59536926495d56248c6afd09d7babe07a62626dd00e82bc93099a24f85b86b9c911e8763d56bcac2410f8e9139f77df9aae4b9b9079a318c6d858a6e6b7f9ba3c98f1cbd2923bd16b90", 0x1000) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 122.165940][ T8549] loop3: detected capacity change from 0 to 16 [ 122.185519][ T8556] FAT-fs (loop5): bogus number of reserved sectors [ 122.192075][ T8556] FAT-fs (loop5): Can't find a valid FAT filesystem [ 122.207663][ T8561] loop4: detected capacity change from 0 to 16 [ 122.259759][ T8569] FAT-fs (loop2): bogus number of reserved sectors [ 122.266295][ T8569] FAT-fs (loop2): Can't find a valid FAT filesystem 08:50:11 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005b0"], 0x1c}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8) splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x0) 08:50:11 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:11 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), 0x0, 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:50:11 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:50:11 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x16, &(0x7f0000000280)="5f579ed79400a9c94fd8af556f2cb0453f46823f62428604e722ea22e3d2adb04cd5e1ac63bc76c984c9ae0036529ee534505051a0c1d70bcbe616385fd4a0e1e3953d2afcb5da8bef8f2dff4591ed13471d61ccba1997686490be5a9e8d5fd701e7cf1360ff0ddeb54b63cd83ef47dfee396e16da79fdb6bd7d51accf5517c4fad6ad29b6736ff820e6f1c96c10c0cc9484ac4f217468bb00db28e231029100c67d3e9443df9262a4e30862f9ac31ebde4664baab5c7b95f677eecfa9269442f2b05b1d74ffb705f71089bd934aa275b54c277db5d0b7e0c8f5c305ccdc60d8f88dac0b8eb57ee141d08d7a90bd145a9396248cc1f6ea6c6c0bc1327fd77934ea5ef93bbec3a49ef8eb87f3160c436b2b5e0b4581c9f0851123a3632e19cde75f16ba683172139eda87314518bf5f577bd1a579c183e26b4a1f12ee0b1c5cba97f1e69348a53afa56e93cc0dad5da9363a6e06d3109c4a4a54a5cbfc3d460d837ab1e38ac4cf71711dcf57f9cb0ce01dfc74c370ea40c2524ba930563f602cf603702a95083db3d762219c6a0e63533ca3fe1e8df336c43649d7e1e55ac5263627f8c0557024b6df89ffe6f07162f6dbcb3cf12071922e15fda068943909ebd158fed261beded5d03e3a271899ecafd74b5932918f336926ab4e801cd17b0bdc4c5ba9258f3471cb9292b00fb87d427c225ce941b6f47e656d12951fcbb04a85e9b913322be649e26ac1ca63816796bf149e88eaa48b8a034c93075467b20e317fcc0a1c20f6cb6288005b50f155217037c7750df484b0e393350978d78e8518402bfea892e455d1380a4a3418d336bac19cc839167736ead4e15af72b0103aea017d756edbd3147c55a0ccec74199f1eb9eb817a3351df39fbffd85149601ad7c074aff3856e90eed3bbca5702db3620b089a36b278ea7238d5a799b41c818c90869de9db9be5cd2919cc4b043bf9a80c34b461eef6ab0feb7fa9dfc67ee30548bc7301115f8d82dc2a88a798a708df684a5c7a018a4abda559072c6a163c4d321df4a9d88ec57785b7e54118ee445427015db07c1ae47f7e10b5d038d889ba401ba1273add2ebca5f3422fd2da6e3efc3563d8f9e545b16147cc6cccc586b1c4d665d8e624db0b1be87c4bfe8f1d6303e7975727aef35aceb85d2916fee4ba5af8705065e2a8ddec6ade155a1d27ce8a98f80e1739bb268d4b3247bbac21ecaa5558b4635056b5935422bbcb51b3b98f647ff3e5f61e43720b8cee5b95b78b6d9211cf38ed12b676b411797b1a1dbeb7d3a3633d6f1b8af01c2c6e6b4bc73280743d148a621e5915f4e344f75d42bbfaa769be8625e64a72f516098101bf7459ffbf89316067b8df337964dca69cdf8a1c2d6d51e3a1c92c0c80b807b5ad0c5f92df54b7b551acdf41c3058fbd52d03b50abe7e0acb50f4f77ad30164f146c4ce766cde532ea7e7f650137332fa444f7414c22c968f32c6d0e977b39ceabb72dcea722a7dfb583fb885066496cacc20af767f50c5f4b86499c054db70a6b59bead1d269b997a85fd7eb81596696b0717443a3754d45815f0718a99c594a311879ddb23e4611c15f857aeb3af425b367b23300d3ffd63a3589aa89a7dd9933375897090eab1589653dd5c7e437d15ef42e2901653f9d0b5eb802ce90800326deaa68c3647933043954a403531a1f698df58bd439bb14cf34a60fc1e55fafbf2d3c1fe476bb76dbb948fb3dd4b1b03ab03120762be4f540778ccb89e0aee5418e6c51b65c43ae29f04d8b200d5cb27a804e9c981dda2278a8276db77121139f366d94a7783d669ee190bb2b16c1fe72091014945b48042c5fe1944d7b62634fd016a526d7246ebcf56e5b6201232ae13f18a48a8ace28d6add02a4ca7c85b9eee00fa13073c1c6c13e3eed2e2bfb5e826b1c6d99318018e896b35ee0ee2013bb22b86b75148390fe0932a15d6433d39f56eb66c5093a227d6db4c46b893604100ce0fc16221af87f9bc4e6a7198b3ca71b1ce0984fee1c174ea106736d283760e7c332f5f90cd7bd20b99587062fcebcf6e2b4936002b9cd9ec781fbd1539ea0ee280d20a3f276d0576d2cb77009b47b5743c5e43d8a0aefb7216e0f72f2a6713d24e1405fd105cabb8a3633b828ad0bec8a2858d4dfb5e2bb21472d5cacfdb81c420e53e3fc0b3d8f65cbc2c464dd349ac087c09d6a10ece32f0533c32b844110508a8ab62c491209678e117e4305bf193ed7a441241007dbd7adcde5bf4efda6d0def06e0e9f6cac90183477cf55e54f8be781ed28c10638eb6f036d40679b69c1da42cc2bfe885da7fa921092651b0c6eeb34de07a00e0ca0adeb2c1feb015dfe0e0ea4bebe1e05be2b1dd836081f1774d608757d91421b91029db174e4fb5428437c31ba64099606b69cdcd83f4ea511fa97da4112c83eab436b1ba941465ac206a8f48c18a2253d7b314e3c8a19d42e254d1e0795cf6b0007aa81034d29f4d7e4a0a596105ecd139fa18c88e1f953dd4b454a2096e14ae8733e33ea8697b268c07fec15234b2cfb5678cf4345cd00c9959a0520ff45ae7b7411cdc067a1069907f3780b15b56c96fc505ec6c6975327c348ca0a23c1deb1f5890fc25bec8424949bdf23c314e08de883891d6753e77052bca2959911d378173a45b1b2ccce8a036b585716da11fb9cdb135460f8acb3179ed30ef1eca1927fa0b8458f66755ecc5d7bb9d706e3b2d0c01dca23ec8ba696baf132199b20aa8897938214f81ec8a549ca3c3edf70f8cf3e9900074007b1c184fc4aa30abce4f7a4bcf083520710970f2b7b4f2c0ad008b7aeff389831c1970fd317097666e9a90467425c96fad04457580677218441b71125bdba5846d570348eb1bd6effc3870cd9c3f9c9bc96d3444211ddc7aae06f796df2a78d7a670c2072a5d2b212aef737dc6df423f50dea398c7bf146b2db22e42b723bbef4cc8d457d72eaccd6daa67f43054803cc44781319cfd4df5c14e5ada1acde4876bc8d797b95067e4627ab353086c57395e5c446a8add31887af4aeb9f22e65d8d565a90d57933fa09273f500697a58149273dcdbb2c20fb542fa3fde3be0498954d030d819bc1a2de9180b68f6cc7dacd6aa704c9809eb63b38eef066f9776483f65a92729b4277baeffc3c8ef0ab6111e2049da0fad2f0b2b7771837220b8fc0e2457516db794bccb8cb34d799f096964fd04bce91350f348207813a6f51640bc0d8b9c4f95892c296ef68961ab90e809a51a1eef2cb4365b66063d50902aeeba73ead9564da1c62fe5b8b12bf49024f710ff0bc9b5807ff9dd045746677c8522a4b0841224b6c56ba75a3f768ac3096e97d22db9dc1b7d0668c32f834feabd10789b233b0b11fc7cf531998383490b1372c798e9ee02379aca07a887653c64d3b8fd96797e371940bc108abf6c3ecf69549d2abeb2ea09105778e26cd3f08b90c7007c7eeedffad59b8b3c04faa88cd39d8e23154b0b230c71519d3e6b0af4b1017499a6292723e426334b229b635fe8761a2e99965646357cb1f80eff948142970d7aca2e7748322583f5dc68880de9d4fc13eedd26cfe9d78e90efb868c3d2d0ac18dd82c55b9bd299b035f67603cb11a92f603c8c98b81c588789d5ab0b0421f4dec920d88386d5b2d64586b19bf72b65a28d480d4ec7ba5fa7a4b577ac3e670e307b601bef1a8924787c0fd72989671a30ec843cfbe0ddbab61b1c0e316071e0bd488fcc17b677355f6f1feab32a44bcbc411786c002738c11c4fb5af07bd679f1f6150f2d270d48cd87caa58d437651c4568dea65cb6ffec7ae7b5c8b973dac75586b7f57b3774ca836ed0fb4d212f89c79cce4a1493076a509e9811355aa3447747d2f6d9dbfc4590996a56951f66bfe76d7b2a11893e02579887338c4928372c1d837e9b92a7c1b73671427f51f73c03cd9e3ba437204bed525f2ddde1aac15cf090b10e7f540845c6d643e6d421c4421c9e578e98bd80847ac3eb6687438d2e388b83a987be5479140e7ca2c4dfc038bf82b03faf75924f7fe82bfbf4f7cd25a2105d8db7b07d847ad1edca94323f744cc54640f929dcb6e93509336150469c575b16669d6671b61ab0418d67a90d0eafdc6287ebcb486ef990da526151d1309e2deb5a5ba25b705552052017ae242a77694080b2c648e35044fc731f3fa63e90c52550c26af75517285ca22696b655274e986c076a6cff721ab202c6d3634a88bc860967bc9fa2853f595851c421e3677b4c938a5684cbf45fb78214e8ce47dadf1f25e281ea092b857dd8d61bc4224ace14741320ce9ee63f2a5eef59cf1af1cd4b856ceae09b87eb2c67b6c3dc160da2c178138927eef6762163fe1dcc26e49edca9e1dd6fba3ab0b262d83a2d26939ceedb64974f34726c22a6139c7c63103415e287ded358d7f0b6c93bc626baf81f0efb0690bf790af70f1ac565b01790927ef36a942d3c1e4961ba5e04465a5520e6982c25df1f10db7093aca5959f0c2804cfd3093fa0ca03405d08cb8aa5c1731a6700462c96c7d015fb90fab5da3c366af9230a4e19e0c2dd92f4c24e7e825083332c6dcca9160a3e53c0227b4f41e8b9ffdf5d515efe2d4d665e92a774b2e4bcad4228c8ef58343706cff0e393345a4dcd78073ef1664d23eef7313e3726713bc625cf0cc1bee43ee1a39d615ada40495be8ddb43d6fe18c5b7e79216bd93bd1ee8cd74b8f23a910770b0b4b13e9048cad746929c1594d0b30cabe0529a20eb055e7f42508317e3cfb9b0f564aaa02288173265e75b5b4eb749d4fa04a015be84d02c3cc25b805cea8640d13275ba91d8e5f0ed6865f4eede33c99b7dcb5f81117a0fb18a7fff9bfe90deb327ed5d8da6e56809ef31d8d7e35736cee5521cc57b4356558af88f60f4554d5e12cc61f00c2177ddaa778a5aaba2dd07ef29f72775412ffb1374eea064ee33b5ea5c998b720999e23e7596797960ccd212b1ba46095cb17cc5affd87fbeb82fc345a2ae3f185f9da92e316d545eb4e42b5afc84eb0083c0ea8f4652c0432ead6fcf0c5bd1fe311d2423ea1b96658869f2889962ac40b655dd364811e4433ed1b3ba185f35499b2c79c0be7d01724b3ceea29f35a80703f9352e2100df201998f5d008b13492e7c1fd408dbf4713175f319118ce763ba241c534b4e003cade6c6a92075ce14537e36f5410d46d856c401320ca2d21211786fddcfc70a2ebf108c09c6b92a202e510b55358a26c88232b01d61bc4b43f0595b5015f302391d1ffd00e8937aeef9308ce30904fbf3b0b7b90e93bd51a1762d6f6d59e87b0701fddf80f951e75e1e8403bcf80a09454533995b3c6a030e34678bd34c2da0b344ba25c3d43207443aefab8866e3025887a42d584b8bd053f5e8c34610e5758f5497ace6781677e0e0ad1dadb5213f5b5156d1bf21f8f8efe6c0dc64a2e286f568803a9447143527bae17b4db53957832e5d646769ed50c8772641bd204f583c1732ed0230cdd03201e32fa9b7b54ffc65147c02c5134875a61f493bc34cca0fab088aa0bd1521a6f19568f2526314b7243ffc833cde93b6e2c7372830d315b7880b7640c3556da959a4148572a07b17d9a062272ab2bf88a070a18e6c195ae07977975bbd844462765541b7ac63ab4c0e17239e16a7174b1b36f3e76366ee813482e92ec9259536926495d56248c6afd09d7babe07a62626dd00e82bc93099a24f85b86b9c911e8763d56bcac2410f8e9139f77df9aae4b9b9079a318c6d858a6e6b7f9ba3c98f1cbd2923bd16b90", 0x1000) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:11 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:11 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x16, &(0x7f0000000280)="5f579ed79400a9c94fd8af556f2cb0453f46823f62428604e722ea22e3d2adb04cd5e1ac63bc76c984c9ae0036529ee534505051a0c1d70bcbe616385fd4a0e1e3953d2afcb5da8bef8f2dff4591ed13471d61ccba1997686490be5a9e8d5fd701e7cf1360ff0ddeb54b63cd83ef47dfee396e16da79fdb6bd7d51accf5517c4fad6ad29b6736ff820e6f1c96c10c0cc9484ac4f217468bb00db28e231029100c67d3e9443df9262a4e30862f9ac31ebde4664baab5c7b95f677eecfa9269442f2b05b1d74ffb705f71089bd934aa275b54c277db5d0b7e0c8f5c305ccdc60d8f88dac0b8eb57ee141d08d7a90bd145a9396248cc1f6ea6c6c0bc1327fd77934ea5ef93bbec3a49ef8eb87f3160c436b2b5e0b4581c9f0851123a3632e19cde75f16ba683172139eda87314518bf5f577bd1a579c183e26b4a1f12ee0b1c5cba97f1e69348a53afa56e93cc0dad5da9363a6e06d3109c4a4a54a5cbfc3d460d837ab1e38ac4cf71711dcf57f9cb0ce01dfc74c370ea40c2524ba930563f602cf603702a95083db3d762219c6a0e63533ca3fe1e8df336c43649d7e1e55ac5263627f8c0557024b6df89ffe6f07162f6dbcb3cf12071922e15fda068943909ebd158fed261beded5d03e3a271899ecafd74b5932918f336926ab4e801cd17b0bdc4c5ba9258f3471cb9292b00fb87d427c225ce941b6f47e656d12951fcbb04a85e9b913322be649e26ac1ca63816796bf149e88eaa48b8a034c93075467b20e317fcc0a1c20f6cb6288005b50f155217037c7750df484b0e393350978d78e8518402bfea892e455d1380a4a3418d336bac19cc839167736ead4e15af72b0103aea017d756edbd3147c55a0ccec74199f1eb9eb817a3351df39fbffd85149601ad7c074aff3856e90eed3bbca5702db3620b089a36b278ea7238d5a799b41c818c90869de9db9be5cd2919cc4b043bf9a80c34b461eef6ab0feb7fa9dfc67ee30548bc7301115f8d82dc2a88a798a708df684a5c7a018a4abda559072c6a163c4d321df4a9d88ec57785b7e54118ee445427015db07c1ae47f7e10b5d038d889ba401ba1273add2ebca5f3422fd2da6e3efc3563d8f9e545b16147cc6cccc586b1c4d665d8e624db0b1be87c4bfe8f1d6303e7975727aef35aceb85d2916fee4ba5af8705065e2a8ddec6ade155a1d27ce8a98f80e1739bb268d4b3247bbac21ecaa5558b4635056b5935422bbcb51b3b98f647ff3e5f61e43720b8cee5b95b78b6d9211cf38ed12b676b411797b1a1dbeb7d3a3633d6f1b8af01c2c6e6b4bc73280743d148a621e5915f4e344f75d42bbfaa769be8625e64a72f516098101bf7459ffbf89316067b8df337964dca69cdf8a1c2d6d51e3a1c92c0c80b807b5ad0c5f92df54b7b551acdf41c3058fbd52d03b50abe7e0acb50f4f77ad30164f146c4ce766cde532ea7e7f650137332fa444f7414c22c968f32c6d0e977b39ceabb72dcea722a7dfb583fb885066496cacc20af767f50c5f4b86499c054db70a6b59bead1d269b997a85fd7eb81596696b0717443a3754d45815f0718a99c594a311879ddb23e4611c15f857aeb3af425b367b23300d3ffd63a3589aa89a7dd9933375897090eab1589653dd5c7e437d15ef42e2901653f9d0b5eb802ce90800326deaa68c3647933043954a403531a1f698df58bd439bb14cf34a60fc1e55fafbf2d3c1fe476bb76dbb948fb3dd4b1b03ab03120762be4f540778ccb89e0aee5418e6c51b65c43ae29f04d8b200d5cb27a804e9c981dda2278a8276db77121139f366d94a7783d669ee190bb2b16c1fe72091014945b48042c5fe1944d7b62634fd016a526d7246ebcf56e5b6201232ae13f18a48a8ace28d6add02a4ca7c85b9eee00fa13073c1c6c13e3eed2e2bfb5e826b1c6d99318018e896b35ee0ee2013bb22b86b75148390fe0932a15d6433d39f56eb66c5093a227d6db4c46b893604100ce0fc16221af87f9bc4e6a7198b3ca71b1ce0984fee1c174ea106736d283760e7c332f5f90cd7bd20b99587062fcebcf6e2b4936002b9cd9ec781fbd1539ea0ee280d20a3f276d0576d2cb77009b47b5743c5e43d8a0aefb7216e0f72f2a6713d24e1405fd105cabb8a3633b828ad0bec8a2858d4dfb5e2bb21472d5cacfdb81c420e53e3fc0b3d8f65cbc2c464dd349ac087c09d6a10ece32f0533c32b844110508a8ab62c491209678e117e4305bf193ed7a441241007dbd7adcde5bf4efda6d0def06e0e9f6cac90183477cf55e54f8be781ed28c10638eb6f036d40679b69c1da42cc2bfe885da7fa921092651b0c6eeb34de07a00e0ca0adeb2c1feb015dfe0e0ea4bebe1e05be2b1dd836081f1774d608757d91421b91029db174e4fb5428437c31ba64099606b69cdcd83f4ea511fa97da4112c83eab436b1ba941465ac206a8f48c18a2253d7b314e3c8a19d42e254d1e0795cf6b0007aa81034d29f4d7e4a0a596105ecd139fa18c88e1f953dd4b454a2096e14ae8733e33ea8697b268c07fec15234b2cfb5678cf4345cd00c9959a0520ff45ae7b7411cdc067a1069907f3780b15b56c96fc505ec6c6975327c348ca0a23c1deb1f5890fc25bec8424949bdf23c314e08de883891d6753e77052bca2959911d378173a45b1b2ccce8a036b585716da11fb9cdb135460f8acb3179ed30ef1eca1927fa0b8458f66755ecc5d7bb9d706e3b2d0c01dca23ec8ba696baf132199b20aa8897938214f81ec8a549ca3c3edf70f8cf3e9900074007b1c184fc4aa30abce4f7a4bcf083520710970f2b7b4f2c0ad008b7aeff389831c1970fd317097666e9a90467425c96fad04457580677218441b71125bdba5846d570348eb1bd6effc3870cd9c3f9c9bc96d3444211ddc7aae06f796df2a78d7a670c2072a5d2b212aef737dc6df423f50dea398c7bf146b2db22e42b723bbef4cc8d457d72eaccd6daa67f43054803cc44781319cfd4df5c14e5ada1acde4876bc8d797b95067e4627ab353086c57395e5c446a8add31887af4aeb9f22e65d8d565a90d57933fa09273f500697a58149273dcdbb2c20fb542fa3fde3be0498954d030d819bc1a2de9180b68f6cc7dacd6aa704c9809eb63b38eef066f9776483f65a92729b4277baeffc3c8ef0ab6111e2049da0fad2f0b2b7771837220b8fc0e2457516db794bccb8cb34d799f096964fd04bce91350f348207813a6f51640bc0d8b9c4f95892c296ef68961ab90e809a51a1eef2cb4365b66063d50902aeeba73ead9564da1c62fe5b8b12bf49024f710ff0bc9b5807ff9dd045746677c8522a4b0841224b6c56ba75a3f768ac3096e97d22db9dc1b7d0668c32f834feabd10789b233b0b11fc7cf531998383490b1372c798e9ee02379aca07a887653c64d3b8fd96797e371940bc108abf6c3ecf69549d2abeb2ea09105778e26cd3f08b90c7007c7eeedffad59b8b3c04faa88cd39d8e23154b0b230c71519d3e6b0af4b1017499a6292723e426334b229b635fe8761a2e99965646357cb1f80eff948142970d7aca2e7748322583f5dc68880de9d4fc13eedd26cfe9d78e90efb868c3d2d0ac18dd82c55b9bd299b035f67603cb11a92f603c8c98b81c588789d5ab0b0421f4dec920d88386d5b2d64586b19bf72b65a28d480d4ec7ba5fa7a4b577ac3e670e307b601bef1a8924787c0fd72989671a30ec843cfbe0ddbab61b1c0e316071e0bd488fcc17b677355f6f1feab32a44bcbc411786c002738c11c4fb5af07bd679f1f6150f2d270d48cd87caa58d437651c4568dea65cb6ffec7ae7b5c8b973dac75586b7f57b3774ca836ed0fb4d212f89c79cce4a1493076a509e9811355aa3447747d2f6d9dbfc4590996a56951f66bfe76d7b2a11893e02579887338c4928372c1d837e9b92a7c1b73671427f51f73c03cd9e3ba437204bed525f2ddde1aac15cf090b10e7f540845c6d643e6d421c4421c9e578e98bd80847ac3eb6687438d2e388b83a987be5479140e7ca2c4dfc038bf82b03faf75924f7fe82bfbf4f7cd25a2105d8db7b07d847ad1edca94323f744cc54640f929dcb6e93509336150469c575b16669d6671b61ab0418d67a90d0eafdc6287ebcb486ef990da526151d1309e2deb5a5ba25b705552052017ae242a77694080b2c648e35044fc731f3fa63e90c52550c26af75517285ca22696b655274e986c076a6cff721ab202c6d3634a88bc860967bc9fa2853f595851c421e3677b4c938a5684cbf45fb78214e8ce47dadf1f25e281ea092b857dd8d61bc4224ace14741320ce9ee63f2a5eef59cf1af1cd4b856ceae09b87eb2c67b6c3dc160da2c178138927eef6762163fe1dcc26e49edca9e1dd6fba3ab0b262d83a2d26939ceedb64974f34726c22a6139c7c63103415e287ded358d7f0b6c93bc626baf81f0efb0690bf790af70f1ac565b01790927ef36a942d3c1e4961ba5e04465a5520e6982c25df1f10db7093aca5959f0c2804cfd3093fa0ca03405d08cb8aa5c1731a6700462c96c7d015fb90fab5da3c366af9230a4e19e0c2dd92f4c24e7e825083332c6dcca9160a3e53c0227b4f41e8b9ffdf5d515efe2d4d665e92a774b2e4bcad4228c8ef58343706cff0e393345a4dcd78073ef1664d23eef7313e3726713bc625cf0cc1bee43ee1a39d615ada40495be8ddb43d6fe18c5b7e79216bd93bd1ee8cd74b8f23a910770b0b4b13e9048cad746929c1594d0b30cabe0529a20eb055e7f42508317e3cfb9b0f564aaa02288173265e75b5b4eb749d4fa04a015be84d02c3cc25b805cea8640d13275ba91d8e5f0ed6865f4eede33c99b7dcb5f81117a0fb18a7fff9bfe90deb327ed5d8da6e56809ef31d8d7e35736cee5521cc57b4356558af88f60f4554d5e12cc61f00c2177ddaa778a5aaba2dd07ef29f72775412ffb1374eea064ee33b5ea5c998b720999e23e7596797960ccd212b1ba46095cb17cc5affd87fbeb82fc345a2ae3f185f9da92e316d545eb4e42b5afc84eb0083c0ea8f4652c0432ead6fcf0c5bd1fe311d2423ea1b96658869f2889962ac40b655dd364811e4433ed1b3ba185f35499b2c79c0be7d01724b3ceea29f35a80703f9352e2100df201998f5d008b13492e7c1fd408dbf4713175f319118ce763ba241c534b4e003cade6c6a92075ce14537e36f5410d46d856c401320ca2d21211786fddcfc70a2ebf108c09c6b92a202e510b55358a26c88232b01d61bc4b43f0595b5015f302391d1ffd00e8937aeef9308ce30904fbf3b0b7b90e93bd51a1762d6f6d59e87b0701fddf80f951e75e1e8403bcf80a09454533995b3c6a030e34678bd34c2da0b344ba25c3d43207443aefab8866e3025887a42d584b8bd053f5e8c34610e5758f5497ace6781677e0e0ad1dadb5213f5b5156d1bf21f8f8efe6c0dc64a2e286f568803a9447143527bae17b4db53957832e5d646769ed50c8772641bd204f583c1732ed0230cdd03201e32fa9b7b54ffc65147c02c5134875a61f493bc34cca0fab088aa0bd1521a6f19568f2526314b7243ffc833cde93b6e2c7372830d315b7880b7640c3556da959a4148572a07b17d9a062272ab2bf88a070a18e6c195ae07977975bbd844462765541b7ac63ab4c0e17239e16a7174b1b36f3e76366ee813482e92ec9259536926495d56248c6afd09d7babe07a62626dd00e82bc93099a24f85b86b9c911e8763d56bcac2410f8e9139f77df9aae4b9b9079a318c6d858a6e6b7f9ba3c98f1cbd2923bd16b90", 