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r13}], 0x1, "2156816c73038c"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000004ed80)={0x9, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r2}, {r3}, {r4, r5}, {0x0, r6}, {0x0, r7}, {0x0, r9}, {0x0, r11}, {r12}], 0x1, "fa61429171b3e9"}) 23:12:40 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa5000d0000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:41 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201006) 23:12:41 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000002200887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:41 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x8000f200) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x80000001) 23:12:41 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3f3, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:12:41 executing program 3: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000280)='ramfs\x00', 0x100ca, 0x0) mount(0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x100000, 0x0) lsetxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000140)=@known='security.selinux\x00', &(0x7f0000000240)=':$\x00', 0x3, 0x1) mount(0x0, &(0x7f00000001c0)='./file0\x00', 0x0, 0x12a88a0, &(0x7f0000000200)='\x9f\x1b\x0e') mount(0x0, &(0x7f0000000080)='.', 0x0, 0x0, 0x0) setxattr$security_capability(&(0x7f0000000400)='./file0\x00', &(0x7f0000000440), &(0x7f00000004c0)=@v2={0x2000000, [{0x2e, 0x3}, {0x0, 0x8}]}, 0x14, 0x3) ftruncate(0xffffffffffffffff, 0x2007fff) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r0, 0xffffffffffffffff, 0x0, 0x201000) inotify_add_watch(0xffffffffffffffff, &(0x7f0000000540)='./file0\x00', 0x4000801) mount(&(0x7f0000000500)=ANY=[@ANYBLOB="c5262c7b85c42fae"], &(0x7f00000000c0)='.', 0x0, 0x33080, 0x0) mount(&(0x7f0000000580)=ANY=[@ANYBLOB="aa151c49599be58d"], &(0x7f0000187ff8)='.', 0x0, 0x5010, 0x0) mount(&(0x7f00000005c0)=ANY=[@ANYBLOB="520b808bfd6cc53286a38f"], &(0x7f0000000180)='.', 0x0, 0x5110, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000300)='mounts\x00') preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000280)=""/76, 0xff0d}], 0x1, 0x0, 0x0) r2 = signalfd(r1, &(0x7f0000000340)={[0x80000001]}, 0x8) r3 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r3, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x0, 0x0, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$AUTOFS_DEV_IOCTL_FAIL(r2, 0xc0189377, &(0x7f0000000380)={{0x1, 0x1, 0x18, r3, {0x7ff, 0x42}}, './file1\x00'}) 23:12:41 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000002500887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1302.932685][T30572] loop2: detected capacity change from 0 to 1 23:12:41 executing program 3: r0 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r0, 0x2007fff) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r1, r0, 0x0, 0x201000) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) r4 = socket(0x11, 0x800000003, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'sit0\x00', 0x0}) sendmsg$ETHTOOL_MSG_TSINFO_GET(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="090000000000000000001e0000002000018008000100", @ANYRES32=r5, @ANYBLOB="1400020073697430"], 0x34}}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000006480)=[{{&(0x7f00000000c0)=@l2tp={0x2, 0x0, @empty}, 0x80, &(0x7f0000000580)=[{&(0x7f0000000140)=""/254, 0xfe}, {&(0x7f0000000240)=""/172, 0xac}, {&(0x7f0000000300)=""/213, 0xd5}, {&(0x7f0000000400)=""/47, 0x2f}, {&(0x7f0000000440)=""/18, 0x12}, {&(0x7f0000000480)=""/243, 0xf3}], 0x6}, 0x8}, {{&(0x7f0000000600)=@ethernet={0x0, @broadcast}, 0x80, &(0x7f0000001880)=[{&(0x7f0000000680)=""/39, 0x27}, {&(0x7f00000006c0)=""/145, 0x91}, {&(0x7f0000000780)=""/17, 0x11}, {&(0x7f00000007c0)=""/168, 0xa8}, {&(0x7f0000000880)=""/4096, 0x1000}], 0x5, &(0x7f0000001900)=""/208, 0xd0}, 0x7}, {{&(0x7f0000001a00)=@pptp={0x18, 0x2, {0x0, @loopback}}, 0x80, &(0x7f0000001d00)=[{&(0x7f0000001a80)=""/58, 0x3a}, {&(0x7f0000001ac0)=""/230, 0xe6}, {&(0x7f0000001bc0)=""/230, 0xe6}, {&(0x7f0000001cc0)=""/60, 0x3c}], 0x4, &(0x7f0000001d40)=""/72, 0x48}, 0x5}, {{&(0x7f0000001dc0)=@ieee802154, 0x80, &(0x7f00000041c0)=[{&(0x7f0000001e40)=""/57, 0x39}, {&(0x7f0000001e80)=""/6, 0x6}, {&(0x7f0000001ec0)=""/33, 0x21}, {&(0x7f0000001f00)=""/4096, 0x1000}, {&(0x7f0000002f00)=""/41, 0x29}, {&(0x7f0000002f40)=""/129, 0x81}, {&(0x7f0000003000)=""/195, 0xc3}, {&(0x7f0000003100)=""/154, 0x9a}, {&(0x7f00000031c0)=""/4096, 0x1000}], 0x9, &(0x7f0000004280)=""/104, 0x68}, 0xfffeffff}, {{&(0x7f0000004300), 0x80, &(0x7f0000005580)=[{&(0x7f0000004380)=""/114, 0x72}, {&(0x7f0000004400)=""/61, 0x3d}, {&(0x7f0000004440)=""/4096, 0x1000}, {&(0x7f0000005440)=""/23, 0x17}, {&(0x7f0000005480)=""/213, 0xd5}], 0x5, &(0x7f0000005600)=""/228, 0xe4}, 0x6}, {{&(0x7f0000005700)=@qipcrtr, 0x80, &(0x7f0000005cc0)=[{&(0x7f0000005780)=""/254, 0xfe}, {&(0x7f0000005880)=""/19, 0x13}, {&(0x7f00000058c0)=""/43, 0x2b}, {&(0x7f0000005900)=""/15, 0xf}, {&(0x7f0000005940)=""/233, 0xe9}, {&(0x7f0000005a40)=""/128, 0x80}, {&(0x7f0000005ac0)=""/251, 0xfb}, {&(0x7f0000005bc0)=""/12, 0xc}, {&(0x7f0000005c00)=""/133, 0x85}], 0x9, &(0x7f0000005d80)=""/183, 0xb7}, 0x1ff}, {{&(0x7f0000005e40)=@tipc=@id, 0x80, &(0x7f0000006200)=[{&(0x7f0000005ec0)=""/203, 0xcb}, {&(0x7f0000005fc0)=""/254, 0xfe}, {&(0x7f00000060c0)=""/57, 0x39}, {&(0x7f0000006100)=""/171, 0xab}, {&(0x7f00000061c0)=""/27, 0x1b}], 0x5}, 0x1}, {{&(0x7f0000006280)=@xdp={0x2c, 0x0, 0x0}, 0x80, &(0x7f0000006380)=[{&(0x7f0000006300)=""/100, 0x64}], 0x1, &(0x7f00000063c0)=""/131, 0x83}, 0x7}], 0x8, 0x10000, &(0x7f0000006680)={0x0, 0x989680}) sendmsg$ETHTOOL_MSG_LINKSTATE_GET(r0, &(0x7f0000006740)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x68208}, 0xc, &(0x7f0000006700)={&(0x7f00000066c0)={0x34, r3, 0x8, 0x70bd27, 0x25dfdbff, {}, [@HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x4c080}, 0x4000) r7 = open(&(0x7f0000000040)='./file0\x00', 0x162262, 0x0) r8 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/vmallocinfo\x00', 0x0, 0x0) sendfile(r7, r8, 0x0, 0x4000000000010044) 23:12:41 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3f4, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) [ 1303.021422][T30572] loop2: detected capacity change from 0 to 1 23:12:41 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000003f00887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:41 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa5000e0000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:41 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3f5, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:12:41 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000004000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:41 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201007) [ 1303.347404][T30901] loop2: detected capacity change from 0 to 1 23:12:41 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3f6, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) [ 1303.448303][T30901] loop2: detected capacity change from 0 to 1 23:12:41 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x8000f300) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x80000001) 23:12:41 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000004800887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:41 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa5000f0000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:41 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3f7, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:12:41 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000004c00887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1303.654681][T31113] loop2: detected capacity change from 0 to 1 23:12:42 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201008) [ 1303.727709][T31113] loop2: detected capacity change from 0 to 1 23:12:42 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500100000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:42 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000006800887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:42 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3f8, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) [ 1303.953846][T31327] loop2: detected capacity change from 0 to 1 23:12:42 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000006c00887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1304.050212][T31327] loop2: detected capacity change from 0 to 1 23:12:42 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3f9, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:12:42 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201009) 23:12:42 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x8000f400) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x80000001) 23:12:42 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500110000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:42 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000007400887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1304.288552][T31540] loop2: detected capacity change from 0 to 1 23:12:42 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3fa, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:12:42 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000007a00887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1304.376832][T31540] loop2: detected capacity change from 0 to 1 23:12:42 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500120000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:42 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000017d00887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:42 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3fb, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) [ 1304.562522][T31752] loop2: detected capacity change from 0 to 1 23:12:42 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x20100a) 23:12:42 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000009000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1304.647775][T31752] loop2: detected capacity change from 0 to 1 23:12:43 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x8000f500) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x80000001) 23:12:43 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500220000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:43 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3fc, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:12:43 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa50000000001a300887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1304.942599][T31969] loop2: detected capacity change from 0 to 1 23:12:43 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3fd, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:12:43 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000fffe00887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1305.027843][T31969] loop2: detected capacity change from 0 to 1 23:12:43 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x20100b) 23:12:43 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500250000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:43 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa5000000000fff00887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:43 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3fe, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) [ 1305.255236][T32279] loop2: detected capacity change from 0 to 1 23:12:43 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000feff00887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:43 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x8000f600) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x80000001) [ 1305.348372][T32279] loop2: detected capacity change from 0 to 1 23:12:43 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000200887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:43 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500480000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:43 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) 23:12:43 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x20100c) 23:12:43 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000300887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:43 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x2) [ 1305.637056][T32553] loop2: detected capacity change from 0 to 1 [ 1305.713448][T32602] selinux_netlink_send: 127 callbacks suppressed [ 1305.719842][T32602] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=35144 sclass=netlink_xfrm_socket pid=32602 comm=syz-executor.4 [ 1305.740073][T32553] loop2: detected capacity change from 0 to 1 23:12:44 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000400887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1305.796869][T32602] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=34247 sclass=netlink_xfrm_socket pid=32602 comm=syz-executor.4 23:12:44 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x10) [ 1305.863816][T32602] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=53893 sclass=netlink_xfrm_socket pid=32602 comm=syz-executor.4 23:12:44 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa5004c0000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:44 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x8000f700) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x80000001) 23:12:44 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000500887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1305.922650][T32602] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=53481 sclass=netlink_xfrm_socket pid=32602 comm=syz-executor.4 [ 1305.998470][T32602] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=49 sclass=netlink_xfrm_socket pid=32602 comm=syz-executor.4 [ 1306.011459][T32602] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=61 sclass=netlink_xfrm_socket pid=32602 comm=syz-executor.4 [ 1306.024414][T32602] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=108 sclass=netlink_xfrm_socket pid=32602 comm=syz-executor.4 [ 1306.037279][T32602] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=103 sclass=netlink_xfrm_socket pid=32602 comm=syz-executor.4 [ 1306.050150][T32602] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=129 sclass=netlink_xfrm_socket pid=32602 comm=syz-executor.4 [ 1306.063058][T32602] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=161 sclass=netlink_xfrm_socket pid=32602 comm=syz-executor.4 23:12:44 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0xef) 23:12:44 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000600887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1306.102743][ T352] loop2: detected capacity change from 0 to 1 [ 1306.168960][ T352] loop2: detected capacity change from 0 to 1 23:12:44 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500680000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:44 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000700887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:44 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x20100d) 23:12:44 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0xf0) 23:12:44 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x8000f800) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x80000001) 23:12:44 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000800887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1306.387061][ T592] loop2: detected capacity change from 0 to 1 23:12:44 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x2000) 23:12:44 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000900887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1306.537965][ T592] loop2: detected capacity change from 0 to 1 23:12:44 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x4000) 23:12:44 executing program 3: set_mempolicy(0x1, &(0x7f00000000c0)=0x5, 0x3) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r0) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000004c0), r0) r5 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$IEEE802154_LLSEC_ADD_DEV(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000400)={&(0x7f0000000380)=ANY=[@ANYBLOB="5e35b2eb", @ANYRES16=r5, @ANYBLOB="00042abd7000fedbdf252a00000005003600000000000c0005000203aaaaaaaaaaaa08002f00230000000600060000000000"], 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x890) r6 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f00000002c0), r3) sendmsg$NLBL_CALIPSO_C_REMOVE(r3, &(0x7f00000003c0)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x2c, r6, 0x400, 0x70bd26, 0x25dfdbfe, {}, [@NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x2}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4040804}, 0x20004000) sendmsg$IEEE802154_ASSOCIATE_REQ(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000480)={&(0x7f0000000100)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="10002abd7000fcdbdf250100000006000a000400f57dba901d000a00000005001100000000000c0009000201aaaaaaaaaaaa"], 0x38}, 0x1, 0x0, 0x0, 0x10001}, 0x20000851) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NBD_CMD_RECONFIGURE(r7, &(0x7f00000005c0)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000580)={&(0x7f0000000540)={0x20, 0x0, 0x100, 0x70bd27, 0x25dfdbff, {}, [@NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x3}]}, 0x20}, 0x1, 0x0, 0x0, 0x4001}, 0x20040000) sendmsg$IEEE802154_ASSOCIATE_RESP(0xffffffffffffffff, &(0x7f0000000b00)={&(0x7f0000000a40)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000ac0)={&(0x7f0000000a80)={0x3c, r5, 0x300, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_STATUS={0x5, 0x3, 0x14}, @IEEE802154_ATTR_COORD_SHORT_ADDR={0x6}, @IEEE802154_ATTR_COORD_SHORT_ADDR={0x6, 0x8, 0xe06b549061ef0625}, @IEEE802154_ATTR_STATUS={0x5, 0x3, 0x4}, @IEEE802154_ATTR_COORD_SHORT_ADDR={0x6}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8800}, 0x20000004) sendmsg$IEEE802154_ASSOCIATE_RESP(r3, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x74, r5, 0x100, 0x70bd29, 0x25dfdbff, {}, [@IEEE802154_ATTR_COORD_HW_ADDR={0xc, 0x9, {0xaaaaaaaaaaaa0102}}, @IEEE802154_ATTR_COORD_HW_ADDR={0xc, 0x9, {0xaaaaaaaaaaaa0202}}, @IEEE802154_ATTR_COORD_HW_ADDR={0xc, 0x9, {0xaaaaaaaaaaaa0002}}, @IEEE802154_ATTR_COORD_HW_ADDR={0xc, 0x9, {0xaaaaaaaaaaaa0202}}, @IEEE802154_ATTR_COORD_HW_ADDR={0xc}, @IEEE802154_ATTR_STATUS={0x5, 0x3, 0x40}, @IEEE802154_ATTR_COORD_HW_ADDR={0xc, 0x9, {0xaaaaaaaaaaaa0102}}, @IEEE802154_ATTR_STATUS={0x5, 0x3, 0x1}, @IEEE802154_ATTR_STATUS={0x5, 0x3, 0x5}]}, 0x74}, 0x1, 0x0, 0x0, 0x40081}, 0x4000) sendmsg$NLBL_MGMT_C_ADDDEF(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x38, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @private0}, @NLBL_MGMT_A_FAMILY={0x6, 0x5}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x38}}, 0x0) 23:12:44 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa5006c0000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:44 executing program 3: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) 23:12:44 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000a00887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:44 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x20100e) 23:12:44 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0xefff) [ 1306.791125][ T1018] loop2: detected capacity change from 0 to 1 23:12:45 executing program 3: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) [ 1306.877900][ T1018] loop2: detected capacity change from 0 to 1 23:12:45 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x8000f900) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x80000001) 23:12:45 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000b00887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:45 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0xffef) 23:12:45 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500740000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:45 executing program 3: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) 23:12:45 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000c00887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1307.085004][ T1135] loop2: detected capacity change from 0 to 1 23:12:45 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x100000) 23:12:45 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x20100f) 23:12:45 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000d00887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1307.157270][ T1135] loop2: detected capacity change from 0 to 1 23:12:45 executing program 3: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)) clock_gettime(0x0, &(0x7f00000004c0)) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) 23:12:45 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa5007a0000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:45 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x100001) [ 1307.442235][ T1455] loop2: detected capacity change from 0 to 1 [ 1307.507705][ T1455] loop2: detected capacity change from 0 to 1 23:12:45 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x8000fa00) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x80000001) 23:12:45 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000e00887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:45 executing program 3: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)) clock_gettime(0x0, &(0x7f00000004c0)) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) 23:12:45 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x200000) 23:12:45 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201010) 23:12:45 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500900000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:45 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x1000000) 23:12:45 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000f00887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:45 executing program 3: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)) clock_gettime(0x0, &(0x7f00000004c0)) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) [ 1307.737024][ T1768] loop2: detected capacity change from 0 to 1 23:12:46 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x1001000) 23:12:46 executing program 3: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) timer_settime(r1, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) 23:12:46 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000001000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1307.819637][ T1768] loop2: detected capacity change from 0 to 1 23:12:46 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201011) 23:12:46 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500fe0000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:46 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x2000000) 23:12:46 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000001100887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:46 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x8000fb00) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x80000001) 23:12:46 executing program 3: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) [ 1308.260949][ T2092] loop2: detected capacity change from 0 to 1 23:12:46 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x40000000) 23:12:46 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000001200887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:46 executing program 3: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) [ 1308.327943][ T2092] loop2: detected capacity change from 0 to 1 23:12:46 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa5007d0100000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:46 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000002200887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:46 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0xefffffff) 23:12:46 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201012) 23:12:46 executing program 3: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) 23:12:46 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000002500887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1308.581736][ T2412] loop2: detected capacity change from 0 to 1 23:12:46 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0xffffffef) 23:12:46 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x8000fc00) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x80000001) [ 1308.668345][ T2412] loop2: detected capacity change from 0 to 1 23:12:47 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500a30100000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:47 executing program 3: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(0x0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) 23:12:47 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000004800887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:47 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x10000000000000) 23:12:47 executing program 3: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(0x0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) 23:12:47 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000004c00887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:47 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201013) [ 1308.897201][ T2632] loop2: detected capacity change from 0 to 1 [ 1309.009739][ T2632] loop2: detected capacity change from 0 to 1 23:12:47 executing program 3: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(0x0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) 23:12:47 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000006800887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:47 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500040200000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:47 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x20000000000000) [ 1309.271184][ T2885] loop2: detected capacity change from 0 to 1 23:12:47 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x8000fd00) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x80000001) 23:12:47 executing program 3: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) 23:12:47 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000006c00887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:47 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x100000000000000) [ 1309.329568][ T2885] loop2: detected capacity change from 0 to 1 23:12:47 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201014) 23:12:47 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000007400887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:47 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500000300000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:47 executing program 3: r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) 23:12:47 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x100100000000000) 23:12:47 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000007a00887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:47 executing program 3: r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) 23:12:47 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x200000000000000) [ 1309.621291][ T3194] loop2: detected capacity change from 0 to 1 [ 1309.717958][ T3194] loop2: detected capacity change from 0 to 1 23:12:48 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x8000fe00) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x80000001) 23:12:48 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000009000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:48 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500020400000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:48 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x4000000000000000) 23:12:48 executing program 3: r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) 23:12:48 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201015) 23:12:48 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0xefffffffffffffff) 23:12:48 executing program 3: timer_create(0x0, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) 23:12:48 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa50000000000fe00887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1310.090924][ T3530] loop2: detected capacity change from 0 to 1 [ 1310.197642][ T3530] loop2: detected capacity change from 0 to 1 23:12:48 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500060400000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:48 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000007d01887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:48 executing program 3: timer_create(0x0, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) [ 1310.444756][ T3814] loop2: detected capacity change from 0 to 1 [ 1310.527530][ T3814] loop2: detected capacity change from 0 to 1 23:12:48 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x8000ff00) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x80000001) 23:12:48 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0xf000000000000000) 23:12:48 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201016) 23:12:48 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa50000000000a301887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:48 executing program 3: timer_create(0x0, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) 23:12:48 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500000500000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:48 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000402887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:48 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0xffffffff00000000) 23:12:49 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) [ 1310.744023][ T3933] loop2: detected capacity change from 0 to 1 [ 1310.757117][ T3934] selinux_netlink_send: 120 callbacks suppressed [ 1310.757132][ T3934] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=35144 sclass=netlink_xfrm_socket pid=3934 comm=syz-executor.4 [ 1310.781775][ T3934] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=34247 sclass=netlink_xfrm_socket pid=3934 comm=syz-executor.4 [ 1310.795307][ T3934] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=53893 sclass=netlink_xfrm_socket pid=3934 comm=syz-executor.4 [ 1310.814922][ T3934] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=53481 sclass=netlink_xfrm_socket pid=3934 comm=syz-executor.4 [ 1310.845582][ T3933] loop2: detected capacity change from 0 to 1 23:12:49 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500000600000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:49 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000003887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:49 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0xffffffffffffffef) [ 1311.033992][ T4084] loop2: detected capacity change from 0 to 1 [ 1311.109705][ T4084] loop2: detected capacity change from 0 to 1 23:12:49 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0xffffffffffffffff) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x80000001) 23:12:49 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) 23:12:49 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201017) 23:12:49 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000204887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:49 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500040600000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:49 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)) timer_settime(r1, 0x0, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x0, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/219, 0xffffff4e}], 0x3a, 0x0) 23:12:49 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000604887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:49 executing program 3: timer_create(0x3, 0x0, 0x0) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) 23:12:49 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) timer_create(0x2, &(0x7f0000000380)={0x0, 0x2b, 0x1, @thr={&(0x7f0000000300)="d6ce8dbfbef70c718863c20ca846ce9db855bc2a6e288cd89217cf630eebc5d864ace35f49f5abc08fa7154c7ad6db17046f726e483a35f486e2a0fb32316f0fe2a90659c2862564de5e562474a887d368c20a1d76e0bd0698081c5d8404f3d0aa13a07b14f09e3e7bf50dcfaeaec32890d83668f6f6f9a19a", &(0x7f0000000200)}}, &(0x7f00000003c0)=0x0) clock_gettime(0x0, &(0x7f0000000200)={0x0, 0x0}) timer_settime(r0, 0x0, &(0x7f0000000400)={{}, {r1, r2+60000000}}, &(0x7f0000000480)) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000040)=0x0) timer_create(0x7, &(0x7f0000000240)={0x0, 0x36, 0x0, @thr={&(0x7f0000000140)="81100134c3fd6c0a656252f8ea21d930759d8c94525faa74e0108b2eb05a7d727afbbe5c55915363aee8f9dc206dc998018bd0fb4673e54fd5610d1f64b420948ceb8e6d4890b83efa8ad5c68559bc93465a160c78da0532cdd040b43b78313c0994c57e438ad71235eee2003dc9749ec56718841c6bdb2afda72b21f02ad63fbef0238a54cc9d4bfb1e9fdd91e649c3bfa40c5c4163b747f829f7c8177f730cabf668c95f", &(0x7f0000000200)}}, &(0x7f0000000280)=0x0) timer_gettime(r4, &(0x7f00000002c0)) timer_create(0x2, &(0x7f0000000080)={0x0, 0x1, 0x2, @tid=r3}, &(0x7f0000000100)) r5 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r6, 0x0, &(0x7f0000000500)={{}, {0x0, r7+60000000}}, 0x0) process_vm_writev(r5, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) [ 1311.305515][ T4241] loop2: detected capacity change from 0 to 1 [ 1311.355547][ T4323] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=35144 sclass=netlink_xfrm_socket pid=4323 comm=syz-executor.4 [ 1311.371826][ T4323] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=34247 sclass=netlink_xfrm_socket pid=4323 comm=syz-executor.4 [ 1311.385260][ T4323] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=53893 sclass=netlink_xfrm_socket pid=4323 comm=syz-executor.4 [ 1311.398579][ T4323] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=53481 sclass=netlink_xfrm_socket pid=4323 comm=syz-executor.4 [ 1311.402607][ T4241] loop2: detected capacity change from 0 to 1 23:12:49 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500000700000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:49 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000005887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:49 executing program 3: timer_create(0x3, 0x0, 0x0) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) [ 1311.695290][ T4540] loop2: detected capacity change from 0 to 1 23:12:50 executing program 5: r0 = open(&(0x7f0000000180)='./bus\x00', 0x14d842, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) lsetxattr$security_capability(&(0x7f0000000040)='./bus\x00', &(0x7f0000000080), &(0x7f0000000100)=@v2={0x2000000, [{0xfff}, {0x134f, 0x80000001}]}, 0x14, 0x0) sendfile(r0, r1, 0x0, 0x80000001) dup3(r0, r1, 0x80000) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) dup(r4) sendfile(r3, r4, 0x0, 0x80000001) r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r5, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x0, 0x0, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) open_by_handle_at(r5, &(0x7f0000000140)=@shmem={0xc, 0x1, {0x3, 0x7}}, 0x600) 23:12:50 executing program 1: timer_create(0x7, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)=0x0) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) timer_delete(r0) r1 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r2, 0x1, &(0x7f0000000500)={{}, {0x0, r3+60000000}}, 0x0) process_vm_writev(r1, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:12:50 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201018) 23:12:50 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000006887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:50 executing program 3: timer_create(0x3, 0x0, 0x0) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) [ 1311.769168][ T4540] loop2: detected capacity change from 0 to 1 23:12:50 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000406887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:50 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, 0x0, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) 23:12:50 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)=0x0) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r1 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r2, 0x0, &(0x7f0000000500)={{}, {0x0, r3+60000000}}, 0x0) timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x77359400}}, &(0x7f0000000080)) process_vm_writev(r1, &(0x7f0000000000)=[{&(0x7f0000000100)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xe7}], 0x1, 0x0) timer_gettime(r0, &(0x7f0000000200)) 23:12:50 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500000900000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1311.891044][ T4655] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=35144 sclass=netlink_xfrm_socket pid=4655 comm=syz-executor.4 [ 1311.906448][ T4655] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=34247 sclass=netlink_xfrm_socket pid=4655 comm=syz-executor.4 23:12:50 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000007887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:50 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, 0x0, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) 23:12:50 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/219, 0xdb}], 0x1, 0x0) [ 1312.079924][ T4766] loop2: detected capacity change from 0 to 1 [ 1312.152001][ T4766] loop2: detected capacity change from 0 to 1 23:12:50 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000009887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:50 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201019) 23:12:50 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, 0x0, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) 23:12:50 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500000a00000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:50 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x6, &(0x7f0000000040)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) timer_create(0x3, &(0x7f0000000080)={0x0, 0x1b, 0x8, @tid=r0}, &(0x7f0000000100)=0x0) timer_settime(r3, 0x0, &(0x7f0000000140)={{0x77359400}, {0x0, 0x989680}}, &(0x7f0000000180)) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:12:50 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x4) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r4 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r4, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x0, 0x0, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) sendfile(r4, r3, 0x0, 0x80000002) 23:12:50 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa50000000000000a887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1312.469061][ T4984] loop2: detected capacity change from 0 to 1 23:12:50 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(0x0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) 23:12:50 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) timer_create(0x3, &(0x7f0000000200)={0x0, 0x18, 0x4, @thr={&(0x7f0000000140)="8573bedfd0ea977f99553e97f866ae38d2603d2f60d982b6f28708d9aefa1f7021b8b1ffbab7a70ea5b793862e6659148b1b6143fadb032e8f8670553a086be8fed72d46f4ced64c6d2f", &(0x7f00000001c0)="34e4"}}, &(0x7f0000000240)=0x0) timer_settime(r0, 0x1, &(0x7f0000000280)={{}, {0x77359400}}, &(0x7f00000002c0)) r1 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r2, 0x0, &(0x7f0000000500)={{}, {0x0, r3+60000000}}, 0x0) process_vm_writev(r1, &(0x7f0000000340)=[{&(0x7f0000000540)=""/249, 0xf9}, {&(0x7f0000001680)=""/4108, 0x1000}], 0x1, &(0x7f0000121000), 0x0, 0x0) timer_create(0x3, &(0x7f0000000040)={0x0, 0x3f, 0x4, @tid=r1}, &(0x7f0000000080)=0x0) timer_gettime(r4, &(0x7f0000000100)) [ 1312.551185][ T4984] loop2: detected capacity change from 0 to 1 23:12:50 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa50000000000000b887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:50 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500000b00000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:50 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(0x0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) 23:12:51 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x20101a) 23:12:51 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) rt_sigtimedwait(&(0x7f0000000040)={[0x9]}, &(0x7f0000000100), &(0x7f0000000080)={0x0, 0x3938700}, 0x8) futex(&(0x7f0000000180)=0x1, 0x100, 0x1, &(0x7f00000001c0), &(0x7f0000000200)=0x1, 0x0) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:12:51 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa50000000000000c887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:51 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(0x0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) [ 1312.828689][ T5308] loop2: detected capacity change from 0 to 1 23:12:51 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500000c00000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1312.902830][ T5308] loop2: detected capacity change from 0 to 1 23:12:51 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(0xffffffffffffffff, r0, 0x0, 0x80000001) r1 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r1, 0x2007fff) r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r4 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x2000, 0x0) ioctl$INCFS_IOC_GET_FILLED_BLOCKS(r4, 0x80286722, &(0x7f0000000080)={&(0x7f0000000100)=""/206, 0xce, 0x7, 0xffffffe0}) sendfile(r2, r3, 0x0, 0x80000001) 23:12:51 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa50000000000000d887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:51 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, 0x0, 0x0, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xe7}], 0x1, 0x0) 23:12:51 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() wait4(r0, &(0x7f0000000240), 0x1000000, &(0x7f0000000280)) timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) timer_create(0x3, &(0x7f0000000080)={0x0, 0x2e, 0x1, @thr={&(0x7f0000000680)="577a2f1a7396bfb91a13ff8ebe20325852ec1fa1fd089691fa90452a8f247755a4495c3153b8b7201b0af1783e735e2c88df6e540927db81d818af0637810ec4ed26ef7d83a0082a4cedadc047de89466bc28dd3b6d053037769709bb2dfcdbeb3af5bac34ea8679b4066bf76d19609931274cb77654470fa039f2fbf52b1fa1b8ee84785acf38a26822583b2c6cbb0c7d3deeeda480f3e90ce55b152e9b7d09459be0a96d4e16b70d93520ab8f14d9968e09d88dc57f59f61ac3b4f2d3bdff3d286474def3f758135e888195f93ebcf619fb0bef9b9b57e7408a6d89afecd091e8308ee566b5e3293427ed701bda79ff2b0426bb797e6bed9d8e3b50f0faede29116ae995ab088591d5e30a778c9246b88fd1ea31c7e711ef284b6e647308302b354821176a3ce816b63c9680f0b32a0697c6ef67cc940753d63721df1399a2b052f931d172dc2bfc629f2cd0d53a4b77128bb68e8df7f299027664fba936d4cbde806da4a067d39ccda80794198d059114ed8b0c0d6d3d6c3c0e45a56838d1baead84b712dfc56b458cd782a5b84332dd44fc77336d26731ef93ae7634d8a30a556a34e173563f573b1c1b17627fa8738b811e407ad5d1dd9c616307a945c819316e8a7581b8cd4837d1d2d98762444686f4f4583feb9b22fc73a1718aa5d7a1581d858666bf3a5945f282b58dc921f72b036e2878cf6e3760ae29065cbfb09786112f51c5a2e36e4aa360f90e0e9bb62f565a19670bb7e21ab08b4f9be6d76e716e3ef2c3f1137a29a4f64a8263252285fb441ebe07e04a7d1aee4199d7674297e99aa812edf72aef546f6ebdc87cedcd242f50d3df834c2100c625ad6592c5a72cfe4d4d471206999035842d0289c1eb807e753a326264e1f7382c0b6e324eed454044c42e89475db44db80494c1b0293fe2734daed46e645e04f93920715a1d51d2677b601f54deafdb8c007a4465982820053576cda9c7d7cffae4203357cf37b509c7f48ad74993cf7d684277ef66e9e4debd9058063a32c6fdf9291b32cbff4fc391e253be7a38a00e2c9623148f45c2057950cb20b45a201d33960ebdd8d570bc3f30dd018a6a671a54f52890340fed864765038faa99d19cd902e121fe7d46998ee8419f6a34101e3a6b48761f2f68f7a842661c21023ff5188c82a92a7451af7df19b23c9551babe838c9188402a1318fd0c7d00ea4647e1c9bf18d57b7b9db58587059302c7853b7f31d2196925ec6345e363a5107f4a98c5e2ebe090c97e8b2234918a0787828df3675ca15ddac0dd8cb82607e7e936051a64513a95a11544f79aa370e902fda33849783e5d3df605f6ef921ca42ab85c3d44623e605ccc16d08129b52cf6ce888eab148445a44c2760460c6e58f3937b639fd62c8b15a12da1445b1d4b25d22822d56ef8292728596f813435228aed4e7d0a1787fc426365bb8a7073ccf72839ddb0a9a3ef615eb92100e7963ee7210601c0f5affbe856f3f14ad3a607c7258ff1d496816f3d586842a0b3d130ca59ac3120ca094a4b5ceb6e29bac0ea3b7ccbe3a83aeac989dca7feb29fbd1f25b776b99cf5029b45467d4723f11736f9e728db85221e4b2d020e7103b8b0abb7b13398e628f8fd48422b748d960df4751770cb280b4b94d2b56f0936ec6338fba110047780db3af85bffbd0f571b5eeed5028cd931338d9abe434d2c6cc37d5b5dc3fc5493fb0e4212da7717492b1ffc6d9874c9631a3657b07f3d06cf4938afb7757ba399f8d859f09f1ff4bbe7b32473dcc77ea26a1aa24a8c0af83a910d8ac9642f487734055faede5b64df1f32eb5ae4f2b363aa0a0c95bac29626fde0cca56a4d133d9d1f400dddf1de7570c326bda52d80b7543e39c42ff981be76d27796b811a50146765b76768d8e98675b31bd231e6279ce557a92f1f820250072fc1eb63cdf85c831d55dcfb5cedb466390daf6d9329035f173b9bccd802e9aa450b78756fd9509e2b4b5f0928afa5c01ad9b67f810481bef7cb2c641e64fa621e3d6a038f5bab280bfda9488bb6371c4e3aa24ac95ffd0f55e1148fc2a00416196c0aec1a5bebcaf1b4043da42cf6f8b0286dd05de7e0d10faa558bdeabc69aa5a95337b50aa03e3b4d2d2b3ce80c6d0cb3dbaecd854e7c3a9377d4735fca3d0e9399e4128b9381b3ff73226be6913a3fb3df1bda786c4720b5595cdfd717349eb37883954e1c3f6d613664bfc5b43e4bf553415619783416b676e140e3cde6456a2114503bd3269df576574549ef9acb49fb99d809d2a7d9ea4e5f7b1b3baf248702a2d35fa6600b8d05e8c7893f1f79b35fc76d6736529908e7ed09d550a2d8496ecc7ced28c2e4867ab07a1362651d9d0b95bed7f04374b1d08a1566c3b265b49dc88b21992674c6820f00cb739e1aebfba4863d0744c5d67d957287882a78c6a63c1a1a89b263bcb586cfd31373b48bfac33e3b409d9b129b14783036b274c461fb33ec76b55632629e653e8a0eeb1db505b869c3ed6a923ec199031c9b271db32227da38fe01f98f47cae414b92b5fbc677725c36d2c973346e8381e66f01bf3a565192851684d5dcbd0728817fa783ac419c7f282ba755507d0b4583e39c24c0e7af5a7fed31fa7762dfe5f002e823699fe76dd7e4b46b626daef59c846628bef204c4a28a2c6d004ac6d0e6964d2d62dd80d00472a673a2e4a36684beacf5730fa47392a5276e804d461e2820db39c47d7f2300c5e278612cb62808adf891f25e6d23e55fbdb19a8739bdb76cd37e584ef2707f0cfa4e6041150d2a360054ec99ce2c1249aa2d1d98226edc13727333a651e79a0edff898e88b87e587f2c00699d8eda6be9fa1cc4c41ef0508b2b43e300b5ab6e81829781025fa0a94b562045606492cfeb13dbc977d11f6ad6ca687d8225e98edf168951e8cefa2e26354cd6c263efb52231d5d872de30ce8f5eec508c46eb38fbbed93b77970c2ec04eb0f0cfb9062ecfe8a092efdd2164f114711a93c971e1924bf41ad5f83b6d93c766482492f8907ebf68220c6b2a987b267d66678c936addfb23afdbc4a1ad1ddc566c7cf54c6da861cbfaf3fe75b3403d11ad4a737c50e1c95828e8a24727ec2fc7ec82ab18ce02d57ecb5cbafc4cd4da22f72fb97a1740493a95c4af4a00fecfdab8e39688137ed48cad8e51704b56bfccbc31d3355a2c818fdaafd3c8c60ba5f3b0278de05d2668af04a1eb1d9bf68ac2bf408dd24e1cb984312a87d1560429f4ce0599db20350492974c76feba9446fba78367a957a568a84d5000fb97317d0682970bd74d4b959c5825fb42afba20f88a1203018bc7bd454d08a890a592f1591f3d03fb416a5d5c3e7a01a5f84b7653685a93a770c00da93a960c794982a53798f4ccc773db2193bfffeab166cd4f2ede6ee8002528b205515a2ad21ab46fcbe37f90defcb83bc7f32264dc9c2558a16f336e7707e2fe689cae4c3daf768d4b8ba2f1714f70893f862647a276aa23c8c6635f296415b8fb58bab58342ae60ca424479e11cde104de702d219afd2d5fdb2c6e3ddb27ab803d6e4f79c5a1badf0c7046bfe88d11486633b9156d679a7edcba2589a3f84ad7b7a662275fd2416afa8927ee3cd293662f8cd06fe9e8eeaade4f60c8aabc41b09a3e81e195ec0e3109889448c43f977422b743ec133bf65b76ba110acc44cd5232510a354c1dcba8a9619ec6eea85e382096cf9f91cd0d6d459d5e8727cc401df5f9e1aabf04e6bbcb3cdec6293839cd7210cb6765013eb22b9bdde5aa78964737b8efa18d79c1926f1425e9d2256fd8a78308bf96278a1bf58296ac9d9ba92773e8b2e929dead54870293a9c46ef83915879d0b12ec4e7a7de5514d3039b64a4157e61b5363e116ced595cefa7237edb08c4e44eff682cc632cfd7e4bf1801c028aca480368c28427aa71250861346b2f7d559abdd982c5a3b3a80bbdf512a3d6e0683b9430541946f76bb279c140378d735626e4ad8460dde610c95231664cb27a71706fc6e68a3907a7e1f088050c997f55869701e8d9f416bbf9fb9c58851f2fe3d04cdd9b315dff9816ed32cfcd9c5102e3f4b4b9e7aca23ec3a8ba40a15ac913d4ffd46c4a5d9f3b009a78056992bd59cd53f374a133f1b764407fc2ce92822084ea8cd196eb9c5952ba53d26bd9877d0a9d2f895a439f443e964e09c4b9321c1308c53d2c0fd5c24ab333716d1f1403027de143d3ea303d1aa5d5499be2764f31934d3fb809baa1c87ae242e23a3ff2fc882866defdad55981185a29cf353397ff036e340f45c3add39cfadff5e28c8840a68e2d9876e81e1a33857be361441208216ae3b7fd2cabd02b6991b063b6a9fa6366ce08f8cea01f3d55105b338db8a51caaa288515843287434634ccef9c0c6d9d26c1a697458319ac18327ad8f91b2841d0e55a3ad6a4871ce4bec8d8355137e75c67fb83893c0f380a8763fe7862c6361fb470c4906ba64c10602e2b28fdbdde8f3a99be67e5bcdc28afa8149effb962247e29d83a7ba3e7e3e585e66e33b0e0d84850fca7159787a614bce3ccb91858d822bbd25632d6e4862a6b78c1add0062272c96e6cea1703516756f0ceb20754ad0f10b9066652ef92cbbcadddb432d1ff6b43e7a04c4101397aab29d1807649cad5e3238727bd815e4a2ffc02cf978a42e8d38b08c868d2e721d80111f262b7bd79ec2b0856509b716d35d31f540cc0911c20c1100af6b900da62ec56be03874d3bb6154be4843bb30181f17dcb80e4970d558293c024175f58cf8727af6530214e6c27cc4df44e1737bfc063a6e4ab0784a8f24684a9a9b0bbaf3113d9819bf0935f673602fd5f6f97faca255d004aa6fdaa918df2ad0c88c2da9fab98b4a458b84231a0587db1e8b21efd9b3601924c2894e5c22617fc7d030579b6bb115c222647f913945867453265cfd7b17dd24074c4ea960eed1795d0e37f5dc1824c507012046ef7622c6ce424b0ce22b57c05d0f0d82d46d615be354ddd22c8310478daf7ad3a5aa0137d030218247ebfffa40e6537521d75b756078c3c0f1b94c4a652bea5d5cbfbea400645eb038fd3a69ba7ba2945ae3baa3753e38504b2a14c78aad6c2999aed399b3b0a65e8dee66a564ad90bbd6d6a26d8a664bb617df264358b59805fdd8fd206bd71981b32085809a8acfe096f864c0c4d5bf0e0f5bd92e6876773bf493b32b4b6e719c0ba0ffe7c7020496939d84e6522c0d6547727aa633c132ec41535f34145b2769c1925eb660f5f87c4ba0485f4539b0818c387d28796636b8a4942fcbb45eb4acaee926db41db9c12512cc62eeb930de329df78d86b14965563c4afd87b40c1c6d1ba00176ea3e89ea2bc39acc0508b3b08794e9fa2fa92b53c13ec9fb341bbc10d3a9095cc9c7aec2d1e2562829e6ded14cc788225fe0cb6a29020be1b1805de9ef11b7377fb11b8feccf5d51a6f7049d0ae480a5bc60b08f988dde65f401c139378490a7cc92771edaac16b44664ebe65f28b140396e60336afeb870f8a2678af908454d09066248c8b076f3eebe838a7df9c5c1f5d3a5546a0b07b942107b54fdc65eaf0758877ea5f24c0d17934dd7c4315d2a22957c2ded758b5ff7244e91d55bbeb7c8bea6eee82c954c10dcda1601494729c2272bd5b9081bcda4240eaf0d7e8f673098a9f023f2f3a85a76ff145c7a93011374ffd422723bfae973563b42d89e7b3152c7580348d3c05243a7a521b008c9c92beee257ddbc5ceb02a3f9b219d1029f057b516bcdabdd00adc267222fcb3f94b2db331", &(0x7f0000000100)="88df9be904f2f180cf74a86ca574097ecd520de1f6c2b723759742002e2192c417667c5374286ea5196849df765ae3c03a3c124896a4c0d7baf79ccd1ceee1919c65e895a965ecccfa570c07db92244cffd34a1731fcdae97fbaeec2e44a2f07d39c9b2136e14857d7c1f19438004426b9cc7252df64a4ef97"}}, &(0x7f0000000180)=0x0) timer_settime(r2, 0x0, &(0x7f00000001c0)={{0x77359400}}, &(0x7f0000000200)) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) clock_nanosleep(0x4, 0x0, &(0x7f0000000040), 0x0) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r3+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) timer_settime(r4, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) timer_settime(r4, 0x0, &(0x7f0000000340)={{}, {0x77359400}}, 0x0) 23:12:51 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa50000000000000e887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1313.079842][ T5422] loop2: detected capacity change from 0 to 1 23:12:51 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, 0x0, 0x0, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xe7}], 0x1, 0x0) 23:12:51 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x20101b) [ 1313.188728][ T5422] loop2: detected capacity change from 0 to 1 23:12:51 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17, 0x1, @thr={&(0x7f0000000200)="cbce2028f7fa6bca28a4738112d61be599dcb511745f9723493328b6c215eec8e78b0bbfaec53b420bcef4bbfdf48e970874e7354cabb23cd1ef2e51b5aa33a63815fd7d9a949be46d3e1af768181ef4b2dfade363b7795c97a07d33a645e3d14701aadad8adefda3d9c39f69ba47d17044a3e136f973daffec3f6634e805ee4430655b796", &(0x7f00000002c0)="eca505ba6498aa2fdda27f09e063b16f17bd763a33b4e0c5e05951dffc0e04601f47c0f6a5dd1d9b3777067b486eaa27c89ce02f47c52be5b245bcad5ebdabbf7c0b04d2abb6d56de139aea5d14dabca2557332e3e1f93e5b2befef70c30b5c80830209a10cf1d793427e20bba8e0561b8"}}, &(0x7f00000001c0)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) timer_create(0x5, &(0x7f0000000040)={0x0, 0x5, 0x4, @tid=r0}, &(0x7f0000000080)=0x0) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) timer_settime(r3, 0x1, &(0x7f0000000140)={{r4, r5+60000000}, {0x77359400}}, &(0x7f0000000180)) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:12:51 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa50000000000000f887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:51 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500000d00000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:51 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, 0x0, 0x0, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xe7}], 0x1, 0x0) 23:12:51 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000011887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:51 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x119040, 0x14) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x80000001) 23:12:51 executing program 1: timer_create(0x7, &(0x7f00000000c0)={0x0, 0xf, 0x0, @thr={&(0x7f0000000300)="d901000080c5efe5635d31f163d3220099f41ae818", &(0x7f0000000180)="190e5e1a97bae9eba18d4740841dd1faa7c52663b7da8e2415287abe24f3ae70ce540c4431c94e7ceef1bd23c106c6e24327f112de3dad704295bf6d390ad0c1e1126da5679ace17da0af9625d3d11a21511f4cc68447b7df723685242e538fde51c093ed9599d0713f4bcd0019b619b1cb246b651bd954e2aacf7b58ce3f4c58143085b9ce8d850b175a7c07ef4af372dc65449e21f023681e8b53eb405e7af2e485e647ce7d1eb51f8a91934615fb590052190cc5570895e786b263e6638625045f42adf731c205f7601a18abc85f2e167d5c668"}}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() tkill(r0, 0x8) timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f0000000080)={0x0, 0x0}) timer_create(0x0, &(0x7f0000000280)={0x0, 0x1f, 0x2, @tid=r0}, &(0x7f00000002c0)=0x0) timer_settime(r4, 0x0, &(0x7f0000000100)={{r2, r3+60000000}, {0x0, 0x989680}}, 0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r5+60000000}}, 0x0) clock_gettime(0x5, &(0x7f0000000040)) timer_create(0x6, &(0x7f0000000140)={0x0, 0xa, 0x0, @thr={&(0x7f0000000340)="3aad5275eb0b252320a3c4443a6ba91d46bc94b8cb5e57ff5b2024d2cc0fad7ac931142467be1e18b756c7ebbe989830c797ccaa4a88164265c0d5d7c51835aa720cc1d67fe66eac105f2bed262371a49e02d2a532aeff4768456fec6ba8721e9d127ae9ef22fc45976ef9826190925dffe7410da59d3c18503959699972bf89523452868b77592ae38e5796de0253d0a47d7fafdef89fb56363469e9af32c51fe8275f1e9f9d2c3559e309c1b0d95e55c15b8d0c7f1c1c5506f7d66577f77e25c91c804689e43c26c9f652003808032d25139949e95220dbad61bf1ebd87943fe6f0297308c95ceeb80ba36b7e4c6c2a47998ab96", &(0x7f0000000540)="6a2deaa1caca06339b2b600c39609d6f91cf64c9cbc97bff667d4212e32415f5e502b531eaa105773521c78d1a289b68a27132189e345328f8c1557c76aaa457169c72d02a97f13537db8b887b4b2478dd82721b8e16d5cbf89db8b88c0bc9627292a334"}}, &(0x7f0000000480)=0x0) clock_gettime(0x0, &(0x7f00000005c0)={0x0, 0x0}) clock_gettime(0x0, &(0x7f0000000600)={0x0, 0x0}) timer_settime(r6, 0x1, &(0x7f0000000680)={{r7, r8+10000000}, {r9, r10+10000000}}, &(0x7f00000006c0)) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:12:51 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000), 0x0, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xe7}], 0x1, 0x0) [ 1313.494418][ T5755] loop2: detected capacity change from 0 to 1 23:12:51 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000012887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1313.570670][ T5755] loop2: detected capacity change from 0 to 1 23:12:51 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000), 0x0, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xe7}], 0x1, 0x0) 23:12:51 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x20101c) 23:12:51 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500000e00000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:51 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)=0x0) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) timer_settime(r1, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x77359400}, {0x0, 0x989680}}, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) clock_gettime(0x0, &(0x7f0000000080)={0x0, 0x0}) timer_settime(r0, 0x1, &(0x7f0000000200)={{}, {r3, r4+10000000}}, &(0x7f00000002c0)) timer_create(0x1, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r5, 0x0, &(0x7f0000000500)={{}, {0x0, r6+60000000}}, 0x0) r7 = memfd_create(&(0x7f0000000600)='.&\\!\x00', 0x0) r8 = fcntl$dupfd(0xffffffffffffffff, 0x406, 0xffffffffffffffff) r9 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x2b3) ppoll(&(0x7f0000000780)=[{0xffffffffffffffff, 0x10}, {0xffffffffffffffff, 0x4575}, {0xffffffffffffffff, 0x2400}, {0xffffffffffffffff, 0x80}, {0xffffffffffffffff, 0x4180}, {0xffffffffffffffff, 0x8000}, {0xffffffffffffffff, 0x40}, {r7, 0x104}, {r8, 0x24}, {r9, 0x100}], 0xa, &(0x7f0000000800)={0x77359400}, &(0x7f0000000840)={[0xbd]}, 0x8) r10 = gettid() process_vm_writev(r10, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0) process_vm_writev(0x0, &(0x7f0000000200), 0x2, &(0x7f0000000040)=[{&(0x7f0000000100)=""/194}], 0x1, 0x0) 23:12:52 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000020887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:52 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000), 0x0, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xe7}], 0x1, 0x0) [ 1313.817619][ T5877] loop2: detected capacity change from 0 to 1 23:12:52 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000022887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:52 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(r0, &(0x7f0000000000)='/proc/self/exe\x00', 0x101080, 0x2) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r4 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r4, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x0, 0x0, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r5 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040), 0x395d00, 0x0) sendfile(r4, r5, &(0x7f0000000080)=0x3, 0x1f) r6 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r3, r6, 0x0, 0x80000001) 23:12:52 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{0x0}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xe7}], 0x1, 0x0) [ 1313.888278][ T5877] loop2: detected capacity change from 0 to 1 23:12:52 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500000f00000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:52 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000025887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:52 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x20101d) 23:12:52 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{0x0}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xe7}], 0x1, 0x0) [ 1314.090192][ T5995] loop2: detected capacity change from 0 to 1 23:12:52 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa50000000000003f887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1314.177985][ T5995] loop2: detected capacity change from 0 to 1 23:12:52 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{0x0}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xe7}], 0x1, 0x0) 23:12:54 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000040887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:54 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500001100000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:54 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, 0x0, 0x0, 0x0) 23:12:54 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = gettid() ioctl$sock_SIOCGPGRP(r1, 0x8904, &(0x7f0000000100)=0x0) process_vm_writev(r4, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/220, 0xdc}], 0x1, 0x0) fcntl$lock(r1, 0x26, &(0x7f0000000080)={0x0, 0x7, 0x80, 0x6, r3}) r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r5, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x0, 0x0, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) sendfile(r5, r1, &(0x7f0000000040)=0x7ff, 0x8) r6 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r7 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r6, r7, 0x0, 0x80000001) 23:12:54 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x20101e) 23:12:54 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) r3 = gettid() process_vm_writev(r3, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0) ptrace$setopts(0x4200, r3, 0xea, 0x13) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000000100)=""/231, 0xe7}], 0x1000000000000161, 0x0) 23:12:55 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, 0x0, 0x0, 0x0) 23:12:55 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000048887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1316.766368][ T6115] loop2: detected capacity change from 0 to 1 [ 1316.828127][ T6115] loop2: detected capacity change from 0 to 1 [ 1316.845689][ T6120] selinux_netlink_send: 58 callbacks suppressed [ 1316.845704][ T6120] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=35144 sclass=netlink_xfrm_socket pid=6120 comm=syz-executor.4 23:12:55 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500001200000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1316.870140][ T6120] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=34247 sclass=netlink_xfrm_socket pid=6120 comm=syz-executor.4 [ 1316.884564][ T6120] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=53893 sclass=netlink_xfrm_socket pid=6120 comm=syz-executor.4 [ 1316.897926][ T6120] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=53481 sclass=netlink_xfrm_socket pid=6120 comm=syz-executor.4 23:12:55 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)=0x0) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) timer_create(0x6, &(0x7f0000000340)={0x0, 0x21, 0x0, @thr={&(0x7f0000000140)="b60df1f65b4af109e235997d1c709a1c40960df77d442d231ffa5f64d6aaf6fe152889167bdce92e1a7eeb1fe59638eb2fbf765c1687ebfeea85f1fe85e7cb3f21987996ed550c24f3287e6fd1a6c82ab21ae61b9e97d670a80b130cb02a7d43cc4dccae2cad028763c3d775eaf882e1a0d61ec1edebecac6c27d3660a859801a2abbcd8bc5a961b604bc77b43de46720166fd153d47ae49d90435eb0d17fae22c3cd22c3cb2e32b9fed392dd99a085ca1cc8ee866430db6269cc56f8bf75dbc04bb914e021b854f034cad51c4f8c9e97805149e48bc67a90aada0d7bdd2a684998eac91", &(0x7f0000000240)="50fb501df5f066171b361b7747f67275af6a9b49be918974545170607614a7e60398fcb8d780094ce19342520ba8e579646f6cf0e4306021b62aac47ed0f1dfa6d2afe46dffa31c663ecd2486bf72125ff220ab117b5a3d0e87240adf10415b2e17bf72b004d29d473d0ab82b1929c5d039ca57a35fed44e5b1ce2873e52874bcedc970b4a58998d1c42abc5aaced51fe5928a2822539d46015f9a1dc0bca239b379f10f7b7242f588341547e306185a5cf7d406abd247390aa7c6f08901ef2db072446581bb63a7e7"}}, &(0x7f0000000380)) clock_gettime(0x1, &(0x7f0000000480)={0x0, 0x0}) timer_settime(r0, 0x0, &(0x7f0000000080)={{0x77359400}, {r1, r2+60000000}}, &(0x7f0000000100)) timer_create(0x6, &(0x7f00000003c0)={0x0, 0x3f, 0x1}, &(0x7f0000000400)) r3 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r4, 0x0, &(0x7f0000000500)={{}, {0x0, r5+60000000}}, 0x0) process_vm_writev(r3, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:12:55 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, 0x0, 0x0, 0x0) 23:12:55 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa50000000000004c887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1317.066083][ T6228] loop2: detected capacity change from 0 to 1 23:12:55 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201021) [ 1317.117712][ T6228] loop2: detected capacity change from 0 to 1 23:12:55 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000), 0x0, 0x0) 23:12:55 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000068887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1317.384662][ T6342] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=35144 sclass=netlink_xfrm_socket pid=6342 comm=syz-executor.4 [ 1317.403392][ T6342] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=34247 sclass=netlink_xfrm_socket pid=6342 comm=syz-executor.4 [ 1317.417770][ T6342] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=53893 sclass=netlink_xfrm_socket pid=6342 comm=syz-executor.4 [ 1317.432648][ T6342] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=53481 sclass=netlink_xfrm_socket pid=6342 comm=syz-executor.4 [ 1317.470962][ T6342] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=49 sclass=netlink_xfrm_socket pid=6342 comm=syz-executor.4 23:12:55 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17, 0x0, @thr={&(0x7f0000000040)="d3e65acd8762b02d5c89dd36302d794f7a2db2e3a96585c3c9921c785fadd254f5ca5a736b77d2511712f9fd308d3aa73c8afe957cd13b73c1d605", &(0x7f0000000080)="563c3996007369794912b3a1341d2d45c4d3"}}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) clock_settime(0x0, &(0x7f0000000100)={0x0, 0x989680}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:12:55 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500002000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:55 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000), 0x0, 0x0) 23:12:55 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa50000000000006c887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:55 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f00000016c0)='./file0/file0\x00', 0x3bc6682a4695ed4d, 0x0) r4 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4, 0x8010, 0xffffffffffffffff, 0xcd8b1000) ioctl$SG_IO(r4, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x0, 0x0, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r5 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r5, 0x2007fff) r6 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r6, r5, 0x0, 0x201000) perf_event_open$cgroup(&(0x7f0000000280)={0x5, 0x80, 0x8, 0x1, 0xc3, 0x84, 0x0, 0x0, 0x43944, 0x5, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x3, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x4, @perf_config_ext={0xb3e, 0x401}, 0x805, 0x7f, 0xfffffc01, 0x5, 0x0, 0x15, 0x6b, 0x0, 0x3, 0x0, 0x9}, r2, 0xc, r2, 0x1) r7 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000004c0), 0x400, 0x0) r8 = syz_open_dev$tty20(0xc, 0x4, 0x0) io_submit(0x0, 0x6, &(0x7f0000001680)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x6, 0xfff, 0xffffffffffffffff, &(0x7f0000000100)="6f00c0cc576c8bdf02ebd18779830a7164713a0a3b3566020823ce524e4702dc74e645d674659fc93ae4bbf6fe1b2461ce53b948b0682ddda992b26b9abc823b80e3115be3d20000277ef81a6cb7c1df4ba614317eeeb4f974a74c43cfef781cedb44164961b1e1d18a142ad76d1f693093ce07da1cc942aaff6da25b5ae59eff1e1a5049880d0830482f68a1530ba5b6d25f5f4828b54c5c5fe23ae4e5f4ee6dc566aee53418be4267b7c07edcb", 0xae, 0x5, 0x0, 0x2}, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3, 0x7f, 0xffffffffffffffff, &(0x7f0000001700)="6df34d35fa1735ff75e47786831aee01b7eabf8dd9752f9becd41048aa8c6aef5a2556eee8f4bc82de5bf90cd15e120a9ec322a41dfafd41a06a325210c310feb27315bed5969047f8e63deef9c442ef6ba6c3673423ca43fa5b55c0ca5eb270cf19d5e7a5b53367da644c1f286d55d28ac098a2283139566d9fd638febaf8318d4b5b78374efc1c066d891a9cd33f2403af96000011a413cf81919b1817778774fd458c9e02315c460ed807e07cc6fa3b8e8a8643a7ddae82f9963ac07e82bc4167ad9941afea888c83f1ff05ac", 0xce, 0x7, 0x0, 0x3, r5}, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x3, 0x8, 0xffffffffffffffff, &(0x7f0000000400)="a92ebacc03f9deaaac6769c4b9fe1a4b0e8eb90925bf15a67540fe5e920c792fd4ed801af8c3292d8d13747a4e73b7a608ac17ae9c7580e2833c5abbcb2b545475082255e2d9ee84e73fcf96d3e50013f9a09b96b4eb80db13c6b612c6696db7d650cdfb442579f937e34e44bfd32f8fd0dd8557e1d6835b0ca3698eb5494b947c2f8b5ef00b8748ae6f04bab9f40ff414e3c3ad87b1ce1dd899b9d2a1de2621aa", 0xa1, 0x100000001, 0x0, 0x2, r3}, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x6, 0x6, r0, &(0x7f0000000340)="c9", 0x1, 0x4, 0x0, 0x1, r7}, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x1, 0x401, r4, &(0x7f0000000540)="8e2b1e2a240e89e068d0ae03eb0787490fb6807661efb56159608f7b6f5e082c020c5ddc521b99b47ec135ac526697a920e5fa2229594b83e6e14f009cc5ea3e9448e34b85f6e3bef2983e1c8d4d15d4872d148f0fbbd898cedf323124d06c76b80fbf9764a8df5f0bb8155e6bb02df46230e0245a2fc8496e52a5125585679067e5b2bfa0b3045d6f33787e021d61fc6d31a6fe0a132c606f83b46aa2d73b81db6cc8ff86c5ed270d85", 0xaa, 0x0, 0x0, 0x1}, &(0x7f0000001640)={0x0, 0x0, 0x0, 0x3, 0x54, r8, &(0x7f0000000640)="07fd8b9655efa123b54dceb9955859dd75825d192e3bd5e06ba2001aeaae5d8e0d20340b80fa064367f45006b5f927c07987d66bf86eea1c25b33716a8bce5c369147292a53b7848b91bbe355177593eacf5ec90254c3cccad4925849f49467c4f5c3dacc9fa66f9e92fb3a91eb3acfba90683817ec8f32b32557a1ed2b57044be018dfba504fd5b35153f93891436b5f2159cd3b0ccdcad80dc60de9d707096b96cfecd6c995d260423ec25b952b377d75664598e5a56e8827a00d69f5f5490133fd2152e52d026d9812a1acbfe71ee132a3a64cef88bc3d82972c52c1d5ac9f0af3e555cc10c0d986a3229b4b2815b00b505cc7690328e473d2c090b21010c47d2e56526df3c829ece4e69a9fd5fbe6f14a1f5240a38ecb8317d5a178563e12524f262d3e830e4d48086c3c772602babe5baedde21d82c65124fb1106bcbc3d0a11837cd002a86d7055157df1a42f01291f663282e40520f0eff69e19212a56baebf855782ea7a7af0ca53705769eb62dd3de374110cb230244266d56e4265fdb1b7a954d8e78c7b22f2fac961e18f6fe20f16dc0dd5ab5e201dc6dd99cab62b530551350a2d6b28f03a680aa07cce730b889782ea5b93d3578a84ceda37ae9a00afb0dc743ba5e81e40ea1434a737dc9836b5d320eb0f4366ce40ee532b857d23e513fd9dd7bef5fcfadf3ce52d1a6055571eb4687a216b031a601d16e3627f5be4cd16e5e3d8a19dc393997207b3cbe885eac29513b400a0ecb066172f05bc7927cd56948eec565a09b8dbf2f22be0aceadf89e06ea176629e845aa296026ac14985b7ffb13e08a0222c8da3b866c6e78338a0200f29f8bb586ee0192d4aee9e274b52c952f6a0ddc895c23a6f8728c9c7eec12d62561d7a0bb401cee6760c96e8bddd7a5573a6812bf860fd2ebcedd31db0173ff50c40b3389ab7ae244aa4e175b55155558fc61d556e3d36d777ac18e32a9e72d6dab54e74d9b1511ccb2ab1b85192e8e345c38700a9387ad5e1b41d822d78d0a06efa623d13a0857966386994dbbad17b202583f9585425081d9b19f796dfd94a589a55da974fac7ce6875e22c4b8128f7e455829d4b2d18ebab8e4b473286ccd6553a17363f3ed021af39efdb33d93bcec352bbab7aed805432ff7ddf6c5e2586616c92035d636bce2db1f0246a096ee060ba98c5337dcfe97b8708ec016e98ef97c34a92d4d8eaf0039ac4daa18dca3aef74625016b3fd79d5e8f944b558bb50a281d38df1a251c95ac1a2b9ad6f11237d7a33ed22662fa915cc784c6dfb5a6ba86f5323b632cc0ff5d050aeab042c5cc12910b18b4f99e37db9a459de392a7649ec687370050dc43256b9e3bad88ec50cb80a1e5311b3d7ea968942c639e9b146905eed6177ae0d2926bc6d6065f5d1c90ec5c06748115e848478070e8907dda414249d6f11fdc3471a16b2ca00d457349d5bee537cc7beff20ff6a5ae13a662d5cfddf7aee97f28bb679491e76412b583948c87979b24deb32a54d1d328a20053046ca90bda5e8366150adb939da14d6210a85c1a03501c37323eb7af1ab75a0a260aa9691a3f7ef29d3ea5a5f9c22f963fc842a055427be8bf960f402b90a44ee4f78b199b459416865deae0e3780c6531d613d20d51fc4197fab57b4493899975279975bd646453a64d3bc690f4ae5aa922bfde1c9386e6e13eab0bc06bbe876affeb31e2438dd502e5976636894842665b49716fd7050ded595f690fde09cbd634a3b317924a15912571a7b812429595fd4ed34536cda5af1bde15fb6c9dcfc98713b499ccb9cabdfcd2c53e2043f797b1870dc997884d54cb099f76e8fbc1bdae70365497a5a0aa60888d925969ead578157283cb34463d950d6288d30c17c1a72c0d10015c4847050ea24f49c7834d5cc1ce14f8f99d5eabe9b4ddf63ca33da8f70996ead77b5af6f6ca3e99fdb233fabc7af7d4f762a6106711725e16d109a2bb30a26f3519e573d3a2fd17c5d0099ba5631fde758bf47d23cd38498ed58567ad498eef2c1b43dd9b4b694b9e3325c85e7674551dd5e2666325548a71e304d7704d8e1ccc32338b5687af6e6305ac6c6b2b097fa21d6a4e3a231c40b1667a46766f8d058420388830517b47b5ac0aa95b05ada9ee11995805274e739838c8d0607b944594d3b09acc20dbc87f2fdae13c0d53d0a7530f5be0646da2be0a7fceb1d7ea0cbdf4eb9078928bc7b47b63a3e08b74d2410d34d7c42629a6c36fd8ac8f9052555d9f0d139b6dbfa464f974c81cae22f94aa4c8b7ee9f1f298a0acd234de0aa48699b088b4bf7fa513f116123e0c48486dce67100a50a70a06ecc902ba8a6fa20905ff738f8cb2328e2aa5d913a575481225f6eb747fc45fd6bc93cb3a780c1a2458a95cf10c06e86ac9f7ee281b09aab275f5afa8cb603c455c53dcf3279b5f247ba13870b5ce88320b0ab4677c5900a048bc943cb811853bd47fc388507709d96297b552e1e9b28a6e33c8e1983c08a461b1aed0475e404e12bd4a41f196a12fd955fd51e961cfdce425a87af7d0e1a2b75115ba68d8c9950e92fc6131f51e1a6aa39a7c117eeb5e52565c84021afef1aaa4e4bf9887194938ab00656f81dbee7d233a67e7d386b3b586c277fd5c620fb0dbbeb2897da5c742e80887cb57adbc408a19a7d2cbf632122bb543117783396be66122ac2e0f512fcc0d15a345c2a268747fa8e3763d98b4445a59d2b712e66cdf4049a809f3040a4528a9e4a59b1c96a657c5996450d81b826fe82bb78bb40a3357f83eeb6ab29ea4776ec189b7126825650c4cb4f007789bff94a294dad55eecb7a987ebbfe552a5367771a34c524eafe9ce6c899dd23c7e3a19ba5e5e5288aa69e22676829fe2b4ae9d8a873eda68af9b5396dc0833807f4321a936e88e7dffbc2fa72208de0d219cad53e99da4d5f0068e355fcef9efc569af11c9ff3fe10f874cbde589f1b606cdc37cd27340f52327e9c75cf27419d340b0c04a20ccf802a39cdccf0d1a40329cda2141a5bf3aca7880c045f598b4f0fbd96d086222fd46382ffeacf7e6da0f06d2c1b233527814fdfa5b5899470769fa15dce069d385a5f0b21b7dd264863f0d535f081cece73e18f725a250329b56c6f39c044a3569121531c79c0d0174edc74df2d04e156492e80767e3ff5bc8b0d283a709e77589882fc5a356bbecc07b4689f4449de0c4c26c346bca79ea8b2bc8dbfcb9b572592a145992bc605a7607b8a215d482b6fbd59b75f91ed15c97c0ecb9a72549b4d0085866b3c32164875d626abd086b642fb66071fe2f6413e8c19908f65489d6616a3cceafba8b9369a34dca261ba351d796527926606fe8358ee8660f8586d4f2a4036f4807ab1521541532577169fa12e5648cfeacabf13fe8bd84ab02e46d005084d16999daf42bb1523dce7b12ccc687c2599eda0b4a4d369308fdb0b3ddf75cc4968164a1c1e207df6997b8cee6f6b00dd885a23197eb58b70aafc107cdc8a5f0a274cb69a31aa3de925b49c08acf72b9f7fdbdde1f2d3a30d8b57609aa0bd5b5842567352f27d5d685c969bc4ffa0931033be0ef70212ac52931173b0ab0051c144e5ece742fb3d5ad8187d64c18a0efbdcdf3948bdce5efd469a1888cfa43cdda5163c16ff11f3fae435e47a1da4514a51bb3ca99f076e2150f97ddba40d75ff85dbe04b6c91f490aac42b6c8864b3899584d9cc811a3cd0818747e2bfc318888efb90052acd42c72fd3e6fef849df79a4b503b2b847485ce794fffe7e9df150bbef77aa912dc96116e48b7ca6d16deba212883bac985506407bdbb03dc5dd4703f18dbc1411afa1feb60f1a9012f469be383d8bba532c8afa3b875c6f9aa4ceaa792cc71da7832d84c557032883126b0e86a642e94167d3b9abd6cbdd107a2b894e594a82e241cf29af8c881cef9d010eccebe4c8921eba366333d31f5eabb5c811e4575bf3e7e24215e041238d90c31b6ae8169caf6a761b1dbcd3f6e3de2a759cb0519699423d2a4a7c6fd1fd25b35be50cf9a20d392d6b83ad3c13a0a0ab7fbd7909b053700e6699d88927cbd1bcbb2d7989fe281fb35c461c51fe2aaa4db55b89812cfca45e2dc9b3b6a0187b77197b1059823899dc39836e33ff7dcf4bb6d6cb4b278e6df42c6e4a42fae4a41033b131b536abbd59c75e81f1934a9e58e74bcbbfd5e175f768fab0f82aa3ec70ad0aef101403970f9a56245f44d149e9e939e990a1fba7520111da298bc5e374b8743840c6a980cedeb30c280931d12804ab36e8fdff6443bb6bd8a334593513182a03fe1eeb13d0aa34ed6cfee938051858e80a054688b735c352a33f203c340feb2b630de66492de5292bccb8297b810d2041ac0da988f2ab72668cb22825d06527da22439a7cd958be51c2d2d56680ace38fe76ff7596c40648addca7b1d36a8eb47c1b5ca60320d94a848a798c15a1a714bc853b83f8cbd9aadedb0d25862ceea4464f8bf9eaf84652825bdcf5208d56920f6a75327d121efe8cd750c72107f27f6a5396afbdeeaa49ef506fe42aeb14fd9d472a3c681ef2cb0a5647d333dcc0174cd912b2f67fafdd70bc422b7b6b3d1019dd57cbc6e380551ca8244bee9eedeba1d7e9588fe6011059c67c159e64301fca6d8f0a97b26a30b3fa761c743a8de7e3815305a5be961c166811a03904a6e6180fce8d1187ba4f7d7ff352f63d55e4a25d31d083f3bd1fc13de3efe7ae3bb2480b9014e9583656bb40deeea63eb614ee5b27ae523b01830378454d0cac609d00856609d07c2114010bca2e6534f5b2019194b9acfaf7d9680b885c79e54ee50f6f033fe819001a6d111b3ca77f8abeb16bf0b19e1588ada1c2ba389a22dc403adf92c9243574b5238080905006994f341da4a39d01bf5b122c77fc46de80fb30bec3a51657c63371ba212c9f57659dfbc667de98ae3a44c9340094898f654244497e70dfbf33667d8837ba45f77b9692517633044952b35499787001c46938132f45de84fd31440a3e6b8d495095e656752be8d2f6345cc3fd98ce03bf064dbdc5f64b6e9f6f8e46b955814d44f4b7fb1ca6de2767ab19944fc8dc3c2f27e6869e0484d195cde6ab872057a75be67c78f18b5ef39c655f5fec1107f352759f12edc06b69bd13a4b75cae596636b05ebbeb9837b305698e13eb43cf46be1dffb7471a4cef6f4d9a188848bd6c6410b2f3f6d4951e3babbce6f0a9d34d7a84a47e8c0480db563bf078c344173eeda07f6474865f5eb01a91e250d7e99a1f3e98c534923a67a3496c38b9de4b66d493fd178d64c7c5efa14abeea4637cd476c222336495fa97259191fd65a87c17833ac92cf4269692611b5c15a7e57479b8a8b010884f4462348df8ba4609977f344d48caadf02cc2e4720947a2295795d4d332e81b29406c5c13eb20bd1cbabc4d75327cf77edcb1d7ddf4a89e5d0ec8b550e9552e76dc1a7bdc8c2b89ab67a291bc8be6ff6936ad3a527ad289dbfbbd77bb1e908fc23105dcd1859d60986428139592165f3652affd92a0cc9fde85e0d1dc86d8978aabe6e54e70d063e3a0d9ca2c05ce9179d3fac8f0ed8fc772f6ba81759bd840bbded549166fdc5de4f12038e7300a63a56bbdcd93e69be1051c49e8aa105cb7e57dc80c41c9cad7f3c1e8fd23f295aed3e355e7db178c0165730b5baa36d1acc4de1c60a0f5bd927eeb758051d8d13e7e874321ffadbd90ef4aa9db86e8c2498679edddc353542eacf5de1eabea9a5ab21f6067e5a0c02a1a778f8ef75935050f65a9262b8dab6", 0x1000, 0x0, 0x0, 0x2, r3}]) close(r4) r9 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r3, r9, 0x0, 0x80000001) [ 1317.483807][ T6342] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=61 sclass=netlink_xfrm_socket pid=6342 comm=syz-executor.4 23:12:55 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000), 0x0, 0x0) [ 1317.549184][ T6347] loop2: detected capacity change from 0 to 1 23:12:55 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000074887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1317.618911][ T6347] loop2: detected capacity change from 0 to 1 23:12:55 executing program 1: r0 = fcntl$getown(0xffffffffffffffff, 0x9) timer_create(0x5, &(0x7f00000000c0)={0x0, 0x2, 0x0, @thr={&(0x7f0000000080)="28d6ac1ce556fe61a29b194b9ca23744ac315b7240f4926d0eba89d8a540ec25c7a34da3", &(0x7f0000000100)="3ef188c4962ae3dacdba01a8c51329dc4c4da254af300dfa29170408c2dee585dea7337007db5f25707ad43fc7cdb537b83eef609170ec7bd34cb2e4e70629bac9922893dcbf3bde2732f008581f6d3f317636a2737fcf7b0905b04cf53793f56d92b101af8d9e86ac9da6b75bdd901fc1a205a1691d7bd3047271b188321c6e"}}, &(0x7f0000000640)) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) timer_settime(r1, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) clock_gettime(0x0, &(0x7f0000000040)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000000)={{r2, r3+60000000}, {0x0, 0x9}}, 0x0) r4 = gettid() timer_create(0x2, 0x0, &(0x7f0000000240)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) tkill(r0, 0x4) timer_settime(r5, 0x0, &(0x7f0000000500)={{}, {0x0, r6+60000000}}, 0x0) process_vm_writev(r4, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:12:55 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201022) 23:12:55 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500002200000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:55 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{0x0}], 0x1, 0x0) 23:12:55 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa50000000000007a887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:56 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{0x0}], 0x1, 0x0) 23:12:56 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa50000000000017d887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1317.902287][ T6568] loop2: detected capacity change from 0 to 1 23:12:56 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) sendfile(r0, 0xffffffffffffffff, 0x0, 0x80000001) r1 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r1, 0x2007fff) r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r3, 0x0, 0x80000001) 23:12:56 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{0x0}], 0x1, 0x0) 23:12:56 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000090887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1318.019768][ T6568] loop2: detected capacity change from 0 to 1 23:12:56 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500002500000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:56 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201023) [ 1318.243711][ T6685] loop2: detected capacity change from 0 to 1 [ 1318.317624][ T6685] loop2: detected capacity change from 0 to 1 23:12:59 executing program 1: ioctl$VT_SETMODE(0xffffffffffffffff, 0x5602, &(0x7f0000000140)={0x0, 0x80, 0x8, 0x8001, 0x2}) ioctl$TIOCSERGETLSR(0xffffffffffffffff, 0x5459, &(0x7f0000000080)) timer_create(0x5, &(0x7f00000000c0)={0x0, 0x8, 0x4, @thr={&(0x7f00000001c0)="f709207f4158ce80e204224c84b18dd7e77a62190454c60d8dd83e3be2d69b01dc533da7858ffb0e08e03b0f4613756caba486ebc22c1c20cb0d7ab209d9c4b94852c1f47b78e91bf7211b3aa0e6", &(0x7f0000000340)="8f00f491e0c8a173e1585b2a15648705a766a9d1e1e058b0b535c43440209f1ade1582cac69118a4b0c13316c4a76566f5dcc8c5ddeca029bbd1a088fd6cbb0cce538c12b0cff4bfb6a9d4b136befd63bad387aaba2bf8fd05349861b16be01ad4cc5970f1a785c390c5b969fe142a7d1ac5d94f8dac12cc28c2c3eca283b0e2382ccd9bd11b62dd89dddeed5de7f6674de59ac89d4c87b7ae08f5c12cbf2acead56e07d3599ce281d8e4fbdd4c9a08bbcd7b9e6fdeee63db90da4ce3ad42413d1edaff26dc313f4e66a08d4076c961b6944f6595b0acdd67c202ec5340eb2"}}, &(0x7f0000000180)) ioctl$KDGKBTYPE(0xffffffffffffffff, 0x4b33, &(0x7f0000000740)) r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x0, 0x0, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fsetxattr$security_ima(r0, &(0x7f00000006c0), &(0x7f0000000700)=@md5={0x1, "586bdd84f8c13a344f0262b093773e67"}, 0x11, 0x2) timer_settime(0x0, 0x0, &(0x7f0000000000)={{}, {0x77359400}}, 0x0) r1 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_create(0x0, &(0x7f0000000480)={0x0, 0x3d, 0x1, @thr={&(0x7f0000000240)="3f937293e8a654deaf3c850cd3d9ed1b28aa154ee5c0143e246aa72c2d1acc0df7906f4743e6c4a2a84b0637b375c4e6f21af9f750058bb80a9f1602eb0d535df36949c8ea57b0bdfeea81750714ffa1f5fc7077bb2cebd99d2f927fda1639f9f6577f02716425ac60791dadc5a1ff0676221e03de698414ab4006d6dfb3920a1a471bb741b95f901c223e631fc5a943b35526786f1d1f3581bd053878fb83bf1ce4ebb360db959a094b2dcb66500125b9e6ccaaa405f9c2b9c6fab2d008ac651ff1e83c75b12166302931a467aa", &(0x7f0000000040)="cb4a1c18995b53db7fbd36e38b75d5bba483"}}, &(0x7f0000000540)=0x0) timer_settime(r4, 0x1, &(0x7f0000000580)={{}, {0x0, 0x989680}}, &(0x7f00000005c0)) wait4(r1, 0x0, 0x40000001, &(0x7f0000000600)) timer_settime(r2, 0x0, &(0x7f0000000500)={{}, {0x0, r3+60000000}}, 0x0) process_vm_writev(r1, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000000100)=[{&(0x7f0000217f28)=""/231, 0xe7}], 0x1, 0x0) 23:12:59 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa5000000000001a3887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:59 executing program 3: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f00000016c0)='./file0/file0\x00', 0x3bc6682a4695ed4d, 0x0) r4 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4, 0x8010, 0xffffffffffffffff, 0xcd8b1000) ioctl$SG_IO(r4, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x0, 0x0, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r5 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r5, 0x2007fff) r6 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r6, r5, 0x0, 0x201000) perf_event_open$cgroup(&(0x7f0000000280)={0x5, 0x80, 0x8, 0x1, 0xc3, 0x84, 0x0, 0x0, 0x43944, 0x5, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x3, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x4, @perf_config_ext={0xb3e, 0x401}, 0x805, 0x7f, 0xfffffc01, 0x5, 0x0, 0x15, 0x6b, 0x0, 0x3, 0x0, 0x9}, r2, 0xc, r2, 0x1) r7 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000004c0), 0x400, 0x0) r8 = syz_open_dev$tty20(0xc, 0x4, 0x0) io_submit(0x0, 0x6, &(0x7f0000001680)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x6, 0xfff, 0xffffffffffffffff, &(0x7f0000000100)="6f00c0cc576c8bdf02ebd18779830a7164713a0a3b3566020823ce524e4702dc74e645d674659fc93ae4bbf6fe1b2461ce53b948b0682ddda992b26b9abc823b80e3115be3d20000277ef81a6cb7c1df4ba614317eeeb4f974a74c43cfef781cedb44164961b1e1d18a142ad76d1f693093ce07da1cc942aaff6da25b5ae59eff1e1a5049880d0830482f68a1530ba5b6d25f5f4828b54c5c5fe23ae4e5f4ee6dc566aee53418be4267b7c07edcb", 0xae, 0x5, 0x0, 0x2}, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3, 0x7f, 0xffffffffffffffff, &(0x7f0000001700)="6df34d35fa1735ff75e47786831aee01b7eabf8dd9752f9becd41048aa8c6aef5a2556eee8f4bc82de5bf90cd15e120a9ec322a41dfafd41a06a325210c310feb27315bed5969047f8e63deef9c442ef6ba6c3673423ca43fa5b55c0ca5eb270cf19d5e7a5b53367da644c1f286d55d28ac098a2283139566d9fd638febaf8318d4b5b78374efc1c066d891a9cd33f2403af96000011a413cf81919b1817778774fd458c9e02315c460ed807e07cc6fa3b8e8a8643a7ddae82f9963ac07e82bc4167ad9941afea888c83f1ff05ac", 0xce, 0x7, 0x0, 0x3, r5}, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x3, 0x8, 0xffffffffffffffff, &(0x7f0000000400)="a92ebacc03f9deaaac6769c4b9fe1a4b0e8eb90925bf15a67540fe5e920c792fd4ed801af8c3292d8d13747a4e73b7a608ac17ae9c7580e2833c5abbcb2b545475082255e2d9ee84e73fcf96d3e50013f9a09b96b4eb80db13c6b612c6696db7d650cdfb442579f937e34e44bfd32f8fd0dd8557e1d6835b0ca3698eb5494b947c2f8b5ef00b8748ae6f04bab9f40ff414e3c3ad87b1ce1dd899b9d2a1de2621aa", 0xa1, 0x100000001, 0x0, 0x2, r3}, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x6, 0x6, r0, &(0x7f0000000340)="c9", 0x1, 0x4, 0x0, 0x1, r7}, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x1, 0x401, r4, &(0x7f0000000540)="8e2b1e2a240e89e068d0ae03eb0787490fb6807661efb56159608f7b6f5e082c020c5ddc521b99b47ec135ac526697a920e5fa2229594b83e6e14f009cc5ea3e9448e34b85f6e3bef2983e1c8d4d15d4872d148f0fbbd898cedf323124d06c76b80fbf9764a8df5f0bb8155e6bb02df46230e0245a2fc8496e52a5125585679067e5b2bfa0b3045d6f33787e021d61fc6d31a6fe0a132c606f83b46aa2d73b81db6cc8ff86c5ed270d85", 0xaa, 0x0, 0x0, 0x1}, &(0x7f0000001640)={0x0, 0x0, 0x0, 0x3, 0x54, r8, &(0x7f0000000640)="07fd8b9655efa123b54dceb9955859dd75825d192e3bd5e06ba2001aeaae5d8e0d20340b80fa064367f45006b5f927c07987d66bf86eea1c25b33716a8bce5c369147292a53b7848b91bbe355177593eacf5ec90254c3cccad4925849f49467c4f5c3dacc9fa66f9e92fb3a91eb3acfba90683817ec8f32b32557a1ed2b57044be018dfba504fd5b35153f93891436b5f2159cd3b0ccdcad80dc60de9d707096b96cfecd6c995d260423ec25b952b377d75664598e5a56e8827a00d69f5f5490133fd2152e52d026d9812a1acbfe71ee132a3a64cef88bc3d82972c52c1d5ac9f0af3e555cc10c0d986a3229b4b2815b00b505cc7690328e473d2c090b21010c47d2e56526df3c829ece4e69a9fd5fbe6f14a1f5240a38ecb8317d5a178563e12524f262d3e830e4d48086c3c772602babe5baedde21d82c65124fb1106bcbc3d0a11837cd002a86d7055157df1a42f01291f663282e40520f0eff69e19212a56baebf855782ea7a7af0ca53705769eb62dd3de374110cb230244266d56e4265fdb1b7a954d8e78c7b22f2fac961e18f6fe20f16dc0dd5ab5e201dc6dd99cab62b530551350a2d6b28f03a680aa07cce730b889782ea5b93d3578a84ceda37ae9a00afb0dc743ba5e81e40ea1434a737dc9836b5d320eb0f4366ce40ee532b857d23e513fd9dd7bef5fcfadf3ce52d1a6055571eb4687a216b031a601d16e3627f5be4cd16e5e3d8a19dc393997207b3cbe885eac29513b400a0ecb066172f05bc7927cd56948eec565a09b8dbf2f22be0aceadf89e06ea176629e845aa296026ac14985b7ffb13e08a0222c8da3b866c6e78338a0200f29f8bb586ee0192d4aee9e274b52c952f6a0ddc895c23a6f8728c9c7eec12d62561d7a0bb401cee6760c96e8bddd7a5573a6812bf860fd2ebcedd31db0173ff50c40b3389ab7ae244aa4e175b55155558fc61d556e3d36d777ac18e32a9e72d6dab54e74d9b1511ccb2ab1b85192e8e345c38700a9387ad5e1b41d822d78d0a06efa623d13a0857966386994dbbad17b202583f9585425081d9b19f796dfd94a589a55da974fac7ce6875e22c4b8128f7e455829d4b2d18ebab8e4b473286ccd6553a17363f3ed021af39efdb33d93bcec352bbab7aed805432ff7ddf6c5e2586616c92035d636bce2db1f0246a096ee060ba98c5337dcfe97b8708ec016e98ef97c34a92d4d8eaf0039ac4daa18dca3aef74625016b3fd79d5e8f944b558bb50a281d38df1a251c95ac1a2b9ad6f11237d7a33ed22662fa915cc784c6dfb5a6ba86f5323b632cc0ff5d050aeab042c5cc12910b18b4f99e37db9a459de392a7649ec687370050dc43256b9e3bad88ec50cb80a1e5311b3d7ea968942c639e9b146905eed6177ae0d2926bc6d6065f5d1c90ec5c06748115e848478070e8907dda414249d6f11fdc3471a16b2ca00d457349d5bee537cc7beff20ff6a5ae13a662d5cfddf7aee97f28bb679491e76412b583948c87979b24deb32a54d1d328a20053046ca90bda5e8366150adb939da14d6210a85c1a03501c37323eb7af1ab75a0a260aa9691a3f7ef29d3ea5a5f9c22f963fc842a055427be8bf960f402b90a44ee4f78b199b459416865deae0e3780c6531d613d20d51fc4197fab57b4493899975279975bd646453a64d3bc690f4ae5aa922bfde1c9386e6e13eab0bc06bbe876affeb31e2438dd502e5976636894842665b49716fd7050ded595f690fde09cbd634a3b317924a15912571a7b812429595fd4ed34536cda5af1bde15fb6c9dcfc98713b499ccb9cabdfcd2c53e2043f797b1870dc997884d54cb099f76e8fbc1bdae70365497a5a0aa60888d925969ead578157283cb34463d950d6288d30c17c1a72c0d10015c4847050ea24f49c7834d5cc1ce14f8f99d5eabe9b4ddf63ca33da8f70996ead77b5af6f6ca3e99fdb233fabc7af7d4f762a6106711725e16d109a2bb30a26f3519e573d3a2fd17c5d0099ba5631fde758bf47d23cd38498ed58567ad498eef2c1b43dd9b4b694b9e3325c85e7674551dd5e2666325548a71e304d7704d8e1ccc32338b5687af6e6305ac6c6b2b097fa21d6a4e3a231c40b1667a46766f8d058420388830517b47b5ac0aa95b05ada9ee11995805274e739838c8d0607b944594d3b09acc20dbc87f2fdae13c0d53d0a7530f5be0646da2be0a7fceb1d7ea0cbdf4eb9078928bc7b47b63a3e08b74d2410d34d7c42629a6c36fd8ac8f9052555d9f0d139b6dbfa464f974c81cae22f94aa4c8b7ee9f1f298a0acd234de0aa48699b088b4bf7fa513f116123e0c48486dce67100a50a70a06ecc902ba8a6fa20905ff738f8cb2328e2aa5d913a575481225f6eb747fc45fd6bc93cb3a780c1a2458a95cf10c06e86ac9f7ee281b09aab275f5afa8cb603c455c53dcf3279b5f247ba13870b5ce88320b0ab4677c5900a048bc943cb811853bd47fc388507709d96297b552e1e9b28a6e33c8e1983c08a461b1aed0475e404e12bd4a41f196a12fd955fd51e961cfdce425a87af7d0e1a2b75115ba68d8c9950e92fc6131f51e1a6aa39a7c117eeb5e52565c84021afef1aaa4e4bf9887194938ab00656f81dbee7d233a67e7d386b3b586c277fd5c620fb0dbbeb2897da5c742e80887cb57adbc408a19a7d2cbf632122bb543117783396be66122ac2e0f512fcc0d15a345c2a268747fa8e3763d98b4445a59d2b712e66cdf4049a809f3040a4528a9e4a59b1c96a657c5996450d81b826fe82bb78bb40a3357f83eeb6ab29ea4776ec189b7126825650c4cb4f007789bff94a294dad55eecb7a987ebbfe552a5367771a34c524eafe9ce6c899dd23c7e3a19ba5e5e5288aa69e22676829fe2b4ae9d8a873eda68af9b5396dc0833807f4321a936e88e7dffbc2fa72208de0d219cad53e99da4d5f0068e355fcef9efc569af11c9ff3fe10f874cbde589f1b606cdc37cd27340f52327e9c75cf27419d340b0c04a20ccf802a39cdccf0d1a40329cda2141a5bf3aca7880c045f598b4f0fbd96d086222fd46382ffeacf7e6da0f06d2c1b233527814fdfa5b5899470769fa15dce069d385a5f0b21b7dd264863f0d535f081cece73e18f725a250329b56c6f39c044a3569121531c79c0d0174edc74df2d04e156492e80767e3ff5bc8b0d283a709e77589882fc5a356bbecc07b4689f4449de0c4c26c346bca79ea8b2bc8dbfcb9b572592a145992bc605a7607b8a215d482b6fbd59b75f91ed15c97c0ecb9a72549b4d0085866b3c32164875d626abd086b642fb66071fe2f6413e8c19908f65489d6616a3cceafba8b9369a34dca261ba351d796527926606fe8358ee8660f8586d4f2a4036f4807ab1521541532577169fa12e5648cfeacabf13fe8bd84ab02e46d005084d16999daf42bb1523dce7b12ccc687c2599eda0b4a4d369308fdb0b3ddf75cc4968164a1c1e207df6997b8cee6f6b00dd885a23197eb58b70aafc107cdc8a5f0a274cb69a31aa3de925b49c08acf72b9f7fdbdde1f2d3a30d8b57609aa0bd5b5842567352f27d5d685c969bc4ffa0931033be0ef70212ac52931173b0ab0051c144e5ece742fb3d5ad8187d64c18a0efbdcdf3948bdce5efd469a1888cfa43cdda5163c16ff11f3fae435e47a1da4514a51bb3ca99f076e2150f97ddba40d75ff85dbe04b6c91f490aac42b6c8864b3899584d9cc811a3cd0818747e2bfc318888efb90052acd42c72fd3e6fef849df79a4b503b2b847485ce794fffe7e9df150bbef77aa912dc96116e48b7ca6d16deba212883bac985506407bdbb03dc5dd4703f18dbc1411afa1feb60f1a9012f469be383d8bba532c8afa3b875c6f9aa4ceaa792cc71da7832d84c557032883126b0e86a642e94167d3b9abd6cbdd107a2b894e594a82e241cf29af8c881cef9d010eccebe4c8921eba366333d31f5eabb5c811e4575bf3e7e24215e041238d90c31b6ae8169caf6a761b1dbcd3f6e3de2a759cb0519699423d2a4a7c6fd1fd25b35be50cf9a20d392d6b83ad3c13a0a0ab7fbd7909b053700e6699d88927cbd1bcbb2d7989fe281fb35c461c51fe2aaa4db55b89812cfca45e2dc9b3b6a0187b77197b1059823899dc39836e33ff7dcf4bb6d6cb4b278e6df42c6e4a42fae4a41033b131b536abbd59c75e81f1934a9e58e74bcbbfd5e175f768fab0f82aa3ec70ad0aef101403970f9a56245f44d149e9e939e990a1fba7520111da298bc5e374b8743840c6a980cedeb30c280931d12804ab36e8fdff6443bb6bd8a334593513182a03fe1eeb13d0aa34ed6cfee938051858e80a054688b735c352a33f203c340feb2b630de66492de5292bccb8297b810d2041ac0da988f2ab72668cb22825d06527da22439a7cd958be51c2d2d56680ace38fe76ff7596c40648addca7b1d36a8eb47c1b5ca60320d94a848a798c15a1a714bc853b83f8cbd9aadedb0d25862ceea4464f8bf9eaf84652825bdcf5208d56920f6a75327d121efe8cd750c72107f27f6a5396afbdeeaa49ef506fe42aeb14fd9d472a3c681ef2cb0a5647d333dcc0174cd912b2f67fafdd70bc422b7b6b3d1019dd57cbc6e380551ca8244bee9eedeba1d7e9588fe6011059c67c159e64301fca6d8f0a97b26a30b3fa761c743a8de7e3815305a5be961c166811a03904a6e6180fce8d1187ba4f7d7ff352f63d55e4a25d31d083f3bd1fc13de3efe7ae3bb2480b9014e9583656bb40deeea63eb614ee5b27ae523b01830378454d0cac609d00856609d07c2114010bca2e6534f5b2019194b9acfaf7d9680b885c79e54ee50f6f033fe819001a6d111b3ca77f8abeb16bf0b19e1588ada1c2ba389a22dc403adf92c9243574b5238080905006994f341da4a39d01bf5b122c77fc46de80fb30bec3a51657c63371ba212c9f57659dfbc667de98ae3a44c9340094898f654244497e70dfbf33667d8837ba45f77b9692517633044952b35499787001c46938132f45de84fd31440a3e6b8d495095e656752be8d2f6345cc3fd98ce03bf064dbdc5f64b6e9f6f8e46b955814d44f4b7fb1ca6de2767ab19944fc8dc3c2f27e6869e0484d195cde6ab872057a75be67c78f18b5ef39c655f5fec1107f352759f12edc06b69bd13a4b75cae596636b05ebbeb9837b305698e13eb43cf46be1dffb7471a4cef6f4d9a188848bd6c6410b2f3f6d4951e3babbce6f0a9d34d7a84a47e8c0480db563bf078c344173eeda07f6474865f5eb01a91e250d7e99a1f3e98c534923a67a3496c38b9de4b66d493fd178d64c7c5efa14abeea4637cd476c222336495fa97259191fd65a87c17833ac92cf4269692611b5c15a7e57479b8a8b010884f4462348df8ba4609977f344d48caadf02cc2e4720947a2295795d4d332e81b29406c5c13eb20bd1cbabc4d75327cf77edcb1d7ddf4a89e5d0ec8b550e9552e76dc1a7bdc8c2b89ab67a291bc8be6ff6936ad3a527ad289dbfbbd77bb1e908fc23105dcd1859d60986428139592165f3652affd92a0cc9fde85e0d1dc86d8978aabe6e54e70d063e3a0d9ca2c05ce9179d3fac8f0ed8fc772f6ba81759bd840bbded549166fdc5de4f12038e7300a63a56bbdcd93e69be1051c49e8aa105cb7e57dc80c41c9cad7f3c1e8fd23f295aed3e355e7db178c0165730b5baa36d1acc4de1c60a0f5bd927eeb758051d8d13e7e874321ffadbd90ef4aa9db86e8c2498679edddc353542eacf5de1eabea9a5ab21f6067e5a0c02a1a778f8ef75935050f65a9262b8dab6", 0x1000, 0x0, 0x0, 0x2, r3}]) close(r4) r9 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r3, r9, 0x0, 0x80000001) 23:12:59 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x4, 0xf6, 0x20, 0x4, 0x0, 0x0, 0x84, 0x6, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext={0x3, 0x100000000}, 0x200, 0x5a24, 0x1ff, 0x8, 0x10001, 0x2, 0x2, 0x0, 0x1, 0x0, 0x6}, 0xffffffffffffffff, 0x1, r0, 0x2) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x80000001) 23:12:59 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500003f00000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:59 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201024) 23:12:59 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa50000000000fffe887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1320.831101][ T6795] loop2: detected capacity change from 0 to 1 [ 1320.898524][ T6795] loop2: detected capacity change from 0 to 1 23:12:59 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)=0x0) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r1 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r2, 0x0, &(0x7f0000000500)={{}, {0x0, r3+60000000}}, 0x0) timer_gettime(r0, &(0x7f0000000040)) process_vm_writev(r1, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:12:59 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500004000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:59 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000fff887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1321.126245][ T6910] loop2: detected capacity change from 0 to 1 23:12:59 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa50000000000feff887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:59 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x26, 0x0, @thr={&(0x7f0000000080)="692ac808db62f7e15c6ec194cb582bc19f8b9be26cfdac5f4fe21804685957", &(0x7f0000000100)="49c23b4839abaca9a3769d4b470bb86904aa0eb4defbfba020b772f3f0b8bf319d17a5afce9d9392ffc5523cd3d6283ca3b9765eed35155e6aebf1278b573a7382d73924b48b53ac9581b80b315e81c74d7a0d37f95379b18eec296ae71486b9832eebf946b5a8ae80f8ab45c5863f056f326adc1858ab12bf752fc4fc0595d72792926a3263f5f18c1201460b81bdf3ccf7ba15e1f5725a40d354804bd0445a8cbe7e1da8"}}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) prlimit64(r0, 0xd, &(0x7f0000000040)={0x3}, 0x0) clock_gettime(0x0, &(0x7f00000001c0)={0x0, 0x0}) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) timer_settime(r5, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) timer_settime(r5, 0x1, &(0x7f0000000200)={{}, {r3, r4+10000000}}, &(0x7f0000000240)) 23:12:59 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201025) 23:12:59 executing program 3: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201009) [ 1321.217851][ T6910] loop2: detected capacity change from 0 to 1 23:12:59 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500004800000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:59 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f0000000040)='./bus\x00', 0x14d842, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x80000001) 23:12:59 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) clock_gettime(0x5, &(0x7f0000000040)) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/240, 0xf0}], 0x1, &(0x7f0000000180)=[{&(0x7f0000000100)=""/87, 0x57}, {&(0x7f0000000080)=""/34, 0x22}], 0x2, 0x0) 23:12:59 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000002887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1321.477731][ T7128] loop2: detected capacity change from 0 to 1 23:12:59 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000003887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:59 executing program 1: r0 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r0, 0x2007fff) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r1, r0, 0x0, 0x201000) r2 = socket$netlink(0x10, 0x3, 0xf) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001000), 0xffffffffffffffff) sendmsg$NL80211_CMD_DEL_KEY(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x20, r3, 0x1, 0x0, 0x0, {{}, {@void, @val={0xc}}}}, 0x20}}, 0x0) sendmsg$NL80211_CMD_DEL_KEY(r0, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000080)={&(0x7f0000000100)={0x84, r3, 0x10, 0x70bd27, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x3, 0x1f}}}}, [@NL80211_ATTR_KEY_DATA_WEP40={0x9, 0x7, "0aef7bb166"}, @NL80211_ATTR_KEY={0x10, 0x50, 0x0, 0x1, [@NL80211_KEY_DEFAULT_TYPES={0x4}, @NL80211_KEY_IDX={0x5, 0x2, 0x5}]}, @NL80211_ATTR_KEY_DATA_WEP40={0x9, 0x7, "9b680fd994"}, @NL80211_ATTR_KEY={0x34, 0x50, 0x0, 0x1, [@NL80211_KEY_DEFAULT_MGMT={0x4}, @NL80211_KEY_DEFAULT={0x4}, @NL80211_KEY_TYPE={0x8, 0x7, 0x1}, @NL80211_KEY_CIPHER={0x8, 0x3, 0xfac01}, @NL80211_KEY_DATA_WEP104={0x11, 0x1, "2eaac77f41463fcc9eb9d73370"}, @NL80211_KEY_DEFAULT={0x4}]}, @NL80211_ATTR_KEY_IDX={0x5, 0x8, 0x2}]}, 0x84}, 0x1, 0x0, 0x0, 0x20}, 0xc090) timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r4 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r5, 0x0, &(0x7f0000000500)={{}, {0x0, r6+60000000}}, 0x0) process_vm_writev(r4, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) [ 1321.567535][ T7128] loop2: detected capacity change from 0 to 1 23:12:59 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500004c00000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:59 executing program 3: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500004800000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:12:59 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201026) 23:12:59 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000004887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:13:00 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) syz_open_procfs(r0, &(0x7f0000000040)='net/ip6_tables_names\x00') wait4(r0, &(0x7f0000000080), 0x8, &(0x7f0000000100)) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:13:00 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000005887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1321.811410][ T7447] loop2: detected capacity change from 0 to 1 [ 1321.820475][ T7448] loop3: detected capacity change from 0 to 1 [ 1321.885369][ T7450] selinux_netlink_send: 66 callbacks suppressed [ 1321.885385][ T7450] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=35144 sclass=netlink_xfrm_socket pid=7450 comm=syz-executor.4 [ 1321.906916][ T7450] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=34247 sclass=netlink_xfrm_socket pid=7450 comm=syz-executor.4 [ 1321.921355][ T7450] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=53893 sclass=netlink_xfrm_socket pid=7450 comm=syz-executor.4 23:13:00 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 1) [ 1321.935090][ T7450] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=53481 sclass=netlink_xfrm_socket pid=7450 comm=syz-executor.4 [ 1321.977878][ T7447] loop2: detected capacity change from 0 to 1 [ 1322.137616][ T7559] FAULT_INJECTION: forcing a failure. [ 1322.137616][ T7559] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1322.150797][ T7559] CPU: 0 PID: 7559 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1322.160521][ T7559] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1322.170575][ T7559] Call Trace: [ 1322.173878][ T7559] [ 1322.176887][ T7559] dump_stack_lvl+0xd6/0x122 [ 1322.181564][ T7559] dump_stack+0x11/0x1b [ 1322.185857][ T7559] should_fail+0x23c/0x250 [ 1322.190354][ T7559] should_fail_usercopy+0x16/0x20 [ 1322.195490][ T7559] _copy_from_user+0x1c/0xd0 [ 1322.200227][ T7559] iovec_from_user+0xc4/0x2e0 [ 1322.205001][ T7559] __import_iovec+0x57/0x2d0 [ 1322.209637][ T7559] ? debug_smp_processor_id+0x18/0x20 [ 1322.215029][ T7559] ? try_charge_memcg+0x9a3/0xa10 [ 1322.220076][ T7559] import_iovec+0x69/0x80 [ 1322.224423][ T7559] process_vm_rw+0xee/0x540 [ 1322.228959][ T7559] ? _kstrtoull+0x301/0x320 [ 1322.233471][ T7559] ? debug_smp_processor_id+0x18/0x20 [ 1322.238861][ T7559] ? perf_trace_sys_enter+0x83/0x2f0 [ 1322.244150][ T7559] __x64_sys_process_vm_writev+0x76/0x90 [ 1322.249874][ T7559] do_syscall_64+0x44/0xa0 [ 1322.254301][ T7559] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1322.260266][ T7559] RIP: 0033:0x7fede691aae9 [ 1322.264679][ T7559] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1322.284282][ T7559] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1322.292709][ T7559] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1322.300688][ T7559] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000002454 [ 1322.308753][ T7559] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 [ 1322.316727][ T7559] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000001 [ 1322.324700][ T7559] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1322.332700][ T7559] 23:13:00 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000006887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:13:00 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500006800000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:13:00 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() r1 = gettid() ptrace$setregs(0xd, r1, 0x20, &(0x7f0000000100)="04dbcb400477631cfd93496430fea08fff61d201d20294a80549511b52b3990a585606722ea3d93692e36257e25cd5f24bfffd038d1edccb286a86a1bf4eee11e9c41b430b49ae43f47863d9050d80e43153f9cad96bd2a387f3acd4a04de49d0bf731f4ab1f383806ceec69d825a1568d") tkill(r1, 0x9) timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r2, 0x0, &(0x7f0000000500)={{}, {0x0, r3+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000040)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000), 0x0, 0x0) 23:13:00 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 2) 23:13:00 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201027) 23:13:00 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x0, 0x0, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r5, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x0, 0x0, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r6 = openat$null(0xffffffffffffff9c, &(0x7f0000000d00), 0x101001, 0x0) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r2, 0xc0189375, &(0x7f0000000d40)={{0x1, 0x1, 0x18, r4}, './bus\x00'}) r8 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r8, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x0, 0x0, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r9 = syz_mount_image$msdos(&(0x7f0000000d80), &(0x7f0000000dc0)='./bus\x00', 0x1, 0x6, &(0x7f0000001280)=[{&(0x7f0000000e00)="4c3b19d559b03ef1079dfd727271619a25db1d8e8ece55b445272f5c17c3ffa9a779d438f0bc8afbec232b7354d73745c1c22367c02a93948b53845116a7e9e729540b906ba679eb7c4a745b9ab1d6b05d8119b1f2dd643a9500d5f8c37778c5655e88f7eea6e390d27dbd069d3680e195845b96a50bf8e4865bab67d68e7256bf79f3d027916b3f798cd11b10caabd3501cc57ef8e1071f3b34f59f1bc46dafb860ab2ba3473ea5fd4d7690cf8e042305d8bfb47c823be745d5", 0xba, 0x2}, {&(0x7f0000000ec0)="5437d870f2c9dc49d49eca6d381abe0dc5b31e1bf419d28550baa07e458791b9a79d3ad393862c53a73cf2d0436cbd239433fd4d1083ab9d1dda246f23dc72a2c3badcc431d632904685605bc41ec5cbddfe45da6e604d502a8e426b07b18124bbd8f125cb27cc2bd30003116e24445addffcf831752e9558031eccad0751314bc0ee38830b6012103c6e5c870c9ce9b221f986b17e648ff384d07eb6e656ca532f3a4d3fbab728215219b63d6023292bedc266a8683f269fdba4108fd2c31b4f7eea3c3f473d2cf3f6f81", 0xcb, 0x2}, {&(0x7f0000000fc0)="bb8b175c74fa9bc9380654156099c68fdf72549a309bcbe92d77ad0fe22b204ed60164ccc9ef17069146da5bfbd2363cae49228522b1293793443c796f842103571fe38f72e112b7e83d51156c61fe1b35aff2df91584e74b8dd706d3bfb06c70fddb50b77aa59f0192da05a8484996374b6a905f2a9b44366aaeeea79c7a0acb01b574eb222b7361e66289bda0ad2e9c949ce97ee394540bc3e5bc27c4160414e104abf4e150fc707d213f0674a59e1ad786562e374696040e64759a02dfb79170062aa9e0fef30ca6c6e2a150ab4f87949aa08ede5fcabbf794d098a48c3c0827229aff09ab171395f637fa9ac67f6cce3f5816f1695710e184043", 0xfc, 0x9}, {&(0x7f00000010c0)="88ff255390862927c750de2f7c67610402d9bf6ef663eadc0573e2b27881bcd68f2f3070c3ada5f0727541b3183d7ce4f59e47ad1da4c8c6bbf1802ecde1b941070b7d5c910e22b69239e977f22be98b2209ffb22dc8", 0x56, 0x4}, {&(0x7f0000001140)="1417b6111ac54ded8f7c4b1f269ba7326a561c5a09c421eac0a731c45f5c434de0f6f2914bc843dcc82b46ecb5ceff781ca2e4339787c082a45680e7a89fbef005bd63a11d3ef4e6be02c6ec7c24df9b15e2967712f55201984a3fd113fc7d572fbdfc11ff014e8dcf64c3bafb63e8d83e49d7943ae5944f8b8f8b33", 0x7c, 0x9}, {&(0x7f00000011c0)="f75918733e16c72bcf2d4620b5e64d99f6dbc49bb582a784a7da86ab377ae435dfd7ef47813bde8e5357a902bae7e08458a902ec3959f6f3f66373fec7e77e484c02110c76e2d24f49aba5d6574c7d67491144520c2783a72205341dda83c400d75e9b01ee26a1f4f870e86fd190d62d14d64aedded0ee4a41b625e5337d4246001ca4c8eb331dc849be2c1805ee68b1e7ace5af7a653d8c2e4b46ea7d33cf22e54a20cbb3319a022d", 0xa9, 0x6}], 0x40000, &(0x7f0000001340)={[{@fat=@flush}, {@nodots}, {@dots}, {@fat=@usefree}, {@nodots}, {@fat=@debug}, {@dots}, {@nodots}, {@fat=@flush}, {@nodots}]}) r10 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r10, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x0, 0x0, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r11 = creat(&(0x7f00000013c0)='./bus\x00', 0x20) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000001580)=[{{&(0x7f0000000100)=@file={0x1, './bus\x00'}, 0x6e, &(0x7f0000000080)=[{&(0x7f0000000180)="5bbb87ce1a3a9ff08f8d15367096f4daf7a5f603d0aa690a1facd30b75bfa9fa40c16bd82c055363d1b2c7fd82b419e58a7c8903a674a8ab19cb43f3e6cf8abdbc7c99b5c5fdb091db7f1a4fccd4ca87a26a462eb4646513e8076c635a8b81e134ff34dd8cea38b4532b0df45f188c278c883a1360caa2d1a687a33e3c8ce1bcf4eb28efd8946a120ae55c53018cf686ef59b90bf498a07a2e4aa0083d00e6e4b8a2877d6da6d43e", 0xa8}, {&(0x7f0000000240)="75207c10b5ca71b32702bebd95e41fbea463530b63b5f46521b8c5e0b89082305ad6c57b470cfe8821cbe693f159fce753858f4f6eac6eb246fc81af1d4136cd3fd3dee4b8cb19ea31314632348f5f6e4a548f6bcdc63f83a1a51b7b6603c1e2387a105c19714beb5918692c41184c289832614da7b6a7ee73b3a58e8bf0", 0x7e}], 0x2, &(0x7f0000000440)=[@cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, 0xee01}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee00}}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, r1, r4, 0xffffffffffffffff, r3, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xffffffffffffffff}}}], 0x90, 0x48000}}, {{0x0, 0x0, &(0x7f0000000600)=[{&(0x7f0000000500)="0f7112a9", 0x4}, {&(0x7f0000000540)="a447a89bbbf5e8b76a2598e153077b4569a3aad2825c0bf4d513e89bc32f0dfe65e099ba2d68296f2b1bac4032400ad9e3f32a0193c8aa8952b6", 0x3a}, {&(0x7f0000000580)="55e8205d7e08c585b2bdd7abf50b58d6f4c6a43ef1ea472406fa66504eafd1b753", 0x21}, {&(0x7f00000005c0)="2b18e3604b9b2ad2d915fb63bb0d368f27", 0x11}], 0x4, &(0x7f0000001400)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r1, r3, r0, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, r0, r2, 0xffffffffffffffff, 0xffffffffffffffff, r1, r3]}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff}}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, 0x0, 0xee01}}}, @rights={{0x24, 0x1, 0x1, [r3, 0xffffffffffffffff, 0xffffffffffffffff, r4, r1]}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, r1, r3, r5, r3, r3, r6, 0xffffffffffffffff, r7]}}, @rights={{0x28, 0x1, 0x1, [r1, r2, r8, r9, r10, r11]}}], 0x160, 0x4000812}}], 0x2, 0x26000840) sendfile(r3, r4, 0x0, 0x80000001) 23:13:00 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000007887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1322.441843][ T7563] loop2: detected capacity change from 0 to 1 [ 1322.498434][ T7568] FAULT_INJECTION: forcing a failure. [ 1322.498434][ T7568] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1322.511561][ T7568] CPU: 0 PID: 7568 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1322.521368][ T7568] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1322.531482][ T7568] Call Trace: [ 1322.534756][ T7568] [ 1322.537681][ T7568] dump_stack_lvl+0xd6/0x122 [ 1322.542282][ T7568] dump_stack+0x11/0x1b [ 1322.546810][ T7568] should_fail+0x23c/0x250 [ 1322.551240][ T7568] should_fail_usercopy+0x16/0x20 [ 1322.556696][ T7568] _copy_from_user+0x1c/0xd0 [ 1322.561315][ T7568] iovec_from_user+0xc4/0x2e0 [ 1322.565991][ T7568] ? import_iovec+0x69/0x80 [ 1322.570499][ T7568] process_vm_rw+0x157/0x540 [ 1322.575094][ T7568] ? _kstrtoull+0x301/0x320 [ 1322.579654][ T7568] ? debug_smp_processor_id+0x18/0x20 [ 1322.585030][ T7568] ? perf_trace_sys_enter+0x83/0x2f0 [ 1322.590339][ T7568] __x64_sys_process_vm_writev+0x76/0x90 [ 1322.595985][ T7568] do_syscall_64+0x44/0xa0 [ 1322.600556][ T7568] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1322.606901][ T7568] RIP: 0033:0x7fede691aae9 [ 1322.611315][ T7568] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1322.631447][ T7568] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1322.639860][ T7568] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1322.647935][ T7568] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000002456 [ 1322.655905][ T7568] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 [ 1322.663877][ T7568] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000001 [ 1322.671914][ T7568] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1322.679939][ T7568] 23:13:00 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() clock_gettime(0x0, &(0x7f0000000040)={0x0, 0x0}) timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x77359400}, {r1, r2+10000000}}, &(0x7f0000000100)) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f0000000500)={{}, {0x0, r3+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00000001c0)=""/248, 0xf8}], 0x1, &(0x7f0000121000)=[{&(0x7f00000002c0)=""/247, 0xf7}], 0x1, 0x0) timer_create(0x0, &(0x7f0000000140)={0x0, 0x8, 0x2, @tid=r0}, &(0x7f0000000180)) 23:13:00 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 3) [ 1322.696802][ T7563] loop2: detected capacity change from 0 to 1 23:13:01 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500006c00000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:13:01 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000008887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1322.852012][ T7578] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=35144 sclass=netlink_xfrm_socket pid=7578 comm=syz-executor.4 [ 1322.865529][ T7580] FAULT_INJECTION: forcing a failure. [ 1322.865529][ T7580] name failslab, interval 1, probability 0, space 0, times 0 [ 1322.878174][ T7580] CPU: 0 PID: 7580 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1322.888054][ T7580] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1322.898124][ T7580] Call Trace: [ 1322.901411][ T7580] [ 1322.904351][ T7580] dump_stack_lvl+0xd6/0x122 [ 1322.908943][ T7580] dump_stack+0x11/0x1b [ 1322.913160][ T7580] should_fail+0x23c/0x250 [ 1322.917578][ T7580] ? process_vm_rw+0x298/0x540 [ 1322.922382][ T7580] __should_failslab+0x81/0x90 [ 1322.927144][ T7580] should_failslab+0x5/0x20 [ 1322.931720][ T7580] __kmalloc+0x6f/0x370 [ 1322.935942][ T7580] ? iovec_from_user+0x2a6/0x2e0 [ 1322.940938][ T7580] ? import_iovec+0x69/0x80 [ 1322.945443][ T7580] process_vm_rw+0x298/0x540 [ 1322.950102][ T7580] __x64_sys_process_vm_writev+0x76/0x90 [ 1322.955773][ T7580] do_syscall_64+0x44/0xa0 [ 1322.960255][ T7580] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1322.966220][ T7580] RIP: 0033:0x7fede691aae9 [ 1322.970627][ T7580] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1322.990247][ T7580] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1322.998652][ T7580] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1323.006628][ T7580] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000002458 [ 1323.014595][ T7580] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 [ 1323.022574][ T7580] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000001 [ 1323.030554][ T7580] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1323.038545][ T7580] 23:13:01 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000640)=0x0) clock_gettime(0x0, &(0x7f0000000280)={0x0, 0x0}) timer_settime(r0, 0x0, &(0x7f00000002c0)={{0x77359400}, {r1, r2+60000000}}, &(0x7f0000000300)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r3 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) timer_settime(r4, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) timer_settime(r4, 0x0, &(0x7f0000000100)={{}, {0x77359400}}, &(0x7f0000000140)) clock_gettime(0x0, &(0x7f00000004c0)) timer_create(0x4, &(0x7f0000000040)={0x0, 0x26, 0x4, @tid=r3}, &(0x7f0000000080)) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) timer_settime(r5, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) timer_settime(r5, 0x0, &(0x7f0000000500)={{}, {0x0, 0x3938700}}, 0x0) clock_gettime(0x0, &(0x7f00000001c0)={0x0, 0x0}) timer_settime(r5, 0x1, &(0x7f0000000240)={{r6, r7+10000000}, {0x77359400}}, 0x0) 23:13:01 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 4) [ 1323.048014][ T7578] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=34247 sclass=netlink_xfrm_socket pid=7578 comm=syz-executor.4 [ 1323.071262][ T7578] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=53893 sclass=netlink_xfrm_socket pid=7578 comm=syz-executor.4 [ 1323.084785][ T7578] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=53481 sclass=netlink_xfrm_socket pid=7578 comm=syz-executor.4 [ 1323.187360][ T7685] loop2: detected capacity change from 0 to 1 [ 1323.227404][ T7771] FAULT_INJECTION: forcing a failure. [ 1323.227404][ T7771] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1323.240719][ T7771] CPU: 0 PID: 7771 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1323.250438][ T7771] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1323.260587][ T7771] Call Trace: [ 1323.263868][ T7771] [ 1323.266904][ T7771] dump_stack_lvl+0xd6/0x122 [ 1323.271510][ T7771] dump_stack+0x11/0x1b [ 1323.275668][ T7771] should_fail+0x23c/0x250 [ 1323.280095][ T7771] __alloc_pages+0x102/0x330 [ 1323.284694][ T7771] alloc_pages+0x382/0x3d0 [ 1323.289159][ T7771] pte_alloc_one+0x29/0xb0 [ 1323.293678][ T7771] __pte_alloc+0x2f/0x200 [ 1323.298027][ T7771] ? _raw_spin_unlock_irqrestore+0x3d/0x60 [ 1323.304058][ T7771] do_anonymous_page+0x78d/0x8d0 [ 1323.309048][ T7771] ? cgroup_rstat_updated+0x34/0x100 [ 1323.314349][ T7771] ? __rcu_read_unlock+0x5c/0x290 [ 1323.319468][ T7771] handle_mm_fault+0x814/0x1590 [ 1323.324362][ T7771] ? pud_huge+0x9/0x20 [ 1323.328573][ T7771] __get_user_pages+0x388/0xc80 [ 1323.333534][ T7771] __get_user_pages_remote+0x17f/0x610 [ 1323.339017][ T7771] ? iovec_from_user+0x2a6/0x2e0 [ 1323.343961][ T7771] pin_user_pages_remote+0x58/0x80 [ 1323.349085][ T7771] process_vm_rw_single_vec+0x17d/0x460 [ 1323.354801][ T7771] process_vm_rw+0x3a2/0x540 [ 1323.359550][ T7771] __x64_sys_process_vm_writev+0x76/0x90 [ 1323.365198][ T7771] do_syscall_64+0x44/0xa0 [ 1323.369850][ T7771] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1323.375757][ T7771] RIP: 0033:0x7fede691aae9 [ 1323.380188][ T7771] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1323.399933][ T7771] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1323.408443][ T7771] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1323.416548][ T7771] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 000000000000245a [ 1323.424492][ T7874] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=35144 sclass=netlink_xfrm_socket pid=7874 comm=syz-executor.4 23:13:01 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201028) 23:13:01 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000009887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1323.424698][ T7771] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 [ 1323.445598][ T7771] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000001 [ 1323.453570][ T7771] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1323.455150][ T7874] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=34247 sclass=netlink_xfrm_socket pid=7874 comm=syz-executor.4 [ 1323.461808][ T7771] 23:13:01 executing program 1: getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000040)={0x0}, &(0x7f0000000080)=0xc) timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)=0x0) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) timer_settime(r1, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) clock_gettime(0x0, &(0x7f00000001c0)) timer_settime(r2, 0x0, &(0x7f0000000300)={{0x0, 0x989680}}, &(0x7f0000000240)) r3 = gettid() timer_settime(r1, 0x1, &(0x7f00000002c0)={{0x77359400}, {0x0, 0x989680}}, 0x0) timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r4, 0x0, &(0x7f0000000500)={{}, {0x0, r5+60000000}}, 0x0) process_vm_writev(r3, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) timer_create(0x1, &(0x7f0000000340)={0x0, 0x13, 0x2, @tid=r0}, &(0x7f0000000380)=0x0) timer_settime(r6, 0x1, &(0x7f00000003c0)={{0x77359400}}, &(0x7f0000000400)) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000100)=0x0) timer_create(0x2, &(0x7f0000000140)={0x0, 0x39, 0x0, @tid=r7}, &(0x7f0000000180)) 23:13:01 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 5) [ 1323.509466][ T7685] loop2: detected capacity change from 0 to 1 [ 1323.688662][ T7975] FAULT_INJECTION: forcing a failure. [ 1323.688662][ T7975] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1323.702020][ T7975] CPU: 0 PID: 7975 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1323.711762][ T7975] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1323.722085][ T7975] Call Trace: [ 1323.725369][ T7975] [ 1323.728374][ T7975] dump_stack_lvl+0xd6/0x122 [ 1323.732980][ T7975] dump_stack+0x11/0x1b [ 1323.737163][ T7975] should_fail+0x23c/0x250 [ 1323.741723][ T7975] __alloc_pages+0x102/0x330 [ 1323.746374][ T7975] alloc_pages_vma+0x5ee/0x770 [ 1323.751230][ T7975] ? __pte_alloc+0x130/0x200 [ 1323.755920][ T7975] do_anonymous_page+0x169/0x8d0 [ 1323.760986][ T7975] ? cgroup_rstat_updated+0x34/0x100 [ 1323.766293][ T7975] ? __rcu_read_unlock+0x5c/0x290 [ 1323.771593][ T7975] handle_mm_fault+0x814/0x1590 [ 1323.776516][ T7975] ? pud_huge+0x9/0x20 [ 1323.780625][ T7975] __get_user_pages+0x388/0xc80 [ 1323.785596][ T7975] __get_user_pages_remote+0x17f/0x610 [ 1323.791125][ T7975] ? iovec_from_user+0x2a6/0x2e0 [ 1323.796405][ T7975] pin_user_pages_remote+0x58/0x80 [ 1323.801642][ T7975] process_vm_rw_single_vec+0x17d/0x460 [ 1323.807207][ T7975] process_vm_rw+0x3a2/0x540 [ 1323.812253][ T7975] __x64_sys_process_vm_writev+0x76/0x90 [ 1323.817976][ T7975] do_syscall_64+0x44/0xa0 [ 1323.822414][ T7975] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1323.828331][ T7975] RIP: 0033:0x7fede691aae9 [ 1323.832751][ T7975] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1323.852678][ T7975] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1323.861101][ T7975] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1323.869080][ T7975] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 000000000000245c [ 1323.877236][ T7975] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 23:13:01 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r3, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x0, 0x0, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fcntl$setflags(r3, 0x2, 0x0) r4 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) bind(r2, &(0x7f0000000040)=@alg={0x26, 'hash\x00', 0x0, 0x0, 'xxhash64\x00'}, 0x80) sendfile(r4, r5, 0x0, 0x80000001) 23:13:01 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500007400000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:13:01 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa50000000000000a887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:13:02 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) r3 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r3, 0x2007fff) r4 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r4, r3, 0x0, 0x201000) clock_gettime(0x0, &(0x7f0000008e40)) [ 1323.885219][ T7975] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000001 [ 1323.893211][ T7975] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1323.901285][ T7975] 23:13:02 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 6) 23:13:02 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201029) 23:13:02 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa50000000000000b887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1324.026788][ T8106] loop2: detected capacity change from 0 to 1 [ 1324.085616][ T8111] FAULT_INJECTION: forcing a failure. [ 1324.085616][ T8111] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1324.099280][ T8111] CPU: 0 PID: 8111 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1324.108999][ T8111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1324.119283][ T8111] Call Trace: [ 1324.122562][ T8111] [ 1324.125523][ T8111] dump_stack_lvl+0xd6/0x122 [ 1324.130240][ T8111] dump_stack+0x11/0x1b [ 1324.134401][ T8111] should_fail+0x23c/0x250 [ 1324.138907][ T8111] __alloc_pages+0x102/0x330 [ 1324.143673][ T8111] alloc_pages_vma+0x5ee/0x770 [ 1324.148457][ T8111] ? lru_cache_add+0x37/0x50 [ 1324.153326][ T8111] do_anonymous_page+0x169/0x8d0 [ 1324.158279][ T8111] ? cgroup_rstat_updated+0x34/0x100 [ 1324.163596][ T8111] ? __rcu_read_unlock+0x5c/0x290 [ 1324.168747][ T8111] handle_mm_fault+0x814/0x1590 [ 1324.173687][ T8111] ? _raw_spin_unlock+0x2e/0x50 [ 1324.178625][ T8111] __get_user_pages+0x388/0xc80 [ 1324.184100][ T8111] __get_user_pages_remote+0x17f/0x610 [ 1324.189596][ T8111] ? iovec_from_user+0x2a6/0x2e0 [ 1324.194620][ T8111] pin_user_pages_remote+0x58/0x80 [ 1324.200268][ T8111] process_vm_rw_single_vec+0x17d/0x460 [ 1324.205841][ T8111] process_vm_rw+0x3a2/0x540 [ 1324.210797][ T8111] __x64_sys_process_vm_writev+0x76/0x90 [ 1324.216520][ T8111] do_syscall_64+0x44/0xa0 [ 1324.220958][ T8111] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1324.228072][ T8111] RIP: 0033:0x7fede691aae9 [ 1324.232486][ T8111] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1324.252714][ T8111] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1324.261224][ T8111] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1324.269514][ T8111] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 000000000000245e [ 1324.277480][ T8111] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 [ 1324.285450][ T8111] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000001 [ 1324.293560][ T8111] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1324.301563][ T8111] 23:13:02 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa50000000000000c887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:13:02 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) truncate(&(0x7f0000000040)='./bus\x00', 0x8) sendfile(r3, r4, 0x0, 0x80000001) 23:13:02 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 7) [ 1324.342670][ T8106] loop2: detected capacity change from 0 to 1 23:13:02 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)=0x0) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r1 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) clock_settime(0x3, &(0x7f0000000280)={0x0, 0x3938700}) timer_settime(r2, 0x0, &(0x7f0000000500)={{}, {0x0, r3+60000000}}, 0x0) process_vm_writev(r1, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) timer_settime(r4, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) timer_settime(r2, 0x1, &(0x7f0000000140)={{0x0, 0x3938700}, {0x0, 0x3938700}}, &(0x7f0000000240)) clock_gettime(0x3, &(0x7f0000000040)) clock_gettime(0x0, &(0x7f0000000080)) clock_gettime(0x0, &(0x7f00000001c0)) timer_settime(r0, 0x0, &(0x7f0000000100)={{0x0, 0x989680}, {0x77359400}}, &(0x7f00000002c0)) 23:13:02 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500007a00000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:13:02 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa50000000000000d887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1324.504313][ T8225] FAULT_INJECTION: forcing a failure. [ 1324.504313][ T8225] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1324.517576][ T8225] CPU: 0 PID: 8225 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1324.527298][ T8225] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1324.537350][ T8225] Call Trace: [ 1324.540629][ T8225] [ 1324.543555][ T8225] dump_stack_lvl+0xd6/0x122 [ 1324.548182][ T8225] dump_stack+0x11/0x1b [ 1324.552339][ T8225] should_fail+0x23c/0x250 [ 1324.556836][ T8225] __alloc_pages+0x102/0x330 [ 1324.561514][ T8225] alloc_pages_vma+0x5ee/0x770 [ 1324.566282][ T8225] ? lru_cache_add+0x37/0x50 [ 1324.570884][ T8225] do_anonymous_page+0x169/0x8d0 [ 1324.575833][ T8225] ? cgroup_rstat_updated+0x34/0x100 [ 1324.581191][ T8225] ? __rcu_read_unlock+0x5c/0x290 [ 1324.586221][ T8225] handle_mm_fault+0x814/0x1590 [ 1324.591112][ T8225] ? _raw_spin_unlock+0x2e/0x50 [ 1324.595971][ T8225] __get_user_pages+0x388/0xc80 [ 1324.600934][ T8225] __get_user_pages_remote+0x17f/0x610 [ 1324.606393][ T8225] ? iovec_from_user+0x2a6/0x2e0 [ 1324.611514][ T8225] pin_user_pages_remote+0x58/0x80 [ 1324.616659][ T8225] process_vm_rw_single_vec+0x17d/0x460 [ 1324.622335][ T8225] process_vm_rw+0x3a2/0x540 [ 1324.627022][ T8225] __x64_sys_process_vm_writev+0x76/0x90 [ 1324.632679][ T8225] do_syscall_64+0x44/0xa0 [ 1324.637119][ T8225] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1324.643047][ T8225] RIP: 0033:0x7fede691aae9 [ 1324.647461][ T8225] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1324.667516][ T8225] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1324.676140][ T8225] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1324.684172][ T8225] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000002460 [ 1324.692146][ T8225] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 23:13:02 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 8) [ 1324.700118][ T8225] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000001 [ 1324.708278][ T8225] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1324.716476][ T8225] 23:13:03 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x80000001) r5 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000300)) bind(r5, &(0x7f0000000340)=@l2tp={0x2, 0x0, @multicast1, 0x2}, 0x80) 23:13:03 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x20102a) 23:13:03 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa50000000000000e887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1324.849248][ T8330] loop2: detected capacity change from 0 to 1 [ 1324.879988][ T8331] FAULT_INJECTION: forcing a failure. [ 1324.879988][ T8331] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1324.893303][ T8331] CPU: 1 PID: 8331 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1324.903069][ T8331] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1324.913212][ T8331] Call Trace: [ 1324.916647][ T8331] [ 1324.919571][ T8331] dump_stack_lvl+0xd6/0x122 [ 1324.924156][ T8331] dump_stack+0x11/0x1b [ 1324.928303][ T8331] should_fail+0x23c/0x250 [ 1324.932861][ T8331] __alloc_pages+0x102/0x330 [ 1324.937465][ T8331] alloc_pages_vma+0x5ee/0x770 [ 1324.942234][ T8331] ? lru_cache_add+0x37/0x50 [ 1324.946869][ T8331] do_anonymous_page+0x169/0x8d0 [ 1324.951809][ T8331] ? cgroup_rstat_updated+0x34/0x100 [ 1324.957173][ T8331] ? __rcu_read_unlock+0x5c/0x290 [ 1324.962200][ T8331] handle_mm_fault+0x814/0x1590 [ 1324.967056][ T8331] ? _raw_spin_unlock+0x2e/0x50 [ 1324.971923][ T8331] __get_user_pages+0x388/0xc80 [ 1324.976768][ T8331] __get_user_pages_remote+0x17f/0x610 [ 1324.982227][ T8331] ? iovec_from_user+0x2a6/0x2e0 [ 1324.987183][ T8331] pin_user_pages_remote+0x58/0x80 [ 1324.992302][ T8331] process_vm_rw_single_vec+0x17d/0x460 [ 1324.997944][ T8331] process_vm_rw+0x3a2/0x540 [ 1325.002543][ T8331] __x64_sys_process_vm_writev+0x76/0x90 [ 1325.008352][ T8331] do_syscall_64+0x44/0xa0 [ 1325.012789][ T8331] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1325.018754][ T8331] RIP: 