0x1000) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:11 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(0xffffffffffffffff, &(0x7f0000000200), 0xf000) [ 122.910113][ T8590] loop3: detected capacity change from 0 to 16 [ 122.914848][ T8588] FAT-fs (loop2): bogus number of reserved sectors [ 122.916582][ T8589] loop4: detected capacity change from 0 to 16 [ 122.922842][ T8588] FAT-fs (loop2): Can't find a valid FAT filesystem [ 122.933985][ T8592] FAT-fs (loop5): bogus number of reserved sectors [ 122.942652][ T8592] FAT-fs (loop5): Can't find a valid FAT filesystem 08:50:11 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:11 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(0xffffffffffffffff, &(0x7f0000000200), 0xf000) 08:50:11 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x16, &(0x7f0000000280)="5f579ed79400a9c94fd8af556f2cb0453f46823f62428604e722ea22e3d2adb04cd5e1ac63bc76c984c9ae0036529ee534505051a0c1d70bcbe616385fd4a0e1e3953d2afcb5da8bef8f2dff4591ed13471d61ccba1997686490be5a9e8d5fd701e7cf1360ff0ddeb54b63cd83ef47dfee396e16da79fdb6bd7d51accf5517c4fad6ad29b6736ff820e6f1c96c10c0cc9484ac4f217468bb00db28e231029100c67d3e9443df9262a4e30862f9ac31ebde4664baab5c7b95f677eecfa9269442f2b05b1d74ffb705f71089bd934aa275b54c277db5d0b7e0c8f5c305ccdc60d8f88dac0b8eb57ee141d08d7a90bd145a9396248cc1f6ea6c6c0bc1327fd77934ea5ef93bbec3a49ef8eb87f3160c436b2b5e0b4581c9f0851123a3632e19cde75f16ba683172139eda87314518bf5f577bd1a579c183e26b4a1f12ee0b1c5cba97f1e69348a53afa56e93cc0dad5da9363a6e06d3109c4a4a54a5cbfc3d460d837ab1e38ac4cf71711dcf57f9cb0ce01dfc74c370ea40c2524ba930563f602cf603702a95083db3d762219c6a0e63533ca3fe1e8df336c43649d7e1e55ac5263627f8c0557024b6df89ffe6f07162f6dbcb3cf12071922e15fda068943909ebd158fed261beded5d03e3a271899ecafd74b5932918f336926ab4e801cd17b0bdc4c5ba9258f3471cb9292b00fb87d427c225ce941b6f47e656d12951fcbb04a85e9b913322be649e26ac1ca63816796bf149e88eaa48b8a034c93075467b20e317fcc0a1c20f6cb6288005b50f155217037c7750df484b0e393350978d78e8518402bfea892e455d1380a4a3418d336bac19cc839167736ead4e15af72b0103aea017d756edbd3147c55a0ccec74199f1eb9eb817a3351df39fbffd85149601ad7c074aff3856e90eed3bbca5702db3620b089a36b278ea7238d5a799b41c818c90869de9db9be5cd2919cc4b043bf9a80c34b461eef6ab0feb7fa9dfc67ee30548bc7301115f8d82dc2a88a798a708df684a5c7a018a4abda559072c6a163c4d321df4a9d88ec57785b7e54118ee445427015db07c1ae47f7e10b5d038d889ba401ba1273add2ebca5f3422fd2da6e3efc3563d8f9e545b16147cc6cccc586b1c4d665d8e624db0b1be87c4bfe8f1d6303e7975727aef35aceb85d2916fee4ba5af8705065e2a8ddec6ade155a1d27ce8a98f80e1739bb268d4b3247bbac21ecaa5558b4635056b5935422bbcb51b3b98f647ff3e5f61e43720b8cee5b95b78b6d9211cf38ed12b676b411797b1a1dbeb7d3a3633d6f1b8af01c2c6e6b4bc73280743d148a621e5915f4e344f75d42bbfaa769be8625e64a72f516098101bf7459ffbf89316067b8df337964dca69cdf8a1c2d6d51e3a1c92c0c80b807b5ad0c5f92df54b7b551acdf41c3058fbd52d03b50abe7e0acb50f4f77ad30164f146c4ce766cde532ea7e7f650137332fa444f7414c22c968f32c6d0e977b39ceabb72dcea722a7dfb583fb885066496cacc20af767f50c5f4b86499c054db70a6b59bead1d269b997a85fd7eb81596696b0717443a3754d45815f0718a99c594a311879ddb23e4611c15f857aeb3af425b367b23300d3ffd63a3589aa89a7dd9933375897090eab1589653dd5c7e437d15ef42e2901653f9d0b5eb802ce90800326deaa68c3647933043954a403531a1f698df58bd439bb14cf34a60fc1e55fafbf2d3c1fe476bb76dbb948fb3dd4b1b03ab03120762be4f540778ccb89e0aee5418e6c51b65c43ae29f04d8b200d5cb27a804e9c981dda2278a8276db77121139f366d94a7783d669ee190bb2b16c1fe72091014945b48042c5fe1944d7b62634fd016a526d7246ebcf56e5b6201232ae13f18a48a8ace28d6add02a4ca7c85b9eee00fa13073c1c6c13e3eed2e2bfb5e826b1c6d99318018e896b35ee0ee2013bb22b86b75148390fe0932a15d6433d39f56eb66c5093a227d6db4c46b893604100ce0fc16221af87f9bc4e6a7198b3ca71b1ce0984fee1c174ea106736d283760e7c332f5f90cd7bd20b99587062fcebcf6e2b4936002b9cd9ec781fbd1539ea0ee280d20a3f276d0576d2cb77009b47b5743c5e43d8a0aefb7216e0f72f2a6713d24e1405fd105cabb8a3633b828ad0bec8a2858d4dfb5e2bb21472d5cacfdb81c420e53e3fc0b3d8f65cbc2c464dd349ac087c09d6a10ece32f0533c32b844110508a8ab62c491209678e117e4305bf193ed7a441241007dbd7adcde5bf4efda6d0def06e0e9f6cac90183477cf55e54f8be781ed28c10638eb6f036d40679b69c1da42cc2bfe885da7fa921092651b0c6eeb34de07a00e0ca0adeb2c1feb015dfe0e0ea4bebe1e05be2b1dd836081f1774d608757d91421b91029db174e4fb5428437c31ba64099606b69cdcd83f4ea511fa97da4112c83eab436b1ba941465ac206a8f48c18a2253d7b314e3c8a19d42e254d1e0795cf6b0007aa81034d29f4d7e4a0a596105ecd139fa18c88e1f953dd4b454a2096e14ae8733e33ea8697b268c07fec15234b2cfb5678cf4345cd00c9959a0520ff45ae7b7411cdc067a1069907f3780b15b56c96fc505ec6c6975327c348ca0a23c1deb1f5890fc25bec8424949bdf23c314e08de883891d6753e77052bca2959911d378173a45b1b2ccce8a036b585716da11fb9cdb135460f8acb3179ed30ef1eca1927fa0b8458f66755ecc5d7bb9d706e3b2d0c01dca23ec8ba696baf132199b20aa8897938214f81ec8a549ca3c3edf70f8cf3e9900074007b1c184fc4aa30abce4f7a4bcf083520710970f2b7b4f2c0ad008b7aeff389831c1970fd317097666e9a90467425c96fad04457580677218441b71125bdba5846d570348eb1bd6effc3870cd9c3f9c9bc96d3444211ddc7aae06f796df2a78d7a670c2072a5d2b212aef737dc6df423f50dea398c7bf146b2db22e42b723bbef4cc8d457d72eaccd6daa67f43054803cc44781319cfd4df5c14e5ada1acde4876bc8d797b95067e4627ab353086c57395e5c446a8add31887af4aeb9f22e65d8d565a90d57933fa09273f500697a58149273dcdbb2c20fb542fa3fde3be0498954d030d819bc1a2de9180b68f6cc7dacd6aa704c9809eb63b38eef066f9776483f65a92729b4277baeffc3c8ef0ab6111e2049da0fad2f0b2b7771837220b8fc0e2457516db794bccb8cb34d799f096964fd04bce91350f348207813a6f51640bc0d8b9c4f95892c296ef68961ab90e809a51a1eef2cb4365b66063d50902aeeba73ead9564da1c62fe5b8b12bf49024f710ff0bc9b5807ff9dd045746677c8522a4b0841224b6c56ba75a3f768ac3096e97d22db9dc1b7d0668c32f834feabd10789b233b0b11fc7cf531998383490b1372c798e9ee02379aca07a887653c64d3b8fd96797e371940bc108abf6c3ecf69549d2abeb2ea09105778e26cd3f08b90c7007c7eeedffad59b8b3c04faa88cd39d8e23154b0b230c71519d3e6b0af4b1017499a6292723e426334b229b635fe8761a2e99965646357cb1f80eff948142970d7aca2e7748322583f5dc68880de9d4fc13eedd26cfe9d78e90efb868c3d2d0ac18dd82c55b9bd299b035f67603cb11a92f603c8c98b81c588789d5ab0b0421f4dec920d88386d5b2d64586b19bf72b65a28d480d4ec7ba5fa7a4b577ac3e670e307b601bef1a8924787c0fd72989671a30ec843cfbe0ddbab61b1c0e316071e0bd488fcc17b677355f6f1feab32a44bcbc411786c002738c11c4fb5af07bd679f1f6150f2d270d48cd87caa58d437651c4568dea65cb6ffec7ae7b5c8b973dac75586b7f57b3774ca836ed0fb4d212f89c79cce4a1493076a509e9811355aa3447747d2f6d9dbfc4590996a56951f66bfe76d7b2a11893e02579887338c4928372c1d837e9b92a7c1b73671427f51f73c03cd9e3ba437204bed525f2ddde1aac15cf090b10e7f540845c6d643e6d421c4421c9e578e98bd80847ac3eb6687438d2e388b83a987be5479140e7ca2c4dfc038bf82b03faf75924f7fe82bfbf4f7cd25a2105d8db7b07d847ad1edca94323f744cc54640f929dcb6e93509336150469c575b16669d6671b61ab0418d67a90d0eafdc6287ebcb486ef990da526151d1309e2deb5a5ba25b705552052017ae242a77694080b2c648e35044fc731f3fa63e90c52550c26af75517285ca22696b655274e986c076a6cff721ab202c6d3634a88bc860967bc9fa2853f595851c421e3677b4c938a5684cbf45fb78214e8ce47dadf1f25e281ea092b857dd8d61bc4224ace14741320ce9ee63f2a5eef59cf1af1cd4b856ceae09b87eb2c67b6c3dc160da2c178138927eef6762163fe1dcc26e49edca9e1dd6fba3ab0b262d83a2d26939ceedb64974f34726c22a6139c7c63103415e287ded358d7f0b6c93bc626baf81f0efb0690bf790af70f1ac565b01790927ef36a942d3c1e4961ba5e04465a5520e6982c25df1f10db7093aca5959f0c2804cfd3093fa0ca03405d08cb8aa5c1731a6700462c96c7d015fb90fab5da3c366af9230a4e19e0c2dd92f4c24e7e825083332c6dcca9160a3e53c0227b4f41e8b9ffdf5d515efe2d4d665e92a774b2e4bcad4228c8ef58343706cff0e393345a4dcd78073ef1664d23eef7313e3726713bc625cf0cc1bee43ee1a39d615ada40495be8ddb43d6fe18c5b7e79216bd93bd1ee8cd74b8f23a910770b0b4b13e9048cad746929c1594d0b30cabe0529a20eb055e7f42508317e3cfb9b0f564aaa02288173265e75b5b4eb749d4fa04a015be84d02c3cc25b805cea8640d13275ba91d8e5f0ed6865f4eede33c99b7dcb5f81117a0fb18a7fff9bfe90deb327ed5d8da6e56809ef31d8d7e35736cee5521cc57b4356558af88f60f4554d5e12cc61f00c2177ddaa778a5aaba2dd07ef29f72775412ffb1374eea064ee33b5ea5c998b720999e23e7596797960ccd212b1ba46095cb17cc5affd87fbeb82fc345a2ae3f185f9da92e316d545eb4e42b5afc84eb0083c0ea8f4652c0432ead6fcf0c5bd1fe311d2423ea1b96658869f2889962ac40b655dd364811e4433ed1b3ba185f35499b2c79c0be7d01724b3ceea29f35a80703f9352e2100df201998f5d008b13492e7c1fd408dbf4713175f319118ce763ba241c534b4e003cade6c6a92075ce14537e36f5410d46d856c401320ca2d21211786fddcfc70a2ebf108c09c6b92a202e510b55358a26c88232b01d61bc4b43f0595b5015f302391d1ffd00e8937aeef9308ce30904fbf3b0b7b90e93bd51a1762d6f6d59e87b0701fddf80f951e75e1e8403bcf80a09454533995b3c6a030e34678bd34c2da0b344ba25c3d43207443aefab8866e3025887a42d584b8bd053f5e8c34610e5758f5497ace6781677e0e0ad1dadb5213f5b5156d1bf21f8f8efe6c0dc64a2e286f568803a9447143527bae17b4db53957832e5d646769ed50c8772641bd204f583c1732ed0230cdd03201e32fa9b7b54ffc65147c02c5134875a61f493bc34cca0fab088aa0bd1521a6f19568f2526314b7243ffc833cde93b6e2c7372830d315b7880b7640c3556da959a4148572a07b17d9a062272ab2bf88a070a18e6c195ae07977975bbd844462765541b7ac63ab4c0e17239e16a7174b1b36f3e76366ee813482e92ec9259536926495d56248c6afd09d7babe07a62626dd00e82bc93099a24f85b86b9c911e8763d56bcac2410f8e9139f77df9aae4b9b9079a318c6d858a6e6b7f9ba3c98f1cbd2923bd16b90", 0x1000) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 122.981066][ T8604] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 123.012449][ T8614] loop4: detected capacity change from 0 to 16 08:50:12 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) [ 123.065507][ T8621] FAT-fs (loop2): bogus number of reserved sectors [ 123.072073][ T8621] FAT-fs (loop2): Can't find a valid FAT filesystem [ 123.079422][ T8625] FAT-fs (loop5): bogus number of reserved sectors [ 123.086929][ T8625] FAT-fs (loop5): Can't find a valid FAT filesystem [ 123.091915][ T8629] loop4: detected capacity change from 0 to 16 08:50:12 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c0000006800"], 0x1c}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8) splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x0) 08:50:12 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:50:12 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, 0x0, 0x0, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x16, &(0x7f0000000280)="5f579ed79400a9c94fd8af556f2cb0453f46823f62428604e722ea22e3d2adb04cd5e1ac63bc76c984c9ae0036529ee534505051a0c1d70bcbe616385fd4a0e1e3953d2afcb5da8bef8f2dff4591ed13471d61ccba1997686490be5a9e8d5fd701e7cf1360ff0ddeb54b63cd83ef47dfee396e16da79fdb6bd7d51accf5517c4fad6ad29b6736ff820e6f1c96c10c0cc9484ac4f217468bb00db28e231029100c67d3e9443df9262a4e30862f9ac31ebde4664baab5c7b95f677eecfa9269442f2b05b1d74ffb705f71089bd934aa275b54c277db5d0b7e0c8f5c305ccdc60d8f88dac0b8eb57ee141d08d7a90bd145a9396248cc1f6ea6c6c0bc1327fd77934ea5ef93bbec3a49ef8eb87f3160c436b2b5e0b4581c9f0851123a3632e19cde75f16ba683172139eda87314518bf5f577bd1a579c183e26b4a1f12ee0b1c5cba97f1e69348a53afa56e93cc0dad5da9363a6e06d3109c4a4a54a5cbfc3d460d837ab1e38ac4cf71711dcf57f9cb0ce01dfc74c370ea40c2524ba930563f602cf603702a95083db3d762219c6a0e63533ca3fe1e8df336c43649d7e1e55ac5263627f8c0557024b6df89ffe6f07162f6dbcb3cf12071922e15fda068943909ebd158fed261beded5d03e3a271899ecafd74b5932918f336926ab4e801cd17b0bdc4c5ba9258f3471cb9292b00fb87d427c225ce941b6f47e656d12951fcbb04a85e9b913322be649e26ac1ca63816796bf149e88eaa48b8a034c93075467b20e317fcc0a1c20f6cb6288005b50f155217037c7750df484b0e393350978d78e8518402bfea892e455d1380a4a3418d336bac19cc839167736ead4e15af72b0103aea017d756edbd3147c55a0ccec74199f1eb9eb817a3351df39fbffd85149601ad7c074aff3856e90eed3bbca5702db3620b089a36b278ea7238d5a799b41c818c90869de9db9be5cd2919cc4b043bf9a80c34b461eef6ab0feb7fa9dfc67ee30548bc7301115f8d82dc2a88a798a708df684a5c7a018a4abda559072c6a163c4d321df4a9d88ec57785b7e54118ee445427015db07c1ae47f7e10b5d038d889ba401ba1273add2ebca5f3422fd2da6e3efc3563d8f9e545b16147cc6cccc586b1c4d665d8e624db0b1be87c4bfe8f1d6303e7975727aef35aceb85d2916fee4ba5af8705065e2a8ddec6ade155a1d27ce8a98f80e1739bb268d4b3247bbac21ecaa5558b4635056b5935422bbcb51b3b98f647ff3e5f61e43720b8cee5b95b78b6d9211cf38ed12b676b411797b1a1dbeb7d3a3633d6f1b8af01c2c6e6b4bc73280743d148a621e5915f4e344f75d42bbfaa769be8625e64a72f516098101bf7459ffbf89316067b8df337964dca69cdf8a1c2d6d51e3a1c92c0c80b807b5ad0c5f92df54b7b551acdf41c3058fbd52d03b50abe7e0acb50f4f77ad30164f146c4ce766cde532ea7e7f650137332fa444f7414c22c968f32c6d0e977b39ceabb72dcea722a7dfb583fb885066496cacc20af767f50c5f4b86499c054db70a6b59bead1d269b997a85fd7eb81596696b0717443a3754d45815f0718a99c594a311879ddb23e4611c15f857aeb3af425b367b23300d3ffd63a3589aa89a7dd9933375897090eab1589653dd5c7e437d15ef42e2901653f9d0b5eb802ce90800326deaa68c3647933043954a403531a1f698df58bd439bb14cf34a60fc1e55fafbf2d3c1fe476bb76dbb948fb3dd4b1b03ab03120762be4f540778ccb89e0aee5418e6c51b65c43ae29f04d8b200d5cb27a804e9c981dda2278a8276db77121139f366d94a7783d669ee190bb2b16c1fe72091014945b48042c5fe1944d7b62634fd016a526d7246ebcf56e5b6201232ae13f18a48a8ace28d6add02a4ca7c85b9eee00fa13073c1c6c13e3eed2e2bfb5e826b1c6d99318018e896b35ee0ee2013bb22b86b75148390fe0932a15d6433d39f56eb66c5093a227d6db4c46b893604100ce0fc16221af87f9bc4e6a7198b3ca71b1ce0984fee1c174ea106736d283760e7c332f5f90cd7bd20b99587062fcebcf6e2b4936002b9cd9ec781fbd1539ea0ee280d20a3f276d0576d2cb77009b47b5743c5e43d8a0aefb7216e0f72f2a6713d24e1405fd105cabb8a3633b828ad0bec8a2858d4dfb5e2bb21472d5cacfdb81c420e53e3fc0b3d8f65cbc2c464dd349ac087c09d6a10ece32f0533c32b844110508a8ab62c491209678e117e4305bf193ed7a441241007dbd7adcde5bf4efda6d0def06e0e9f6cac90183477cf55e54f8be781ed28c10638eb6f036d40679b69c1da42cc2bfe885da7fa921092651b0c6eeb34de07a00e0ca0adeb2c1feb015dfe0e0ea4bebe1e05be2b1dd836081f1774d608757d91421b91029db174e4fb5428437c31ba64099606b69cdcd83f4ea511fa97da4112c83eab436b1ba941465ac206a8f48c18a2253d7b314e3c8a19d42e254d1e0795cf6b0007aa81034d29f4d7e4a0a596105ecd139fa18c88e1f953dd4b454a2096e14ae8733e33ea8697b268c07fec15234b2cfb5678cf4345cd00c9959a0520ff45ae7b7411cdc067a1069907f3780b15b56c96fc505ec6c6975327c348ca0a23c1deb1f5890fc25bec8424949bdf23c314e08de883891d6753e77052bca2959911d378173a45b1b2ccce8a036b585716da11fb9cdb135460f8acb3179ed30ef1eca1927fa0b8458f66755ecc5d7bb9d706e3b2d0c01dca23ec8ba696baf132199b20aa8897938214f81ec8a549ca3c3edf70f8cf3e9900074007b1c184fc4aa30abce4f7a4bcf083520710970f2b7b4f2c0ad008b7aeff389831c1970fd317097666e9a90467425c96fad04457580677218441b71125bdba5846d570348eb1bd6effc3870cd9c3f9c9bc96d3444211ddc7aae06f796df2a78d7a670c2072a5d2b212aef737dc6df423f50dea398c7bf146b2db22e42b723bbef4cc8d457d72eaccd6daa67f43054803cc44781319cfd4df5c14e5ada1acde4876bc8d797b95067e4627ab353086c57395e5c446a8add31887af4aeb9f22e65d8d565a90d57933fa09273f500697a58149273dcdbb2c20fb542fa3fde3be0498954d030d819bc1a2de9180b68f6cc7dacd6aa704c9809eb63b38eef066f9776483f65a92729b4277baeffc3c8ef0ab6111e2049da0fad2f0b2b7771837220b8fc0e2457516db794bccb8cb34d799f096964fd04bce91350f348207813a6f51640bc0d8b9c4f95892c296ef68961ab90e809a51a1eef2cb4365b66063d50902aeeba73ead9564da1c62fe5b8b12bf49024f710ff0bc9b5807ff9dd045746677c8522a4b0841224b6c56ba75a3f768ac3096e97d22db9dc1b7d0668c32f834feabd10789b233b0b11fc7cf531998383490b1372c798e9ee02379aca07a887653c64d3b8fd96797e371940bc108abf6c3ecf69549d2abeb2ea09105778e26cd3f08b90c7007c7eeedffad59b8b3c04faa88cd39d8e23154b0b230c71519d3e6b0af4b1017499a6292723e426334b229b635fe8761a2e99965646357cb1f80eff948142970d7aca2e7748322583f5dc68880de9d4fc13eedd26cfe9d78e90efb868c3d2d0ac18dd82c55b9bd299b035f67603cb11a92f603c8c98b81c588789d5ab0b0421f4dec920d88386d5b2d64586b19bf72b65a28d480d4ec7ba5fa7a4b577ac3e670e307b601bef1a8924787c0fd72989671a30ec843cfbe0ddbab61b1c0e316071e0bd488fcc17b677355f6f1feab32a44bcbc411786c002738c11c4fb5af07bd679f1f6150f2d270d48cd87caa58d437651c4568dea65cb6ffec7ae7b5c8b973dac75586b7f57b3774ca836ed0fb4d212f89c79cce4a1493076a509e9811355aa3447747d2f6d9dbfc4590996a56951f66bfe76d7b2a11893e02579887338c4928372c1d837e9b92a7c1b73671427f51f73c03cd9e3ba437204bed525f2ddde1aac15cf090b10e7f540845c6d643e6d421c4421c9e578e98bd80847ac3eb6687438d2e388b83a987be5479140e7ca2c4dfc038bf82b03faf75924f7fe82bfbf4f7cd25a2105d8db7b07d847ad1edca94323f744cc54640f929dcb6e93509336150469c575b16669d6671b61ab0418d67a90d0eafdc6287ebcb486ef990da526151d1309e2deb5a5ba25b705552052017ae242a77694080b2c648e35044fc731f3fa63e90c52550c26af75517285ca22696b655274e986c076a6cff721ab202c6d3634a88bc860967bc9fa2853f595851c421e3677b4c938a5684cbf45fb78214e8ce47dadf1f25e281ea092b857dd8d61bc4224ace14741320ce9ee63f2a5eef59cf1af1cd4b856ceae09b87eb2c67b6c3dc160da2c178138927eef6762163fe1dcc26e49edca9e1dd6fba3ab0b262d83a2d26939ceedb64974f34726c22a6139c7c63103415e287ded358d7f0b6c93bc626baf81f0efb0690bf790af70f1ac565b01790927ef36a942d3c1e4961ba5e04465a5520e6982c25df1f10db7093aca5959f0c2804cfd3093fa0ca03405d08cb8aa5c1731a6700462c96c7d015fb90fab5da3c366af9230a4e19e0c2dd92f4c24e7e825083332c6dcca9160a3e53c0227b4f41e8b9ffdf5d515efe2d4d665e92a774b2e4bcad4228c8ef58343706cff0e393345a4dcd78073ef1664d23eef7313e3726713bc625cf0cc1bee43ee1a39d615ada40495be8ddb43d6fe18c5b7e79216bd93bd1ee8cd74b8f23a910770b0b4b13e9048cad746929c1594d0b30cabe0529a20eb055e7f42508317e3cfb9b0f564aaa02288173265e75b5b4eb749d4fa04a015be84d02c3cc25b805cea8640d13275ba91d8e5f0ed6865f4eede33c99b7dcb5f81117a0fb18a7fff9bfe90deb327ed5d8da6e56809ef31d8d7e35736cee5521cc57b4356558af88f60f4554d5e12cc61f00c2177ddaa778a5aaba2dd07ef29f72775412ffb1374eea064ee33b5ea5c998b720999e23e7596797960ccd212b1ba46095cb17cc5affd87fbeb82fc345a2ae3f185f9da92e316d545eb4e42b5afc84eb0083c0ea8f4652c0432ead6fcf0c5bd1fe311d2423ea1b96658869f2889962ac40b655dd364811e4433ed1b3ba185f35499b2c79c0be7d01724b3ceea29f35a80703f9352e2100df201998f5d008b13492e7c1fd408dbf4713175f319118ce763ba241c534b4e003cade6c6a92075ce14537e36f5410d46d856c401320ca2d21211786fddcfc70a2ebf108c09c6b92a202e510b55358a26c88232b01d61bc4b43f0595b5015f302391d1ffd00e8937aeef9308ce30904fbf3b0b7b90e93bd51a1762d6f6d59e87b0701fddf80f951e75e1e8403bcf80a09454533995b3c6a030e34678bd34c2da0b344ba25c3d43207443aefab8866e3025887a42d584b8bd053f5e8c34610e5758f5497ace6781677e0e0ad1dadb5213f5b5156d1bf21f8f8efe6c0dc64a2e286f568803a9447143527bae17b4db53957832e5d646769ed50c8772641bd204f583c1732ed0230cdd03201e32fa9b7b54ffc65147c02c5134875a61f493bc34cca0fab088aa0bd1521a6f19568f2526314b7243ffc833cde93b6e2c7372830d315b7880b7640c3556da959a4148572a07b17d9a062272ab2bf88a070a18e6c195ae07977975bbd844462765541b7ac63ab4c0e17239e16a7174b1b36f3e76366ee813482e92ec9259536926495d56248c6afd09d7babe07a62626dd00e82bc93099a24f85b86b9c911e8763d56bcac2410f8e9139f77df9aae4b9b9079a318c6d858a6e6b7f9ba3c98f1cbd2923bd16b90", 0x1000) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:12 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(0xffffffffffffffff, &(0x7f0000000200), 0xf000) 08:50:12 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:12 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:12 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, 0x0, 0x0, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x16, &(0x7f0000000280)="5f579ed79400a9c94fd8af556f2cb0453f46823f62428604e722ea22e3d2adb04cd5e1ac63bc76c984c9ae0036529ee534505051a0c1d70bcbe616385fd4a0e1e3953d2afcb5da8bef8f2dff4591ed13471d61ccba1997686490be5a9e8d5fd701e7cf1360ff0ddeb54b63cd83ef47dfee396e16da79fdb6bd7d51accf5517c4fad6ad29b6736ff820e6f1c96c10c0cc9484ac4f217468bb00db28e231029100c67d3e9443df9262a4e30862f9ac31ebde4664baab5c7b95f677eecfa9269442f2b05b1d74ffb705f71089bd934aa275b54c277db5d0b7e0c8f5c305ccdc60d8f88dac0b8eb57ee141d08d7a90bd145a9396248cc1f6ea6c6c0bc1327fd77934ea5ef93bbec3a49ef8eb87f3160c436b2b5e0b4581c9f0851123a3632e19cde75f16ba683172139eda87314518bf5f577bd1a579c183e26b4a1f12ee0b1c5cba97f1e69348a53afa56e93cc0dad5da9363a6e06d3109c4a4a54a5cbfc3d460d837ab1e38ac4cf71711dcf57f9cb0ce01dfc74c370ea40c2524ba930563f602cf603702a95083db3d762219c6a0e63533ca3fe1e8df336c43649d7e1e55ac5263627f8c0557024b6df89ffe6f07162f6dbcb3cf12071922e15fda068943909ebd158fed261beded5d03e3a271899ecafd74b5932918f336926ab4e801cd17b0bdc4c5ba9258f3471cb9292b00fb87d427c225ce941b6f47e656d12951fcbb04a85e9b913322be649e26ac1ca63816796bf149e88eaa48b8a034c93075467b20e317fcc0a1c20f6cb6288005b50f155217037c7750df484b0e393350978d78e8518402bfea892e455d1380a4a3418d336bac19cc839167736ead4e15af72b0103aea017d756edbd3147c55a0ccec74199f1eb9eb817a3351df39fbffd85149601ad7c074aff3856e90eed3bbca5702db3620b089a36b278ea7238d5a799b41c818c90869de9db9be5cd2919cc4b043bf9a80c34b461eef6ab0feb7fa9dfc67ee30548bc7301115f8d82dc2a88a798a708df684a5c7a018a4abda559072c6a163c4d321df4a9d88ec57785b7e54118ee445427015db07c1ae47f7e10b5d038d889ba401ba1273add2ebca5f3422fd2da6e3efc3563d8f9e545b16147cc6cccc586b1c4d665d8e624db0b1be87c4bfe8f1d6303e7975727aef35aceb85d2916fee4ba5af8705065e2a8ddec6ade155a1d27ce8a98f80e1739bb268d4b3247bbac21ecaa5558b4635056b5935422bbcb51b3b98f647ff3e5f61e43720b8cee5b95b78b6d9211cf38ed12b676b411797b1a1dbeb7d3a3633d6f1b8af01c2c6e6b4bc73280743d148a621e5915f4e344f75d42bbfaa769be8625e64a72f516098101bf7459ffbf89316067b8df337964dca69cdf8a1c2d6d51e3a1c92c0c80b807b5ad0c5f92df54b7b551acdf41c3058fbd52d03b50abe7e0acb50f4f77ad30164f146c4ce766cde532ea7e7f650137332fa444f7414c22c968f32c6d0e977b39ceabb72dcea722a7dfb583fb885066496cacc20af767f50c5f4b86499c054db70a6b59bead1d269b997a85fd7eb81596696b0717443a3754d45815f0718a99c594a311879ddb23e4611c15f857aeb3af425b367b23300d3ffd63a3589aa89a7dd9933375897090eab1589653dd5c7e437d15ef42e2901653f9d0b5eb802ce90800326deaa68c3647933043954a403531a1f698df58bd439bb14cf34a60fc1e55fafbf2d3c1fe476bb76dbb948fb3dd4b1b03ab03120762be4f540778ccb89e0aee5418e6c51b65c43ae29f04d8b200d5cb27a804e9c981dda2278a8276db77121139f366d94a7783d669ee190bb2b16c1fe72091014945b48042c5fe1944d7b62634fd016a526d7246ebcf56e5b6201232ae13f18a48a8ace28d6add02a4ca7c85b9eee00fa13073c1c6c13e3eed2e2bfb5e826b1c6d99318018e896b35ee0ee2013bb22b86b75148390fe0932a15d6433d39f56eb66c5093a227d6db4c46b893604100ce0fc16221af87f9bc4e6a7198b3ca71b1ce0984fee1c174ea106736d283760e7c332f5f90cd7bd20b99587062fcebcf6e2b4936002b9cd9ec781fbd1539ea0ee280d20a3f276d0576d2cb77009b47b5743c5e43d8a0aefb7216e0f72f2a6713d24e1405fd105cabb8a3633b828ad0bec8a2858d4dfb5e2bb21472d5cacfdb81c420e53e3fc0b3d8f65cbc2c464dd349ac087c09d6a10ece32f0533c32b844110508a8ab62c491209678e117e4305bf193ed7a441241007dbd7adcde5bf4efda6d0def06e0e9f6cac90183477cf55e54f8be781ed28c10638eb6f036d40679b69c1da42cc2bfe885da7fa921092651b0c6eeb34de07a00e0ca0adeb2c1feb015dfe0e0ea4bebe1e05be2b1dd836081f1774d608757d91421b91029db174e4fb5428437c31ba64099606b69cdcd83f4ea511fa97da4112c83eab436b1ba941465ac206a8f48c18a2253d7b314e3c8a19d42e254d1e0795cf6b0007aa81034d29f4d7e4a0a596105ecd139fa18c88e1f953dd4b454a2096e14ae8733e33ea8697b268c07fec15234b2cfb5678cf4345cd00c9959a0520ff45ae7b7411cdc067a1069907f3780b15b56c96fc505ec6c6975327c348ca0a23c1deb1f5890fc25bec8424949bdf23c314e08de883891d6753e77052bca2959911d378173a45b1b2ccce8a036b585716da11fb9cdb135460f8acb3179ed30ef1eca1927fa0b8458f66755ecc5d7bb9d706e3b2d0c01dca23ec8ba696baf132199b20aa8897938214f81ec8a549ca3c3edf70f8cf3e9900074007b1c184fc4aa30abce4f7a4bcf083520710970f2b7b4f2c0ad008b7aeff389831c1970fd317097666e9a90467425c96fad04457580677218441b71125bdba5846d570348eb1bd6effc3870cd9c3f9c9bc96d3444211ddc7aae06f796df2a78d7a670c2072a5d2b212aef737dc6df423f50dea398c7bf146b2db22e42b723bbef4cc8d457d72eaccd6daa67f43054803cc44781319cfd4df5c14e5ada1acde4876bc8d797b95067e4627ab353086c57395e5c446a8add31887af4aeb9f22e65d8d565a90d57933fa09273f500697a58149273dcdbb2c20fb542fa3fde3be0498954d030d819bc1a2de9180b68f6cc7dacd6aa704c9809eb63b38eef066f9776483f65a92729b4277baeffc3c8ef0ab6111e2049da0fad2f0b2b7771837220b8fc0e2457516db794bccb8cb34d799f096964fd04bce91350f348207813a6f51640bc0d8b9c4f95892c296ef68961ab90e809a51a1eef2cb4365b66063d50902aeeba73ead9564da1c62fe5b8b12bf49024f710ff0bc9b5807ff9dd045746677c8522a4b0841224b6c56ba75a3f768ac3096e97d22db9dc1b7d0668c32f834feabd10789b233b0b11fc7cf531998383490b1372c798e9ee02379aca07a887653c64d3b8fd96797e371940bc108abf6c3ecf69549d2abeb2ea09105778e26cd3f08b90c7007c7eeedffad59b8b3c04faa88cd39d8e23154b0b230c71519d3e6b0af4b1017499a6292723e426334b229b635fe8761a2e99965646357cb1f80eff948142970d7aca2e7748322583f5dc68880de9d4fc13eedd26cfe9d78e90efb868c3d2d0ac18dd82c55b9bd299b035f67603cb11a92f603c8c98b81c588789d5ab0b0421f4dec920d88386d5b2d64586b19bf72b65a28d480d4ec7ba5fa7a4b577ac3e670e307b601bef1a8924787c0fd72989671a30ec843cfbe0ddbab61b1c0e316071e0bd488fcc17b677355f6f1feab32a44bcbc411786c002738c11c4fb5af07bd679f1f6150f2d270d48cd87caa58d437651c4568dea65cb6ffec7ae7b5c8b973dac75586b7f57b3774ca836ed0fb4d212f89c79cce4a1493076a509e9811355aa3447747d2f6d9dbfc4590996a56951f66bfe76d7b2a11893e02579887338c4928372c1d837e9b92a7c1b73671427f51f73c03cd9e3ba437204bed525f2ddde1aac15cf090b10e7f540845c6d643e6d421c4421c9e578e98bd80847ac3eb6687438d2e388b83a987be5479140e7ca2c4dfc038bf82b03faf75924f7fe82bfbf4f7cd25a2105d8db7b07d847ad1edca94323f744cc54640f929dcb6e93509336150469c575b16669d6671b61ab0418d67a90d0eafdc6287ebcb486ef990da526151d1309e2deb5a5ba25b705552052017ae242a77694080b2c648e35044fc731f3fa63e90c52550c26af75517285ca22696b655274e986c076a6cff721ab202c6d3634a88bc860967bc9fa2853f595851c421e3677b4c938a5684cbf45fb78214e8ce47dadf1f25e281ea092b857dd8d61bc4224ace14741320ce9ee63f2a5eef59cf1af1cd4b856ceae09b87eb2c67b6c3dc160da2c178138927eef6762163fe1dcc26e49edca9e1dd6fba3ab0b262d83a2d26939ceedb64974f34726c22a6139c7c63103415e287ded358d7f0b6c93bc626baf81f0efb0690bf790af70f1ac565b01790927ef36a942d3c1e4961ba5e04465a5520e6982c25df1f10db7093aca5959f0c2804cfd3093fa0ca03405d08cb8aa5c1731a6700462c96c7d015fb90fab5da3c366af9230a4e19e0c2dd92f4c24e7e825083332c6dcca9160a3e53c0227b4f41e8b9ffdf5d515efe2d4d665e92a774b2e4bcad4228c8ef58343706cff0e393345a4dcd78073ef1664d23eef7313e3726713bc625cf0cc1bee43ee1a39d615ada40495be8ddb43d6fe18c5b7e79216bd93bd1ee8cd74b8f23a910770b0b4b13e9048cad746929c1594d0b30cabe0529a20eb055e7f42508317e3cfb9b0f564aaa02288173265e75b5b4eb749d4fa04a015be84d02c3cc25b805cea8640d13275ba91d8e5f0ed6865f4eede33c99b7dcb5f81117a0fb18a7fff9bfe90deb327ed5d8da6e56809ef31d8d7e35736cee5521cc57b4356558af88f60f4554d5e12cc61f00c2177ddaa778a5aaba2dd07ef29f72775412ffb1374eea064ee33b5ea5c998b720999e23e7596797960ccd212b1ba46095cb17cc5affd87fbeb82fc345a2ae3f185f9da92e316d545eb4e42b5afc84eb0083c0ea8f4652c0432ead6fcf0c5bd1fe311d2423ea1b96658869f2889962ac40b655dd364811e4433ed1b3ba185f35499b2c79c0be7d01724b3ceea29f35a80703f9352e2100df201998f5d008b13492e7c1fd408dbf4713175f319118ce763ba241c534b4e003cade6c6a92075ce14537e36f5410d46d856c401320ca2d21211786fddcfc70a2ebf108c09c6b92a202e510b55358a26c88232b01d61bc4b43f0595b5015f302391d1ffd00e8937aeef9308ce30904fbf3b0b7b90e93bd51a1762d6f6d59e87b0701fddf80f951e75e1e8403bcf80a09454533995b3c6a030e34678bd34c2da0b344ba25c3d43207443aefab8866e3025887a42d584b8bd053f5e8c34610e5758f5497ace6781677e0e0ad1dadb5213f5b5156d1bf21f8f8efe6c0dc64a2e286f568803a9447143527bae17b4db53957832e5d646769ed50c8772641bd204f583c1732ed0230cdd03201e32fa9b7b54ffc65147c02c5134875a61f493bc34cca0fab088aa0bd1521a6f19568f2526314b7243ffc833cde93b6e2c7372830d315b7880b7640c3556da959a4148572a07b17d9a062272ab2bf88a070a18e6c195ae07977975bbd844462765541b7ac63ab4c0e17239e16a7174b1b36f3e76366ee813482e92ec9259536926495d56248c6afd09d7babe07a62626dd00e82bc93099a24f85b86b9c911e8763d56bcac2410f8e9139f77df9aae4b9b9079a318c6d858a6e6b7f9ba3c98f1cbd2923bd16b90", 0x1000) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:12 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, 0x0, 0x0) [ 123.776067][ T8647] loop4: detected capacity change from 0 to 16 [ 123.779834][ T8648] loop2: detected capacity change from 0 to 16 [ 123.797376][ T8651] FAT-fs (loop5): bogus number of reserved sectors [ 123.803945][ T8651] FAT-fs (loop5): Can't find a valid FAT filesystem 08:50:12 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:50:12 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, 0x0, 0x0, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x16, &(0x7f0000000280)="5f579ed79400a9c94fd8af556f2cb0453f46823f62428604e722ea22e3d2adb04cd5e1ac63bc76c984c9ae0036529ee534505051a0c1d70bcbe616385fd4a0e1e3953d2afcb5da8bef8f2dff4591ed13471d61ccba1997686490be5a9e8d5fd701e7cf1360ff0ddeb54b63cd83ef47dfee396e16da79fdb6bd7d51accf5517c4fad6ad29b6736ff820e6f1c96c10c0cc9484ac4f217468bb00db28e231029100c67d3e9443df9262a4e30862f9ac31ebde4664baab5c7b95f677eecfa9269442f2b05b1d74ffb705f71089bd934aa275b54c277db5d0b7e0c8f5c305ccdc60d8f88dac0b8eb57ee141d08d7a90bd145a9396248cc1f6ea6c6c0bc1327fd77934ea5ef93bbec3a49ef8eb87f3160c436b2b5e0b4581c9f0851123a3632e19cde75f16ba683172139eda87314518bf5f577bd1a579c183e26b4a1f12ee0b1c5cba97f1e69348a53afa56e93cc0dad5da9363a6e06d3109c4a4a54a5cbfc3d460d837ab1e38ac4cf71711dcf57f9cb0ce01dfc74c370ea40c2524ba930563f602cf603702a95083db3d762219c6a0e63533ca3fe1e8df336c43649d7e1e55ac5263627f8c0557024b6df89ffe6f07162f6dbcb3cf12071922e15fda068943909ebd158fed261beded5d03e3a271899ecafd74b5932918f336926ab4e801cd17b0bdc4c5ba9258f3471cb9292b00fb87d427c225ce941b6f47e656d12951fcbb04a85e9b913322be649e26ac1ca63816796bf149e88eaa48b8a034c93075467b20e317fcc0a1c20f6cb6288005b50f155217037c7750df484b0e393350978d78e8518402bfea892e455d1380a4a3418d336bac19cc839167736ead4e15af72b0103aea017d756edbd3147c55a0ccec74199f1eb9eb817a3351df39fbffd85149601ad7c074aff3856e90eed3bbca5702db3620b089a36b278ea7238d5a799b41c818c90869de9db9be5cd2919cc4b043bf9a80c34b461eef6ab0feb7fa9dfc67ee30548bc7301115f8d82dc2a88a798a708df684a5c7a018a4abda559072c6a163c4d321df4a9d88ec57785b7e54118ee445427015db07c1ae47f7e10b5d038d889ba401ba1273add2ebca5f3422fd2da6e3efc3563d8f9e545b16147cc6cccc586b1c4d665d8e624db0b1be87c4bfe8f1d6303e7975727aef35aceb85d2916fee4ba5af8705065e2a8ddec6ade155a1d27ce8a98f80e1739bb268d4b3247bbac21ecaa5558b4635056b5935422bbcb51b3b98f647ff3e5f61e43720b8cee5b95b78b6d9211cf38ed12b676b411797b1a1dbeb7d3a3633d6f1b8af01c2c6e6b4bc73280743d148a621e5915f4e344f75d42bbfaa769be8625e64a72f516098101bf7459ffbf89316067b8df337964dca69cdf8a1c2d6d51e3a1c92c0c80b807b5ad0c5f92df54b7b551acdf41c3058fbd52d03b50abe7e0acb50f4f77ad30164f146c4ce766cde532ea7e7f650137332fa444f7414c22c968f32c6d0e977b39ceabb72dcea722a7dfb583fb885066496cacc20af767f50c5f4b86499c054db70a6b59bead1d269b997a85fd7eb81596696b0717443a3754d45815f0718a99c594a311879ddb23e4611c15f857aeb3af425b367b23300d3ffd63a3589aa89a7dd9933375897090eab1589653dd5c7e437d15ef42e2901653f9d0b5eb802ce90800326deaa68c3647933043954a403531a1f698df58bd439bb14cf34a60fc1e55fafbf2d3c1fe476bb76dbb948fb3dd4b1b03ab03120762be4f540778ccb89e0aee5418e6c51b65c43ae29f04d8b200d5cb27a804e9c981dda2278a8276db77121139f366d94a7783d669ee190bb2b16c1fe72091014945b48042c5fe1944d7b62634fd016a526d7246ebcf56e5b6201232ae13f18a48a8ace28d6add02a4ca7c85b9eee00fa13073c1c6c13e3eed2e2bfb5e826b1c6d99318018e896b35ee0ee2013bb22b86b75148390fe0932a15d6433d39f56eb66c5093a227d6db4c46b893604100ce0fc16221af87f9bc4e6a7198b3ca71b1ce0984fee1c174ea106736d283760e7c332f5f90cd7bd20b99587062fcebcf6e2b4936002b9cd9ec781fbd1539ea0ee280d20a3f276d0576d2cb77009b47b5743c5e43d8a0aefb7216e0f72f2a6713d24e1405fd105cabb8a3633b828ad0bec8a2858d4dfb5e2bb21472d5cacfdb81c420e53e3fc0b3d8f65cbc2c464dd349ac087c09d6a10ece32f0533c32b844110508a8ab62c491209678e117e4305bf193ed7a441241007dbd7adcde5bf4efda6d0def06e0e9f6cac90183477cf55e54f8be781ed28c10638eb6f036d40679b69c1da42cc2bfe885da7fa921092651b0c6eeb34de07a00e0ca0adeb2c1feb015dfe0e0ea4bebe1e05be2b1dd836081f1774d608757d91421b91029db174e4fb5428437c31ba64099606b69cdcd83f4ea511fa97da4112c83eab436b1ba941465ac206a8f48c18a2253d7b314e3c8a19d42e254d1e0795cf6b0007aa81034d29f4d7e4a0a596105ecd139fa18c88e1f953dd4b454a2096e14ae8733e33ea8697b268c07fec15234b2cfb5678cf4345cd00c9959a0520ff45ae7b7411cdc067a1069907f3780b15b56c96fc505ec6c6975327c348ca0a23c1deb1f5890fc25bec8424949bdf23c314e08de883891d6753e77052bca2959911d378173a45b1b2ccce8a036b585716da11fb9cdb135460f8acb3179ed30ef1eca1927