0033:0x7fede691aae9 [ 1325.023190][ T8331] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 23:13:03 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 9) [ 1325.042991][ T8331] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1325.051413][ T8331] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1325.059471][ T8331] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000002462 [ 1325.067472][ T8331] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 [ 1325.075530][ T8331] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000001 [ 1325.083498][ T8331] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1325.091655][ T8331] [ 1325.120322][ T8330] loop2: detected capacity change from 0 to 1 23:13:03 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500017d00000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:13:03 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa50000000000000f887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1325.300696][ T8340] FAULT_INJECTION: forcing a failure. [ 1325.300696][ T8340] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1325.313976][ T8340] CPU: 0 PID: 8340 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1325.323703][ T8340] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1325.333854][ T8340] Call Trace: [ 1325.337238][ T8340] [ 1325.340177][ T8340] dump_stack_lvl+0xd6/0x122 [ 1325.344850][ T8340] dump_stack+0x11/0x1b [ 1325.349009][ T8340] should_fail+0x23c/0x250 [ 1325.353492][ T8340] __alloc_pages+0x102/0x330 [ 1325.358097][ T8340] alloc_pages_vma+0x5ee/0x770 [ 1325.362880][ T8340] ? lru_cache_add+0x37/0x50 [ 1325.367544][ T8340] do_anonymous_page+0x169/0x8d0 [ 1325.373081][ T8340] ? cgroup_rstat_updated+0x34/0x100 [ 1325.378378][ T8340] ? __rcu_read_unlock+0x5c/0x290 [ 1325.383581][ T8340] handle_mm_fault+0x814/0x1590 [ 1325.388452][ T8340] ? _raw_spin_unlock+0x2e/0x50 [ 1325.393358][ T8340] __get_user_pages+0x388/0xc80 [ 1325.398251][ T8340] __get_user_pages_remote+0x17f/0x610 [ 1325.403857][ T8340] ? iovec_from_user+0x2a6/0x2e0 [ 1325.408970][ T8340] pin_user_pages_remote+0x58/0x80 [ 1325.414113][ T8340] process_vm_rw_single_vec+0x17d/0x460 [ 1325.419759][ T8340] process_vm_rw+0x3a2/0x540 [ 1325.424472][ T8340] __x64_sys_process_vm_writev+0x76/0x90 [ 1325.430198][ T8340] do_syscall_64+0x44/0xa0 [ 1325.434660][ T8340] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1325.440621][ T8340] RIP: 0033:0x7fede691aae9 [ 1325.445101][ T8340] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1325.464767][ T8340] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1325.473273][ T8340] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1325.481302][ T8340] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000002464 [ 1325.489287][ T8340] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 [ 1325.497283][ T8340] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000001 [ 1325.505349][ T8340] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1325.513367][ T8340] 23:13:03 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 10) 23:13:03 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x20102b) [ 1325.564956][ T8447] loop2: detected capacity change from 0 to 1 [ 1325.668028][ T8447] loop2: detected capacity change from 0 to 1 [ 1325.704951][ T8450] FAULT_INJECTION: forcing a failure. [ 1325.704951][ T8450] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1325.718239][ T8450] CPU: 0 PID: 8450 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1325.728039][ T8450] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1325.738095][ T8450] Call Trace: [ 1325.741373][ T8450] [ 1325.744389][ T8450] dump_stack_lvl+0xd6/0x122 [ 1325.748977][ T8450] dump_stack+0x11/0x1b [ 1325.753176][ T8450] should_fail+0x23c/0x250 [ 1325.757622][ T8450] __alloc_pages+0x102/0x330 [ 1325.762238][ T8450] alloc_pages_vma+0x5ee/0x770 [ 1325.767000][ T8450] ? lru_cache_add+0x37/0x50 [ 1325.771623][ T8450] do_anonymous_page+0x169/0x8d0 [ 1325.776565][ T8450] ? cgroup_rstat_updated+0x34/0x100 [ 1325.782456][ T8450] ? __rcu_read_unlock+0x5c/0x290 [ 1325.787486][ T8450] handle_mm_fault+0x814/0x1590 [ 1325.792395][ T8450] ? _raw_spin_unlock+0x2e/0x50 [ 1325.797413][ T8450] __get_user_pages+0x388/0xc80 [ 1325.802319][ T8450] __get_user_pages_remote+0x17f/0x610 [ 1325.807774][ T8450] ? iovec_from_user+0x2a6/0x2e0 [ 1325.812765][ T8450] pin_user_pages_remote+0x58/0x80 [ 1325.817907][ T8450] process_vm_rw_single_vec+0x17d/0x460 [ 1325.823490][ T8450] process_vm_rw+0x3a2/0x540 [ 1325.828088][ T8450] __x64_sys_process_vm_writev+0x76/0x90 [ 1325.833727][ T8450] do_syscall_64+0x44/0xa0 [ 1325.838145][ T8450] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1325.844095][ T8450] RIP: 0033:0x7fede691aae9 [ 1325.848525][ T8450] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1325.868127][ T8450] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1325.876545][ T8450] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1325.884602][ T8450] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000002466 [ 1325.892665][ T8450] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 [ 1325.900630][ T8450] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1325.908595][ T8450] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1325.916563][ T8450] 23:13:05 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) timer_create(0x2, 0x0, &(0x7f0000000440)) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_create(0x5, &(0x7f0000000040)={0x0, 0x3c, 0x1, @thr={&(0x7f0000000680)="7fd3ac4b83a70e2dd1f7dfbefdb1003d12daf4110af3987bb7d861f6c7939fbef71d9221b9ec8aa8a2cd62cacc2e375c6bedc30f9c8fd9764796e609e8e8a040c07e81c5117126ed5179065b0d5a4c1881e8e097edf8a896dae762e56c507170789b5a6bae8bfd2d8cf52ed1055724673f808ad38be5a4227a79fc75a404650f0eb199942a74de9ad5e747ec8e2aad77bb085ac55a9c4ce9003a5442dc293d263728ff6df19b70012ff5f5e60c74dc94d93485ebea43152d5a22b287e8255caf8a89d0c20ccfee4cdf29af7df27fc64c7f4bce208607a5421b8d10b6bf02c53f875eae2c5e855f973e913802f67144e1a4ccb2d3b95b8835e92e49b98f19c4bf07d13af3c5e3677ffc7e6fad0d59b03439512bbf47434c864b16f7558d04de8d7e9b701d4f57240f2f61828fbe3a9c16a35f31d3670e364402b92a631ceaf5b8d36cea0568d0ca710c83926cd23bd51fba80b809ec08e32510644f7fd1bed04c15244a7064639787df39ca072265431a1d958b89d8492878e54360b52316e703e4a1fa9bff8bd49aa6a5fb03b06b313ed6a47742285c15ef4697aa587aa78ce52ace1495357c530b983564ef79e87bba45d7f35eecef91fe2ec24194c4a008837d25c2593fe1f20567d7e33f580141e65a580070e5fbe6bc19bf3a9e9a69be99657caafbceb1e2584b15c06081df161aef4a2e646dd16d97a7da29420f40a77c5d6905715310b5dc12595118d1c84a7b546b48f13b9a7973d87f9892908b825930584ab01f5e3ad5a335d51932ba0ab7e89355f90cea2944fd12bd9f58542224ae969a3c31a34b064e1587d9423be233cf854b89ae346ce6120ba1e21e26cb55f367cb3cb1fb35b41df0224d31d1fbe32609355563fdde4f5f4130919ac1243a38b0b7447562f1cb45480d2ce35a7252f0a7b0972bd9011c318caee3ec50abf1bc586989b44f4a66684cf2b7b3c6c00ecd0a66018ede122df3fa1ad040eb58f3569f43a1e9ea1d1df35c9446ece907480308f94e3ee3036d7f644d8744bd115098f4ec2ae4c496bca461acc9c847e17aa1c04105981b9be3929f589d8abf054d42efb81f00ded29c8d9dc035b6ebd481b0e354efb5683e10ffc5e03a3e2d78d504242d54c02ae7589d88fc8a1156d701a4ff79d0b7c5a05663b4ec941cf8f9911697bfb37f6b8168d63615b3109c36c7f161695397bad9343597ce16f206fae9040a78106d16b3696582b8af3bce5b05a61e271280fd8280ca1546b0510f5e797e962784ad880c0eb1e2d0eecc37d8c79a6a831e53aca7f4846fab2a17d91246bfdbad1867f54b0e9fc3f8811ec27066717562569197745bcbb8ccc4768313d533187bcb652565f167bd013d3683067689e1291beb126202605412b75cd3ecebe9fea4f8d9127daa127a67fdf375fce8f40f371587f9b4dc534eb92670552d0b49b5567781eb273319f78fd18505794b25364da40f91dc015fce3185d6bf6f52a6733c93d1a86ea6e7e205393b8014d22e0494124fa6e70118d82797f4d0f03d7d4ffa48829a1dec6b24146d733212e9dc44fc2d84ec032942ff7824f3b8189330f6d2bd644d96eb8d87b0a0de3d814e554cfbb4abe6898ce8fd14493bbe278c5ef0cf4671bad326b6a02e786a5bc7470dd490336fd7cd0a216e812943ef5b875e34a6b5c29eb2f5090b49ed65f90ce2cb0a655b4cd4db5e1a40a517a7ea1764cd3db11352c64c924bee05fd9571663adf696ddfc84475c533974f9cff5bbe3e2640269e7edddda74a6e80f612ce25dd929a95d0d2db2faf36c15d544e9f67b8405e99eb64d1601d2945066ded3064fa16afb7e45593181a2e33c7cfbddef9d0eb68d8378f2cafd05ef3141d6edd07725ba0c17a77d515ed0a346949f64dd0acc71b2f79d7e6628b62c4a2efdfd54b91febf5493631e7db08cc3c19f2d797f55d99464fc0c578990c603352f10c83ac97785e68826a35d95b06ec1efcd5613867382a1bbde923f2714e587269f13bfcc8bd8c1870b111136daa3344a7064eddddfcd880f9ff13fa440362292c579b64ce8c8883e6f9bd3e88dd8223cf460e310ec441bd271003d41e0d3f0e1e503f0bd83f4503111d44717a7919e560cf4ebe5d107ee1b67d55226a703861cd3d72358a8aa5f7a4a25d16217f69998cf2514e4b940b3fcc61eeace722f427c16bf05d92ea2b52a83d92c2bd5f6097cf001069812917b1c0abb8580d82f71fe53c35582b11484c449f12f0f2570ab70f15bc9f170ff989b8df47f276872325cbef235c5bcfe31b7728bc2b5da1ceb12450ce094475437d57e8b5196a71b9547a5a6c4a58c2739738de859e85ff8880bef7f1ae13cb319b83094494578b5a7fd70e229428b0895f162c59357003b7c7cf790503d1c8620432129fe7c5aef10a77d824ec921dbfa0dfca21a82a3b95a154bde0de743ba85ec8b058760703d78007a75af385de8f8c6b8fb8c263ef51c2b9f0d8f4eae533bc1ece5fbfdb7d60909b1d43cf9b9613a5df235df7395292cc90b2e5e818d4f5f2218fd1bdb6e61e3ff92db07e0ef1e9b00d1a27c040f1846e9662d23d216dfb607f0d06c781adaf39fee573be6017f7043607f80b81727cb705912027cc3d8b303a126997a7ea666bd3f16395b8c06d06b76bca3b5e8c6c680fb26ab762355ea9688d3a8ecfbe189d943aa06f744ff388c6997a57fca6feb53269e77af0d645ec9a03cb9b7dc7316f7e9f7f27581fe2e908d4582537ae2ff9e4b418ff05dba816cd7c551f61ca22b5c5142224ffc711984619fda8a401c8e3e21fdd8275e86d806658633e185d9e96add86a7846c2a43ab90e99b37cf312d46578efb23bafea3d659f822a10bc51cbc3e5fda1b266fda47d3fd1cd5a0eb20796e9fb11bc64271d94e31d920aab7bbf243c17b4649158dcebdebe6a8b3909ed76075ecf4240af00d000ee35dd8fffa2bed57eaa7c76711c8dc37e71309b8310094da3c0dedef9bd818b3a627bb9e449f477c6baa272252fe297288b170173e36e354fbf29c3f029689618b16e42b42dc3f01ffd919d97f6d6fb5ff7ee2055d79da4a421888bf1b4248ee177daf3b6e3e167c2128c49228a7bacf4cde2787e40753b2e963751a99bc850c6deac5ac3fbd9081064bef8e71f4f89a7b2c1207b5716832d769a33447980fb33582a6d66433e5e5a2644e98fa66efbe6e92da0ee5d8eaf867e33885e27340d92f14ed762f9d2881d0862b4ff0069ced4f23dd8842144c8f9cf6a147b3fc71d17a76c4b1939efcbc68d3f7c14f6e7c69b37dd905cc07d051a8bf01cf0219d4444c56e62c91184d0fad49dc1dd1a9088d352153f42b9a387ca598fa0229fdadd7359ee912c2e2d4d1d3f66f284d8d0df8273b50e8674fcea5fef8fa87446afb444ef6125417d011ea34ea103740d43806669a2f2a15a90963d415b9cfe0703edc2d1958d6a54cd116304498f9037cc2c8a62fa57babc75118f8e4007795cace5449cb848e45231e8c0e75694586107829c156b18c2d3be33cf72aa1d925fac8a186770d9be0f81b6f291b69dcc1b030b53300f291298ad25c95b0c9ac619aa2a9754b06f105cfd0dc6de9e166166fb9c22da9f6ec157adeb7722e41adbcc8cbeee36bc509e593566edf9967bbcc159c4b5cba9353efb49bd4e3c759d0c8b4f4af4b3956c270aa8d78d615e9447b9202707c1c871372e8a74933684880f32aa22b2f40e770b16afa1298cc08d549fcfbc9acd5890a8c318286ed9a38e1019cbfe718d1f30cdbab1149ec470e87560256e1ed0287b02b7746fdde59f4014440e21c633e9a2a560200f40a9b7dca98bca825ef37d28ad73a260e231e3333d21b2f68ef62cde91af344bcc31f075375be3d5705bae3c3c42877197eaab56cdc0f710440a681f3686c3ce2151103214795b0c71f697c6b15bb435d88b1da851e099e4832e33b60cf4006f3855942f1541c6aef889cd3eaf85881b93fe3037b229b7b26adf25635aaa5fbe50361bdb3a2b562471af5737a7a4dc52dd882ceae54dbc8d2ce0291f787d49a3e3932605436b772634226473c9b5aa2f55c0e9bcbb8bb6c32846a93b7b19b6a78d05fb838869018f14e0cc92984fefa97093a14bbd2bace754071871da989edea59e45b884f7e067264f2d7c014acfdba08ee1710a02a47a337d32e18c97987f447bb76c6ab4dce183db733c5c48e7fa68c049da6c84593ddc3d94a946cac0bf904924680c1e01457a4404b3538e89942b4bda64cbe71038b4e180efa94d613ac038ee2f5401516d79e6fd0969c72d010f8cfe1e4918571dee0784022b7e6d174a121abdd01e1d14577d85ee7282159ffd886d1d7bb2270b4ba0c2a180d16e4902fa929898b9bc53d7c5e7e83708ee1f310a43be2ae6a56e9be2891537395bdee49415e8f5f8491fcd2c193ba8259302fee02dec1efd961e7af48174d0b6b3710df3d75b13a717e99db7b56a8319053dda7120c7500527efb5d1415aebcdb6cd93171f6e0d06e062b30d3c477d1455dd1b2b3b4233d442d51acbbb5476aa224d3cff13292a3a39bc3bfbfe7a10171c2ba5c8f3b6af04d78fd592427e430bea1177395dae7a3c40e3fb34de3d6c6ef32f8933d73481d80c72c28974c26e14a32858ac245fd4e1453f08dd5c93a71dad4f205f890273623317a16389927989d66daab769a79a039aa6015b202175cdef4f592d5547df9314ac1a845c179da6ddd1d1fdfd94796f87a766e9dd0ef418530633ae4150599fd9f05e3fe52e7f0ac71f70413c682775f3176533b93a70fb6f345a023c67d98fdccc3df0e2163fb894db58931f433de59c8e984823210a68d2577f4e2b9984db6972c8c31b0014e2d76563f64c5af2a639a99f1d08f90fc8209455cff1f4abc9940d42dc1cb4c4c6b8397031208ebdbafa87078f4f750a20d9780e26bbdeb4d0fd5202e5277993c6be9931915c7c2fa083ec70a224eace22a56ab518750aca2723a4eb13b6a8c5fb3d98cddefc6c3c623f32b1f005761d2de043b73a1d3e62795b88bc4bced93b3f8ce1bad7cbe3b74043b6e3149fe5eb61743f3df491c62be34176e3960476fc368d8f988d956165d0d88ef02f37bfa6274af92dbc62b97b89a84c88e7d9864c5553134f21dd9551bb0d43e75b494ef59c0bd6ac6e6f75708e83d12ef935d4b8de02a95664b01c85e6a43449b3ef64a845488253b5b09b0564e0e83f6af9b40278b1d54201d6c443413f4148b0bb4218f302186fb7a477419804c58c183240226ba705286ba8e7ece4d951396c17c4da67d9b7299e2d4f7c43c9757b98f4103bcd91e76be571df85ccca9b19b85faa9298f4991a5268ac81479049cdc20d10a874f04871c4868211aa89d6a2276b23cd1bd858c4092120307f4759fe7d447c203f7b2d42ca6347789c359774aac5dee0476b22baae9e6af88ed029493592e2f1d582fb788b931bf27cc74cabc1d360d5ef5606c37fc217396253ab1864f1a5d4494f93a5520c379ac0b8b129d57b7093e9947372d824410784c2aeb770fdb2d8cc09b69e0615f9891b34953c4f2aaba2982d6bd6bbbc9faf9a92ceb8a5db7d1b76272a70415a2a0a9d0c57c21c69eddc557ee583835230641d318d812ddf2a4ce0027269ac1fdbfd34bf79f93552a34b919ff11764d38267c9a117522b72477d7f33225a38d16b2518c261bd9eb9fe891e151125977ef6aaef4f835e24c8648d6a0e688f56bd5b42bae13f56d6bb0ce8c919460863c9225bb5b7dca2ceec2fea85554899f487deeb3af64ed93df25ead09a77943fea", &(0x7f0000000100)="5fe488cac245995aee09cc4072abe1b8c7b50cb7e10511597303813ed965d332611b250527aa96c138823e5bfebfe89689515ab2deb0ed3b49cf6ddb2806eb0f64964fce8aeb6b020db5f5b3ecbdb815b4bb5b35756d9245d0b37bb3fcc31dcca92283b30c616d22027c5e97c1d1270882982edf0558194567f44d6e30ac5b3a2d9853fab92a"}}, &(0x7f0000000080)) timer_create(0x7, &(0x7f00000001c0)={0x0, 0x7, 0x1, @tid=0xffffffffffffffff}, &(0x7f0000000200)=0x0) clock_gettime(0x0, &(0x7f0000000280)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000240)={{r2, r3+10000000}, {0x0, r0+60000000}}, 0x0) process_vm_writev(0x0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f00000002c0)=[{&(0x7f0000217f28)=""/231, 0xe7}], 0x1, 0x0) 23:13:05 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000010887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:13:05 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./bus\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) fgetxattr(r0, &(0x7f0000000040)=@random={'system.', '\x00'}, &(0x7f0000000080)=""/7, 0x7) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x80000001) 23:13:05 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 11) 23:13:05 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500009000000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:13:05 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x20102c) [ 1327.561843][ T8462] FAULT_INJECTION: forcing a failure. [ 1327.561843][ T8462] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1327.564784][ T8458] loop2: detected capacity change from 0 to 1 [ 1327.575167][ T8462] CPU: 0 PID: 8462 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1327.590909][ T8462] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1327.601082][ T8462] Call Trace: [ 1327.604453][ T8462] [ 1327.607440][ T8462] dump_stack_lvl+0xd6/0x122 [ 1327.612116][ T8462] dump_stack+0x11/0x1b [ 1327.616363][ T8462] should_fail+0x23c/0x250 [ 1327.620782][ T8462] __alloc_pages+0x102/0x330 [ 1327.625378][ T8462] alloc_pages_vma+0x5ee/0x770 [ 1327.630142][ T8462] ? lru_cache_add+0x37/0x50 [ 1327.634737][ T8462] do_anonymous_page+0x169/0x8d0 [ 1327.639775][ T8462] ? cgroup_rstat_updated+0x34/0x100 [ 1327.645624][ T8462] ? __rcu_read_unlock+0x5c/0x290 [ 1327.650668][ T8462] handle_mm_fault+0x814/0x1590 [ 1327.655577][ T8462] ? _raw_spin_unlock+0x2e/0x50 [ 1327.660444][ T8462] __get_user_pages+0x388/0xc80 [ 1327.665294][ T8462] __get_user_pages_remote+0x17f/0x610 [ 1327.671372][ T8462] ? iovec_from_user+0x2a6/0x2e0 [ 1327.676327][ T8462] pin_user_pages_remote+0x58/0x80 [ 1327.681446][ T8462] process_vm_rw_single_vec+0x17d/0x460 [ 1327.687062][ T8462] process_vm_rw+0x3a2/0x540 [ 1327.691670][ T8462] __x64_sys_process_vm_writev+0x76/0x90 [ 1327.697368][ T8462] do_syscall_64+0x44/0xa0 [ 1327.702074][ T8462] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1327.707976][ T8462] RIP: 0033:0x7fede691aae9 [ 1327.712434][ T8462] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1327.732404][ T8462] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1327.740844][ T8462] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1327.748895][ T8462] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000002468 23:13:06 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000011887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1327.756870][ T8462] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 [ 1327.764839][ T8462] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1327.772808][ T8462] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1327.780993][ T8462] 23:13:06 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 12) 23:13:06 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x20102d) [ 1327.838022][ T8458] loop2: detected capacity change from 0 to 1 23:13:06 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)=0x0) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r1 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) clock_gettime(0x0, &(0x7f0000000d00)={0x0, 0x0}) timer_settime(r2, 0x0, &(0x7f0000000d40)={{r4, r5+60000000}, {0x0, r3+60000000}}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000000bc0)=[{{&(0x7f0000000040)=@in={0x2, 0x0, @broadcast}, 0x80, &(0x7f0000000380)=[{&(0x7f0000000100)=""/21, 0x15}, {&(0x7f0000000140)=""/38, 0x26}, {&(0x7f0000000180)=""/61, 0x3d}, {&(0x7f00000001c0)=""/53, 0x35}, {&(0x7f0000000200)=""/213, 0xd5}, {&(0x7f0000000300)=""/110, 0x6e}], 0x6, &(0x7f0000000540)=""/227, 0xe3}, 0x9}, {{&(0x7f0000000680)=@tipc, 0x80, &(0x7f0000000900)=[{&(0x7f0000000700)=""/105, 0x69}, {&(0x7f0000000780)=""/199, 0xc7}, {&(0x7f0000000880)=""/115, 0x73}, {&(0x7f0000000400)=""/43, 0x2b}, {&(0x7f0000000480)=""/30, 0x1e}], 0x5, &(0x7f0000000980)}, 0x800}, {{0x0, 0x0, &(0x7f0000000b80)=[{&(0x7f00000009c0)=""/128, 0x80}, {&(0x7f0000000a40)=""/107, 0x6b}, {&(0x7f0000000ac0)=""/163, 0xa3}], 0x3}, 0xff}], 0x3, 0x2160, &(0x7f0000000c80)={0x77359400}) timer_settime(r0, 0x1, &(0x7f0000000980)={{}, {0x0, 0x3938700}}, &(0x7f0000000cc0)) process_vm_writev(r1, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:13:06 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa50001a300000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1327.971361][ T8672] FAULT_INJECTION: forcing a failure. [ 1327.971361][ T8672] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1327.984633][ T8672] CPU: 0 PID: 8672 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1327.994372][ T8672] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1328.005017][ T8672] Call Trace: [ 1328.008300][ T8672] [ 1328.011238][ T8672] dump_stack_lvl+0xd6/0x122 [ 1328.015975][ T8672] dump_stack+0x11/0x1b [ 1328.020141][ T8672] should_fail+0x23c/0x250 [ 1328.024653][ T8672] __alloc_pages+0x102/0x330 [ 1328.029340][ T8672] alloc_pages_vma+0x5ee/0x770 [ 1328.034126][ T8672] ? lru_cache_add+0x37/0x50 [ 1328.038738][ T8672] do_anonymous_page+0x169/0x8d0 [ 1328.043794][ T8672] ? cgroup_rstat_updated+0x34/0x100 [ 1328.049094][ T8672] ? __rcu_read_unlock+0x5c/0x290 [ 1328.054182][ T8672] handle_mm_fault+0x814/0x1590 [ 1328.059121][ T8672] ? _raw_spin_unlock+0x2e/0x50 [ 1328.064008][ T8672] __get_user_pages+0x388/0xc80 [ 1328.070181][ T8672] __get_user_pages_remote+0x17f/0x610 [ 1328.075658][ T8672] ? iovec_from_user+0x2a6/0x2e0 [ 1328.080676][ T8672] pin_user_pages_remote+0x58/0x80 [ 1328.085795][ T8672] process_vm_rw_single_vec+0x17d/0x460 [ 1328.091379][ T8672] process_vm_rw+0x3a2/0x540 [ 1328.096040][ T8672] __x64_sys_process_vm_writev+0x76/0x90 [ 1328.101936][ T8672] do_syscall_64+0x44/0xa0 [ 1328.106470][ T8672] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1328.112431][ T8672] RIP: 0033:0x7fede691aae9 23:13:06 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x0, 0x0, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f0000000100)) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x80000001) r3 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r3, 0x2007fff) r4 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r4, r5, 0x0, 0x80000001) 23:13:06 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) r3 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r3, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x0, 0x0, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0}) ioctl$SG_IO(r3, 0x2285, &(0x7f0000000180)={0x53, 0xfffffffffffffffc, 0x1000, 0x5, @buffer={0x0, 0x2d, &(0x7f0000000040)=""/45}, &(0x7f0000000680)="5b88775db8131fc2b5cabd1f1d6ef2cf0b1135c42479a8a86c8d201201506f2b856c21466d5033dc09f80b1389ab2bfdcd529c41ad39d10a9945cd6392c9ff8e949b431c15b5f1fa845f8cb340dee39a4559f955efdb9f0206ce7a7522cf3e5c7625245e78e80b3c0d24ed8b91b5ea299dfa80d837c1e046283dd6aa9afc6d14cf881f1b19dab30fdaa5c11a61f3df2ad7b1baa71d76332f31166b9ab6228eb9c11e0a0ee473c3114433a10bec3bad51d1e727d9fab855d2f2cac84d17fca4939d93c8c6fdb1adae6a6d4438ff9b0a9c7482c69e39ffb2af378316d4f5ccb6114aa33ccb60e541ab98f29e1d11b41b3253d82a080ffe48616fe9a2705f938744f63a6a688653d388a8a4218f0d6706330de53298d03c516f78fd62f36cbeefd3f9735df6a6df1910fc575a88facf448e0fe6a632c2e582ab8e3282ef86b0860dd9d5cf1d81401644caf8c65692129a0b2c5877da87ecade5dff1acfaa9f6d5d2856188e87ac86b07b964e1902495e6f3d2b7276788c0220d31ffb64e84e94dd3af259a02cc3f78403394107faaba96f98fa2a1c87fa7a3d2cdffb039f47d69d3544d033ee285f35d9665ffb62dd5273a15dc5a99cc2f8cf53e2f5ea5bd44000a6d1b5ec0664f938d7af4d0e55b956f331493518329422001de6783ffa0ce9e59f47fbbbeeddb41e02613b5185a0d07c5b11441ada05fa9f8e7e70841677350ad2ee5cc6a910b770b73e64b7b829985ebf408ac36ab2208b1b9b3cc3138af217393408bfafe73b46ee8cab79ae566155eab38c598428590374f96de2a51bd4713df27eebf1892ef8e4dfa2155c97ad25936857096efde3081bda1e6f413a8dff593a4b52feea7ae62b09d10ca689cc5e1e4ba25ac622370d794d977e2e093c16c60f4fd94b8bb9d2b063d1340faafe71a264b66483c9e4a118601f7a248aa492b95d2bfb67d71a1283159b3f118d717af2d4da3f31a8188f92c10db21856b319d60393ad281d76b99192cbbef5ba76e9d04eef495824796bbca509e6be1c8aa3fbb33af6a5edc52faa6a082e4f37ff9750aae27d834210b73f692ad6b3be8c7c9e4bb2226216371ed2b88f3f57c15c5219556bfc723e7dd6ad53b336278262d237fbccea9e858d1731efdeccbcd434b96f65adec5fab123ebf2ff9fad669c786001e703257d84312929edb4efdf6def9bec0a2ffebe61f35f78ef6a81e850bfc893a0edf6eac266d826df30f35b1adceddbc63c856c3f16265f12907c88586fbf5541b1cb8c7b336d2fee6272b22522d1530627c0793a662b5d882c99f080bcc1f0f568e88952e315094c588ab4e2b575830cad46a22a578119de545de7eeaa9c10b5361ebb8589415e0da100b76b5f045587a1c393a3e59d98d07b3fd9a87b1dc39ff1c1d5fa87ca50dbcf492578c239e15dfc2f1101af1ffa57da76615c534dc30eed095d277ea1d9f548db406323dca53e55ef55ae59af1d892eb0397d1f333df3162617b675575fa6208ef8e85a41b6d040f8ec085ab0daa1fd8c996b9c4016b118cba13c9149fea718f9bb6e6229744295a484277c1811322f1c632f1a1e80b874c009366c6645c36bed1a6d3cb4d140d79919f2731f8cf21069a27d8e702d67c13af920aefff117ad76e39eb61bf81adaf4511db282030d18b42ffa3901f842c63f5269c9b3257fdef514c3daf346608c58c6b9d4a1b6ef416b3394d84919383c9bed518c071f2aa8bcf9add08e57356298412b5d1d1ad6f0829479d8bff8531b597f30cfebdaac1075eec1c3a16929e82d5f1f0c0dcb487e18f36fa3580ca01379a0b329e079ad48f24e780c819a6701078be521aab1b517cd4772008316e011d6c6c14773dcd8798958a81b24213189986dad7140a8fe110257a2271675663a9fd53e0200505d85f00c92e0a7ee3d894dedadaf87dcac1253e2823746e59769b707f615a8a00427ac312951b074407f97a8e7a041a27926e3134890bb71a0eabff2eb66921d78bdddaded1384ca0c2dbbeb1c0ca1fe91c413135bfeb703fb4058788346dc70b7fdf7211f95250c274085a046c941a39000c646d38c6d933457761b2d92fa80e7e29c860f82b30f56bea8db0478ec1aafa73114696c25cf0901ef1474998c0c7d48a2a7b64a2bc520149594e55b2d74074501f5ab82b397d212717f4335155a23d233faa9e42764b9e6b6a3f83542becd0b30e1f8151d37d185bc8d14277fb853b5cf39a776560bb7a3a47aab5ee04357185332d3c5dec412f25e93f478c21b7847377b1adc087371964ca0845efc582ad3e74d60e0a4b5dc46e7756b4e897d248853b6055fdd853a86be6661a53231cfb46129515c8fa48b66964d1d3fffe8c3081fcb6d8a478bb199d6c74c9b41341a0557484a2d2935e3d8cff77d660b48178a7f82758572fa999fc57ff59c570ea0d460273c3d16de80e849bb0dad0e050e7d1b3482885dae6acd71698f4d1eec9050851a157fb01ad091b7c989046a03c7258acfcb846440a9fd530dc6f79c9a2531789de1b7426d8c5f67ff5d9981ac52fd5ac4cf9ec814242ad82b53e4eb059b8f06c7d2f2fe60a155d4073000546c678a05ddb1866d539969c6e8eb324155a9d5494811666fa9271122d44a97398d54cc0614f5752f08ac40527e9f02430a99903ba61e72e8a987eb3600c965d7aaa11c216059e17b0cb6e4d2cd9616003e95f2d0c5b78976bd96114d80add4820bab580c0944757dc02d24d444bf5de8fdf9c65fc1f383ffaec6506f15ca4deb9eba0b11ea29f11c66bf30c57ca70542b85b6a6d02babc6b0a6350a7bb949d3d5c364c058979edb2565e1890315c4f50882bf19164c53ef9fe982abf5dd0216a97aa6efe722d994abc488b7dd4d62a03fbc8db39e6ce828760800175d653a36854971d53983206c469ad1100adc89e3c11ad19432d503d32fd6c9b4606bd4e64d3e83816154a8602551e4a30d87f1d1a0413989f6e4ad7557654897d3b81773fbf9e4c7cff923c2c8fbdbda50830770c41d256c2b297a80d011a1dbf96b4b55c67ddcd8be58b46d7a28f3d8f2f360c24a4b5d1fd1a7577184c927371e7f415cf53f3642b773c0d952d603a8bf9df8e18d923ff8ae0cf223990b38cb8c9bd8179604530417a9efcf7714413f1f473c7a51672a15872cacea7f8ada6a531cb30826740ae2173629741a59021b60861c7ce0c10977656e608913dbdf466ad715b3713904abdfeee0dc9ab986ff10bf81156859c02b748a056cf2d951783fa3ae1731a86485eae6c407c200045816a72abb20828f8458fd548e54451f7cc0d5bd7a34b8fc94dc6b5aeeb9dcadd05d553dc3af5246d522b95faa0d3e6d613badcea21e22a9e676af2af17ff73a89644331e1164f117e95eb7d5aab8ef24bc02a2b1245e3e2c1a925060bc322bf348137aa0bbf8f7e3945dd889a678f86444bf2f8a798b2ebaaeafa0e3cab2b5595c5c1a366b79283cac3ddeabb7bc3f830fd590181c6ca62a137f56fe2ae6d0060a57cb008c12f181d760ec87a57e5d7b14ba594b7147329401b25346db5edc80743c48cc6e18591173d9fcd854d8b7dda164dde3d27a641da0bbcc64c9be629239260a595930daf00cb082eebb90fc0784bb59e4b01090aeece03abdbd8f5d5a942a007d99ce85f34a186bd74bdf71a8011507af08e8552e82be7c879f435de229285dab5fcf3c202d1304afad83c78a3bd5f7be73e56422e07fc4dfb7e95f63abeae4dfe5e9be638535ec7a109801e97ee9e79b73a98244af1b657b3e57caf0d285a1dfc2d177825a6bd0835d29ce71f90661df73a3310df8dee3dadec5c2283cc4dc4a8e8c23cd29f986f6591f3b3394ded459f509c5a53c3f7a0a3b7479e48b3f4d9c5aeec268dcaa2863ff4503909cbe0c286869e07c6662a6c42a35bbecaa4ac77def271830ae77296c926dd14e676852181f627c8589afe69106b51342d780f3f5bcf679effe6fdd06f47d4a1a5bf6a783ba9f611b6aaaac7a5fffa3edfbf882fefa23b1e920b7afe1b66b35038c5f5a83e4da7da666adb0ac7cdb0128b162ddd6bb197fcb8568c60ec55d37c48f9a8494bff019fa1f1b20ce5a45f3b89633e74d4410e71b6a81d6940c4c00e25ee6cb58f96b311d11f176699b10dd8253f19599a49ca1c7d485644ac0904f96fe2d5d442a519bc5481019bc202807d3474de29cd5971183388dd984aec49bd6e219affe2cb82b8b381ba89df6cdc7d177c8fde6bee721ae04f41424c32a9936e72df071fb981bddfb2d0ae5962b384ca4175ec7205f4c74da3feb4d3c229900acd9d440091ee2c7e04f5af31f48c62eab829fbd91489f29c3675b9d4e4538221867990f6262208d6e546e08ecc583557226f73496ac21387b573252f8bd7bb7a85543f4452db7b39b74fe8a3f93ecaa3fd42bc99b3eecf17f6385048533b9a38d8e45b0512036208651cc90cc28ef71ea9af4dec599e026aba209db5e564c7774ef18975dd5bed4fca43f942369a7940c5e6365267e5e7c357cc8c2490db9de985ba19e81f9ca2385510d048d1e7378bf5bd8bd136672c8d84cbfc73fe7b242a83e0b568239b9f103fd6c906d0d2847c0c7f994e7eb1bb0c12496b836f7b646bb5f63708f402bd0ca696f537c8d1b6bbc880db343731a7648cbb0680e649d325305f7d26b526c4553be19ca12ff4ad6c5892363cd2dec0bc06645b4125b7b5b0d7fdb95c756eedb683d719612c72ac4616604f3fe25cbfd3897b86d4df05520147f4f609d7629889b221b5c87b4a925026fd2331c5e5e662ac4e190f711e1541391ec4b2b17c375a066f48bba98769024818401a6cb0f34906458c10d17434a68921eaf7e27b44ad0571c69db02434870f7ee13ba0fbede8cab86f500596d33f467e14840a425c52ae529459d4a356a4176325db701c54f8b4c5fd361c5e2031344ef98ad2d6191e3f81b1a0c33a048768f8b50666a542473da9178dc6ef0862d8c1ff30019082da2388e31c9137a0a3751f8070c300800562fb330e4cc24199919cd3705de3863876287d1901537e47f35a2cc697cd5a5d22d43c88faed62df07487501cf8b8242769043b81da2cf2230a659a7ce805f2cf7d6235c1acfe11f252d7008c1a03c62b437c4e98863df937734770bfeaeb04c7866f577e20b455fed6afdb51ff253eb585b800d9be3f8cd6b24f7d94ca4087dcfc0443d1f3ba8ff8be90e664c7587e88fe6c4586906db5715fc6b55b9f5f30a103aa142656baeb9db3eb344172c25a528a36c588ec03ad071f307d862c95a528afeaaf7957eec2f88626837ded224ba158dc2cfb5036cc9d0722b5318d530c33edd4797059aa15388e27e925243e50c8b26eb4e28303fce590f246725f963eaa6afad73e82f21366d9ef7a01d6538e516333404e5744e37471d6e19e77a710af4729c7b94257e0228b8c2506226ed8a23fbdb1d5b7f596f4e9086e3b38a97a49be213a333820e851877bf5dba8b9cf5c3fd0dfc2dd18ba99ff061b73a7904c92dbab8bb335b890ff2e45b2c22c2f3fc3e1518157c9f77ade223a7d093e0ae6a5fa39ca5b54194c0cb24716d482a6a9c54e93170afbb71cf5fcb18f0c30c49015416cba35dcb18235c0bf632c8527fb53bc5f31c9d07cbc5b70e708929fd8ed1e331b2dd76940163ff46a5c944aa1360b1d3ba547f0e812437c88cc4e8d22b3b0f91aea443f9b9e5ebcb7a1dce6d724644f56af7cb4a21a0c26a2e2f9e403cbfc4fa76f0e50b7f764c7d932ea9824c024d4b0982274ec33899836a67cc626dfdab1369505", &(0x7f0000000100)=""/87, 0x401, 0x10005, 0x3, &(0x7f0000000080)}) [ 1328.116846][ T8672] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1328.136798][ T8672] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1328.145324][ T8672] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1328.153479][ T8672] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 000000000000246a [ 1328.161456][ T8672] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 23:13:06 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000012887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:13:06 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 13) [ 1328.169433][ T8672] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1328.177411][ T8672] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1328.185458][ T8672] [ 1328.221132][ T8781] loop2: detected capacity change from 0 to 1 [ 1328.286250][ T8786] selinux_netlink_send: 93 callbacks suppressed [ 1328.286264][ T8786] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=35144 sclass=netlink_xfrm_socket pid=8786 comm=syz-executor.4 [ 1328.309680][ T8786] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=34247 sclass=netlink_xfrm_socket pid=8786 comm=syz-executor.4 [ 1328.328413][ T8786] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=53893 sclass=netlink_xfrm_socket pid=8786 comm=syz-executor.4 [ 1328.347176][ T8781] loop2: detected capacity change from 0 to 1 [ 1328.354100][ T8786] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=53481 sclass=netlink_xfrm_socket pid=8786 comm=syz-executor.4 [ 1328.385099][ T8791] FAULT_INJECTION: forcing a failure. [ 1328.385099][ T8791] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1328.398363][ T8791] CPU: 0 PID: 8791 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1328.408391][ T8791] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1328.418459][ T8791] Call Trace: [ 1328.421740][ T8791] [ 1328.424675][ T8791] dump_stack_lvl+0xd6/0x122 [ 1328.429324][ T8791] dump_stack+0x11/0x1b [ 1328.433482][ T8791] should_fail+0x23c/0x250 [ 1328.437910][ T8791] __alloc_pages+0x102/0x330 [ 1328.442637][ T8791] alloc_pages_vma+0x5ee/0x770 [ 1328.447416][ T8791] ? lru_cache_add+0x37/0x50 [ 1328.452015][ T8791] do_anonymous_page+0x169/0x8d0 [ 1328.457054][ T8791] ? cgroup_rstat_updated+0x34/0x100 [ 1328.462418][ T8791] ? __rcu_read_unlock+0x5c/0x290 [ 1328.467450][ T8791] handle_mm_fault+0x814/0x1590 [ 1328.472311][ T8791] ? _raw_spin_unlock+0x2e/0x50 [ 1328.477174][ T8791] __get_user_pages+0x388/0xc80 [ 1328.482035][ T8791] __get_user_pages_remote+0x17f/0x610 [ 1328.487534][ T8791] ? iovec_from_user+0x2a6/0x2e0 [ 1328.492490][ T8791] pin_user_pages_remote+0x58/0x80 [ 1328.497666][ T8791] process_vm_rw_single_vec+0x17d/0x460 [ 1328.503242][ T8791] process_vm_rw+0x3a2/0x540 [ 1328.507875][ T8791] __x64_sys_process_vm_writev+0x76/0x90 [ 1328.513611][ T8791] do_syscall_64+0x44/0xa0 [ 1328.518091][ T8791] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1328.524018][ T8791] RIP: 0033:0x7fede691aae9 23:13:06 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000022887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1328.528433][ T8791] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1328.548219][ T8791] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1328.556857][ T8791] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1328.564925][ T8791] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 000000000000246c [ 1328.573008][ T8791] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 23:13:06 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 14) 23:13:06 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500fffe00000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:13:06 executing program 1: r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x0, 0x0, @scatter={0x1, 0x0, &(0x7f0000000080)=[{&(0x7f0000000300)=""/74, 0x4a}]}, 0x0, 0x0, 0x80000, 0x4, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f0000000100)) timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r1 = gettid() ioctl$SG_SET_KEEP_ORPHAN(0xffffffffffffffff, 0x2287, &(0x7f0000000040)=0x7fff) timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r2, 0x0, &(0x7f0000000500)={{}, {0x0, r3+60000000}}, 0x0) process_vm_writev(r1, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) [ 1328.581268][ T8791] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1328.589253][ T8791] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1328.597279][ T8791] 23:13:06 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x80000001) r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r5, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x0, 0x0, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r6 = accept4(r3, 0x0, &(0x7f0000000080), 0x0) splice(r5, &(0x7f0000000040)=0x3, r6, &(0x7f0000000100)=0x4, 0x4, 0x75156242b7b0bf44) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000000140)) [ 1328.772797][ T8927] FAULT_INJECTION: forcing a failure. [ 1328.772797][ T8927] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1328.786055][ T8927] CPU: 1 PID: 8927 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1328.795848][ T8927] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1328.805900][ T8927] Call Trace: [ 1328.809171][ T8927] [ 1328.812199][ T8927] dump_stack_lvl+0xd6/0x122 [ 1328.816816][ T8927] dump_stack+0x11/0x1b [ 1328.820968][ T8927] should_fail+0x23c/0x250 [ 1328.825385][ T8927] __alloc_pages+0x102/0x330 [ 1328.829982][ T8927] alloc_pages_vma+0x5ee/0x770 [ 1328.834744][ T8927] ? lru_cache_add+0x37/0x50 [ 1328.839370][ T8927] do_anonymous_page+0x169/0x8d0 [ 1328.844373][ T8927] ? cgroup_rstat_updated+0x34/0x100 [ 1328.849659][ T8927] ? __rcu_read_unlock+0x5c/0x290 [ 1328.854685][ T8927] handle_mm_fault+0x814/0x1590 [ 1328.859710][ T8927] ? _raw_spin_unlock+0x2e/0x50 [ 1328.864577][ T8927] __get_user_pages+0x388/0xc80 [ 1328.869502][ T8927] __get_user_pages_remote+0x17f/0x610 [ 1328.875024][ T8927] ? iovec_from_user+0x2a6/0x2e0 [ 1328.879988][ T8927] pin_user_pages_remote+0x58/0x80 [ 1328.885181][ T8927] process_vm_rw_single_vec+0x17d/0x460 [ 1328.890733][ T8927] process_vm_rw+0x3a2/0x540 [ 1328.895370][ T8927] __x64_sys_process_vm_writev+0x76/0x90 [ 1328.901267][ T8927] do_syscall_64+0x44/0xa0 [ 1328.905886][ T8927] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1328.911895][ T8927] RIP: 0033:0x7fede691aae9 [ 1328.916321][ T8927] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1328.936019][ T8927] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1328.944530][ T8927] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1328.952518][ T8927] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 000000000000246e [ 1328.960487][ T8927] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 23:13:07 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x20102e) 23:13:07 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000025887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1328.968463][ T8927] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1328.976573][ T8927] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1328.984547][ T8927] 23:13:07 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 15) [ 1329.015318][ T9002] loop2: detected capacity change from 0 to 1 23:13:07 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000048887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:13:07 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)=0x0) clock_gettime(0x0, &(0x7f0000000040)={0x0, 0x0}) timer_settime(r0, 0x1, &(0x7f0000000080)={{}, {r1, r2+10000000}}, &(0x7f0000000100)) timer_settime(r0, 0x1, &(0x7f0000000000)={{0x0, 0x989680}}, 0x0) r3 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) r6 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r6, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x0, 0x0, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ppoll(&(0x7f0000000140)=[{0xffffffffffffffff, 0x4000}, {0xffffffffffffffff, 0x1000}, {r6, 0x28a}, {0xffffffffffffffff, 0x180}, {0xffffffffffffffff, 0x8020}, {0xffffffffffffffff, 0x2020}], 0x6, &(0x7f0000000180)={0x77359400}, &(0x7f00000001c0)={[0x6]}, 0x8) timer_settime(r4, 0x0, &(0x7f0000000200)={{}, {0x0, r5+60000000}}, 0x0) process_vm_writev(r3, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) [ 1329.117404][ T9002] loop2: detected capacity change from 0 to 1 [ 1329.156380][ T9108] FAULT_INJECTION: forcing a failure. [ 1329.156380][ T9108] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1329.169652][ T9108] CPU: 0 PID: 9108 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1329.179370][ T9108] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1329.189485][ T9108] Call Trace: [ 1329.192788][ T9108] [ 1329.195723][ T9108] dump_stack_lvl+0xd6/0x122 [ 1329.200325][ T9108] dump_stack+0x11/0x1b [ 1329.204477][ T9108] should_fail+0x23c/0x250 [ 1329.208951][ T9108] __alloc_pages+0x102/0x330 [ 1329.213622][ T9108] alloc_pages_vma+0x5ee/0x770 [ 1329.218382][ T9108] ? lru_cache_add+0x37/0x50 [ 1329.223002][ T9108] do_anonymous_page+0x169/0x8d0 [ 1329.227944][ T9108] ? cgroup_rstat_updated+0x34/0x100 [ 1329.233225][ T9108] ? __rcu_read_unlock+0x5c/0x290 [ 1329.238271][ T9108] handle_mm_fault+0x814/0x1590 [ 1329.243124][ T9108] ? _raw_spin_unlock+0x2e/0x50 [ 1329.248028][ T9108] __get_user_pages+0x388/0xc80 [ 1329.253030][ T9108] __get_user_pages_remote+0x17f/0x610 [ 1329.258491][ T9108] ? iovec_from_user+0x2a6/0x2e0 [ 1329.264048][ T9108] pin_user_pages_remote+0x58/0x80 [ 1329.269184][ T9108] process_vm_rw_single_vec+0x17d/0x460 [ 1329.274809][ T9108] process_vm_rw+0x3a2/0x540 [ 1329.279406][ T9108] __x64_sys_process_vm_writev+0x76/0x90 [ 1329.285087][ T9108] do_syscall_64+0x44/0xa0 [ 1329.289502][ T9108] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1329.295401][ T9108] RIP: 0033:0x7fede691aae9 [ 1329.299810][ T9108] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1329.319417][ T9108] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1329.328175][ T9108] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1329.336139][ T9108] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000002470 [ 1329.344191][ T9108] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 [ 1329.352158][ T9108] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1329.360129][ T9108] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 23:13:07 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 16) [ 1329.368157][ T9108] 23:13:07 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa5000fff00000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:13:07 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa50000000000004c887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1329.431933][ T9116] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=35144 sclass=netlink_xfrm_socket pid=9116 comm=syz-executor.4 [ 1329.447181][ T9116] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=34247 sclass=netlink_xfrm_socket pid=9116 comm=syz-executor.4 [ 1329.461029][ T9116] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=53893 sclass=netlink_xfrm_socket pid=9116 comm=syz-executor.4 23:13:07 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x417, 0x2, @thr={&(0x7f0000000240)="7e04ee695ebc1383a7dfe0c5f79038066f317bec54d7bf4c4824008150ab42e7dd12d2b0fda04028a0f17e7f1b10bf163d6d1b8d40abbe1aa0a4a8d17518f681c6f726ae4edc530c13bd2002dc1e0a7ffea3c2a8c59c40e2ef9dce2cd7b6f72125a8754248aefe7207535f86079154bad86a5ecc54ca9801224c76067034c275ecbfc038242bd224c8985fe82d489a8c471ef5ea9ec36638699846131807fa7c0b1b3f589ec2012103d73df679157a195fde4dc337e6a38b7007254ab6181efd79ab", &(0x7f0000000540)="4f0b1e41f1176b9c1aa35246893042e4f34ef3780c5b136d24716bb4279ff9ba0b5e9caea0c9df5007242409a7999be93d5388673b4e50aee27eacea931e42d451006feb3a272aab4b48565a1051e1705bfb4616b9f48748a25472751606e0d4c73bd93b7c17422d1aecb1b2f50743573af89a0c9a236bad05a990871e05bebd87c6400140d6f9136769685791a785a6bf34f4af4f401545aac9d861f2251fbb83aa911cdcbb133d8093bac5a39c8433c3480e38fe334c65bbedb56500cc7bf7b42811aec07d32020f07dea67f502700e422ddcc6e5ee49333b731"}}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f0000000080)={0x0, 0x0}) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) timer_settime(r3, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) timer_settime(r3, 0x1, &(0x7f0000000140)={{0x77359400}, {r4, r5+10000000}}, &(0x7f0000000180)) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) r6 = getpgrp(r0) wait4(r6, &(0x7f0000000040), 0x8, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) [ 1329.475131][ T9116] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=53481 sclass=netlink_xfrm_socket pid=9116 comm=syz-executor.4 [ 1329.574165][ T9218] FAULT_INJECTION: forcing a failure. [ 1329.574165][ T9218] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1329.587727][ T9218] CPU: 0 PID: 9218 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1329.597478][ T9218] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1329.607529][ T9218] Call Trace: [ 1329.610858][ T9218] [ 1329.613797][ T9218] dump_stack_lvl+0xd6/0x122 [ 1329.618402][ T9218] dump_stack+0x11/0x1b [ 1329.622557][ T9218] should_fail+0x23c/0x250 [ 1329.627044][ T9218] __alloc_pages+0x102/0x330 [ 1329.631962][ T9218] alloc_pages_vma+0x5ee/0x770 [ 1329.636734][ T9218] do_anonymous_page+0x169/0x8d0 [ 1329.641714][ T9218] ? cgroup_rstat_updated+0x34/0x100 [ 1329.647001][ T9218] ? __rcu_read_unlock+0x5c/0x290 [ 1329.652032][ T9218] handle_mm_fault+0x814/0x1590 [ 1329.656988][ T9218] ? _raw_spin_unlock+0x2e/0x50 [ 1329.661881][ T9218] __get_user_pages+0x388/0xc80 [ 1329.666777][ T9218] __get_user_pages_remote+0x17f/0x610 [ 1329.672252][ T9218] ? iovec_from_user+0x2a6/0x2e0 [ 1329.677243][ T9218] pin_user_pages_remote+0x58/0x80 [ 1329.682485][ T9218] process_vm_rw_single_vec+0x17d/0x460 [ 1329.688058][ T9218] process_vm_rw+0x3a2/0x540 [ 1329.692744][ T9218] __x64_sys_process_vm_writev+0x76/0x90 [ 1329.698562][ T9218] do_syscall_64+0x44/0xa0 [ 1329.703010][ T9218] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1329.708918][ T9218] RIP: 0033:0x7fede691aae9 [ 1329.713331][ T9218] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1329.734446][ T9218] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1329.742869][ T9218] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1329.750841][ T9218] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000002472 [ 1329.758810][ T9218] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 [ 1329.766812][ T9218] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 23:13:08 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x20102f) 23:13:08 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14f840, 0x30) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x80000001) statfs(&(0x7f0000000040)='./bus/file0\x00', &(0x7f0000000100)=""/4096) 23:13:08 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 17) [ 1329.774916][ T9218] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1329.782972][ T9218] 23:13:08 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000068887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1329.821445][ T9323] loop2: detected capacity change from 0 to 1 [ 1329.898554][ T9323] loop2: detected capacity change from 0 to 1 [ 1329.927208][ T9328] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=35144 sclass=netlink_xfrm_socket pid=9328 comm=syz-executor.4 [ 1329.941448][ T9330] FAULT_INJECTION: forcing a failure. [ 1329.941448][ T9330] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1329.954732][ T9330] CPU: 0 PID: 9330 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1329.964448][ T9330] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1329.974501][ T9330] Call Trace: [ 1329.977782][ T9330] [ 1329.980707][ T9330] dump_stack_lvl+0xd6/0x122 [ 1329.985357][ T9330] dump_stack+0x11/0x1b [ 1329.989509][ T9330] should_fail+0x23c/0x250 [ 1329.993926][ T9330] __alloc_pages+0x102/0x330 [ 1329.998538][ T9330] alloc_pages_vma+0x5ee/0x770 [ 1330.003311][ T9330] ? lru_cache_add+0x37/0x50 [ 1330.007921][ T9330] do_anonymous_page+0x169/0x8d0 [ 1330.012934][ T9330] ? cgroup_rstat_updated+0x34/0x100 [ 1330.018222][ T9330] ? __rcu_read_unlock+0x5c/0x290 [ 1330.023254][ T9330] handle_mm_fault+0x814/0x1590 [ 1330.028117][ T9330] ? _raw_spin_unlock+0x2e/0x50 [ 1330.033058][ T9330] __get_user_pages+0x388/0xc80 [ 1330.037917][ T9330] __get_user_pages_remote+0x17f/0x610 [ 1330.043448][ T9330] ? iovec_from_user+0x2a6/0x2e0 [ 1330.048386][ T9330] pin_user_pages_remote+0x58/0x80 [ 1330.054067][ T9330] process_vm_rw_single_vec+0x17d/0x460 [ 1330.059666][ T9330] process_vm_rw+0x3a2/0x540 [ 1330.064389][ T9330] __x64_sys_process_vm_writev+0x76/0x90 [ 1330.070082][ T9330] do_syscall_64+0x44/0xa0 [ 1330.074684][ T9330] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1330.080623][ T9330] RIP: 0033:0x7fede691aae9 [ 1330.085038][ T9330] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1330.104646][ T9330] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1330.113139][ T9330] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1330.121174][ T9330] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000002474 [ 1330.129158][ T9330] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 23:13:08 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 18) [ 1330.136450][ T9328] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=34247 sclass=netlink_xfrm_socket pid=9328 comm=syz-executor.4 [ 1330.137152][ T9330] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1330.137166][ T9330] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1330.165998][ T9330] 23:13:08 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa50000000000006c887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:13:08 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500feff00000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1330.294133][ T9336] FAULT_INJECTION: forcing a failure. [ 1330.294133][ T9336] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1330.307533][ T9336] CPU: 0 PID: 9336 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1330.317260][ T9336] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1330.327319][ T9336] Call Trace: [ 1330.330755][ T9336] [ 1330.333772][ T9336] dump_stack_lvl+0xd6/0x122 [ 1330.338382][ T9336] dump_stack+0x11/0x1b [ 1330.342577][ T9336] should_fail+0x23c/0x250 [ 1330.347051][ T9336] __alloc_pages+0x102/0x330 [ 1330.351698][ T9336] alloc_pages_vma+0x5ee/0x770 [ 1330.356578][ T9336] ? lru_cache_add+0x37/0x50 [ 1330.361254][ T9336] do_anonymous_page+0x169/0x8d0 [ 1330.366222][ T9336] ? cgroup_rstat_updated+0x34/0x100 [ 1330.371520][ T9336] ? __rcu_read_unlock+0x5c/0x290 [ 1330.376634][ T9336] handle_mm_fault+0x814/0x1590 [ 1330.381513][ T9336] ? _raw_spin_unlock+0x2e/0x50 [ 1330.386395][ T9336] __get_user_pages+0x388/0xc80 [ 1330.391332][ T9336] __get_user_pages_remote+0x17f/0x610 [ 1330.396796][ T9336] ? iovec_from_user+0x2a6/0x2e0 [ 1330.401807][ T9336] pin_user_pages_remote+0x58/0x80 [ 1330.406922][ T9336] process_vm_rw_single_vec+0x17d/0x460 [ 1330.412483][ T9336] process_vm_rw+0x3a2/0x540 [ 1330.417176][ T9336] __x64_sys_process_vm_writev+0x76/0x90 [ 1330.422820][ T9336] do_syscall_64+0x44/0xa0 [ 1330.427305][ T9336] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1330.433215][ T9336] RIP: 0033:0x7fede691aae9 [ 1330.437660][ T9336] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1330.457274][ T9336] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1330.465898][ T9336] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1330.473879][ T9336] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000002476 [ 1330.481857][ T9336] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 23:13:08 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201030) 23:13:08 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = fsmount(r0, 0x0, 0x84) r2 = openat(r1, &(0x7f0000000000)='./bus\x00', 0x80000, 0x0) sendfile(r0, r2, 0x0, 0x80000001) r3 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r3, 0x2007fff) r4 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r4, r5, 0x0, 0x80000001) [ 1330.489834][ T9336] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1330.497820][ T9336] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1330.505802][ T9336] 23:13:08 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000074887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:13:08 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 19) [ 1330.582952][ T9445] loop2: detected capacity change from 0 to 1 [ 1330.649819][ T9445] loop2: detected capacity change from 0 to 1 [ 1330.680560][ T9451] FAULT_INJECTION: forcing a failure. [ 1330.680560][ T9451] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1330.693826][ T9451] CPU: 0 PID: 9451 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1330.703759][ T9451] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1330.713825][ T9451] Call Trace: [ 1330.717142][ T9451] [ 1330.720081][ T9451] dump_stack_lvl+0xd6/0x122 [ 1330.724681][ T9451] dump_stack+0x11/0x1b [ 1330.728837][ T9451] should_fail+0x23c/0x250 [ 1330.733324][ T9451] __alloc_pages+0x102/0x330 [ 1330.737998][ T9451] alloc_pages_vma+0x5ee/0x770 [ 1330.742819][ T9451] ? lru_cache_add+0x37/0x50 [ 1330.747487][ T9451] do_anonymous_page+0x169/0x8d0 [ 1330.752504][ T9451] ? cgroup_rstat_updated+0x34/0x100 [ 1330.757870][ T9451] ? __rcu_read_unlock+0x5c/0x290 [ 1330.762896][ T9451] handle_mm_fault+0x814/0x1590 [ 1330.767748][ T9451] ? _raw_spin_unlock+0x2e/0x50 [ 1330.772604][ T9451] __get_user_pages+0x388/0xc80 [ 1330.777475][ T9451] __get_user_pages_remote+0x17f/0x610 [ 1330.782958][ T9451] pin_user_pages_remote+0x58/0x80 [ 1330.788122][ T9451] process_vm_rw_single_vec+0x17d/0x460 [ 1330.793672][ T9451] process_vm_rw+0x3a2/0x540 [ 1330.798370][ T9451] __x64_sys_process_vm_writev+0x76/0x90 [ 1330.804066][ T9451] do_syscall_64+0x44/0xa0 [ 1330.808488][ T9451] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1330.814448][ T9451] RIP: 0033:0x7fede691aae9 [ 1330.818949][ T9451] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1330.838712][ T9451] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1330.847134][ T9451] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1330.855112][ T9451] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000002478 [ 1330.863114][ T9451] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 [ 1330.871141][ T9451] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1330.879116][ T9451] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1330.887101][ T9451] 23:13:10 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 20) 23:13:10 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa50000000000007a887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:13:10 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201031) 23:13:10 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)=0x0) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) clock_gettime(0x0, &(0x7f0000000040)={0x0, 0x0}) timer_settime(r0, 0x1, &(0x7f0000000080)={{}, {r1, r2+60000000}}, &(0x7f0000000100)) r3 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r4, 0x0, &(0x7f0000000500)={{}, {0x0, r5+60000000}}, 0x0) process_vm_writev(r3, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:13:10 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r0, 0x0, 0x80000003) r1 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r1, 0x2007fff) r2 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) lsetxattr$security_capability(&(0x7f0000000040)='./bus\x00', &(0x7f0000000080), &(0x7f0000000100)=@v3={0x3000000, [{0x65, 0x3}, {0xffff, 0x6}]}, 0x18, 0x3) sendfile(r2, r3, 0x0, 0x80000001) 23:13:10 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500000002000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:13:11 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa5000000000000fe887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1332.736920][ T9564] FAULT_INJECTION: forcing a failure. [ 1332.736920][ T9564] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1332.738196][ T9563] loop2: detected capacity change from 0 to 1 [ 1332.750184][ T9564] CPU: 1 PID: 9564 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1332.766095][ T9564] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1332.776149][ T9564] Call Trace: [ 1332.779426][ T9564] [ 1332.782349][ T9564] dump_stack_lvl+0xd6/0x122 [ 1332.787232][ T9564] dump_stack+0x11/0x1b [ 1332.791387][ T9564] should_fail+0x23c/0x250 [ 1332.795834][ T9564] __alloc_pages+0x102/0x330 [ 1332.800474][ T9564] alloc_pages_vma+0x5ee/0x770 [ 1332.805283][ T9564] ? lru_cache_add+0x37/0x50 [ 1332.810133][ T9564] do_anonymous_page+0x169/0x8d0 [ 1332.815086][ T9564] ? cgroup_rstat_updated+0x34/0x100 [ 1332.820379][ T9564] ? __rcu_read_unlock+0x5c/0x290 [ 1332.825489][ T9564] handle_mm_fault+0x814/0x1590 [ 1332.830374][ T9564] ? _raw_spin_unlock+0x2e/0x50 [ 1332.835267][ T9564] __get_user_pages+0x388/0xc80 [ 1332.840213][ T9564] __get_user_pages_remote+0x17f/0x610 [ 1332.845672][ T9564] ? iovec_from_user+0x2a6/0x2e0 [ 1332.850627][ T9564] pin_user_pages_remote+0x58/0x80 [ 1332.855754][ T9564] process_vm_rw_single_vec+0x17d/0x460 [ 1332.861462][ T9564] process_vm_rw+0x3a2/0x540 [ 1332.866082][ T9564] __x64_sys_process_vm_writev+0x76/0x90 [ 1332.871787][ T9564] do_syscall_64+0x44/0xa0 [ 1332.876221][ T9564] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1332.882280][ T9564] RIP: 0033:0x7fede691aae9 [ 1332.886695][ T9564] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1332.906304][ T9564] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1332.914718][ T9564] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1332.922685][ T9564] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 000000000000247a 23:13:11 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201032) 23:13:11 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 21) [ 1332.930827][ T9564] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 [ 1332.938897][ T9564] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1332.947129][ T9564] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1332.955107][ T9564] [ 1333.019136][ T9563] loop2: detected capacity change from 0 to 1 23:13:11 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500000008000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:13:11 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887702720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:13:11 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_create(0x2, &(0x7f0000000040)={0x0, 0xb, 0x0, @thr={&(0x7f0000000100)="681efcb11268eae8fe61b3b1b1cebb74483de0e8b274013b2ea7d23622c3508b50108bbef0b7999354e89728541b729a54fccf8902da78c78bf31be1fb60d6cbbd21bddd0457a03f890bcb193198f23df514bd034ee3a96e71c55b9cfebdb06a3e5bd3b497dbb334703dfcca9d56a159eb5d8b74652618683bdf7d71a0033a8d836ccc2ae76d46fa0542b943dbd48f1437a67eb13809ddde79f77bd0f3b51d5d0bbf7f6770cd97539a2574ebe900b77d4f5d25d12b22808e0d27b5cec8b55691f34bf991ced6cd2e9f0454f1369aed713b039eb3b5d42d", &(0x7f0000000200)="066da3c10ec9ecc8133df664233db582766089afa89a8dce4231db1ded714cf87b5652a35c9a7f96d715e6976ad2a7eb6f40cc72426805b1b989f8315dd586c2c7eb1b4915cf8d50385df3ceb35ad9f0a9f439fa004705668ba51dcf055cca3b8b23995b40bc506c1bcd02ae2bb9a3dbff3922ed774168d8c40f248e87e3247d59be913df406aa1a8529b77683a2297d24f74b9e878fba4680f7be3f754e1dae908432d9a5f108cedb375ef8455b3c8de0"}}, &(0x7f0000000080)) timer_settime(r0, 0x0, &(0x7f0000000500)={{}, {0x0, r1+60000000}}, 0x0) [ 1333.189616][ T9776] FAULT_INJECTION: forcing a failure. [ 1333.189616][ T9776] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1333.203553][ T9776] CPU: 0 PID: 9776 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1333.213354][ T9776] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1333.223500][ T9776] Call Trace: [ 1333.226807][ T9776] [ 1333.229770][ T9776] dump_stack_lvl+0xd6/0x122 [ 1333.234389][ T9776] dump_stack+0x11/0x1b [ 1333.238551][ T9776] should_fail+0x23c/0x250 [ 1333.243069][ T9776] __alloc_pages+0x102/0x330 [ 1333.247663][ T9776] alloc_pages_vma+0x5ee/0x770 [ 1333.252433][ T9776] ? lru_cache_add+0x37/0x50 [ 1333.257038][ T9776] do_anonymous_page+0x169/0x8d0 [ 1333.262016][ T9776] ? cgroup_rstat_updated+0x34/0x100 [ 1333.267447][ T9776] ? __rcu_read_unlock+0x5c/0x290 [ 1333.272566][ T9776] handle_mm_fault+0x814/0x1590 [ 1333.277494][ T9776] ? _raw_spin_unlock+0x2e/0x50 [ 1333.282428][ T9776] __get_user_pages+0x388/0xc80 [ 1333.287292][ T9776] __get_user_pages_remote+0x17f/0x610 [ 1333.292769][ T9776] ? iovec_from_user+0x2a6/0x2e0 [ 1333.297761][ T9776] pin_user_pages_remote+0x58/0x80 [ 1333.303054][ T9776] process_vm_rw_single_vec+0x17d/0x460 [ 1333.308622][ T9776] process_vm_rw+0x3a2/0x540 [ 1333.313234][ T9776] __x64_sys_process_vm_writev+0x76/0x90 [ 1333.318925][ T9776] do_syscall_64+0x44/0xa0 [ 1333.323391][ T9776] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1333.329301][ T9776] RIP: 0033:0x7fede691aae9 [ 1333.333756][ T9776] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1333.353530][ T9776] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1333.362027][ T9776] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1333.370004][ T9776] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 000000000000247c [ 1333.378141][ T9776] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 [ 1333.386121][ T9776] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1333.394100][ T9776] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1333.402086][ T9776] 23:13:11 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14f242, 0x0) write$binfmt_misc(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="73797a3046b72414811984b6c0a784f5e85a38a91d0d3118ba160f98b264b9eb9deec530bc7e0870f6366baad07b936af74fed211313f603d237781ea5b5892ab8fa7d1d1a6a1c20c450bb07eb3ee6ebe54017cc8532ab79039364569ab9728513cd5f21360ea497c568e1dd101d3fadc5a3053860c18a9bdf12deca8cf8acea8fdda2590667061f743008ee28a3b9e7d2b216be4d87675538d6976ce579d8dfabcd04506d12a1368eeae78bd0480b4abc9e7f4a9731cd794a3a7bd6ea5eb96457eaff05e70ffc9c5242ebe8bb66001302e8a8ce61c420efe54bea27ad638a6826e23ad6c3bd419e37f7e3625b0d1b7a547f41a85de747d88ef11a7352bae940d7fbfb4335d38eafb122336221f545b840c2c23ef498552e4eed9eac2604458672cd5a81e3333a319baa4e738c70eb59d7b7ec62904f966f7fcffda5c5472309f4472d2c097eb8e8df9d108628b723aaed570bcd721eb39432bbb0d325a9681fef692c5af92984035a5b9d957926241b3ebd3aaf33deb97f60349db827e749504c1947aa190df585781fac5d76eff239b21c73f2a221f965c166180c960f5389d0c549632040b02ad6dd8f965adef17e3575d88cad963ac189e2efeafbf8cfaa5592e6a0ce473a1784a9aa94a6e175a20db2d1dbcb7e89c51a0351853b8ee03a3665ac50ae8759a3142eed9f93ade28129ce5258b6fde904a540d6de15ebee2800f304f0fc8d3eb82ef5bd3c4a23ab2bad454e84a5c518351116a99f5183fbd33316393dd11f91aca08795c72ce9cb08ec4c497e8d94c9c4e1316657c1a5b1ca02fb59225ddf9bc017bb3852329682414b5b4a9f1bab1a4665a06277345905c2b668b75184973235aeb672707ba99e5079281349682a413f1969f34ffa3211c20903edf72e3c4fb0b5ccdf6d33bb5240a0393b5bbe1010c8bdf13e5112ff19ab332f398d5dbe42bdb67c6e034a7cfa38c9e891cf95ccbab3be3b332a4fcc63044c95960e9a522dff296abf00083aa5944e5acb476258e31a296374368c52cc047faf0cd743d29dfdf523f17928f575b2ec4d24f9d716dc9279ac9ad2186b8d8e4f2e1fc06b583478ef8ccca7262035abc67f3d9c21ca0788f2aacba79a04870215ad4b3594a1626b77fcff65055297febcdce59a02f10e77f78aaf432ab752f2ea27220c3cce3200bcc493c164dd1f054a43a4b709a5b72ab1322f8a0d1cd6593d469e8073aa5bcb699902836d7912458478a7aceadac681224c639874c030101ed4a9f77da35bdce968dd80c0e58ce979f5657d46c4abce7fb371a4b457c44688ce6545d977f8f065cd77660836aa06023ffdacab10537479665093acb39beaa2f6428af81acf140f5bd0ac5174e8a2c18744caed54d18e34c623e7e8518bf2ae9505e45458de5c3ad5c0ea257f8c7e20f2a2aef93c385f640d3088887b7f457836b0443a8740b36f0942f4b10aeac30327bacc56a519bd5adf77c8a0f6cb8a3ead200be45ce18b329c3e72890fa695b4e78917b31d667c6ec9813af3e58ccd63682c93225b9423a5e52a42f10d387bc13d7fd90a25d3d74193a2a9ac520520f84e33a144485de61f6e6e79adb847849f8bcb43458cdf6de212385407684d465cbdb678cc7c866608b814908240c91d5c6752378b46683c0e4fbf9e2571b08fe5d318c35de284c389b705a43a369910a2d36d81f1f4bd5e91c845acc00ef8616fba918243de46012bebd6cb3d4a041513b540abb53a59e97e02aacbdf6336f1a6af7e73063c04875a133357a23a922c2beaf1c4f465219c4d7827d2e93e2abfae597f006d3bf9eedbd2107b0483b4492d0a054511f43bfeeea23392c1140e36589a35551e84a443281adf7f02468a19e509f48364c7770beea7d3cbc455132544c1bfccea511b5ca06042aa306898791b876104aaffed0ecf40b743ad7f9b88a9e0feea313e9dc3630e3bc9cae2fecc9f36eb556b4bd15090eb16087d35bb5d32eac15fe5a7f75769e1783ea69f6709234157b86adaf37ef1b7fc3f48d433b4447e748e06bd472501a211237c4476fad28a8a2268140c36f5b84212c01190d6574053e02b4dbf26f8944bb226d2537dda17667b5c095f694e8f844b8c6d5a22e9bdacbd4e101742515b836ab16b4cafe70b2cc537b20a833acbb8e8ae67811bfa902fca3bed55876ac5df2f0994452dffab062b10c0b072542c66bc2ea06e563f7095fe60e1094a5abf4e8506a9b7cfbe9d6523a9f012d8094c01c7d18e3838afeaed49dc4323b1e1ae91f84a50d43417e76fb80822b07f69d1e8cb25afae10afcbcc9b8beab25c171235684d97429faf63ac54904afcf8a2dad6dbc0956c3c79c042cfb14dd703edcf5da01824cb7044bb02757d4c246620ea1c6b23336dca724fd57a14fefe99631cf9ed4d804ff4f2c4587eb4da9489b8a44cbe7681646f49062bcf6ac6fb2ba56432f0cb08952f612284996c0bbaa23931e8531a7319b03a918f32f8e3706721631f068b558ab68a3cf53704b74d259211faa8dc61fa328300cf89a7bc75943b406ff21e487723ef681120bff94be74faf729f3e01f5b5e7902d490957c2db5e2bf7a40732b5820c7f1c4a38b9ca874d058a2de83c9b5d7e3c106b5fad786cec3da3a30264ba6323a0afe2aefddf712a09817b377410838e97e7dcf402118c527a4ced4fdaf8dc1bb511dd90c6e9a1fe4ba4f67d5bce9b3ae5b9cbd9348e2512815ad9224aaf52456d44a7962959c5aac09a22f62c4910310387ecc698a8c5c663944dd4bbac8852d4547f79010dced91b5fa76de909f9d5f0ae89bd529df897f36e16a0744d04a5345b961a3b168b16bb6db0258665c71a22826a4164632384b16f8ff2817d3cf29249f90dec61611f1ea267dbbf09cf35ffcbfbf54cdc4fc8a33576ec525bcdbc0d22389eb4f26b4d7d533004ae1ece6443483d6d7f20447b9b619872927ecfcc4d0c8a5368c0116ae276831161559f3fb83d6b5b4ffc1ce3d06f3b9934ec8369ab02481d6930b338a425520a837fb5f4526bebcf04844a3709398a0f7ca20f2e94c3f89da57565b8b8377a8dbd31374cb0b371be9a1143604dd0aba0342b8c389f0862bbeb0d977113492c675b835e3c33b721eabadb3a743cb8e573cb6061f7a0bc900f77181296af2ebafc82cc5c531e6fdf6a2c5e24e00e83ad3eb088b85d81443fd4b94a3fd36ecf2eac0cb1c7c5e8030de3f13e045b745c85d4f0f6aa821d97ffb666cb840ea01d92c25f4cef8cc80c5ef80b85c57d180cefe82bb4fb938e7e80d68ad694f31461abf751c2a4d3e7dc8cfe99e097d07f6d1e3899de80f1e9ddb5492721597564ee7c0c8b42b9605b80046dc3d0e1758ae902d99c18e0dc35f04122a8758e2ddd784b9c94666f833835a90593fe6bf3a897449b82a76f1d06732ae41becd4f9a9a9778c053189a05cdecc4f6080d490b05c3ead43403db769faec2a89225e48ea7bb8e73c91aac9490a680f3358f9d515b64c9022bfa6ffec15661fca2c0543f6b7ef59834eeff9df7cb19320046a8ce29c7d95f45ee71265fc00a653cd5d6f850501090d4bc39e164d1e7362de5cc12e47f2795c5ef6350a8f9a363db7e9c4f59652b11e0027ad0a095e985f2c92e7a3eef24e6fe79ec3e047865f05d95ee0ddc079d8f22489ec42173bd273836d88622b0120455667d92f7df7c71525f6533d3092a49e61f8a373531e1aac4ba50be4f3e1fe89c8344caa558df0cf25f00017f2c5c1e36b4edfa830e68dfef73e3202000000f861227da570d45df7ff4be947d89bf2b9510cb26644e0a90460676f5a411b090bd4fdd7ace631350f71ebb607346ea002e380f6f4d4553c27a5052fb82514edd4bffa56cb9128d240e7909dfa68c1d010d8b3f96ad7e56ba414630f7d81c76cfc937c84bcd71a560886bc23c35d2a3bc62cab98c6d6ba9bb8962daa3f30a63535998362a778080980fa506f0b5aaf4dfcbb9b2aec2b795512772c257dda091d1280f8c76a9b19d6b071c341165eea741acc3bbd33bfb2b2be2aba6d648afe2961aa820b3181ecf41cb356dc5890d80ed10c1c4fdd3c61e90619806bafc205839b48e4163b730a85e53159462876b6414a7954fc59084e997594a2090c07dbf075dfffdc5e2806706393eb52940e4bb7609c350a5a316f6d3d8fcfca56651134d13a42f58f1c8d08cb5ed5cb5ed64ea74bc4355957b054f506f1e776a0090d0bb9e3c0b5e736f7feb2b5d3e2a704c1a9534343338c7596bcd0acda38343e0343787ff5ba6c95bb0157780e0db8f40ecc9e8534d96288267ad6dc166d7f010a6d7b03e41592b20144bd16de1726f718e2c7df63cd6d0f883c627acf662657ead10ca3ba8740524a448217bb23dd6c348d6b0279d7441b2e39da1afda6de94f3dfd302dea0b93466057f1b993f7265930c75244998584ff54fd3787484234a0a346dc84226df77739ea0efdd750102742484c2f5ee209a0b69b27719fc341bc52629e93c3444df685473d47480c985e0cd15ffcb41f499fa7af3d11b4d7e962e910dc876648851f9849234e30cfbe90aaf95caddb649ae363a537169b9bf40d4d76f8011dfafe5a0231af6f1fe6965cbf07707c368e5cdc3f5f6f0e836360da2b90a76c1e8a360d28ebb1b952210cf31bd9484325cfe4d3fc061bee7684fd3fd19a19c5de0bf94be36ecc2931ea1eea20d51fbfad9e9e8ef28eac346963c3be4eca2c2362e5e95e1c823f217c9cfe828fbaac09d255f26beee59e62638a4a5d93021e88636ae5f7137bf973dc10308d0b90c7f9aa47774cf1e9bacc6d970189bc8a5f987f0106158754924e880ded29707ef09f22e5259cd8516cd155a500b1f87a47d8a608a3970bbdb75b92f5b1f90dff265a670f4f692267e2d41d90ac8af4278970afcc2e18e162d4aad74de56a4ff9e291853a1ea3bff9e13a093cf006da6f77ae0192954341c6badb7923076811f50c37d6ae8fe7f16b8bdfffd06445641cf76e42190ec3e2788e1437c4482c403563f811b1a13cd101e8ae6eb87220402f8d77ac1788b550a1e368a463f9d7b49ded6f5b5901489c427d3383427aef95bf011b0e10fe0e7a1debda6ed9afee43830e5f5c2a3f552b175fe2a4c08d22ca07a9f7a0abb1a27156767f3df2db27277b655c1e9bfd5d94814d604bdc30e764bbdf0942d5778b88d357ac3ecd088fb63a809c6f400999dbaf0198a0fd7c9a4a4aaaa9033819c9d4f9dd2f0f3c785988b891e54cf7bb9724ad6d81b97c44efe63e2d10560a45bfc1142186db33e9ed42566c12f634bb830628fa1ced1bee88a12c8e050f7cb1488dcef7b89a1954424f268ed6900b334bee69384a9ecadf59cab088df8c14a5152f2ea2c3dc883e7126b409ab7d9ba8a6632f9a42fc1127313d1cccca4096d139760450196e1d492d19accd58dc370afc6a97b87f04a861475eac9efb6a59a3137a4ba19d2a299f29f7063b37996aed3d6dd92c6f4ddfb3db8eeaff1cd992276840dcd0a203b1c3990c124acfb7857fadb89d44fd042b32acc13131335817d7d0cc60ba7f4a5ac651bc747b7c97e1646a1a2517b110027b5749d25df37258ae261c1ad08e35af700c44e6448cff0593f8bf735c40b9598a0b6b9731054032eedf032e213991f9f94070ae37d757cd4747997be08f1ddccda677a1eedb240c4a42d7a867721ada356ef7a1bba0ea250989a9fa904d6d9acb5cbc96ff34df33923f0995b4db4040c3dd58f10affdecb8dc78d1202b06479032298a024b967abb49a1947ca6180e18b773b1fbe52045f3a813"], 