fa0b8458f66755ecc5d7bb9d706e3b2d0c01dca23ec8ba696baf132199b20aa8897938214f81ec8a549ca3c3edf70f8cf3e9900074007b1c184fc4aa30abce4f7a4bcf083520710970f2b7b4f2c0ad008b7aeff389831c1970fd317097666e9a90467425c96fad04457580677218441b71125bdba5846d570348eb1bd6effc3870cd9c3f9c9bc96d3444211ddc7aae06f796df2a78d7a670c2072a5d2b212aef737dc6df423f50dea398c7bf146b2db22e42b723bbef4cc8d457d72eaccd6daa67f43054803cc44781319cfd4df5c14e5ada1acde4876bc8d797b95067e4627ab353086c57395e5c446a8add31887af4aeb9f22e65d8d565a90d57933fa09273f500697a58149273dcdbb2c20fb542fa3fde3be0498954d030d819bc1a2de9180b68f6cc7dacd6aa704c9809eb63b38eef066f9776483f65a92729b4277baeffc3c8ef0ab6111e2049da0fad2f0b2b7771837220b8fc0e2457516db794bccb8cb34d799f096964fd04bce91350f348207813a6f51640bc0d8b9c4f95892c296ef68961ab90e809a51a1eef2cb4365b66063d50902aeeba73ead9564da1c62fe5b8b12bf49024f710ff0bc9b5807ff9dd045746677c8522a4b0841224b6c56ba75a3f768ac3096e97d22db9dc1b7d0668c32f834feabd10789b233b0b11fc7cf531998383490b1372c798e9ee02379aca07a887653c64d3b8fd96797e371940bc108abf6c3ecf69549d2abeb2ea09105778e26cd3f08b90c7007c7eeedffad59b8b3c04faa88cd39d8e23154b0b230c71519d3e6b0af4b1017499a6292723e426334b229b635fe8761a2e99965646357cb1f80eff948142970d7aca2e7748322583f5dc68880de9d4fc13eedd26cfe9d78e90efb868c3d2d0ac18dd82c55b9bd299b035f67603cb11a92f603c8c98b81c588789d5ab0b0421f4dec920d88386d5b2d64586b19bf72b65a28d480d4ec7ba5fa7a4b577ac3e670e307b601bef1a8924787c0fd72989671a30ec843cfbe0ddbab61b1c0e316071e0bd488fcc17b677355f6f1feab32a44bcbc411786c002738c11c4fb5af07bd679f1f6150f2d270d48cd87caa58d437651c4568dea65cb6ffec7ae7b5c8b973dac75586b7f57b3774ca836ed0fb4d212f89c79cce4a1493076a509e9811355aa3447747d2f6d9dbfc4590996a56951f66bfe76d7b2a11893e02579887338c4928372c1d837e9b92a7c1b73671427f51f73c03cd9e3ba437204bed525f2ddde1aac15cf090b10e7f540845c6d643e6d421c4421c9e578e98bd80847ac3eb6687438d2e388b83a987be5479140e7ca2c4dfc038bf82b03faf75924f7fe82bfbf4f7cd25a2105d8db7b07d847ad1edca94323f744cc54640f929dcb6e93509336150469c575b16669d6671b61ab0418d67a90d0eafdc6287ebcb486ef990da526151d1309e2deb5a5ba25b705552052017ae242a77694080b2c648e35044fc731f3fa63e90c52550c26af75517285ca22696b655274e986c076a6cff721ab202c6d3634a88bc860967bc9fa2853f595851c421e3677b4c938a5684cbf45fb78214e8ce47dadf1f25e281ea092b857dd8d61bc4224ace14741320ce9ee63f2a5eef59cf1af1cd4b856ceae09b87eb2c67b6c3dc160da2c178138927eef6762163fe1dcc26e49edca9e1dd6fba3ab0b262d83a2d26939ceedb64974f34726c22a6139c7c63103415e287ded358d7f0b6c93bc626baf81f0efb0690bf790af70f1ac565b01790927ef36a942d3c1e4961ba5e04465a5520e6982c25df1f10db7093aca5959f0c2804cfd3093fa0ca03405d08cb8aa5c1731a6700462c96c7d015fb90fab5da3c366af9230a4e19e0c2dd92f4c24e7e825083332c6dcca9160a3e53c0227b4f41e8b9ffdf5d515efe2d4d665e92a774b2e4bcad4228c8ef58343706cff0e393345a4dcd78073ef1664d23eef7313e3726713bc625cf0cc1bee43ee1a39d615ada40495be8ddb43d6fe18c5b7e79216bd93bd1ee8cd74b8f23a910770b0b4b13e9048cad746929c1594d0b30cabe0529a20eb055e7f42508317e3cfb9b0f564aaa02288173265e75b5b4eb749d4fa04a015be84d02c3cc25b805cea8640d13275ba91d8e5f0ed6865f4eede33c99b7dcb5f81117a0fb18a7fff9bfe90deb327ed5d8da6e56809ef31d8d7e35736cee5521cc57b4356558af88f60f4554d5e12cc61f00c2177ddaa778a5aaba2dd07ef29f72775412ffb1374eea064ee33b5ea5c998b720999e23e7596797960ccd212b1ba46095cb17cc5affd87fbeb82fc345a2ae3f185f9da92e316d545eb4e42b5afc84eb0083c0ea8f4652c0432ead6fcf0c5bd1fe311d2423ea1b96658869f2889962ac40b655dd364811e4433ed1b3ba185f35499b2c79c0be7d01724b3ceea29f35a80703f9352e2100df201998f5d008b13492e7c1fd408dbf4713175f319118ce763ba241c534b4e003cade6c6a92075ce14537e36f5410d46d856c401320ca2d21211786fddcfc70a2ebf108c09c6b92a202e510b55358a26c88232b01d61bc4b43f0595b5015f302391d1ffd00e8937aeef9308ce30904fbf3b0b7b90e93bd51a1762d6f6d59e87b0701fddf80f951e75e1e8403bcf80a09454533995b3c6a030e34678bd34c2da0b344ba25c3d43207443aefab8866e3025887a42d584b8bd053f5e8c34610e5758f5497ace6781677e0e0ad1dadb5213f5b5156d1bf21f8f8efe6c0dc64a2e286f568803a9447143527bae17b4db53957832e5d646769ed50c8772641bd204f583c1732ed0230cdd03201e32fa9b7b54ffc65147c02c5134875a61f493bc34cca0fab088aa0bd1521a6f19568f2526314b7243ffc833cde93b6e2c7372830d315b7880b7640c3556da959a4148572a07b17d9a062272ab2bf88a070a18e6c195ae07977975bbd844462765541b7ac63ab4c0e17239e16a7174b1b36f3e76366ee813482e92ec9259536926495d56248c6afd09d7babe07a62626dd00e82bc93099a24f85b86b9c911e8763d56bcac2410f8e9139f77df9aae4b9b9079a318c6d858a6e6b7f9ba3c98f1cbd2923bd16b90", 0x1000) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 123.841170][ T8648] FAT-fs (loop2): bogus number of reserved sectors [ 123.847800][ T8648] FAT-fs (loop2): Can't find a valid FAT filesystem 08:50:12 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:12 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0x0, 0x0) setsockopt$packet_buf(r1, 0x107, 0x16, &(0x7f0000000280)="5f579ed79400a9c94fd8af556f2cb0453f46823f62428604e722ea22e3d2adb04cd5e1ac63bc76c984c9ae0036529ee534505051a0c1d70bcbe616385fd4a0e1e3953d2afcb5da8bef8f2dff4591ed13471d61ccba1997686490be5a9e8d5fd701e7cf1360ff0ddeb54b63cd83ef47dfee396e16da79fdb6bd7d51accf5517c4fad6ad29b6736ff820e6f1c96c10c0cc9484ac4f217468bb00db28e231029100c67d3e9443df9262a4e30862f9ac31ebde4664baab5c7b95f677eecfa9269442f2b05b1d74ffb705f71089bd934aa275b54c277db5d0b7e0c8f5c305ccdc60d8f88dac0b8eb57ee141d08d7a90bd145a9396248cc1f6ea6c6c0bc1327fd77934ea5ef93bbec3a49ef8eb87f3160c436b2b5e0b4581c9f0851123a3632e19cde75f16ba683172139eda87314518bf5f577bd1a579c183e26b4a1f12ee0b1c5cba97f1e69348a53afa56e93cc0dad5da9363a6e06d3109c4a4a54a5cbfc3d460d837ab1e38ac4cf71711dcf57f9cb0ce01dfc74c370ea40c2524ba930563f602cf603702a95083db3d762219c6a0e63533ca3fe1e8df336c43649d7e1e55ac5263627f8c0557024b6df89ffe6f07162f6dbcb3cf12071922e15fda068943909ebd158fed261beded5d03e3a271899ecafd74b5932918f336926ab4e801cd17b0bdc4c5ba9258f3471cb9292b00fb87d427c225ce941b6f47e656d12951fcbb04a85e9b913322be649e26ac1ca63816796bf149e88eaa48b8a034c93075467b20e317fcc0a1c20f6cb6288005b50f155217037c7750df484b0e393350978d78e8518402bfea892e455d1380a4a3418d336bac19cc839167736ead4e15af72b0103aea017d756edbd3147c55a0ccec74199f1eb9eb817a3351df39fbffd85149601ad7c074aff3856e90eed3bbca5702db3620b089a36b278ea7238d5a799b41c818c90869de9db9be5cd2919cc4b043bf9a80c34b461eef6ab0feb7fa9dfc67ee30548bc7301115f8d82dc2a88a798a708df684a5c7a018a4abda559072c6a163c4d321df4a9d88ec57785b7e54118ee445427015db07c1ae47f7e10b5d038d889ba401ba1273add2ebca5f3422fd2da6e3efc3563d8f9e545b16147cc6cccc586b1c4d665d8e624db0b1be87c4bfe8f1d6303e7975727aef35aceb85d2916fee4ba5af8705065e2a8ddec6ade155a1d27ce8a98f80e1739bb268d4b3247bbac21ecaa5558b4635056b5935422bbcb51b3b98f647ff3e5f61e43720b8cee5b95b78b6d9211cf38ed12b676b411797b1a1dbeb7d3a3633d6f1b8af01c2c6e6b4bc73280743d148a621e5915f4e344f75d42bbfaa769be8625e64a72f516098101bf7459ffbf89316067b8df337964dca69cdf8a1c2d6d51e3a1c92c0c80b807b5ad0c5f92df54b7b551acdf41c3058fbd52d03b50abe7e0acb50f4f77ad30164f146c4ce766cde532ea7e7f650137332fa444f7414c22c968f32c6d0e977b39ceabb72dcea722a7dfb583fb885066496cacc20af767f50c5f4b86499c054db70a6b59bead1d269b997a85fd7eb81596696b0717443a3754d45815f0718a99c594a311879ddb23e4611c15f857aeb3af425b367b23300d3ffd63a3589aa89a7dd9933375897090eab1589653dd5c7e437d15ef42e2901653f9d0b5eb802ce90800326deaa68c3647933043954a403531a1f698df58bd439bb14cf34a60fc1e55fafbf2d3c1fe476bb76dbb948fb3dd4b1b03ab03120762be4f540778ccb89e0aee5418e6c51b65c43ae29f04d8b200d5cb27a804e9c981dda2278a8276db77121139f366d94a7783d669ee190bb2b16c1fe72091014945b48042c5fe1944d7b62634fd016a526d7246ebcf56e5b6201232ae13f18a48a8ace28d6add02a4ca7c85b9eee00fa13073c1c6c13e3eed2e2bfb5e826b1c6d99318018e896b35ee0ee2013bb22b86b75148390fe0932a15d6433d39f56eb66c5093a227d6db4c46b893604100ce0fc16221af87f9bc4e6a7198b3ca71b1ce0984fee1c174ea106736d283760e7c332f5f90cd7bd20b99587062fcebcf6e2b4936002b9cd9ec781fbd1539ea0ee280d20a3f276d0576d2cb77009b47b5743c5e43d8a0aefb7216e0f72f2a6713d24e1405fd105cabb8a3633b828ad0bec8a2858d4dfb5e2bb21472d5cacfdb81c420e53e3fc0b3d8f65cbc2c464dd349ac087c09d6a10ece32f0533c32b844110508a8ab62c491209678e117e4305bf193ed7a441241007dbd7adcde5bf4efda6d0def06e0e9f6cac90183477cf55e54f8be781ed28c10638eb6f036d40679b69c1da42cc2bfe885da7fa921092651b0c6eeb34de07a00e0ca0adeb2c1feb015dfe0e0ea4bebe1e05be2b1dd836081f1774d608757d91421b91029db174e4fb5428437c31ba64099606b69cdcd83f4ea511fa97da4112c83eab436b1ba941465ac206a8f48c18a2253d7b314e3c8a19d42e254d1e0795cf6b0007aa81034d29f4d7e4a0a596105ecd139fa18c88e1f953dd4b454a2096e14ae8733e33ea8697b268c07fec15234b2cfb5678cf4345cd00c9959a0520ff45ae7b7411cdc067a1069907f3780b15b56c96fc505ec6c6975327c348ca0a23c1deb1f5890fc25bec8424949bdf23c314e08de883891d6753e77052bca2959911d378173a45b1b2ccce8a036b585716da11fb9cdb135460f8acb3179ed30ef1eca1927fa0b8458f66755ecc5d7bb9d706e3b2d0c01dca23ec8ba696baf132199b20aa8897938214f81ec8a549ca3c3edf70f8cf3e9900074007b1c184fc4aa30abce4f7a4bcf083520710970f2b7b4f2c0ad008b7aeff389831c1970fd317097666e9a90467425c96fad04457580677218441b71125bdba5846d570348eb1bd6effc3870cd9c3f9c9bc96d3444211ddc7aae06f796df2a78d7a670c2072a5d2b212aef737dc6df423f50dea398c7bf146b2db22e42b723bbef4cc8d457d72eaccd6daa67f43054803cc44781319cfd4df5c14e5ada1acde4876bc8d797b95067e4627ab353086c57395e5c446a8add31887af4aeb9f22e65d8d565a90d57933fa09273f500697a58149273dcdbb2c20fb542fa3fde3be0498954d030d819bc1a2de9180b68f6cc7dacd6aa704c9809eb63b38eef066f9776483f65a92729b4277baeffc3c8ef0ab6111e2049da0fad2f0b2b7771837220b8fc0e2457516db794bccb8cb34d799f096964fd04bce91350f348207813a6f51640bc0d8b9c4f95892c296ef68961ab90e809a51a1eef2cb4365b66063d50902aeeba73ead9564da1c62fe5b8b12bf49024f710ff0bc9b5807ff9dd045746677c8522a4b0841224b6c56ba75a3f768ac3096e97d22db9dc1b7d0668c32f834feabd10789b233b0b11fc7cf531998383490b1372c798e9ee02379aca07a887653c64d3b8fd96797e371940bc108abf6c3ecf69549d2abeb2ea09105778e26cd3f08b90c7007c7eeedffad59b8b3c04faa88cd39d8e23154b0b230c71519d3e6b0af4b1017499a6292723e426334b229b635fe8761a2e99965646357cb1f80eff948142970d7aca2e7748322583f5dc68880de9d4fc13eedd26cfe9d78e90efb868c3d2d0ac18dd82c55b9bd299b035f67603cb11a92f603c8c98b81c588789d5ab0b0421f4dec920d88386d5b2d64586b19bf72b65a28d480d4ec7ba5fa7a4b577ac3e670e307b601bef1a8924787c0fd72989671a30ec843cfbe0ddbab61b1c0e316071e0bd488fcc17b677355f6f1feab32a44bcbc411786c002738c11c4fb5af07bd679f1f6150f2d270d48cd87caa58d437651c4568dea65cb6ffec7ae7b5c8b973dac75586b7f57b3774ca836ed0fb4d212f89c79cce4a1493076a509e9811355aa3447747d2f6d9dbfc4590996a56951f66bfe76d7b2a11893e02579887338c4928372c1d837e9b92a7c1b73671427f51f73c03cd9e3ba437204bed525f2ddde1aac15cf090b10e7f540845c6d643e6d421c4421c9e578e98bd80847ac3eb6687438d2e388b83a987be5479140e7ca2c4dfc038bf82b03faf75924f7fe82bfbf4f7cd25a2105d8db7b07d847ad1edca94323f744cc54640f929dcb6e93509336150469c575b16669d6671b61ab0418d67a90d0eafdc6287ebcb486ef990da526151d1309e2deb5a5ba25b705552052017ae242a77694080b2c648e35044fc731f3fa63e90c52550c26af75517285ca22696b655274e986c076a6cff721ab202c6d3634a88bc860967bc9fa2853f595851c421e3677b4c938a5684cbf45fb78214e8ce47dadf1f25e281ea092b857dd8d61bc4224ace14741320ce9ee63f2a5eef59cf1af1cd4b856ceae09b87eb2c67b6c3dc160da2c178138927eef6762163fe1dcc26e49edca9e1dd6fba3ab0b262d83a2d26939ceedb64974f34726c22a6139c7c63103415e287ded358d7f0b6c93bc626baf81f0efb0690bf790af70f1ac565b01790927ef36a942d3c1e4961ba5e04465a5520e6982c25df1f10db7093aca5959f0c2804cfd3093fa0ca03405d08cb8aa5c1731a6700462c96c7d015fb90fab5da3c366af9230a4e19e0c2dd92f4c24e7e825083332c6dcca9160a3e53c0227b4f41e8b9ffdf5d515efe2d4d665e92a774b2e4bcad4228c8ef58343706cff0e393345a4dcd78073ef1664d23eef7313e3726713bc625cf0cc1bee43ee1a39d615ada40495be8ddb43d6fe18c5b7e79216bd93bd1ee8cd74b8f23a910770b0b4b13e9048cad746929c1594d0b30cabe0529a20eb055e7f42508317e3cfb9b0f564aaa02288173265e75b5b4eb749d4fa04a015be84d02c3cc25b805cea8640d13275ba91d8e5f0ed6865f4eede33c99b7dcb5f81117a0fb18a7fff9bfe90deb327ed5d8da6e56809ef31d8d7e35736cee5521cc57b4356558af88f60f4554d5e12cc61f00c2177ddaa778a5aaba2dd07ef29f72775412ffb1374eea064ee33b5ea5c998b720999e23e7596797960ccd212b1ba46095cb17cc5affd87fbeb82fc345a2ae3f185f9da92e316d545eb4e42b5afc84eb0083c0ea8f4652c0432ead6fcf0c5bd1fe311d2423ea1b96658869f2889962ac40b655dd364811e4433ed1b3ba185f35499b2c79c0be7d01724b3ceea29f35a80703f9352e2100df201998f5d008b13492e7c1fd408dbf4713175f319118ce763ba241c534b4e003cade6c6a92075ce14537e36f5410d46d856c401320ca2d21211786fddcfc70a2ebf108c09c6b92a202e510b55358a26c88232b01d61bc4b43f0595b5015f302391d1ffd00e8937aeef9308ce30904fbf3b0b7b90e93bd51a1762d6f6d59e87b0701fddf80f951e75e1e8403bcf80a09454533995b3c6a030e34678bd34c2da0b344ba25c3d43207443aefab8866e3025887a42d584b8bd053f5e8c34610e5758f5497ace6781677e0e0ad1dadb5213f5b5156d1bf21f8f8efe6c0dc64a2e286f568803a9447143527bae17b4db53957832e5d646769ed50c8772641bd204f583c1732ed0230cdd03201e32fa9b7b54ffc65147c02c5134875a61f493bc34cca0fab088aa0bd1521a6f19568f2526314b7243ffc833cde93b6e2c7372830d315b7880b7640c3556da959a4148572a07b17d9a062272ab2bf88a070a18e6c195ae07977975bbd844462765541b7ac63ab4c0e17239e16a7174b1b36f3e76366ee813482e92ec9259536926495d56248c6afd09d7babe07a62626dd00e82bc93099a24f85b86b9c911e8763d56bcac2410f8e9139f77df9aae4b9b9079a318c6d858a6e6b7f9ba3c98f1cbd2923bd16b90", 0x1000) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 123.927061][ T8677] loop4: detected capacity change from 0 to 16 [ 123.955638][ T8682] FAT-fs (loop5): bogus number of reserved sectors [ 123.962255][ T8682] FAT-fs (loop5): Can't find a valid FAT filesystem 08:50:13 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:13 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c0000006800"], 0x1c}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8) splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x0) 08:50:13 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:50:13 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0x0, 0x0) setsockopt$packet_buf(r1, 0x107, 0x16, &(0x7f0000000280)="5f579ed79400a9c94fd8af556f2cb0453f46823f62428604e722ea22e3d2adb04cd5e1ac63bc76c984c9ae0036529ee534505051a0c1d70bcbe616385fd4a0e1e3953d2afcb5da8bef8f2dff4591ed13471d61ccba1997686490be5a9e8d5fd701e7cf1360ff0ddeb54b63cd83ef47dfee396e16da79fdb6bd7d51accf5517c4fad6ad29b6736ff820e6f1c96c10c0cc9484ac4f217468bb00db28e231029100c67d3e9443df9262a4e30862f9ac31ebde4664baab5c7b95f677eecfa9269442f2b05b1d74ffb705f71089bd934aa275b54c277db5d0b7e0c8f5c305ccdc60d8f88dac0b8eb57ee141d08d7a90bd145a9396248cc1f6ea6c6c0bc1327fd77934ea5ef93bbec3a49ef8eb87f3160c436b2b5e0b4581c9f0851123a3632e19cde75f16ba683172139eda87314518bf5f577bd1a579c183e26b4a1f12ee0b1c5cba97f1e69348a53afa56e93cc0dad5da9363a6e06d3109c4a4a54a5cbfc3d460d837ab1e38ac4cf71711dcf57f9cb0ce01dfc74c370ea40c2524ba930563f602cf603702a95083db3d762219c6a0e63533ca3fe1e8df336c43649d7e1e55ac5263627f8c0557024b6df89ffe6f07162f6dbcb3cf12071922e15fda068943909ebd158fed261beded5d03e3a271899ecafd74b5932918f336926ab4e801cd17b0bdc4c5ba9258f3471cb9292b00fb87d427c225ce941b6f47e656d12951fcbb04a85e9b913322be649e26ac1ca63816796bf149e88eaa48b8a034c93075467b20e317fcc0a1c20f6cb6288005b50f155217037c7750df484b0e393350978d78e8518402bfea892e455d1380a4a3418d336bac19cc839167736ead4e15af72b0103aea017d756edbd3147c55a0ccec74199f1eb9eb817a3351df39fbffd85149601ad7c074aff3856e90eed3bbca5702db3620b089a36b278ea7238d5a799b41c818c90869de9db9be5cd2919cc4b043bf9a80c34b461eef6ab0feb7fa9dfc67ee30548bc7301115f8d82dc2a88a798a708df684a5c7a018a4abda559072c6a163c4d321df4a9d88ec57785b7e54118ee445427015db07c1ae47f7e10b5d038d889ba401ba1273add2ebca5f3422fd2da6e3efc3563d8f9e545b16147cc6cccc586b1c4d665d8e624db0b1be87c4bfe8f1d6303e7975727aef35aceb85d2916fee4ba5af8705065e2a8ddec6ade155a1d27ce8a98f80e1739bb268d4b3247bbac21ecaa5558b4635056b5935422bbcb51b3b98f647ff3e5f61e43720b8cee5b95b78b6d9211cf38ed12b676b411797b1a1dbeb7d3a3633d6f1b8af01c2c6e6b4bc73280743d148a621e5915f4e344f75d42bbfaa769be8625e64a72f516098101bf7459ffbf89316067b8df337964dca69cdf8a1c2d6d51e3a1c92c0c80b807b5ad0c5f92df54b7b551acdf41c3058fbd52d03b50abe7e0acb50f4f77ad30164f146c4ce766cde532ea7e7f650137332fa444f7414c22c968f32c6d0e977b39ceabb72dcea722a7dfb583fb885066496cacc20af767f50c5f4b86499c054db70a6b59bead1d269b997a85fd7eb81596696b0717443a3754d45815f0718a99c594a311879ddb23e4611c15f857aeb3af425b367b23300d3ffd63a3589aa89a7dd9933375897090eab1589653dd5c7e437d15ef42e2901653f9d0b5eb802ce90800326deaa68c3647933043954a403531a1f698df58bd439bb14cf34a60fc1e55fafbf2d3c1fe476bb76dbb948fb3dd4b1b03ab03120762be4f540778ccb89e0aee5418e6c51b65c43ae29f04d8b200d5cb27a804e9c981dda2278a8276db77121139f366d94a7783d669ee190bb2b16c1fe72091014945b48042c5fe1944d7b62634fd016a526d7246ebcf56e5b6201232ae13f18a48a8ace28d6add02a4ca7c85b9eee00fa13073c1c6c13e3eed2e2bfb5e826b1c6d99318018e896b35ee0ee2013bb22b86b75148390fe0932a15d6433d39f56eb66c5093a227d6db4c46b893604100ce0fc16221af87f9bc4e6a7198b3ca71b1ce0984fee1c174ea106736d283760e7c332f5f90cd7bd20b99587062fcebcf6e2b4936002b9cd9ec781fbd1539ea0ee280d20a3f276d0576d2cb77009b47b5743c5e43d8a0aefb7216e0f72f2a6713d24e1405fd105cabb8a3633b828ad0bec8a2858d4dfb5e2bb21472d5cacfdb81c420e53e3fc0b3d8f65cbc2c464dd349ac087c09d6a10ece32f0533c32b844110508a8ab62c491209678e117e4305bf193ed7a441241007dbd7adcde5bf4efda6d0def06e0e9f6cac90183477cf55e54f8be781ed28c10638eb6f036d40679b69c1da42cc2bfe885da7fa921092651b0c6eeb34de07a00e0ca0adeb2c1feb015dfe0e0ea4bebe1e05be2b1dd836081f1774d608757d91421b91029db174e4fb5428437c31ba64099606b69cdcd83f4ea511fa97da4112c83eab436b1ba941465ac206a8f48c18a2253d7b314e3c8a19d42e254d1e0795cf6b0007aa81034d29f4d7e4a0a596105ecd139fa18c88e1f953dd4b454a2096e14ae8733e33ea8697b268c07fec15234b2cfb5678cf4345cd00c9959a0520ff45ae7b7411cdc067a1069907f3780b15b56c96fc505ec6c6975327c348ca0a23c1deb1f5890fc25bec8424949bdf23c314e08de883891d6753e77052bca2959911d378173a45b1b2ccce8a036b585716da11fb9cdb135460f8acb3179ed30ef1eca1927fa0b8458f66755ecc5d7bb9d706e3b2d0c01dca23ec8ba696baf132199b20aa8897938214f81ec8a549ca3c3edf70f8cf3e9900074007b1c184fc4aa30abce4f7a4bcf083520710970f2b7b4f2c0ad008b7aeff389831c1970fd317097666e9a90467425c96fad04457580677218441b71125bdba5846d570348eb1bd6effc3870cd9c3f9c9bc96d3444211ddc7aae06f796df2a78d7a670c2072a5d2b212aef737dc6df423f50dea398c7bf146b2db22e42b723bbef4cc8d457d72eaccd6daa67f43054803cc44781319cfd4df5c14e5ada1acde4876bc8d797b95067e4627ab353086c57395e5c446a8add31887af4aeb9f22e65d8d565a90d57933fa09273f500697a58149273dcdbb2c20fb542fa3fde3be0498954d030d819bc1a2de9180b68f6cc7dacd6aa704c9809eb63b38eef066f9776483f65a92729b4277baeffc3c8ef0ab6111e2049da0fad2f0b2b7771837220b8fc0e2457516db794bccb8cb34d799f096964fd04bce91350f348207813a6f51640bc0d8b9c4f95892c296ef68961ab90e809a51a1eef2cb4365b66063d50902aeeba73ead9564da1c62fe5b8b12bf49024f710ff0bc9b5807ff9dd045746677c8522a4b0841224b6c56ba75a3f768ac3096e97d22db9dc1b7d0668c32f834feabd10789b233b0b11fc7cf531998383490b1372c798e9ee02379aca07a887653c64d3b8fd96797e371940bc108abf6c3ecf69549d2abeb2ea09105778e26cd3f08b90c7007c7eeedffad59b8b3c04faa88cd39d8e23154b0b230c71519d3e6b0af4b1017499a6292723e426334b229b635fe8761a2e99965646357cb1f80eff948142970d7aca2e7748322583f5dc68880de9d4fc13eedd26cfe9d78e90efb868c3d2d0ac18dd82c55b9bd299b035f67603cb11a92f603c8c98b81c588789d5ab0b0421f4dec920d88386d5b2d64586b19bf72b65a28d480d4ec7ba5fa7a4b577ac3e670e307b601bef1a8924787c0fd72989671a30ec843cfbe0ddbab61b1c0e316071e0bd488fcc17b677355f6f1feab32a44bcbc411786c002738c11c4fb5af07bd679f1f6150f2d270d48cd87caa58d437651c4568dea65cb6ffec7ae7b5c8b973dac75586b7f57b3774ca836ed0fb4d212f89c79cce4a1493076a509e9811355aa3447747d2f6d9dbfc4590996a56951f66bfe76d7b2a11893e02579887338c4928372c1d837e9b92a7c1b73671427f51f73c03cd9e3ba437204bed525f2ddde1aac15cf090b10e7f540845c6d643e6d421c4421c9e578e98bd80847ac3eb6687438d2e388b83a987be5479140e7ca2c4dfc038bf82b03faf75924f7fe82bfbf4f7cd25a2105d8db7b07d847ad1edca94323f744cc54640f929dcb6e93509336150469c575b16669d6671b61ab0418d67a90d0eafdc6287ebcb486ef990da526151d1309e2deb5a5ba25b705552052017ae242a77694080b2c648e35044fc731f3fa63e90c52550c26af75517285ca22696b655274e986c076a6cff721ab202c6d3634a88bc860967bc9fa2853f595851c421e3677b4c938a5684cbf45fb78214e8ce47dadf1f25e281ea092b857dd8d61bc4224ace14741320ce9ee63f2a5eef59cf1af1cd4b856ceae09b87eb2c67b6c3dc160da2c178138927eef6762163fe1dcc26e49edca9e1dd6fba3ab0b262d83a2d26939ceedb64974f34726c22a6139c7c63103415e287ded358d7f0b6c93bc626baf81f0efb0690bf790af70f1ac565b01790927ef36a942d3c1e4961ba5e04465a5520e6982c25df1f10db7093aca5959f0c2804cfd3093fa0ca03405d08cb8aa5c1731a6700462c96c7d015fb90fab5da3c366af9230a4e19e0c2dd92f4c24e7e825083332c6dcca9160a3e53c0227b4f41e8b9ffdf5d515efe2d4d665e92a774b2e4bcad4228c8ef58343706cff0e393345a4dcd78073ef1664d23eef7313e3726713bc625cf0cc1bee43ee1a39d615ada40495be8ddb43d6fe18c5b7e79216bd93bd1ee8cd74b8f23a910770b0b4b13e9048cad746929c1594d0b30cabe0529a20eb055e7f42508317e3cfb9b0f564aaa02288173265e75b5b4eb749d4fa04a015be84d02c3cc25b805cea8640d13275ba91d8e5f0ed6865f4eede33c99b7dcb5f81117a0fb18a7fff9bfe90deb327ed5d8da6e56809ef31d8d7e35736cee5521cc57b4356558af88f60f4554d5e12cc61f00c2177ddaa778a5aaba2dd07ef29f72775412ffb1374eea064ee33b5ea5c998b720999e23e7596797960ccd212b1ba46095cb17cc5affd87fbeb82fc345a2ae3f185f9da92e316d545eb4e42b5afc84eb0083c0ea8f4652c0432ead6fcf0c5bd1fe311d2423ea1b96658869f2889962ac40b655dd364811e4433ed1b3ba185f35499b2c79c0be7d01724b3ceea29f35a80703f9352e2100df201998f5d008b13492e7c1fd408dbf4713175f319118ce763ba241c534b4e003cade6c6a92075ce14537e36f5410d46d856c401320ca2d21211786fddcfc70a2ebf108c09c6b92a202e510b55358a26c88232b01d61bc4b43f0595b5015f302391d1ffd00e8937aeef9308ce30904fbf3b0b7b90e93bd51a1762d6f6d59e87b0701fddf80f951e75e1e8403bcf80a09454533995b3c6a030e34678bd34c2da0b344ba25c3d43207443aefab8866e3025887a42d584b8bd053f5e8c34610e5758f5497ace6781677e0e0ad1dadb5213f5b5156d1bf21f8f8efe6c0dc64a2e286f568803a9447143527bae17b4db53957832e5d646769ed50c8772641bd204f583c1732ed0230cdd03201e32fa9b7b54ffc65147c02c5134875a61f493bc34cca0fab088aa0bd1521a6f19568f2526314b7243ffc833cde93b6e2c7372830d315b7880b7640c3556da959a4148572a07b17d9a062272ab2bf88a070a18e6c195ae07977975bbd844462765541b7ac63ab4c0e17239e16a7174b1b36f3e76366ee813482e92ec9259536926495d56248c6afd09d7babe07a62626dd00e82bc93099a24f85b86b9c911e8763d56bcac2410f8e9139f77df9aae4b9b9079a318c6d858a6e6b7f9ba3c98f1cbd2923bd16b90", 0x1000) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:13 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, 0x0, 0x0) 08:50:13 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) [ 124.688584][ T8707] loop5: detected capacity change from 0 to 16 [ 124.691349][ T8706] loop4: detected capacity change from 0 to 16 [ 124.701335][ T8707] FAT-fs (loop5): bogus number of reserved sectors [ 124.704244][ T8710] loop2: detected capacity change from 0 to 16 [ 124.707853][ T8707] FAT-fs (loop5): Can't find a valid FAT filesystem [ 124.730121][ T8710] FAT-fs (loop2): bogus number of reserved sectors 08:50:13 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0x0, 0x0) setsockopt$packet_buf(r1, 0x107, 0x16, &(0x7f0000000280)="5f579ed79400a9c94fd8af556f2cb0453f46823f62428604e722ea22e3d2adb04cd5e1ac63bc76c984c9ae0036529ee534505051a0c1d70bcbe616385fd4a0e1e3953d2afcb5da8bef8f2dff4591ed13471d61ccba1997686490be5a9e8d5fd701e7cf1360ff0ddeb54b63cd83ef47dfee396e16da79fdb6bd7d51accf5517c4fad6ad29b6736ff820e6f1c96c10c0cc9484ac4f217468bb00db28e231029100c67d3e9443df9262a4e30862f9ac31ebde4664baab5c7b95f677eecfa9269442f2b05b1d74ffb705f71089bd934aa275b54c277db5d0b7e0c8f5c305ccdc60d8f88dac0b8eb57ee141d08d7a90bd145a9396248cc1f6ea6c6c0bc1327fd77934ea5ef93bbec3a49ef8eb87f3160c436b2b5e0b4581c9f0851123a3632e19cde75f16ba683172139eda87314518bf5f577bd1a579c183e26b4a1f12ee0b1c5cba97f1e69348a53afa56e93cc0dad5da9363a6e06d3109c4a4a54a5cbfc3d460d837ab1e38ac4cf71711dcf57f9cb0ce01dfc74c370ea40c2524ba930563f602cf603702a95083db3d762219c6a0e63533ca3fe1e8df336c43649d7e1e55ac5263627f8c0557024b6df89ffe6f07162f6dbcb3cf12071922e15fda068943909ebd158fed261beded5d03e3a271899ecafd74b5932918f336926ab4e801cd17b0bdc4c5ba9258f3471cb9292b00fb87d427c225ce941b6f47e656d12951fcbb04a85e9b913322be649e26ac1ca63816796bf149e88eaa48b8a034c93075467b20e317fcc0a1c20f6cb6288005b50f155217037c7750df484b0e393350978d78e8518402bfea892e455d1380a4a3418d336bac19cc839167736ead4e15af72b0103aea017d756edbd3147c55a0ccec74199f1eb9eb817a3351df39fbffd85149601ad7c074aff3856e90eed3bbca5702db3620b089a36b278ea7238d5a799b41c818c90869de9db9be5cd2919cc4b043bf9a80c34b461eef6ab0feb7fa9dfc67ee30548bc7301115f8d82dc2a88a798a708df684a5c7a018a4abda559072c6a163c4d321df4a9d88ec57785b7e54118ee445427015db07c1ae47f7e10b5d038d889ba401ba1273add2ebca5f3422fd2da6e3efc3563d8f9e545b16147cc6cccc586b1c4d665d8e624db0b1be87c4bfe8f1d6303e7975727aef35aceb85d2916fee4ba5af8705065e2a8ddec6ade155a1d27ce8a98f80e1739bb268d4b3247bbac21ecaa5558b4635056b5935422bbcb51b3b98f647ff3e5f61e43720b8cee5b95b78b6d9211cf38ed12b676b411797b1a1dbeb7d3a3633d6f1b8af01c2c6e6b4bc73280743d148a621e5915f4e344f75d42bbfaa769be8625e64a72f516098101bf7459ffbf89316067b8df337964dca69cdf8a1c2d6d51e3a1c92c0c80b807b5ad0c5f92df54b7b551acdf41c3058fbd52d03b50abe7e0acb50f4f77ad30164f146c4ce766cde532ea7e7f650137332fa444f7414c22c968f32c6d0e977b39ceabb72dcea722a7dfb583fb885066496cacc20af767f50c5f4b86499c054db70a6b59bead1d269b997a85fd7eb81596696b0717443a3754d45815f0718a99c594a311879ddb23e4611c15f857aeb3af425b367b23300d3ffd63a3589aa89a7dd9933375897090eab1589653dd5c7e437d15ef42e2901653f9d0b5eb802ce90800326deaa68c3647933043954a403531a1f698df58bd439bb14cf34a60fc1e55fafbf2d3c1fe476bb76dbb948fb3dd4b1b03ab03120762be4f540778ccb89e0aee5418e6c51b65c43ae29f04d8b200d5cb27a804e9c981dda2278a8276db77121139f366d94a7783d669ee190bb2b16c1fe72091014945b48042c5fe1944d7b62634fd016a526d7246ebcf56e5b6201232ae13f18a48a8ace28d6add02a4ca7c85b9eee00fa13073c1c6c13e3eed2e2bfb5e826b1c6d99318018e896b35ee0ee2013bb22b86b75148390fe0932a15d6433d39f56eb66c5093a227d6db4c46b893604100ce0fc16221af87f9bc4e6a7198b3ca71b1ce0984fee1c174ea106736d283760e7c332f5f90cd7bd20b99587062fcebcf6e2b4936002b9cd9ec781fbd1539ea0ee280d20a3f276d0576d2cb77009b47b5743c5e43d8a0aefb7216e0f72f2a6713d24e1405fd105cabb8a3633b828ad0bec8a2858d4dfb5e2bb21472d5cacfdb81c420e53e3fc0b3d8f65cbc2c464dd349ac087c09d6a10ece32f0533c32b844110508a8ab62c491209678e117e4305bf193ed7a441241007dbd7adcde5bf4efda6d0def06e0e9f6cac90183477cf55e54f8be781ed28c10638eb6f036d40679b69c1da42cc2bfe885da7fa921092651b0c6eeb34de07a00e0ca0adeb2c1feb015dfe0e0ea4bebe1e05be2b1dd836081f1774d608757d91421b91029db174e4fb5428437c31ba64099606b69cdcd83f4ea511fa97da4112c83eab436b1ba941465ac206a8f48c18a2253d7b314e3c8a19d42e254d1e0795cf6b0007aa81034d29f4d7e4a0a596105ecd139fa18c88e1f953dd4b454a2096e14ae8733e33ea8697b268c07fec15234b2cfb5678cf4345cd00c9959a0520ff45ae7b7411cdc067a1069907f3780b15b56c96fc505ec6c6975327c348ca0a23c1deb1f5890fc25bec8424949bdf23c314e08de883891d6753e77052bca2959911d378173a45b1b2ccce8a036b585716da11fb9cdb135460f8acb3179ed30ef1eca1927fa0b8458f66755ecc5d7bb9d706e3b2d0c01dca23ec8ba696baf132199b20aa8897938214f81ec8a549ca3c3edf70f8cf3e9900074007b1c184fc4aa30abce4f7a4bcf083520710970f2b7b4f2c0ad008b7aeff389831c1970fd317097666e9a90467425c96fad04457580677218441b71125bdba5846d570348eb1bd6effc3870cd9c3f9c9bc96d3444211ddc7aae06f796df2a78d7a670c2072a5d2b212aef737dc6df423f50dea398c7bf146b2db22e42b723bbef4cc8d457d72eaccd6daa67f43054803cc44781319cfd4df5c14e5ada1acde4876bc8d797b95067e4627ab353086c57395e5c446a8add31887af4aeb9f22e65d8d565a90d57933fa09273f500697a58149273dcdbb2c20fb542fa3fde3be0498954d030d819bc1a2de9180b68f6cc7dacd6aa704c9809eb63b38eef066f9776483f65a92729b4277baeffc3c8ef0ab6111e2049da0fad2f0b2b7771837220b8fc0e2457516db794bccb8cb34d799f096964fd04bce91350f348207813a6f51640bc0d8b9c4f95892c296ef68961ab90e809a51a1eef2cb4365b66063d50902aeeba73ead9564da1c62fe5b8b12bf49024f710ff0bc9b5807ff9dd045746677c8522a4b0841224b6c56ba75a3f768ac3096e97d22db9dc1b7d0668c32f834feabd10789b233b0b11fc7cf531998383490b1372c798e9ee02379aca07a887653c64d3b8fd96797e371940bc108abf6c3ecf69549d2abeb2ea09105778e26cd3f08b90c7007c7eeedffad59b8b3c04faa88cd39d8e23154b0b230c71519d3e6b0af4b1017499a6292723e426334b229b635fe8761a2e99965646357cb1f80eff948142970d7aca2e7748322583f5dc68880de9d4fc13eedd26cfe9d78e90efb868c3d2d0ac18dd82c55b9bd299b035f67603cb11a92f603c8c98b81c588789d5ab0b0421f4dec920d88386d5b2d64586b19bf72b65a28d480d4ec7ba5fa7a4b577ac3e670e307b601bef1a8924787c0fd72989671a30ec843cfbe0ddbab61b1c0e316071e0bd488fcc17b677355f6f1feab32a44bcbc411786c002738c11c4fb5af07bd679f1f6150f2d270d48cd87caa58d437651c4568dea65cb6ffec7ae7b5c8b973dac75586b7f57b3774ca836ed0fb4d212f89c79cce4a1493076a509e9811355aa3447747d2f6d9dbfc4590996a56951f66bfe76d7b2a11893e02579887338c4928372c1d837e9b92a7c1b73671427f51f73c03cd9e3ba437204bed525f2ddde1aac15cf090b10e7f540845c6d643e6d421c4421c9e578e98bd80847ac3eb6687438d2e388b83a987be5479140e7ca2c4dfc038bf82b03faf75924f7fe82bfbf4f7cd25a2105d8db7b07d847ad1edca94323f744cc54640f929dcb6e93509336150469c575b16669d6671b61ab0418d67a90d0eafdc6287ebcb486ef990da526151d1309e2deb5a5ba25b705552052017ae242a77694080b2c648e35044fc731f3fa63e90c52550c26af75517285ca22696b655274e986c076a6cff721ab202c6d3634a88bc860967bc9fa2853f595851c421e3677b4c938a5684cbf45fb78214e8ce47dadf1f25e281ea092b857dd8d61bc4224ace14741320ce9ee63f2a5eef59cf1af1cd4b856ceae09b87eb2c67b6c3dc160da2c178138927eef6762163fe1dcc26e49edca9e1dd6fba3ab0b262d83a2d26939ceedb64974f34726c22a6139c7c63103415e287ded358d7f0b6c93bc626baf81f0efb0690bf790af70f1ac565b01790927ef36a942d3c1e4961ba5e04465a5520e6982c25df1f10db7093aca5959f0c2804cfd3093fa0ca03405d08cb8aa5c1731a6700462c96c7d015fb90fab5da3c366af9230a4e19e0c2dd92f4c24e7e825083332c6dcca9160a3e53c0227b4f41e8b9ffdf5d515efe2d4d665e92a774b2e4bcad4228c8ef58343706cff0e393345a4dcd78073ef1664d23eef7313e3726713bc625cf0cc1bee43ee1a39d615ada40495be8ddb43d6fe18c5b7e79216bd93bd1ee8cd74b8f23a910770b0b4b13e9048cad746929c1594d0b30cabe0529a20eb055e7f42508317e3cfb9b0f564aaa02288173265e75b5b4eb749d4fa04a015be84d02c3cc25b805cea8640d13275ba91d8e5f0ed6865f4eede33c99b7dcb5f81117a0fb18a7fff9bfe90deb327ed5d8da6e56809ef31d8d7e35736cee5521cc57b4356558af88f60f4554d5e12cc61f00c2177ddaa778a5aaba2dd07ef29f72775412ffb1374eea064ee33b5ea5c998b720999e23e7596797960ccd212b1ba46095cb17cc5affd87fbeb82fc345a2ae3f185f9da92e316d545eb4e42b5afc84eb0083c0ea8f4652c0432ead6fcf0c5bd1fe311d2423ea1b96658869f2889962ac40b655dd364811e4433ed1b3ba185f35499b2c79c0be7d01724b3ceea29f35a80703f9352e2100df201998f5d008b13492e7c1fd408dbf4713175f319118ce763ba241c534b4e003cade6c6a92075ce14537e36f5410d46d856c401320ca2d21211786fddcfc70a2ebf108c09c6b92a202e510b55358a26c88232b01d61bc4b43f0595b5015f302391d1ffd00e8937aeef9308ce30904fbf3b0b7b90e93bd51a1762d6f6d59e87b0701fddf80f951e75e1e8403bcf80a09454533995b3c6a030e34678bd34c2da0b344ba25c3d43207443aefab8866e3025887a42d584b8bd053f5e8c34610e5758f5497ace6781677e0e0ad1dadb5213f5b5156d1bf21f8f8efe6c0dc64a2e286f568803a9447143527bae17b4db53957832e5d646769ed50c8772641bd204f583c1732ed0230cdd03201e32fa9b7b54ffc65147c02c5134875a61f493bc34cca0fab088aa0bd1521a6f19568f2526314b7243ffc833cde93b6e2c7372830d315b7880b7640c3556da959a4148572a07b17d9a062272ab2bf88a070a18e6c195ae07977975bbd844462765541b7ac63ab4c0e17239e16a7174b1b36f3e76366ee813482e92ec9259536926495d56248c6afd09d7babe07a62626dd00e82bc93099a24f85b86b9c911e8763d56bcac2410f8e9139f77df9aae4b9b9079a318c6d858a6e6b7f9ba3c98f1cbd2923bd16b90", 0x1000) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:13 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) [ 124.736711][ T8710] FAT-fs (loop2): Can't find a valid FAT filesystem 08:50:13 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, 0x0, 0x0) 08:50:13 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:13 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:13 