0x1004) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/timers\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x81) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x80000001) 23:13:11 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 22) 23:13:11 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201033) 23:13:11 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887703720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:13:11 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) timer_create(0x7, &(0x7f0000000040)={0x0, 0x0, 0x4, @tid=r0}, &(0x7f0000000080)) [ 1333.431821][ T9838] loop2: detected capacity change from 0 to 1 [ 1333.500596][ T9838] loop2: detected capacity change from 0 to 1 [ 1333.567423][ T9988] FAULT_INJECTION: forcing a failure. [ 1333.567423][ T9988] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1333.580862][ T9988] CPU: 0 PID: 9988 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1333.590586][ T9988] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1333.600648][ T9988] Call Trace: [ 1333.603933][ T9988] [ 1333.606894][ T9988] dump_stack_lvl+0xd6/0x122 [ 1333.611487][ T9988] dump_stack+0x11/0x1b [ 1333.615642][ T9988] should_fail+0x23c/0x250 [ 1333.620195][ T9988] __alloc_pages+0x102/0x330 [ 1333.624838][ T9988] alloc_pages_vma+0x5ee/0x770 [ 1333.629607][ T9988] ? lru_cache_add+0x37/0x50 [ 1333.634287][ T9988] do_anonymous_page+0x169/0x8d0 [ 1333.639276][ T9988] ? cgroup_rstat_updated+0x34/0x100 [ 1333.644560][ T9988] ? __rcu_read_unlock+0x5c/0x290 [ 1333.649613][ T9988] handle_mm_fault+0x814/0x1590 [ 1333.654590][ T9988] ? _raw_spin_unlock+0x2e/0x50 [ 1333.659473][ T9988] __get_user_pages+0x388/0xc80 [ 1333.664340][ T9988] __get_user_pages_remote+0x17f/0x610 [ 1333.669812][ T9988] ? iovec_from_user+0x2a6/0x2e0 [ 1333.674771][ T9988] pin_user_pages_remote+0x58/0x80 [ 1333.679897][ T9988] process_vm_rw_single_vec+0x17d/0x460 [ 1333.685544][ T9988] process_vm_rw+0x3a2/0x540 [ 1333.690201][ T9988] __x64_sys_process_vm_writev+0x76/0x90 [ 1333.695857][ T9988] do_syscall_64+0x44/0xa0 [ 1333.700288][ T9988] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1333.706424][ T9988] RIP: 0033:0x7fede691aae9 [ 1333.710843][ T9988] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1333.730474][ T9988] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1333.738900][ T9988] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1333.746876][ T9988] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 000000000000247e [ 1333.754950][ T9988] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 23:13:12 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500400008000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:13:12 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887704720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1333.762929][ T9988] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1333.771079][ T9988] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1333.779069][ T9988] 23:13:12 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201034) 23:13:12 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 23) 23:13:12 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)=0x0) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r1 = gettid() rt_sigqueueinfo(r1, 0x36, &(0x7f0000000040)={0x1b, 0xffffffff, 0x2}) timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) timer_settime(r3, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) clock_gettime(0x0, &(0x7f0000000480)={0x0, 0x0}) timer_settime(r3, 0x1, &(0x7f0000000540)={{r4, r5+10000000}}, &(0x7f0000000580)) r6 = clone3(&(0x7f00000002c0)={0x2000, &(0x7f0000000100)=0xffffffffffffffff, &(0x7f0000000140), &(0x7f0000000180), {0x34}, &(0x7f00000001c0)=""/34, 0x22, &(0x7f0000000200)=""/91, &(0x7f0000000280)=[r1, r1, r1, r1, r1, r1, r1, r1, r1], 0x9}, 0x58) ptrace$setsig(0x4203, r6, 0x7008, &(0x7f0000000340)={0x17, 0x7, 0x9}) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r2, 0x0, &(0x7f0000000500)={{}, {0x0, r8+60000000}}, 0x0) process_vm_writev(r1, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) timer_settime(r0, 0x0, &(0x7f00000003c0)={{0x0, 0x989680}, {0x0, 0x989680}}, &(0x7f0000000400)) clock_gettime(0x0, &(0x7f00000005c0)={0x0, 0x0}) timer_settime(r0, 0x0, &(0x7f0000000600)={{r9, r10+10000000}, {0x0, 0x989680}}, &(0x7f0000000680)) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x8, 0x40010, r7, 0xc4847000) timer_create(0x3, &(0x7f00000007c0)={0x0, 0x41, 0x2, @thr={&(0x7f00000006c0)="ec9a68fe43cbcaba0be8d46e086976258dd897b886e9e64c3e55f032fb41fe2ece515b27620f7de102fdba43eeadf069e02ad8d2fba6d371828ce532bd24f24c6c5b1657e925af48d4e22c04bd1546fcb0eb1a", &(0x7f0000000740)="4d4e5c3a61f68bc0551f14fde80e8b87283862dc60ff13321117eb7cfe8889089569f7bcf3847e3051cc470bf0c83fb2c458f33a27197d2413addedaa0584863b25a405b61fe3d1c3ed90653826d26060a14a54d93e167cf7a3caa8ea6698635e01314370d0810270c5019d7"}}, &(0x7f0000000800)=0x0) timer_settime(r11, 0x1, &(0x7f0000000840)={{0x77359400}, {0x77359400}}, &(0x7f0000000880)) 23:13:12 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = fork() setpriority(0x2, r3, 0x0) ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f0000000240)=0x0) r5 = getgid() r6 = perf_event_open$cgroup(&(0x7f00000002c0)={0x0, 0x80, 0x0, 0x18, 0x0, 0xf7, 0x0, 0x1f, 0x20000, 0x4, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x3, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0xfffffff8, 0x1, @perf_bp={&(0x7f0000000280), 0x4}, 0x440, 0x8000, 0x4, 0xa, 0x1f, 0x3e1, 0x1, 0x0, 0x3, 0x0, 0x5}, 0xffffffffffffffff, 0x6, 0xffffffffffffffff, 0x7) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000380), 0x482, 0x0) r9 = socket$inet(0x2, 0x3, 0x81) ioctl$sock_inet_SIOCDELRT(r9, 0x890b, &(0x7f0000000300)={0x0, {0x2, 0x0, @private}, {0x2, 0x0, @dev}, {0x2, 0x0, @broadcast}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000003c0)={0x0, 0x0}, &(0x7f0000000400)=0xc) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000440)=[{{&(0x7f0000000100)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000040)=[{&(0x7f00000001c0)="911a071aafc0545e7c2f441854c2252e749106389007488571783d79d0cbdd471e5ef23cf17c91fcd9bef060bfea0f8adaaed246dd4a13782252a1a6072902d84919057a14d3c9a28757b0619182b190f2bad1c780aabd661087b9208d1f649d6c", 0x61}], 0x1, &(0x7f0000000540)=[@cred={{0x1c, 0x1, 0x2, {r3, r4, r5}}}, @rights={{0x14, 0x1, 0x1, [r6]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xffffffffffffffff, 0xee01}}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, r7, 0xffffffffffffffff, r8, r9, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0, r10, 0xffffffffffffffff}}}], 0xe0, 0x8005}}], 0x1, 0x2004c810) fchown(r1, 0x0, r5) r11 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r12 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r11, r12, 0x0, 0x80000001) 23:13:12 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887705720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1333.926992][T10206] loop2: detected capacity change from 0 to 1 [ 1333.992424][T10211] FAULT_INJECTION: forcing a failure. [ 1333.992424][T10211] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1334.005808][T10211] CPU: 0 PID: 10211 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1334.015620][T10211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1334.025680][T10211] Call Trace: [ 1334.028960][T10211] [ 1334.031883][T10211] dump_stack_lvl+0xd6/0x122 [ 1334.036479][T10211] dump_stack+0x11/0x1b [ 1334.040667][T10211] should_fail+0x23c/0x250 [ 1334.045091][T10211] __alloc_pages+0x102/0x330 [ 1334.049813][T10211] alloc_pages_vma+0x5ee/0x770 [ 1334.054751][T10211] ? lru_cache_add+0x37/0x50 [ 1334.059343][T10211] do_anonymous_page+0x169/0x8d0 [ 1334.064379][T10211] ? cgroup_rstat_updated+0x34/0x100 [ 1334.069667][T10211] ? __rcu_read_unlock+0x5c/0x290 [ 1334.074758][T10211] handle_mm_fault+0x814/0x1590 [ 1334.079609][T10211] ? _raw_spin_unlock+0x2e/0x50 [ 1334.084519][T10211] __get_user_pages+0x388/0xc80 23:13:12 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)=0x0) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r1 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x6, &(0x7f00000004c0)) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) clock_gettime(0x0, &(0x7f0000000140)={0x0, 0x0}) clock_gettime(0x0, &(0x7f00000001c0)={0x0, 0x0}) timer_settime(r2, 0x22147a43212fe65c, &(0x7f0000000400)={{r4, r5+60000000}, {r6, r7+10000000}}, 0x0) timer_settime(r3, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) r8 = getpgid(r1) tkill(r8, 0xf) timer_settime(r0, 0x0, &(0x7f0000000500)={{0x0, 0x989680}}, 0x0) process_vm_writev(r1, &(0x7f0000000100)=[{&(0x7f00008f9f09)=""/247, 0xf7}, {&(0x7f0000000240)=""/248, 0xf8}, {&(0x7f0000000340)=""/179, 0xb3}, {&(0x7f0000000040)=""/100, 0x64}], 0x4, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xe7}], 0x1, 0x0) timer_settime(r3, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x77359400}}, &(0x7f0000000540)) [ 1334.089454][T10211] __get_user_pages_remote+0x17f/0x610 [ 1334.094953][T10211] ? iovec_from_user+0x2a6/0x2e0 [ 1334.099922][T10211] pin_user_pages_remote+0x58/0x80 [ 1334.105087][T10211] process_vm_rw_single_vec+0x17d/0x460 [ 1334.110724][T10211] process_vm_rw+0x3a2/0x540 [ 1334.115366][T10211] __x64_sys_process_vm_writev+0x76/0x90 [ 1334.121005][T10211] do_syscall_64+0x44/0xa0 [ 1334.125427][T10211] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1334.131325][T10211] RIP: 0033:0x7fede691aae9 [ 1334.135748][T10211] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1334.155442][T10211] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1334.163899][T10211] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1334.171969][T10211] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000002480 [ 1334.179938][T10211] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 23:13:12 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 24) [ 1334.187922][T10211] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1334.196020][T10211] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1334.203999][T10211] [ 1334.237483][T10206] loop2: detected capacity change from 0 to 1 [ 1334.264580][T10217] selinux_netlink_send: 6 callbacks suppressed [ 1334.264594][T10217] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=35144 sclass=netlink_xfrm_socket pid=10217 comm=syz-executor.4 23:13:12 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887706720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:13:12 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500000040000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:13:12 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)) timer_create(0x7, &(0x7f0000000100)={0x0, 0x26, 0x2, @thr={&(0x7f0000000680)="4643abd53f17f38fdc9e26c88a502ecb725052d97de2ffb3b5d9c72f9fb4f59fc6d4b1bf794ed9d5a9190320ba08a19b8ab2b7995d87b604a11f9f5cc089e0c19909048f4017ee91afcba8535efc70b491648ed17f405ead74a5380a53757385bfe1950fa82ab9d477ee617290fa04cabb23bbda40670bce44eb777fb63170dfc4a688898442fff86265f80c2fc0f6c65eda21f736b1bffa74889096c605ded62c824fb70897100e9ee9d9c196190447cbb36943157c8f1e630c575cc6e35cbbb5bf85ff1e83827644bcc81e5b3ab140fdd8695fed211dfdb681d1cf59d90d1c929f283ac1bf4fd95dca994c47b7d6f453a2c34e23d57887581d56b106dccff5c4b7cc0c80649f0ebfe42bb96285270a2e446e90ff31390da681936702b2826ea036fb83e9ec13ef4b33c6d46327cdb75083d77cdfed7523d254cdffad352023e59c571dd446ae88ef0812ed496689642b704efa2e8d862e8c19358d1aab964fff8ee96a805d850adc76748b4d93864da1f54fb21bf6b2f7c21ae459087bb75d2313e44ea99490b23fa2d12116639cead59d2dc3213ae8a8b197b1799a6ebc7e7bab537f62ab141653c8915c40fa8834df191ef173d56a53f9aa6455708f3fad5c7335504615761a0c373b792bcac7f0010c1dc5bc89a463bc9a32f85dbbc23d3852f124aaa08659945f79c88ceed04d544a599158235cdb8ed60de44081051c5c000f5c1bf7ed472124e24505ccf4fb5d98bd8ddbe5da89f69d375790cf9de6e79604a1868d71a15e691fec0ff363d9d94012cfaac23598ea699ac446e1b0a9e9a6346702de3535305962b07de2307801e38f7ed13c65c1ffac96365057ead0a8d6458e11211c62ccb2e2c0de4977089f5268664d7f113be4a4a6133f43324c2252b4c801f4cc5b11c63b9f62aa16420fdbac41d5609831d1defe92abf72436f4d92d6edb10cb98745aea10750b224ee20a7dd2c0c15988bc8bd3e5d1b48048157528c61c2ca9e2425a1df550745afbd1174d75b851e4ba0684b6f2aa9ba98c968a95a208bb8206c9b4a761b9538221175a4a28d6699bfae124f63fcd6bc5fcd0a30161286831fbc56897a4fe45c8d0cfc54424d9ab1551547881a8296187a9bae398db105e5b1e46bfbc9391410f9abe51f6f2c2a38b27232f3978c61d10f679027ad38ffa9c936383b6e17c1cd5044cadf4573c7b658d53870b698d4dd8f430cdef10e3714a25a62a65f9bb78621814166644bf4b2fc3e3601ae57261b7173f9ad55153616f5d6eaa790a3a0cfb83d0f9ce94b676189eafdec5e9d582cdfcdf67f8818784e9883ae4cc48f8345b4fa643d45cfb613e58b2aae804bc0b5a21dccc75fd3046cb36ff301721785702213e652844bdce246cfc26b4267008d27e0eb566f70a4804235dd8a6cd5547867e29c44eb7ddf064349e7b2d42cf76d2fecc6bdaacd4ea80eec27381373a569fa516ee95743793bc2aa529be08343df3254404168b3a50c622888ff1ac73f05189b5d8a95465b5c217b978b8194e547e47ecb076a09348fc1f879cf8c667966b6441d293d2f6ebd52b6a7068f762813832055b09104f2ac386b235cc10368148368ded5bcaf6bdfa41c3dd81f5c8585e49af19b7ecd230ec8d2c034d2ad8d63a905851697f1388f959c6086fbfebebb6e42a0561d172ebac48f7128f42cb06facedf6fe5cabded45e835d11b1d9fe2040326ebd1e57d18c40b0b946ac64d3314fa734433c37d4181afdba5445764aba42474f32e29388929353338c616d0874be259baf73c57a27ad6025c6a51c4797d7a58573229c7a988d98e888ba24df1c4b508493e9a6d2d723c7a955852ebbb9fb51a3eb5b1a1e175fe84c31e0f7c8e38c43d927acfdd1e0bcca73f819c481c7ce7144b7ab110e8bc8bcc61da726dd17596a237d84c0a2e42de447edcc6312d923b084334bc3b27e69a930115673d2a5208f74a80e3bc657c18ff33ddf671bd2b021925c96c2952dc40007f711337d7f31d9ba50b79905d5710bd657b1348e9cdb492d325f979af1c5cdd7deaecdbc1f003911f5c9e4cd879ffcf027c1c8fa3fa2b9ccf80c93b0713eb139bcbd69501fb19198d309030addba86b2579dd27044b539549968624ec9ef05a54af7f64602e751e4287e4a05127d913f8219b989e842a49513c7fc0402bb5bacea4628520c924be2cb32e8b06013a83768c48aea813a1817e476ee03964716d91b7d1aaeddcdd1a4383737fc54d722538e98f174f0c477aa3898418e14269a44d0dd7e3cf9ba6ac620258a2741d5a06f9a3aae83fcf42017ce3ac378a1d0551c5b5171cd1d2a92a9db76b4ff7528cc4520949a53050960c0ed5bb33828805a7f1e051e6c247e1dac2792f21eb6a95b9b998c067b51fe0cd11469ec28c7ddfadb52be3a9b34e0e8626a51be44fda86cd46754d6d14f3f55f9b30acc8105f2b359c12b29dd8da8819f79976873648d6c99590932ff44bab32d17902c01d3a08abb85052b36295a4a5ffc8aa0f1d4665f9ca139b6b1b45597a7f14fad04c991feca23beca1936d639a2f1cf96c06296087d5ec44458923f0108f12314750120ccfed3dda7cc3a386e6b441c4b062e93f17b2e91c7c4f1250d0486cbcfca9fb81aaeb4fba166231650172e0e12793b844c50e9ed150614af4fedf8cca012b4eace3929cf09cacf4d78c401751daaac7979ba918a1d2bc87ede8e04e594cc5f5d64fe26186d8def58d2886ddb3da3f4e2f44298d296e63aa5c2c55738a18de7636f7942b0691dc4cc117a65e50cd056ac25d897b5d103cee5651bbe2e143cbe96e88e2adb277bf1ceb3fe07fec1145285e5f13938470c9daf3ade263c2c9637749553aa8c86b2311e6513e4b0a60182ef86e27cc983b81162877caf842592b7a23e3e3b6ee5d5b1ed678d71d61d34a4c692268bfcb909cbe09321af858017ff13dfb52ac814541a23d7d401f43de23f87e3248ca64dfc81738cf7c3b65b14e524393c6324d7cabc53093582d0c0d24830f79cb87e7589a8d7ab73ef1a022524873136a7123f21a860821b20d18d10265d12270db4a99af4d7656d3aef78b3e1c3529527ac38faf99a1306b53ce1f9a381b0f397278d5e4256f30b20bf5951ca8f37d520071f8090956be2fad15fe35397d309a3e1345601e4e3efb5295dbeb0bbb8713a0982fe3e518f3092732d89557adc0922c52e3c85629fa159bb36f9a4ad04f3f647946b7aab5b6271285ae33f93102eefb0f7d8a03def898dd0d96ddf7dbae9a0a754b898f9d4e1de6dd9134b2476a5830230351507d72a884e67132758106351a5ca36a25d700cc917f8e4a56bbd28ce6dc7590ecd50ef743df61192ba437829b7ec7746cbc3898264a82f7b44c0ea6629d68c10440afa853fe58a7436fb2b5b8297bc5fe27a9d3385ea64cb3d048ffaeb7ad150a969734e35569e30f35be5f4a570d3c36332b97985e5a747d33e8126ef713a1006ae99c274f771a1be2075ff388db064a27e1109332894d616d011b2451d343fe07364bfaae404ce21c10cc8bdabf3a38aa8e554d2d40a382a665a0b47354b6d0cdf8416374f7ce6ca79022180430d8557eafd8c975f2bdc98ffadd69d2ddf113d70b2ab12b63256af0c52ef48cecca4c1b8456e9ab13019f55642af81bb139dfe15930fe29a87ba33a2a170ba8e31f3d905df195952b9a90d59599b98a267e5ed2ba638f5ae30694abf67a5451ff86773e145901a4f78f1299cc031ad7ffdd9de38630db8075fc1a9830c495bff887987c18cd0a2648a51066d8718149c63ace3141a22b39de9889ae22f581f3f8505388d7b777c2786261417d89c42a1f247506b066fc49adadb811fa1a5feba2d8d194c317a93474fa2995ae8e464c2369810165d3b1b685d1c075d7723f166c594b1fb94364cbb1a61e048deb16248a0db08f7e3d4dd86b5cd9acf9e0644422ee5801384b0f820f30e97ce0029beee956488631bbce5e929ab047e1fa4e61dce648d207b93fb0619da29a8a04413aed0a188a16d7ecc4961ebd276805c327fe9752d3eb8063d6bfff2863cc566aee70394837a6f9a40430766ae015f9130042d03414f9cde83d8ddc37979af18ad2db03656fd6f2679781ef6ac033d67865608f7aeb006d0d6db4274485f160e7981049040a259cb47b59be27179bf3cd24b4eb11cffed322ba8434535b3b09d2f684e526627f1b97d8dca30698c419088b9f8ce1ad9ed6b07f4062f9c6b75cb7c8aca619813c171502dbb76adb4a67b8c21222902bd59d31570238a209748629ed2c77f0e3539d99cdafc0dcdd64d8422460c040db26169ca74de990c1be68d777e52259429e5f9b879d2a13f0dbd48b76f5347d2a97c5ed57abf308b263054c22a4dbee7e1e016880fd43bab26616df007526b5a6df64042c6819c422c81d7918dece654b154ef55ba42ca7b886e45b9bc7c6b8f80f6f6f97c1f90564bd7eccf0f156a83f3eabf84c62f8cdfdc58f7e769c281eeac6bf9d7a982144cfeb2cf12a9f4070d41cff97b6e857616e9cfc09cbb84eda62fcba32e015e993bcb1557ef4a312bdcc338d2d05c018e04ad68f5ad27dfc233abc80bf8e68ee3dd29cdef008693c6f68de7a56267c5bfa298a4d1cb04f4523314f463e5da7ec1e434dcbb17efce154d2cd01d710f08ce6c5fff679223d7fffc89acb60112f10025a6729026249d5c6f042235f495405fa8adb1e537950b7b61d5947940f82c7c0c17f2221afe07636e2fd487b72296b68e025a31bb97cf0faa8c282cd19271b48479d7d3a690e26b534e32c3d708941c5be022c629b0636d09d9625d0048b8ea988bb21d345f10f4ce9b3decd01317241e65f0cdfa9d73928b0f97e5b5aea0592580106c96c81b4b235c2b28433985549add5ae53f0c2f1145b547fd556b610bb2ec507eb7a040185805ca1be625680caa8b6c455c1c4d727b7991bcbbbe2f7b07a3c616236d5e36bfa2c2318417ed2af71a914445197e42770d5ece70b4dc1e0eb8a72e62dfa544f48cd03c2971cce04b9371af0656a0eb052a5f0bb5c4444e821ced1ecfe0764e27ee431a43cb536a9c6736fb5a1ee2a8365c7f2a39fac4eccb2e793e700206938f2346f4970c7eda30b2937e433d171a20b802fa07eaacb75dd664f9047306dd44e465b507cda03f8ac1fe0a29b2a4f01dc4a7fd48a5919028426d9a447bd60786efd32ac6e2e9e7e855d4797c87a6e3ae3afa13579f53a25a4ebab2f8484c6b747b261ff589da4b7f96ee1073e92375b929ac6dfec4c5d7811cb4ec632be273c29aa49da7a835dc9421321a2b340bdf995efcb39805c5be4872683b447176d17666292682eb3b0f57509bad7fe5ef4ce31b9c99eb163c3a29a9d9b3fe49208b8436f6ca2cf63af2f7de8943d9e7bd4b74c0200e3d881af8bb50fb50f947827dae3e0d3f57b75258ebeb129a36afa2b9e9efea4c00c2bf20945a563771ede5e9361e01d181ffba67857ff04433645439b873972cdf15ce531f0d7dab5e1152643700d573f900a919074d3e071cec72f356f1aa66c7f8ddc5d5fd62242eb71f13f44ffa9c9299053a4dda37953f5ff747dd2b592422f35ef60fda77ef6783fb051382b2b135ee55e1a4a470664ab757f6e79c97f7b2773e5ec5576a94b1664486b3ebed737682e121b7b3d2de9cd688fc5d34e7b4e65082ce58563e66694c38ca7ad73bdcc6af39d414394062c8c80401d11e4beed52334508f77cd32759b3112a90e43dfd3607ac707749f18b02d6a6640dc345c258e01fdef584d30e429f015413", &(0x7f0000000040)="39584b5742796477d36b9fdf74ffab8ed873259fcb20135f794d6625cbc117e53fdfda64b35aeab40f0205ce684dc72966e1db9202c9e5313d8b958b688bfc0ae9c0609f680bc7401fefc678e960c8b384d5f2b35f45c0de7932a9ad1aa0bee221b6"}}, &(0x7f0000000140)) clock_gettime(0x0, &(0x7f0000000180)) clock_gettime(0x0, &(0x7f00000001c0)) clock_gettime(0x0, &(0x7f0000000200)) timer_settime(r1, 0x1, &(0x7f0000000500)={{}, {0x0, 0x3938700}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) [ 1334.296273][T10217] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=34247 sclass=netlink_xfrm_socket pid=10217 comm=syz-executor.4 [ 1334.309544][T10217] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=53893 sclass=netlink_xfrm_socket pid=10217 comm=syz-executor.4 [ 1334.323134][T10217] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=53481 sclass=netlink_xfrm_socket pid=10217 comm=syz-executor.4 [ 1334.378741][T10224] FAULT_INJECTION: forcing a failure. [ 1334.378741][T10224] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1334.392132][T10224] CPU: 1 PID: 10224 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1334.402111][T10224] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1334.412335][T10224] Call Trace: [ 1334.415608][T10224] [ 1334.418764][T10224] dump_stack_lvl+0xd6/0x122 [ 1334.423509][T10224] dump_stack+0x11/0x1b [ 1334.427717][T10224] should_fail+0x23c/0x250 [ 1334.432134][T10224] __alloc_pages+0x102/0x330 [ 1334.436713][T10224] alloc_pages_vma+0x5ee/0x770 [ 1334.441554][T10224] ? lru_cache_add+0x37/0x50 [ 1334.446244][T10224] do_anonymous_page+0x169/0x8d0 [ 1334.451237][T10224] ? cgroup_rstat_updated+0x34/0x100 [ 1334.456515][T10224] ? __rcu_read_unlock+0x5c/0x290 [ 1334.461566][T10224] handle_mm_fault+0x814/0x1590 [ 1334.466450][T10224] ? _raw_spin_unlock+0x2e/0x50 [ 1334.471378][T10224] __get_user_pages+0x388/0xc80 [ 1334.476220][T10224] __get_user_pages_remote+0x17f/0x610 [ 1334.481945][T10224] ? iovec_from_user+0x2a6/0x2e0 [ 1334.486973][T10224] pin_user_pages_remote+0x58/0x80 [ 1334.492086][T10224] process_vm_rw_single_vec+0x17d/0x460 [ 1334.497749][T10224] process_vm_rw+0x3a2/0x540 [ 1334.502353][T10224] __x64_sys_process_vm_writev+0x76/0x90 [ 1334.507983][T10224] do_syscall_64+0x44/0xa0 [ 1334.512396][T10224] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1334.518376][T10224] RIP: 0033:0x7fede691aae9 [ 1334.523014][T10224] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1334.542628][T10224] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1334.551043][T10224] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1334.559094][T10224] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000002482 [ 1334.567177][T10224] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 23:13:12 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 25) [ 1334.575145][T10224] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1334.583194][T10224] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1334.591170][T10224] 23:13:12 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887707720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:13:12 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201035) [ 1334.722288][T10314] loop2: detected capacity change from 0 to 1 [ 1334.731003][T10333] FAULT_INJECTION: forcing a failure. [ 1334.731003][T10333] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1334.744499][T10333] CPU: 1 PID: 10333 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1334.754379][T10333] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1334.764439][T10333] Call Trace: [ 1334.767708][T10333] [ 1334.770631][T10333] dump_stack_lvl+0xd6/0x122 [ 1334.775221][T10333] dump_stack+0x11/0x1b [ 1334.779378][T10333] should_fail+0x23c/0x250 [ 1334.783799][T10333] __alloc_pages+0x102/0x330 [ 1334.788411][T10333] alloc_pages_vma+0x5ee/0x770 [ 1334.793269][T10333] ? lru_cache_add+0x37/0x50 [ 1334.797890][T10333] do_anonymous_page+0x169/0x8d0 [ 1334.802872][T10333] ? cgroup_rstat_updated+0x34/0x100 [ 1334.808213][T10333] ? __rcu_read_unlock+0x5c/0x290 [ 1334.813290][T10333] handle_mm_fault+0x814/0x1590 [ 1334.818157][T10333] ? _raw_spin_unlock+0x2e/0x50 [ 1334.823038][T10333] __get_user_pages+0x388/0xc80 [ 1334.827891][T10333] __get_user_pages_remote+0x17f/0x610 [ 1334.833484][T10333] ? iovec_from_user+0x2a6/0x2e0 [ 1334.838490][T10333] pin_user_pages_remote+0x58/0x80 [ 1334.843607][T10333] process_vm_rw_single_vec+0x17d/0x460 [ 1334.849160][T10333] process_vm_rw+0x3a2/0x540 [ 1334.853780][T10333] __x64_sys_process_vm_writev+0x76/0x90 [ 1334.859429][T10333] do_syscall_64+0x44/0xa0 [ 1334.863862][T10333] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1334.869871][T10333] RIP: 0033:0x7fede691aae9 [ 1334.874316][T10333] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1334.894004][T10333] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1334.902476][T10333] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1334.910523][T10333] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000002484 [ 1334.918495][T10333] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 [ 1334.926503][T10333] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1334.934470][T10333] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1334.942439][T10333] 23:13:13 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 26) 23:13:13 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) clock_gettime(0x0, &(0x7f0000000040)={0x0, 0x0}) timer_settime(r0, 0x0, &(0x7f0000000080)={{}, {r1, r2+60000000}}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r3 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r4, 0x0, &(0x7f0000000500)={{}, {0x0, r5+60000000}}, 0x0) process_vm_writev(r3, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) [ 1335.034487][T10314] loop2: detected capacity change from 0 to 1 [ 1335.166784][T10446] FAULT_INJECTION: forcing a failure. [ 1335.166784][T10446] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1335.180239][T10446] CPU: 0 PID: 10446 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1335.190715][T10446] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1335.200781][T10446] Call Trace: [ 1335.204151][T10446] [ 1335.207080][T10446] dump_stack_lvl+0xd6/0x122 [ 1335.211681][T10446] dump_stack+0x11/0x1b [ 1335.215836][T10446] should_fail+0x23c/0x250 [ 1335.220359][T10446] __alloc_pages+0x102/0x330 [ 1335.225004][T10446] alloc_pages_vma+0x5ee/0x770 [ 1335.229845][T10446] ? lru_cache_add+0x37/0x50 [ 1335.234442][T10446] do_anonymous_page+0x169/0x8d0 [ 1335.239383][T10446] ? cgroup_rstat_updated+0x34/0x100 [ 1335.244674][T10446] ? __rcu_read_unlock+0x5c/0x290 [ 1335.249746][T10446] handle_mm_fault+0x814/0x1590 [ 1335.254644][T10446] ? _raw_spin_unlock+0x2e/0x50 [ 1335.259508][T10446] __get_user_pages+0x388/0xc80 [ 1335.264383][T10446] __get_user_pages_remote+0x17f/0x610 [ 1335.269852][T10446] ? iovec_from_user+0x2a6/0x2e0 [ 1335.274832][T10446] pin_user_pages_remote+0x58/0x80 [ 1335.279952][T10446] process_vm_rw_single_vec+0x17d/0x460 [ 1335.285514][T10446] process_vm_rw+0x3a2/0x540 [ 1335.290113][T10446] __x64_sys_process_vm_writev+0x76/0x90 [ 1335.295853][T10446] do_syscall_64+0x44/0xa0 [ 1335.300288][T10446] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1335.306187][T10446] RIP: 0033:0x7fede691aae9 [ 1335.310611][T10446] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1335.330723][T10446] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1335.339207][T10446] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1335.347181][T10446] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000002486 [ 1335.355183][T10446] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 23:13:13 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000080)='./bus\x00', 0x80000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000100)="94c0823390c08cea1c0ced18b25f0dcbb880049e14d2514b578f660c802f28beaa909448657b369aae18c82914fffae4b7aab3b12c39ce6a03d12de11869c65a205b106507f6fcfbbe984778fa009392a098390d1f1f23089d57ea113771d2bffc4ba131ac37edc8f21c0b7cbcba67a717feaa4697b372ffc587e6f2a12916d1b5040989ae32aef8dcbe1ee19db24454312334d91f4756f3b50ea94886689057a52f05cd02e14f56cd0bdf4060715039427e3c720cac8e5f4d5e786e21fbb3f4dec05c8c25ae34241f6aa7ce8b8c35a51c6d9919354bbac4e8064d", 0xdb, 0xe7cf}], 0x885000, &(0x7f0000000240)={[{@shortname_winnt}], [{@fsmagic={'fsmagic', 0x3d, 0x3f5}}, {@seclabel}, {@appraise}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@uid_eq}]}) r2 = openat(r1, &(0x7f0000000000)='./bus\x00', 0x105840, 0x1a6) sendfile(r0, r2, 0x0, 0x80000001) r3 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r3, 0x2007fff) r4 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r4, r5, 0x0, 0x80000001) 23:13:13 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500000090000000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:13:13 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887708720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:13:13 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 27) 23:13:13 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) timer_create(0x7, &(0x7f0000000100)={0x0, 0x15, 0x4, @tid=0xffffffffffffffff}, &(0x7f0000000140)=0x0) timer_settime(r1, 0x959f9dad36c6c687, &(0x7f00000001c0)={{0x77359400}}, &(0x7f0000000240)) timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) timer_create(0x1, &(0x7f0000000280)={0x0, 0x3c, 0x1, @tid=0xffffffffffffffff}, &(0x7f00000002c0)=0x0) clock_gettime(0x0, &(0x7f0000000300)={0x0, 0x0}) timer_settime(r2, 0x1, &(0x7f0000000340)={{0x77359400}, {r3, r4+10000000}}, 0x0) timer_settime(r0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x77359400}}, &(0x7f0000000080)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r5 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r6, 0x0, &(0x7f0000000500)={{}, {0x0, r7+60000000}}, 0x0) process_vm_writev(r5, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) [ 1335.363178][T10446] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1335.371156][T10446] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1335.379149][T10446] [ 1335.402856][T10547] loop2: detected capacity change from 0 to 1 23:13:13 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887709720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1335.477728][T10547] loop2: detected capacity change from 0 to 1 [ 1335.545193][T10557] FAULT_INJECTION: forcing a failure. [ 1335.545193][T10557] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1335.558697][T10557] CPU: 0 PID: 10557 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1335.568581][T10557] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1335.578638][T10557] Call Trace: [ 1335.581919][T10557] [ 1335.584854][T10557] dump_stack_lvl+0xd6/0x122 [ 1335.589450][T10557] dump_stack+0x11/0x1b [ 1335.593676][T10557] should_fail+0x23c/0x250 [ 1335.598146][T10557] __alloc_pages+0x102/0x330 [ 1335.602754][T10557] alloc_pages_vma+0x5ee/0x770 [ 1335.607823][T10557] ? lru_cache_add+0x37/0x50 [ 1335.612490][T10557] do_anonymous_page+0x169/0x8d0 [ 1335.617438][T10557] ? cgroup_rstat_updated+0x34/0x100 [ 1335.622725][T10557] ? __rcu_read_unlock+0x5c/0x290 [ 1335.627865][T10557] handle_mm_fault+0x814/0x1590 [ 1335.632731][T10557] ? _raw_spin_unlock+0x2e/0x50 [ 1335.637647][T10557] __get_user_pages+0x388/0xc80 23:13:13 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa50000000000000088770a720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:13:13 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201036) 23:13:13 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) clock_settime(0x0, &(0x7f0000000040)) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) r3 = getpid() process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)=""/253, 0xffffffffffffff93}], 0x1, &(0x7f0000121000), 0x0, 0x0) getpid() r4 = gettid() wait4(r3, &(0x7f0000000080), 0x1, &(0x7f0000000280)) process_vm_writev(r4, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0) rt_tgsigqueueinfo(r0, r4, 0x40, &(0x7f0000000200)={0x8, 0x9, 0x7fff}) [ 1335.642635][T10557] __get_user_pages_remote+0x17f/0x610 [ 1335.648102][T10557] ? iovec_from_user+0x2a6/0x2e0 [ 1335.653083][T10557] pin_user_pages_remote+0x58/0x80 [ 1335.658271][T10557] process_vm_rw_single_vec+0x17d/0x460 [ 1335.663873][T10557] process_vm_rw+0x3a2/0x540 [ 1335.668476][T10557] __x64_sys_process_vm_writev+0x76/0x90 [ 1335.674175][T10557] do_syscall_64+0x44/0xa0 [ 1335.678651][T10557] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1335.684558][T10557] RIP: 0033:0x7fede691aae9 [ 1335.689084][T10557] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1335.708837][T10557] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1335.717268][T10557] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1335.725519][T10557] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000002488 [ 1335.733641][T10557] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 23:13:13 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x2000000, 0x4000010, r1, 0x7d1c5000) mmap(&(0x7f0000ff1000/0xf000)=nil, 0xf000, 0x0, 0x13, r0, 0x190d000) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) sendfile(r3, r2, &(0x7f0000000040)=0x2, 0x20) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) 23:13:14 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 28) 23:13:14 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500000000010000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:13:14 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa50000000000000088770b720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1335.741623][T10557] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1335.749695][T10557] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1335.757803][T10557] 23:13:14 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x1, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) timer_create(0x2, &(0x7f0000000040)={0x0, 0x40, 0x1, @thr={&(0x7f0000000680)="b45d860e6ab7fa01623c7d77fd4337f515fa377b582604e36d396cb5f2ff964dfc86230c9dd5cbbdd036be5d2c46e9afb50f652136af649ae3621065fb17357995886dd8156bf4ae17cb8e1909f617de176de2a7a0123af5a547cede0bed361a160e21e28723267a2f5e1780349ad0f1157dadcd41535d92e85f58391715689482f68389c1f25d53b25c7c11a86caeca99a8e70e888049f0c24580d04f759ec42fc2d00ea958e317fe1be0cfe4dd0288f3265257bb49849e8e11b9267e10d6bcaf28a9be468d1c3ece695df36fae67a14595b40064cbd39b0e9a646945febccc8408fded693161fb5252e3a3d9ff8e35ae9bf3f3dbac3ea5b16a33c23ff26da914a9fcfcbcabc5baa6b2a453f0229e151342ed09643dd14f6fa341954e4b2096242c8af2a791142e0f980b28e6c71a7761e3371ab9d4537c725cc85d41c0dc12b894c24f8d7595fe1e2fb813bba4ad9e0f43f313080048f6f0b9a88c7d63a7bad2303d433cd1ff03f55c88d9145466b4728174adf63ce557d2fa8000f8afe9519bdcbb1d557e5986319ec91558f8ae2e9cc6006ac626b0f98039fa9d0b5ad5558402715cc1c9919a79a715af1683ff9a9c688d750faa56f60358e7ee68c073844b1a9a972e61cb765208ed4266c5d67c57d24d9593e10d0cbdb16817c090412bde0454ca37a39bb359c4ad5a284b91aa75562b514cec53a4178a9292ba4e15ccf1dd227fc40e503add6ee5cf0b201bbf7643bbeb2d0118c857c367962d316c6d778a89cb87eb64594eebcbe348885f70bf9a6b6b6f62a0b7199367834becba2dc336a7d247bd8efdd93762d215952076dacf2f36e42bf90c8d3e051e6f6be661fb96515eca0301aa336e30a6cfb558bdb509ac966940b56c3c61117ad8aaa2633a958e1183c1f9b58d9057ad46e25f9f6100fef2cdb9193de94204c42d8d7144b7099e15d6bad4c8c50f5204932338ecc267aa126efcbe36e24786219c4d9d15a8bd4b1598352585541ad81c8938b18902f8e7dbeb8bf4b3d6aa420457cf5a5873db5b0e87f134c0693ac210836f5bdbd3c613dd4b81945df9da95fccfc60fc16c4565d4aa300351bff75a766fbdd609f34335dec849acdf4c979563dfe2ddcae8200101794940e732b5b7d74595d2b1032c8bed975a8673f4b35510e20454e478bd88d49dd05ef309fc374183da2268c9b62a837f856340670dfaa1c4823f3520d6ccebe1a9e59fbe3192f6400e80faa4e99fb69b9c52714d74047ff1f04b7de93ffc53287d6fc404488af742f222034671b047e6d63e6b1256ee996d23f4173423508c6763b7376ca255c069da2c8187aa1da7151eb1c5816e9bcf673add0b1d00aae6e46d00b3926a219a75030110971d6a41517d8cf780d51ad1cb728a4d65bd163c5a451226529fc09afc06fef61f7446223537ebb4f963d7ce6b59c4dfdd4522d4a6dc1c0d040e89ab80ce60ac2afaba747e002607aaa7e6c336e24222238ddb634094bffee73ad9fb29b55f359c35b595e28756fd989acc786886c0b1b657f6c391320ee037a10d7d5b73aec93aa30fd4c1f174757e9c8ef18f99a61345ec36ef91cfc041ae4ddc06c2e042b578dbc2f9edf9713c6326c8bf27ad7bf8842db426a200f5a15c18584c0751600b1755ab6bb6c83588576cccd5e4fc20e53aee44f70475d317a37428042f8e9acfe6645934b7606f447671c0c52b4f3c2817d909e8aa17c8e434b2146b84c0f79214c997132799d93d15a4e5f94417673ca5252fee034b331a88d78261b32a12eb4e64b0e3f57382fb685764ee286e4bb500bd891ddd0900b0c34c676af1a3468747885790d16413fe558a2f26f91ee40969751053aaa4867a2183c46ffbe86c441a0a69c6ef354895a92a3f31ca840ed311f8443d861748c0385aab50e7c3619377c9354144258f07bbcd9edc436b351b0e9f78ba05c442346cd813fdaf66a299577acaff383dae0dd844b1bce8a0aa2ad67add3c432de1a4f21bfe0d54fa5f7e24101b4b812973e954b1293a505b35d8c89f29483c14bb3e848ead4fb00665e99c6571c37d68b53b259d16ed876ec4baa5b3503bde9c002e75086701d3ac49e011b690a484fc8816593831065bd03de1d2101dbf91965ede859f9c28eb661badae566c15c441b746707671f085a841470f9ef01746adabef9dbe17cdc855f0d25f1d649f3b8ecf811e5f1bcfa5ceae6388f16f3bfdd118a6697625a52afa2f7c27d4b762d1369c06503c548fe28635d2023146c30c015b9b356ac53c37c87a2d47581a797471cc41230f2816a9aca33fd8999edb1e6033941645781faba4185f16c914f7ba2bcceddc539c4ae0f188c52633de0b93f83c9647b23fda7248d6475f8c10c0c39a2b793ebf93669415ab16d61ad3ad7e900aab8b622e84aeff24707cd874ea39b08a39db12803de8561aabd5d35402923eaa648802a3d9cdc9243c9567ad3e3550d964553dc88faf4fa4ce0ec6dd32a57a9de52eb1853857bbdb55367d7cd487c61fb54a517580240c4c569cf24e718b98595aba997aa07e1f7728ab68d3a778b6f221615e83431d057d07ac68050fb60472033333caa0909d61c32d1f0596d4d70f2d4b4f7069bc9136d5a156c3baae045124ded29e08baf5718436b2143c378efcc4f29a58edaa827d7aebd175f7837522908e8b7a19baf033eac830297040325f891f466c713e90ad81d4261cbe9b41a6ed70a0c297324c35a3d090facd40dc8de6c087e30a5e801ce740a3c997d70c5a63d4ea107b29f6a823e00b5c17d20e98c5782a3f72f0e31b320ff49279af7ce5f612ee102fa38bf07226a0d28d40414b82a83abf8c7a78f3fab772a4f16b16f4cc80534b1c8a0ecec8de29125f5b1863f19657ebd6938d93a4f460c6b8e84305a344f7a125878af5e9bb0db5cbda41d47ef8d186010e42d91ddbfca4b24479e5672ac95f57f067e58ebe3c0d8a0b3f1bcc3c65392570cd7f33d44bde962d32b594cde7775cd0d83fe42b0e6c88fb654ac29b50c323b0fc3c802226ca5beae37d9a820a6721429b55dd985071b18652f641efa95a20e86954bbdb386b274259d9c90044eb966c6d0cd5568c89edf53748f62ac530a51e681e38d4175306ce9c77c35085c31bd3d9ae643f5b1d3e08a34d7e73fd00b928cc3681bc7fe67b7806a2ae0af14aea16084231fc24ec4da57b6ac24aae39f0202b5017a504ab66857dd79335e81531d550bf5386c733688b9790338b14b9df313525a4e3b1d690ef65c3ef54c4dc99d5b8fd107c694b0069727de0b6c4348a7ca235cbbc0f10480a84a55d819cab54cb327f6f85893ada021dde3aa5f2580ea69535f3559b6eb304a8244a7dc29d91e04c23b5b05120665d4ce800e642689c681c2edcd77a80f72055c0055c16f042422824e8e9f6ce4311dc04dff8054e8526c0a201469d5f28b6f9562a74b94aebbd492c82dbe0cf40fe5186241970aea828a343ae2b194637f2465b26c9c8cdea9a8fec55eae8538b94cb606a5da9736e9d51549a35b452a0b32b33dc09ed16baaa5bb6ffb1e6ef27aed78fc2f57663887bc48a175818e2878e4b69da630c466b3d56ce20a7a0d1ec421363981a18f273b2f13700f74f5e0a74e6fb641d9b8fe3d6da5905af40c9a99e882a3c199337cd7cf1ea0d050ee2fa7c4f6990cfc6f4d8156c145b6b8e9d518a55074e97402825ccbe2d37e2297aa6f1f7e95e8ef10fe21d745e141d67facacb689abba16998311e74f01715760909aa62f02df78867ef265d05e9e98c455a39f4d4b9d7e318ff851c4500e48ea812bcf7432fa8585d3fec0c4f603d54276b67d1c59390aedebbb93c7d01cdba77fc73b4e5540b90cc7e8068886ebd97a1429c3d09f7768dec7ee6d7100f7cb4433d6e1266e275c5cbb609f32eeceba665d9f3aa6d2286640dff23fe1792371c0e318087a18f07e00dcff68799e1a3e106d7bfd742949f94b165d45c8ea337fba6a088bad6b41ede33c64d6055775b148e67adc2646e611e55b7af0c5c168496bc41af4137352d637e4dd6bf23e731f15c8876e612b33f08b715036683ba5f17f522ce61e93c37ac71fe758c11b4fe1591053d812b757248d14118421941c6f3f8ea308f57ef807e026ee91c846c816076737c2843a6f22c12e3915c28c2f9fad54fdfdf5155558237e332048bcb891e68aa309a31e921006603d422ffa4fcac072c148c1b42552d3fbf07dcf22d52ee20d4495cb4cc96742c349baf445fe83d8fc2975d42650d67cf2ea60bbffa054af7551973f15ee8c44af176abf4758a4bce1cd249d4e2dcd04fcb495080f273065d0d8306abba00b58935733935c5fae919f81e1bfd0c5c6c7f4cf4c0b1798b8b863b6be825345d914cd117a1fb8b2baeb54193e19e6e5b78d8ff13660b0dfc74bd6a193f032cab90ecf91260d67bff1379ebd4e0c175c08674f56cd2872b5a3103383631f904542a2024f0ad8c08045d1f05ec38e54810022ba71c7147c9828f9d96725bcb7082b74c7f5fd42a8a7b635bf3c2e5b9136de6052850a6b79451974c5fa5e62de9967ea703a15f3c6ef403c459a21af9c0db31e3837832371c0cf677d394af47bdabed5f5e33f7f407a45bf7cb373989ac54fe635392a0992eec2e98c9b76c161a482667544bec0ba488ad5db44c5da299b7450337fec60c32cab1b636ed97dd6490bb8b0808c6514eacea03d0c1695ab64bcc340a9dfba8f35d9c2cb6352712749948eb662305d02d2ecfc9f44ed1cb9bfa284855c4468ee7329187a8eb000424d36977fcfe2af8432a0ba63df1bbcf0b0cb860e280ab42795d06eb38c21674610972eb4851fa75bf2600d18cf30ce518e287f06d854524e71d92c5cdc751a7466766badbb47887cc5f3fd14cd7a990f8d40004223f82bb5c7cd8ecd2dad499f81c25fc098fd46017ab46b91ac18f226595087c1d90b3143a83850902dacd8f6b09ac72fcc69274fd1004e1a762eb9ec83cae5c497ab86475681bcf73f37be07bd967e2f5afba629228c17e78a809c16b9c80099959d6b795c2f1588d4f7e47c49a1e48d75afd6a08dfd1ddcbc208da3292cf7a93e5faf4a33ccdbf4c2c7635f12a7800cfb9e15b9131ec5fc413788d20dc68779171e3ffd5782625e3674030b35f441abf01b9bb183201ad59f2c0e2e1f42335c14d7e1d6c49881829449c75cfc096eed31cb6703d6377fe0953c022d1ce88bfe0090273014bad3b3c75184143a92e59070f80d15096d2d358af66c003bf3f65cd42c08684411da9eb8cdbd53c89c0f9178315febb70f5c3c0b29c4a5a7f901a68db1600ba48af7eef4cbb93778fb52c6cca1cbc1898a38bf53bc016a06e35548e6e0d5bf78dad9a54022e5b207f882ebc1da442e0d9c40f9159ad8e4e61de90329c674fb4297421245ed5f258ea4483abf99545ab98874afaa7483f23f57ea2c109911a76ff56a4717a0ac58620f22dad8bd90299ff3398f686b5238aef8ecb9370520f47bfc9b516302992d64643bdc27e7d878883d5da71410ad9e7f8627c18850dec85c9e9379af1cf25739c802c3d889ecdca564c58da929f53c09bf5a08bcec4a9cdd98f2d34316634bc1ab9eee2e5d930a1d114a18a0e40b33b6cf2841d4d9d6703e11d7abe59b48a936c373c63f83b03b18fe75a9ba65be6e2f5e9a379c2c58f5cc15b2e85d626fd54cd6ad96c6251d626bb1a3b72fc32d376ff7f23b1b2ee04d9aa5d715346e2077d0628110807f5daba365efa72fd9326302084ab6d3ed901bfb9c596ea66f2a5aa745ee71f07fc7ffa", &(0x7f0000000100)="e2b3813a88606661145e0dd0c831a18925c736b448cf687a68537e8e2a7be0fe075d18d201357c3ba866f04e6bb5cea68c716731fcf2d1847b4dd3e538093e415e20f1952f564fdc169935124a79db622af088ce74054139d616ef16cb57a7b4faa3cc01b742161311387d41099715998551c7917e389cc55a6d2956daba395340adbe861025914b60c5e5afa8c8f6"}}, &(0x7f0000000080)) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) [ 1335.897095][T10877] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=35144 sclass=netlink_xfrm_socket pid=10877 comm=syz-executor.4 [ 1335.914913][T10877] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=34247 sclass=netlink_xfrm_socket pid=10877 comm=syz-executor.4 [ 1335.929835][T10877] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=53893 sclass=netlink_xfrm_socket pid=10877 comm=syz-executor.4 [ 1335.943578][T10877] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=53481 sclass=netlink_xfrm_socket pid=10877 comm=syz-executor.4 [ 1335.957951][T10881] FAULT_INJECTION: forcing a failure. [ 1335.957951][T10881] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1335.971209][T10881] CPU: 1 PID: 10881 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1335.981005][T10881] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1335.991190][T10881] Call Trace: [ 1335.994472][T10881] [ 1335.997470][T10881] dump_stack_lvl+0xd6/0x122 [ 1336.002055][T10881] dump_stack+0x11/0x1b [ 1336.006373][T10881] should_fail+0x23c/0x250 [ 1336.011168][T10881] __alloc_pages+0x102/0x330 [ 1336.015754][T10881] alloc_pages_vma+0x5ee/0x770 [ 1336.020764][T10881] ? lru_cache_add+0x37/0x50 [ 1336.025436][T10881] do_anonymous_page+0x169/0x8d0 [ 1336.030453][T10881] ? cgroup_rstat_updated+0x34/0x100 [ 1336.035732][T10881] ? __rcu_read_unlock+0x5c/0x290 [ 1336.040788][T10881] handle_mm_fault+0x814/0x1590 [ 1336.045662][T10881] ? _raw_spin_unlock+0x2e/0x50 [ 1336.050661][T10881] __get_user_pages+0x388/0xc80 [ 1336.055521][T10881] __get_user_pages_remote+0x17f/0x610 [ 1336.061039][T10881] ? iovec_from_user+0x2a6/0x2e0 [ 1336.065985][T10881] pin_user_pages_remote+0x58/0x80 [ 1336.071094][T10881] process_vm_rw_single_vec+0x17d/0x460 [ 1336.076670][T10881] process_vm_rw+0x3a2/0x540 [ 1336.081279][T10881] __x64_sys_process_vm_writev+0x76/0x90 [ 1336.086919][T10881] do_syscall_64+0x44/0xa0 [ 1336.091439][T10881] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1336.097491][T10881] RIP: 0033:0x7fede691aae9 [ 1336.102273][T10881] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1336.122170][T10881] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1336.130686][T10881] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1336.138797][T10881] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 000000000000248a 23:13:14 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 29) [ 1336.146763][T10881] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 [ 1336.154729][T10881] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1336.162744][T10881] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1336.170709][T10881] 23:13:14 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa50000000000000088770c720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1336.207995][T10885] loop2: detected capacity change from 0 to 1 [ 1336.267269][T10885] loop2: detected capacity change from 0 to 1 23:13:14 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500000000020000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:13:14 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)=0x0) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) clock_gettime(0x0, &(0x7f0000000080)={0x0, 0x0}) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) timer_settime(r0, 0x1, &(0x7f0000000140)={{r1, r2+60000000}, {r3, r4+60000000}}, &(0x7f0000000180)) r5 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) clock_gettime(0x0, &(0x7f0000000040)) clock_gettime(0x0, &(0x7f00000001c0)={0x0, 0x0}) clock_nanosleep(0x6, 0x0, &(0x7f0000000200)={r8, r9+10000000}, &(0x7f0000000240)) timer_settime(r6, 0x0, &(0x7f0000000500)={{}, {0x0, r7+60000000}}, 0x0) process_vm_writev(r5, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) [ 1336.380636][T10990] FAULT_INJECTION: forcing a failure. [ 1336.380636][T10990] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1336.394434][T10990] CPU: 1 PID: 10990 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1336.404268][T10990] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1336.414344][T10990] Call Trace: [ 1336.417616][T10990] [ 1336.420537][T10990] dump_stack_lvl+0xd6/0x122 [ 1336.425124][T10990] dump_stack+0x11/0x1b [ 1336.429276][T10990] should_fail+0x23c/0x250 [ 1336.433792][T10990] __alloc_pages+0x102/0x330 [ 1336.438379][T10990] alloc_pages_vma+0x5ee/0x770 [ 1336.443267][T10990] ? lru_cache_add+0x37/0x50 [ 1336.447897][T10990] do_anonymous_page+0x169/0x8d0 [ 1336.452879][T10990] ? cgroup_rstat_updated+0x34/0x100 [ 1336.458159][T10990] ? __rcu_read_unlock+0x5c/0x290 [ 1336.463199][T10990] handle_mm_fault+0x814/0x1590 [ 1336.468148][T10990] ? _raw_spin_unlock+0x2e/0x50 [ 1336.473021][T10990] __get_user_pages+0x388/0xc80 [ 1336.477880][T10990] __get_user_pages_remote+0x17f/0x610 [ 1336.483344][T10990] ? iovec_from_user+0x2a6/0x2e0 [ 1336.488318][T10990] pin_user_pages_remote+0x58/0x80 [ 1336.493423][T10990] process_vm_rw_single_vec+0x17d/0x460 [ 1336.499048][T10990] process_vm_rw+0x3a2/0x540 [ 1336.503719][T10990] __x64_sys_process_vm_writev+0x76/0x90 [ 1336.509427][T10990] do_syscall_64+0x44/0xa0 [ 1336.513877][T10990] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1336.519851][T10990] RIP: 0033:0x7fede691aae9 [ 1336.524258][T10990] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1336.543969][T10990] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1336.552378][T10990] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1336.560347][T10990] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 000000000000248c [ 1336.568313][T10990] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 23:13:14 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 30) [ 1336.576314][T10990] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1336.584282][T10990] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1336.592262][T10990] 23:13:14 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201037) 23:13:14 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa50000000000000088770d720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1336.770659][T10996] loop2: detected capacity change from 0 to 1 [ 1336.818882][T11099] FAULT_INJECTION: forcing a failure. [ 1336.818882][T11099] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1336.832127][T11099] CPU: 0 PID: 11099 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1336.841933][T11099] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1336.851980][T11099] Call Trace: [ 1336.855256][T11099] [ 1336.858194][T11099] dump_stack_lvl+0xd6/0x122 [ 1336.862899][T11099] dump_stack+0x11/0x1b [ 1336.867070][T11099] should_fail+0x23c/0x250 [ 1336.871554][T11099] __alloc_pages+0x102/0x330 [ 1336.876148][T11099] alloc_pages_vma+0x5ee/0x770 [ 1336.880923][T11099] ? lru_cache_add+0x37/0x50 [ 1336.885591][T11099] do_anonymous_page+0x169/0x8d0 [ 1336.890540][T11099] ? cgroup_rstat_updated+0x34/0x100 [ 1336.895823][T11099] ? __rcu_read_unlock+0x5c/0x290 [ 1336.900844][T11099] handle_mm_fault+0x814/0x1590 [ 1336.905776][T11099] ? _raw_spin_unlock+0x2e/0x50 [ 1336.910707][T11099] __get_user_pages+0x388/0xc80 [ 1336.915618][T11099] __get_user_pages_remote+0x17f/0x610 [ 1336.921169][T11099] ? iovec_from_user+0x2a6/0x2e0 [ 1336.926132][T11099] pin_user_pages_remote+0x58/0x80 [ 1336.931279][T11099] process_vm_rw_single_vec+0x17d/0x460 [ 1336.936848][T11099] process_vm_rw+0x3a2/0x540 [ 1336.941538][T11099] __x64_sys_process_vm_writev+0x76/0x90 [ 1336.947210][T11099] do_syscall_64+0x44/0xa0 [ 1336.951733][T11099] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1336.957645][T11099] RIP: 0033:0x7fede691aae9 [ 1336.962073][T11099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1336.981754][T11099] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1336.990173][T11099] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1336.998188][T11099] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 000000000000248e [ 1337.006169][T11099] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 23:13:15 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x100) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) ftruncate(r3, 0xd94) sendfile(r3, r4, 0x0, 0x80000001) 23:13:15 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)=0x0) clock_gettime(0x0, &(0x7f0000000040)) clock_gettime(0x0, &(0x7f0000000080)={0x0, 0x0}) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) timer_settime(r0, 0x0, &(0x7f0000000000)={{r3, r4+10000000}, {r1, r2+10000000}}, 0x0) r5 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r6, 0x0, &(0x7f0000000500)={{}, {0x0, r7+60000000}}, 0x0) process_vm_writev(r5, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:13:15 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa50000000000000088770e720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:13:15 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 31) [ 1337.014166][T11099] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1337.022164][T11099] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1337.030366][T11099] [ 1337.058828][T10996] loop2: detected capacity change from 0 to 1 23:13:15 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500000004020000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1337.167832][T11144] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=35144 sclass=netlink_xfrm_socket pid=11144 comm=syz-executor.4 [ 1337.186311][T11144] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=34247 sclass=netlink_xfrm_socket pid=11144 comm=syz-executor.4 [ 1337.220003][T11211] FAULT_INJECTION: forcing a failure. [ 1337.220003][T11211] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1337.233395][T11211] CPU: 1 PID: 11211 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1337.243194][T11211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1337.253276][T11211] Call Trace: [ 1337.256590][T11211] [ 1337.259534][T11211] dump_stack_lvl+0xd6/0x122 [ 1337.264149][T11211] dump_stack+0x11/0x1b [ 1337.268402][T11211] should_fail+0x23c/0x250 [ 1337.272867][T11211] __alloc_pages+0x102/0x330 [ 1337.277470][T11211] alloc_pages_vma+0x5ee/0x770 [ 1337.282299][T11211] ? lru_cache_add+0x37/0x50 [ 1337.286954][T11211] do_anonymous_page+0x169/0x8d0 [ 1337.291902][T11211] ? cgroup_rstat_updated+0x34/0x100 [ 1337.297185][T11211] ? __rcu_read_unlock+0x5c/0x290 [ 1337.302237][T11211] handle_mm_fault+0x814/0x1590 [ 1337.307094][T11211] ? _raw_spin_unlock+0x2e/0x50 [ 1337.312005][T11211] __get_user_pages+0x388/0xc80 [ 1337.316891][T11211] __get_user_pages_remote+0x17f/0x610 [ 1337.322450][T11211] ? iovec_from_user+0x2a6/0x2e0 [ 1337.327710][T11211] pin_user_pages_remote+0x58/0x80 [ 1337.332874][T11211] process_vm_rw_single_vec+0x17d/0x460 [ 1337.338453][T11211] process_vm_rw+0x3a2/0x540 [ 1337.343050][T11211] __x64_sys_process_vm_writev+0x76/0x90 [ 1337.348694][T11211] do_syscall_64+0x44/0xa0 [ 1337.353133][T11211] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1337.359063][T11211] RIP: 0033:0x7fede691aae9 [ 1337.363488][T11211] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1337.383390][T11211] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1337.391984][T11211] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1337.400306][T11211] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000002490 [ 1337.408292][T11211] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 23:13:15 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) clock_gettime(0x0, &(0x7f0000000280)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x77359400}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_nanosleep(0x1, 0x0, &(0x7f00000002c0)={0x0, 0x3938700}, &(0x7f0000000300)) timer_create(0x2, &(0x7f0000000040)={0x0, 0x3f, 0x4, @thr={&(0x7f0000000340)="227d23f7e976ae751bd715340135b938528a6439584da9d0272fc460ff3900b593db820421e39d870fad2a62a034134a7f73dafbd6acdfe1aad2c3d60a722fabc4f3a703436730661522fc192f05685222a970c49eeb3b17413d300c1f3b7452800d042f36ad7c7115a47050846a4095cd53e254c9dd4d6d327da2673913a427ed75fca03693c38f7f843c2a683ca4af31ffe4df8128afe0fd999283a33f8bdcc69c196e8b84da01dd8200f596e97ab61184cc6f30bc9f782436758165f23f79e16f2975d4cf998720b7263c0fd5439b51fdf9d0ef8e", &(0x7f0000000680)="03327aefe134b6c59993935ef5129956cce3025c6f83051b8f14fb29150c2e73e2e5ebd00d71bef849613e851a35f4cfc6dd11dea7ed5bdd4a8e2cfede5069ab7ad18832945ce959d635d178314e6889edc5aec7f2dfaa2af1c2a20b1d639782f33c0d16226f9baae6d4ee5ae37ca8134c5ce99e4027777b2c6e1057c1f65ae1f621037747d869889fe5192b8e39a6cc0fe3bd7e876c71445292807d0992b57b54e6ce7076006feb1d30f9eefef097e60de0cc58c2e2182d2eafd3b626aa8ee6273836cd353e5cf24813f618fe69b978133217d46ad00a15626274dcb5dab5bc16d541a2556f8bdba3cf2c34156b48401a2e7f4ba5e652fa6921af4cde84348cb02f93bb4b6ac252f3f683b205361877b313d2b20b0cdb2fa85553c491f8046d1631654756674fe2a7daf76bff682d026a3996770e83ee6351d093700959cf9f4d7cfecae58cb4184941e2f58b596c418bc458d606640cd973726455b5c6bf1d06720e35784005e5b9b786d813d52c41fbc618ab5e1c39d938b9011f7509e514d0e421cf7c1749f59f23578606361232f72a223830802af3ecd83d66d45f61d5906fe3f77e3dff4cc756b3631a91a262a5b6870283c080e3c61806a5cee09b69aae3ea3f876ea60cd532f33ae78dbfb1e241673c36876106620db2e15415aaf6a920525349bd51171a9298215826f0592c6659abe3ea3ddebdf8980a81839dc6e3826793efccd3c8f60957430f6d04b8c8da98d05ffa9bc237d377ab62e634b10a36b6113ee8d2784917e0d79e93d5866d0bc84ec20c78d3ae160bb30b788d6377ec9f88b688645e8dc7a5630a917a87c6898bd30e80deb112193070c1ca646f7405b33a0abc29a56d07d05a674f1c8c0008cf7db87e5b94fab5e09be441490e26e796251c1c15823a763f1b5469d8abf2e1c2c8bdd7f49483cc2136d76fe28c047f5db79519d90129be506fb53ce94e9b3f36d6d72967f10f6962d1c7b213959fb3cdaa711f6b66b8b472ea2176f3e8c594812b66ffe9d37ae589b431416fb6d3e6b8af14a00f00eb7c38411bfae1bada669ed9c0ba01a3a99a0fa2b40ea14440fbd7cfac53d65a0fb6e797fa1969aba6b0da297508f90277cabf7eed9e532bf1ffa8cd0fbbece4d52dec75151b5f47e4210b21e248fe35dabdf395b1534feb5cafae1dbe4de71ca3db4b211e53b9a792f737446f0882ce7f3c1483e83f1d2ab65944d63ed1d3d2a895cc35a6da42178346b8bf46e6ecd2fac0cb62526cbc33bd665025e40760036ff120e0041243b348bd5ea4a80b806653cee7497524082528f1aca75571f03dd565c1ad9043b16d505c56631ca1f34d738e1306367459efc1a974af16dc0f20a8954176a6f3f30f5bb75f2bc6abf8a320b9d4e7f3078ac3cce663fe42b0f489f6d26b8feb437466e1f51ee82f3e93fcd829e20ca17cd07229bd5e1d16c006c9fa5dfe2a33577047fbc7fe5a902c379c72165cb5779682148f90ef62971c14ce346a05a60bad50366c583bde5470c24ff1880f408bc0110868367554de336018c773df4cbca1ad7b52b65b9208fb2ca5153ce6cda4bc199c2af98a271142d079d7d68024f0ecf7e6054e2aa4d0d9940aa61f402e1cda8c4c4e3958f6a8195e35e9db9769f528f22a3f85b512315ddb0f1a7aa42b599176bb9fe846142c0d690d2df832f2dbf0abcfaeb4c4ba283322025705d68378f4b32572049660204646615444e87a5553005af890262d2d727109d6893126b7ef021af7f2dd7b48db2d331a60d52850cbb37ca58eaf20d537447855180842feced078e63eadb3020940bdba299898488acb6bb2609335467db115325d2ec5dc47ec10fbc8727079fb93ef51e4007e2b6a7e48a810bb566181ef8fb4bd1f36e87a64231c24084f7e6470adcb29c92a3b6c7aeb6f0610360ee0d709b2d715935a5de6ed77298607e6de553b5cfcd3e0e60e67bf4d0523ff2f0a45484397556ec24418e8e5ad1b3960bdbd6a38929556497b22706e595b3b3ea64f39f3dc7049bd44144fd9eda3746019797feb659bc37e123908b2d72db51daedce84a427c1a31f91a6228f38a028cfb06ca98233b7d5eba0b366c2bc4dd470c1841211fa63be61286bec049b50b358e75e0fbf66a3639fba34bd856978687c841810202aa4a4d59f1db6e51360492c6751add17c69986af3b21d53ca2ca55f656b34bcd2fcf0ca27a8c15260faa12559e5aab74d3d5b8d05748c75af4381b729eb4a825cbf485b62e4a2e0c0efe06550ae562204c0b7a5de145193b0d388e126049d6ae356aa70bdfa4a9ce2326f615a9d267b00248eacba5e1b5758416341d7ac852b8b14b776922f6503c67ba1b44d979b3483e601c137b8441208b70a9220caef247d320165b848aa7e4ae3a6e9ebf16acd3292cea6ac066063580ab708cbe8ebbd133407f98af64023dfe3ef8ee28b3bfca666d0728df1fb153985bdc2006acead8515758ea07596fc4216df7a542021cb9899c63d93dc544765be668109d8f5b9f22c3c7b0b643331e6bc394f0d56f7a34f4853bf828a08f320c5e38b4c8cc20b49b3e8d39d5ae256c9dc2119b57abf7344785220dfc731c3c543d1d835f74e3dd9a8bc5baeb4e3ba5d63c1349a5b9147e4d1cc03832d3d8dd2de4354bcd60fe6b624bd94ad6c884c7ef0f41cecf1a726f467df5727791043d036aa4a82bdc2f9575df90d7dba0a927e5fe12c70ccbac5336ddb6f5b1cb070c92c93c0bd48d36d27e27db803698a9496f0ad51ad0d7d8bc720e8c9046f391b71abd1b46a871eec267838ad15837908c3c6689c5c81a8b8fb21a4ee758fc69253c2e493d366b4a143929b11f11c4cdcd8cf9189a8a3e3f7f2e9bd27a5a75b3cb00601446df36df8d0247e0772917b3e8eabb00e28f88f5f663a0d501b8691a60d4887270d91fb1f64f257e555b51941a3598593e7f60ef5b31f9f9986f41d9ea4ae4cf29dd78cb9e702e97a8ccbcbcd14789cb92635a6b4d13d4866805c3a4d22b5d0555caa8bbbfc99a76b114a1250fe2bfaaab65ab77c504e9fb146bab052691440598811be8a23e531f70fe8db814e716c04202d750036a2eafe720a3fa9e5f0071b17bb5f07847bb93e440e0d7160b991f46f136ad83def884bcc54fd3b681fd1c3664a6850d26191a6c34f0c1b5de10d2c5180f22f00b524f2fb20dad15a37083048e1ad23dda298371dea839d1df587222b7e9b38975553c2da452e4593d361c25497c86129f45f65605025961056effd35d8c0908baedb2a1de2f4c34935a48be714b5a2937e3398565baa6189fcd769a2398ea1763564e5e750ca42c7612b860ea6a3941b38ae300f2df06fb57418a112cfa32553ad307d46e103218b8b09a6822bffa8d11db843cac39e20f96bf4ddac544dcaf4404939e52a3d3316d1a747377856013039123d0c39117a3e8a2e05d4479502f2760601ce31bc90c5104991fb7e6b4eb8e2fe89a365b48d1da7349176a90333e9507f4c6b819bd04fb41e4eda7efa110ceb8435a854917c3c6c3cbec51d715cc8b1c8c92fd392dc51f82b8fea147a598cf9b292bd05c349214b53890cf3a6d081a901f353ce6b5cc9b1c6347b0eebc32b050d572c54d9c54631351ecfc2138f8212cd53d4a97b9731e21b5a8454c4e708c45be0ad96fbc889a1d2010d9fcda0c4385ca9181cfe0e347e80bad066ead234015765f2243d931258fad439e2ae968dc86053e75a5ab065c6b876a480b87349c1b4b31eb21f81dd3b9922af118b65d2ee7dc3ca6c69ab698082f26fa763b2bd5c359eff0e6be09cac758f3d467e1920cfd2992119c7b6287b7ccbed60f17c05ebe092cd99fed11951c97fd7a2234c7bf1498ee5eda2d732edfc814bf254ffcd90bb90867dd28a0c3a6ec49981fb4a6fac9cdae068a6fa807cb5c4d083979541fab8c8b1fb54d15dcdfc5bbd5f14b0fc67f8349cecbfa94938566b345c0b3b4c4ae755f1513fcc065ba63557e5e719a2a340d9bc299031d52804ab592822e5f123b980a2d0c4c9784f1e6cdb8673c59c2db75701786845ff91e21ae2aab39b435c6f6a93abaa1c03cba0ac296b9f722797d421ab2079c176842b4f6bf253c88add3dd0a40cf06b1755b3fe5f6521342214ebc2a6037558c771c7703754b41ed40676c41f74cdf39840fa353bfe58e9f822421cffb9513341c8327435e0ea8951ceffd1c721798d3a312c9f8b8086452936693773d0bb7a6c13085babc74af45a34350442740eac3337bba8d589bd594016daa0bac3b0f95ba371963cff932b8371d99903f1e2d584be829a0c75869a0b47fc76fa6e9c29e1a75ff7ca289ddd93faf1ab9a5179cd507dd9cd04479fe48bcb8742d78d318f80149a70a44206f40526d8f92e5d95cc9e11e6d9b8ca84eba7b9fcd95435bd26c1a3def88155d000cf5ec0645cd4c19981531aef1e998b4544554fb338fef863cdca001bbb052eba7724eef08674e5c002bb92eb117f81e5db5831028a2fa4225d22a03843145c2a087e05895991dc0f0a9972c50004f5884720bf8ee11d72f26218fbca9c16c09cfb4f8844412d5c638c3c9c6c66d4777851b212d73c11d1df43f2b7c1204403c016ddf977f9836298b5f545a77d272d1dd2d7f80f70bc1f782cc62a2b50494c7aa575a5c9af16b45da5c122bedcbb18b3eb661b0ab2dbb80b51018a6ffafdf18c75fbeaca00f93fa57bbb173799fd6519cedd79d7894d28acab5d0f15bf69376d85475c1db0ba073dc9eed934029f9c66909201c951d558264953d6b75d506fd6d65082aed4b9070ae4cdff8c57a606cc68c7836d510c7e1ad1e7ce5f4b19c4d7902bab311468cb0ecf63ff57f1922ed16dc80eab2a16a6cae81756fc133465830994d8d3e34ee92c717b8f7bbec6e9f857cfc51701c1e7db90ecb4657fc39048d4b69b432a9b2986ce02c525363b88f824cf713364cafed2e7b78bf86ebaad02458f92c6e43c8ce92507e10736418825e502a09f8b7eec2a0a7d758d0c3145f124599c17743eafb7b9170b5629a92334ace792a5730049f615d84568afc7446a82eb47d22c3c58e23c8da105e071431ac2df335eaacc73abc87406b30ee4f1cf4df3e1cc5b87f96be466f5e4af7cb277745fe806d171b352d14b75162395cb2fd86a3b05cb44baece4cbedd33ce3ea7b2ed2d77d1d60d2f8a244b5c9a4e5739ab76a632dbecad9ce98aba4d296db0e5093276e72ce45f84b1359d4a399f886240846c13cf8cfe344dccee10fc6a8200d3d067e3d099075bac0407410d19ec7b947282421ebd36b692ebbcbc2fefb18d4ae2479c442230ee740ce2e702a54f6002d13c007a84a8af18e8a929d77f090885a86921ce6886eea1bd530342b927b80a3fa9bfa31577de6c38d427581f1b98d21e3d87d24f73111c0b4e1a77cea362e84253be3c2df63d632b244ac3d173f962c95c283f40e0b9cd4f45ec149f43169e8cc573ce20d5529910e2b83ea3c02d49745f352787b0016320e82462debe757fd2a19972d95cf5924040a51d13c49a685f374fdd173401bee6f2bd8d12e70607709acd8765d065ea3c97c5fb71a0f32783141fc6ae777751b97b1643bde3883a7ff352f3cc573b229fc8dd733366f26c60a10231240f62c98a3864e60267f066dbfa542f610ab5a78cfdccbb6e85b3070da85853e59ee3d50fd0b16ecb3d2a90049658e3d0d21ce4b40161012493663d82bbefa2e5f157308e576a5c1ed73aa1d335a856bdfa4d0559b50ff0b058ac34079019dcc19231ed377e2b249224a8e43cd3703085e8"}}, &(0x7f0000000080)=0x0) timer_settime(r2, 0x1, &(0x7f0000000200)={{}, {0x77359400}}, &(0x7f0000000240)) clock_gettime(0x2, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r3+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:13:15 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 32) 23:13:15 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa50000000000000088770f720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1337.416433][T11211] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1337.424396][T11211] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1337.432424][T11211] [ 1337.522997][T11215] loop2: detected capacity change from 0 to 1 23:13:15 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201038) [ 1337.587068][T11247] FAULT_INJECTION: forcing a failure. [ 1337.587068][T11247] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1337.600342][T11247] CPU: 0 PID: 11247 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1337.610380][T11247] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1337.620459][T11247] Call Trace: [ 1337.623740][T11247] [ 1337.626676][T11247] dump_stack_lvl+0xd6/0x122 [ 1337.631275][T11247] dump_stack+0x11/0x1b [ 1337.635430][T11247] should_fail+0x23c/0x250 [ 1337.639931][T11247] __alloc_pages+0x102/0x330 [ 1337.644526][T11247] alloc_pages_vma+0x5ee/0x770 [ 1337.649317][T11247] ? lru_cache_add+0x37/0x50 [ 1337.653991][T11247] do_anonymous_page+0x169/0x8d0 [ 1337.659008][T11247] ? cgroup_rstat_updated+0x34/0x100 [ 1337.664306][T11247] ? __rcu_read_unlock+0x5c/0x290 [ 1337.669466][T11247] handle_mm_fault+0x814/0x1590 [ 1337.674462][T11247] ? _raw_spin_unlock+0x2e/0x50 [ 1337.679319][T11247] __get_user_pages+0x388/0xc80 [ 1337.684250][T11247] __get_user_pages_remote+0x17f/0x610 [ 1337.689718][T11247] ? iovec_from_user+0x2a6/0x2e0 [ 1337.694668][T11247] pin_user_pages_remote+0x58/0x80 [ 1337.699842][T11247] process_vm_rw_single_vec+0x17d/0x460 [ 1337.705399][T11247] process_vm_rw+0x3a2/0x540 [ 1337.709999][T11247] __x64_sys_process_vm_writev+0x76/0x90 [ 1337.715642][T11247] do_syscall_64+0x44/0xa0 [ 1337.720069][T11247] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1337.726049][T11247] RIP: 0033:0x7fede691aae9 [ 1337.730559][T11247] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1337.750236][T11247] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1337.758766][T11247] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1337.766745][T11247] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000002492 [ 1337.774748][T11247] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 23:13:16 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) wait4(r0, 0x0, 0x40000000, &(0x7f0000000100)) 23:13:16 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 33) 23:13:16 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887710720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1337.782772][T11247] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1337.790763][T11247] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1337.798830][T11247] [ 1337.807546][T11215] loop2: detected capacity change from 0 to 1 [ 1337.977491][T11532] FAULT_INJECTION: forcing a failure. [ 1337.977491][T11532] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1337.990852][T11532] CPU: 1 PID: 11532 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1338.000722][T11532] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1338.010794][T11532] Call Trace: [ 1338.014067][T11532] [ 1338.016991][T11532] dump_stack_lvl+0xd6/0x122 [ 1338.021587][T11532] dump_stack+0x11/0x1b [ 1338.026178][T11532] should_fail+0x23c/0x250 [ 1338.030671][T11532] __alloc_pages+0x102/0x330 [ 1338.035257][T11532] alloc_pages_vma+0x5ee/0x770 [ 1338.040028][T11532] ? lru_cache_add+0x37/0x50 [ 1338.044643][T11532] do_anonymous_page+0x169/0x8d0 [ 1338.049639][T11532] ? cgroup_rstat_updated+0x34/0x100 [ 1338.054922][T11532] ? __rcu_read_unlock+0x5c/0x290 [ 1338.059940][T11532] handle_mm_fault+0x814/0x1590 [ 1338.064834][T11532] ? _raw_spin_unlock+0x2e/0x50 [ 1338.069688][T11532] __get_user_pages+0x388/0xc80 [ 1338.074577][T11532] __get_user_pages_remote+0x17f/0x610 [ 1338.080158][T11532] ? iovec_from_user+0x2a6/0x2e0 [ 1338.085101][T11532] pin_user_pages_remote+0x58/0x80 [ 1338.090299][T11532] process_vm_rw_single_vec+0x17d/0x460 [ 1338.095851][T11532] process_vm_rw+0x3a2/0x540 [ 1338.100462][T11532] __x64_sys_process_vm_writev+0x76/0x90 [ 1338.106166][T11532] do_syscall_64+0x44/0xa0 [ 1338.110581][T11532] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1338.116482][T11532] RIP: 0033:0x7fede691aae9 [ 1338.120893][T11532] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1338.140510][T11532] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1338.149016][T11532] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1338.157105][T11532] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000002494 [ 1338.165201][T11532] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 [ 1338.173222][T11532] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1338.181203][T11532] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1338.189219][T11532] 23:13:16 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14d802, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x80000001) 23:13:16 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500000000030000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:13:16 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17, 0x0, @thr={&(0x7f0000000180)="16d0e564790f11fdb67cd3ddae87676b3224aa19dd9353cb2a3c9194d9f3e8981a12a73129ae4084440082", &(0x7f00000001c0)="5cfa1e1eb1475c06ecc23d4254845181fe3b018986d4eaa9958b7ba0193e231f9f54d4df1faa0a09b706415d18a7520c9ac228dc2ced1fb74aaed71278251daaf4ad1bd6206e8b2cd8179361735cebd4306047cd905ff7ebe0d00eb29b330e6105c2293f762740bb7cc533f1f5af305d50a27178e52ce1108839d2a29b4faece98c1d296ebd5f1b06a0827ec239f37"}}, &(0x7f0000000140)=0x0) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r1 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f0000000040)={0x0, 0x0}) clock_gettime(0x0, &(0x7f0000000080)={0x0, 0x0}) timer_settime(r0, 0x1, &(0x7f0000000100)={{r3, r4+60000000}, {r5, r6+10000000}}, 0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r2, 0x0, &(0x7f0000000500)={{}, {0x0, r7+60000000}}, 0x0) process_vm_writev(r1, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:13:16 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 34) 23:13:16 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887711720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1338.440499][T11541] FAULT_INJECTION: forcing a failure. [ 1338.440499][T11541] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1338.453793][T11541] CPU: 0 PID: 11541 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1338.463665][T11541] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1338.473816][T11541] Call Trace: [ 1338.477097][T11541] [ 1338.480019][T11541] dump_stack_lvl+0xd6/0x122 [ 1338.484667][T11541] dump_stack+0x11/0x1b [ 1338.488828][T11541] should_fail+0x23c/0x250 [ 1338.493425][T11541] __alloc_pages+0x102/0x330 [ 1338.498031][T11541] alloc_pages_vma+0x5ee/0x770 [ 1338.502805][T11541] ? lru_cache_add+0x37/0x50 [ 1338.507438][T11541] do_anonymous_page+0x169/0x8d0 [ 1338.512385][T11541] ? cgroup_rstat_updated+0x34/0x100 [ 1338.518252][T11541] ? __rcu_read_unlock+0x5c/0x290 [ 1338.523297][T11541] handle_mm_fault+0x814/0x1590 [ 1338.528246][T11541] ? _raw_spin_unlock+0x2e/0x50 [ 1338.533098][T11541] __get_user_pages+0x388/0xc80 [ 1338.537997][T11541] __get_user_pages_remote+0x17f/0x610 [ 1338.543500][T11541] ? iovec_from_user+0x2a6/0x2e0 [ 1338.548441][T11541] pin_user_pages_remote+0x58/0x80 [ 1338.553563][T11541] process_vm_rw_single_vec+0x17d/0x460 [ 1338.559116][T11541] process_vm_rw+0x3a2/0x540 [ 1338.563717][T11541] __x64_sys_process_vm_writev+0x76/0x90 [ 1338.569410][T11541] do_syscall_64+0x44/0xa0 [ 1338.573853][T11541] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1338.579756][T11541] RIP: 0033:0x7fede691aae9 [ 1338.584193][T11541] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1338.603798][T11541] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1338.612418][T11541] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1338.620568][T11541] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000002496 [ 1338.628706][T11541] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 [ 1338.636802][T11541] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1338.644843][T11541] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1338.652829][T11541] 23:13:16 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 35) 23:13:16 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887712720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1338.682304][T11544] loop2: detected capacity change from 0 to 1 23:13:16 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) timer_create(0x0, &(0x7f00000003c0)={0x0, 0x29, 0x1, @thr={&(0x7f0000000240)="a6da9acec2f4242c7307419d2d38ba9a945fdd80238dee4011fea978086ee2ca4b489766172c2c774ea85686af9fc1351289cdc285f1c16b65b7db8b087e69d4a953c2173b9e9349b86ccbef60eee3c50638af84d84886a608c9947f615f9321ec883eb07622f77f609bdfdb97971b09b3476cb4caf2cf68b261543cc4d3d01de84f8f56895be5d529e96168b0c0c0c860074771f600d7aba911fb202ad32e32139fc82f6dd8184a862940a88c99b5c5374cc4b64a9ffcd3e3e59d35ce7dae0f1a24edb32a", &(0x7f0000000340)="a35b01ead16ca655df0ae6ea11d9094ec9f59de618d613dc711ec28b751b0cb311628c2ee7391bcd710e3d8d36f3e2c0d452d3806982b432ce8a18254667074de411ad6be7a55f7da3f2a4ebd2c0b5de6def8e84a3cc4bc6a1a2adcf"}}, &(0x7f0000000400)=0x0) clock_gettime(0x0, &(0x7f0000000480)={0x0, 0x0}) timer_settime(r5, 0x1, &(0x7f0000000540)={{0x77359400}, {r6, r7+60000000}}, 0x0) timer_settime(r1, 0x1, &(0x7f0000000140)={{0x77359400}, {r3, r4+60000000}}, &(0x7f00000001c0)) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) clock_gettime(0x6, &(0x7f0000000580)) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) timer_settime(r8, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) timer_settime(r8, 0x1, &(0x7f0000000040), &(0x7f0000000080)) 23:13:17 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201039) [ 1338.778356][T11544] loop2: detected capacity change from 0 to 1 [ 1338.832165][T11750] FAULT_INJECTION: forcing a failure. [ 1338.832165][T11750] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1338.845424][T11750] CPU: 0 PID: 11750 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1338.855258][T11750] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1338.865334][T11750] Call Trace: [ 1338.868696][T11750] [ 1338.871626][T11750] dump_stack_lvl+0xd6/0x122 [ 1338.876223][T11750] dump_stack+0x11/0x1b [ 1338.880375][T11750] should_fail+0x23c/0x250 [ 1338.884832][T11750] __alloc_pages+0x102/0x330 [ 1338.889423][T11750] alloc_pages_vma+0x5ee/0x770 [ 1338.894239][T11750] ? lru_cache_add+0x37/0x50 [ 1338.898835][T11750] do_anonymous_page+0x169/0x8d0 [ 1338.903775][T11750] ? cgroup_rstat_updated+0x34/0x100 [ 1338.909061][T11750] ? __rcu_read_unlock+0x5c/0x290 [ 1338.914099][T11750] handle_mm_fault+0x814/0x1590 [ 1338.919043][T11750] ? _raw_spin_unlock+0x2e/0x50 [ 1338.923972][T11750] __get_user_pages+0x388/0xc80 [ 1338.928902][T11750] __get_user_pages_remote+0x17f/0x610 [ 1338.934387][T11750] ? iovec_from_user+0x2a6/0x2e0 [ 1338.939403][T11750] pin_user_pages_remote+0x58/0x80 [ 1338.944724][T11750] process_vm_rw_single_vec+0x17d/0x460 [ 1338.950356][T11750] process_vm_rw+0x3a2/0x540 [ 1338.954965][T11750] __x64_sys_process_vm_writev+0x76/0x90 [ 1338.960638][T11750] do_syscall_64+0x44/0xa0 [ 1338.965085][T11750] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1338.971161][T11750] RIP: 0033:0x7fede691aae9 [ 1338.975623][T11750] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1338.995441][T11750] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1339.004074][T11750] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1339.012054][T11750] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000002498 [ 1339.020059][T11750] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 23:13:17 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) r3 = fsopen(&(0x7f0000000040)='esdfs\x00', 0x0) r4 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r4, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x0, 0x0, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r5, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x0, 0x0, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ppoll(&(0x7f0000000100)=[{0xffffffffffffffff, 0x120}, {0xffffffffffffffff, 0x4}, {0xffffffffffffffff, 0x2000}, {r3, 0x2400}, {0xffffffffffffffff, 0x403}, {0xffffffffffffffff, 0x102}, {}, {r4, 0x580}, {r5, 0x3690}, {0xffffffffffffffff, 0xd0d1}], 0xa, &(0x7f0000000080)={0x77359400}, &(0x7f0000000180)={[0x8]}, 0x8) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:13:17 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887722720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:13:17 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500000000040000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1339.028128][T11750] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1339.036225][T11750] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1339.045601][T11750] [ 1339.207090][T11946] loop2: detected capacity change from 0 to 1 [ 1339.257009][T11946] loop2: detected capacity change from 0 to 1 23:13:17 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r3, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x0, 0x0, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r4 = signalfd(r1, &(0x7f0000000100)={[0x20]}, 0x8) ioctl$FICLONE(r3, 0x40049409, r4) r5 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r6 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x101000, 0x72) sendfile(r5, r6, 0x0, 0x80000001) r7 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r7, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x0, 0x0, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) acct(&(0x7f0000000040)='./bus\x00') mmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x1000000, 0x4000010, r7, 0x9e6eb000) 23:13:17 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887725720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:13:17 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) timer_settime(r0, 0x0, &(0x7f0000000040)={{0x77359400}, {0x0, 0x9}}, 0x0) r1 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) timer_create(0x7, &(0x7f0000000140)={0x0, 0xb, 0x0, @thr={&(0x7f0000000100)="d3071b07c681b15ca39532cf8f30e9bfadcabdb7f4e3c75854a367", &(0x7f0000000680)="10950688fd2044b6f57699bf49d3a4d9f011c7e2042cdc281d79435c74cd2df2bf111a87fb022524e2939f71463fc7cf8d8cbd4ceb19707377196bdd1aa8a6f913b0d7400fd1690b0b9de046d42e31eb1c38b2bb118585aef65c124a9463283fa0ea64580aaa4c67854854f9ca6d082814cb8d96d242db9b9d4568e934921150eb4668180ef3cebef13ca22b0dc8d4b55d563f2d5498af3eaac01ab548181f5467de7b"}}, &(0x7f0000000240)=0x0) timer_gettime(r3, &(0x7f0000000280)) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r2, 0x0, &(0x7f0000000500)={{}, {0x0, r4+60000000}}, 0x0) r5 = gettid() process_vm_writev(r5, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0) timer_create(0x6, &(0x7f0000000080)={0x0, 0x4000003a, 0x4, @thr={&(0x7f0000000380)="ac1bc532678534ab7fc701273efa9f8dedc13dfd9d595be37a89321c26bb5867fd06f4716abae5d345e38b444f3e40022448b88c72310e03951578508aacb87b30bd87d92e1b6c3294913e3bc9430638c40210d0a7cc24fc5a7e76f88d2f", &(0x7f0000000540)="6c1bf7ca604cc2fb4d09267351e0b0ead3d38fe522d4cf35a5cc5d95c2572fe017ffc41198ad19e5e2af3ee5c61535eefb3c707ff01bec895cb65d36f644c1d1221205ec9f6e80d08ceba163a36f34fd70b90ea26cb9673f5119ad4b870d4149d5a652ed0dc04cd2db6cd6a2cc380c50cbf060ce43f06b1dc2aa60eed7c92814da65895457ba93098e8f943cdd15f3bcccbaf7c9eb4546f1622270fe847eb8b2bcd0a9212b1e38292d32cd8213548b45ef4c9f20a0d7b820b652dfd4f74864711fee42d998302bef2fb308b3b7355212ecb1a092ff9eed4c8629436e775661d9fc54c929e63626baee71074af204b719a18d9ac7ce3c"}}, &(0x7f00000001c0)) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) timer_settime(r6, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) clock_gettime(0x0, &(0x7f00000002c0)={0x0, 0x0}) timer_settime(r6, 0x1, &(0x7f0000000300)={{r7, r8+60000000}, {0x0, 0x989680}}, &(0x7f0000000340)) process_vm_writev(r1, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:13:17 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 36) 23:13:17 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500000000050000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1339.373989][T12068] FAULT_INJECTION: forcing a failure. [ 1339.373989][T12068] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1339.387284][T12068] CPU: 1 PID: 12068 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1339.397202][T12068] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1339.407281][T12068] Call Trace: [ 1339.410574][T12068] [ 1339.413502][T12068] dump_stack_lvl+0xd6/0x122 [ 1339.418092][T12068] dump_stack+0x11/0x1b [ 1339.422236][T12068] should_fail+0x23c/0x250 [ 1339.426814][T12068] __alloc_pages+0x102/0x330 [ 1339.431409][T12068] alloc_pages_vma+0x5ee/0x770 [ 1339.436175][T12068] ? lru_cache_add+0x37/0x50 [ 1339.440819][T12068] do_anonymous_page+0x169/0x8d0 [ 1339.445882][T12068] ? cgroup_rstat_updated+0x34/0x100 [ 1339.451167][T12068] ? __rcu_read_unlock+0x5c/0x290 [ 1339.456193][T12068] handle_mm_fault+0x814/0x1590 [ 1339.461045][T12068] ? _raw_spin_unlock+0x2e/0x50 [ 1339.465911][T12068] __get_user_pages+0x388/0xc80 [ 1339.470940][T12068] __get_user_pages_remote+0x17f/0x610 [ 1339.476531][T12068] ? iovec_from_user+0x2a6/0x2e0 [ 1339.481477][T12068] pin_user_pages_remote+0x58/0x80 [ 1339.486623][T12068] process_vm_rw_single_vec+0x17d/0x460 [ 1339.492218][T12068] process_vm_rw+0x3a2/0x540 [ 1339.496820][T12068] __x64_sys_process_vm_writev+0x76/0x90 [ 1339.502464][T12068] do_syscall_64+0x44/0xa0 [ 1339.506921][T12068] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1339.512834][T12068] RIP: 0033:0x7fede691aae9 [ 1339.517243][T12068] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1339.536862][T12068] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1339.545365][T12068] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1339.553461][T12068] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 000000000000249a [ 1339.561429][T12068] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 23:13:17 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x20103a) 23:13:17 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887748720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:13:17 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 37) [ 1339.569623][T12068] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1339.577641][T12068] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1339.585614][T12068] [ 1339.805567][T12076] loop2: detected capacity change from 0 to 1 [ 1339.844655][T12081] FAULT_INJECTION: forcing a failure. [ 1339.844655][T12081] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1339.858006][T12081] CPU: 0 PID: 12081 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1339.867819][T12081] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1339.877930][T12081] Call Trace: [ 1339.881202][T12081] [ 1339.884130][T12081] dump_stack_lvl+0xd6/0x122 [ 1339.888784][T12081] dump_stack+0x11/0x1b [ 1339.893031][T12081] should_fail+0x23c/0x250 [ 1339.897508][T12081] __alloc_pages+0x102/0x330 [ 1339.902158][T12081] alloc_pages_vma+0x5ee/0x770 [ 1339.907017][T12081] ? lru_cache_add+0x37/0x50 [ 1339.911676][T12081] do_anonymous_page+0x169/0x8d0 [ 1339.916631][T12081] ? cgroup_rstat_updated+0x34/0x100 [ 1339.921937][T12081] ? __rcu_read_unlock+0x5c/0x290 [ 1339.926972][T12081] handle_mm_fault+0x814/0x1590 [ 1339.931915][T12081] ? _raw_spin_unlock+0x2e/0x50 [ 1339.936827][T12081] __get_user_pages+0x388/0xc80 [ 1339.941859][T12081] __get_user_pages_remote+0x17f/0x610 [ 1339.947349][T12081] ? iovec_from_user+0x2a6/0x2e0 [ 1339.952579][T12081] pin_user_pages_remote+0x58/0x80 [ 1339.957709][T12081] process_vm_rw_single_vec+0x17d/0x460 [ 1339.963376][T12081] process_vm_rw+0x3a2/0x540 [ 1339.967985][T12081] __x64_sys_process_vm_writev+0x76/0x90 [ 1339.973698][T12081] do_syscall_64+0x44/0xa0 [ 1339.978189][T12081] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1339.984127][T12081] RIP: 0033:0x7fede691aae9 [ 1339.988634][T12081] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1340.008253][T12081] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1340.016772][T12081] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1340.024751][T12081] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 000000000000249c [ 1340.032738][T12081] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 [ 1340.040806][T12081] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1340.048882][T12081] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 23:13:18 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x20103b) 23:13:18 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa50000000000000088774c720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:13:18 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ioctl$F2FS_IOC_START_VOLATILE_WRITE(r2, 0xf503, 0x0) sendfile(r2, 0xffffffffffffffff, &(0x7f0000000040)=0xe367, 0x7) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) sendfile(r3, 0xffffffffffffffff, 0x0, 0x80000001) mount(&(0x7f0000000080)=@filename='./bus/file0\x00', &(0x7f0000000100)='./bus\x00', &(0x7f0000000140)='qnx6\x00', 0x1800, 0x0) 23:13:18 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 38) [ 1340.054160][T12079] Process accounting resumed [ 1340.056871][T12081] [ 1340.083747][T12076] loop2: detected capacity change from 0 to 1 [ 1340.101840][T12079] Process accounting resumed 23:13:18 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500000000060000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1340.236814][T12192] selinux_netlink_send: 6 callbacks suppressed [ 1340.236829][T12192] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=35144 sclass=netlink_xfrm_socket pid=12192 comm=syz-executor.4 [ 1340.257912][T12193] FAULT_INJECTION: forcing a failure. [ 1340.257912][T12193] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1340.271284][T12193] CPU: 0 PID: 12193 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1340.281140][T12193] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1340.291253][T12193] Call Trace: [ 1340.294533][T12193] [ 1340.297528][T12193] dump_stack_lvl+0xd6/0x122 [ 1340.302127][T12193] dump_stack+0x11/0x1b [ 1340.306389][T12193] should_fail+0x23c/0x250 [ 1340.311090][T12193] __alloc_pages+0x102/0x330 [ 1340.315702][T12193] alloc_pages_vma+0x5ee/0x770 [ 1340.320477][T12193] ? lru_cache_add+0x37/0x50 [ 1340.325085][T12193] do_anonymous_page+0x169/0x8d0 [ 1340.330127][T12193] ? cgroup_rstat_updated+0x34/0x100 23:13:18 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887768720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1340.335419][T12193] ? __rcu_read_unlock+0x5c/0x290 [ 1340.340449][T12193] handle_mm_fault+0x814/0x1590 [ 1340.345392][T12192] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=34247 sclass=netlink_xfrm_socket pid=12192 comm=syz-executor.4 [ 1340.345394][T12193] ? _raw_spin_unlock+0x2e/0x50 [ 1340.345423][T12193] __get_user_pages+0x388/0xc80 [ 1340.368170][T12193] __get_user_pages_remote+0x17f/0x610 [ 1340.368952][T12192] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=53893 sclass=netlink_xfrm_socket pid=12192 comm=syz-executor.4 [ 1340.373716][T12193] ? iovec_from_user+0x2a6/0x2e0 [ 1340.373747][T12193] pin_user_pages_remote+0x58/0x80 [ 1340.373768][T12193] process_vm_rw_single_vec+0x17d/0x460 [ 1340.373792][T12193] process_vm_rw+0x3a2/0x540 [ 1340.407102][T12193] __x64_sys_process_vm_writev+0x76/0x90 [ 1340.408164][T12192] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=53481 sclass=netlink_xfrm_socket pid=12192 comm=syz-executor.4 [ 1340.412742][T12193] do_syscall_64+0x44/0xa0 [ 1340.412769][T12193] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1340.436145][T12193] RIP: 0033:0x7fede691aae9 [ 1340.440665][T12193] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1340.460324][T12193] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1340.463699][T12192] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=49 sclass=netlink_xfrm_socket pid=12192 comm=syz-executor.4 [ 1340.468823][T12193] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1340.468837][T12193] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 000000000000249e [ 1340.481729][T12192] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=61 sclass=netlink_xfrm_socket pid=12192 comm=syz-executor.4 [ 1340.489740][T12193] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 [ 1340.489755][T12193] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1340.489766][T12193] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1340.489782][T12193] [ 1340.497766][T12192] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=108 sclass=netlink_xfrm_socket pid=12192 comm=syz-executor.4 [ 1340.550622][T12192] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=103 sclass=netlink_xfrm_socket pid=12192 comm=syz-executor.4 [ 1340.563520][T12192] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=129 sclass=netlink_xfrm_socket pid=12192 comm=syz-executor.4 23:13:18 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 39) [ 1340.576677][T12192] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=161 sclass=netlink_xfrm_socket pid=12192 comm=syz-executor.4 [ 1340.640902][T12199] loop2: detected capacity change from 0 to 1 [ 1340.728170][T12199] loop2: detected capacity change from 0 to 1 [ 1340.744572][T12301] FAULT_INJECTION: forcing a failure. [ 1340.744572][T12301] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1340.758072][T12301] CPU: 0 PID: 12301 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1340.768043][T12301] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1340.778497][T12301] Call Trace: [ 1340.781818][T12301] [ 1340.784846][T12301] dump_stack_lvl+0xd6/0x122 [ 1340.789441][T12301] dump_stack+0x11/0x1b [ 1340.793663][T12301] should_fail+0x23c/0x250 [ 1340.798092][T12301] __alloc_pages+0x102/0x330 [ 1340.802763][T12301] alloc_pages_vma+0x5ee/0x770 [ 1340.807633][T12301] ? lru_cache_add+0x37/0x50 [ 1340.812237][T12301] do_anonymous_page+0x169/0x8d0 [ 1340.817181][T12301] ? cgroup_rstat_updated+0x34/0x100 [ 1340.822480][T12301] ? __rcu_read_unlock+0x5c/0x290 [ 1340.827540][T12301] handle_mm_fault+0x814/0x1590 [ 1340.832399][T12301] ? _raw_spin_unlock+0x2e/0x50 [ 1340.837325][T12301] __get_user_pages+0x388/0xc80 [ 1340.842187][T12301] __get_user_pages_remote+0x17f/0x610 [ 1340.847739][T12301] ? iovec_from_user+0x2a6/0x2e0 [ 1340.852766][T12301] pin_user_pages_remote+0x58/0x80 [ 1340.857968][T12301] process_vm_rw_single_vec+0x17d/0x460 [ 1340.863600][T12301] process_vm_rw+0x3a2/0x540 [ 1340.868259][T12301] __x64_sys_process_vm_writev+0x76/0x90 [ 1340.873931][T12301] do_syscall_64+0x44/0xa0 [ 1340.878450][T12301] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1340.884409][T12301] RIP: 0033:0x7fede691aae9 [ 1340.888927][T12301] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1340.908661][T12301] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1340.917142][T12301] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1340.925190][T12301] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 00000000000024a0 [ 1340.933154][T12301] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 [ 1340.941190][T12301] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1340.949224][T12301] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1340.957208][T12301] 23:13:20 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x20103c) 23:13:20 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa50000000000000088776c720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:13:20 executing program 1: ioctl$int_out(0xffffffffffffffff, 0x0, &(0x7f0000000040)) timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1000000000000193, &(0x7f0000121000)=[{&(0x7f0000000100)=""/231, 0xe7}], 0x1, 0x0) 23:13:20 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500000004060000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:13:20 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r1, 0x2007fff) recvmmsg(r0, &(0x7f0000006fc0)=[{{0x0, 0x0, &(0x7f0000001600)=[{&(0x7f0000007240)=""/224, 0xe0}, {&(0x7f0000000040)}, {&(0x7f0000000200)=""/190, 0xbe}, {&(0x7f0000000080)=""/41, 0x29}, {&(0x7f00000002c0)=""/240, 0xf0}, {&(0x7f00000003c0)=""/118, 0x76}, {&(0x7f0000000440)=""/4096, 0xfffffd40}, {&(0x7f0000000100)=""/106, 0x6a}, {&(0x7f00000014c0)=""/59, 0x3b}, {&(0x7f0000001500)=""/203, 0xcb}], 0xa, &(0x7f00000016c0)=""/81, 0x51}, 0x2}, {{&(0x7f0000001740)=@in={0x2, 0x0, @broadcast}, 0x80, &(0x7f0000001c40)=[{&(0x7f0000002040)=""/4096, 0x1000}, {&(0x7f00000017c0)=""/180, 0xb4}, {&(0x7f0000001880)=""/71, 0x47}, {&(0x7f0000004980)=""/202, 0xca}, {&(0x7f0000001a00)=""/184, 0xb8}, {&(0x7f0000001ac0)=""/184, 0xb8}, {&(0x7f0000001b80)=""/175, 0xaf}], 0x7, &(0x7f0000001cc0)=""/199, 0xc7}, 0x3ff}, {{&(0x7f0000001dc0)=@tipc=@name, 0x80, &(0x7f0000001f00)=[{&(0x7f00000048c0)=""/171, 0xab}], 0x1, &(0x7f0000003040)=""/4096, 0x1000}, 0x7}, {{&(0x7f0000001f40)=@nl=@proc, 0x80, &(0x7f00000042c0)=[{&(0x7f0000004040)=""/100, 0x64}, {&(0x7f00000040c0)=""/122, 0x7a}, {&(0x7f0000004140)=""/149, 0x95}, {&(0x7f0000001fc0)=""/44, 0x2c}, {&(0x7f0000004200)=""/128, 0x80}, {&(0x7f0000004280)=""/21, 0x15}], 0x6, &(0x7f0000004340)=""/87, 0x57}, 0x7fff}, {{&(0x7f00000043c0)=@l2tp={0x2, 0x0, @remote}, 0x80, &(0x7f0000004580)=[{&(0x7f0000004440)=""/148, 0x94}, {&(0x7f0000008340)=""/102400}, {&(0x7f0000004540)=""/26, 0x1a}], 0x3, &(0x7f00000045c0)=""/126, 0x7e}, 0x3f}, {{&(0x7f0000004640)=@rc={0x1f, @fixed}, 0x80, &(0x7f00000046c0), 0x0, &(0x7f0000004700)=""/162, 0xa2}, 0x7}, {{&(0x7f00000047c0)=@vsock, 0x80, &(0x7f0000006c00)=[{&(0x7f0000004840)=""/105, 0x69}, {&(0x7f00000058c0)=""/4102, 0x1000}, {&(0x7f00000058c0)}, {&(0x7f0000007340)=""/4096, 0x1000}, {&(0x7f0000006900)=""/93, 0x5d}, {&(0x7f0000006980)=""/199, 0xc7}, {&(0x7f0000006a80)=""/12, 0xc}, {&(0x7f0000006ac0)=""/148, 0x94}, {&(0x7f0000006b80)=""/98, 0x62}], 0x9, &(0x7f0000006cc0)=""/231, 0xe7}, 0xfffffffc}, {{&(0x7f0000006dc0)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @ipv4={""/10, ""/2, @dev}}}}, 0x80, &(0x7f0000006ec0)=[{&(0x7f0000006e40)=""/117, 0x75}], 0x1, &(0x7f0000006f00)=""/163, 0xa3}, 0x1}], 0x8, 0x0, &(0x7f00000071c0)={0x0, 0x989680}) sendfile(r2, r1, &(0x7f0000007200)=0xfa9e, 0x1) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) r4 = dup(r2) ioctl$FS_IOC_GETFLAGS(r4, 0x80086601, &(0x7f0000000040)) sendfile(r3, r1, 0x0, 0x201000) r5 = openat(r1, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r6 = openat2(r5, &(0x7f00000001c0)='./bus\x00', &(0x7f0000001440)={0x48000, 0x80, 0x14}, 0x18) sendfile(r6, r0, &(0x7f0000001480)=0x6, 0x8) sendfile(r0, r5, 0x0, 0x80000001) r7 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r7, 0x2007fff) open(&(0x7f0000000180)='./bus\x00', 0x101000, 0x16) r8 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r9 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r8, r9, 0x0, 0x80000001) 23:13:20 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 40) [ 1342.429646][T12307] loop2: detected capacity change from 0 to 1 [ 1342.439559][T12310] FAULT_INJECTION: forcing a failure. [ 1342.439559][T12310] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1342.452827][T12310] CPU: 0 PID: 12310 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1342.462787][T12310] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1342.472849][T12310] Call Trace: [ 1342.476139][T12310] [ 1342.479060][T12310] dump_stack_lvl+0xd6/0x122 [ 1342.483713][T12310] dump_stack+0x11/0x1b [ 1342.487858][T12310] should_fail+0x23c/0x250 [ 1342.492278][T12310] __alloc_pages+0x102/0x330 [ 1342.496867][T12310] alloc_pages_vma+0x5ee/0x770 [ 1342.501691][T12310] ? lru_cache_add+0x37/0x50 [ 1342.506502][T12310] do_anonymous_page+0x169/0x8d0 [ 1342.511514][T12310] ? cgroup_rstat_updated+0x34/0x100 [ 1342.516868][T12310] ? __rcu_read_unlock+0x5c/0x290 [ 1342.521996][T12310] handle_mm_fault+0x814/0x1590 [ 1342.526846][T12310] ? _raw_spin_unlock+0x2e/0x50 [ 1342.531698][T12310] __get_user_pages+0x388/0xc80 [ 1342.536752][T12310] __get_user_pages_remote+0x17f/0x610 [ 1342.542222][T12310] ? iovec_from_user+0x2a6/0x2e0 [ 1342.547223][T12310] pin_user_pages_remote+0x58/0x80 [ 1342.552478][T12310] process_vm_rw_single_vec+0x17d/0x460 [ 1342.558090][T12310] process_vm_rw+0x3a2/0x540 [ 1342.562740][T12310] __x64_sys_process_vm_writev+0x76/0x90 [ 1342.568469][T12310] do_syscall_64+0x44/0xa0 [ 1342.572886][T12310] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1342.578790][T12310] RIP: 0033:0x7fede691aae9 [ 1342.583280][T12310] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1342.602890][T12310] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1342.611435][T12310] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1342.620442][T12310] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 00000000000024a2 23:13:20 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 41) [ 1342.628463][T12310] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 [ 1342.636523][T12310] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1342.644715][T12310] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1342.652699][T12310] 23:13:20 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887774720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:13:20 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x20103d) 23:13:21 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) clock_nanosleep(0x4, 0x0, &(0x7f0000000040), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) [ 1342.727283][T12307] loop2: detected capacity change from 0 to 1 23:13:21 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500000000070000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1342.815599][T12517] FAULT_INJECTION: forcing a failure. [ 1342.815599][T12517] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1342.828932][T12517] CPU: 0 PID: 12517 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1342.838811][T12517] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1342.848866][T12517] Call Trace: [ 1342.852142][T12517] [ 1342.855069][T12517] dump_stack_lvl+0xd6/0x122 [ 1342.859726][T12517] dump_stack+0x11/0x1b [ 1342.863876][T12517] should_fail+0x23c/0x250 [ 1342.868285][T12517] __alloc_pages+0x102/0x330 [ 1342.872900][T12517] alloc_pages_vma+0x5ee/0x770 [ 1342.877783][T12517] ? lru_cache_add+0x37/0x50 [ 1342.882502][T12517] do_anonymous_page+0x169/0x8d0 [ 1342.887436][T12517] ? cgroup_rstat_updated+0x34/0x100 [ 1342.892802][T12517] ? __rcu_read_unlock+0x5c/0x290 [ 1342.897986][T12517] handle_mm_fault+0x814/0x1590 [ 1342.902946][T12517] ? _raw_spin_unlock+0x2e/0x50 [ 1342.907808][T12517] __get_user_pages+0x388/0xc80 [ 1342.912674][T12517] __get_user_pages_remote+0x17f/0x610 [ 1342.918192][T12517] ? iovec_from_user+0x2a6/0x2e0 [ 1342.923222][T12517] pin_user_pages_remote+0x58/0x80 [ 1342.928372][T12517] process_vm_rw_single_vec+0x17d/0x460 [ 1342.933987][T12517] process_vm_rw+0x3a2/0x540 [ 1342.938605][T12517] __x64_sys_process_vm_writev+0x76/0x90 [ 1342.944283][T12517] do_syscall_64+0x44/0xa0 [ 1342.948773][T12517] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1342.954794][T12517] RIP: 0033:0x7fede691aae9 [ 1342.959215][T12517] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1342.978835][T12517] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1342.987258][T12517] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1342.995223][T12517] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 00000000000024a4 [ 1343.003189][T12517] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 23:13:21 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 42) [ 1343.011168][T12517] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1343.019133][T12517] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1343.027118][T12517] 23:13:21 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa50000000000000088777a720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:13:21 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) timer_create(0x5, &(0x7f0000000080)={0x0, 0x36, 0x0, @thr={&(0x7f0000000100)="72392d8c601d0bfdaa9d1b543f09f98137ea001d57b3373356c70df085fff5ae733ef16c05da409d0425b20c15eb2ba02d09ce63163003b350c68f47c0535997e77b1173b7700b51607da672a0fc29fe3789ad0767198b279615ff3934f76c075f4fcd6e0358da1ad05a9c083ea6b3e9291e2a5a8203a20595f90829b671b8f5d375c792299f1c5a16e9609e6903a9e5a8d3", &(0x7f0000000280)="da9461554057642ac26ee2a5881a517c8d549e7ce7703fe20b19bfd200b653f8c9bace8f002f99add0de5a5cbd1a9e94586b2e7bb766f14a1d7edb2c8506a7419e5b87b68477f0462eeeb7d3cce6ba0801100ed7d636011be19a623f2307f0ebe0790e0187824f17362a8465490889377af2d57a0f2aea27d943cf76376b9a0062c81ada49441ea7a686003c3a202a703057f00dc68fde50"}}, &(0x7f00000001c0)=0x0) timer_settime(r3, 0x0, &(0x7f0000000200)={{0x77359400}}, &(0x7f0000000240)) [ 1343.154374][T12626] loop2: detected capacity change from 0 to 1 [ 1343.181742][T12627] FAULT_INJECTION: forcing a failure. [ 1343.181742][T12627] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1343.195167][T12627] CPU: 0 PID: 12627 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1343.205151][T12627] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1343.215414][T12627] Call Trace: [ 1343.218695][T12627] [ 1343.221631][T12627] dump_stack_lvl+0xd6/0x122 [ 1343.226308][T12627] dump_stack+0x11/0x1b [ 1343.230489][T12627] should_fail+0x23c/0x250 [ 1343.234995][T12627] __alloc_pages+0x102/0x330 [ 1343.239673][T12627] alloc_pages_vma+0x5ee/0x770 [ 1343.244504][T12627] ? lru_cache_add+0x37/0x50 [ 1343.249299][T12627] do_anonymous_page+0x169/0x8d0 [ 1343.254263][T12627] ? cgroup_rstat_updated+0x34/0x100 [ 1343.259595][T12627] ? __rcu_read_unlock+0x5c/0x290 [ 1343.264693][T12627] handle_mm_fault+0x814/0x1590 [ 1343.269956][T12627] ? _raw_spin_unlock+0x2e/0x50 [ 1343.274820][T12627] __get_user_pages+0x388/0xc80 [ 1343.279685][T12627] __get_user_pages_remote+0x17f/0x610 [ 1343.285227][T12627] ? iovec_from_user+0x2a6/0x2e0 [ 1343.290535][T12627] pin_user_pages_remote+0x58/0x80 [ 1343.295691][T12627] process_vm_rw_single_vec+0x17d/0x460 [ 1343.302947][T12627] process_vm_rw+0x3a2/0x540 [ 1343.307595][T12627] __x64_sys_process_vm_writev+0x76/0x90 [ 1343.313495][T12627] do_syscall_64+0x44/0xa0 [ 1343.317929][T12627] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1343.323905][T12627] RIP: 0033:0x7fede691aae9 [ 1343.328330][T12627] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1343.348022][T12627] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1343.356428][T12627] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1343.364386][T12627] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 00000000000024a6 [ 1343.372422][T12627] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 [ 1343.380377][T12627] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1343.388334][T12627] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1343.396374][T12627] 23:13:21 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 43) [ 1343.430219][T12626] loop2: detected capacity change from 0 to 1 [ 1343.531660][T12839] FAULT_INJECTION: forcing a failure. [ 1343.531660][T12839] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1343.545067][T12839] CPU: 1 PID: 12839 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1343.554955][T12839] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1343.565082][T12839] Call Trace: [ 1343.568359][T12839] [ 1343.571368][T12839] dump_stack_lvl+0xd6/0x122 [ 1343.576014][T12839] dump_stack+0x11/0x1b [ 1343.580282][T12839] should_fail+0x23c/0x250 [ 1343.584728][T12839] __alloc_pages+0x102/0x330 [ 1343.589311][T12839] alloc_pages_vma+0x5ee/0x770 [ 1343.594077][T12839] ? lru_cache_add+0x37/0x50 [ 1343.598751][T12839] do_anonymous_page+0x169/0x8d0 [ 1343.603758][T12839] ? cgroup_rstat_updated+0x34/0x100 [ 1343.609183][T12839] ? __rcu_read_unlock+0x5c/0x290 [ 1343.614290][T12839] handle_mm_fault+0x814/0x1590 [ 1343.619199][T12839] ? _raw_spin_unlock+0x2e/0x50 [ 1343.624061][T12839] __get_user_pages+0x388/0xc80 [ 1343.628966][T12839] __get_user_pages_remote+0x17f/0x610 [ 1343.634473][T12839] ? iovec_from_user+0x2a6/0x2e0 [ 1343.639427][T12839] pin_user_pages_remote+0x58/0x80 [ 1343.644705][T12839] process_vm_rw_single_vec+0x17d/0x460 [ 1343.650348][T12839] process_vm_rw+0x3a2/0x540 [ 1343.654955][T12839] __x64_sys_process_vm_writev+0x76/0x90 [ 1343.660591][T12839] do_syscall_64+0x44/0xa0 [ 1343.665026][T12839] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1343.670926][T12839] RIP: 0033:0x7fede691aae9 [ 1343.675341][T12839] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1343.695162][T12839] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1343.703722][T12839] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1343.711869][T12839] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 00000000000024a8 [ 1343.719956][T12839] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 23:13:21 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) setxattr$trusted_overlay_origin(&(0x7f0000000040)='./bus\x00', &(0x7f0000000080), &(0x7f0000000100), 0x2, 0x3) rename(&(0x7f0000000140)='./bus\x00', &(0x7f0000000180)='./bus\x00') sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x149842, 0x1) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x80000001) r5 = pidfd_getfd(r3, 0xffffffffffffffff, 0x0) ioctl$SG_IO(r5, 0x2285, &(0x7f0000000300)={0x53, 0xfffffffffffffffb, 0x0, 0x3, @buffer={0x0, 0x8, &(0x7f00000001c0)=""/8}, 0xfffffffffffffffd, &(0x7f0000000200)=""/134, 0x0, 0x10037, 0xffffffffffffffff, &(0x7f00000002c0)}) r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000380)='net/llc/core\x00') ioctl$BTRFS_IOC_GET_DEV_STATS(r5, 0xc4089434, &(0x7f00000003c0)={0x0, 0x4, 0x1, [0x9, 0x1ff, 0x7, 0x9, 0x5], [0x101, 0x8001, 0xfffffffffffffffd, 0x4, 0x580, 0x465, 0x0, 0x8, 0x3b0, 0x1ff, 0x9, 0x6, 0x53, 0x8, 0x7ff, 0xd8, 0x5, 0x3, 0x7, 0x1, 0x8, 0x1, 0x4, 0x7, 0x7, 0x2, 0x8, 0x7, 0x0, 0x80, 0x3, 0x5, 0xfffffffffffffff9, 0x2, 0x5, 0x3f8, 0xffffffff, 0x3, 0x8, 0xe77f, 0x7f, 0x9d, 0x100000001, 0x3, 0x9, 0x5, 0x4, 0x3d, 0x4, 0xec9a, 0x2, 0xff, 0x5, 0x6, 0x4, 0x24, 0x0, 0x3, 0x8, 0x9, 0x100, 0x6, 0x1, 0x3, 0x4, 0x7, 0x4, 0xffff, 0xffffffffffff4939, 0xd625, 0x0, 0x3, 0x6, 0x5, 0xf2f, 0x8a5b, 0x5, 0x1, 0x3c77d363, 0x9, 0x7ff, 0x3, 0x80000000, 0x9, 0x1, 0x20, 0x2, 0x4, 0x1, 0x7, 0x6, 0x2, 0x7, 0xfffffffffffffff8, 0x81, 0x1, 0x1, 0x4, 0xffff, 0x800, 0x100000001, 0x7, 0x9, 0xce9, 0xf69, 0x0, 0x9, 0xfffffffffffffff9, 0x0, 0x20, 0x40, 0x8001, 0x1, 0x3, 0x0, 0xb2f, 0x0, 0x7fffffff, 0x5, 0x7, 0x6]}) ioctl$BTRFS_IOC_GET_DEV_STATS(r6, 0xc4089434, &(0x7f0000000800)={r7, 0x7, 0x1, [0x5, 0xffffffffffff8000, 0x7, 0x6, 0x80000000], [0x2, 0x3, 0x9, 0x400, 0x80, 0x4388a5ea, 0x7, 0x4d66, 0xffffffffffffffff, 0x8, 0x3, 0x3c, 0x6, 0x5, 0xfff, 0x400, 0x56, 0x6610, 0xffffffff, 0x2, 0x9, 0xffffffffffffffa7, 0x96d, 0x1, 0x1, 0xffff, 0x401, 0xfffffffffffffc01, 0x8, 0x6, 0x1, 0x1a, 0x6, 0x4, 0xe8, 0x1000, 0x9, 0x3, 0x3, 0x5, 0x200, 0x2, 0x7, 0x2, 0x100000001, 0x0, 0x4a48, 0x5, 0x4, 0x10000, 0x10000, 0x7, 0x40, 0x5, 0x9, 0xfff, 0x9, 0x0, 0x1, 0x100000000, 0x8, 0xfff, 0x9, 0x9, 0x4, 0x7fffffff, 0x2, 0x9, 0x1, 0xd296, 0x100000000, 0x100000001, 0x1ff, 0x3ff, 0x1, 0x4, 0x0, 0x1000000000000000, 0x100000001, 0x1, 0xfffffffffffffff8, 0xe9d, 0x8, 0x1000, 0x7, 0xff, 0xea, 0x0, 0xfffffffffffffffb, 0x0, 0x3, 0x7, 0xfff, 0x40, 0x5, 0x1, 0x3, 0x5, 0x1f, 0x6, 0xffffffffec017735, 0x10000, 0x6, 0xf11, 0x7, 0x2, 0xffffffffffffffe0, 0x400, 0x4, 0x3, 0x100000001, 0x2, 0x3, 0xf558, 0x9, 0x40, 0x0, 0x6, 0x0, 0x2, 0x5]}) 23:13:21 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa5000000000000008877fe720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:13:21 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x20103e) 23:13:21 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500000000080000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:13:21 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) timer_settime(r0, 0x0, &(0x7f0000000140)={{0x0, 0x3938700}}, 0x0) r1 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) timer_settime(r3, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) timer_settime(r3, 0x1, &(0x7f00000001c0)={{0x0, 0x3938700}}, &(0x7f0000000240)) timer_create(0x7, &(0x7f0000000040)={0x0, 0xf, 0x4, @tid=r1}, &(0x7f0000000080)) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r2, 0x0, &(0x7f0000000500)={{}, {0x0, r4+60000000}}, 0x0) process_vm_writev(r1, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:13:22 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 44) [ 1343.727924][T12839] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1343.736087][T12839] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1343.744060][T12839] 23:13:22 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887700720230b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1343.946406][T12846] loop2: detected capacity change from 0 to 1 [ 1343.959406][T12847] FAULT_INJECTION: forcing a failure. [ 1343.959406][T12847] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1343.972756][T12847] CPU: 1 PID: 12847 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1343.982839][T12847] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1343.992883][T12847] Call Trace: [ 1343.996257][T12847] [ 1343.999183][T12847] dump_stack_lvl+0xd6/0x122 [ 1344.003788][T12847] dump_stack+0x11/0x1b [ 1344.007975][T12847] should_fail+0x23c/0x250 [ 1344.012425][T12847] __alloc_pages+0x102/0x330 [ 1344.017017][T12847] alloc_pages_vma+0x5ee/0x770 [ 1344.021777][T12847] ? lru_cache_add+0x37/0x50 [ 1344.026376][T12847] do_anonymous_page+0x169/0x8d0 [ 1344.031313][T12847] ? cgroup_rstat_updated+0x34/0x100 [ 1344.036936][T12847] ? __rcu_read_unlock+0x5c/0x290 [ 1344.041962][T12847] handle_mm_fault+0x814/0x1590 [ 1344.046902][T12847] ? _raw_spin_unlock+0x2e/0x50 [ 1344.051810][T12847] __get_user_pages+0x388/0xc80 [ 1344.056748][T12847] __get_user_pages_remote+0x17f/0x610 [ 1344.062200][T12847] ? iovec_from_user+0x2a6/0x2e0 [ 1344.067216][T12847] pin_user_pages_remote+0x58/0x80 [ 1344.072341][T12847] process_vm_rw_single_vec+0x17d/0x460 [ 1344.077912][T12847] process_vm_rw+0x3a2/0x540 [ 1344.082518][T12847] __x64_sys_process_vm_writev+0x76/0x90 [ 1344.088206][T12847] do_syscall_64+0x44/0xa0 [ 1344.092631][T12847] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1344.098959][T12847] RIP: 0033:0x7fede691aae9 [ 1344.103456][T12847] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1344.123075][T12847] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1344.131487][T12847] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1344.139451][T12847] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 00000000000024aa 23:13:22 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 45) [ 1344.147456][T12847] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 [ 1344.155436][T12847] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1344.163404][T12847] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1344.171371][T12847] 23:13:22 executing program 1: r0 = gettid() process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0) r1 = gettid() process_vm_writev(r1, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0) timer_create(0x3, &(0x7f00000000c0)={0x0, 0x15, 0x4, @tid=r1}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r2 = gettid() timer_settime(0x0, 0x1, &(0x7f0000000040)={{0x0, 0x3938700}}, &(0x7f0000000080)) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000100)=0x0) timer_create(0x5, &(0x7f0000000140)={0x0, 0x34, 0x4, @tid=r3}, &(0x7f0000000180)) timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r4, 0x0, &(0x7f0000000500)={{}, {0x0, r5+60000000}}, 0x0) process_vm_writev(r2, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:13:22 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201045) [ 1344.217456][T12846] loop2: detected capacity change from 0 to 1 23:13:22 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500000000090000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:13:22 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887700720330b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1344.444023][T13064] FAULT_INJECTION: forcing a failure. [ 1344.444023][T13064] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1344.457282][T13064] CPU: 1 PID: 13064 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1344.467088][T13064] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1344.477152][T13064] Call Trace: [ 1344.480485][T13064] [ 1344.483418][T13064] dump_stack_lvl+0xd6/0x122 [ 1344.488088][T13064] dump_stack+0x11/0x1b [ 1344.492235][T13064] should_fail+0x23c/0x250 [ 1344.496725][T13064] __alloc_pages+0x102/0x330 [ 1344.501344][T13064] alloc_pages_vma+0x5ee/0x770 [ 1344.506189][T13064] ? lru_cache_add+0x37/0x50 [ 1344.510787][T13064] do_anonymous_page+0x169/0x8d0 [ 1344.515737][T13064] ? cgroup_rstat_updated+0x34/0x100 [ 1344.521027][T13064] ? __rcu_read_unlock+0x5c/0x290 [ 1344.526057][T13064] handle_mm_fault+0x814/0x1590 [ 1344.531002][T13064] ? _raw_spin_unlock+0x2e/0x50 [ 1344.535857][T13064] __get_user_pages+0x388/0xc80 [ 1344.540707][T13064] __get_user_pages_remote+0x17f/0x610 [ 1344.546173][T13064] ? iovec_from_user+0x2a6/0x2e0 [ 1344.551200][T13064] pin_user_pages_remote+0x58/0x80 [ 1344.556349][T13064] process_vm_rw_single_vec+0x17d/0x460 [ 1344.561903][T13064] process_vm_rw+0x3a2/0x540 [ 1344.566582][T13064] __x64_sys_process_vm_writev+0x76/0x90 [ 1344.572292][T13064] do_syscall_64+0x44/0xa0 [ 1344.576791][T13064] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1344.582693][T13064] RIP: 0033:0x7fede691aae9 [ 1344.587279][T13064] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1344.607128][T13064] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1344.615595][T13064] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1344.623648][T13064] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 00000000000024ac [ 1344.631627][T13064] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 [ 1344.639600][T13064] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1344.647616][T13064] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1344.655594][T13064] [ 1344.725964][T13167] loop2: detected capacity change from 0 to 1 [ 1344.789445][T13167] loop2: detected capacity change from 0 to 1 23:13:23 executing program 5: r0 = open(&(0x7f0000001440)='./bus\x00', 0x79f043, 0x1cb) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) syz_mount_image$nfs4(&(0x7f0000001400), &(0x7f0000000080)='./bus\x00', 0x3, 0x4, &(0x7f0000001380)=[{&(0x7f0000000100)="b6159d5f1677724a9c08a67dacd0ac379d88653360fb86a76bb15b8c738b3f342bba6b736109c54684330b1227ddc943f50c1139b616f592e5a822aa2a2c68821cda6220f8807b898c3e878fc841ee157935af95b27b532b30ee7c6810b1d1692d43bb61f1ae53398a2aed191024dac28f79635782578216a36f205b757cc84bb6afe4ee1bb10e6bcee8436769a7a30952e5665e70216cc6d3aa4200a21df83e4de9e6dbaf92b41f4bd877c774623d58119e20bbaba87e4f5343e295b07ace40988ce5d7acd83f918b40eb6557c7c9b7f9fbcd6ff7ecd1236b8eae857e8a2178593fe4bf8dfc8a92e5ccf5aba891141e96b20f", 0xf3, 0x7}, {&(0x7f0000000200)="079785b57b3b89da97561221b076825898c440d60580dc88130905113603440aa5ff07850e5c64cd01a9471a45a9d07c825d1f009e5768fd2fd35b5cd6f42715e5654ca5cda62025a40a001bd4209d89b3d3c2035a2c9920ab22caae3a3cbe647a785aed8cb19a0d05b02f5cd06ee46d979657e017d060960eece31ed1a1761343d2ad8de7006240f45f05a9e83bc9ad030bb8577c54145222f4ff3c0bb6dc07d68352443a4713d39530a7216e497092a48af2f3661ce6226d41a104e076a2280f2d19babb5b65dbe6d387bdd11a3bc31e40cbf65d9a005e47e4f4d53876b1f73779733406b324bc422eb15b2e3ac3ed32222723cd1d81cc19b7aa00b0184cf6d90a657d8611369eb0e7dfb03884d83593babe29a1b24c7bc8dd2ae1773334eb8c33dd6ab0843185b1c060b827032a96a6cb6fa2c34505122094ce1e8dc40aa7733f3e077b4b863570e5b27c27c7991a53321088bd077ae590ddfca308d6c9223813a61cf61142367fc29a3cf8d74464e127490725293a004165abb5033c1f40f90a219714428bcc096ff6a96556d581266baf76d0dd0c747aaa75fb3bcee3eb582d3821da992f77721b757bc697f463969ec5405ab37cc36947abfa4c9f37ecfbb43cc45d945fa2835eeff53e6aa08f421f52f47c4ad4c932682a09d375895c1f94bd9441134ae54c62960241075ff45ea120173d58988b1bb34f1d2102e506edd53f1f611b0767a8c8495e20fbf1c3be4d6ca3d697b056595c8f5dff8bc7bbcb44348c69393e315274b6697303731f51e3fba622a97ffff5a8ad31dc9291d81b2555901b1c85ead1ae9159b1729000531cd1522512fd95fa72cb5aa531a2a0b1d8e88cc347e1113ca3feac1a8b2e61e778eaac9cd299564085d3d03f3ce1ea64e8ac586389f73ba9887ff15ed4b9a19d190bc0ee7d3fbb9f65cccd9d8d6cbae772117c1cf002b17f7ac64a1bd95896bf1b30924e73badb993cc9afb784fc6fdcf08c51f1f5c1817399a47c68310cce8252955395be2b6e8e677dc197b47de462f0ac39f4df8bc928371112449d238d68d8ec39e955666cd94b9fa1b81d0e3578b0e65b5e512c2ebbc2d4bd6792958990e0c9a63c473d75a94acd2ad4c22400f0d70728fe3b729729e01961783b4fe6fb973a92266a978616464aefe024faab99c51801594766c22da603dc6b9f80c4fa434823ae9ce99ea27baf4171fd69690ab89957645cb0ad7dd92204df7e67365b6f01893e10c2a9ee668576df4e77bb95c4e39a30ce584a16a03efad36ad388b5d38b6f9e699b17d077a60cb5697b2ce1db21860b74b2afa152e1f39537a7bfecf7face8397d6938e7b1ece20e4fc90a9663726a490aa399e3379c287fce9dd9625f7b17b2cf503e61f4ea8b8887106d9a4eaaa95208a35dd8411e3186c35a45011677c16005305749d324de128897cbaa0f9c6d219ccd8874fc66539ad81a5d43df0410fdb14967666bd205d9e7f903ecda4263a9ce9c1d4993f0b947552671f43cc8472d304a4ff53eaedd701986e7ab82c7ca6714fe4e8ac488bf63f19584cbadc565af2d282757dc425de51a56e9a3a62a93eb6049167ecdacf3c62c027b7775b70ee15b2090a0c37218fa63a337a90fc6bc27c41141ea4d0f879526ec89e906b0544afcd4df3c4d11a8d6543efae0a64a68b23536dc661d1577e4669ce48b22e47980909ac216dad872537d75998d584be1565a812368d27385a4f46e3089312d3f93de7ebbf7103b8ff69e64ec6437e5b3b72679e8b6610ad7c71290e20e465d828d5dc2a9aaa51af7084271d16618e836d19b2d2803ae74e2739be4897eb33483a8cf4661551ff7eea351d5d95608fe236d15d882f1ae32651696d02e3d32039e4660a7829515bd7bf125ab457cb7dc063fe9c2ddc11662f8bfa8e004666f215d10cdd292f884d01a90575910833153ba787208e45493b2bb773da364e63e09ff17c2baedb3416af926163b1ffbf9f59ab61acdbea246eaf5cdf8c35cab42223d65a03585a6893b01d74fd078db692c44dab72fbf4f7a03db90d2a3e32f62e134374c2f5e975a34355e8b07486e20a93a348b6878643718c068d6d33c89a5ec2ced70e9779bb030786d10adba7eb2e43a25288fd8bfd6cd723d3f29b2151b21cc4d78a37163272c617f89e0aea416b714cda847d7c7c9ee6e617441415112f121b43ac404d9e09073323c968aecf12d7d9e5c692998e14867ad412b3838d110a0e2cd444a77ec29baec26f46a6cd7db65a6f9be8fd3a347343f5b6aac6be4894c1b60311ca0f5f4757147749a1402dc52e9ee46578f6ee87ae2aaa49cff9742517bc1e96f5026a98ca36041804f28a1b3bda3eff471b40aa24e4c882f4cb43122db006ac2fd41245b1f54d07eef630c894253eec04a2f48af036cc4ac16a0cedb7202de778b91c7e8e5f7cc47895a06cc9470629e2c345dfa5150f67ece252f9a85552c194bd65003340c0e7c3c506203f10ec2d3b49b47d59f499a96c12f172f36f9f7cc25d17f93c66c2a0a685f83e4018445099e78af10d80c7e6bd1888037a5687a5ea2904c31ebe70dce999d04577c355e3ce75d763577906d2fcc1a30b15c0d086049d4713f06022d8f701e84c7d76ca60aab82c3e0dd8d18f2b0ca6a58b379935934ee9a4f86b12cd0b5442b5ad7389844bb15d8681165d0e34d48867512204fab77774d8bccb8740a95edbabf774444eb0d829bb013738e8ec242c6f8146536751a3f2ffbc7e991f4e718ca710c9dde2bd95039d4040f5946de10c02d4724e6e7452a49d8f65c8d57dd7a5b474d7ae7231b4e4d4f26996ca28593491e9f5f5e25ef873d74109c60f278c3cfe5a55313ce5026dc2e0bf768b9be5e9dc7b42684696cffad1f157fc2760fed73e1e656b9473629ad10766a4f596d4983bb3020e2dc63c2adfd9bef54ec9c8ac2c4c31dd0ee95cb60a518bf13977475b9e1d865acf9ed17c5d346155aebe2a04455e9ebe5b8470746ae7e2fc432aa91ead2307ade1931d7f4337abe3bbd1977df2800fb415b23135d0bc3c7f27de3b675df959b4d62355b990a94b7e0bde46ac614d18b59e89cbfeefaccf7f0bcdba68ead7ccb8eccd7274d87e717edfb66ada86de1c2e50a2861736f572295fdd97054d5d14dba7f11cdd5bb1b78996d59ba63aa1b9d7c76562d952c739af97cef1fdbd70936ea3759b4cae0bf7829abdb2756f6c27f53dfe9ea297bb098bbbdb6a9f69ae60016111f7481eb72ec66582ccad7e02b92e6ce98a5aeb08bea1be916deb8e5f4c4ce34d90e12931842b1d8b37416283ba2cf0f10b1cd0f5e926e2301bc154829ff271cc4e5de94a1273b4fe7d689aae09b39619534fd552ce0bc1c1b09df7b5fe1a80b89c6ab0d1aa82a3c922e85ec5675846c91d0e8dc4fe92a0d45a9af84808b59f3fb6f5548e2c1969c0af80de204f3d824bfab8100ab01d7acd8152c2221d9fb93bd0dfee4fcfa7760db607e560a12c63a4f9b181b05001aaec5c1066bd7752c19f8b2b10a1083f34b41f4db3c1e69927594fa25f710ec6be6b5e03f85da6b38e3ed93b951e4f7a59f5aa9cf431b4e11e7c9f564ee644e06ebfea21f7b5bf8e47e1f09e5f165428da2d6711af338c43bef71594895eacc334468ece82f05028a3bf8d28e951d0931e95372160660dbf7d983265d492c74e5376bfc82a57799c8ae864e25ddabbf94d6e6c1a1caab3dbd77439103da9c09d0f9ae859e4dd16504a661324412c4ff56cbf99eebb5d20928ee2536d7217759f1978625e9c61d3951e83f4fde84bb94c5b698086e72926179ffcf6c046df806690b01c4d9e647b1edb54c758ed725f5fdca5d2c6b160e0782329af3bc6d04c13d2202b632aed0e83bf80243ce82c940bd2416a4f9175728d05f3d45ce74c21301e6f1b7d460d76bdbc7c13df4caaf01aa40517c0501012443c5a3dc8e8659d5b47145e9473c0eaa1ae91f078d5bf642397d99a710014e40f30cdf82793d23fb4067133b56fc40e3434dbd5704640e84398d0ecc96f3bc8188d0598e0ef230068611093f492f3d4b13518e5e170cc14620c05eb2f35524db69a288bfc9e666677d4b70dd5c97cab14edcfbc58c86b70261fdb47665b9d0b833ad4c0ff2dffce0d86d9ab284e08a904e01ec47d9ff642922a51b9c5e1568dc3872a9fc4f2d2719c7c762ad508861c98e3ed59df0b585334640d19b7fca81812372fa39dabbb7e20218c42c97baf7b6031bf94600c7053efddf5098a299245544cdd8fb100e7be34e02cdc62989a2b12cdbbe829ea14668af0cdf0f99e954af809b73524e9fdc86ae82658dae26db0cc7f0d392b18b70c1468fe1b44f515ed4d46a843712825c10e10f3e9002e7867a6afbcf908c99b12746826bee677565e358e837e34e25507a7aff6d3e42615ef575767412efe3f9d595e0cad872547d5f32dd46f33c7b4ac8321f627e3e4f5e094988bc7ea13f38f40a43bc9bd0855bf690b026445b7752ea56caeaaca57acc6ae42c8fcaa50fd92eda3bdfb0b8e5bc7279c1283981066459509ea19e41c5bf217acec0dfc9faecbbe0ae890467fbb62f40c1dfe9688ccf662ce4d67fd9413f962784b53e4cafab0eae0bb7bfe279c410943852d067781106d673f53a5ebfd2864d740da77fcba331a9d61b2c38cbeb1ca0ec37b2f086a7af63b0d1b8f5e1ab4264dd10f2297495da410baed093ac2e6d3f62f48fffc64cbdf34936246320398adce6ae42c9ebc31934f7a437a76a1056c998419e155ebcb31e483a305f3ed141ab1a163cadfd26facadc7b723f5395a2cb1943029939c9ae56dbca0214810e884841d4c45f32bd8445cbb6727f7c905116290b25abc53a795b2d7f139821789f445e173aa86a0b8c77558771a061fc453b4dba8ecce5166f4fd36b28dff620dfc4081f4f46525c8519bf4194f366a118c4037e8ac620525a07618be59c32ad050c3c975c701f8f2153d16b3c39b9f963337394a80e4990837c38be3c906d0a021280803ccfdb9143bbe210435fb78c1af8f7705cd4a6d56b090c836ba4aa85694b868a287885b9fdf0455c41737772cec55f16ebade15697e30528469b8b52318938a8f55705054a8d43e1e8bd87858e58a5d1ce5135df112bf2bdcdb14a1b4d22782ad03f5bc75bcfed57d429b3de61dd1e7c64dc8a73c57d205a19991a505da39ebbf48e1a0b102e389019637365d2e2cc88f756bb43ae83846bb969f5e6fb4ce5b997cf6cfc710bb71be688fe04c1878c31555ff8e4767bd483d9d2ff5771cbaf509a72b6babc400abbed8d4d5553ad1b0b5bba812a8e948c2d8fe4417fea9180722fb9ff246cadc3fd6c7af8394dc52270e2c3c309d5ec3e8e00b70614ed9fb34e39b7e7686abf5bf977124cdf83c34aca11333424f1d25d8062190ed906d9b9c73a47b162c6199210fb676ad9d63b1b7fe2b537ebe6e2c6c52582a30daa437a8d639b58f004939ac51ab05fabf669ec09106d680bdbbe727e3098900dc302565d4189f47778f7372ef6999c56cc396a3b1b56e70b2b1ca1a64dc5c4f6333eee1095d96254c4c12c00fdb5b7779fb0982ebbcadac7fe69645cf3399d0e32b9811f52e329d4789627bc13138a5ca0938e73cef67c200ac945f76b255a3fbfebadc8ef4276f3af42f756c33d68a2229b0ea1e9d43c6511881a1cc06e8bd59da581df5a8e7805605a5afeacfc74a29603aca62df4f4787f8a2cd7858de3978dabdc5d295ccf5f713b73b02e62b34b503b4a320b1ece46a84e1a74c96d431ca38be28a00638fb94ea12", 0xffffffffffffffef, 0x1}, {&(0x7f0000001200)="a58448d6a9a1b6a279577bd2e147fd602c267e00244594fc84e02feef8c16411de8229bad2bdc6c4d51c75577ca51ce86fa18c8fc0eabb7cddec5dde824ab06ca72a321f86f6f70858aa2d3911f05a252b392a3a110e4fb7068e329c54883bb8255d9ce87300a37d9f9629c7917f8f0c8598d75b0c02545324b5d1a7abf2b56e88b5f6088b24af07b43f56d5d3ed78f18be5eb32abdd7ffe8111a111ef3cc1cde58029569c64c70dfad00efdd9db645b146f33ff3df5c935a28337043c46eb86a3e893605d21698e4b60458a2d37fef7", 0xd0, 0x7}, {&(0x7f0000001300)="426a613608382b51f09dd31bd223145cb55bf5d832dca2506ff8bd4b4c1d97a96a2f9f7f216c296c9be873e44918e1e5dcacea3d6d54894c92d8c780e8c8ef6b93e1501f2b56762450883b53bb30c2a458e465eb9f4f46", 0x57, 0x8}], 0x4803808, &(0x7f0000001780)=ANY=[@ANYRES32]) r4 = openat(r3, &(0x7f0000000000)='/proc/self/exe\x00', 0x4000, 0x0) sendfile(r3, r4, 0x0, 0x80000001) 23:13:23 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 46) 23:13:23 executing program 1: r0 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r0, 0x2007fff) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r1, r0, 0x0, 0x201000) ioctl$GIO_UNISCRNMAP(r0, 0x4b69, &(0x7f0000000080)=""/33) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) ioctl$FS_IOC_GETFSLABEL(r2, 0x81009431, &(0x7f0000000100)) timer_create(0x1, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r3 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f0000000240)={0x0, 0x0}) clock_gettime(0x0, &(0x7f0000000280)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f00000002c0)={{r5, r6+10000000}, {r7, r8+60000000}}, &(0x7f0000000300)) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r4, 0x0, &(0x7f0000000500)={{}, {0x0, r9+60000000}}, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) timer_settime(r10, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) timer_settime(r10, 0x1, &(0x7f0000000200)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) process_vm_writev(r3, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:13:23 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887700720430b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:13:23 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa5000000000a0000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:13:23 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201046) [ 1345.120626][T13277] FAULT_INJECTION: forcing a failure. [ 1345.120626][T13277] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1345.133983][T13277] CPU: 1 PID: 13277 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1345.143841][T13277] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1345.153980][T13277] Call Trace: [ 1345.157256][T13277] [ 1345.160183][T13277] dump_stack_lvl+0xd6/0x122 [ 1345.164774][T13277] dump_stack+0x11/0x1b [ 1345.168930][T13277] should_fail+0x23c/0x250 [ 1345.173376][T13277] __alloc_pages+0x102/0x330 [ 1345.177974][T13277] alloc_pages_vma+0x5ee/0x770 [ 1345.182739][T13277] ? lru_cache_add+0x37/0x50 [ 1345.187455][T13277] do_anonymous_page+0x169/0x8d0 [ 1345.192492][T13277] ? cgroup_rstat_updated+0x34/0x100 [ 1345.197826][T13277] ? __rcu_read_unlock+0x5c/0x290 [ 1345.202857][T13277] handle_mm_fault+0x814/0x1590 [ 1345.207712][T13277] ? _raw_spin_unlock+0x2e/0x50 [ 1345.212564][T13277] __get_user_pages+0x388/0xc80 [ 1345.217624][T13277] __get_user_pages_remote+0x17f/0x610 [ 1345.223163][T13277] ? iovec_from_user+0x2a6/0x2e0 [ 1345.228190][T13277] pin_user_pages_remote+0x58/0x80 [ 1345.233475][T13277] process_vm_rw_single_vec+0x17d/0x460 [ 1345.239092][T13277] process_vm_rw+0x3a2/0x540 [ 1345.243801][T13277] __x64_sys_process_vm_writev+0x76/0x90 [ 1345.249435][T13277] do_syscall_64+0x44/0xa0 [ 1345.253872][T13277] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1345.259893][T13277] RIP: 0033:0x7fede691aae9 [ 1345.264304][T13277] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1345.284013][T13277] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1345.292540][T13277] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1345.300520][T13277] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 00000000000024ae [ 1345.308512][T13277] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 23:13:23 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 47) 23:13:23 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887700720530b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1345.316551][T13277] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1345.324870][T13277] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1345.332889][T13277] [ 1345.343575][T13278] loop2: detected capacity change from 0 to 1 [ 1345.427768][T13284] selinux_netlink_send: 159 callbacks suppressed [ 1345.427801][T13284] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=35144 sclass=netlink_xfrm_socket pid=13284 comm=syz-executor.4 [ 1345.451439][T13278] loop2: detected capacity change from 0 to 1 [ 1345.476724][T13284] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=34247 sclass=netlink_xfrm_socket pid=13284 comm=syz-executor.4 [ 1345.522417][T13284] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=53893 sclass=netlink_xfrm_socket pid=13284 comm=syz-executor.4 [ 1345.536707][T13288] FAULT_INJECTION: forcing a failure. [ 1345.536707][T13288] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1345.549971][T13288] CPU: 0 PID: 13288 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1345.559869][T13288] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1345.570025][T13288] Call Trace: [ 1345.573303][T13288] [ 1345.576251][T13288] dump_stack_lvl+0xd6/0x122 [ 1345.580853][T13288] dump_stack+0x11/0x1b [ 1345.585131][T13288] should_fail+0x23c/0x250 [ 1345.589614][T13288] __alloc_pages+0x102/0x330 [ 1345.594315][T13288] alloc_pages_vma+0x5ee/0x770 [ 1345.599159][T13288] ? lru_cache_add+0x37/0x50 [ 1345.603778][T13288] do_anonymous_page+0x169/0x8d0 [ 1345.608764][T13288] ? cgroup_rstat_updated+0x34/0x100 [ 1345.614126][T13288] ? __rcu_read_unlock+0x5c/0x290 [ 1345.619157][T13288] handle_mm_fault+0x814/0x1590 [ 1345.624012][T13288] ? _raw_spin_unlock+0x2e/0x50 [ 1345.629027][T13288] __get_user_pages+0x388/0xc80 [ 1345.633929][T13288] __get_user_pages_remote+0x17f/0x610 [ 1345.639391][T13288] ? iovec_from_user+0x2a6/0x2e0 [ 1345.644339][T13288] pin_user_pages_remote+0x58/0x80 [ 1345.649584][T13288] process_vm_rw_single_vec+0x17d/0x460 [ 1345.655337][T13288] process_vm_rw+0x3a2/0x540 [ 1345.660016][T13288] __x64_sys_process_vm_writev+0x76/0x90 [ 1345.665939][T13288] do_syscall_64+0x44/0xa0 [ 1345.670425][T13288] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1345.676358][T13288] RIP: 0033:0x7fede691aae9 [ 1345.680846][T13288] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1345.700622][T13288] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1345.709035][T13288] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 23:13:24 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887700720630b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:13:24 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa5000000000b0000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1345.717104][T13288] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 00000000000024b0 [ 1345.725169][T13288] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 [ 1345.733165][T13288] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1345.741213][T13288] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1345.749190][T13288] 23:13:24 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 48) [ 1345.792005][T13284] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=53481 sclass=netlink_xfrm_socket pid=13284 comm=syz-executor.4 [ 1345.832989][T13284] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=49 sclass=netlink_xfrm_socket pid=13284 comm=syz-executor.4 [ 1345.845841][T13284] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=61 sclass=netlink_xfrm_socket pid=13284 comm=syz-executor.4 [ 1345.858629][T13284] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=108 sclass=netlink_xfrm_socket pid=13284 comm=syz-executor.4 [ 1345.871834][T13284] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=103 sclass=netlink_xfrm_socket pid=13284 comm=syz-executor.4 [ 1345.885875][T13284] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=129 sclass=netlink_xfrm_socket pid=13284 comm=syz-executor.4 [ 1345.898836][T13284] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=161 sclass=netlink_xfrm_socket pid=13284 comm=syz-executor.4 [ 1345.970866][T13293] loop2: detected capacity change from 0 to 1 [ 1345.978942][T13294] FAULT_INJECTION: forcing a failure. [ 1345.978942][T13294] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1345.992182][T13294] CPU: 0 PID: 13294 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1346.001994][T13294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1346.012233][T13294] Call Trace: [ 1346.015643][T13294] [ 1346.018709][T13294] dump_stack_lvl+0xd6/0x122 [ 1346.023576][T13294] dump_stack+0x11/0x1b [ 1346.027837][T13294] should_fail+0x23c/0x250 [ 1346.032286][T13294] __alloc_pages+0x102/0x330 [ 1346.036905][T13294] alloc_pages_vma+0x5ee/0x770 [ 1346.041758][T13294] ? lru_cache_add+0x37/0x50 [ 1346.046369][T13294] do_anonymous_page+0x169/0x8d0 [ 1346.051355][T13294] ? cgroup_rstat_updated+0x34/0x100 [ 1346.056652][T13294] ? __rcu_read_unlock+0x5c/0x290 [ 1346.061693][T13294] handle_mm_fault+0x814/0x1590 [ 1346.066566][T13294] ? _raw_spin_unlock+0x2e/0x50 [ 1346.071654][T13294] __get_user_pages+0x388/0xc80 [ 1346.076559][T13294] __get_user_pages_remote+0x17f/0x610 [ 1346.082050][T13294] ? iovec_from_user+0x2a6/0x2e0 [ 1346.086997][T13294] pin_user_pages_remote+0x58/0x80 [ 1346.092299][T13294] process_vm_rw_single_vec+0x17d/0x460 [ 1346.097936][T13294] process_vm_rw+0x3a2/0x540 [ 1346.102540][T13294] __x64_sys_process_vm_writev+0x76/0x90 [ 1346.108182][T13294] do_syscall_64+0x44/0xa0 [ 1346.112606][T13294] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1346.118657][T13294] RIP: 0033:0x7fede691aae9 [ 1346.123074][T13294] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1346.142768][T13294] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1346.151220][T13294] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1346.159231][T13294] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 00000000000024b2 [ 1346.167377][T13294] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 [ 1346.175346][T13294] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1346.183752][T13294] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1346.191836][T13294] 23:13:24 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 49) 23:13:24 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201047) 23:13:24 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887700720730b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1346.268273][T13293] loop2: detected capacity change from 0 to 1 [ 1346.351712][T13400] FAULT_INJECTION: forcing a failure. [ 1346.351712][T13400] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1346.364972][T13400] CPU: 0 PID: 13400 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1346.374963][T13400] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1346.385034][T13400] Call Trace: [ 1346.388319][T13400] [ 1346.391256][T13400] dump_stack_lvl+0xd6/0x122 [ 1346.395860][T13400] dump_stack+0x11/0x1b [ 1346.400035][T13400] should_fail+0x23c/0x250 [ 1346.404495][T13400] __alloc_pages+0x102/0x330 [ 1346.409197][T13400] alloc_pages_vma+0x5ee/0x770 [ 1346.414033][T13400] ? lru_cache_add+0x37/0x50 [ 1346.418813][T13400] do_anonymous_page+0x169/0x8d0 [ 1346.423864][T13400] ? cgroup_rstat_updated+0x34/0x100 [ 1346.429202][T13400] ? __rcu_read_unlock+0x5c/0x290 [ 1346.434236][T13400] handle_mm_fault+0x814/0x1590 [ 1346.439100][T13400] ? _raw_spin_unlock+0x2e/0x50 [ 1346.443989][T13400] __get_user_pages+0x388/0xc80 [ 1346.448853][T13400] __get_user_pages_remote+0x17f/0x610 [ 1346.454319][T13400] ? iovec_from_user+0x2a6/0x2e0 [ 1346.459257][T13400] pin_user_pages_remote+0x58/0x80 [ 1346.464474][T13400] process_vm_rw_single_vec+0x17d/0x460 [ 1346.470045][T13400] process_vm_rw+0x3a2/0x540 [ 1346.474661][T13400] __x64_sys_process_vm_writev+0x76/0x90 [ 1346.480350][T13400] do_syscall_64+0x44/0xa0 [ 1346.484779][T13400] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1346.490738][T13400] RIP: 0033:0x7fede691aae9 [ 1346.495154][T13400] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1346.514829][T13400] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1346.523332][T13400] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1346.531312][T13400] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 00000000000024b4 [ 1346.539396][T13400] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 [ 1346.547374][T13400] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1346.555414][T13400] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1346.563388][T13400] 23:13:26 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa5000000000c0000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:13:26 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) syz_mount_image$nfs(&(0x7f0000000040), &(0x7f0000000080)='./bus\x00', 0x80000001, 0x3, &(0x7f00000002c0)=[{&(0x7f0000000100)="e09c6fc3565f3b1fc46414d4021f4ee440c3133d1e97ff063e7e4f50df7ced549e2053af03a972343482230f1552c18c1a7d746f533e9906f8", 0x39, 0x9}, {&(0x7f0000000140)="5a67dec501526112099049d03690fd44743028489db42cce3dbe61a2f20d6437f5cc21690a50c9df91ca04355f09f24cf38da6c78120c43797b35fc79c700795ec411dc081a0c25b8b8fea045edf59a8037b70d5de6abb97199fcf58f936bb7750d74d049d5cb7c0dbae7237aa78b6349e3135027c49e7cc8c379ec782b1be05f9450eac8cfe29f82c8a6efb72c82402851a07fecd493d6466ec144c1bdfb16a69d55cb039b0ab9fcde16d30740cf8fe4082658dbfe4b0bd12ac2ec6f162cc2afbd5bc771fb1a95331de468c3fb2bf", 0xcf, 0x1}, {&(0x7f0000000240)="5e506bddc7d85e911a8872e266feebcbf70a6621e5bbf7ca490a1ec890df4bb0ed70782785eb7c16614d839ee11a78be42f53fbe7aa6f68166975d710062a1a5a50f550972f79a8238ab91b3a9157c9be6189f5ea59d5868b3c0dc892107f09da33876f3ac2deb1f", 0x68, 0xea}], 0x1000000, &(0x7f0000000340)={[{']:\xf7$#,^-'}, {'[%\xf1\\-!'