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x16, &(0x7f0000000280)="5f579ed79400a9c94fd8af556f2cb0453f46823f62428604e722ea22e3d2adb04cd5e1ac63bc76c984c9ae0036529ee534505051a0c1d70bcbe616385fd4a0e1e3953d2afcb5da8bef8f2dff4591ed13471d61ccba1997686490be5a9e8d5fd701e7cf1360ff0ddeb54b63cd83ef47dfee396e16da79fdb6bd7d51accf5517c4fad6ad29b6736ff820e6f1c96c10c0cc9484ac4f217468bb00db28e231029100c67d3e9443df9262a4e30862f9ac31ebde4664baab5c7b95f677eecfa9269442f2b05b1d74ffb705f71089bd934aa275b54c277db5d0b7e0c8f5c305ccdc60d8f88dac0b8eb57ee141d08d7a90bd145a9396248cc1f6ea6c6c0bc1327fd77934ea5ef93bbec3a49ef8eb87f3160c436b2b5e0b4581c9f0851123a3632e19cde75f16ba683172139eda87314518bf5f577bd1a579c183e26b4a1f12ee0b1c5cba97f1e69348a53afa56e93cc0dad5da9363a6e06d3109c4a4a54a5cbfc3d460d837ab1e38ac4cf71711dcf57f9cb0ce01dfc74c370ea40c2524ba930563f602cf603702a95083db3d762219c6a0e63533ca3fe1e8df336c43649d7e1e55ac5263627f8c0557024b6df89ffe6f07162f6dbcb3cf12071922e15fda068943909ebd158fed261beded5d03e3a271899ecafd74b5932918f336926ab4e801cd17b0bdc4c5ba9258f3471cb9292b00fb87d427c225ce941b6f47e656d12951fcbb04a85e9b913322be649e26ac1ca63816796bf149e88eaa48b8a034c93075467b20e317fcc0a1c20f6cb6288005b50f155217037c7750df484b0e393350978d78e8518402bfea892e455d1380a4a3418d336bac19cc839167736ead4e15af72b0103aea017d756edbd3147c55a0ccec74199f1eb9eb817a3351df39fbffd85149601ad7c074aff3856e90eed3bbca5702db3620b089a36b278ea7238d5a799b41c818c90869de9db9be5cd2919cc4b043bf9a80c34b461eef6ab0feb7fa9dfc67ee30548bc7301115f8d82dc2a88a798a708df684a5c7a018a4abda559072c6a163c4d321df4a9d88ec57785b7e54118ee445427015db07c1ae47f7e10b5d038d889ba401ba1273add2ebca5f3422fd2da6e3efc3563d8f9e545b16147cc6cccc586b1c4d665d8e624db0b1be87c4bfe8f1d6303e7975727aef35aceb85d2916fee4ba5af8705065e2a8ddec6ade155a1d27ce8a98f80e1739bb268d4b3247bbac21ecaa5558b4635056b5935422bbcb51b3b98f647ff3e5f61e43720b8cee5b95b78b6d9211cf38ed12b676b411797b1a1dbeb7d3a3633d6f1b8af01c2c6e6b4bc73280743d148a621e5915f4e344f75d42bbfaa769be8625e64a72f516098101bf7459ffbf89316067b8df337964dca69cdf8a1c2d6d51e3a1c92c0c80b807b5ad0c5f92df54b7b551acdf41c3058fbd52d03b50abe7e0acb50f4f77ad30164f146c4ce766cde532ea7e7f650137332fa444f7414c22c968f32c6d0e977b39ceabb72dcea722a7dfb583fb885066496cacc20af767f50c5f4b86499c054db70a6b59bead1d269b997a85fd7eb81596696b0717443a3754d45815f0718a99c594a311879ddb23e4611c15f857aeb3af425b367b23300d3ffd63a3589aa89a7dd9933375897090eab1589653dd5c7e437d15ef42e2901653f9d0b5eb802ce90800326deaa68c3647933043954a403531a1f698df58bd439bb14cf34a60fc1e55fafbf2d3c1fe476bb76dbb948fb3dd4b1b03ab03120762be4f540778ccb89e0aee5418e6c51b65c43ae29f04d8b200d5cb27a804e9c981dda2278a8276db77121139f366d94a7783d669ee190bb2b16c1fe72091014945b48042c5fe1944d7b62634fd016a526d7246ebcf56e5b6201232ae13f18a48a8ace28d6add02a4ca7c85b9eee00fa13073c1c6c13e3eed2e2bfb5e826b1c6d99318018e896b35ee0ee2013bb22b86b75148390fe0932a15d6433d39f56eb66c5093a227d6db4c46b893604100ce0fc16221af87f9bc4e6a7198b3ca71b1ce0984fee1c174ea106736d283760e7c332f5f90cd7bd20b99587062fcebcf6e2b4936002b9cd9ec781fbd1539ea0ee280d20a3f276d0576d2cb77009b47b5743c5e43d8a0aefb7216e0f72f2a6713d24e1405fd105cabb8a3633b828ad0bec8a2858d4dfb5e2bb21472d5cacfdb81c420e53e3fc0b3d8f65cbc2c464dd349ac087c09d6a10ece32f0533c32b844110508a8ab62c491209678e117e4305bf193ed7a441241007dbd7adcde5bf4efda6d0def06e0e9f6cac90183477cf55e54f8be781ed28c10638eb6f036d40679b69c1da42cc2bfe885da7fa921092651b0c6eeb34de07a00e0ca0adeb2c1feb015dfe0e0ea4bebe1e05be2b1dd836081f1774d608757d91421b91029db174e4fb5428437c31ba64099606b69cdcd83f4ea511fa97da4112c83eab436b1ba941465ac206a8f48c18a2253d7b314e3c8a19d42e254d1e0795cf6b0007aa81034d29f4d7e4a0a596105ecd139fa18c88e1f953dd4b454a2096e14ae8733e33ea8697b268c07fec15234b2cfb5678cf4345cd00c9959a0520ff45ae7b7411cdc067a1069907f3780b15b56c96fc505ec6c6975327c348ca0a23c1deb1f5890fc25bec8424949bdf23c314e08de883891d6753e77052bca2959911d378173a45b1b2ccce8a036b585716da11fb9cdb135460f8acb3179ed30ef1eca1927fa0b8458f66755ecc5d7bb9d706e3b2d0c01dca23ec8ba696baf132199b20aa8897938214f81ec8a549ca3c3edf70f8cf3e9900074007b1c184fc4aa30abce4f7a4bcf083520710970f2b7b4f2c0ad008b7aeff389831c1970fd317097666e9a90467425c96fad04457580677218441b71125bdba5846d570348eb1bd6effc3870cd9c3f9c9bc96d3444211ddc7aae06f796df2a78d7a670c2072a5d2b212aef737dc6df423f50dea398c7bf146b2db22e42b723bbef4cc8d457d72eaccd6daa67f43054803cc44781319cfd4df5c14e5ada1acde4876bc8d797b95067e4627ab353086c57395e5c446a8add31887af4aeb9f22e65d8d565a90d57933fa09273f500697a58149273dcdbb2c20fb542fa3fde3be0498954d030d819bc1a2de9180b68f6cc7dacd6aa704c9809eb63b38eef066f9776483f65a92729b4277baeffc3c8ef0ab6111e2049da0fad2f0b2b7771837220b8fc0e2457516db794bccb8cb34d799f096964fd04bce91350f348207813a6f51640bc0d8b9c4f95892c296ef68961ab90e809a51a1eef2cb4365b66063d50902aeeba73ead9564da1c62fe5b8b12bf49024f710ff0bc9b5807ff9dd045746677c8522a4b0841224b6c56ba75a3f768ac3096e97d22db9dc1b7d0668c32f834feabd10789b233b0b11fc7cf531998383490b1372c798e9ee02379aca07a887653c64d3b8fd96797e371940bc108abf6c3ecf69549d2abeb2ea09105778e26cd3f08b90c7007c7eeedffad59b8b3c04faa88cd39d8e23154b0b230c71519d3e6b0af4b1017499a6292723e426334b229b635fe8761a2e99965646357cb1f80eff948142970d7aca2e7748322583f5dc68880de9d4fc13eedd26cfe9d78e90efb868c3d2d0ac18dd82c55b9bd299b035f67603cb11a92f603c8c98b81c588789d5ab0b0421f4dec920d88386d5b2d64586b19bf72b65a28d480d4ec7ba5fa7a4b577ac3e670e307b601bef1a8924787c0fd72989671a30ec843cfbe0ddbab61b1c0e316071e0bd488fcc17b677355f6f1feab32a44bcbc411786c002738c11c4fb5af07bd679f1f6150f2d270d48cd87caa58d437651c4568dea65cb6ffec7ae7b5c8b973dac75586b7f57b3774ca836ed0fb4d212f89c79cce4a1493076a509e9811355aa3447747d2f6d9dbfc4590996a56951f66bfe76d7b2a11893e02579887338c4928372c1d837e9b92a7c1b73671427f51f73c03cd9e3ba437204bed525f2ddde1aac15cf090b10e7f540845c6d643e6d421c4421c9e578e98bd80847ac3eb6687438d2e388b83a987be5479140e7ca2c4dfc038bf82b03faf75924f7fe82bfbf4f7cd25a2105d8db7b07d847ad1edca94323f744cc54640f929dcb6e93509336150469c575b16669d6671b61ab0418d67a90d0eafdc6287ebcb486ef990da526151d1309e2deb5a5ba25b705552052017ae242a77694080b2c648e35044fc731f3fa63e90c52550c26af75517285ca22696b655274e986c076a6cff721ab202c6d3634a88bc860967bc9fa2853f595851c421e3677b4c938a5684cbf45fb78214e8ce47dadf1f25e281ea092b857dd8d61bc4224ace14741320ce9ee63f2a5eef59cf1af1cd4b856ceae09b87eb2c67b6c3dc160da2c178138927eef6762163fe1dcc26e49edca9e1dd6fba3ab0b262d83a2d26939ceedb64974f34726c22a6139c7c63103415e287ded358d7f0b6c93bc626baf81f0efb0690bf790af70f1ac565b01790927ef36a942d3c1e4961ba5e04465a5520e6982c25df1f10db7093aca5959f0c2804cfd3093fa0ca03405d08cb8aa5c1731a6700462c96c7d015fb90fab5da3c366af9230a4e19e0c2dd92f4c24e7e825083332c6dcca9160a3e53c0227b4f41e8b9ffdf5d515efe2d4d665e92a774b2e4bcad4228c8ef58343706cff0e393345a4dcd78073ef1664d23eef7313e3726713bc625cf0cc1bee43ee1a39d615ada40495be8ddb43d6fe18c5b7e79216bd93bd1ee8cd74b8f23a910770b0b4b13e9048cad746929c1594d0b30cabe0529a20eb055e7f42508317e3cfb9b0f564aaa02288173265e75b5b4eb749d4fa04a015be84d02c3cc25b805cea8640d13275ba91d8e5f0ed6865f4eede33c99b7dcb5f81117a0fb18a7fff9bfe90deb327ed5d8da6e56809ef31d8d7e35736cee5521cc57b4356558af88f60f4554d5e12cc61f00c2177ddaa778a5aaba2dd07ef29f72775412ffb1374eea064ee33b5ea5c998b720999e23e7596797960ccd212b1ba46095cb17cc5affd87fbeb82fc345a2ae3f185f9da92e316d545eb4e42b5afc84eb0083c0ea8f4652c0432ead6fcf0c5bd1fe311d2423ea1b96658869f2889962ac40b655dd364811e4433ed1b3ba185f35499b2c79c0be7d01724b3ceea29f35a80703f9352e2100df201998f5d008b13492e7c1fd408dbf4713175f319118ce763ba241c534b4e003cade6c6a92075ce14537e36f5410d46d856c401320ca2d21211786fddcfc70a2ebf108c09c6b92a202e510b55358a26c88232b01d61bc4b43f0595b5015f302391d1ffd00e8937aeef9308ce30904fbf3b0b7b90e93bd51a1762d6f6d59e87b0701fddf80f951e75e1e8403bcf80a09454533995b3c6a030e34678bd34c2da0b344ba25c3d43207443aefab8866e3025887a42d584b8bd053f5e8c34610e5758f5497ace6781677e0e0ad1dadb5213f5b5156d1bf21f8f8efe6c0dc64a2e286f568803a9447143527bae17b4db53957832e5d646769ed50c8772641bd204f583c1732ed0230cdd03201e32fa9b7b54ffc65147c02c5134875a61f493bc34cca0fab088aa0bd1521a6f19568f2526314b7243ffc833cde93b6e2c7372830d315b7880b7640c3556da959a4148572a07b17d9a062272ab2bf88a070a18e6c195ae07977975bbd844462765541b7ac63ab4c0e17239e16a7174b1b36f3e76366ee813482e92ec9259536926495d56248c6afd09d7babe07a62626dd00e82bc93099a24f85b86b9c911e8763d56bcac2410f8e9139f77df9aae4b9b9079a318c6d858a6e6b7f9ba3c98f1cbd2923bd16b90", 0x1000) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 124.817820][ T8730] FAT-fs (loop3): bogus number of reserved sectors [ 124.824376][ T8730] FAT-fs (loop3): Can't find a valid FAT filesystem [ 124.853079][ T8739] loop5: detected capacity change from 0 to 16 [ 124.860501][ T8740] loop2: detected capacity change from 0 to 16 08:50:13 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x16, &(0x7f0000000280)="5f579ed79400a9c94fd8af556f2cb0453f46823f62428604e722ea22e3d2adb04cd5e1ac63bc76c984c9ae0036529ee534505051a0c1d70bcbe616385fd4a0e1e3953d2afcb5da8bef8f2dff4591ed13471d61ccba1997686490be5a9e8d5fd701e7cf1360ff0ddeb54b63cd83ef47dfee396e16da79fdb6bd7d51accf5517c4fad6ad29b6736ff820e6f1c96c10c0cc9484ac4f217468bb00db28e231029100c67d3e9443df9262a4e30862f9ac31ebde4664baab5c7b95f677eecfa9269442f2b05b1d74ffb705f71089bd934aa275b54c277db5d0b7e0c8f5c305ccdc60d8f88dac0b8eb57ee141d08d7a90bd145a9396248cc1f6ea6c6c0bc1327fd77934ea5ef93bbec3a49ef8eb87f3160c436b2b5e0b4581c9f0851123a3632e19cde75f16ba683172139eda87314518bf5f577bd1a579c183e26b4a1f12ee0b1c5cba97f1e69348a53afa56e93cc0dad5da9363a6e06d3109c4a4a54a5cbfc3d460d837ab1e38ac4cf71711dcf57f9cb0ce01dfc74c370ea40c2524ba930563f602cf603702a95083db3d762219c6a0e63533ca3fe1e8df336c43649d7e1e55ac5263627f8c0557024b6df89ffe6f07162f6dbcb3cf12071922e15fda068943909ebd158fed261beded5d03e3a271899ecafd74b5932918f336926ab4e801cd17b0bdc4c5ba9258f3471cb9292b00fb87d427c225ce941b6f47e656d12951fcbb04a85e9b913322be649e26ac1ca63816796bf149e88eaa48b8a034c93075467b20e317fcc0a1c20f6cb6288005b50f155217037c7750df484b0e393350978d78e8518402bfea892e455d1380a4a3418d336bac19cc839167736ead4e15af72b0103aea017d756edbd3147c55a0ccec74199f1eb9eb817a3351df39fbffd85149601ad7c074aff3856e90eed3bbca5702db3620b089a36b278ea7238d5a799b41c818c90869de9db9be5cd2919cc4b043bf9a80c34b461eef6ab0feb7fa9dfc67ee30548bc7301115f8d82dc2a88a798a708df684a5c7a018a4abda559072c6a163c4d321df4a9d88ec57785b7e54118ee445427015db07c1ae47f7e10b5d038d889ba401ba1273add2ebca5f3422fd2da6e3efc3563d8f9e545b16147cc6cccc586b1c4d665d8e624db0b1be87c4bfe8f1d6303e7975727aef35aceb85d2916fee4ba5af8705065e2a8ddec6ade155a1d27ce8a98f80e1739bb268d4b3247bbac21ecaa5558b4635056b5935422bbcb51b3b98f647ff3e5f61e43720b8cee5b95b78b6d9211cf38ed12b676b411797b1a1dbeb7d3a3633d6f1b8af01c2c6e6b4bc73280743d148a621e5915f4e344f75d42bbfaa769be8625e64a72f516098101bf7459ffbf89316067b8df337964dca69cdf8a1c2d6d51e3a1c92c0c80b807b5ad0c5f92df54b7b551acdf41c3058fbd52d03b50abe7e0acb50f4f77ad30164f146c4ce766cde532ea7e7f650137332fa444f7414c22c968f32c6d0e977b39ceabb72dcea722a7dfb583fb885066496cacc20af767f50c5f4b86499c054db70a6b59bead1d269b997a85fd7eb81596696b0717443a3754d45815f0718a99c594a311879ddb23e4611c15f857aeb3af425b367b23300d3ffd63a3589aa89a7dd9933375897090eab1589653dd5c7e437d15ef42e2901653f9d0b5eb802ce90800326deaa68c3647933043954a403531a1f698df58bd439bb14cf34a60fc1e55fafbf2d3c1fe476bb76dbb948fb3dd4b1b03ab03120762be4f540778ccb89e0aee5418e6c51b65c43ae29f04d8b200d5cb27a804e9c981dda2278a8276db77121139f366d94a7783d669ee190bb2b16c1fe72091014945b48042c5fe1944d7b62634fd016a526d7246ebcf56e5b6201232ae13f18a48a8ace28d6add02a4ca7c85b9eee00fa13073c1c6c13e3eed2e2bfb5e826b1c6d99318018e896b35ee0ee2013bb22b86b75148390fe0932a15d6433d39f56eb66c5093a227d6db4c46b893604100ce0fc16221af87f9bc4e6a7198b3ca71b1ce0984fee1c174ea106736d283760e7c332f5f90cd7bd20b99587062fcebcf6e2b4936002b9cd9ec781fbd1539ea0ee280d20a3f276d0576d2cb77009b47b5743c5e43d8a0aefb7216e0f72f2a6713d24e1405fd105cabb8a3633b828ad0bec8a2858d4dfb5e2bb21472d5cacfdb81c420e53e3fc0b3d8f65cbc2c464dd349ac087c09d6a10ece32f0533c32b844110508a8ab62c491209678e117e4305bf193ed7a441241007dbd7adcde5bf4efda6d0def06e0e9f6cac90183477cf55e54f8be781ed28c10638eb6f036d40679b69c1da42cc2bfe885da7fa921092651b0c6eeb34de07a00e0ca0adeb2c1feb015dfe0e0ea4bebe1e05be2b1dd836081f1774d608757d91421b91029db174e4fb5428437c31ba64099606b69cdcd83f4ea511fa97da4112c83eab436b1ba941465ac206a8f48c18a2253d7b314e3c8a19d42e254d1e0795cf6b0007aa81034d29f4d7e4a0a596105ecd139fa18c88e1f953dd4b454a2096e14ae8733e33ea8697b268c07fec15234b2cfb5678cf4345cd00c9959a0520ff45ae7b7411cdc067a1069907f3780b15b56c96fc505ec6c6975327c348ca0a23c1deb1f5890fc25bec8424949bdf23c314e08de883891d6753e77052bca2959911d378173a45b1b2ccce8a036b585716da11fb9cdb135460f8acb3179ed30ef1eca1927fa0b8458f66755ecc5d7bb9d706e3b2d0c01dca23ec8ba696baf132199b20aa8897938214f81ec8a549ca3c3edf70f8cf3e9900074007b1c184fc4aa30abce4f7a4bcf083520710970f2b7b4f2c0ad008b7aeff389831c1970fd317097666e9a90467425c96fad04457580677218441b71125bdba5846d570348eb1bd6effc3870cd9c3f9c9bc96d3444211ddc7aae06f796df2a78d7a670c2072a5d2b212aef737dc6df423f50dea398c7bf146b2db22e42b723bbef4cc8d457d72eaccd6daa67f43054803cc44781319cfd4df5c14e5ada1acde4876bc8d797b95067e4627ab353086c57395e5c446a8add31887af4aeb9f22e65d8d565a90d57933fa09273f500697a58149273dcdbb2c20fb542fa3fde3be0498954d030d819bc1a2de9180b68f6cc7dacd6aa704c9809eb63b38eef066f9776483f65a92729b4277baeffc3c8ef0ab6111e2049da0fad2f0b2b7771837220b8fc0e2457516db794bccb8cb34d799f096964fd04bce91350f348207813a6f51640bc0d8b9c4f95892c296ef68961ab90e809a51a1eef2cb4365b66063d50902aeeba73ead9564da1c62fe5b8b12bf49024f710ff0bc9b5807ff9dd045746677c8522a4b0841224b6c56ba75a3f768ac3096e97d22db9dc1b7d0668c32f834feabd10789b233b0b11fc7cf531998383490b1372c798e9ee02379aca07a887653c64d3b8fd96797e371940bc108abf6c3ecf69549d2abeb2ea09105778e26cd3f08b90c7007c7eeedffad59b8b3c04faa88cd39d8e23154b0b230c71519d3e6b0af4b1017499a6292723e426334b229b635fe8761a2e99965646357cb1f80eff948142970d7aca2e7748322583f5dc68880de9d4fc13eedd26cfe9d78e90efb868c3d2d0ac18dd82c55b9bd299b035f67603cb11a92f603c8c98b81c588789d5ab0b0421f4dec920d88386d5b2d64586b19bf72b65a28d480d4ec7ba5fa7a4b577ac3e670e307b601bef1a8924787c0fd72989671a30ec843cfbe0ddbab61b1c0e316071e0bd488fcc17b677355f6f1feab32a44bcbc411786c002738c11c4fb5af07bd679f1f6150f2d270d48cd87caa58d437651c4568dea65cb6ffec7ae7b5c8b973dac75586b7f57b3774ca836ed0fb4d212f89c79cce4a1493076a509e9811355aa3447747d2f6d9dbfc4590996a56951f66bfe76d7b2a11893e02579887338c4928372c1d837e9b92a7c1b73671427f51f73c03cd9e3ba437204bed525f2ddde1aac15cf090b10e7f540845c6d643e6d421c4421c9e578e98bd80847ac3eb6687438d2e388b83a987be5479140e7ca2c4dfc038bf82b03faf75924f7fe82bfbf4f7cd25a2105d8db7b07d847ad1edca94323f744cc54640f929dcb6e93509336150469c575b16669d6671b61ab0418d67a90d0eafdc6287ebcb486ef990da526151d1309e2deb5a5ba25b705552052017ae242a77694080b2c648e35044fc731f3fa63e90c52550c26af75517285ca22696b655274e986c076a6cff721ab202c6d3634a88bc860967bc9fa2853f595851c421e3677b4c938a5684cbf45fb78214e8ce47dadf1f25e281ea092b857dd8d61bc4224ace14741320ce9ee63f2a5eef59cf1af1cd4b856ceae09b87eb2c67b6c3dc160da2c178138927eef6762163fe1dcc26e49edca9e1dd6fba3ab0b262d83a2d26939ceedb64974f34726c22a6139c7c63103415e287ded358d7f0b6c93bc626baf81f0efb0690bf790af70f1ac565b01790927ef36a942d3c1e4961ba5e04465a5520e6982c25df1f10db7093aca5959f0c2804cfd3093fa0ca03405d08cb8aa5c1731a6700462c96c7d015fb90fab5da3c366af9230a4e19e0c2dd92f4c24e7e825083332c6dcca9160a3e53c0227b4f41e8b9ffdf5d515efe2d4d665e92a774b2e4bcad4228c8ef58343706cff0e393345a4dcd78073ef1664d23eef7313e3726713bc625cf0cc1bee43ee1a39d615ada40495be8ddb43d6fe18c5b7e79216bd93bd1ee8cd74b8f23a910770b0b4b13e9048cad746929c1594d0b30cabe0529a20eb055e7f42508317e3cfb9b0f564aaa02288173265e75b5b4eb749d4fa04a015be84d02c3cc25b805cea8640d13275ba91d8e5f0ed6865f4eede33c99b7dcb5f81117a0fb18a7fff9bfe90deb327ed5d8da6e56809ef31d8d7e35736cee5521cc57b4356558af88f60f4554d5e12cc61f00c2177ddaa778a5aaba2dd07ef29f72775412ffb1374eea064ee33b5ea5c998b720999e23e7596797960ccd212b1ba46095cb17cc5affd87fbeb82fc345a2ae3f185f9da92e316d545eb4e42b5afc84eb0083c0ea8f4652c0432ead6fcf0c5bd1fe311d2423ea1b96658869f2889962ac40b655dd364811e4433ed1b3ba185f35499b2c79c0be7d01724b3ceea29f35a80703f9352e2100df201998f5d008b13492e7c1fd408dbf4713175f319118ce763ba241c534b4e003cade6c6a92075ce14537e36f5410d46d856c401320ca2d21211786fddcfc70a2ebf108c09c6b92a202e510b55358a26c88232b01d61bc4b43f0595b5015f302391d1ffd00e8937aeef9308ce30904fbf3b0b7b90e93bd51a1762d6f6d59e87b0701fddf80f951e75e1e8403bcf80a09454533995b3c6a030e34678bd34c2da0b344ba25c3d43207443aefab8866e3025887a42d584b8bd053f5e8c34610e5758f5497ace6781677e0e0ad1dadb5213f5b5156d1bf21f8f8efe6c0dc64a2e286f568803a9447143527bae17b4db53957832e5d646769ed50c8772641bd204f583c1732ed0230cdd03201e32fa9b7b54ffc65147c02c5134875a61f493bc34cca0fab088aa0bd1521a6f19568f2526314b7243ffc833cde93b6e2c7372830d315b7880b7640c3556da959a4148572a07b17d9a062272ab2bf88a070a18e6c195ae07977975bbd844462765541b7ac63ab4c0e17239e16a7174b1b36f3e76366ee813482e92ec9259536926495d56248c6afd09d7babe07a62626dd00e82bc93099a24f85b86b9c911e8763d56bcac2410f8e9139f77df9aae4b9b9079a318c6d858a6e6b7f9ba3c98f1cbd2923bd16b90", 0x1000) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 124.875112][ T8739] FAT-fs (loop5): bogus number of reserved sectors [ 124.880006][ T8744] loop4: detected capacity change from 0 to 16 [ 124.881657][ T8739] FAT-fs (loop5): Can't find a valid FAT filesystem [ 124.894546][ T8740] FAT-fs (loop2): bogus number of reserved sectors [ 124.901208][ T8740] FAT-fs (loop2): Can't find a valid FAT filesystem 08:50:14 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c0000006800"], 0x1c}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8) splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x0) 08:50:14 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:50:14 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:50:14 