}, {}, {'(%'}, {}], [{@subj_role}]}) ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000000)={0x0, 0x0, {}, {0x0, @struct, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @struct}, {0x0, @struct, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}}) clone(0x80100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000380)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0, 0x29}, {&(0x7f0000001880)=""/102388, 0xfff7}], 0x3, 0x0, 0x0, 0x0) tkill(r2, 0x40) wait4(0x0, 0x0, 0x0, 0x0) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) r3 = gettid() rt_sigqueueinfo(r3, 0xa, &(0x7f00000002c0)) sendfile(r0, r1, 0x0, 0x80000001) r4 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r4, 0x2007fff) open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) 23:13:26 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887700720830b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:13:26 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 50) 23:13:26 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201048) 23:13:26 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) tkill(r0, 0x2e) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000240)={0x0, 0x0}) ptrace$cont(0x9, r3, 0xae, 0x4) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x24010, 0xffffffffffffffff, 0x8000000) r5 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) timer_settime(r6, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) timer_settime(r6, 0x0, &(0x7f0000000200)={{}, {0x77359400}}, 0x0) ftruncate(r5, 0x2007fff) r7 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r7, r5, 0x0, 0x201000) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(r4, 0x0, &(0x7f0000000080)=@IORING_OP_STATX={0x15, 0x4, 0x0, r5, &(0x7f0000000100), &(0x7f0000000040)='./file0\x00', 0x800, 0x100, 0x0, {0x0, r8}}, 0x3) [ 1348.146986][T13510] FAULT_INJECTION: forcing a failure. [ 1348.146986][T13510] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1348.160245][T13510] CPU: 0 PID: 13510 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1348.170505][T13510] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1348.180688][T13510] Call Trace: [ 1348.183966][T13510] [ 1348.186899][T13510] dump_stack_lvl+0xd6/0x122 [ 1348.191505][T13510] dump_stack+0x11/0x1b [ 1348.195683][T13510] should_fail+0x23c/0x250 [ 1348.200147][T13510] __alloc_pages+0x102/0x330 [ 1348.204892][T13510] alloc_pages_vma+0x5ee/0x770 [ 1348.209668][T13510] ? lru_cache_add+0x37/0x50 [ 1348.214440][T13510] do_anonymous_page+0x169/0x8d0 [ 1348.219406][T13510] ? cgroup_rstat_updated+0x34/0x100 [ 1348.224800][T13510] ? __rcu_read_unlock+0x5c/0x290 [ 1348.229849][T13510] handle_mm_fault+0x814/0x1590 [ 1348.234783][T13510] ? _raw_spin_unlock+0x2e/0x50 [ 1348.239649][T13510] __get_user_pages+0x388/0xc80 [ 1348.244539][T13510] __get_user_pages_remote+0x17f/0x610 [ 1348.250007][T13510] ? iovec_from_user+0x2a6/0x2e0 [ 1348.255000][T13510] pin_user_pages_remote+0x58/0x80 [ 1348.260120][T13510] process_vm_rw_single_vec+0x17d/0x460 [ 1348.265875][T13510] process_vm_rw+0x3a2/0x540 [ 1348.270481][T13510] __x64_sys_process_vm_writev+0x76/0x90 [ 1348.276212][T13510] do_syscall_64+0x44/0xa0 [ 1348.280671][T13510] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1348.286601][T13510] RIP: 0033:0x7fede691aae9 23:13:26 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = socket$inet6_udp(0xa, 0x2, 0x0) syz_open_dev$vcsa(&(0x7f00000001c0), 0xef, 0x200000) r4 = creat(&(0x7f0000000100)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff}, 0x0) splice(r5, 0x0, r4, &(0x7f0000000080), 0x9, 0xa) r6 = syz_open_dev$evdev(&(0x7f0000000600), 0x2, 0x40001) ioctl$EVIOCSREP(r6, 0x40084503, &(0x7f0000000640)=[0x6, 0xfff]) r7 = syz_mount_image$tmpfs(&(0x7f0000000180), &(0x7f0000000280)='./file0\x00', 0x3f, 0x4, &(0x7f00000004c0)=[{&(0x7f00000002c0)="2899f39c6f9c33fe745b5eeffb2a5414876c9c01c2a1e6d8fb32470452a2aa866b1124bdebbe2ea0a97d29de70daf113cbe1ece9db65c278932b58d053306d5291c481ed35fc4b30fbca97ee5e21aa953d63e15f92a92860f15ab24c58e9097591253ea9d347b893", 0x68, 0xe5e9}, {&(0x7f0000000340)="10225ce741c4940d957aa0b5cbc70616ed932dd189154a2f287b48cad45f87b4515216ee8d61e5761d70e164d411ea2b215fc217a0c0736755d1c0bfc4b60695e6eb7e1016c53909030af534af9dcadfa4c76e686fdbbbeb7272fafbb6005fb87a6aa5c02337d956b7e5e70e2ff6c6b4b55381f19d3794c30a148c50f96db027e37f88c75762cc1e8984f8227f3cc84d57fbb0dfb45375497d5868d5a2b7931c896ff316edc4a1ea", 0xa8, 0x7f}, {&(0x7f0000000400)="995df82c1a71c7bd3073bc", 0xb, 0x7}, {&(0x7f0000000440)="0686abb6f68006e2e1de17762b2f3c73d27c968770ac8925ef55f7fd8de87e2a55e102f8001a30aa23f4a36504eef7b0fbca5f814f2d2adf6e85bcab02e307a361e6164b61e8311200559c2d958134f2621f0fe25e7ef0aeb1c7007e62cdd060b7beb29af139d56f9c6faadb640fe9", 0x6f, 0x3}], 0x2800, &(0x7f0000000540)=ANY=[@ANYBLOB="687567653d6e657665722c73697a653d352d36312c6d6f64653d303030303030303030303030303030303030333533305c1a6d6f64653d30303030303030303030303030303030303230303030312c7365636c6162656c2c00"]) openat(r7, &(0x7f00000005c0)='./file0\x00', 0x90000, 0x23) getsockopt$inet6_IPV6_IPSEC_POLICY(r4, 0x29, 0x22, &(0x7f0000000080)={{{@in=@local, @in6=@private0}}, {{}, 0x0, @in6=@empty}}, &(0x7f0000000240)=0xe8) r8 = creat(&(0x7f0000000100)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff}, 0x0) splice(r9, 0x0, r8, &(0x7f0000000080), 0x9, 0xa) setsockopt$inet6_udp_int(r8, 0x11, 0xb, &(0x7f0000000200)=0x7, 0x4) ioctl$sock_inet6_SIOCADDRT(r3, 0x890b, &(0x7f0000000000)={@mcast2, @local, @private2={0xfc, 0x2, '\x00', 0x1}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20d40022}) [ 1348.291194][T13510] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1348.310808][T13510] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1348.319298][T13510] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1348.327344][T13510] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 00000000000024b6 [ 1348.335383][T13510] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 [ 1348.343362][T13510] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1348.351366][T13510] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1348.359460][T13510] [ 1348.365428][T13514] loop2: detected capacity change from 0 to 1 23:13:26 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 51) 23:13:26 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887700720930b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:13:26 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x20104c) 23:13:26 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)=0x0) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r1 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) timer_settime(r0, 0x1, &(0x7f0000000400)={{0x77359400}, {0x77359400}}, &(0x7f0000000480)) timer_create(0x2, &(0x7f0000000300)={0x0, 0x2, 0x1, @thr={&(0x7f0000000180)="cc37b9317f6d804b369d7b1a445aa621f08fe102e5a11d24dd80c05c012e5082eb8c78f340551819e1efab6308b1b51a1231f1446829477291957afe6e91a8669cca770bd92fbcf5454e9d8d57848d0a0203f204a02b0375c0d6ea6f35c1327d71fc4ebbaeb5b00cc0dd49aa70c186df192257502bb57d84c599ca6a1ce0747a3d46ee79d92ff023bf51f1ee8ef109a7a8006ee694d5c60e0747a7793bd0a63be4eeeec13a74f8fdd7260a7ac724e0bbe298e4e5aee427ae22e6887128511f5290338cab5b85641f35d65c20a6a2aa563917e8", &(0x7f0000000280)="33de03cf9834506f9c9f1a0f4f72362ee800c5b5038ad9d6e521a78238888a1f50192b43be76d98bdcdc26e48450e4763bd3f9471b0fc0cf6bbdeea7d2af10f10e36760f33f51572bd7b72fc711699acbf8cba9c00e4744b35ecb2771c959998b473291dc9a13b32e6d0d2d2c2"}}, &(0x7f0000000340)) timer_gettime(r2, &(0x7f00000003c0)) wait4(r1, &(0x7f0000000380), 0x1, &(0x7f0000000540)) timer_settime(r2, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r1, &(0x7f0000000140)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000000100)=[{&(0x7f0000217f28)=""/231, 0xe7}, {&(0x7f0000000040)=""/118, 0x76}], 0x2, 0x0) [ 1348.427533][ T23] audit: type=1400 audit(1636067606.661:744): avc: denied { write } for pid=13520 comm="syz-executor.5" name="event2" dev="devtmpfs" ino=125 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 1348.471061][T13514] loop2: detected capacity change from 0 to 1 23:13:26 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa5000000000d0000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1348.575861][T13628] FAULT_INJECTION: forcing a failure. [ 1348.575861][T13628] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1348.589253][T13628] CPU: 0 PID: 13628 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1348.599187][T13628] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1348.609442][T13628] Call Trace: [ 1348.612721][T13628] [ 1348.615688][T13628] dump_stack_lvl+0xd6/0x122 [ 1348.620281][T13628] dump_stack+0x11/0x1b [ 1348.624511][T13628] should_fail+0x23c/0x250 [ 1348.628940][T13628] __alloc_pages+0x102/0x330 [ 1348.633592][T13628] alloc_pages_vma+0x5ee/0x770 [ 1348.638363][T13628] ? lru_cache_add+0x37/0x50 [ 1348.643152][T13628] do_anonymous_page+0x169/0x8d0 [ 1348.648287][T13628] ? cgroup_rstat_updated+0x34/0x100 [ 1348.653667][T13628] ? __rcu_read_unlock+0x5c/0x290 [ 1348.658740][T13628] handle_mm_fault+0x814/0x1590 [ 1348.663595][T13628] ? _raw_spin_unlock+0x2e/0x50 [ 1348.668553][T13628] __get_user_pages+0x388/0xc80 [ 1348.673483][T13628] __get_user_pages_remote+0x17f/0x610 [ 1348.678947][T13628] ? iovec_from_user+0x2a6/0x2e0 [ 1348.684016][T13628] pin_user_pages_remote+0x58/0x80 [ 1348.689141][T13628] process_vm_rw_single_vec+0x17d/0x460 [ 1348.694781][T13628] process_vm_rw+0x3a2/0x540 [ 1348.699406][T13628] __x64_sys_process_vm_writev+0x76/0x90 [ 1348.705041][T13628] do_syscall_64+0x44/0xa0 [ 1348.709558][T13628] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1348.715491][T13628] RIP: 0033:0x7fede691aae9 [ 1348.719905][T13628] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1348.739562][T13628] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1348.747981][T13628] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1348.756016][T13628] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 00000000000024b8 [ 1348.764092][T13628] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 23:13:27 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 52) 23:13:27 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887700720a30b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1348.772107][T13628] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1348.780077][T13628] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1348.788088][T13628] 23:13:27 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)=0x0) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r1 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f0000000080)) timer_settime(r2, 0x0, &(0x7f0000000200)={{0x77359400}}, &(0x7f0000000240)) clock_gettime(0x0, &(0x7f0000000280)={0x0, 0x0}) timer_settime(r2, 0x0, &(0x7f0000000500)={{}, {0x0, r3+60000000}}, 0x0) clock_gettime(0x0, &(0x7f00000002c0)={0x0, 0x0}) timer_settime(r0, 0x0, &(0x7f0000000300)={{0x77359400}, {r4, r5+10000000}}, &(0x7f0000000340)) process_vm_writev(r1, &(0x7f0000000040)=[{&(0x7f0000000100)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xe7}], 0x1, 0x0) 23:13:27 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0) r4 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r4, 0x2007fff) r5 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r5, r4, 0x0, 0x201000) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000640)=@IORING_OP_SENDMSG={0x9, 0x5, 0x0, r4, 0x0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000100)="dcaa273def1535681f004436141291de9ab9b044e4581d290ac6ef6ae2380d80c67c39cde58e0009533c53caab28c8b49cec37c9e518d911ce7b6904796f7133ad204dbb32d7", 0x46}], 0x1, &(0x7f00000001c0)=[{0x108, 0x105, 0x9, "c9f0c59c5a6c3e999eea080cf85f7a8362fc22cb731c02ffd84f03ea847d030ea97a7eb76c5c071a25d1b3a9c77788ebccb89650dc63451bce41f0a435977240dfc233c7dcb1ffb817a01833eb3fedb79c29321bde753dd61c52897d517cdfd385c1594f82bee5f553f0704c16ab5c864d2ed626275796c7f5bb3052014992a05935166b490372b32290a3c8fa05443b81ec6948e4c62d04e161df70a0cdcdd451d787cff93e68bb4ce2b38cbfd4fd570a580ce744996990682172845ddbc1875b6ff4f7dd4e707e1f780d82dc9fcd1c08e2b6f0339d130f1e0fd5c0ef18e59fa93f049e9494320527d641893f09f7b24b74e8"}, {0x28, 0x112, 0x1, "2d52f5c8ab76aabd363d6a87bd9f274e7e18da7a8a05e6"}, {0x78, 0x59b309b420bf8816, 0x4, "802d719c4a7bd6d9d93aa1b0884c2f0460c958acb30906305ba45618994c4c75929402f7a32f0225b9ad01b36416cf4423c18ccf8c3dea828ecc46181862a71b2b5012de9fc520d04e9981c30be120b45aa7b5aae442f960a1fc792120c5636e8c3e1179d334"}, {0x28, 0x102, 0x1f, "9dbfdbca12afeb944ba11e2333e9895f7daae2fce0152444"}, {0x28, 0x104, 0x0, "74bb254449aa566dbb1051f3da440054b0facc81"}, {0x18, 0x84, 0x100, "10ef25"}, {0xf8, 0x102, 0x8000, "7f85fe4a3e83f8096eb0053c6966488df2ab947e92738655402ee32ce3238160e78ec61bf5702a2136ec005b5a0643885de8abbbe1d248ce482176506c33d636038550f550cfec6050a08f26324c0e2d7bef87cfa0850103554d7584f8ea79a2697b2f720aa9ca168ac6ba9a08a869a1d313be0d28b39f75d3a2ed099835e95de73bcad6896d97d93f7793e609174d1c85faa1c4f91f528405400ff0c92fd95f2206ec5d1f3255a54198a9b03026238feddd184f09373e71287d1c3428530be07a70db82295004c836e00bdad013bc7a5c1f1fd3fd67aec28e239f465d02b45dcad359b17834ba"}, {0x38, 0x105, 0x2, "ab46c2c23cc9758beb4249c773b839bc0783a347fc16d448f08ad5ae1b7ea3cc45b2022c9f6269aa"}, {0xe0, 0x116, 0x80000001, "75271215142b3a373c3068a481f8578316e2af7f11ae87b6cafb3a65ac5829db59dfcaaae7ef93594ee9c769a198601460a4ad5068862fcf7250acc20f228cf676c78b425f4527d06dd377ce9f1351cf069ada6dbde3d1c75a9d324d4abd7c44651e273373ca3b87b10f64e8ed22b78bdc3d71ed2bdcf9663789e96601d17b9d33c1030d52701350938785122b0c1db8c4886d3f8de51e43c4291a321ddf3e09b639f2d63f4c6157eae0da6cb75b5e11f6961ce09987260520259a1a223ff02196e971ce704453a104b7"}], 0x420}, 0x0, 0x48000}, 0x7c) io_uring_register$IORING_REGISTER_FILES(r0, 0x2, &(0x7f0000000080)=[0xffffffffffffffff, r2, r2, r3], 0x4) r6 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r7 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r6, r7, 0x0, 0x80000001) [ 1348.919267][T13737] loop2: detected capacity change from 0 to 1 [ 1348.989211][T13737] loop2: detected capacity change from 0 to 1 [ 1348.996668][T13742] FAULT_INJECTION: forcing a failure. [ 1348.996668][T13742] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1349.009908][T13742] CPU: 0 PID: 13742 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1349.019888][T13742] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1349.030013][T13742] Call Trace: [ 1349.033382][T13742] [ 1349.036315][T13742] dump_stack_lvl+0xd6/0x122 [ 1349.040965][T13742] dump_stack+0x11/0x1b [ 1349.045157][T13742] should_fail+0x23c/0x250 [ 1349.049636][T13742] __alloc_pages+0x102/0x330 [ 1349.054257][T13742] alloc_pages_vma+0x5ee/0x770 [ 1349.059188][T13742] ? lru_cache_add+0x37/0x50 [ 1349.063799][T13742] do_anonymous_page+0x169/0x8d0 [ 1349.068872][T13742] ? cgroup_rstat_updated+0x34/0x100 [ 1349.074184][T13742] ? __rcu_read_unlock+0x5c/0x290 [ 1349.079287][T13742] handle_mm_fault+0x814/0x1590 [ 1349.084156][T13742] ? _raw_spin_unlock+0x2e/0x50 [ 1349.089089][T13742] __get_user_pages+0x388/0xc80 [ 1349.093951][T13742] __get_user_pages_remote+0x17f/0x610 [ 1349.099480][T13742] ? iovec_from_user+0x2a6/0x2e0 [ 1349.104527][T13742] pin_user_pages_remote+0x58/0x80 [ 1349.109729][T13742] process_vm_rw_single_vec+0x17d/0x460 [ 1349.115399][T13742] process_vm_rw+0x3a2/0x540 [ 1349.120114][T13742] __x64_sys_process_vm_writev+0x76/0x90 [ 1349.125815][T13742] do_syscall_64+0x44/0xa0 [ 1349.130243][T13742] entry_SYSCALL_64_after_hwframe+0x44/0xae 23:13:27 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201060) [ 1349.136228][T13742] RIP: 0033:0x7fede691aae9 [ 1349.140703][T13742] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1349.160318][T13742] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1349.168745][T13742] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1349.176786][T13742] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 00000000000024ba 23:13:27 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887700720b30b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1349.184966][T13742] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 [ 1349.193110][T13742] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1349.201088][T13742] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1349.209208][T13742] 23:13:27 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 53) 23:13:27 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa5000000000e0000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:13:27 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x77359400}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) timer_settime(r3, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) timer_settime(r3, 0x0, &(0x7f0000000040)={{0x0, 0x989680}}, &(0x7f0000000080)) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) timer_settime(r1, 0x1, &(0x7f0000000140)={{0x77359400}, {r4, r5+60000000}}, &(0x7f00000001c0)) 23:13:27 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887700720c30b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1349.418169][T13956] FAULT_INJECTION: forcing a failure. [ 1349.418169][T13956] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1349.431471][T13956] CPU: 0 PID: 13956 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1349.441379][T13956] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1349.451437][T13956] Call Trace: [ 1349.454754][T13956] [ 1349.457681][T13956] dump_stack_lvl+0xd6/0x122 [ 1349.462328][T13956] dump_stack+0x11/0x1b [ 1349.466485][T13956] should_fail+0x23c/0x250 [ 1349.470902][T13956] __alloc_pages+0x102/0x330 [ 1349.475494][T13956] alloc_pages_vma+0x5ee/0x770 [ 1349.480281][T13956] ? lru_cache_add+0x37/0x50 [ 1349.484992][T13956] do_anonymous_page+0x169/0x8d0 [ 1349.489946][T13956] ? cgroup_rstat_updated+0x34/0x100 [ 1349.495229][T13956] ? __rcu_read_unlock+0x5c/0x290 [ 1349.500258][T13956] handle_mm_fault+0x814/0x1590 [ 1349.505328][T13956] ? _raw_spin_unlock+0x2e/0x50 [ 1349.510183][T13956] __get_user_pages+0x388/0xc80 [ 1349.515570][T13956] __get_user_pages_remote+0x17f/0x610 [ 1349.521038][T13956] ? iovec_from_user+0x2a6/0x2e0 [ 1349.525983][T13956] pin_user_pages_remote+0x58/0x80 [ 1349.531098][T13956] process_vm_rw_single_vec+0x17d/0x460 [ 1349.536704][T13956] process_vm_rw+0x3a2/0x540 [ 1349.541307][T13956] __x64_sys_process_vm_writev+0x76/0x90 [ 1349.547079][T13956] do_syscall_64+0x44/0xa0 [ 1349.551592][T13956] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1349.557623][T13956] RIP: 0033:0x7fede691aae9 [ 1349.562042][T13956] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1349.581654][T13956] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1349.590109][T13956] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1349.598152][T13956] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 00000000000024bc [ 1349.606138][T13956] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 23:13:27 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 54) [ 1349.614219][T13956] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1349.622321][T13956] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1349.630306][T13956] [ 1349.636499][T13957] loop2: detected capacity change from 0 to 1 23:13:27 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)=0x0) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r1 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r2, 0x0, &(0x7f0000000500)={{}, {0x0, r3+60000000}}, 0x0) process_vm_writev(r1, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) timer_settime(r0, 0x0, &(0x7f0000000040)={{0x0, 0x3938700}, {0x77359400}}, 0x0) 23:13:27 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201068) 23:13:27 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887700720d30b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:13:27 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) recvfrom(r1, &(0x7f0000000040)=""/2, 0x2, 0x10101, &(0x7f0000000100)=@in6={0xa, 0x4e20, 0xfff, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0xb}}, 0x1}, 0x80) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x105000, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) close(0xffffffffffffffff) sendfile(r3, r4, 0x0, 0x80000001) [ 1349.707459][T13957] loop2: detected capacity change from 0 to 1 [ 1349.748058][T14064] FAULT_INJECTION: forcing a failure. [ 1349.748058][T14064] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1349.761358][T14064] CPU: 0 PID: 14064 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1349.771259][T14064] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1349.781314][T14064] Call Trace: [ 1349.784598][T14064] [ 1349.787530][T14064] dump_stack_lvl+0xd6/0x122 [ 1349.792256][T14064] dump_stack+0x11/0x1b [ 1349.796414][T14064] should_fail+0x23c/0x250 [ 1349.800886][T14064] __alloc_pages+0x102/0x330 [ 1349.805480][T14064] alloc_pages_vma+0x5ee/0x770 [ 1349.810255][T14064] ? lru_cache_add+0x37/0x50 [ 1349.814917][T14064] do_anonymous_page+0x169/0x8d0 [ 1349.819863][T14064] ? cgroup_rstat_updated+0x34/0x100 [ 1349.825153][T14064] ? __rcu_read_unlock+0x5c/0x290 [ 1349.830248][T14064] handle_mm_fault+0x814/0x1590 [ 1349.835251][T14064] ? _raw_spin_unlock+0x2e/0x50 [ 1349.840215][T14064] __get_user_pages+0x388/0xc80 [ 1349.845138][T14064] __get_user_pages_remote+0x17f/0x610 [ 1349.850623][T14064] ? iovec_from_user+0x2a6/0x2e0 [ 1349.855635][T14064] pin_user_pages_remote+0x58/0x80 [ 1349.860823][T14064] process_vm_rw_single_vec+0x17d/0x460 [ 1349.866376][T14064] process_vm_rw+0x3a2/0x540 [ 1349.871284][T14064] __x64_sys_process_vm_writev+0x76/0x90 [ 1349.876985][T14064] do_syscall_64+0x44/0xa0 [ 1349.881464][T14064] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1349.887385][T14064] RIP: 0033:0x7fede691aae9 [ 1349.891808][T14064] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1349.911971][T14064] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1349.920392][T14064] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1349.928371][T14064] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 00000000000024be [ 1349.936348][T14064] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 23:13:28 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 55) 23:13:28 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887700720e30b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:13:28 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa5000000000f0000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1349.944349][T14064] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1349.952339][T14064] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1349.960415][T14064] 23:13:28 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000000200)=[{&(0x7f0000000100)=""/236, 0xec}, {&(0x7f0000000040)=""/94, 0x5e}], 0x2, 0x0) [ 1350.124514][T14177] FAULT_INJECTION: forcing a failure. [ 1350.124514][T14177] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1350.137800][T14177] CPU: 1 PID: 14177 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1350.147871][T14177] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1350.157935][T14177] Call Trace: [ 1350.161217][T14177] [ 1350.164253][T14177] dump_stack_lvl+0xd6/0x122 [ 1350.168896][T14177] dump_stack+0x11/0x1b [ 1350.173054][T14177] should_fail+0x23c/0x250 [ 1350.177493][T14177] __alloc_pages+0x102/0x330 [ 1350.182084][T14177] alloc_pages_vma+0x5ee/0x770 [ 1350.186934][T14177] ? lru_cache_add+0x37/0x50 [ 1350.191582][T14177] do_anonymous_page+0x169/0x8d0 [ 1350.196539][T14177] ? cgroup_rstat_updated+0x34/0x100 [ 1350.201836][T14177] ? __rcu_read_unlock+0x5c/0x290 [ 1350.206928][T14177] handle_mm_fault+0x814/0x1590 [ 1350.211879][T14177] ? _raw_spin_unlock+0x2e/0x50 [ 1350.216805][T14177] __get_user_pages+0x388/0xc80 [ 1350.221720][T14177] __get_user_pages_remote+0x17f/0x610 [ 1350.227218][T14177] ? iovec_from_user+0x2a6/0x2e0 [ 1350.232321][T14177] pin_user_pages_remote+0x58/0x80 [ 1350.237491][T14177] process_vm_rw_single_vec+0x17d/0x460 [ 1350.243079][T14177] process_vm_rw+0x3a2/0x540 [ 1350.247685][T14177] __x64_sys_process_vm_writev+0x76/0x90 [ 1350.253329][T14177] do_syscall_64+0x44/0xa0 [ 1350.257745][T14177] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1350.263639][T14177] RIP: 0033:0x7fede691aae9 [ 1350.268048][T14177] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1350.287658][T14177] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1350.296069][T14177] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1350.304037][T14177] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 00000000000024c0 [ 1350.312004][T14177] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 23:13:28 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 56) [ 1350.319974][T14177] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1350.327945][T14177] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1350.336016][T14177] 23:13:28 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887700720f30b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1350.375052][T14180] loop2: detected capacity change from 0 to 1 23:13:28 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) getpeername(r0, &(0x7f0000000040)=@l2tp6={0xa, 0x0, 0x0, @local}, &(0x7f0000000100)=0x80) timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r1 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r2, 0x0, &(0x7f0000000500)={{}, {0x0, r3+60000000}}, 0x0) process_vm_writev(r1, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) [ 1350.478999][T14180] loop2: detected capacity change from 0 to 1 [ 1350.506323][T14285] FAULT_INJECTION: forcing a failure. [ 1350.506323][T14285] name fail_page_alloc, interval 1, probability 0, space 0, times 0 23:13:28 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887700721030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1350.519704][T14285] CPU: 0 PID: 14285 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1350.529614][T14285] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1350.539789][T14285] Call Trace: [ 1350.543072][T14285] [ 1350.546000][T14285] dump_stack_lvl+0xd6/0x122 [ 1350.550597][T14285] dump_stack+0x11/0x1b [ 1350.554960][T14285] should_fail+0x23c/0x250 [ 1350.559393][T14285] __alloc_pages+0x102/0x330 [ 1350.564026][T14285] alloc_pages_vma+0x5ee/0x770 [ 1350.568902][T14285] ? lru_cache_add+0x37/0x50 [ 1350.573499][T14285] do_anonymous_page+0x169/0x8d0 [ 1350.578449][T14285] ? cgroup_rstat_updated+0x34/0x100 [ 1350.583824][T14285] ? __rcu_read_unlock+0x5c/0x290 [ 1350.588905][T14285] handle_mm_fault+0x814/0x1590 [ 1350.593788][T14285] ? _raw_spin_unlock+0x2e/0x50 [ 1350.598676][T14285] __get_user_pages+0x388/0xc80 [ 1350.603536][T14285] __get_user_pages_remote+0x17f/0x610 [ 1350.609099][T14285] ? iovec_from_user+0x2a6/0x2e0 [ 1350.614048][T14285] pin_user_pages_remote+0x58/0x80 [ 1350.619277][T14285] process_vm_rw_single_vec+0x17d/0x460 [ 1350.624846][T14285] process_vm_rw+0x3a2/0x540 [ 1350.629528][T14285] __x64_sys_process_vm_writev+0x76/0x90 [ 1350.635244][T14285] do_syscall_64+0x44/0xa0 [ 1350.639665][T14285] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1350.645589][T14285] RIP: 0033:0x7fede691aae9 [ 1350.650004][T14285] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1350.669647][T14285] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 23:13:28 executing program 1: ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000480)=0x0) timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17, 0x2, @tid=r0}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r1 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r2, 0x0, &(0x7f0000000500)={{}, {0x0, r3+60000000}}, 0x0) process_vm_writev(r1, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) timer_create(0x1, &(0x7f0000000200)={0x0, 0x10, 0x1, @thr={&(0x7f0000000100)="fd5782ef171308913754957387fa2915e9bfaea80ac7d4eb24952a2741eb6d6fa66b2d2d2b76d04bf190251152cdaa8593cf348032c2ef7d776f6057b94922129900b35f2158055ad4744012232a54608f5cbed501f8193db0bac1450961f9216e601463ba", &(0x7f0000000180)="90d3834a215af63c6654fb126c877f4eb3ed3fed082e7693487307741c7c3d7ead10cd0769a499aaf59545804eac81774422d2acac17f84e8a7c39fcaf780c295f654a3107f7e7f839f84036404e4ee60fd8498f44f4cf0f9d5fa5f855d6d038fc"}}, &(0x7f0000000240)=0x0) timer_settime(r4, 0x1, &(0x7f0000000280)={{0x0, 0x3938700}}, 0x0) timer_create(0x0, &(0x7f0000000040)={0x0, 0x10, 0xc, @tid=r1}, &(0x7f0000000080)=0x0) timer_delete(r5) 23:13:28 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x20106c) 23:13:28 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 57) 23:13:28 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) r3 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r3, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x0, 0x0, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r2, 0xc0709411, &(0x7f0000000040)={{0x0, 0xffffffff, 0x3, 0xb17dbd8, 0x5, 0x9, 0x2, 0x0, 0x8001, 0x8, 0xfff, 0x6, 0xee, 0x2000000, 0xfd5}}) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r3, 0xc0709411, &(0x7f0000000100)={{r4, 0x8, 0x8783, 0x9, 0x24, 0x8, 0x2, 0x1fc, 0x10001, 0x0, 0x3, 0x0, 0x1f, 0x8, 0x6}, 0x20, [0x0, 0x0, 0x0, 0x0]}) ftruncate(r2, 0x2007fff) r5 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r6 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r5, r6, 0x0, 0x80000001) [ 1350.678104][T14285] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1350.686074][T14285] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 00000000000024c2 [ 1350.694040][T14285] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 [ 1350.702029][T14285] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1350.710000][T14285] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1350.717973][T14285] 23:13:29 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887700721130b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:13:29 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500000000100000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1350.886358][T14533] FAULT_INJECTION: forcing a failure. [ 1350.886358][T14533] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1350.899618][T14533] CPU: 0 PID: 14533 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1350.909424][T14533] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1350.919503][T14533] Call Trace: [ 1350.922863][T14533] [ 1350.925784][T14533] dump_stack_lvl+0xd6/0x122 [ 1350.930379][T14533] dump_stack+0x11/0x1b [ 1350.934531][T14533] should_fail+0x23c/0x250 [ 1350.938950][T14533] __alloc_pages+0x102/0x330 [ 1350.943537][T14533] alloc_pages_vma+0x5ee/0x770 [ 1350.948345][T14533] ? lru_cache_add+0x37/0x50 [ 1350.952937][T14533] do_anonymous_page+0x169/0x8d0 [ 1350.957944][T14533] ? cgroup_rstat_updated+0x34/0x100 [ 1350.963248][T14533] ? __rcu_read_unlock+0x5c/0x290 [ 1350.968278][T14533] handle_mm_fault+0x814/0x1590 [ 1350.973216][T14533] ? _raw_spin_unlock+0x2e/0x50 [ 1350.978086][T14533] __get_user_pages+0x388/0xc80 [ 1350.983022][T14533] __get_user_pages_remote+0x17f/0x610 [ 1350.988526][T14533] ? iovec_from_user+0x2a6/0x2e0 [ 1350.993611][T14533] pin_user_pages_remote+0x58/0x80 [ 1350.998828][T14533] process_vm_rw_single_vec+0x17d/0x460 [ 1351.004398][T14533] process_vm_rw+0x3a2/0x540 [ 1351.009098][T14533] __x64_sys_process_vm_writev+0x76/0x90 [ 1351.014831][T14533] do_syscall_64+0x44/0xa0 [ 1351.019357][T14533] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1351.025280][T14533] RIP: 0033:0x7fede691aae9 [ 1351.029716][T14533] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1351.049451][T14533] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1351.058190][T14533] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1351.066166][T14533] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 00000000000024c4 [ 1351.074202][T14533] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 23:13:29 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) timer_settime(r3, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) clock_gettime(0x0, &(0x7f0000000040)={0x0, 0x0}) clock_gettime(0x0, &(0x7f0000000080)={0x0, 0x0}) timer_settime(r3, 0x1, &(0x7f0000000100)={{r4, r5+10000000}, {r6, r7+10000000}}, &(0x7f0000000140)) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:13:29 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887700721230b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:13:29 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 58) [ 1351.082358][T14533] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1351.090332][T14533] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1351.098315][T14533] 23:13:29 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201074) [ 1351.159830][T14707] loop2: detected capacity change from 0 to 1 [ 1351.227364][T14707] loop2: detected capacity change from 0 to 1 [ 1351.267508][T14711] FAULT_INJECTION: forcing a failure. [ 1351.267508][T14711] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1351.280860][T14711] CPU: 0 PID: 14711 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1351.290664][T14711] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1351.300713][T14711] Call Trace: [ 1351.303990][T14711] [ 1351.306920][T14711] dump_stack_lvl+0xd6/0x122 [ 1351.311516][T14711] dump_stack+0x11/0x1b [ 1351.315725][T14711] should_fail+0x23c/0x250 [ 1351.320195][T14711] __alloc_pages+0x102/0x330 [ 1351.324789][T14711] alloc_pages_vma+0x5ee/0x770 [ 1351.329584][T14711] ? lru_cache_add+0x37/0x50 [ 1351.334309][T14711] do_anonymous_page+0x169/0x8d0 [ 1351.339264][T14711] ? cgroup_rstat_updated+0x34/0x100 [ 1351.344636][T14711] ? __rcu_read_unlock+0x5c/0x290 [ 1351.349667][T14711] handle_mm_fault+0x814/0x1590 [ 1351.354563][T14711] ? _raw_spin_unlock+0x2e/0x50 [ 1351.359557][T14711] __get_user_pages+0x388/0xc80 [ 1351.364419][T14711] __get_user_pages_remote+0x17f/0x610 [ 1351.370076][T14711] ? iovec_from_user+0x2a6/0x2e0 [ 1351.375079][T14711] pin_user_pages_remote+0x58/0x80 [ 1351.380212][T14711] process_vm_rw_single_vec+0x17d/0x460 [ 1351.385778][T14711] process_vm_rw+0x3a2/0x540 [ 1351.390457][T14711] __x64_sys_process_vm_writev+0x76/0x90 [ 1351.396278][T14711] do_syscall_64+0x44/0xa0 [ 1351.400731][T14711] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1351.406804][T14711] RIP: 0033:0x7fede691aae9 [ 1351.411222][T14711] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1351.431026][T14711] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1351.439550][T14711] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1351.447554][T14711] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 00000000000024c6 [ 1351.455534][T14711] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 [ 1351.463603][T14711] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 23:13:29 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887700722230b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:13:29 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500000000110000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1351.471603][T14711] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1351.479679][T14711] 23:13:29 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 59) 23:13:29 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887700722530b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:13:29 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r2 = fork() setpriority(0x1, 0xffffffffffffffff, 0x0) ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f0000000240)=0x0) r4 = getgid() r5 = perf_event_open$cgroup(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x18, 0x0, 0xf7, 0x0, 0x20000000000008, 0x20000, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x3, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0xfffffff8, 0x1, @perf_bp={&(0x7f0000000280), 0x8}, 0x10001, 0x8000, 0x4, 0xa, 0xfffffffffffffffb, 0x3e1, 0x1, 0x0, 0x3, 0x0, 0x5}, 0xffffffffffffffff, 0x6, 0xffffffffffffffff, 0x7) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r7 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000380), 0x482, 0x0) r8 = socket$inet(0x2, 0x3, 0x10000081) ioctl$sock_inet_SIOCDELRT(r8, 0x890b, &(0x7f0000000300)={0x0, {0x2, 0x0, @private}, {0x2, 0x0, @dev}, {0x2, 0x0, @broadcast}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000003c0)={0x0, 0x0}, &(0x7f0000000400)=0xc) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000440)=[{{&(0x7f0000000100)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000040)=[{&(0x7f00000001c0)="911a071aafc0545e7c2f441854c2252e749106389007488571783d79d0cbdd471e5ef23cf17c91fcd9bef060bfea0f8adaaed246dd4a13782252a1a6072902d84919057a14d3c9a28757b0619182b190f2bad1c780aabd661087b9208d1f649d6c", 0x61}], 0x1, &(0x7f00000006c0)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=r2, @ANYRES32=r3, @ANYRES32=r4, @ANYBLOB="3f000c00000000000000000000005f31b967ac7170d4399a452a7a9d015c59b98227aa7fa5dce308b2604ee6bd93e4fcdf44568baf279e044c9f412f595246b3be03835eb1e9d4bb7ee66152046af0511991fcbc4c2fc6c0f19b233b006df77b20136ef6e5c9649238f5e3a79b9eab73768d7ff0e7b9769f4daf719b9bf5390c8d8674e566d58dde", @ANYRES32=r5, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32, @ANYRES32=0xee01, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="0000000030000000000000000100000001000000", @ANYRES32, @ANYRES32=r6, @ANYRES32, @ANYRES32=r7, @ANYRES32=r8, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="14000000000000000100000001000000", @ANYRES32, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=r9, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00'], 0xe0, 0x8005}}], 0x1, 0x2004c810) chown(&(0x7f0000000040)='./bus\x00', 0x0, r4) sendfile(r0, r1, 0x0, 0x80000001) r10 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r10, 0x2007fff) open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r8, 0xffffffffffffffff, 0x0, 0xffffffff) [ 1351.571023][T14717] selinux_netlink_send: 122 callbacks suppressed [ 1351.571094][T14717] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=35144 sclass=netlink_xfrm_socket pid=14717 comm=syz-executor.4 [ 1351.596362][T14719] loop2: detected capacity change from 0 to 1 [ 1351.606785][T14717] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=34247 sclass=netlink_xfrm_socket pid=14717 comm=syz-executor.4 [ 1351.620360][T14717] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=53893 sclass=netlink_xfrm_socket pid=14717 comm=syz-executor.4 [ 1351.634366][T14717] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=53481 sclass=netlink_xfrm_socket pid=14717 comm=syz-executor.4 [ 1351.678975][T14719] loop2: detected capacity change from 0 to 1 [ 1351.719160][T14724] FAULT_INJECTION: forcing a failure. [ 1351.719160][T14724] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1351.732419][T14724] CPU: 0 PID: 14724 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1351.742275][T14724] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1351.752455][T14724] Call Trace: [ 1351.755741][T14724] [ 1351.758749][T14724] dump_stack_lvl+0xd6/0x122 [ 1351.763345][T14724] dump_stack+0x11/0x1b [ 1351.767500][T14724] should_fail+0x23c/0x250 [ 1351.771930][T14724] __alloc_pages+0x102/0x330 [ 1351.776529][T14724] alloc_pages_vma+0x5ee/0x770 [ 1351.781305][T14724] ? lru_cache_add+0x37/0x50 [ 1351.786060][T14724] do_anonymous_page+0x169/0x8d0 [ 1351.791106][T14724] ? cgroup_rstat_updated+0x34/0x100 [ 1351.796398][T14724] ? __rcu_read_unlock+0x5c/0x290 [ 1351.801980][T14724] handle_mm_fault+0x814/0x1590 [ 1351.806978][T14724] ? _raw_spin_unlock+0x2e/0x50 [ 1351.811859][T14724] __get_user_pages+0x388/0xc80 [ 1351.816760][T14724] __get_user_pages_remote+0x17f/0x610 [ 1351.822219][T14724] ? iovec_from_user+0x2a6/0x2e0 [ 1351.827218][T14724] pin_user_pages_remote+0x58/0x80 [ 1351.832318][T14724] process_vm_rw_single_vec+0x17d/0x460 [ 1351.837974][T14724] process_vm_rw+0x3a2/0x540 [ 1351.842622][T14724] __x64_sys_process_vm_writev+0x76/0x90 [ 1351.848278][T14724] do_syscall_64+0x44/0xa0 [ 1351.852688][T14724] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1351.858571][T14724] RIP: 0033:0x7fede691aae9 [ 1351.862972][T14724] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1351.882576][T14724] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1351.890996][T14724] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1351.899139][T14724] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 00000000000024c8 [ 1351.907108][T14724] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 [ 1351.915069][T14724] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 23:13:30 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 60) 23:13:30 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887700724830b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1351.923147][T14724] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1351.931242][T14724] 23:13:30 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500000000120000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1352.058286][T14830] FAULT_INJECTION: forcing a failure. [ 1352.058286][T14830] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1352.071639][T14830] CPU: 0 PID: 14830 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1352.081609][T14830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1352.091664][T14830] Call Trace: [ 1352.094961][T14830] [ 1352.097935][T14830] dump_stack_lvl+0xd6/0x122 [ 1352.102597][T14830] dump_stack+0x11/0x1b [ 1352.106920][T14830] should_fail+0x23c/0x250 [ 1352.111369][T14830] __alloc_pages+0x102/0x330 [ 1352.115968][T14830] alloc_pages_vma+0x5ee/0x770 [ 1352.120734][T14830] ? lru_cache_add+0x37/0x50 [ 1352.125333][T14830] do_anonymous_page+0x169/0x8d0 [ 1352.130385][T14830] ? cgroup_rstat_updated+0x34/0x100 [ 1352.135714][T14830] ? __rcu_read_unlock+0x5c/0x290 [ 1352.140852][T14830] handle_mm_fault+0x814/0x1590 [ 1352.145795][T14830] ? _raw_spin_unlock+0x2e/0x50 [ 1352.150711][T14830] __get_user_pages+0x388/0xc80 [ 1352.155651][T14830] __get_user_pages_remote+0x17f/0x610 [ 1352.161128][T14830] ? iovec_from_user+0x2a6/0x2e0 [ 1352.166162][T14830] pin_user_pages_remote+0x58/0x80 [ 1352.171307][T14830] process_vm_rw_single_vec+0x17d/0x460 [ 1352.176955][T14830] process_vm_rw+0x3a2/0x540 [ 1352.181645][T14830] __x64_sys_process_vm_writev+0x76/0x90 [ 1352.187284][T14830] do_syscall_64+0x44/0xa0 [ 1352.191773][T14830] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1352.197888][T14830] RIP: 0033:0x7fede691aae9 [ 1352.202311][T14830] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1352.222063][T14830] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1352.230488][T14830] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1352.238620][T14830] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 00000000000024ca [ 1352.246789][T14830] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 [ 1352.254925][T14830] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1352.263073][T14830] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1352.271206][T14830] [ 1352.325764][T14833] loop2: detected capacity change from 0 to 1 [ 1352.398096][T14833] loop2: detected capacity change from 0 to 1 23:13:32 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) r3 = gettid() process_vm_writev(r3, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0) sched_setscheduler(r3, 0x6, &(0x7f0000000040)=0x6) 23:13:32 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500000000200000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:13:32 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201077) 23:13:32 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 61) 23:13:32 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887700724c30b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:13:32 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) openat(r1, &(0x7f0000000040)='./bus\x00', 0x3, 0x3c) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x80000001) [ 1354.118588][T14844] FAULT_INJECTION: forcing a failure. [ 1354.118588][T14844] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1354.131831][T14844] CPU: 0 PID: 14844 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1354.141643][T14844] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1354.151734][T14844] Call Trace: [ 1354.155017][T14844] [ 1354.157951][T14844] dump_stack_lvl+0xd6/0x122 [ 1354.162551][T14844] dump_stack+0x11/0x1b [ 1354.166758][T14844] should_fail+0x23c/0x250 [ 1354.171181][T14844] __alloc_pages+0x102/0x330 [ 1354.175778][T14844] alloc_pages_vma+0x5ee/0x770 [ 1354.180549][T14844] ? lru_cache_add+0x37/0x50 [ 1354.185153][T14844] do_anonymous_page+0x169/0x8d0 [ 1354.190175][T14844] ? cgroup_rstat_updated+0x34/0x100 [ 1354.195558][T14844] ? __rcu_read_unlock+0x5c/0x290 [ 1354.200601][T14844] handle_mm_fault+0x814/0x1590 [ 1354.205507][T14844] ? _raw_spin_unlock+0x2e/0x50 [ 1354.210441][T14844] __get_user_pages+0x388/0xc80 [ 1354.215363][T14844] __get_user_pages_remote+0x17f/0x610 [ 1354.220851][T14844] ? iovec_from_user+0x2a6/0x2e0 [ 1354.225834][T14844] pin_user_pages_remote+0x58/0x80 [ 1354.230959][T14844] process_vm_rw_single_vec+0x17d/0x460 [ 1354.236546][T14844] process_vm_rw+0x3a2/0x540 [ 1354.241151][T14844] __x64_sys_process_vm_writev+0x76/0x90 [ 1354.246877][T14844] do_syscall_64+0x44/0xa0 [ 1354.251348][T14844] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1354.257260][T14844] RIP: 0033:0x7fede691aae9 [ 1354.261683][T14844] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1354.281380][T14844] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1354.289868][T14844] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1354.297946][T14844] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 00000000000024cc [ 1354.305936][T14844] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 23:13:32 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x13, 0x1, @tid=0xffffffffffffffff}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:13:32 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887700726830b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1354.313998][T14844] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1354.321976][T14844] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1354.330007][T14844] [ 1354.335747][T14845] loop2: detected capacity change from 0 to 1 23:13:32 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 62) 23:13:32 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x20107a) [ 1354.417350][T14845] loop2: detected capacity change from 0 to 1 23:13:32 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500000000220000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:13:32 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887700726c30b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:13:32 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f0000001e80), 0x40000, 0x0) sendfile(r2, r1, &(0x7f0000001ec0)=0x2, 0x9) sendfile(r0, r1, 0x0, 0x80000001) r3 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r3, 0x2008000) r4 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) signalfd(r4, &(0x7f00000073c0)={[0x2]}, 0x8) r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r4, r5, 0x0, 0x80000001) recvmmsg$unix(r0, &(0x7f0000006f00)=[{{&(0x7f0000000040)=@abs, 0x6e, &(0x7f0000000200)=[{&(0x7f0000000100)=""/148, 0x94}, {&(0x7f00000001c0)=""/28, 0x1c}], 0x2}}, {{&(0x7f0000000240)=@abs, 0x6e, &(0x7f0000001480)=[{&(0x7f00000002c0)=""/193, 0xc1}, {&(0x7f00000003c0)=""/4096, 0x1000}, {&(0x7f00000013c0)=""/191, 0xbf}, {&(0x7f0000002040)=""/4096, 0x1000}], 0x4, &(0x7f00000014c0)=[@cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xc0}}, {{&(0x7f0000001580)=@abs, 0x6e, &(0x7f0000001880)=[{&(0x7f0000003040)=""/4096, 0x1000}, {&(0x7f0000001600)=""/73, 0x49}, {&(0x7f0000001680)=""/119, 0x77}, {&(0x7f0000001700)=""/121, 0x79}, {&(0x7f0000001780)=""/215, 0xd7}], 0x5, &(0x7f0000001900)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0xd8}}, {{&(0x7f0000001a00), 0x6e, &(0x7f0000001f40)=[{&(0x7f0000001a80)=""/218, 0xda}, {&(0x7f0000001b80)=""/54, 0x36}, {&(0x7f0000001bc0)=""/10, 0xa}, {&(0x7f0000001c00)=""/248, 0xf8}, {&(0x7f0000001d00)=""/190, 0xbe}, {&(0x7f0000001dc0)=""/182, 0xb6}, {&(0x7f0000007400)=""/167, 0xa7}], 0x7, &(0x7f0000004040)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xc0}}, {{0x0, 0x0, &(0x7f0000004540)=[{&(0x7f0000004100)=""/127, 0x7f}, {&(0x7f0000001fc0)}, {&(0x7f0000004180)=""/103, 0x67}, {&(0x7f0000004200)=""/81, 0x51}, {&(0x7f0000004280)=""/174, 0xae}, {&(0x7f0000004340)=""/79, 0x4f}, {&(0x7f00000043c0)=""/175, 0xaf}, {&(0x7f0000004480)=""/149, 0x95}], 0x8, &(0x7f00000045c0)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x60}}, {{&(0x7f0000004640), 0x6e, &(0x7f0000004b00)=[{&(0x7f00000046c0)=""/178, 0xb2}, {&(0x7f0000004780)=""/119, 0x77}, {&(0x7f0000004800)=""/122, 0x7a}, {&(0x7f0000004880)=""/188, 0xbc}, {&(0x7f0000004940)=""/174, 0xae}, {&(0x7f0000004a00)=""/210, 0xd2}], 0x6}}, {{&(0x7f0000004b80)=@abs, 0x6e, &(0x7f0000006e40)=[{&(0x7f0000004c00)=""/16, 0x10}, {&(0x7f0000004c40)=""/185, 0xb9}, {&(0x7f0000004d00)=""/49, 0x31}, {&(0x7f0000004d40)=""/56, 0x38}, {&(0x7f0000004d80)=""/4096, 0x1000}, {&(0x7f0000005d80)=""/4096, 0x1000}, {&(0x7f0000006d80)=""/169, 0xa9}], 0x7, &(0x7f0000006ec0)=[@rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x28}}], 0x7, 0x120e0, &(0x7f00000070c0)={0x77359400}) ioctl$INCFS_IOC_CREATE_FILE(r6, 0xc058671e, &(0x7f0000007340)={{'\x00', 0x1}, {0x7}, 0x2, 0x0, 0x0, &(0x7f0000007100)='./bus\x00', &(0x7f0000007140)='./bus\x00', &(0x7f0000007180)="212ae766b016cd12c1ab826c66418a0cfb28fb128d10350ec2d7ce7427f2235a2d29c1096e0b6f65e81e2f495687ce5fa1260710c393679b2317aed7b1def3585ce5ae1213420b962b9a2fa9a3a56437ca6c6f776211883bd733dc5dc0bae6f56832a7582f8c733a1b4ca6116fba2bc333a149f8150d6d539e5b6c87420eac1148882c66b0052b098073eb61b8fa7ed212212c5b1090ffcadc067d8f1e9d9ea0078ada5f9c78054786cb6536aae534515676ab79d1b9", 0xb6, 0x0, &(0x7f00000074c0)=ANY=[@ANYBLOB="02000000ed000000000000000c06000000eb50ce481a83da0000007b4c19771efe76a87150ed95863a4fb6bef515f0562606562e18a0cb3deb2d7c3846ff2bc772c43b0146e1956ea6eb388e1764a845d65cab8bf330623589aebece1c53aa0d02f8f9d1a6adedb765e1542f489894062c2a513a7282238e539b7a184f3f7fcaf3afa72dac943679c4da7e3e16d906b914b6c4bde38121cbc3ae7791f406076d214573a49acfd73ea89d37a8d9be6602ccc3f5b6137e48e1e0fec1a707a3d452e1f13b494c0cf7bf1480d1b3af8c6e7298a7f13fb31277d7110aeaef91c7cd57fec712b69d04fde4d81688ef471f1e9332ab6f78981ec9768f761b00000000"], 0xf9}) open(&(0x7f0000001fc0)='./bus\x00', 0x470003, 0x81) dup2(r3, 0xffffffffffffffff) [ 1354.527240][T15059] FAULT_INJECTION: forcing a failure. [ 1354.527240][T15059] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1354.540545][T15059] CPU: 0 PID: 15059 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1354.550457][T15059] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1354.560518][T15059] Call Trace: [ 1354.563795][T15059] [ 1354.566812][T15059] dump_stack_lvl+0xd6/0x122 [ 1354.571474][T15059] dump_stack+0x11/0x1b 23:13:32 executing program 1: ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=0xffffffffffffffff, @ANYBLOB=',\x00\x00\x00\x00\x00\x00\x00./fiLe0\x00']) ioctl$EVIOCGKEY(r0, 0x80404518, &(0x7f0000000200)=""/254) fdatasync(0xffffffffffffffff) timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)=0x0) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r2 = gettid() syz_open_procfs$namespace(r2, &(0x7f0000000040)='ns/cgroup\x00') timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x6, &(0x7f0000000100)={0x0, 0x0}) timer_settime(r3, 0x0, &(0x7f0000000500)={{}, {0x0, r4+60000000}}, 0x0) clock_gettime(0x0, &(0x7f0000000080)={0x0, 0x0}) timer_settime(r1, 0x1, &(0x7f0000000140)={{r5, r6+10000000}, {0x77359400}}, &(0x7f0000000180)) process_vm_writev(r2, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) [ 1354.575637][T15059] should_fail+0x23c/0x250 [ 1354.580182][T15059] __alloc_pages+0x102/0x330 [ 1354.584781][T15059] alloc_pages_vma+0x5ee/0x770 [ 1354.589583][T15059] ? lru_cache_add+0x37/0x50 [ 1354.594251][T15059] do_anonymous_page+0x169/0x8d0 [ 1354.599203][T15059] ? cgroup_rstat_updated+0x34/0x100 [ 1354.604496][T15059] ? __rcu_read_unlock+0x5c/0x290 [ 1354.609534][T15059] handle_mm_fault+0x814/0x1590 [ 1354.614698][T15059] ? _raw_spin_unlock+0x2e/0x50 [ 1354.619576][T15059] __get_user_pages+0x388/0xc80 [ 1354.624532][T15059] __get_user_pages_remote+0x17f/0x610 [ 1354.630032][T15059] ? iovec_from_user+0x2a6/0x2e0 [ 1354.634980][T15059] pin_user_pages_remote+0x58/0x80 [ 1354.640132][T15059] process_vm_rw_single_vec+0x17d/0x460 [ 1354.645867][T15059] process_vm_rw+0x3a2/0x540 [ 1354.650545][T15059] __x64_sys_process_vm_writev+0x76/0x90 [ 1354.656244][T15059] do_syscall_64+0x44/0xa0 [ 1354.660778][T15059] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1354.666695][T15059] RIP: 0033:0x7fede691aae9 23:13:32 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887700727430b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1354.671116][T15059] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1354.690979][T15059] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1354.699393][T15059] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1354.707387][T15059] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 00000000000024ce [ 1354.715365][T15059] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 23:13:32 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x2010cf) 23:13:33 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 63) [ 1354.723362][T15059] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1354.731407][T15059] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1354.739441][T15059] 23:13:33 executing program 1: r0 = signalfd4(0xffffffffffffffff, &(0x7f0000000040)={[0x3]}, 0x8, 0x80000) sendmsg$IPSET_CMD_PROTOCOL(r0, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x2c, 0x1, 0x6, 0x301, 0x0, 0x0, {0xa, 0x0, 0x3}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000004}, 0x0) timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r1 = gettid() sendmsg$IPSET_CMD_PROTOCOL(r0, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000280)={&(0x7f0000000200)={0x44, 0x1, 0x6, 0x201, 0x0, 0x0, {0x5, 0x0, 0x5}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x44}, 0x1, 0x0, 0x0, 0x20040881}, 0x20040001) timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r2, 0x0, &(0x7f0000000500)={{}, {0x0, r3+60000000}}, 0x0) process_vm_writev(r1, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:13:33 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887700727a30b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1354.802215][T15374] loop2: detected capacity change from 0 to 1 [ 1354.868563][T15374] loop2: detected capacity change from 0 to 1 [ 1354.910365][T15381] FAULT_INJECTION: forcing a failure. [ 1354.910365][T15381] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1354.923636][T15381] CPU: 0 PID: 15381 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1354.933531][T15381] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1354.943661][T15381] Call Trace: [ 1354.946957][T15381] [ 1354.949882][T15381] dump_stack_lvl+0xd6/0x122 [ 1354.954492][T15381] dump_stack+0x11/0x1b [ 1354.958644][T15381] should_fail+0x23c/0x250 [ 1354.963064][T15381] __alloc_pages+0x102/0x330 [ 1354.967723][T15381] alloc_pages_vma+0x5ee/0x770 [ 1354.972572][T15381] ? lru_cache_add+0x37/0x50 [ 1354.977245][T15381] do_anonymous_page+0x169/0x8d0 [ 1354.982274][T15381] ? cgroup_rstat_updated+0x34/0x100 [ 1354.987564][T15381] ? __rcu_read_unlock+0x5c/0x290 [ 1354.992621][T15381] handle_mm_fault+0x814/0x1590 [ 1354.997523][T15381] ? _raw_spin_unlock+0x2e/0x50 [ 1355.002388][T15381] __get_user_pages+0x388/0xc80 [ 1355.007340][T15381] __get_user_pages_remote+0x17f/0x610 [ 1355.012822][T15381] ? iovec_from_user+0x2a6/0x2e0 [ 1355.017770][T15381] pin_user_pages_remote+0x58/0x80 [ 1355.022885][T15381] process_vm_rw_single_vec+0x17d/0x460 [ 1355.028448][T15381] process_vm_rw+0x3a2/0x540 [ 1355.033064][T15381] __x64_sys_process_vm_writev+0x76/0x90 [ 1355.038705][T15381] do_syscall_64+0x44/0xa0 [ 1355.043311][T15381] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1355.049311][T15381] RIP: 0033:0x7fede691aae9 [ 1355.053820][T15381] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1355.073453][T15381] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1355.082043][T15381] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1355.090117][T15381] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 00000000000024d0 [ 1355.098179][T15381] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 23:13:33 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500000000250000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1355.106369][T15381] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1355.114344][T15381] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1355.122325][T15381] 23:13:33 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 64) 23:13:33 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa50000000000000088770072fe30b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:13:33 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201100) 23:13:33 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)=0x0) timer_settime(r0, 0x0, &(0x7f0000000000)={{0x77359400}, {0x0, 0x9}}, 0x0) clock_gettime(0x0, &(0x7f0000000040)={0x0, 0x0}) timer_settime(r0, 0x1, &(0x7f0000000080)={{r1, r2+10000000}}, 0x0) r3 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r4, 0x0, &(0x7f0000000500)={{}, {0x0, r5+60000000}}, 0x0) process_vm_writev(r3, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) timer_create(0x2, &(0x7f0000000100)={0x0, 0x25, 0x1, @tid=r3}, &(0x7f0000000140)=0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) clock_gettime(0x0, &(0x7f00000001c0)={0x0, 0x0}) timer_settime(r6, 0x0, &(0x7f0000000200)={{r7, r8+10000000}, {r9, r10+60000000}}, &(0x7f0000000240)) [ 1355.267452][T15588] loop2: detected capacity change from 0 to 1 [ 1355.323345][T15593] FAULT_INJECTION: forcing a failure. [ 1355.323345][T15593] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1355.336628][T15593] CPU: 0 PID: 15593 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1355.346447][T15593] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1355.356510][T15593] Call Trace: [ 1355.359865][T15593] [ 1355.362790][T15593] dump_stack_lvl+0xd6/0x122 [ 1355.367422][T15593] dump_stack+0x11/0x1b [ 1355.371563][T15593] should_fail+0x23c/0x250 [ 1355.376046][T15593] __alloc_pages+0x102/0x330 [ 1355.380626][T15593] alloc_pages_vma+0x5ee/0x770 [ 1355.385379][T15593] ? lru_cache_add+0x37/0x50 [ 1355.389960][T15593] do_anonymous_page+0x169/0x8d0 [ 1355.395070][T15593] ? cgroup_rstat_updated+0x34/0x100 [ 1355.400344][T15593] ? __rcu_read_unlock+0x5c/0x290 [ 1355.405393][T15593] handle_mm_fault+0x814/0x1590 [ 1355.410337][T15593] ? _raw_spin_unlock+0x2e/0x50 [ 1355.415198][T15593] __get_user_pages+0x388/0xc80 [ 1355.420039][T15593] __get_user_pages_remote+0x17f/0x610 [ 1355.425484][T15593] ? iovec_from_user+0x2a6/0x2e0 [ 1355.430411][T15593] pin_user_pages_remote+0x58/0x80 [ 1355.435517][T15593] process_vm_rw_single_vec+0x17d/0x460 [ 1355.441072][T15593] process_vm_rw+0x3a2/0x540 [ 1355.445739][T15593] __x64_sys_process_vm_writev+0x76/0x90 [ 1355.451979][T15593] do_syscall_64+0x44/0xa0 [ 1355.456654][T15593] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1355.462586][T15593] RIP: 0033:0x7fede691aae9 [ 1355.466991][T15593] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1355.487057][T15593] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1355.495491][T15593] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1355.503605][T15593] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 00000000000024d2 [ 1355.511642][T15593] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 [ 1355.519843][T15593] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1355.528287][T15593] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1355.536262][T15593] [ 1355.557998][T15588] loop2: detected capacity change from 0 to 1 23:13:34 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887700720090b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:13:34 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 65) 23:13:34 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa5000000003f0000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:13:34 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)=0x0) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) timer_gettime(r0, &(0x7f0000000040)) r1 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r2, 0x0, &(0x7f0000000500)={{}, {0x0, r3+60000000}}, 0x0) process_vm_writev(r1, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:13:34 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201200) 23:13:34 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x16d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x100) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r4 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r4, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x0, 0x0, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(0xffffffffffffffff, 0x84009422, &(0x7f0000000900)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {}, {0x0, @struct}}) r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./bus\x00', 0xb0000, 0x111) sendfile(r3, r5, 0x0, 0x80000001) r6 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r6, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x0, 0x0, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$EXT4_IOC_MOVE_EXT(r6, 0xc028660f, &(0x7f0000000040)={0x0, r2, 0x2, 0x82cb, 0x61}) r7 = open(&(0x7f0000000100)='./bus\x00', 0x143042, 0x0) ftruncate(r7, 0x2007fff) r8 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r8, r7, 0x0, 0x201000) openat$cgroup_ro(r7, &(0x7f0000000080)='cpuacct.usage_percpu_user\x00', 0x0, 0x0) [ 1355.836688][T15808] loop2: detected capacity change from 0 to 1 [ 1355.845053][T15810] FAULT_INJECTION: forcing a failure. [ 1355.845053][T15810] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1355.858352][T15810] CPU: 1 PID: 15810 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1355.868259][T15810] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1355.878317][T15810] Call Trace: [ 1355.881592][T15810] [ 1355.884511][T15810] dump_stack_lvl+0xd6/0x122 [ 1355.889169][T15810] dump_stack+0x11/0x1b [ 1355.893328][T15810] should_fail+0x23c/0x250 [ 1355.897780][T15810] __alloc_pages+0x102/0x330 [ 1355.902372][T15810] alloc_pages_vma+0x5ee/0x770 [ 1355.907141][T15810] ? lru_cache_add+0x37/0x50 [ 1355.911810][T15810] do_anonymous_page+0x169/0x8d0 [ 1355.916817][T15810] ? cgroup_rstat_updated+0x34/0x100 [ 1355.922127][T15810] ? __rcu_read_unlock+0x5c/0x290 [ 1355.927237][T15810] handle_mm_fault+0x814/0x1590 [ 1355.932171][T15810] ? _raw_spin_unlock+0x2e/0x50 [ 1355.937104][T15810] __get_user_pages+0x388/0xc80 [ 1355.941992][T15810] __get_user_pages_remote+0x17f/0x610 [ 1355.947469][T15810] ? iovec_from_user+0x2a6/0x2e0 [ 1355.952414][T15810] pin_user_pages_remote+0x58/0x80 [ 1355.957529][T15810] process_vm_rw_single_vec+0x17d/0x460 [ 1355.963103][T15810] process_vm_rw+0x3a2/0x540 [ 1355.967788][T15810] __x64_sys_process_vm_writev+0x76/0x90 [ 1355.973670][T15810] do_syscall_64+0x44/0xa0 [ 1355.978200][T15810] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1355.984200][T15810] RIP: 0033:0x7fede691aae9 [ 1355.988614][T15810] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1356.008235][T15810] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1356.016770][T15810] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1356.024735][T15810] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 00000000000024d4 23:13:34 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) timer_create(0x4, &(0x7f0000000040)={0x0, 0x36, 0x1, @thr={&(0x7f0000000100)="e5a21771ab85b92268c47fa9102aa8e54d21cc4cf2ecf4b8ca4e594e411b1dc3e9b551bdb8067dbe5826d5a4d243b0bc957c7a6576933aec4a7c4f9a576fae84b1d6f8ee95a04a1e27575408bdee09891f92d9509f3b57bdf18b215befda09fe1de02a1a34e803ed23c9d15e68aa5c5cb15b0ca4d0c7095849b9cf469ffa7061b95d933303e63bd5317dbe191d0aadbe02ec015cc31c6407c4234aba1682344d7940b0ae", &(0x7f00000001c0)="36ecd69364e1633c00d55bf1879234cc3fcc318ba1078d5cb3e72f66cc8482fe8a32f7d849fb20fd71e159c720c4fdbf8f9cf739e4b426d0a103deeb34d1cbd727e2f14c159e6d00deb3ce9ea48ed8ad6446828c6004f19a44a1e76f69321d38e50d53129972f99794333d3c38e7bae3bd3ba4c28534d6f304ad7980e13181bdb220f66bd322cc2f940fd7ca4aacb827cf0c2e2926de76f64f39873526b3282ca416179523b82153a20adfe2b82c6a57f7856e4e5b819fa34099674538f865dc15b7e974bf09ff34aaea8de929c399603acb446b4cfa75cceb81ceb0571c89cdd48f1be626ca"}}, &(0x7f0000000080)=0x0) clock_gettime(0x0, &(0x7f00000002c0)={0x0, 0x0}) timer_settime(r3, 0x1, &(0x7f0000000300)={{0x0, 0x3938700}, {r4, r5+10000000}}, &(0x7f0000000340)) 23:13:34 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 66) 23:13:34 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa5000000000000008877007200a0b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1356.032703][T15810] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 [ 1356.040707][T15810] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1356.048678][T15810] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1356.056783][T15810] 23:13:34 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201300) 23:13:34 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500000000400000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1356.126841][T15808] loop2: detected capacity change from 0 to 1 [ 1356.279006][T16015] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=35144 sclass=netlink_xfrm_socket pid=16015 comm=syz-executor.5 [ 1356.294223][T16015] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=34247 sclass=netlink_xfrm_socket pid=16015 comm=syz-executor.5 [ 1356.320729][T16015] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=53893 sclass=netlink_xfrm_socket pid=16015 comm=syz-executor.5 [ 1356.334794][T16020] FAULT_INJECTION: forcing a failure. [ 1356.334794][T16020] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1356.348203][T16020] CPU: 0 PID: 16020 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1356.349721][T16026] loop2: detected capacity change from 0 to 1 [ 1356.358010][T16020] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1356.358024][T16020] Call Trace: [ 1356.358030][T16020] [ 1356.358036][T16020] dump_stack_lvl+0xd6/0x122 [ 1356.364847][T16015] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=53481 sclass=netlink_xfrm_socket pid=16015 comm=syz-executor.5 [ 1356.374189][T16020] dump_stack+0x11/0x1b [ 1356.374217][T16020] should_fail+0x23c/0x250 [ 1356.406664][T16020] __alloc_pages+0x102/0x330 [ 1356.411298][T16020] alloc_pages_vma+0x5ee/0x770 [ 1356.414332][T16015] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=49 sclass=netlink_xfrm_socket pid=16015 comm=syz-executor.5 [ 1356.416258][T16020] ? lru_cache_add+0x37/0x50 [ 1356.416287][T16020] do_anonymous_page+0x169/0x8d0 [ 1356.416311][T16020] ? cgroup_rstat_updated+0x34/0x100 [ 1356.429071][T16015] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=61 sclass=netlink_xfrm_socket pid=16015 comm=syz-executor.5 [ 1356.433612][T16020] ? __rcu_read_unlock+0x5c/0x290 [ 1356.433634][T16020] ? sync_mm_rss+0x16d/0x190 [ 1356.466243][T16020] handle_mm_fault+0x814/0x1590 [ 1356.471281][T16020] ? _raw_spin_unlock+0x2e/0x50 [ 1356.476274][T16020] __get_user_pages+0x388/0xc80 [ 1356.481140][T16020] __get_user_pages_remote+0x17f/0x610 [ 1356.486621][T16020] ? iovec_from_user+0x2a6/0x2e0 [ 1356.491708][T16020] pin_user_pages_remote+0x58/0x80 [ 1356.496894][T16020] process_vm_rw_single_vec+0x17d/0x460 [ 1356.502474][T16020] process_vm_rw+0x3a2/0x540 [ 1356.507084][T16020] __x64_sys_process_vm_writev+0x76/0x90 [ 1356.512774][T16020] do_syscall_64+0x44/0xa0 [ 1356.517256][T16020] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1356.523274][T16020] RIP: 0033:0x7fede691aae9 [ 1356.527803][T16020] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1356.547676][T16020] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1356.556097][T16020] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1356.564165][T16020] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 00000000000024d6 [ 1356.572142][T16020] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 [ 1356.580106][T16020] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1356.588075][T16020] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1356.596047][T16020] 23:13:34 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 67) 23:13:34 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887700720030b5829237c302000000000080000055aa", 0x40, 0x1c0}]) 23:13:34 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) timer_create(0x6, &(0x7f0000000040)={0x0, 0x2b, 0x1, @thr={&(0x7f0000000100)="2e90b08343e91f0878e360e0b4deabe381a5375c5c6976d52425b6b25dea835ebc9408dbd576fe57d2af316f9ff8011fc3bafb8e390afc07e2497034c434a9b0f84c1cde6d0130b9849007d395b49d84b41495257930a002c1473d333fce2bfc3295aa4312f5ca57f51a19db6fae01fea043b298abf4c88c2d952eb75bb7431c2d200ea5aa84bd52384f294061ce2e9b7d581079d311d789758993fe91b17ef856aaa2c6384421518d3de58cbfbc04175e852984f06166b33725ed1da7641137b5da26c31d5f3b4ba22f4158b861a0e83e8fab326167fb3427ea56751851deb53e95782d2ee464e9dcc0980e0740f09846d489aa8f6318ead7dfd0290f15", &(0x7f0000000200)="d82245ca6b519551db42d42dbd869a67d9ed0c359ef6c4d83fedb92a6daef2837b169815b9fca9d80b608ce4dba89d7cc742c6dec1785b1bef143934c343bc3546ef48077abbabf46730a6209bc80d925b891cb3c8f3b84cb85c46a0c63f3f8c4271490da9966d864346c86536a675f852931c256bbdeb1cf3daa87767e8e5b3c614549c89e0fd5df96d569a4d0458ba9a21ed58782262e111fc8d86e45b8fa06ef3551aba8141bb92c1780be4c3176b504137f975805a394721a3c7647f8a4b35792d3169e148e5b9e3a03e9dcfe45a820abbd2f52a86f75a571064e78ac7c7b486fb6be99d22e75016fb8b2fe6026e5fe81b370ec6"}}, &(0x7f0000000080)=0x0) clock_gettime(0x0, &(0x7f0000000300)={0x0, 0x0}) clock_gettime(0x0, &(0x7f0000000340)={0x0, 0x0}) timer_settime(r3, 0x0, &(0x7f0000000380)={{r4, r5+10000000}, {r6, r7+60000000}}, 0x0) [ 1356.638018][T16026] loop2: detected capacity change from 0 to 1 23:13:34 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x41) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x80000001) [ 1356.684037][T16128] selinux_netlink_send: 39 callbacks suppressed [ 1356.684054][T16128] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=35144 sclass=netlink_xfrm_socket pid=16128 comm=syz-executor.4 [ 1356.705061][T16128] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=34247 sclass=netlink_xfrm_socket pid=16128 comm=syz-executor.4 23:13:34 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500000800400000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1356.732602][T16128] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=53893 sclass=netlink_xfrm_socket pid=16128 comm=syz-executor.4 [ 1356.747844][T16128] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=53481 sclass=netlink_xfrm_socket pid=16128 comm=syz-executor.4 [ 1356.889455][T16133] FAULT_INJECTION: forcing a failure. [ 1356.889455][T16133] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1356.902709][T16133] CPU: 1 PID: 16133 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1356.912509][T16133] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1356.922697][T16133] Call Trace: [ 1356.925998][T16133] [ 1356.928923][T16133] dump_stack_lvl+0xd6/0x122 [ 1356.933513][T16133] dump_stack+0x11/0x1b [ 1356.937679][T16133] should_fail+0x23c/0x250 [ 1356.942208][T16133] __alloc_pages+0x102/0x330 [ 1356.946844][T16133] alloc_pages_vma+0x5ee/0x770 [ 1356.951653][T16133] ? lru_cache_add+0x37/0x50 [ 1356.956282][T16133] do_anonymous_page+0x169/0x8d0 [ 1356.961231][T16133] ? cgroup_rstat_updated+0x34/0x100 [ 1356.966565][T16133] ? __rcu_read_unlock+0x5c/0x290 [ 1356.971627][T16133] handle_mm_fault+0x814/0x1590 [ 1356.976550][T16133] ? _raw_spin_unlock+0x2e/0x50 [ 1356.981402][T16133] __get_user_pages+0x388/0xc80 [ 1356.986337][T16133] __get_user_pages_remote+0x17f/0x610 [ 1356.991794][T16133] ? iovec_from_user+0x2a6/0x2e0 [ 1356.997065][T16133] pin_user_pages_remote+0x58/0x80 [ 1357.002350][T16133] process_vm_rw_single_vec+0x17d/0x460 [ 1357.008003][T16133] process_vm_rw+0x3a2/0x540 [ 1357.012682][T16133] __x64_sys_process_vm_writev+0x76/0x90 [ 1357.018329][T16133] do_syscall_64+0x44/0xa0 [ 1357.022849][T16133] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1357.028746][T16133] RIP: 0033:0x7fede691aae9 [ 1357.033241][T16133] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1357.053218][T16133] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1357.061634][T16133] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1357.069599][T16133] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 00000000000024d8 [ 1357.077567][T16133] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 [ 1357.085530][T16133] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1357.093626][T16133] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1357.102190][T16133] 23:13:35 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 68) 23:13:35 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887700720030b5829237c303000000000080000055aa", 0x40, 0x1c0}]) [ 1357.134973][T16137] loop2: detected capacity change from 0 to 1 23:13:35 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201400) 23:13:35 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) clock_gettime(0x0, &(0x7f0000000040)={0x0, 0x0}) timer_settime(r2, 0x1, &(0x7f0000000080)={{r3, r4+10000000}, {0x0, 0x989680}}, &(0x7f0000000100)) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r5+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) [ 1357.208124][T16137] loop2: detected capacity change from 0 to 1 [ 1357.279499][T16342] FAULT_INJECTION: forcing a failure. [ 1357.279499][T16342] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1357.292776][T16342] CPU: 0 PID: 16342 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1357.302595][T16342] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1357.312671][T16342] Call Trace: [ 1357.315947][T16342] [ 1357.318865][T16342] dump_stack_lvl+0xd6/0x122 [ 1357.323519][T16342] dump_stack+0x11/0x1b [ 1357.327709][T16342] should_fail+0x23c/0x250 [ 1357.332141][T16342] __alloc_pages+0x102/0x330 [ 1357.336786][T16342] alloc_pages_vma+0x5ee/0x770 [ 1357.341565][T16342] ? lru_cache_add+0x37/0x50 [ 1357.346161][T16342] do_anonymous_page+0x169/0x8d0 [ 1357.351160][T16342] ? cgroup_rstat_updated+0x34/0x100 [ 1357.356435][T16342] ? __rcu_read_unlock+0x5c/0x290 [ 1357.361463][T16342] handle_mm_fault+0x814/0x1590 [ 1357.366361][T16342] ? _raw_spin_unlock+0x2e/0x50 [ 1357.371458][T16342] __get_user_pages+0x388/0xc80 [ 1357.376311][T16342] __get_user_pages_remote+0x17f/0x610 [ 1357.381934][T16342] ? iovec_from_user+0x2a6/0x2e0 [ 1357.387383][T16342] pin_user_pages_remote+0x58/0x80 [ 1357.392604][T16342] process_vm_rw_single_vec+0x17d/0x460 [ 1357.398138][T16342] process_vm_rw+0x3a2/0x540 [ 1357.402777][T16342] __x64_sys_process_vm_writev+0x76/0x90 [ 1357.408428][T16342] do_syscall_64+0x44/0xa0 [ 1357.412836][T16342] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1357.418741][T16342] RIP: 0033:0x7fede691aae9 [ 1357.423179][T16342] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1357.442882][T16342] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1357.451397][T16342] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1357.459789][T16342] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 00000000000024da [ 1357.467844][T16342] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 23:13:35 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500000000480000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:13:35 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 69) 23:13:35 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887700720030b5829237c304000000000080000055aa", 0x40, 0x1c0}]) [ 1357.475800][T16342] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1357.483760][T16342] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1357.491790][T16342] [ 1357.730595][T16351] loop2: detected capacity change from 0 to 1 [ 1357.750577][T16353] FAULT_INJECTION: forcing a failure. [ 1357.750577][T16353] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1357.763927][T16353] CPU: 0 PID: 16353 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1357.773920][T16353] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1357.783973][T16353] Call Trace: [ 1357.787256][T16353] [ 1357.790230][T16353] dump_stack_lvl+0xd6/0x122 [ 1357.794884][T16353] dump_stack+0x11/0x1b [ 1357.799046][T16353] should_fail+0x23c/0x250 [ 1357.803561][T16353] __alloc_pages+0x102/0x330 [ 1357.808231][T16353] alloc_pages_vma+0x5ee/0x770 [ 1357.813013][T16353] ? lru_cache_add+0x37/0x50 [ 1357.817714][T16353] do_anonymous_page+0x169/0x8d0 [ 1357.822668][T16353] ? cgroup_rstat_updated+0x34/0x100 [ 1357.827985][T16353] ? __rcu_read_unlock+0x5c/0x290 [ 1357.833130][T16353] handle_mm_fault+0x814/0x1590 [ 1357.837992][T16353] ? _raw_spin_unlock+0x2e/0x50 [ 1357.842906][T16353] __get_user_pages+0x388/0xc80 [ 1357.847774][T16353] __get_user_pages_remote+0x17f/0x610 [ 1357.853293][T16353] ? iovec_from_user+0x2a6/0x2e0 [ 1357.858289][T16353] pin_user_pages_remote+0x58/0x80 [ 1357.863416][T16353] process_vm_rw_single_vec+0x17d/0x460 [ 1357.868990][T16353] process_vm_rw+0x3a2/0x540 [ 1357.873682][T16353] __x64_sys_process_vm_writev+0x76/0x90 [ 1357.879325][T16353] do_syscall_64+0x44/0xa0 [ 1357.883794][T16353] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1357.889716][T16353] RIP: 0033:0x7fede691aae9 [ 1357.894130][T16353] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1357.913815][T16353] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1357.922228][T16353] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 23:13:36 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201500) 23:13:36 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887700720030b5829237c305000000000080000055aa", 0x40, 0x1c0}]) 23:13:36 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) ftruncate(r0, 0x4) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r3, 0x2007fff) r4 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r4, r3, 0x0, 0x201000) ioctl$TCGETS2(r3, 0x802c542a, &(0x7f0000000040)) r5 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r6 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r5, r6, 0x0, 0x80000001) [ 1357.930345][T16353] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 00000000000024dc [ 1357.938316][T16353] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 [ 1357.946301][T16353] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1357.954334][T16353] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1357.962415][T16353] 23:13:36 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 70) [ 1358.031110][T16351] loop2: detected capacity change from 0 to 1 23:13:36 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887700720030b5829237c306000000000080000055aa", 0x40, 0x1c0}]) 23:13:36 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa5000000004c0000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1358.177980][T16463] FAULT_INJECTION: forcing a failure. [ 1358.177980][T16463] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1358.191463][T16463] CPU: 1 PID: 16463 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1358.201364][T16463] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1358.211419][T16463] Call Trace: [ 1358.214709][T16463] [ 1358.217632][T16463] dump_stack_lvl+0xd6/0x122 [ 1358.222220][T16463] dump_stack+0x11/0x1b [ 1358.226379][T16463] should_fail+0x23c/0x250 [ 1358.230887][T16463] __alloc_pages+0x102/0x330 [ 1358.235525][T16463] alloc_pages_vma+0x5ee/0x770 [ 1358.240288][T16463] ? lru_cache_add+0x37/0x50 [ 1358.245032][T16463] do_anonymous_page+0x169/0x8d0 [ 1358.250516][T16463] ? cgroup_rstat_updated+0x34/0x100 [ 1358.255871][T16463] ? __rcu_read_unlock+0x5c/0x290 [ 1358.260994][T16463] handle_mm_fault+0x814/0x1590 [ 1358.265933][T16463] ? _raw_spin_unlock+0x2e/0x50 [ 1358.270854][T16463] __get_user_pages+0x388/0xc80 [ 1358.275701][T16463] __get_user_pages_remote+0x17f/0x610 [ 1358.281248][T16463] ? iovec_from_user+0x2a6/0x2e0 [ 1358.286238][T16463] pin_user_pages_remote+0x58/0x80 [ 1358.291358][T16463] process_vm_rw_single_vec+0x17d/0x460 [ 1358.296993][T16463] process_vm_rw+0x3a2/0x540 [ 1358.301590][T16463] __x64_sys_process_vm_writev+0x76/0x90 [ 1358.307290][T16463] do_syscall_64+0x44/0xa0 [ 1358.311787][T16463] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1358.317944][T16463] RIP: 0033:0x7fede691aae9 [ 1358.322354][T16463] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1358.342105][T16463] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1358.350515][T16463] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1358.358749][T16463] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 00000000000024de [ 1358.366806][T16463] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 23:13:36 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 71) [ 1358.374868][T16463] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1358.382838][T16463] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1358.390915][T16463] [ 1358.403693][T16464] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=35144 sclass=netlink_xfrm_socket pid=16464 comm=syz-executor.4 [ 1358.430894][T16464] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=34247 sclass=netlink_xfrm_socket pid=16464 comm=syz-executor.4 [ 1358.445093][T16464] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=53893 sclass=netlink_xfrm_socket pid=16464 comm=syz-executor.4 [ 1358.458989][T16464] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=53481 sclass=netlink_xfrm_socket pid=16464 comm=syz-executor.4 [ 1358.498204][T16465] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=35144 sclass=netlink_xfrm_socket pid=16465 comm=syz-executor.5 [ 1358.515695][T16465] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=34247 sclass=netlink_xfrm_socket pid=16465 comm=syz-executor.5 23:13:36 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887700720030b5829237c307000000000080000055aa", 0x40, 0x1c0}]) [ 1358.640878][T16470] loop2: detected capacity change from 0 to 1 [ 1358.674601][T16472] FAULT_INJECTION: forcing a failure. [ 1358.674601][T16472] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1358.687875][T16472] CPU: 1 PID: 16472 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1358.697776][T16472] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1358.707897][T16472] Call Trace: [ 1358.711179][T16472] [ 1358.714191][T16472] dump_stack_lvl+0xd6/0x122 [ 1358.718852][T16472] dump_stack+0x11/0x1b [ 1358.723012][T16472] should_fail+0x23c/0x250 [ 1358.727437][T16472] __alloc_pages+0x102/0x330 [ 1358.732026][T16472] alloc_pages_vma+0x5ee/0x770 [ 1358.736847][T16472] ? lru_cache_add+0x37/0x50 [ 1358.741458][T16472] do_anonymous_page+0x169/0x8d0 [ 1358.746438][T16472] ? cgroup_rstat_updated+0x34/0x100 [ 1358.751725][T16472] ? __rcu_read_unlock+0x5c/0x290 [ 1358.756795][T16472] handle_mm_fault+0x814/0x1590 [ 1358.761724][T16472] ? _raw_spin_unlock+0x2e/0x50 [ 1358.766757][T16472] __get_user_pages+0x388/0xc80 [ 1358.771725][T16472] __get_user_pages_remote+0x17f/0x610 [ 1358.777250][T16472] ? iovec_from_user+0x2a6/0x2e0 [ 1358.782238][T16472] pin_user_pages_remote+0x58/0x80 [ 1358.787353][T16472] process_vm_rw_single_vec+0x17d/0x460 [ 1358.792914][T16472] process_vm_rw+0x3a2/0x540 [ 1358.797565][T16472] __x64_sys_process_vm_writev+0x76/0x90 [ 1358.803224][T16472] do_syscall_64+0x44/0xa0 [ 1358.807650][T16472] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1358.813552][T16472] RIP: 0033:0x7fede691aae9 [ 1358.817989][T16472] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1358.837597][T16472] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1358.846012][T16472] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1358.854011][T16472] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 00000000000024e0 [ 1358.861983][T16472] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 [ 1358.869955][T16472] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1358.878013][T16472] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1358.886003][T16472] [ 1358.897760][T16470] loop2: detected capacity change from 0 to 1 23:13:38 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500000000680000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:13:38 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 72) 23:13:38 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201600) 23:13:38 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887700720030b5829237c308000000000080000055aa", 0x40, 0x1c0}]) 23:13:38 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./bus\x00', 0x103a41, 0x4) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x80000001) 23:13:38 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) r2 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r2, 0x107, 0x14, &(0x7f0000000000)=0x1, 0x4) sendmsg(r2, &(0x7f0000000480)={&(0x7f0000000080)=@nfc_llcp={0x27, 0x1, 0x0, 0x0, 0x0, 0x0, "f2e10c000f626fe9157070a1af0a1aaf666adb092b2266226dfb4782428504425053bd67d26fcae672434aa99c349c8c09c04a47bdfb169bdbae680f34ff76"}, 0x80, &(0x7f0000000180)=[{&(0x7f0000000100)="511f6b0b44775d6e205f974388a8", 0xe}], 0x1}, 0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) timer_settime(r4, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) timer_settime(r4, 0x1, &(0x7f00000001c0)={{0x77359400}, {0x0, 0x989680}}, &(0x7f0000000200)) timer_settime(r1, 0x0, &(0x7f0000000140)={{}, {0x0, r3+60000000}}, 0x0) timer_create(0x1, &(0x7f0000000040)={0x0, 0x7, 0x1, @tid=r0}, &(0x7f0000000080)=0x0) timer_delete(r5) r6 = gettid() tkill(r6, 0x22) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:13:38 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887700720030b5829237c309000000000080000055aa", 0x40, 0x1c0}]) [ 1360.686364][T16586] loop2: detected capacity change from 0 to 1 [ 1360.694919][T16587] FAULT_INJECTION: forcing a failure. [ 1360.694919][T16587] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1360.708223][T16587] CPU: 1 PID: 16587 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1360.718118][T16587] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1360.728371][T16587] Call Trace: [ 1360.731717][T16587] [ 1360.734643][T16587] dump_stack_lvl+0xd6/0x122 [ 1360.739259][T16587] dump_stack+0x11/0x1b [ 1360.743450][T16587] should_fail+0x23c/0x250 [ 1360.748420][T16587] __alloc_pages+0x102/0x330 [ 1360.753009][T16587] alloc_pages_vma+0x5ee/0x770 [ 1360.757860][T16587] ? lru_cache_add+0x37/0x50 [ 1360.762520][T16587] do_anonymous_page+0x169/0x8d0 [ 1360.767492][T16587] ? cgroup_rstat_updated+0x34/0x100 [ 1360.772782][T16587] ? __rcu_read_unlock+0x5c/0x290 [ 1360.777852][T16587] handle_mm_fault+0x814/0x1590 [ 1360.782701][T16587] ? _raw_spin_unlock+0x2e/0x50 [ 1360.787571][T16587] __get_user_pages+0x388/0xc80 [ 1360.792485][T16587] __get_user_pages_remote+0x17f/0x610 [ 1360.797944][T16587] ? iovec_from_user+0x2a6/0x2e0 [ 1360.802884][T16587] pin_user_pages_remote+0x58/0x80 [ 1360.808056][T16587] process_vm_rw_single_vec+0x17d/0x460 [ 1360.813607][T16587] process_vm_rw+0x3a2/0x540 [ 1360.818207][T16587] __x64_sys_process_vm_writev+0x76/0x90 [ 1360.823859][T16587] do_syscall_64+0x44/0xa0 [ 1360.828428][T16587] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1360.834371][T16587] RIP: 0033:0x7fede691aae9 [ 1360.838803][T16587] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1360.858842][T16587] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1360.867254][T16587] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1360.875468][T16587] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 00000000000024e2 23:13:39 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 73) [ 1360.883435][T16587] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 [ 1360.891408][T16587] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1360.899379][T16587] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1360.907355][T16587] [ 1360.987166][T16586] loop2: detected capacity change from 0 to 1 23:13:39 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa5000000006c0000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:13:39 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0, {0x101}}, './bus\x00'}) r2 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0xe32, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffdffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0xecd0}, 0x0, 0xfffffff7ffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2, 0x11, r3, 0x0) ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000240)=ANY=[@ANYRES32, @ANYBLOB]) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r2, 0x2405, r3) r4 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) readv(r4, &(0x7f0000001900)=[{&(0x7f0000000080)=""/54, 0x36}, {&(0x7f0000000400)=""/111, 0x6f}, {&(0x7f0000000480)=""/82, 0x52}, {&(0x7f0000000500)=""/71, 0x47}, {&(0x7f0000000580)=""/107, 0x6b}, {&(0x7f0000000600)=""/240, 0xfffffd74}, {&(0x7f0000000700)=""/4096, 0x1002}, {&(0x7f00000001c0)=""/63, 0x3f}, {&(0x7f0000001700)=""/236, 0xec}, {&(0x7f0000001800)=""/254, 0xfe}], 0xa) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r0, 0xc018937d, &(0x7f0000000140)={{0x1, 0x1, 0x18, r0, {0x100}}, './bus\x00'}) renameat2(r1, &(0x7f0000000100)='./bus\x00', r5, &(0x7f0000000180)='./bus\x00', 0x3) r6 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r6, 0x0, 0x80000001) r7 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r7, 0x2007fff) open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r8 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r8, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x0, 0x0, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) signalfd(r8, &(0x7f0000000040)={[0x16e3]}, 0x8) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) [ 1361.188526][T16603] FAULT_INJECTION: forcing a failure. [ 1361.188526][T16603] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1361.201825][T16603] CPU: 0 PID: 16603 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1361.212021][T16603] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1361.222083][T16603] Call Trace: [ 1361.225355][T16603] [ 1361.228365][T16603] dump_stack_lvl+0xd6/0x122 [ 1361.232958][T16603] dump_stack+0x11/0x1b [ 1361.237103][T16603] should_fail+0x23c/0x250 [ 1361.241782][T16603] __alloc_pages+0x102/0x330 [ 1361.246476][T16603] alloc_pages_vma+0x5ee/0x770 [ 1361.251406][T16603] ? lru_cache_add+0x37/0x50 [ 1361.256021][T16603] do_anonymous_page+0x169/0x8d0 [ 1361.260973][T16603] ? cgroup_rstat_updated+0x34/0x100 [ 1361.266331][T16603] ? __rcu_read_unlock+0x5c/0x290 [ 1361.271361][T16603] handle_mm_fault+0x814/0x1590 [ 1361.276260][T16603] ? _raw_spin_unlock+0x2e/0x50 [ 1361.281125][T16603] __get_user_pages+0x388/0xc80 [ 1361.286040][T16603] __get_user_pages_remote+0x17f/0x610 [ 1361.291660][T16603] ? iovec_from_user+0x2a6/0x2e0 [ 1361.296759][T16603] pin_user_pages_remote+0x58/0x80 [ 1361.301879][T16603] process_vm_rw_single_vec+0x17d/0x460 [ 1361.307488][T16603] process_vm_rw+0x3a2/0x540 [ 1361.312088][T16603] __x64_sys_process_vm_writev+0x76/0x90 [ 1361.317787][T16603] do_syscall_64+0x44/0xa0 [ 1361.322217][T16603] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1361.328125][T16603] RIP: 0033:0x7fede691aae9 23:13:39 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887700720030b5829237c30a000000000080000055aa", 0x40, 0x1c0}]) [ 1361.332639][T16603] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1361.352614][T16603] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1361.361032][T16603] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1361.369113][T16603] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 00000000000024e4 [ 1361.377088][T16603] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 23:13:39 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887700720030b5829237c30b000000000080000055aa", 0x40, 0x1c0}]) 23:13:39 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 74) [ 1361.385060][T16603] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1361.393223][T16603] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1361.402353][T16603] [ 1361.409176][T16605] loop2: detected capacity change from 0 to 1 23:13:39 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201700) [ 1361.517435][T16605] loop2: detected capacity change from 0 to 1 23:13:39 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887700720030b5829237c30c000000000080000055aa", 0x40, 0x1c0}]) [ 1361.612857][T16715] FAULT_INJECTION: forcing a failure. [ 1361.612857][T16715] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1361.626110][T16715] CPU: 0 PID: 16715 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1361.635962][T16715] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1361.646360][T16715] Call Trace: [ 1361.649651][T16715] [ 1361.652701][T16715] dump_stack_lvl+0xd6/0x122 [ 1361.657505][T16715] dump_stack+0x11/0x1b 23:13:39 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500000000740000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1361.661722][T16715] should_fail+0x23c/0x250 [ 1361.666213][T16715] __alloc_pages+0x102/0x330 [ 1361.670917][T16715] alloc_pages_vma+0x5ee/0x770 [ 1361.675686][T16715] ? lru_cache_add+0x37/0x50 [ 1361.680317][T16715] do_anonymous_page+0x169/0x8d0 [ 1361.685264][T16715] ? cgroup_rstat_updated+0x34/0x100 [ 1361.690620][T16715] ? __rcu_read_unlock+0x5c/0x290 [ 1361.695728][T16715] handle_mm_fault+0x814/0x1590 [ 1361.700604][T16715] ? _raw_spin_unlock+0x2e/0x50 [ 1361.705461][T16715] __get_user_pages+0x388/0xc80 [ 1361.710413][T16715] __get_user_pages_remote+0x17f/0x610 [ 1361.716414][T16715] ? iovec_from_user+0x2a6/0x2e0 [ 1361.721375][T16715] pin_user_pages_remote+0x58/0x80 [ 1361.726490][T16715] process_vm_rw_single_vec+0x17d/0x460 [ 1361.732082][T16715] process_vm_rw+0x3a2/0x540 [ 1361.736697][T16715] __x64_sys_process_vm_writev+0x76/0x90 [ 1361.742665][T16715] do_syscall_64+0x44/0xa0 [ 1361.747493][T16715] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1361.753422][T16715] RIP: 0033:0x7fede691aae9 [ 1361.757953][T16715] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1361.777813][T16715] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1361.786244][T16715] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1361.794253][T16715] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 00000000000024e6 [ 1361.802257][T16715] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 23:13:40 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 75) [ 1361.810232][T16715] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1361.818291][T16715] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1361.826268][T16715] [ 1361.920915][T16718] selinux_netlink_send: 3 callbacks suppressed [ 1361.920931][T16718] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=35144 sclass=netlink_xfrm_socket pid=16718 comm=syz-executor.4 [ 1361.960397][T16718] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=34247 sclass=netlink_xfrm_socket pid=16718 comm=syz-executor.4 [ 1361.975944][T16721] FAULT_INJECTION: forcing a failure. [ 1361.975944][T16721] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1361.989228][T16721] CPU: 0 PID: 16721 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1361.999120][T16721] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1362.009187][T16721] Call Trace: [ 1362.012461][T16721] [ 1362.015385][T16721] dump_stack_lvl+0xd6/0x122 [ 1362.020019][T16721] dump_stack+0x11/0x1b [ 1362.024170][T16721] should_fail+0x23c/0x250 [ 1362.028597][T16721] __alloc_pages+0x102/0x330 [ 1362.033311][T16721] alloc_pages_vma+0x5ee/0x770 [ 1362.038078][T16721] ? lru_cache_add+0x37/0x50 [ 1362.042678][T16721] do_anonymous_page+0x169/0x8d0 [ 1362.047694][T16721] ? cgroup_rstat_updated+0x34/0x100 [ 1362.053062][T16721] ? __rcu_read_unlock+0x5c/0x290 [ 1362.058177][T16721] handle_mm_fault+0x814/0x1590 [ 1362.063034][T16721] ? _raw_spin_unlock+0x2e/0x50 [ 1362.067933][T16721] __get_user_pages+0x388/0xc80 [ 1362.072784][T16721] __get_user_pages_remote+0x17f/0x610 [ 1362.078247][T16721] ? iovec_from_user+0x2a6/0x2e0 [ 1362.083316][T16721] pin_user_pages_remote+0x58/0x80 [ 1362.088430][T16721] process_vm_rw_single_vec+0x17d/0x460 [ 1362.094125][T16721] process_vm_rw+0x3a2/0x540 [ 1362.098879][T16721] __x64_sys_process_vm_writev+0x76/0x90 [ 1362.104543][T16721] do_syscall_64+0x44/0xa0 [ 1362.108967][T16721] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1362.114955][T16721] RIP: 0033:0x7fede691aae9 [ 1362.119379][T16721] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1362.139235][T16721] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1362.147736][T16721] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1362.155773][T16721] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 00000000000024e8 [ 1362.163744][T16721] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 [ 1362.172322][T16721] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1362.180339][T16721] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1362.188309][T16721] [ 1362.191621][T16718] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=53893 sclass=netlink_xfrm_socket pid=16718 comm=syz-executor.4 [ 1362.205280][T16718] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=53481 sclass=netlink_xfrm_socket pid=16718 comm=syz-executor.4 [ 1362.237724][T16718] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=49 sclass=netlink_xfrm_socket pid=16718 comm=syz-executor.4 [ 1362.250636][T16718] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=61 sclass=netlink_xfrm_socket pid=16718 comm=syz-executor.4 [ 1362.263539][T16718] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=108 sclass=netlink_xfrm_socket pid=16718 comm=syz-executor.4 [ 1362.276402][T16718] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=103 sclass=netlink_xfrm_socket pid=16718 comm=syz-executor.4 [ 1362.289265][T16718] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=129 sclass=netlink_xfrm_socket pid=16718 comm=syz-executor.4 [ 1362.302125][T16718] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=161 sclass=netlink_xfrm_socket pid=16718 comm=syz-executor.4 [ 1362.324591][T16723] loop2: detected capacity change from 0 to 1 [ 1362.407720][T16723] loop2: detected capacity change from 0 to 1 23:13:42 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) timer_settime(r1, 0x1, &(0x7f0000000140)={{0x0, 0x989680}, {0x0, 0x989680}}, &(0x7f00000001c0)) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x4, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) timer_settime(r3, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) clock_gettime(0x0, &(0x7f0000000040)={0x0, 0x0}) timer_settime(r3, 0x0, &(0x7f0000000080)={{0x0, 0x3938700}, {r4, r5+60000000}}, &(0x7f0000000100)) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) timer_create(0x1, &(0x7f00000003c0)={0x0, 0x24, 0x0, @thr={&(0x7f0000000240)="c8276b8d6a383ed17e0919a56fd4be44fb69a1cb96a5a1cc3d502994df12dd985a4eba1cd35ebb5cccdae3b756a7ddac31f5c9c7492d77acf084735b023a4df9c9f741c045ecda6ccf7a061a764f1732acb6d4e7779246069d10c9466beab6e9b5d2b0381b863ddf567b2a0e4a521ac5", &(0x7f00000002c0)="581610746cf4b3ea440b71942a99587e79d06f2a149498f2dc98a3be0b13c786a415ed244766e73f3acf0168da773138cc1c6b3d92588851a89c26d2c1a1315aaad7ef60bfd52de5e18057595c701075a0199f6ec7fff77240cb4184e104d590de8e575e052e9e84f2ee74036439cdd030b485b54e7f03c38e2f1fb2e06442ca1802e8fa5724c05879d26f502d2f4e4df895ce815781b5c1dfaf2aa6f8d11081748cc1ab37a51987db75519535af3de07277f794c191d4a5cc32b0784b752b2b32b0d9b619cb98114994cde98153eedd742949d38d42949173be74ff1d60"}}, &(0x7f0000000400)=0x0) clock_gettime(0x0, &(0x7f0000000480)={0x0, 0x0}) timer_settime(r6, 0x1, &(0x7f0000000540)={{}, {r7, r8+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:13:42 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 76) 23:13:42 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887700720030b5829237c30d000000000080000055aa", 0x40, 0x1c0}]) 23:13:42 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r1, 0x81f8943c, &(0x7f0000000100)) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x80000001) 23:13:42 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201800) 23:13:42 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa5000000007a0000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1364.147627][T16830] loop2: detected capacity change from 0 to 1 [ 1364.149625][T16832] FAULT_INJECTION: forcing a failure. [ 1364.149625][T16832] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1364.167126][T16832] CPU: 0 PID: 16832 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1364.177039][T16832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1364.187390][T16832] Call Trace: [ 1364.190733][T16832] [ 1364.193703][T16832] dump_stack_lvl+0xd6/0x122 [ 1364.198326][T16832] dump_stack+0x11/0x1b [ 1364.202549][T16832] should_fail+0x23c/0x250 [ 1364.207023][T16832] __alloc_pages+0x102/0x330 [ 1364.211676][T16832] alloc_pages_vma+0x5ee/0x770 [ 1364.216457][T16832] ? lru_cache_add+0x37/0x50 [ 1364.221107][T16832] do_anonymous_page+0x169/0x8d0 [ 1364.226059][T16832] ? cgroup_rstat_updated+0x34/0x100 [ 1364.231450][T16832] ? __rcu_read_unlock+0x5c/0x290 [ 1364.236553][T16832] handle_mm_fault+0x814/0x1590 [ 1364.241415][T16832] ? _raw_spin_unlock+0x2e/0x50 [ 1364.246273][T16832] __get_user_pages+0x388/0xc80 [ 1364.251182][T16832] __get_user_pages_remote+0x17f/0x610 [ 1364.256713][T16832] ? iovec_from_user+0x2a6/0x2e0 [ 1364.261670][T16832] pin_user_pages_remote+0x58/0x80 [ 1364.266811][T16832] process_vm_rw_single_vec+0x17d/0x460 [ 1364.272556][T16832] process_vm_rw+0x3a2/0x540 [ 1364.277167][T16832] __x64_sys_process_vm_writev+0x76/0x90 [ 1364.282879][T16832] do_syscall_64+0x44/0xa0 [ 1364.287339][T16832] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1364.293288][T16832] RIP: 0033:0x7fede691aae9 [ 1364.297695][T16832] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1364.317308][T16832] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1364.325742][T16832] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1364.333724][T16832] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 00000000000024ea 23:13:42 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) clock_gettime(0x0, &(0x7f0000000140)={0x0, 0x0}) timer_create(0x7, &(0x7f00000001c0)={0x0, 0x41, 0x1}, &(0x7f0000000200)=0x0) timer_settime(r2, 0x0, &(0x7f0000000240)={{}, {0x77359400}}, &(0x7f0000000280)) timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {r0, r1+60000000}}, 0x0) r3 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) r6 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r6, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x0, 0x0, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ppoll(&(0x7f0000000040)=[{r6, 0x280}], 0x1, &(0x7f0000000080), &(0x7f0000000100)={[0x6]}, 0x8) timer_settime(r4, 0x0, &(0x7f0000000500)={{}, {0x0, r5+60000000}}, 0x0) process_vm_writev(r3, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) [ 1364.341701][T16832] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 [ 1364.349745][T16832] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1364.357719][T16832] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1364.365745][T16832] 23:13:42 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887700720030b5829237c30e000000000080000055aa", 0x40, 0x1c0}]) 23:13:42 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 77) 23:13:42 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)=0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) timer_settime(r0, 0x0, &(0x7f00000001c0)={{}, {r1, r2+60000000}}, &(0x7f0000000200)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) clock_gettime(0x0, &(0x7f0000000080)={0x0, 0x0}) timer_settime(r0, 0x1, &(0x7f0000000100)={{}, {r3, r4+60000000}}, &(0x7f0000000140)) r5 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_gettime(r0, &(0x7f0000000040)) timer_settime(r6, 0x0, &(0x7f0000000500)={{}, {0x0, r7+60000000}}, 0x0) process_vm_writev(r5, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) [ 1364.477229][T16830] loop2: detected capacity change from 0 to 1 23:13:42 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa5000000017d0000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:13:42 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887700720030b5829237c30f000000000080000055aa", 0x40, 0x1c0}]) [ 1364.610374][T17044] FAULT_INJECTION: forcing a failure. [ 1364.610374][T17044] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1364.623708][T17044] CPU: 0 PID: 17044 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1364.633525][T17044] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1364.643590][T17044] Call Trace: [ 1364.646960][T17044] [ 1364.649897][T17044] dump_stack_lvl+0xd6/0x122 [ 1364.654493][T17044] dump_stack+0x11/0x1b [ 1364.658772][T17044] should_fail+0x23c/0x250 [ 1364.663224][T17044] __alloc_pages+0x102/0x330 [ 1364.667926][T17044] alloc_pages_vma+0x5ee/0x770 [ 1364.672806][T17044] ? lru_cache_add+0x37/0x50 [ 1364.677434][T17044] do_anonymous_page+0x169/0x8d0 [ 1364.682485][T17044] ? cgroup_rstat_updated+0x34/0x100 [ 1364.687781][T17044] ? __rcu_read_unlock+0x5c/0x290 [ 1364.692950][T17044] handle_mm_fault+0x814/0x1590 [ 1364.697827][T17044] ? _raw_spin_unlock+0x2e/0x50 [ 1364.702814][T17044] __get_user_pages+0x388/0xc80 23:13:42 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887700720030b5829237c310000000000080000055aa", 0x40, 0x1c0}]) [ 1364.707674][T17044] __get_user_pages_remote+0x17f/0x610 [ 1364.713148][T17044] ? iovec_from_user+0x2a6/0x2e0 [ 1364.718150][T17044] pin_user_pages_remote+0x58/0x80 [ 1364.723289][T17044] process_vm_rw_single_vec+0x17d/0x460 [ 1364.728929][T17044] process_vm_rw+0x3a2/0x540 [ 1364.733616][T17044] __x64_sys_process_vm_writev+0x76/0x90 [ 1364.739276][T17044] do_syscall_64+0x44/0xa0 [ 1364.743733][T17044] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1364.749649][T17044] RIP: 0033:0x7fede691aae9 [ 1364.754068][T17044] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1364.773817][T17044] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1364.782385][T17044] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1364.790429][T17044] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 00000000000024ec [ 1364.798454][T17044] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 23:13:43 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887700720030b5829237c311000000000080000055aa", 0x40, 0x1c0}]) 23:13:43 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 78) 23:13:43 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x8140, 0xb0) r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r5, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x0, 0x0, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) mount$9p_fd(0x0, &(0x7f0000000040)='./bus\x00', &(0x7f0000000080), 0x202000, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB=',wfdno=', @ANYRESHEX=r5, @ANYBLOB=',dfltgid=', @ANYRESHEX, @ANYBLOB="2c706f73697861636c2c61707072616973652c7063723d30303030303030303030303030303030303036342c7063723d30303030303030303030303030303030303032382c7375626a5f757365723d3a5e295e252c7b2c7569643cd22c25fa887fbb866ae577f395836971b94d1c2a4d7cc83d43cda90f6c1a4089737df9b4691c0a4184b06815a7a2a2c3522a3bad96d4d4943a47eab7d1a5dcbf77b1cee7498fc778221357b1efa5be74a2679926af024ccb53a079befdbe2b3d", @ANYRESDEC=0xee01, @ANYBLOB=',\x00']) sendfile(r3, r4, 0x0, 0x80000001) [ 1364.806440][T17044] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1364.814430][T17044] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1364.822411][T17044] 23:13:43 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201900) [ 1364.873612][T17153] loop2: detected capacity change from 0 to 1 23:13:43 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887700720030b5829237c312000000000080000055aa", 0x40, 0x1c0}]) 23:13:43 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000008140)={{0x0, 0x3938700}, {0x0, 0x3938700}}, 0x0) r0 = gettid() timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) timer_settime(r1, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) clock_gettime(0x0, &(0x7f0000008180)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f00000081c0)={{0x0, 0x3938700}, {r2, r3+10000000}}, &(0x7f0000008200)) timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r4, 0x0, &(0x7f0000000500)={{}, {0x0, r5+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) clock_gettime(0x0, &(0x7f0000006d40)={0x0, 0x0}) recvmmsg$unix(0xffffffffffffffff, &(0x7f0000006b40)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000680)=""/4096, 0x1000}, {&(0x7f0000000100)=""/138, 0x8a}, {&(0x7f00000001c0)=""/234, 0xea}, {&(0x7f0000001680)=""/4096, 0x1000}, {&(0x7f00000002c0)=""/208, 0xd0}], 0x5}}, {{&(0x7f00000003c0), 0x6e, &(0x7f0000000480)=[{&(0x7f0000000540)=""/185, 0xb9}], 0x1, &(0x7f0000008240)=ANY=[@ANYBLOB="28000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRESHEX, @ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000013000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0x68}}, {{&(0x7f0000002700)=@abs, 0x6e, &(0x7f0000000600)=[{&(0x7f0000002780)=""/4096, 0x1000}], 0x1, &(0x7f0000003780)=[@rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x60}}, {{&(0x7f0000003800)=@abs, 0x6e, &(0x7f0000004bc0)=[{&(0x7f0000003880)=""/80, 0x50}, {&(0x7f0000003900)=""/205, 0xcd}, {&(0x7f0000003a00)=""/255, 0xff}, {&(0x7f0000003b00)=""/97, 0x61}, {&(0x7f0000003b80)=""/4096, 0x1000}, {&(0x7f0000004b80)=""/25, 0x19}], 0x6, &(0x7f0000004c40)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x10}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x10}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x108}}, {{0x0, 0x0, &(0x7f0000005180)=[{&(0x7f0000002680)=""/62, 0x3e}, {&(0x7f0000004dc0)=""/110, 0x6e}, {&(0x7f0000004e40)=""/138, 0x8a}, {&(0x7f0000004f00)=""/41, 0x29}, {&(0x7f0000004f40)=""/224, 0xe0}, {&(0x7f0000005040)=""/74, 0x4a}, {&(0x7f00000050c0)=""/141, 0x8d}], 0x7, &(0x7f0000005200)=[@rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x40}}, {{&(0x7f0000005240), 0x6e, &(0x7f0000006640)=[{&(0x7f00000052c0)=""/189, 0xbd}, {&(0x7f0000005380)=""/4096, 0x1000}, {&(0x7f0000006380)=""/134, 0x86}, {&(0x7f0000006440)=""/230, 0xe6}, {&(0x7f0000006540)=""/233, 0xe9}], 0x5, &(0x7f00000066c0)=[@cred={{0x1c}}], 0x20}}, {{&(0x7f0000006700), 0x6e, &(0x7f00000069c0)=[{&(0x7f0000006780)=""/137, 0x89}, {&(0x7f0000006840)=""/51, 0x33}, {&(0x7f0000006880)=""/50, 0x32}, {&(0x7f00000068c0)=""/224, 0xe0}], 0x4}}, {{&(0x7f0000006a00)=@abs, 0x6e, &(0x7f0000006b00)=[{&(0x7f0000006a80)=""/72, 0x48}], 0x1}}], 0x8, 0x160, &(0x7f0000006d80)={r6, r7+10000000}) recvmsg$unix(r8, &(0x7f0000008100)={&(0x7f0000006dc0), 0x6e, &(0x7f0000008080)=[{&(0x7f0000006e40)=""/8, 0x8}, {&(0x7f0000006e80)=""/14, 0xe}, {&(0x7f0000006ec0)=""/144, 0x90}, {&(0x7f0000006f80)=""/4096, 0x1000}, {&(0x7f0000007f80)=""/248, 0xf8}], 0x5}, 0x2140) [ 1364.948971][T17153] loop2: detected capacity change from 0 to 1 [ 1365.007468][T17259] FAULT_INJECTION: forcing a failure. [ 1365.007468][T17259] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1365.020750][T17259] CPU: 0 PID: 17259 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1365.030736][T17259] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1365.040798][T17259] Call Trace: [ 1365.044074][T17259] [ 1365.047009][T17259] dump_stack_lvl+0xd6/0x122 [ 1365.051608][T17259] dump_stack+0x11/0x1b [ 1365.055803][T17259] should_fail+0x23c/0x250 [ 1365.060232][T17259] __alloc_pages+0x102/0x330 [ 1365.064992][T17259] alloc_pages_vma+0x5ee/0x770 [ 1365.069762][T17259] ? lru_cache_add+0x37/0x50 [ 1365.074366][T17259] do_anonymous_page+0x169/0x8d0 [ 1365.079313][T17259] ? cgroup_rstat_updated+0x34/0x100 [ 1365.084588][T17259] ? __rcu_read_unlock+0x5c/0x290 [ 1365.089607][T17259] handle_mm_fault+0x814/0x1590 [ 1365.094467][T17259] ? _raw_spin_unlock+0x2e/0x50 [ 1365.099446][T17259] __get_user_pages+0x388/0xc80 [ 1365.104340][T17259] __get_user_pages_remote+0x17f/0x610 [ 1365.109849][T17259] ? iovec_from_user+0x2a6/0x2e0 [ 1365.114803][T17259] pin_user_pages_remote+0x58/0x80 [ 1365.120035][T17259] process_vm_rw_single_vec+0x17d/0x460 [ 1365.125637][T17259] process_vm_rw+0x3a2/0x540 [ 1365.130252][T17259] __x64_sys_process_vm_writev+0x76/0x90 [ 1365.135971][T17259] do_syscall_64+0x44/0xa0 [ 1365.140560][T17259] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1365.146529][T17259] RIP: 0033:0x7fede691aae9 23:13:43 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887700720030b5829237c322000000000080000055aa", 0x40, 0x1c0}]) [ 1365.150959][T17259] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1365.170592][T17259] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1365.179118][T17259] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1365.187146][T17259] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 00000000000024ee [ 1365.195174][T17259] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 23:13:43 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500ffffff800000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:13:43 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887700720030b5829237c325000000000080000055aa", 0x40, 0x1c0}]) 23:13:43 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 79) 23:13:43 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)=0x0) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) timer_settime(r0, 0x1, &(0x7f0000000140)={{r1, r2+60000000}, {0x0, 0x989680}}, 0x0) r3 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r4, 0x0, &(0x7f0000000500)={{}, {0x0, r5+60000000}}, 0x0) process_vm_writev(r3, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) timer_create(0x6, &(0x7f0000000200)={0x0, 0x17, 0x0, @tid=r3}, &(0x7f0000000240)=0x0) timer_settime(r6, 0x1, &(0x7f0000000280)={{0x0, 0x3938700}, {0x77359400}}, &(0x7f00000002c0)) timer_settime(r4, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x989680}}, &(0x7f00000001c0)) clock_nanosleep(0x7, 0x1, &(0x7f0000000040)={0x0, 0x3938700}, &(0x7f0000000080)) [ 1365.203149][T17259] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1365.211129][T17259] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1365.219199][T17259] 23:13:43 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201a00) [ 1365.384299][T17475] FAULT_INJECTION: forcing a failure. [ 1365.384299][T17475] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1365.397608][T17475] CPU: 0 PID: 17475 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1365.407456][T17475] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1365.417528][T17475] Call Trace: [ 1365.420802][T17475] [ 1365.423726][T17475] dump_stack_lvl+0xd6/0x122 [ 1365.428333][T17475] dump_stack+0x11/0x1b [ 1365.432489][T17475] should_fail+0x23c/0x250 [ 1365.436971][T17475] __alloc_pages+0x102/0x330 [ 1365.441568][T17475] alloc_pages_vma+0x5ee/0x770 [ 1365.446351][T17475] ? lru_cache_add+0x37/0x50 [ 1365.450947][T17475] do_anonymous_page+0x169/0x8d0 [ 1365.455915][T17475] ? cgroup_rstat_updated+0x34/0x100 [ 1365.461208][T17475] ? __rcu_read_unlock+0x5c/0x290 [ 1365.466239][T17475] handle_mm_fault+0x814/0x1590 [ 1365.471134][T17475] ? _raw_spin_unlock+0x2e/0x50 [ 1365.475998][T17475] __get_user_pages+0x388/0xc80 [ 1365.480873][T17475] __get_user_pages_remote+0x17f/0x610 [ 1365.486335][T17475] ? iovec_from_user+0x2a6/0x2e0 [ 1365.491572][T17475] pin_user_pages_remote+0x58/0x80 [ 1365.496702][T17475] process_vm_rw_single_vec+0x17d/0x460 [ 1365.502307][T17475] process_vm_rw+0x3a2/0x540 [ 1365.506914][T17475] __x64_sys_process_vm_writev+0x76/0x90 [ 1365.512554][T17475] do_syscall_64+0x44/0xa0 [ 1365.516974][T17475] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1365.522873][T17475] RIP: 0033:0x7fede691aae9 [ 1365.527305][T17475] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1365.546910][T17475] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1365.555351][T17475] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1365.563334][T17475] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 00000000000024f0 [ 1365.571408][T17475] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 23:13:43 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887700720030b5829237c348000000000080000055aa", 0x40, 0x1c0}]) 23:13:43 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 80) [ 1365.579465][T17475] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1365.587432][T17475] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1365.595408][T17475] [ 1365.611472][T17477] loop2: detected capacity change from 0 to 1 23:13:43 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) clock_gettime(0x0, &(0x7f0000000040)={0x0, 0x0}) timer_create(0x7, &(0x7f0000000300)={0x0, 0x36, 0x2, @tid=r0}, &(0x7f0000000340)=0x0) timer_settime(r5, 0x0, &(0x7f0000000380)={{0x77359400}}, &(0x7f00000003c0)) timer_settime(r2, 0x1, &(0x7f0000000080)={{r3, r4+60000000}, {0x77359400}}, &(0x7f0000000100)) timer_create(0x4, &(0x7f0000000140)={0x0, 0x4, 0x1, @tid=r0}, &(0x7f00000001c0)=0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) clock_gettime(0x0, &(0x7f0000000280)={0x0, 0x0}) timer_settime(r6, 0x1, &(0x7f00000002c0)={{r7, r8+10000000}, {r9, r10+60000000}}, 0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r11+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) r12 = gettid() process_vm_writev(r12, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0) tkill(r12, 0x12) 23:13:44 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x176) ftruncate(r1, 0x2007fff) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r2, r1, 0x0, 0x201000) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000140)) r3 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r3, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x0, 0x0, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fcntl$notify(r3, 0x402, 0x0) r4 = openat(r1, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r4, 0x0, 0x80000001) setxattr$incfs_id(&(0x7f0000000040)='./bus\x00', &(0x7f0000000080), &(0x7f0000000100)={'0000000000000000000000000000000', 0x30}, 0x20, 0x1) r5 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x6e) ftruncate(r5, 0x2007fff) r6 = open(&(0x7f0000000340)='./bus\x00', 0x14d842, 0x0) r7 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x444001, 0x0) r8 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x4000) ioctl$SG_IO(r8, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x0, 0x0, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fcntl$notify(r8, 0x402, 0x15) sendfile(r6, r7, 0x0, 0x3efff99e) [ 1365.703852][T17477] loop2: detected capacity change from 0 to 1 23:13:44 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887700720030b5829237c34c000000000080000055aa", 0x40, 0x1c0}]) [ 1365.788586][T17585] FAULT_INJECTION: forcing a failure. [ 1365.788586][T17585] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1365.801843][T17585] CPU: 1 PID: 17585 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1365.811637][T17585] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1365.821810][T17585] Call Trace: [ 1365.825095][T17585] [ 1365.828070][T17585] dump_stack_lvl+0xd6/0x122 [ 1365.832650][T17585] dump_stack+0x11/0x1b [ 1365.836789][T17585] should_fail+0x23c/0x250 [ 1365.841196][T17585] __alloc_pages+0x102/0x330 [ 1365.845776][T17585] alloc_pages_vma+0x5ee/0x770 [ 1365.850532][T17585] ? lru_cache_add+0x37/0x50 [ 1365.855131][T17585] do_anonymous_page+0x169/0x8d0 [ 1365.860124][T17585] ? cgroup_rstat_updated+0x34/0x100 [ 1365.865392][T17585] ? __rcu_read_unlock+0x5c/0x290 [ 1365.870402][T17585] handle_mm_fault+0x814/0x1590 [ 1365.875243][T17585] ? _raw_spin_unlock+0x2e/0x50 [ 1365.880353][T17585] __get_user_pages+0x388/0xc80 [ 1365.885193][T17585] __get_user_pages_remote+0x17f/0x610 [ 1365.890822][T17585] ? iovec_from_user+0x2a6/0x2e0 [ 1365.895746][T17585] pin_user_pages_remote+0x58/0x80 [ 1365.900902][T17585] process_vm_rw_single_vec+0x17d/0x460 [ 1365.906639][T17585] process_vm_rw+0x3a2/0x540 [ 1365.911309][T17585] __x64_sys_process_vm_writev+0x76/0x90 [ 1365.917049][T17585] do_syscall_64+0x44/0xa0 [ 1365.921705][T17585] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1365.927602][T17585] RIP: 0033:0x7fede691aae9 [ 1365.932013][T17585] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1365.951702][T17585] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1365.960096][T17585] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1365.968197][T17585] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 00000000000024f2 [ 1365.976195][T17585] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 23:13:44 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500000001a30000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:13:44 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 81) [ 1365.984415][T17585] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1365.992416][T17585] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1366.000376][T17585] 23:13:44 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) timer_settime(r1, 0x1, &(0x7f0000000080)={{}, {0x77359400}}, &(0x7f0000000200)) process_vm_writev(r0, &(0x7f0000000040)=[{&(0x7f0000000300)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000000100)=""/239, 0xef}], 0x1, 0x0) 23:13:44 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887700720030b5829237c368000000000080000055aa", 0x40, 0x1c0}]) [ 1366.251093][T17697] FAULT_INJECTION: forcing a failure. [ 1366.251093][T17697] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1366.251933][T17696] loop2: detected capacity change from 0 to 1 [ 1366.264420][T17697] CPU: 0 PID: 17697 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1366.280226][T17697] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1366.290289][T17697] Call Trace: [ 1366.293573][T17697] [ 1366.296570][T17697] dump_stack_lvl+0xd6/0x122 [ 1366.301171][T17697] dump_stack+0x11/0x1b [ 1366.305409][T17697] should_fail+0x23c/0x250 [ 1366.309841][T17697] __alloc_pages+0x102/0x330 [ 1366.314473][T17697] alloc_pages_vma+0x5ee/0x770 [ 1366.319255][T17697] ? lru_cache_add+0x37/0x50 [ 1366.323861][T17697] do_anonymous_page+0x169/0x8d0 [ 1366.328857][T17697] ? cgroup_rstat_updated+0x34/0x100 [ 1366.334182][T17697] ? __rcu_read_unlock+0x5c/0x290 [ 1366.339221][T17697] handle_mm_fault+0x814/0x1590 [ 1366.344125][T17697] ? _raw_spin_unlock+0x2e/0x50 [ 1366.348993][T17697] __get_user_pages+0x388/0xc80 [ 1366.353919][T17697] __get_user_pages_remote+0x17f/0x610 [ 1366.359395][T17697] ? iovec_from_user+0x2a6/0x2e0 [ 1366.364443][T17697] pin_user_pages_remote+0x58/0x80 [ 1366.369623][T17697] process_vm_rw_single_vec+0x17d/0x460 [ 1366.375191][T17697] process_vm_rw+0x3a2/0x540 [ 1366.379795][T17697] __x64_sys_process_vm_writev+0x76/0x90 [ 1366.385477][T17697] do_syscall_64+0x44/0xa0 [ 1366.389944][T17697] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1366.395870][T17697] RIP: 0033:0x7fede691aae9 [ 1366.400281][T17697] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1366.419887][T17697] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1366.428308][T17697] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1366.436355][T17697] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 00000000000024f4 [ 1366.444321][T17697] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 23:13:44 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201b00) 23:13:44 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 82) [ 1366.452286][T17697] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1366.460275][T17697] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1366.468272][T17697] 23:13:44 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f00000001c0)={0x0, 0x0, 0x0}, &(0x7f0000000200)=0xc) r6 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r6, 0x2007fff) r7 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r7, r6, 0x0, 0x201000) name_to_handle_at(r6, &(0x7f0000000340)='./bus\x00', &(0x7f0000000380)=@ceph_nfs_snapfh={0x1c, 0x4e, {0x82a, 0x5, 0x5, 0xfff}}, &(0x7f00000003c0), 0x400) syz_mount_image$tmpfs(&(0x7f0000000040), &(0x7f0000000080)='./bus\x00', 0x8, 0x1, &(0x7f0000000180)=[{&(0x7f0000000100)="7cedfc29463b20ad98449e7ed385edee65de212dbcb971b3d7e819adcb69827611c0e487f34e11e173f3b92efe8b4ce8c125931080e70e104366a36481cd7679a1b123643e9b69f2ae76ea5a87c4624ec8679fa4ae27d1630c5e3641ba482a716a9d5d11a23b90dfc9cf3aa290a48f1bfb9e607ccd3dd2", 0x77, 0x1}], 0x250000, &(0x7f0000000240)={[{@mpol={'mpol', 0x3d, {'prefer', '', @void}}}, {@gid={'gid', 0x3d, r5}}, {@huge_always}, {@huge_within_size}, {@mpol={'mpol', 0x3d, {'prefer', '=relative', @void}}}, {@mode={'mode', 0x3d, 0x2}}, {@size={'size', 0x3d, [0x65, 0x1c, 0x34, 0x35, 0x25, 0xfa27e00ed7788b20, 0x36, 0x67, 0x2d]}}, {@huge_always}], [{@hash}, {@mask={'mask', 0x3d, 'MAY_READ'}}, {@dont_appraise}, {@appraise}, {@context={'context', 0x3d, 'root'}}, {@smackfstransmute={'smackfstransmute', 0x3d, '$(,\\^,\xc1$#!#'}}]}) sendfile(r3, r4, 0x0, 0x80000001) 23:13:44 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)=0x0) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r1 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) clock_gettime(0x0, &(0x7f0000000040)={0x0, 0x0}) timer_settime(r0, 0x1, &(0x7f0000000080)={{0x77359400}, {r4, r5+10000000}}, &(0x7f0000000100)) timer_settime(r2, 0x0, &(0x7f0000000500)={{}, {0x0, r3+60000000}}, 0x0) process_vm_writev(r1, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:13:44 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887700720030b5829237c36c000000000080000055aa", 0x40, 0x1c0}]) [ 1366.580585][T17696] loop2: detected capacity change from 0 to 1 [ 1366.638231][T17909] FAULT_INJECTION: forcing a failure. [ 1366.638231][T17909] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1366.651482][T17909] CPU: 0 PID: 17909 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1366.661307][T17909] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1366.671498][T17909] Call Trace: [ 1366.674814][T17909] [ 1366.677745][T17909] dump_stack_lvl+0xd6/0x122 [ 1366.682367][T17909] dump_stack+0x11/0x1b 23:13:44 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887700720030b5829237c374000000000080000055aa", 0x40, 0x1c0}]) [ 1366.686572][T17909] should_fail+0x23c/0x250 [ 1366.690995][T17909] __alloc_pages+0x102/0x330 [ 1366.695632][T17909] alloc_pages_vma+0x5ee/0x770 [ 1366.700455][T17909] ? lru_cache_add+0x37/0x50 [ 1366.705148][T17909] do_anonymous_page+0x169/0x8d0 [ 1366.710205][T17909] ? cgroup_rstat_updated+0x34/0x100 [ 1366.715501][T17909] ? __rcu_read_unlock+0x5c/0x290 [ 1366.720574][T17909] handle_mm_fault+0x814/0x1590 [ 1366.725438][T17909] ? _raw_spin_unlock+0x2e/0x50 [ 1366.730372][T17909] __get_user_pages+0x388/0xc80 [ 1366.735357][T17909] __get_user_pages_remote+0x17f/0x610 [ 1366.740831][T17909] ? iovec_from_user+0x2a6/0x2e0 [ 1366.745834][T17909] pin_user_pages_remote+0x58/0x80 [ 1366.750953][T17909] process_vm_rw_single_vec+0x17d/0x460 [ 1366.756568][T17909] process_vm_rw+0x3a2/0x540 [ 1366.761315][T17909] __x64_sys_process_vm_writev+0x76/0x90 [ 1366.766967][T17909] do_syscall_64+0x44/0xa0 [ 1366.771401][T17909] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1366.777314][T17909] RIP: 0033:0x7fede691aae9 23:13:45 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887700720030b5829237c37a000000000080000055aa", 0x40, 0x1c0}]) [ 1366.781745][T17909] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1366.801451][T17909] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1366.809921][T17909] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1366.817915][T17909] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 00000000000024f6 [ 1366.825981][T17909] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 23:13:45 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500ffffffc90000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1366.833958][T17909] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1366.841931][T17909] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1366.849912][T17909] 23:13:45 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 83) 23:13:45 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887700720030b5829237c390000000000080000055aa", 0x40, 0x1c0}]) 23:13:45 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)=0x0) timer_gettime(r0, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r1 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r2, 0x0, &(0x7f0000000500)={{}, {0x0, r3+60000000}}, 0x0) process_vm_writev(r1, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) [ 1366.976759][T18024] selinux_netlink_send: 104 callbacks suppressed [ 1366.976775][T18024] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=35144 sclass=netlink_xfrm_socket pid=18024 comm=syz-executor.5 [ 1366.997526][T18024] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=34247 sclass=netlink_xfrm_socket pid=18024 comm=syz-executor.5 [ 1367.011916][T18024] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=53893 sclass=netlink_xfrm_socket pid=18024 comm=syz-executor.5 [ 1367.026405][T18024] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=53481 sclass=netlink_xfrm_socket pid=18024 comm=syz-executor.5 [ 1367.062101][T18027] loop2: detected capacity change from 0 to 1 [ 1367.128509][T18027] loop2: detected capacity change from 0 to 1 [ 1367.138263][T18030] FAULT_INJECTION: forcing a failure. [ 1367.138263][T18030] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1367.151525][T18030] CPU: 0 PID: 18030 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1367.161438][T18030] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1367.171523][T18030] Call Trace: [ 1367.174797][T18030] [ 1367.177722][T18030] dump_stack_lvl+0xd6/0x122 [ 1367.182441][T18030] dump_stack+0x11/0x1b [ 1367.186687][T18030] should_fail+0x23c/0x250 [ 1367.191154][T18030] __alloc_pages+0x102/0x330 [ 1367.195763][T18030] alloc_pages_vma+0x5ee/0x770 [ 1367.200529][T18030] ? lru_cache_add+0x37/0x50 [ 1367.205129][T18030] do_anonymous_page+0x169/0x8d0 [ 1367.210151][T18030] ? cgroup_rstat_updated+0x34/0x100 [ 1367.215465][T18030] ? __rcu_read_unlock+0x5c/0x290 [ 1367.220590][T18030] handle_mm_fault+0x814/0x1590 [ 1367.225445][T18030] ? _raw_spin_unlock+0x2e/0x50 [ 1367.230408][T18030] __get_user_pages+0x388/0xc80 [ 1367.235356][T18030] __get_user_pages_remote+0x17f/0x610 [ 1367.240938][T18030] ? iovec_from_user+0x2a6/0x2e0 [ 1367.246030][T18030] pin_user_pages_remote+0x58/0x80 [ 1367.251210][T18030] process_vm_rw_single_vec+0x17d/0x460 [ 1367.256760][T18030] process_vm_rw+0x3a2/0x540 [ 1367.261378][T18030] __x64_sys_process_vm_writev+0x76/0x90 [ 1367.267074][T18030] do_syscall_64+0x44/0xa0 [ 1367.271606][T18030] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1367.277504][T18030] RIP: 0033:0x7fede691aae9 [ 1367.282024][T18030] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1367.301639][T18030] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1367.310050][T18030] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1367.318059][T18030] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 00000000000024f8 23:13:45 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 84) [ 1367.326087][T18030] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 [ 1367.334053][T18030] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1367.342018][T18030] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1367.350020][T18030] 23:13:45 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201c00) 23:13:45 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887700720030b5829237c3fe000000000080000055aa", 0x40, 0x1c0}]) [ 1367.536254][T18137] FAULT_INJECTION: forcing a failure. [ 1367.536254][T18137] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1367.549628][T18137] CPU: 0 PID: 18137 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1367.559525][T18137] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1367.569591][T18137] Call Trace: [ 1367.572873][T18137] [ 1367.575980][T18137] dump_stack_lvl+0xd6/0x122 [ 1367.580681][T18137] dump_stack+0x11/0x1b [ 1367.585012][T18137] should_fail+0x23c/0x250 [ 1367.589443][T18137] __alloc_pages+0x102/0x330 [ 1367.594042][T18137] alloc_pages_vma+0x5ee/0x770 [ 1367.598884][T18137] ? lru_cache_add+0x37/0x50 [ 1367.603490][T18137] do_anonymous_page+0x169/0x8d0 [ 1367.608578][T18137] ? cgroup_rstat_updated+0x34/0x100 [ 1367.613884][T18137] ? __rcu_read_unlock+0x5c/0x290 [ 1367.618986][T18137] handle_mm_fault+0x814/0x1590 [ 1367.619697][T17920] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=35144 sclass=netlink_xfrm_socket pid=17920 comm=syz-executor.5 [ 1367.623841][T18137] ? _raw_spin_unlock+0x2e/0x50 [ 1367.641706][T18137] __get_user_pages+0x388/0xc80 [ 1367.646570][T18137] __get_user_pages_remote+0x17f/0x610 [ 1367.652081][T18137] ? iovec_from_user+0x2a6/0x2e0 [ 1367.654620][T17920] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=34247 sclass=netlink_xfrm_socket pid=17920 comm=syz-executor.5 [ 1367.657027][T18137] pin_user_pages_remote+0x58/0x80 [ 1367.657060][T18137] process_vm_rw_single_vec+0x17d/0x460 [ 1367.680858][T18137] process_vm_rw+0x3a2/0x540 [ 1367.685769][T18137] __x64_sys_process_vm_writev+0x76/0x90 [ 1367.689546][T17920] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=53893 sclass=netlink_xfrm_socket pid=17920 comm=syz-executor.5 [ 1367.691407][T18137] do_syscall_64+0x44/0xa0 [ 1367.691496][T18137] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1367.714754][T18137] RIP: 0033:0x7fede691aae9 [ 1367.719258][T18137] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1367.721211][T17920] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=53481 sclass=netlink_xfrm_socket pid=17920 comm=syz-executor.5 [ 1367.739044][T18137] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1367.739064][T18137] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1367.739075][T18137] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 00000000000024fa [ 1367.776399][T18137] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 23:13:46 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) timer_create(0x5, &(0x7f0000000040)={0x0, 0x8, 0x2, @tid=0xffffffffffffffff}, &(0x7f0000000080)=0x0) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) timer_settime(r0, 0x0, &(0x7f0000000140)={{0x77359400}, {r1, r2+60000000}}, 0x0) r3 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r4, 0x0, &(0x7f0000000500)={{}, {0x0, r5+60000000}}, 0x0) process_vm_writev(r3, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:13:46 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500fffffff60000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:13:46 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x80000001) syncfs(r3) 23:13:46 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887700720030b5829237c37d010000000080000055aa", 0x40, 0x1c0}]) 23:13:46 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 85) [ 1367.784424][T18137] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1367.792443][T18137] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1367.800418][T18137] [ 1367.877831][T18143] loop2: detected capacity change from 0 to 1 23:13:46 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)=0x0) timer_settime(r0, 0x0, &(0x7f0000000000)={{0x77359400}}, 0x0) r1 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r2, 0x0, &(0x7f0000000500)={{}, {0x0, r3+60000000}}, 0x0) process_vm_writev(r1, &(0x7f0000000040)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/224, 0xe0}], 0x1, 0x0) [ 1367.938399][T18143] loop2: detected capacity change from 0 to 1 [ 1367.968782][T18248] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=35144 sclass=netlink_xfrm_socket pid=18248 comm=syz-executor.4 23:13:46 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887700720030b5829237c3a3010000000080000055aa", 0x40, 0x1c0}]) [ 1367.986413][T18248] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=34247 sclass=netlink_xfrm_socket pid=18248 comm=syz-executor.4 [ 1368.020499][T18251] FAULT_INJECTION: forcing a failure. [ 1368.020499][T18251] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1368.033902][T18251] CPU: 1 PID: 18251 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1368.043790][T18251] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1368.053845][T18251] Call Trace: [ 1368.057133][T18251] [ 1368.060059][T18251] dump_stack_lvl+0xd6/0x122 [ 1368.064695][T18251] dump_stack+0x11/0x1b [ 1368.068849][T18251] should_fail+0x23c/0x250 [ 1368.073298][T18251] __alloc_pages+0x102/0x330 [ 1368.077883][T18251] alloc_pages_vma+0x5ee/0x770 [ 1368.082676][T18251] ? lru_cache_add+0x37/0x50 [ 1368.087319][T18251] do_anonymous_page+0x169/0x8d0 [ 1368.092354][T18251] ? cgroup_rstat_updated+0x34/0x100 [ 1368.097636][T18251] ? __rcu_read_unlock+0x5c/0x290 [ 1368.102662][T18251] handle_mm_fault+0x814/0x1590 [ 1368.107527][T18251] ? _raw_spin_unlock+0x2e/0x50 [ 1368.112389][T18251] __get_user_pages+0x388/0xc80 [ 1368.117248][T18251] __get_user_pages_remote+0x17f/0x610 [ 1368.122748][T18251] ? __list_del_entry_valid+0x54/0xc0 [ 1368.128125][T18251] ? __list_add_valid+0x28/0x90 [ 1368.132987][T18251] pin_user_pages_remote+0x58/0x80 [ 1368.138099][T18251] process_vm_rw_single_vec+0x17d/0x460 [ 1368.143652][T18251] process_vm_rw+0x3a2/0x540 [ 1368.148367][T18251] __x64_sys_process_vm_writev+0x76/0x90 [ 1368.154007][T18251] do_syscall_64+0x44/0xa0 [ 1368.158496][T18251] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1368.164397][T18251] RIP: 0033:0x7fede691aae9 [ 1368.168806][T18251] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1368.188414][T18251] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1368.196827][T18251] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1368.204955][T18251] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 00000000000024fc [ 1368.212973][T18251] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 [ 1368.220941][T18251] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1368.229066][T18251] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 23:13:46 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 86) 23:13:46 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500fffffdfd0000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1368.237045][T18251] 23:13:46 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) timer_create(0x4, &(0x7f0000000100)={0x0, 0x5, 0x1, @thr={&(0x7f0000000040)="cdacb75bd167462b2d6e2947b59425b55ce0", &(0x7f0000000080)="264f9554580c364447d27c2c736beeef97d5de14f5c5819e84bcb98f5145494698f2"}}, &(0x7f0000000140)=0x0) timer_settime(r0, 0x0, &(0x7f0000000180)={{0x77359400}, {0x77359400}}, 0x0) r1 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r2, 0x0, &(0x7f0000000500)={{}, {0x0, r3+60000000}}, 0x0) process_vm_writev(r1, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) [ 1368.450632][T18361] FAULT_INJECTION: forcing a failure. [ 1368.450632][T18361] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1368.463899][T18361] CPU: 0 PID: 18361 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1368.473752][T18361] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1368.483815][T18361] Call Trace: [ 1368.487097][T18361] [ 1368.490104][T18361] dump_stack_lvl+0xd6/0x122 [ 1368.494697][T18361] dump_stack+0x11/0x1b [ 1368.498860][T18361] should_fail+0x23c/0x250 [ 1368.503315][T18361] __alloc_pages+0x102/0x330 [ 1368.507935][T18361] alloc_pages_vma+0x5ee/0x770 [ 1368.512759][T18361] ? lru_cache_add+0x37/0x50 [ 1368.517405][T18361] do_anonymous_page+0x169/0x8d0 [ 1368.522355][T18361] ? cgroup_rstat_updated+0x34/0x100 [ 1368.527768][T18361] ? __rcu_read_unlock+0x5c/0x290 [ 1368.532790][T18361] handle_mm_fault+0x814/0x1590 [ 1368.537675][T18361] ? _raw_spin_unlock+0x2e/0x50 [ 1368.542609][T18361] __get_user_pages+0x388/0xc80 [ 1368.547543][T18361] __get_user_pages_remote+0x17f/0x610 [ 1368.553143][T18361] ? iovec_from_user+0x2a6/0x2e0 [ 1368.558349][T18361] pin_user_pages_remote+0x58/0x80 [ 1368.563521][T18361] process_vm_rw_single_vec+0x17d/0x460 [ 1368.569368][T18361] process_vm_rw+0x3a2/0x540 [ 1368.574039][T18361] __x64_sys_process_vm_writev+0x76/0x90 [ 1368.579682][T18361] do_syscall_64+0x44/0xa0 [ 1368.584180][T18361] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1368.590076][T18361] RIP: 0033:0x7fede691aae9 [ 1368.594496][T18361] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1368.614113][T18361] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1368.622526][T18361] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1368.630511][T18361] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 00000000000024fe [ 1368.638547][T18361] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 [ 1368.646822][T18361] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1368.654794][T18361] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1368.662775][T18361] [ 1368.679795][T18362] loop2: detected capacity change from 0 to 1 23:13:46 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201d00) 23:13:46 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887700720030b5829237c304020000000080000055aa", 0x40, 0x1c0}]) 23:13:46 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 87) [ 1368.791378][T18362] loop2: detected capacity change from 0 to 1 [ 1368.825882][T18468] FAULT_INJECTION: forcing a failure. [ 1368.825882][T18468] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1368.839139][T18468] CPU: 0 PID: 18468 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1368.848980][T18468] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1368.859060][T18468] Call Trace: [ 1368.862344][T18468] [ 1368.865275][T18468] dump_stack_lvl+0xd6/0x122 [ 1368.869894][T18468] dump_stack+0x11/0x1b [ 1368.874058][T18468] should_fail+0x23c/0x250 [ 1368.878584][T18468] __alloc_pages+0x102/0x330 [ 1368.883242][T18468] alloc_pages_vma+0x5ee/0x770 [ 1368.888015][T18468] ? lru_cache_add+0x37/0x50 [ 1368.892732][T18468] do_anonymous_page+0x169/0x8d0 [ 1368.897745][T18468] ? cgroup_rstat_updated+0x34/0x100 [ 1368.903082][T18468] ? __rcu_read_unlock+0x5c/0x290 [ 1368.908240][T18468] handle_mm_fault+0x814/0x1590 [ 1368.913152][T18468] ? _raw_spin_unlock+0x2e/0x50 [ 1368.918021][T18468] __get_user_pages+0x388/0xc80 [ 1368.922911][T18468] __get_user_pages_remote+0x17f/0x610 [ 1368.928842][T18468] ? iovec_from_user+0x2a6/0x2e0 [ 1368.933792][T18468] pin_user_pages_remote+0x58/0x80 [ 1368.939085][T18468] process_vm_rw_single_vec+0x17d/0x460 [ 1368.944755][T18468] process_vm_rw+0x3a2/0x540 [ 1368.949369][T18468] __x64_sys_process_vm_writev+0x76/0x90 [ 1368.955047][T18468] do_syscall_64+0x44/0xa0 [ 1368.959483][T18468] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1368.965498][T18468] RIP: 0033:0x7fede691aae9 [ 1368.969995][T18468] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 23:13:47 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000000400)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0xfd2, 0x0) timer_create(0x1, &(0x7f00000002c0)={0x0, 0x24, 0x0, @tid=r0}, &(0x7f0000000300)) r1 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r2, 0x0, &(0x7f0000000500)={{}, {0x0, r3+60000000}}, 0x0) r4 = getpgrp(r1) r5 = fork() ptrace$getsig(0x4202, r5, 0x1, &(0x7f0000000240)) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) timer_settime(r6, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) clock_gettime(0x0, &(0x7f0000000340)={0x0, 0x0}) timer_settime(r6, 0x0, &(0x7f0000000380)={{r7, r8+60000000}, {0x0, 0x989680}}, &(0x7f00000003c0)) process_vm_writev(r4, &(0x7f0000000040)=[{&(0x7f0000000680)=""/4096, 0x1000}], 0x1, &(0x7f0000121000)=[{&(0x7f0000000100)=""/234, 0xea}], 0x1, 0x0) timer_settime(r2, 0x1, &(0x7f0000000080)={{0x0, 0x989680}, {0x0, 0x3938700}}, &(0x7f0000000200)) 23:13:47 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) lsetxattr$trusted_overlay_nlink(&(0x7f0000000040)='./bus\x00', &(0x7f0000000080), &(0x7f0000000100)={'U-', 0x3}, 0x16, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x80000001) 23:13:47 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887700720030b5829237c300030000000080000055aa", 0x40, 0x1c0}]) 23:13:47 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 88) [ 1368.989868][T18468] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1368.998282][T18468] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1369.006253][T18468] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000002500 [ 1369.014232][T18468] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 [ 1369.022268][T18468] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1369.030235][T18468] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1369.038302][T18468] 23:13:47 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500fffffffe0000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:13:47 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887700720030b5829237c302040000000080000055aa", 0x40, 0x1c0}]) [ 1369.184403][T18515] FAULT_INJECTION: forcing a failure. [ 1369.184403][T18515] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1369.197731][T18515] CPU: 1 PID: 18515 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1369.207554][T18515] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1369.217606][T18515] Call Trace: [ 1369.220875][T18515] [ 1369.223800][T18515] dump_stack_lvl+0xd6/0x122 [ 1369.228389][T18515] dump_stack+0x11/0x1b [ 1369.232599][T18515] should_fail+0x23c/0x250 [ 1369.237023][T18515] __alloc_pages+0x102/0x330 [ 1369.241617][T18515] alloc_pages_vma+0x5ee/0x770 [ 1369.246385][T18515] ? lru_cache_add+0x37/0x50 [ 1369.251036][T18515] do_anonymous_page+0x169/0x8d0 [ 1369.255995][T18515] ? cgroup_rstat_updated+0x34/0x100 [ 1369.261299][T18515] ? __rcu_read_unlock+0x5c/0x290 [ 1369.266376][T18515] handle_mm_fault+0x814/0x1590 [ 1369.271228][T18515] ? _raw_spin_unlock+0x2e/0x50 [ 1369.276082][T18515] __get_user_pages+0x388/0xc80 [ 1369.281048][T18515] __get_user_pages_remote+0x17f/0x610 [ 1369.286504][T18515] ? iovec_from_user+0x2a6/0x2e0 [ 1369.291558][T18515] pin_user_pages_remote+0x58/0x80 [ 1369.296671][T18515] process_vm_rw_single_vec+0x17d/0x460 [ 1369.302223][T18515] process_vm_rw+0x3a2/0x540 [ 1369.306909][T18515] __x64_sys_process_vm_writev+0x76/0x90 [ 1369.312598][T18515] do_syscall_64+0x44/0xa0 [ 1369.317013][T18515] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1369.322917][T18515] RIP: 0033:0x7fede691aae9 [ 1369.327331][T18515] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1369.347022][T18515] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1369.355434][T18515] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1369.363400][T18515] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000002502 [ 1369.371364][T18515] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 23:13:47 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 89) [ 1369.379330][T18515] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1369.387297][T18515] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1369.395294][T18515] [ 1369.491624][T18518] loop2: detected capacity change from 0 to 1 [ 1369.579159][T18518] loop2: detected capacity change from 0 to 1 [ 1369.625506][T18523] FAULT_INJECTION: forcing a failure. [ 1369.625506][T18523] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1369.638769][T18523] CPU: 0 PID: 18523 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1369.648581][T18523] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1369.658675][T18523] Call Trace: [ 1369.661961][T18523] [ 1369.665040][T18523] dump_stack_lvl+0xd6/0x122 [ 1369.669638][T18523] dump_stack+0x11/0x1b [ 1369.673853][T18523] should_fail+0x23c/0x250 [ 1369.678281][T18523] __alloc_pages+0x102/0x330 [ 1369.682878][T18523] alloc_pages_vma+0x5ee/0x770 [ 1369.687652][T18523] ? lru_cache_add+0x37/0x50 [ 1369.692397][T18523] do_anonymous_page+0x169/0x8d0 [ 1369.697376][T18523] ? cgroup_rstat_updated+0x34/0x100 [ 1369.702738][T18523] ? __rcu_read_unlock+0x5c/0x290 [ 1369.707858][T18523] handle_mm_fault+0x814/0x1590 [ 1369.712795][T18523] ? _raw_spin_unlock+0x2e/0x50 [ 1369.717670][T18523] __get_user_pages+0x388/0xc80 [ 1369.722533][T18523] __get_user_pages_remote+0x17f/0x610 [ 1369.728054][T18523] ? iovec_from_user+0x2a6/0x2e0 [ 1369.733010][T18523] pin_user_pages_remote+0x58/0x80 [ 1369.738162][T18523] process_vm_rw_single_vec+0x17d/0x460 [ 1369.743727][T18523] process_vm_rw+0x3a2/0x540 [ 1369.748380][T18523] __x64_sys_process_vm_writev+0x76/0x90 [ 1369.754035][T18523] do_syscall_64+0x44/0xa0 [ 1369.758526][T18523] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1369.764512][T18523] RIP: 0033:0x7fede691aae9 [ 1369.768936][T18523] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1369.788569][T18523] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1369.797074][T18523] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1369.805056][T18523] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000002504 [ 1369.813038][T18523] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 23:13:48 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201e00) 23:13:48 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887700720030b5829237c306040000000080000055aa", 0x40, 0x1c0}]) 23:13:48 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa50000000fff0000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1369.821010][T18523] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1369.829032][T18523] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1369.837028][T18523] 23:13:48 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 90) 23:13:48 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r4 = dup(r0) openat(r4, &(0x7f0000000040)='./bus\x00', 0xb8840, 0x128) r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r3, r5, 0x0, 0x80000001) [ 1370.017772][T18632] loop2: detected capacity change from 0 to 1 [ 1370.052802][T18633] FAULT_INJECTION: forcing a failure. [ 1370.052802][T18633] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1370.066057][T18633] CPU: 0 PID: 18633 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1370.075933][T18633] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1370.086036][T18633] Call Trace: [ 1370.089314][T18633] [ 1370.092275][T18633] dump_stack_lvl+0xd6/0x122 [ 1370.096873][T18633] dump_stack+0x11/0x1b [ 1370.101111][T18633] should_fail+0x23c/0x250 [ 1370.105638][T18633] __alloc_pages+0x102/0x330 [ 1370.110225][T18633] alloc_pages_vma+0x5ee/0x770 [ 1370.115000][T18633] ? lru_cache_add+0x37/0x50 [ 1370.119588][T18633] do_anonymous_page+0x169/0x8d0 [ 1370.124534][T18633] ? cgroup_rstat_updated+0x34/0x100 [ 1370.129925][T18633] ? __rcu_read_unlock+0x5c/0x290 [ 1370.134952][T18633] handle_mm_fault+0x814/0x1590 [ 1370.139807][T18633] ? _raw_spin_unlock+0x2e/0x50 [ 1370.144663][T18633] __get_user_pages+0x388/0xc80 [ 1370.149571][T18633] __get_user_pages_remote+0x17f/0x610 [ 1370.155033][T18633] ? iovec_from_user+0x2a6/0x2e0 [ 1370.159974][T18633] pin_user_pages_remote+0x58/0x80 [ 1370.165108][T18633] process_vm_rw_single_vec+0x17d/0x460 [ 1370.170772][T18633] process_vm_rw+0x3a2/0x540 [ 1370.175378][T18633] __x64_sys_process_vm_writev+0x76/0x90 [ 1370.181228][T18633] do_syscall_64+0x44/0xa0 [ 1370.185656][T18633] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1370.191562][T18633] RIP: 0033:0x7fede691aae9 [ 1370.195979][T18633] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1370.215584][T18633] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1370.224240][T18633] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1370.232302][T18633] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000002506 [ 1370.240292][T18633] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 [ 1370.248269][T18633] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1370.256244][T18633] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1370.264224][T18633] [ 1370.292429][T18632] loop2: detected capacity change from 0 to 1 23:13:50 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 91) 23:13:50 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887700720030b5829237c300050000000080000055aa", 0x40, 0x1c0}]) 23:13:50 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500ffffefff0000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:13:50 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x201f00) 23:13:50 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r2, 0x2007fff) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r4 = openat(r0, &(0x7f0000000040)='./bus/file0\x00', 0x0, 0x180) sendfile(r3, r4, 0x0, 0x80000001) 23:13:50 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)=0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x989680}, {r1, r2+60000000}}, &(0x7f0000000200)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) clock_gettime(0x0, &(0x7f0000000040)={0x0, 0x0}) timer_settime(r0, 0x0, &(0x7f0000000080)={{0x77359400}, {r3, r4+60000000}}, &(0x7f0000000100)) r5 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r6, 0x0, &(0x7f0000000500)={{}, {0x0, r7+60000000}}, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) timer_settime(r8, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) timer_settime(r8, 0x1, &(0x7f0000000240)={{0x0, 0x3938700}, {0x77359400}}, &(0x7f0000000280)) process_vm_writev(r5, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000000140)=[{&(0x7f0000217f28)=""/231, 0xe7}], 0x1, 0x0) [ 1371.949495][T18745] FAULT_INJECTION: forcing a failure. [ 1371.949495][T18745] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1371.962768][T18745] CPU: 1 PID: 18745 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1371.972571][T18745] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1371.982647][T18745] Call Trace: [ 1371.986357][T18745] [ 1371.989282][T18745] dump_stack_lvl+0xd6/0x122 [ 1371.993977][T18745] dump_stack+0x11/0x1b [ 1371.998128][T18745] should_fail+0x23c/0x250 [ 1372.002550][T18745] __alloc_pages+0x102/0x330 [ 1372.007335][T18745] alloc_pages_vma+0x5ee/0x770 [ 1372.012184][T18745] ? lru_cache_add+0x37/0x50 [ 1372.017059][T18745] do_anonymous_page+0x169/0x8d0 [ 1372.021995][T18745] ? cgroup_rstat_updated+0x34/0x100 [ 1372.027392][T18745] ? __rcu_read_unlock+0x5c/0x290 [ 1372.032454][T18745] handle_mm_fault+0x814/0x1590 [ 1372.037327][T18745] ? _raw_spin_unlock+0x2e/0x50 [ 1372.042240][T18745] __get_user_pages+0x388/0xc80 [ 1372.047167][T18745] __get_user_pages_remote+0x17f/0x610 [ 1372.052771][T18745] ? iovec_from_user+0x2a6/0x2e0 [ 1372.057714][T18745] pin_user_pages_remote+0x58/0x80 [ 1372.062845][T18745] process_vm_rw_single_vec+0x17d/0x460 [ 1372.068397][T18745] process_vm_rw+0x3a2/0x540 [ 1372.073000][T18745] __x64_sys_process_vm_writev+0x76/0x90 [ 1372.078819][T18745] do_syscall_64+0x44/0xa0 [ 1372.083277][T18745] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1372.089174][T18745] RIP: 0033:0x7fede691aae9 [ 1372.093665][T18745] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1372.113323][T18745] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1372.122050][T18745] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1372.130021][T18745] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000002508 [ 1372.137987][T18745] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 23:13:50 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887700720030b5829237c300060000000080000055aa", 0x40, 0x1c0}]) 23:13:50 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 92) [ 1372.145949][T18745] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1372.153910][T18745] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1372.161880][T18745] [ 1372.175036][T18748] loop2: detected capacity change from 0 to 1 [ 1372.257250][T18748] loop2: detected capacity change from 0 to 1 [ 1372.257652][T18751] selinux_netlink_send: 10 callbacks suppressed [ 1372.257663][T18751] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=35144 sclass=netlink_xfrm_socket pid=18751 comm=syz-executor.4 [ 1372.286667][T18751] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=34247 sclass=netlink_xfrm_socket pid=18751 comm=syz-executor.4 23:13:50 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) timer_settime(r3, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) timer_settime(r3, 0x1, &(0x7f0000000040)={{0x77359400}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) 23:13:50 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500ffefffff0000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1372.301126][T18751] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=53893 sclass=netlink_xfrm_socket pid=18751 comm=syz-executor.4 [ 1372.321304][T18751] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=53481 sclass=netlink_xfrm_socket pid=18751 comm=syz-executor.4 [ 1372.384204][T18856] FAULT_INJECTION: forcing a failure. [ 1372.384204][T18856] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1372.397520][T18856] CPU: 1 PID: 18856 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1372.407426][T18856] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1372.417579][T18856] Call Trace: [ 1372.420852][T18856] [ 1372.423775][T18856] dump_stack_lvl+0xd6/0x122 [ 1372.428365][T18856] dump_stack+0x11/0x1b [ 1372.432517][T18856] should_fail+0x23c/0x250 [ 1372.436972][T18856] __alloc_pages+0x102/0x330 [ 1372.441660][T18856] alloc_pages_vma+0x5ee/0x770 [ 1372.446423][T18856] ? lru_cache_add+0x37/0x50 [ 1372.451017][T18856] do_anonymous_page+0x169/0x8d0 [ 1372.455950][T18856] ? cgroup_rstat_updated+0x34/0x100 [ 1372.461410][T18856] ? __rcu_read_unlock+0x5c/0x290 [ 1372.466441][T18856] handle_mm_fault+0x814/0x1590 [ 1372.471375][T18856] ? _raw_spin_unlock+0x2e/0x50 [ 1372.476240][T18856] __get_user_pages+0x388/0xc80 [ 1372.481259][T18856] __get_user_pages_remote+0x17f/0x610 [ 1372.486814][T18856] ? iovec_from_user+0x2a6/0x2e0 [ 1372.491762][T18856] pin_user_pages_remote+0x58/0x80 [ 1372.496877][T18856] process_vm_rw_single_vec+0x17d/0x460 [ 1372.502432][T18856] process_vm_rw+0x3a2/0x540 [ 1372.507111][T18856] __x64_sys_process_vm_writev+0x76/0x90 [ 1372.512762][T18856] do_syscall_64+0x44/0xa0 [ 1372.517234][T18856] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1372.523155][T18856] RIP: 0033:0x7fede691aae9 [ 1372.527562][T18856] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1372.547163][T18856] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1372.555580][T18856] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1372.563546][T18856] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 000000000000250a [ 1372.571505][T18856] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 23:13:50 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887700720030b5829237c304060000000080000055aa", 0x40, 0x1c0}]) 23:13:50 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 93) [ 1372.579474][T18856] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1372.587522][T18856] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1372.595496][T18856] [ 1372.736231][T18889] loop2: detected capacity change from 0 to 1 23:13:51 executing program 1: timer_create(0x2, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) [ 1372.778184][T18889] loop2: detected capacity change from 0 to 1 [ 1372.794672][T18968] FAULT_INJECTION: forcing a failure. [ 1372.794672][T18968] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1372.807934][T18968] CPU: 1 PID: 18968 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1372.817778][T18968] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1372.827935][T18968] Call Trace: [ 1372.831209][T18968] [ 1372.834133][T18968] dump_stack_lvl+0xd6/0x122 [ 1372.838885][T18968] dump_stack+0x11/0x1b [ 1372.843129][T18968] should_fail+0x23c/0x250 [ 1372.847544][T18968] __alloc_pages+0x102/0x330 [ 1372.852157][T18968] alloc_pages_vma+0x5ee/0x770 [ 1372.856936][T18968] ? lru_cache_add+0x37/0x50 [ 1372.861577][T18968] do_anonymous_page+0x169/0x8d0 [ 1372.866548][T18968] ? cgroup_rstat_updated+0x34/0x100 [ 1372.871827][T18968] ? __rcu_read_unlock+0x5c/0x290 [ 1372.876898][T18968] handle_mm_fault+0x814/0x1590 [ 1372.881843][T18968] ? _raw_spin_unlock+0x2e/0x50 [ 1372.886699][T18968] __get_user_pages+0x388/0xc80 [ 1372.891748][T18968] __get_user_pages_remote+0x17f/0x610 [ 1372.897264][T18968] ? iovec_from_user+0x2a6/0x2e0 [ 1372.902205][T18968] pin_user_pages_remote+0x58/0x80 [ 1372.907317][T18968] process_vm_rw_single_vec+0x17d/0x460 [ 1372.912942][T18968] process_vm_rw+0x3a2/0x540 [ 1372.917590][T18968] __x64_sys_process_vm_writev+0x76/0x90 [ 1372.923490][T18968] do_syscall_64+0x44/0xa0 [ 1372.927949][T18968] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1372.933918][T18968] RIP: 0033:0x7fede691aae9 [ 1372.938329][T18968] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1372.957934][T18968] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1372.966361][T18968] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 23:13:51 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887700720030b5829237c300070000000080000055aa", 0x40, 0x1c0}]) 23:13:51 executing program 5: open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r0 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r0, 0x2007fff) r1 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r3 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r3, 0x2285, &(0x7f0000000380)={0x53, 0x0, 0x0, 0x0, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) lseek(r3, 0xfffffffffffffffd, 0x0) sendfile(r1, r2, 0x0, 0x80000001) 23:13:51 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x202000) 23:13:51 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 94) [ 1372.974346][T18968] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 000000000000250c [ 1372.982420][T18968] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 [ 1372.990386][T18968] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1372.998351][T18968] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1373.006316][T18968] 23:13:51 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500fdfdffff0000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1373.270895][T19077] FAULT_INJECTION: forcing a failure. [ 1373.270895][T19077] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1373.284171][T19077] CPU: 0 PID: 19077 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1373.294070][T19077] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1373.304149][T19077] Call Trace: [ 1373.307427][T19077] [ 1373.310353][T19077] dump_stack_lvl+0xd6/0x122 [ 1373.315033][T19077] dump_stack+0x11/0x1b [ 1373.319196][T19077] should_fail+0x23c/0x250 [ 1373.323654][T19077] __alloc_pages+0x102/0x330 [ 1373.328296][T19077] alloc_pages_vma+0x5ee/0x770 [ 1373.333140][T19077] ? lru_cache_add+0x37/0x50 [ 1373.337821][T19077] do_anonymous_page+0x169/0x8d0 [ 1373.342767][T19077] ? cgroup_rstat_updated+0x34/0x100 [ 1373.348063][T19077] ? __rcu_read_unlock+0x5c/0x290 [ 1373.353115][T19077] handle_mm_fault+0x814/0x1590 [ 1373.357981][T19077] ? _raw_spin_unlock+0x2e/0x50 [ 1373.362841][T19077] __get_user_pages+0x388/0xc80 [ 1373.367745][T19077] __get_user_pages_remote+0x17f/0x610 [ 1373.373217][T19077] ? iovec_from_user+0x2a6/0x2e0 [ 1373.378336][T19077] pin_user_pages_remote+0x58/0x80 [ 1373.383466][T19077] process_vm_rw_single_vec+0x17d/0x460 [ 1373.389043][T19077] process_vm_rw+0x3a2/0x540 [ 1373.393659][T19077] __x64_sys_process_vm_writev+0x76/0x90 [ 1373.399304][T19077] do_syscall_64+0x44/0xa0 [ 1373.403858][T19077] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1373.409878][T19077] RIP: 0033:0x7fede691aae9 [ 1373.414296][T19077] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1373.434109][T19077] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1373.442675][T19077] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1373.450819][T19077] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 000000000000250e [ 1373.458845][T19077] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 23:13:51 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887700720030b5829237c300090000000080000055aa", 0x40, 0x1c0}]) 23:13:51 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887700720030b5829237c3000a0000000080000055aa", 0x40, 0x1c0}]) [ 1373.467011][T19077] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1373.475077][T19077] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1373.483247][T19077] 23:13:51 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 95) 23:13:51 executing program 5: r0 = open(&(0x7f0000000080)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = openat(r1, &(0x7f0000000040)='./bus\x00', 0x202000, 0x4) r3 = fspick(0xffffffffffffff9c, &(0x7f0000000140)='./bus\x00', 0x0) r4 = socket$nl_audit(0x10, 0x3, 0x9) io_uring_register$IORING_REGISTER_FILES_UPDATE(r2, 0x6, &(0x7f00000001c0)={0x6, 0x0, &(0x7f0000000180)=[r3, r4]}, 0x2) r5 = open(&(0x7f0000002000)='./bus\x00', 0x500, 0xb5) ftruncate(r5, 0x2007fff) r6 = geteuid() setreuid(r6, 0xffffffffffffffff) getresuid(0x0, 0x0, &(0x7f00000000c0)=0x0) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000100)={{0x0, r6, 0x0, r7, 0x0, 0x20, 0x1}, 0x0, 0x0, 0x7, 0x8, 0x3, 0x9, 0x0, 0xe, 0x8, 0x3}) mount$9p_fd(0x0, &(0x7f0000000200)='./bus\x00', &(0x7f0000000240), 0xcc20, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {}, 0x2c, {[{@noextend}, {@aname={'aname', 0x3d, ':[\xbe,'}}, {@posixacl}, {@msize={'msize', 0x3d, 0x4}}, {@dfltuid={'dfltuid', 0x3d, r6}}], [{@fscontext={'fscontext', 0x3d, 'user_u'}}]}}) r8 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4800) close(r9) r10 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r8, r10, 0x0, 0x80000001) close(r0) 23:13:51 executing program 1: r0 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) ftruncate(r0, 0x2007fff) ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000840)={0x0, r0, 0xfffffffeffffffff, 0x80000000, 0x6, 0x7fff}) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r1, r0, 0x0, 0x201000) renameat2(r0, &(0x7f00000007c0)='./file0\x00', 0xffffffffffffffff, &(0x7f0000000800)='./file0\x00', 0x1) timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r2 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_create(0x1, &(0x7f0000000040)={0x0, 0x14, 0x4, @thr={&(0x7f0000000100)="dec86744f71e9111cad122a6114fbd6392af2888a8a76a2814e0400ada469ec1f72eaf67b80c0126f5f68f2566c1f98e9c0dea53be8f2af4bb8088b547d85bbffed8e1d765542c84d1a0bf2b730a08c9492229a26882d5c4b5177afd89d3989ae5bdfdedaa0ae93c67697a248f87cbce239eb4191db10926a29bb7695841945ecc4f54e59642705e4d889f92ba993f4be0fe81b77a0379f97b90203e81942d7edc96a7d5", &(0x7f00000001c0)="d92f609e7ddd638a2b2e221f21d921a04e06ba5e1a555100073cb0d5d736be4edd725ce2f6c523115bf6ab7cf17b1f9f501eef7d2f8229ca2401b152c5ff1e6ae9c404b1bfcfc71b5495a6923eb7ef69aadf2f333723e0939734a579a17f841857997d456708477a18289ed554bdf1768778c1d10347a90dff0955ca41fd78b9de2a56789e0ad45f"}}, &(0x7f0000000080)=0x0) timer_settime(r5, 0x0, &(0x7f0000000280)={{0x0, 0x3938700}}, 0x0) timer_create(0x3, &(0x7f0000000880)={0x0, 0x37, 0x0, @tid=r2}, &(0x7f00000008c0)=0x0) clock_gettime(0x0, &(0x7f0000000900)={0x0, 0x0}) timer_settime(r6, 0x0, &(0x7f0000000940)={{}, {r7, r8+10000000}}, &(0x7f0000000980)) timer_settime(r3, 0x0, &(0x7f0000000500)={{}, {0x0, r4+60000000}}, 0x0) process_vm_writev(r2, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f00000002c0)=0x0) process_vm_writev(r9, &(0x7f0000000600)=[{&(0x7f0000000300)=""/182, 0xb6}, {&(0x7f00000003c0)=""/75, 0x4b}, {&(0x7f0000000540)=""/166, 0xa6}, {&(0x7f0000000480)=""/13, 0xd}], 0x4, &(0x7f0000000780)=[{&(0x7f0000000680)=""/247, 0xf7}], 0x1, 0x0) 23:13:51 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887700720030b5829237c3000b0000000080000055aa", 0x40, 0x1c0}]) [ 1373.520673][T19181] loop2: detected capacity change from 0 to 1 [ 1373.583617][T19187] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=35144 sclass=netlink_xfrm_socket pid=19187 comm=syz-executor.4 [ 1373.598451][T19187] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=34247 sclass=netlink_xfrm_socket pid=19187 comm=syz-executor.4 [ 1373.612553][T19187] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=53893 sclass=netlink_xfrm_socket pid=19187 comm=syz-executor.4 [ 1373.626068][T19187] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=53481 sclass=netlink_xfrm_socket pid=19187 comm=syz-executor.4 [ 1373.626247][T19181] loop2: detected capacity change from 0 to 1 23:13:51 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa50080ffffff0000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1373.752319][T19192] FAULT_INJECTION: forcing a failure. [ 1373.752319][T19192] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1373.765667][T19192] CPU: 1 PID: 19192 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1373.775527][T19192] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1373.785592][T19192] Call Trace: [ 1373.788857][T19192] [ 1373.791798][T19192] dump_stack_lvl+0xd6/0x122 [ 1373.796375][T19192] dump_stack+0x11/0x1b [ 1373.800510][T19192] should_fail+0x23c/0x250 [ 1373.804920][T19192] __alloc_pages+0x102/0x330 [ 1373.809500][T19192] alloc_pages_vma+0x5ee/0x770 [ 1373.814308][T19192] ? lru_cache_add+0x37/0x50 [ 1373.818883][T19192] do_anonymous_page+0x169/0x8d0 [ 1373.823812][T19192] ? cgroup_rstat_updated+0x34/0x100 [ 1373.829089][T19192] ? __rcu_read_unlock+0x5c/0x290 [ 1373.834111][T19192] handle_mm_fault+0x814/0x1590 [ 1373.838961][T19192] ? _raw_spin_unlock+0x2e/0x50 [ 1373.843813][T19192] __get_user_pages+0x388/0xc80 [ 1373.848722][T19192] __get_user_pages_remote+0x17f/0x610 [ 1373.854166][T19192] ? debug_smp_processor_id+0x18/0x20 [ 1373.859536][T19192] pin_user_pages_remote+0x58/0x80 [ 1373.864699][T19192] process_vm_rw_single_vec+0x17d/0x460 [ 1373.870247][T19192] process_vm_rw+0x3a2/0x540 [ 1373.874988][T19192] __x64_sys_process_vm_writev+0x76/0x90 [ 1373.880692][T19192] do_syscall_64+0x44/0xa0 [ 1373.885110][T19192] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1373.891046][T19192] RIP: 0033:0x7fede691aae9 [ 1373.895443][T19192] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1373.915055][T19192] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1373.923490][T19192] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1373.931453][T19192] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000002510 [ 1373.939406][T19192] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 23:13:52 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 96) [ 1373.947356][T19192] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1373.955318][T19192] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1373.963343][T19192] 23:13:52 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887700720030b5829237c3000c0000000080000055aa", 0x40, 0x1c0}]) 23:13:52 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x202900) 23:13:52 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x0, 0x0, &(0x7f0000000180)=0x0) timer_create(0x0, &(0x7f0000000100)={0x0, 0x1b, 0x2, @thr={&(0x7f0000000040)="b762769e6e74463eb1c3e3454aa38f25736abc25f9fdd534268c73670a6df838a2e9a58b46e5428cefccce5917ae143690add45ffbbaa21b6b963c309e38", &(0x7f0000000080)="de02cf8d80f316468849e26baad8124fb56d222fb9af47d54dbae91c4a7ef6a236ebe6"}}, &(0x7f0000000140)) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) [ 1374.193894][T19404] loop2: detected capacity change from 0 to 1 [ 1374.194955][T19403] FAULT_INJECTION: forcing a failure. [ 1374.194955][T19403] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1374.213223][T19403] CPU: 1 PID: 19403 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1374.223126][T19403] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1374.233180][T19403] Call Trace: [ 1374.236450][T19403] [ 1374.239374][T19403] dump_stack_lvl+0xd6/0x122 [ 1374.243966][T19403] dump_stack+0x11/0x1b [ 1374.248140][T19403] should_fail+0x23c/0x250 [ 1374.252557][T19403] __alloc_pages+0x102/0x330 [ 1374.257223][T19403] alloc_pages_vma+0x5ee/0x770 [ 1374.261987][T19403] ? lru_cache_add+0x37/0x50 [ 1374.266715][T19403] do_anonymous_page+0x169/0x8d0 [ 1374.271654][T19403] ? cgroup_rstat_updated+0x34/0x100 [ 1374.277040][T19403] ? __rcu_read_unlock+0x5c/0x290 [ 1374.282067][T19403] handle_mm_fault+0x814/0x1590 [ 1374.287047][T19403] ? _raw_spin_unlock+0x2e/0x50 [ 1374.291933][T19403] __get_user_pages+0x388/0xc80 [ 1374.296859][T19403] __get_user_pages_remote+0x17f/0x610 [ 1374.302319][T19403] ? iovec_from_user+0x2a6/0x2e0 [ 1374.307261][T19403] pin_user_pages_remote+0x58/0x80 [ 1374.312525][T19403] process_vm_rw_single_vec+0x17d/0x460 [ 1374.318095][T19403] process_vm_rw+0x3a2/0x540 [ 1374.322713][T19403] __x64_sys_process_vm_writev+0x76/0x90 [ 1374.328354][T19403] do_syscall_64+0x44/0xa0 [ 1374.332884][T19403] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1374.338796][T19403] RIP: 0033:0x7fede691aae9 [ 1374.343317][T19403] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1374.362925][T19403] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1374.371437][T19403] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1374.379411][T19403] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000002512 23:13:52 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 97) [ 1374.387380][T19403] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 [ 1374.395349][T19403] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1374.403323][T19403] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1374.411293][T19403] 23:13:52 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887700720030b5829237c3000d0000000080000055aa", 0x40, 0x1c0}]) [ 1374.490614][T19404] loop2: detected capacity change from 0 to 1 23:13:52 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) r1 = gettid() process_vm_writev(r1, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0) rt_sigqueueinfo(r1, 0x17, &(0x7f0000000040)={0x20, 0x7f, 0x8}) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r0, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) clone3(&(0x7f0000000340)={0x42000080, &(0x7f0000000100), &(0x7f0000000140)=0x0, &(0x7f0000000180)=0x0, {0x3e}, &(0x7f00000001c0)=""/90, 0x5a, &(0x7f0000000240)=""/179, &(0x7f0000000300)=[r1], 0x1}, 0x58) wait4(r3, &(0x7f00000003c0), 0x20000000, 0x0) clock_gettime(0x0, &(0x7f0000000400)) timer_settime(r0, 0x1, &(0x7f0000000480)={{0x0, 0x3938700}, {0x77359400}}, &(0x7f00000009c0)) r5 = gettid() wait4(r4, &(0x7f0000000540), 0x4, 0x0) process_vm_writev(r5, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0) process_vm_writev(r5, &(0x7f0000000940)=[{&(0x7f0000000580)=""/56, 0x38}, {&(0x7f0000000680)=""/215, 0xd7}, {&(0x7f00000005c0)=""/119, 0x77}, {&(0x7f0000000780)=""/236, 0xec}, {&(0x7f0000000880)=""/17, 0x11}, {&(0x7f00000008c0)=""/102, 0x66}], 0x6, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/216, 0xd8}], 0x1, 0x0) [ 1374.578557][T19511] FAULT_INJECTION: forcing a failure. [ 1374.578557][T19511] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1374.591881][T19511] CPU: 1 PID: 19511 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1374.601729][T19511] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1374.611828][T19511] Call Trace: [ 1374.615093][T19511] [ 1374.618009][T19511] dump_stack_lvl+0xd6/0x122 [ 1374.622775][T19511] dump_stack+0x11/0x1b [ 1374.626914][T19511] should_fail+0x23c/0x250 [ 1374.631333][T19511] __alloc_pages+0x102/0x330 [ 1374.635922][T19511] alloc_pages_vma+0x5ee/0x770 [ 1374.640679][T19511] ? lru_cache_add+0x37/0x50 [ 1374.645293][T19511] do_anonymous_page+0x169/0x8d0 [ 1374.650340][T19511] ? cgroup_rstat_updated+0x34/0x100 [ 1374.655724][T19511] ? __rcu_read_unlock+0x5c/0x290 [ 1374.660867][T19511] handle_mm_fault+0x814/0x1590 [ 1374.665792][T19511] ? _raw_spin_unlock+0x2e/0x50 [ 1374.670634][T19511] __get_user_pages+0x388/0xc80 [ 1374.675573][T19511] __get_user_pages_remote+0x17f/0x610 [ 1374.681282][T19511] ? iovec_from_user+0x2a6/0x2e0 [ 1374.686218][T19511] pin_user_pages_remote+0x58/0x80 [ 1374.691318][T19511] process_vm_rw_single_vec+0x17d/0x460 [ 1374.696853][T19511] process_vm_rw+0x3a2/0x540 [ 1374.701502][T19511] __x64_sys_process_vm_writev+0x76/0x90 [ 1374.707132][T19511] do_syscall_64+0x44/0xa0 [ 1374.711550][T19511] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1374.717602][T19511] RIP: 0033:0x7fede691aae9 [ 1374.722037][T19511] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1374.741979][T19511] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1374.750437][T19511] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1374.758408][T19511] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000002514 [ 1374.766375][T19511] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 23:13:53 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500c9ffffff0000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) [ 1374.774476][T19511] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1374.782432][T19511] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1374.790486][T19511] 23:13:53 executing program 5: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) dup(r0) r2 = open(&(0x7f0000002000)='./bus\x00', 0x143042, 0x0) r3 = syz_mount_image$iso9660(&(0x7f0000000040), &(0x7f0000000080)='./bus\x00', 0x4e56000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000100)="b6d6fb50bfd3ae1ba40868017fa1da70226d22987d24bb2b7ee58674a803209a8aef45b71c7b05a87bb3c59cbb5f0b53a8ff21ba84a8474b0a42a7699e7ad20a3f9972489290c6cc5e660240fa182b5a40e1c410f2f23ee2c7df26f1a9cbc5231c7f232e5ab4604dea538c41136450ad7caca6336514f02641a886f98c9d4a229a786840a013c8a05320fbed0236010ee17085a0bd46f88637b32202b0ad3fcc4c363a25e261e7a0443fd0d97d645d0994615733e962467447ae8d99eeb71d29ba2ca30509ccc7d00d6985710fb1", 0xce}], 0x2080000, &(0x7f0000000240)={[{@overriderock}, {@check_strict}], [{@smackfsfloor={'smackfsfloor', 0x3d, '#!^[\'-'}}, {@smackfstransmute={'smackfstransmute', 0x3d, '\'!#.'}}, {@hash}, {@seclabel}, {@appraise}, {@uid_eq={'uid', 0x3d, 0xffffffffffffffff}}]}) openat(r3, &(0x7f00000002c0)='./bus\x00', 0x298b01, 0x9) ftruncate(r2, 0x2007fff) r4 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r4, r5, 0x0, 0x80000001) 23:13:53 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 98) 23:13:53 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887700720030b5829237c3000e0000000080000055aa", 0x40, 0x1c0}]) [ 1375.048823][T19519] loop2: detected capacity change from 0 to 1 [ 1375.062363][T19522] FAULT_INJECTION: forcing a failure. [ 1375.062363][T19522] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1375.075677][T19522] CPU: 1 PID: 19522 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1375.085487][T19522] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1375.095709][T19522] Call Trace: 23:13:53 executing program 1: timer_create(0x3, &(0x7f00000000c0)={0x0, 0x17}, &(0x7f0000000640)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r1, 0x0, &(0x7f0000000500)={{}, {0x0, r2+60000000}}, 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000), 0x0, 0x0) [ 1375.098984][T19522] [ 1375.101922][T19522] dump_stack_lvl+0xd6/0x122 [ 1375.106559][T19522] dump_stack+0x11/0x1b [ 1375.110735][T19522] should_fail+0x23c/0x250 [ 1375.115155][T19522] __alloc_pages+0x102/0x330 [ 1375.119823][T19522] alloc_pages_vma+0x5ee/0x770 [ 1375.124590][T19522] ? lru_cache_add+0x37/0x50 [ 1375.129205][T19522] do_anonymous_page+0x169/0x8d0 [ 1375.134147][T19522] ? cgroup_rstat_updated+0x34/0x100 [ 1375.139427][T19522] ? __rcu_read_unlock+0x5c/0x290 [ 1375.144446][T19522] handle_mm_fault+0x814/0x1590 [ 1375.149320][T19522] ? _raw_spin_unlock+0x2e/0x50 [ 1375.154220][T19522] __get_user_pages+0x388/0xc80 [ 1375.159075][T19522] __get_user_pages_remote+0x17f/0x610 [ 1375.164534][T19522] ? iovec_from_user+0x2a6/0x2e0 [ 1375.169530][T19522] pin_user_pages_remote+0x58/0x80 [ 1375.174641][T19522] process_vm_rw_single_vec+0x17d/0x460 [ 1375.180281][T19522] process_vm_rw+0x3a2/0x540 [ 1375.184872][T19522] __x64_sys_process_vm_writev+0x76/0x90 [ 1375.190514][T19522] do_syscall_64+0x44/0xa0 [ 1375.195040][T19522] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1375.200946][T19522] RIP: 0033:0x7fede691aae9 [ 1375.205397][T19522] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1375.225215][T19522] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1375.233679][T19522] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1375.241707][T19522] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000002516 23:13:53 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 99) [ 1375.249675][T19522] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 [ 1375.257841][T19522] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1375.265978][T19522] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1375.273979][T19522] 23:13:53 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887700720030b5829237c3000f0000000080000055aa", 0x40, 0x1c0}]) [ 1375.331355][T19519] loop2: detected capacity change from 0 to 1 23:13:53 executing program 2: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff07000a000000002a000800000000000000004000ffffffa500f6ffffff0000887700720030b5829237c300000000000080000055aa", 0x40, 0x1c0}]) 23:13:53 executing program 4: r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14d842, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x80000001) r2 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendfile(r3, r2, 0x0, 0x203000) [ 1375.512324][T19730] FAULT_INJECTION: forcing a failure. [ 1375.512324][T19730] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1375.525767][T19730] CPU: 0 PID: 19730 Comm: syz-executor.3 Tainted: G W 5.15.0-syzkaller #0 [ 1375.535567][T19730] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1375.545689][T19730] Call Trace: [ 1375.548959][T19730] [ 1375.551901][T19730] dump_stack_lvl+0xd6/0x122 [ 1375.556496][T19730] dump_stack+0x11/0x1b [ 1375.560720][T19730] should_fail+0x23c/0x250 [ 1375.565206][T19730] __alloc_pages+0x102/0x330 [ 1375.569799][T19730] alloc_pages_vma+0x5ee/0x770 [ 1375.574682][T19730] ? lru_cache_add+0x37/0x50 [ 1375.579271][T19730] do_anonymous_page+0x169/0x8d0 [ 1375.584236][T19730] ? cgroup_rstat_updated+0x34/0x100 [ 1375.589521][T19730] ? __rcu_read_unlock+0x5c/0x290 [ 1375.594547][T19730] handle_mm_fault+0x814/0x1590 [ 1375.599472][T19730] ? _raw_spin_unlock+0x2e/0x50 [ 1375.604401][T19730] __get_user_pages+0x388/0xc80 [ 1375.609265][T19730] __get_user_pages_remote+0x17f/0x610 [ 1375.614786][T19730] ? iovec_from_user+0x2a6/0x2e0 [ 1375.619796][T19730] pin_user_pages_remote+0x58/0x80 [ 1375.624910][T19730] process_vm_rw_single_vec+0x17d/0x460 [ 1375.630545][T19730] process_vm_rw+0x3a2/0x540 [ 1375.635142][T19730] __x64_sys_process_vm_writev+0x76/0x90 [ 1375.640811][T19730] do_syscall_64+0x44/0xa0 [ 1375.645246][T19730] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 1375.651222][T19730] RIP: 0033:0x7fede691aae9 [ 1375.655648][T19730] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1375.675436][T19730] RSP: 002b:00007fede4691188 EFLAGS: 00000246 ORIG_RAX: 0000000000000137 [ 1375.683881][T19730] RAX: ffffffffffffffda RBX: 00007fede6a2df60 RCX: 00007fede691aae9 [ 1375.691857][T19730] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000002518 [ 1375.699844][T19730] RBP: 00007fede46911d0 R08: 0000000000000008 R09: 0000000000000000 23:13:53 executing program 1: r0 = gettid() process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000180)={0x0, 0x0}) timer_create(0x5, &(0x7f0000000140)={0x0, 0x16, 0x0, @tid=r1}, &(0x7f00000000c0)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r2 = gettid() timer_create(0x2, 0x0, &(0x7f0000000440)=0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) timer_settime(r3, 0x0, &(0x7f0000000500)={{}, {0x0, r4+60000000}}, 0x0) process_vm_writev(r2, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x3a, 0x0) clock_gettime(0x0, &(0x7f0000000040)={0x0, 0x0}) timer_settime(r3, 0x0, &(0x7f0000000080)={{0x77359400}, {r5, r6+10000000}}, &(0x7f0000000100)) 23:13:54 executing program 0: syz_read_part_table(0x0, 0x1bf, &(0x7f0000000080)=[{&(0x7f0000000000)="0201eeffffff01000000ff0700cd070000002a000800000000000000004000ffffffa500000000000000887700720030b5829237c300110000000080000055aa", 0x40, 0x1c0}]) [ 1375.707820][T19730] R10: 0000000020121000 R11: 0000000000000246 R12: 0000000000000002 [ 1375.716079][T19730] R13: 00007ffcdfeaf4bf R14: 00007fede4691300 R15: 0000000000022000 [ 1375.724069][T19730] 23:13:54 executing program 3: timer_create(0x3, 0x0, &(0x7f0000000640)) r0 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000500), 0x0) process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x8, 0x0) (fail_nth: 100) [ 1375.781654][T19836] loop2: detected capacity change from 0 to 1 [ 1375.845428][T19837] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=35144 sclass=netlink_xfrm_socket pid=19837 comm=syz-executor.4 [ 1375.864982][T19836] loop2: detected capacity change from 0 to 1 [ 1375.872216][T19837] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=34247 sclass=netlink_xfrm_socket pid=19837 comm=syz-executor.4 [ 1375.905355][ T346] ==================================================================