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x16, &(0x7f0000000280)="5f579ed79400a9c94fd8af556f2cb0453f46823f62428604e722ea22e3d2adb04cd5e1ac63bc76c984c9ae0036529ee534505051a0c1d70bcbe616385fd4a0e1e3953d2afcb5da8bef8f2dff4591ed13471d61ccba1997686490be5a9e8d5fd701e7cf1360ff0ddeb54b63cd83ef47dfee396e16da79fdb6bd7d51accf5517c4fad6ad29b6736ff820e6f1c96c10c0cc9484ac4f217468bb00db28e231029100c67d3e9443df9262a4e30862f9ac31ebde4664baab5c7b95f677eecfa9269442f2b05b1d74ffb705f71089bd934aa275b54c277db5d0b7e0c8f5c305ccdc60d8f88dac0b8eb57ee141d08d7a90bd145a9396248cc1f6ea6c6c0bc1327fd77934ea5ef93bbec3a49ef8eb87f3160c436b2b5e0b4581c9f0851123a3632e19cde75f16ba683172139eda87314518bf5f577bd1a579c183e26b4a1f12ee0b1c5cba97f1e69348a53afa56e93cc0dad5da9363a6e06d3109c4a4a54a5cbfc3d460d837ab1e38ac4cf71711dcf57f9cb0ce01dfc74c370ea40c2524ba930563f602cf603702a95083db3d762219c6a0e63533ca3fe1e8df336c43649d7e1e55ac5263627f8c0557024b6df89ffe6f07162f6dbcb3cf12071922e15fda068943909ebd158fed261beded5d03e3a271899ecafd74b5932918f336926ab4e801cd17b0bdc4c5ba9258f3471cb9292b00fb87d427c225ce941b6f47e656d12951fcbb04a85e9b913322be649e26ac1ca63816796bf149e88eaa48b8a034c93075467b20e317fcc0a1c20f6cb6288005b50f155217037c7750df484b0e393350978d78e8518402bfea892e455d1380a4a3418d336bac19cc839167736ead4e15af72b0103aea017d756edbd3147c55a0ccec74199f1eb9eb817a3351df39fbffd85149601ad7c074aff3856e90eed3bbca5702db3620b089a36b278ea7238d5a799b41c818c90869de9db9be5cd2919cc4b043bf9a80c34b461eef6ab0feb7fa9dfc67ee30548bc7301115f8d82dc2a88a798a708df684a5c7a018a4abda559072c6a163c4d321df4a9d88ec57785b7e54118ee445427015db07c1ae47f7e10b5d038d889ba401ba1273add2ebca5f3422fd2da6e3efc3563d8f9e545b16147cc6cccc586b1c4d665d8e624db0b1be87c4bfe8f1d6303e7975727aef35aceb85d2916fee4ba5af8705065e2a8ddec6ade155a1d27ce8a98f80e1739bb268d4b3247bbac21ecaa5558b4635056b5935422bbcb51b3b98f647ff3e5f61e43720b8cee5b95b78b6d9211cf38ed12b676b411797b1a1dbeb7d3a3633d6f1b8af01c2c6e6b4bc73280743d148a621e5915f4e344f75d42bbfaa769be8625e64a72f516098101bf7459ffbf89316067b8df337964dca69cdf8a1c2d6d51e3a1c92c0c80b807b5ad0c5f92df54b7b551acdf41c3058fbd52d03b50abe7e0acb50f4f77ad30164f146c4ce766cde532ea7e7f650137332fa444f7414c22c968f32c6d0e977b39ceabb72dcea722a7dfb583fb885066496cacc20af767f50c5f4b86499c054db70a6b59bead1d269b997a85fd7eb81596696b0717443a3754d45815f0718a99c594a311879ddb23e4611c15f857aeb3af425b367b23300d3ffd63a3589aa89a7dd9933375897090eab1589653dd5c7e437d15ef42e2901653f9d0b5eb802ce90800326deaa68c3647933043954a403531a1f698df58bd439bb14cf34a60fc1e55fafbf2d3c1fe476bb76dbb948fb3dd4b1b03ab03120762be4f540778ccb89e0aee5418e6c51b65c43ae29f04d8b200d5cb27a804e9c981dda2278a8276db77121139f366d94a7783d669ee190bb2b16c1fe72091014945b48042c5fe1944d7b62634fd016a526d7246ebcf56e5b6201232ae13f18a48a8ace28d6add02a4ca7c85b9eee00fa13073c1c6c13e3eed2e2bfb5e826b1c6d99318018e896b35ee0ee2013bb22b86b75148390fe0932a15d6433d39f56eb66c5093a227d6db4c46b893604100ce0fc16221af87f9bc4e6a7198b3ca71b1ce0984fee1c174ea106736d283760e7c332f5f90cd7bd20b99587062fcebcf6e2b4936002b9cd9ec781fbd1539ea0ee280d20a3f276d0576d2cb77009b47b5743c5e43d8a0aefb7216e0f72f2a6713d24e1405fd105cabb8a3633b828ad0bec8a2858d4dfb5e2bb21472d5cacfdb81c420e53e3fc0b3d8f65cbc2c464dd349ac087c09d6a10ece32f0533c32b844110508a8ab62c491209678e117e4305bf193ed7a441241007dbd7adcde5bf4efda6d0def06e0e9f6cac90183477cf55e54f8be781ed28c10638eb6f036d40679b69c1da42cc2bfe885da7fa921092651b0c6eeb34de07a00e0ca0adeb2c1feb015dfe0e0ea4bebe1e05be2b1dd836081f1774d608757d91421b91029db174e4fb5428437c31ba64099606b69cdcd83f4ea511fa97da4112c83eab436b1ba941465ac206a8f48c18a2253d7b314e3c8a19d42e254d1e0795cf6b0007aa81034d29f4d7e4a0a596105ecd139fa18c88e1f953dd4b454a2096e14ae8733e33ea8697b268c07fec15234b2cfb5678cf4345cd00c9959a0520ff45ae7b7411cdc067a1069907f3780b15b56c96fc505ec6c6975327c348ca0a23c1deb1f5890fc25bec8424949bdf23c314e08de883891d6753e77052bca2959911d378173a45b1b2ccce8a036b585716da11fb9cdb135460f8acb3179ed30ef1eca1927fa0b8458f66755ecc5d7bb9d706e3b2d0c01dca23ec8ba696baf132199b20aa8897938214f81ec8a549ca3c3edf70f8cf3e9900074007b1c184fc4aa30abce4f7a4bcf083520710970f2b7b4f2c0ad008b7aeff389831c1970fd317097666e9a90467425c96fad04457580677218441b71125bdba5846d570348eb1bd6effc3870cd9c3f9c9bc96d3444211ddc7aae06f796df2a78d7a670c2072a5d2b212aef737dc6df423f50dea398c7bf146b2db22e42b723bbef4cc8d457d72eaccd6daa67f43054803cc44781319cfd4df5c14e5ada1acde4876bc8d797b95067e4627ab353086c57395e5c446a8add31887af4aeb9f22e65d8d565a90d57933fa09273f500697a58149273dcdbb2c20fb542fa3fde3be0498954d030d819bc1a2de9180b68f6cc7dacd6aa704c9809eb63b38eef066f9776483f65a92729b4277baeffc3c8ef0ab6111e2049da0fad2f0b2b7771837220b8fc0e2457516db794bccb8cb34d799f096964fd04bce91350f348207813a6f51640bc0d8b9c4f95892c296ef68961ab90e809a51a1eef2cb4365b66063d50902aeeba73ead9564da1c62fe5b8b12bf49024f710ff0bc9b5807ff9dd045746677c8522a4b0841224b6c56ba75a3f768ac3096e97d22db9dc1b7d0668c32f834feabd10789b233b0b11fc7cf531998383490b1372c798e9ee02379aca07a887653c64d3b8fd96797e371940bc108abf6c3ecf69549d2abeb2ea09105778e26cd3f08b90c7007c7eeedffad59b8b3c04faa88cd39d8e23154b0b230c71519d3e6b0af4b1017499a6292723e426334b229b635fe8761a2e99965646357cb1f80eff948142970d7aca2e7748322583f5dc68880de9d4fc13eedd26cfe9d78e90efb868c3d2d0ac18dd82c55b9bd299b035f67603cb11a92f603c8c98b81c588789d5ab0b0421f4dec920d88386d5b2d64586b19bf72b65a28d480d4ec7ba5fa7a4b577ac3e670e307b601bef1a8924787c0fd72989671a30ec843cfbe0ddbab61b1c0e316071e0bd488fcc17b677355f6f1feab32a44bcbc411786c002738c11c4fb5af07bd679f1f6150f2d270d48cd87caa58d437651c4568dea65cb6ffec7ae7b5c8b973dac75586b7f57b3774ca836ed0fb4d212f89c79cce4a1493076a509e9811355aa3447747d2f6d9dbfc4590996a56951f66bfe76d7b2a11893e02579887338c4928372c1d837e9b92a7c1b73671427f51f73c03cd9e3ba437204bed525f2ddde1aac15cf090b10e7f540845c6d643e6d421c4421c9e578e98bd80847ac3eb6687438d2e388b83a987be5479140e7ca2c4dfc038bf82b03faf75924f7fe82bfbf4f7cd25a2105d8db7b07d847ad1edca94323f744cc54640f929dcb6e93509336150469c575b16669d6671b61ab0418d67a90d0eafdc6287ebcb486ef990da526151d1309e2deb5a5ba25b705552052017ae242a77694080b2c648e35044fc731f3fa63e90c52550c26af75517285ca22696b655274e986c076a6cff721ab202c6d3634a88bc860967bc9fa2853f595851c421e3677b4c938a5684cbf45fb78214e8ce47dadf1f25e281ea092b857dd8d61bc4224ace14741320ce9ee63f2a5eef59cf1af1cd4b856ceae09b87eb2c67b6c3dc160da2c178138927eef6762163fe1dcc26e49edca9e1dd6fba3ab0b262d83a2d26939ceedb64974f34726c22a6139c7c63103415e287ded358d7f0b6c93bc626baf81f0efb0690bf790af70f1ac565b01790927ef36a942d3c1e4961ba5e04465a5520e6982c25df1f10db7093aca5959f0c2804cfd3093fa0ca03405d08cb8aa5c1731a6700462c96c7d015fb90fab5da3c366af9230a4e19e0c2dd92f4c24e7e825083332c6dcca9160a3e53c0227b4f41e8b9ffdf5d515efe2d4d665e92a774b2e4bcad4228c8ef58343706cff0e393345a4dcd78073ef1664d23eef7313e3726713bc625cf0cc1bee43ee1a39d615ada40495be8ddb43d6fe18c5b7e79216bd93bd1ee8cd74b8f23a910770b0b4b13e9048cad746929c1594d0b30cabe0529a20eb055e7f42508317e3cfb9b0f564aaa02288173265e75b5b4eb749d4fa04a015be84d02c3cc25b805cea8640d13275ba91d8e5f0ed6865f4eede33c99b7dcb5f81117a0fb18a7fff9bfe90deb327ed5d8da6e56809ef31d8d7e35736cee5521cc57b4356558af88f60f4554d5e12cc61f00c2177ddaa778a5aaba2dd07ef29f72775412ffb1374eea064ee33b5ea5c998b720999e23e7596797960ccd212b1ba46095cb17cc5affd87fbeb82fc345a2ae3f185f9da92e316d545eb4e42b5afc84eb0083c0ea8f4652c0432ead6fcf0c5bd1fe311d2423ea1b96658869f2889962ac40b655dd364811e4433ed1b3ba185f35499b2c79c0be7d01724b3ceea29f35a80703f9352e2100df201998f5d008b13492e7c1fd408dbf4713175f319118ce763ba241c534b4e003cade6c6a92075ce14537e36f5410d46d856c401320ca2d21211786fddcfc70a2ebf108c09c6b92a202e510b55358a26c88232b01d61bc4b43f0595b5015f302391d1ffd00e8937aeef9308ce30904fbf3b0b7b90e93bd51a1762d6f6d59e87b0701fddf80f951e75e1e8403bcf80a09454533995b3c6a030e34678bd34c2da0b344ba25c3d43207443aefab8866e3025887a42d584b8bd053f5e8c34610e5758f5497ace6781677e0e0ad1dadb5213f5b5156d1bf21f8f8efe6c0dc64a2e286f568803a9447143527bae17b4db53957832e5d646769ed50c8772641bd204f583c1732ed0230cdd03201e32fa9b7b54ffc65147c02c5134875a61f493bc34cca0fab088aa0bd1521a6f19568f2526314b7243ffc833cde93b6e2c7372830d315b7880b7640c3556da959a4148572a07b17d9a062272ab2bf88a070a18e6c195ae07977975bbd844462765541b7ac63ab4c0e17239e16a7174b1b36f3e76366ee813482e92ec9259536926495d56248c6afd09d7babe07a62626dd00e82bc93099a24f85b86b9c911e8763d56bcac2410f8e9139f77df9aae4b9b9079a318c6d858a6e6b7f9ba3c98f1cbd2923bd16b90", 0x1000) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:14 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{0x0}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:14 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) [ 125.529679][ T8773] loop4: detected capacity change from 0 to 16 [ 125.544460][ T8775] loop5: detected capacity change from 0 to 16 [ 125.547609][ T8774] FAT-fs (loop3): bogus number of reserved sectors [ 125.557157][ T8774] FAT-fs (loop3): Can't find a valid FAT filesystem [ 125.565753][ T8782] loop2: detected capacity change from 0 to 16 08:50:14 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000), 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:50:14 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, &(0x7f0000000280)="5f579ed79400a9c94fd8af556f2cb0453f46823f62428604e722ea22e3d2adb04cd5e1ac63bc76c984c9ae0036529ee534505051a0c1d70bcbe616385fd4a0e1e3953d2afcb5da8bef8f2dff4591ed13471d61ccba1997686490be5a9e8d5fd701e7cf1360ff0ddeb54b63cd83ef47dfee396e16da79fdb6bd7d51accf5517c4fad6ad29b6736ff820e6f1c96c10c0cc9484ac4f217468bb00db28e231029100c67d3e9443df9262a4e30862f9ac31ebde4664baab5c7b95f677eecfa9269442f2b05b1d74ffb705f71089bd934aa275b54c277db5d0b7e0c8f5c305ccdc60d8f88dac0b8eb57ee141d08d7a90bd145a9396248cc1f6ea6c6c0bc1327fd77934ea5ef93bbec3a49ef8eb87f3160c436b2b5e0b4581c9f0851123a3632e19cde75f16ba683172139eda87314518bf5f577bd1a579c183e26b4a1f12ee0b1c5cba97f1e69348a53afa56e93cc0dad5da9363a6e06d3109c4a4a54a5cbfc3d460d837ab1e38ac4cf71711dcf57f9cb0ce01dfc74c370ea40c2524ba930563f602cf603702a95083db3d762219c6a0e63533ca3fe1e8df336c43649d7e1e55ac5263627f8c0557024b6df89ffe6f07162f6dbcb3cf12071922e15fda068943909ebd158fed261beded5d03e3a271899ecafd74b5932918f336926ab4e801cd17b0bdc4c5ba9258f3471cb9292b00fb87d427c225ce941b6f47e656d12951fcbb04a85e9b913322be649e26ac1ca63816796bf149e88eaa48b8a034c93075467b20e317fcc0a1c20f6cb6288005b50f155217037c7750df484b0e393350978d78e8518402bfea892e455d1380a4a3418d336bac19cc839167736ead4e15af72b0103aea017d756edbd3147c55a0ccec74199f1eb9eb817a3351df39fbffd85149601ad7c074aff3856e90eed3bbca5702db3620b089a36b278ea7238d5a799b41c818c90869de9db9be5cd2919cc4b043bf9a80c34b461eef6ab0feb7fa9dfc67ee30548bc7301115f8d82dc2a88a798a708df684a5c7a018a4abda559072c6a163c4d321df4a9d88ec57785b7e54118ee445427015db07c1ae47f7e10b5d038d889ba401ba1273add2ebca5f3422fd2da6e3efc3563d8f9e545b16147cc6cccc586b1c4d665d8e624db0b1be87c4bfe8f1d6303e7975727aef35aceb85d2916fee4ba5af8705065e2a8ddec6ade155a1d27ce8a98f80e1739bb268d4b3247bbac21ecaa5558b4635056b5935422bbcb51b3b98f647ff3e5f61e43720b8cee5b95b78b6d9211cf38ed12b676b411797b1a1dbeb7d3a3633d6f1b8af01c2c6e6b4bc73280743d148a621e5915f4e344f75d42bbfaa769be8625e64a72f516098101bf7459ffbf89316067b8df337964dca69cdf8a1c2d6d51e3a1c92c0c80b807b5ad0c5f92df54b7b551acdf41c3058fbd52d03b50abe7e0acb50f4f77ad30164f146c4ce766cde532ea7e7f650137332fa444f7414c22c968f32c6d0e977b39ceabb72dcea722a7dfb583fb885066496cacc20af767f50c5f4b86499c054db70a6b59bead1d269b997a85fd7eb81596696b0717443a3754d45815f0718a99c594a311879ddb23e4611c15f857aeb3af425b367b23300d3ffd63a3589aa89a7dd9933375897090eab1589653dd5c7e437d15ef42e2901653f9d0b5eb802ce90800326deaa68c3647933043954a403531a1f698df58bd439bb14cf34a60fc1e55fafbf2d3c1fe476bb76dbb948fb3dd4b1b03ab03120762be4f540778ccb89e0aee5418e6c51b65c43ae29f04d8b200d5cb27a804e9c981dda2278a8276db77121139f366d94a7783d669ee190bb2b16c1fe72091014945b48042c5fe1944d7b62634fd016a526d7246ebcf56e5b6201232ae13f18a48a8ace28d6add02a4ca7c85b9eee00fa13073c1c6c13e3eed2e2bfb5e826b1c6d99318018e896b35ee0ee2013bb22b86b75148390fe0932a15d6433d39f56eb66c5093a227d6db4c46b893604100ce0fc16221af87f9bc4e6a7198b3ca71b1ce0984fee1c174ea106736d283760e7c332f5f90cd7bd20b99587062fcebcf6e2b4936002b9cd9ec781fbd1539ea0ee280d20a3f276d0576d2cb77009b47b5743c5e43d8a0aefb7216e0f72f2a6713d24e1405fd105cabb8a3633b828ad0bec8a2858d4dfb5e2bb21472d5cacfdb81c420e53e3fc0b3d8f65cbc2c464dd349ac087c09d6a10ece32f0533c32b844110508a8ab62c491209678e117e4305bf193ed7a441241007dbd7adcde5bf4efda6d0def06e0e9f6cac90183477cf55e54f8be781ed28c10638eb6f036d40679b69c1da42cc2bfe885da7fa921092651b0c6eeb34de07a00e0ca0adeb2c1feb015dfe0e0ea4bebe1e05be2b1dd836081f1774d608757d91421b91029db174e4fb5428437c31ba64099606b69cdcd83f4ea511fa97da4112c83eab436b1ba941465ac206a8f48c18a2253d7b314e3c8a19d42e254d1e0795cf6b0007aa81034d29f4d7e4a0a596105ecd139fa18c88e1f953dd4b454a2096e14ae8733e33ea8697b268c07fec15234b2cfb5678cf4345cd00c9959a0520ff45ae7b7411cdc067a1069907f3780b15b56c96fc505ec6c6975327c348ca0a23c1deb1f5890fc25bec8424949bdf23c314e08de883891d6753e77052bca2959911d378173a45b1b2ccce8a036b585716da11fb9cdb135460f8acb3179ed30ef1eca1927fa0b8458f66755ecc5d7bb9d706e3b2d0c01dca23ec8ba696baf132199b20aa8897938214f81ec8a549ca3c3edf70f8cf3e9900074007b1c184fc4aa30abce4f7a4bcf083520710970f2b7b4f2c0ad008b7aeff389831c1970fd317097666e9a90467425c96fad04457580677218441b71125bdba5846d570348eb1bd6effc3870cd9c3f9c9bc96d3444211ddc7aae06f796df2a78d7a670c2072a5d2b212aef737dc6df423f50dea398c7bf146b2db22e42b723bbef4cc8d457d72eaccd6daa67f43054803cc44781319cfd4df5c14e5ada1acde4876bc8d797b95067e4627ab353086c57395e5c446a8add31887af4aeb9f22e65d8d565a90d57933fa09273f500697a58149273dcdbb2c20fb542fa3fde3be0498954d030d819bc1a2de9180b68f6cc7dacd6aa704c9809eb63b38eef066f9776483f65a92729b4277baeffc3c8ef0ab6111e2049da0fad2f0b2b7771837220b8fc0e2457516db794bccb8cb34d799f096964fd04bce91350f348207813a6f51640bc0d8b9c4f95892c296ef68961ab90e809a51a1eef2cb4365b66063d50902aeeba73ead9564da1c62fe5b8b12bf49024f710ff0bc9b5807ff9dd045746677c8522a4b0841224b6c56ba75a3f768ac3096e97d22db9dc1b7d0668c32f834feabd10789b233b0b11fc7cf531998383490b1372c798e9ee02379aca07a887653c64d3b8fd96797e371940bc108abf6c3ecf69549d2abeb2ea09105778e26cd3f08b90c7007c7eeedffad59b8b3c04faa88cd39d8e23154b0b230c71519d3e6b0af4b1017499a6292723e426334b229b635fe8761a2e99965646357cb1f80eff948142970d7aca2e7748322583f5dc68880de9d4fc13eedd26cfe9d78e90efb868c3d2d0ac18dd82c55b9bd299b035f67603cb11a92f603c8c98b81c588789d5ab0b0421f4dec920d88386d5b2d64586b19bf72b65a28d480d4ec7ba5fa7a4b577ac3e670e307b601bef1a8924787c0fd72989671a30ec843cfbe0ddbab61b1c0e316071e0bd488fcc17b677355f6f1feab32a44bcbc411786c002738c11c4fb5af07bd679f1f6150f2d270d48cd87caa58d437651c4568dea65cb6ffec7ae7b5c8b973dac75586b7f57b3774ca836ed0fb4d212f89c79cce4a1493076a509e9811355aa3447747d2f6d9dbfc4590996a56951f66bfe76d7b2a11893e02579887338c4928372c1d837e9b92a7c1b73671427f51f73c03cd9e3ba437204bed525f2ddde1aac15cf090b10e7f540845c6d643e6d421c4421c9e578e98bd80847ac3eb6687438d2e388b83a987be5479140e7ca2c4dfc038bf82b03faf75924f7fe82bfbf4f7cd25a2105d8db7b07d847ad1edca94323f744cc54640f929dcb6e93509336150469c575b16669d6671b61ab0418d67a90d0eafdc6287ebcb486ef990da526151d1309e2deb5a5ba25b705552052017ae242a77694080b2c648e35044fc731f3fa63e90c52550c26af75517285ca22696b655274e986c076a6cff721ab202c6d3634a88bc860967bc9fa2853f595851c421e3677b4c938a5684cbf45fb78214e8ce47dadf1f25e281ea092b857dd8d61bc4224ace14741320ce9ee63f2a5eef59cf1af1cd4b856ceae09b87eb2c67b6c3dc160da2c178138927eef6762163fe1dcc26e49edca9e1dd6fba3ab0b262d83a2d26939ceedb64974f34726c22a6139c7c63103415e287ded358d7f0b6c93bc626baf81f0efb0690bf790af70f1ac565b01790927ef36a942d3c1e4961ba5e04465a5520e6982c25df1f10db7093aca5959f0c2804cfd3093fa0ca03405d08cb8aa5c1731a6700462c96c7d015fb90fab5da3c366af9230a4e19e0c2dd92f4c24e7e825083332c6dcca9160a3e53c0227b4f41e8b9ffdf5d515efe2d4d665e92a774b2e4bcad4228c8ef58343706cff0e393345a4dcd78073ef1664d23eef7313e3726713bc625cf0cc1bee43ee1a39d615ada40495be8ddb43d6fe18c5b7e79216bd93bd1ee8cd74b8f23a910770b0b4b13e9048cad746929c1594d0b30cabe0529a20eb055e7f42508317e3cfb9b0f564aaa02288173265e75b5b4eb749d4fa04a015be84d02c3cc25b805cea8640d13275ba91d8e5f0ed6865f4eede33c99b7dcb5f81117a0fb18a7fff9bfe90deb327ed5d8da6e56809ef31d8d7e35736cee5521cc57b4356558af88f60f4554d5e12cc61f00c2177ddaa778a5aaba2dd07ef29f72775412ffb1374eea064ee33b5ea5c998b720999e23e7596797960ccd212b1ba46095cb17cc5affd87fbeb82fc345a2ae3f185f9da92e316d545eb4e42b5afc84eb0083c0ea8f4652c0432ead6fcf0c5bd1fe311d2423ea1b96658869f2889962ac40b655dd364811e4433ed1b3ba185f35499b2c79c0be7d01724b3ceea29f35a80703f9352e2100df201998f5d008b13492e7c1fd408dbf4713175f319118ce763ba241c534b4e003cade6c6a92075ce14537e36f5410d46d856c401320ca2d21211786fddcfc70a2ebf108c09c6b92a202e510b55358a26c88232b01d61bc4b43f0595b5015f302391d1ffd00e8937aeef9308ce30904fbf3b0b7b90e93bd51a1762d6f6d59e87b0701fddf80f951e75e1e8403bcf80a09454533995b3c6a030e34678bd34c2da0b344ba25c3d43207443aefab8866e3025887a42d584b8bd053f5e8c34610e5758f5497ace6781677e0e0ad1dadb5213f5b5156d1bf21f8f8efe6c0dc64a2e286f568803a9447143527bae17b4db53957832e5d646769ed50c8772641bd204f583c1732ed0230cdd03201e32fa9b7b54ffc65147c02c5134875a61f493bc34cca0fab088aa0bd1521a6f19568f2526314b7243ffc833cde93b6e2c7372830d315b7880b7640c3556da959a4148572a07b17d9a062272ab2bf88a070a18e6c195ae07977975bbd844462765541b7ac63ab4c0e17239e16a7174b1b36f3e76366ee813482e92ec9259536926495d56248c6afd09d7babe07a62626dd00e82bc93099a24f85b86b9c911e8763d56bcac2410f8e9139f77df9aae4b9b9079a318c6d858a6e6b7f9ba3c98f1cbd2923bd16b90", 0x1000) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:14 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{0x0}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:14 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, &(0x7f0000000280)="5f579ed79400a9c94fd8af556f2cb0453f46823f62428604e722ea22e3d2adb04cd5e1ac63bc76c984c9ae0036529ee534505051a0c1d70bcbe616385fd4a0e1e3953d2afcb5da8bef8f2dff4591ed13471d61ccba1997686490be5a9e8d5fd701e7cf1360ff0ddeb54b63cd83ef47dfee396e16da79fdb6bd7d51accf5517c4fad6ad29b6736ff820e6f1c96c10c0cc9484ac4f217468bb00db28e231029100c67d3e9443df9262a4e30862f9ac31ebde4664baab5c7b95f677eecfa9269442f2b05b1d74ffb705f71089bd934aa275b54c277db5d0b7e0c8f5c305ccdc60d8f88dac0b8eb57ee141d08d7a90bd145a9396248cc1f6ea6c6c0bc1327fd77934ea5ef93bbec3a49ef8eb87f3160c436b2b5e0b4581c9f0851123a3632e19cde75f16ba683172139eda87314518bf5f577bd1a579c183e26b4a1f12ee0b1c5cba97f1e69348a53afa56e93cc0dad5da9363a6e06d3109c4a4a54a5cbfc3d460d837ab1e38ac4cf71711dcf57f9cb0ce01dfc74c370ea40c2524ba930563f602cf603702a95083db3d762219c6a0e63533ca3fe1e8df336c43649d7e1e55ac5263627f8c0557024b6df89ffe6f07162f6dbcb3cf12071922e15fda068943909ebd158fed261beded5d03e3a271899ecafd74b5932918f336926ab4e801cd17b0bdc4c5ba9258f3471cb9292b00fb87d427c225ce941b6f47e656d12951fcbb04a85e9b913322be649e26ac1ca63816796bf149e88eaa48b8a034c93075467b20e317fcc0a1c20f6cb6288005b50f155217037c7750df484b0e393350978d78e8518402bfea892e455d1380a4a3418d336bac19cc839167736ead4e15af72b0103aea017d756edbd3147c55a0ccec74199f1eb9eb817a3351df39fbffd85149601ad7c074aff3856e90eed3bbca5702db3620b089a36b278ea7238d5a799b41c818c90869de9db9be5cd2919cc4b043bf9a80c34b461eef6ab0feb7fa9dfc67ee30548bc7301115f8d82dc2a88a798a708df684a5c7a018a4abda559072c6a163c4d321df4a9d88ec57785b7e54118ee445427015db07c1ae47f7e10b5d038d889ba401ba1273add2ebca5f3422fd2da6e3efc3563d8f9e545b16147cc6cccc586b1c4d665d8e624db0b1be87c4bfe8f1d6303e7975727aef35aceb85d2916fee4ba5af8705065e2a8ddec6ade155a1d27ce8a98f80e1739bb268d4b3247bbac21ecaa5558b4635056b5935422bbcb51b3b98f647ff3e5f61e43720b8cee5b95b78b6d9211cf38ed12b676b411797b1a1dbeb7d3a3633d6f1b8af01c2c6e6b4bc73280743d148a621e5915f4e344f75d42bbfaa769be8625e64a72f516098101bf7459ffbf89316067b8df337964dca69cdf8a1c2d6d51e3a1c92c0c80b807b5ad0c5f92df54b7b551acdf41c3058fbd52d03b50abe7e0acb50f4f77ad30164f146c4ce766cde532ea7e7f650137332fa444f7414c22c968f32c6d0e977b39ceabb72dcea722a7dfb583fb885066496cacc20af767f50c5f4b86499c054db70a6b59bead1d269b997a85fd7eb81596696b0717443a3754d45815f0718a99c594a311879ddb23e4611c15f857aeb3af425b367b23300d3ffd63a3589aa89a7dd9933375897090eab1589653dd5c7e437d15ef42e2901653f9d0b5eb802ce90800326deaa68c3647933043954a403531a1f698df58bd439bb14cf34a60fc1e55fafbf2d3c1fe476bb76dbb948fb3dd4b1b03ab03120762be4f540778ccb89e0aee5418e6c51b65c43ae29f04d8b200d5cb27a804e9c981dda2278a8276db77121139f366d94a7783d669ee190bb2b16c1fe72091014945b48042c5fe1944d7b62634fd016a526d7246ebcf56e5b6201232ae13f18a48a8ace28d6add02a4ca7c85b9eee00fa13073c1c6c13e3eed2e2bfb5e826b1c6d99318018e896b35ee0ee2013bb22b86b75148390fe0932a15d6433d39f56eb66c5093a227d6db4c46b893604100ce0fc16221af87f9bc4e6a7198b3ca71b1ce0984fee1c174ea106736d283760e7c332f5f90cd7bd20b99587062fcebcf6e2b4936002b9cd9ec781fbd1539ea0ee280d20a3f276d0576d2cb77009b47b5743c5e43d8a0aefb7216e0f72f2a6713d24e1405fd105cabb8a3633b828ad0bec8a2858d4dfb5e2bb21472d5cacfdb81c420e53e3fc0b3d8f65cbc2c464dd349ac087c09d6a10ece32f0533c32b844110508a8ab62c491209678e117e4305bf193ed7a441241007dbd7adcde5bf4efda6d0def06e0e9f6cac90183477cf55e54f8be781ed28c10638eb6f036d40679b69c1da42cc2bfe885da7fa921092651b0c6eeb34de07a00e0ca0adeb2c1feb015dfe0e0ea4bebe1e05be2b1dd836081f1774d608757d91421b91029db174e4fb5428437c31ba64099606b69cdcd83f4ea511fa97da4112c83eab436b1ba941465ac206a8f48c18a2253d7b314e3c8a19d42e254d1e0795cf6b0007aa81034d29f4d7e4a0a596105ecd139fa18c88e1f953dd4b454a2096e14ae8733e33ea8697b268c07fec15234b2cfb5678cf4345cd00c9959a0520ff45ae7b7411cdc067a1069907f3780b15b56c96fc505ec6c6975327c348ca0a23c1deb1f5890fc25bec8424949bdf23c314e08de883891d6753e77052bca2959911d378173a45b1b2ccce8a036b585716da11fb9cdb135460f8acb3179ed30ef1eca1927fa0b8458f66755ecc5d7bb9d706e3b2d0c01dca23ec8ba696baf132199b20aa8897938214f81ec8a549ca3c3edf70f8cf3e9900074007b1c184fc4aa30abce4f7a4bcf083520710970f2b7b4f2c0ad008b7aeff389831c1970fd317097666e9a90467425c96fad04457580677218441b71125bdba5846d570348eb1bd6effc3870cd9c3f9c9bc96d3444211ddc7aae06f796df2a78d7a670c2072a5d2b212aef737dc6df423f50dea398c7bf146b2db22e42b723bbef4cc8d457d72eaccd6daa67f43054803cc44781319cfd4df5c14e5ada1acde4876bc8d797b95067e4627ab353086c57395e5c446a8add31887af4aeb9f22e65d8d565a90d57933fa09273f500697a58149273dcdbb2c20fb542fa3fde3be0498954d030d819bc1a2de9180b68f6cc7dacd6aa704c9809eb63b38eef066f9776483f65a92729b4277baeffc3c8ef0ab6111e2049da0fad2f0b2b7771837220b8fc0e2457516db794bccb8cb34d799f096964fd04bce91350f348207813a6f51640bc0d8b9c4f95892c296ef68961ab90e809a51a1eef2cb4365b66063d50902aeeba73ead9564da1c62fe5b8b12bf49024f710ff0bc9b5807ff9dd045746677c8522a4b0841224b6c56ba75a3f768ac3096e97d22db9dc1b7d0668c32f834feabd10789b233b0b11fc7cf531998383490b1372c798e9ee02379aca07a887653c64d3b8fd96797e371940bc108abf6c3ecf69549d2abeb2ea09105778e26cd3f08b90c7007c7eeedffad59b8b3c04faa88cd39d8e23154b0b230c71519d3e6b0af4b1017499a6292723e426334b229b635fe8761a2e99965646357cb1f80eff948142970d7aca2e7748322583f5dc68880de9d4fc13eedd26cfe9d78e90efb868c3d2d0ac18dd82c55b9bd299b035f67603cb11a92f603c8c98b81c588789d5ab0b0421f4dec920d88386d5b2d64586b19bf72b65a28d480d4ec7ba5fa7a4b577ac3e670e307b601bef1a8924787c0fd72989671a30ec843cfbe0ddbab61b1c0e316071e0bd488fcc17b677355f6f1feab32a44bcbc411786c002738c11c4fb5af07bd679f1f6150f2d270d48cd87caa58d437651c4568dea65cb6ffec7ae7b5c8b973dac75586b7f57b3774ca836ed0fb4d212f89c79cce4a1493076a509e9811355aa3447747d2f6d9dbfc4590996a56951f66bfe76d7b2a11893e02579887338c4928372c1d837e9b92a7c1b73671427f51f73c03cd9e3ba437204bed525f2ddde1aac15cf090b10e7f540845c6d643e6d421c4421c9e578e98bd80847ac3eb6687438d2e388b83a987be5479140e7ca2c4dfc038bf82b03faf75924f7fe82bfbf4f7cd25a2105d8db7b07d847ad1edca94323f744cc54640f929dcb6e93509336150469c575b16669d6671b61ab0418d67a90d0eafdc6287ebcb486ef990da526151d1309e2deb5a5ba25b705552052017ae242a77694080b2c648e35044fc731f3fa63e90c52550c26af75517285ca22696b655274e986c076a6cff721ab202c6d3634a88bc860967bc9fa2853f595851c421e3677b4c938a5684cbf45fb78214e8ce47dadf1f25e281ea092b857dd8d61bc4224ace14741320ce9ee63f2a5eef59cf1af1cd4b856ceae09b87eb2c67b6c3dc160da2c178138927eef6762163fe1dcc26e49edca9e1dd6fba3ab0b262d83a2d26939ceedb64974f34726c22a6139c7c63103415e287ded358d7f0b6c93bc626baf81f0efb0690bf790af70f1ac565b01790927ef36a942d3c1e4961ba5e04465a5520e6982c25df1f10db7093aca5959f0c2804cfd3093fa0ca03405d08cb8aa5c1731a6700462c96c7d015fb90fab5da3c366af9230a4e19e0c2dd92f4c24e7e825083332c6dcca9160a3e53c0227b4f41e8b9ffdf5d515efe2d4d665e92a774b2e4bcad4228c8ef58343706cff0e393345a4dcd78073ef1664d23eef7313e3726713bc625cf0cc1bee43ee1a39d615ada40495be8ddb43d6fe18c5b7e79216bd93bd1ee8cd74b8f23a910770b0b4b13e9048cad746929c1594d0b30cabe0529a20eb055e7f42508317e3cfb9b0f564aaa02288173265e75b5b4eb749d4fa04a015be84d02c3cc25b805cea8640d13275ba91d8e5f0ed6865f4eede33c99b7dcb5f81117a0fb18a7fff9bfe90deb327ed5d8da6e56809ef31d8d7e35736cee5521cc57b4356558af88f60f4554d5e12cc61f00c2177ddaa778a5aaba2dd07ef29f72775412ffb1374eea064ee33b5ea5c998b720999e23e7596797960ccd212b1ba46095cb17cc5affd87fbeb82fc345a2ae3f185f9da92e316d545eb4e42b5afc84eb0083c0ea8f4652c0432ead6fcf0c5bd1fe311d2423ea1b96658869f2889962ac40b655dd364811e4433ed1b3ba185f35499b2c79c0be7d01724b3ceea29f35a80703f9352e2100df201998f5d008b13492e7c1fd408dbf4713175f319118ce763ba241c534b4e003cade6c6a92075ce14537e36f5410d46d856c401320ca2d21211786fddcfc70a2ebf108c09c6b92a202e510b55358a26c88232b01d61bc4b43f0595b5015f302391d1ffd00e8937aeef9308ce30904fbf3b0b7b90e93bd51a1762d6f6d59e87b0701fddf80f951e75e1e8403bcf80a09454533995b3c6a030e34678bd34c2da0b344ba25c3d43207443aefab8866e3025887a42d584b8bd053f5e8c34610e5758f5497ace6781677e0e0ad1dadb5213f5b5156d1bf21f8f8efe6c0dc64a2e286f568803a9447143527bae17b4db53957832e5d646769ed50c8772641bd204f583c1732ed0230cdd03201e32fa9b7b54ffc65147c02c5134875a61f493bc34cca0fab088aa0bd1521a6f19568f2526314b7243ffc833cde93b6e2c7372830d315b7880b7640c3556da959a4148572a07b17d9a062272ab2bf88a070a18e6c195ae07977975bbd844462765541b7ac63ab4c0e17239e16a7174b1b36f3e76366ee813482e92ec9259536926495d56248c6afd09d7babe07a62626dd00e82bc93099a24f85b86b9c911e8763d56bcac2410f8e9139f77df9aae4b9b9079a318c6d858a6e6b7f9ba3c98f1cbd2923bd16b90", 0x1000) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 125.583486][ T8775] FAT-fs (loop5): bogus number of reserved sectors [ 125.590056][ T8775] FAT-fs (loop5): Can't find a valid FAT filesystem [ 125.591656][ T8782] FAT-fs (loop2): bogus number of reserved sectors [ 125.603276][ T8782] FAT-fs (loop2): Can't find a valid FAT filesystem 08:50:14 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{0x0}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:14 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) [ 125.676283][ T8801] loop5: detected capacity change from 0 to 16 [ 125.684113][ T8802] loop4: detected capacity change from 0 to 16 [ 125.698916][ T8801] FAT-fs (loop5): bogus number of reserved sectors [ 125.705570][ T8801] FAT-fs (loop5): Can't find a valid FAT filesystem [ 125.713455][ T8811] loop2: detected capacity change from 0 to 16 [ 125.741404][ T8811] FAT-fs (loop2): bogus number of reserved sectors [ 125.747978][ T8811] FAT-fs (loop2): Can't find a valid FAT filesystem [ 125.752068][ T8812] FAT-fs (loop3): bogus number of reserved sectors [ 125.761110][ T8812] FAT-fs (loop3): Can't find a valid FAT filesystem 08:50:15 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) write$P9_RFSYNC(r0, &(0x7f00000000c0)={0x7, 0x33, 0x2}, 0x7) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) 08:50:15 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, &(0x7f0000000280)="5f579ed79400a9c94fd8af556f2cb0453f46823f62428604e722ea22e3d2adb04cd5e1ac63bc76c984c9ae0036529ee534505051a0c1d70bcbe616385fd4a0e1e3953d2afcb5da8bef8f2dff4591ed13471d61ccba1997686490be5a9e8d5fd701e7cf1360ff0ddeb54b63cd83ef47dfee396e16da79fdb6bd7d51accf5517c4fad6ad29b6736ff820e6f1c96c10c0cc9484ac4f217468bb00db28e231029100c67d3e9443df9262a4e30862f9ac31ebde4664baab5c7b95f677eecfa9269442f2b05b1d74ffb705f71089bd934aa275b54c277db5d0b7e0c8f5c305ccdc60d8f88dac0b8eb57ee141d08d7a90bd145a9396248cc1f6ea6c6c0bc1327fd77934ea5ef93bbec3a49ef8eb87f3160c436b2b5e0b4581c9f0851123a3632e19cde75f16ba683172139eda87314518bf5f577bd1a579c183e26b4a1f12ee0b1c5cba97f1e69348a53afa56e93cc0dad5da9363a6e06d3109c4a4a54a5cbfc3d460d837ab1e38ac4cf71711dcf57f9cb0ce01dfc74c370ea40c2524ba930563f602cf603702a95083db3d762219c6a0e63533ca3fe1e8df336c43649d7e1e55ac5263627f8c0557024b6df89ffe6f07162f6dbcb3cf12071922e15fda068943909ebd158fed261beded5d03e3a271899ecafd74b5932918f336926ab4e801cd17b0bdc4c5ba9258f3471cb9292b00fb87d427c225ce941b6f47e656d12951fcbb04a85e9b913322be649e26ac1ca63816796bf149e88eaa48b8a034c93075467b20e317fcc0a1c20f6cb6288005b50f155217037c7750df484b0e393350978d78e8518402bfea892e455d1380a4a3418d336bac19cc839167736ead4e15af72b0103aea017d756edbd3147c55a0ccec74199f1eb9eb817a3351df39fbffd85149601ad7c074aff3856e90eed3bbca5702db3620b089a36b278ea7238d5a799b41c818c90869de9db9be5cd2919cc4b043bf9a80c34b461eef6ab0feb7fa9dfc67ee30548bc7301115f8d82dc2a88a798a708df684a5c7a018a4abda559072c6a163c4d321df4a9d88ec57785b7e54118ee445427015db07c1ae47f7e10b5d038d889ba401ba1273add2ebca5f3422fd2da6e3efc3563d8f9e545b16147cc6cccc586b1c4d665d8e624db0b1be87c4bfe8f1d6303e7975727aef35aceb85d2916fee4ba5af8705065e2a8ddec6ade155a1d27ce8a98f80e1739bb268d4b3247bbac21ecaa5558b4635056b5935422bbcb51b3b98f647ff3e5f61e43720b8cee5b95b78b6d9211cf38ed12b676b411797b1a1dbeb7d3a3633d6f1b8af01c2c6e6b4bc73280743d148a621e5915f4e344f75d42bbfaa769be8625e64a72f516098101bf7459ffbf89316067b8df337964dca69cdf8a1c2d6d51e3a1c92c0c80b807b5ad0c5f92df54b7b551acdf41c3058fbd52d03b50abe7e0acb50f4f77ad30164f146c4ce766cde532ea7e7f650137332fa444f7414c22c968f32c6d0e977b39ceabb72dcea722a7dfb583fb885066496cacc20af767f50c5f4b86499c054db70a6b59bead1d269b997a85fd7eb81596696b0717443a3754d45815f0718a99c594a311879ddb23e4611c15f857aeb3af425b367b23300d3ffd63a3589aa89a7dd9933375897090eab1589653dd5c7e437d15ef42e2901653f9d0b5eb802ce90800326deaa68c3647933043954a403531a1f698df58bd439bb14cf34a60fc1e55fafbf2d3c1fe476bb76dbb948fb3dd4b1b03ab03120762be4f540778ccb89e0aee5418e6c51b65c43ae29f04d8b200d5cb27a804e9c981dda2278a8276db77121139f366d94a7783d669ee190bb2b16c1fe72091014945b48042c5fe1944d7b62634fd016a526d7246ebcf56e5b6201232ae13f18a48a8ace28d6add02a4ca7c85b9eee00fa13073c1c6c13e3eed2e2bfb5e826b1c6d99318018e896b35ee0ee2013bb22b86b75148390fe0932a15d6433d39f56eb66c5093a227d6db4c46b893604100ce0fc16221af87f9bc4e6a7198b3ca71b1ce0984fee1c174ea106736d283760e7c332f5f90cd7bd20b99587062fcebcf6e2b4936002b9cd9ec781fbd1539ea0ee280d20a3f276d0576d2cb77009b47b5743c5e43d8a0aefb7216e0f72f2a6713d24e1405fd105cabb8a3633b828ad0bec8a2858d4dfb5e2bb21472d5cacfdb81c420e53e3fc0b3d8f65cbc2c464dd349ac087c09d6a10ece32f0533c32b844110508a8ab62c491209678e117e4305bf193ed7a441241007dbd7adcde5bf4efda6d0def06e0e9f6cac90183477cf55e54f8be781ed28c10638eb6f036d40679b69c1da42cc2bfe885da7fa921092651b0c6eeb34de07a00e0ca0adeb2c1feb015dfe0e0ea4bebe1e05be2b1dd836081f1774d608757d91421b91029db174e4fb5428437c31ba64099606b69cdcd83f4ea511fa97da4112c83eab436b1ba941465ac206a8f48c18a2253d7b314e3c8a19d42e254d1e0795cf6b0007aa81034d29f4d7e4a0a596105ecd139fa18c88e1f953dd4b454a2096e14ae8733e33ea8697b268c07fec15234b2cfb5678cf4345cd00c9959a0520ff45ae7b7411cdc067a1069907f3780b15b56c96fc505ec6c6975327c348ca0a23c1deb1f5890fc25bec8424949bdf23c314e08de883891d6753e77052bca2959911d378173a45b1b2ccce8a036b585716da11fb9cdb135460f8acb3179ed30ef1eca1927fa0b8458f66755ecc5d7bb9d706e3b2d0c01dca23ec8ba696baf132199b20aa8897938214f81ec8a549ca3c3edf70f8cf3e9900074007b1c184fc4aa30abce4f7a4bcf083520710970f2b7b4f2c0ad008b7aeff389831c1970fd317097666e9a90467425c96fad04457580677218441b71125bdba5846d570348eb1bd6effc3870cd9c3f9c9bc96d3444211ddc7aae06f796df2a78d7a670c2072a5d2b212aef737dc6df423f50dea398c7bf146b2db22e42b723bbef4cc8d457d72eaccd6daa67f43054803cc44781319cfd4df5c14e5ada1acde4876bc8d797b95067e4627ab353086c57395e5c446a8add31887af4aeb9f22e65d8d565a90d57933fa09273f500697a58149273dcdbb2c20fb542fa3fde3be0498954d030d819bc1a2de9180b68f6cc7dacd6aa704c9809eb63b38eef066f9776483f65a92729b4277baeffc3c8ef0ab6111e2049da0fad2f0b2b7771837220b8fc0e2457516db794bccb8cb34d799f096964fd04bce91350f348207813a6f51640bc0d8b9c4f95892c296ef68961ab90e809a51a1eef2cb4365b66063d50902aeeba73ead9564da1c62fe5b8b12bf49024f710ff0bc9b5807ff9dd045746677c8522a4b0841224b6c56ba75a3f768ac3096e97d22db9dc1b7d0668c32f834feabd10789b233b0b11fc7cf531998383490b1372c798e9ee02379aca07a887653c64d3b8fd96797e371940bc108abf6c3ecf69549d2abeb2ea09105778e26cd3f08b90c7007c7eeedffad59b8b3c04faa88cd39d8e23154b0b230c71519d3e6b0af4b1017499a6292723e426334b229b635fe8761a2e99965646357cb1f80eff948142970d7aca2e7748322583f5dc68880de9d4fc13eedd26cfe9d78e90efb868c3d2d0ac18dd82c55b9bd299b035f67603cb11a92f603c8c98b81c588789d5ab0b0421f4dec920d88386d5b2d64586b19bf72b65a28d480d4ec7ba5fa7a4b577ac3e670e307b601bef1a8924787c0fd72989671a30ec843cfbe0ddbab61b1c0e316071e0bd488fcc17b677355f6f1feab32a44bcbc411786c002738c11c4fb5af07bd679f1f6150f2d270d48cd87caa58d437651c4568dea65cb6ffec7ae7b5c8b973dac75586b7f57b3774ca836ed0fb4d212f89c79cce4a1493076a509e9811355aa3447747d2f6d9dbfc4590996a56951f66bfe76d7b2a11893e02579887338c4928372c1d837e9b92a7c1b73671427f51f73c03cd9e3ba437204bed525f2ddde1aac15cf090b10e7f540845c6d643e6d421c4421c9e578e98bd80847ac3eb6687438d2e388b83a987be5479140e7ca2c4dfc038bf82b03faf75924f7fe82bfbf4f7cd25a2105d8db7b07d847ad1edca94323f744cc54640f929dcb6e93509336150469c575b16669d6671b61ab0418d67a90d0eafdc6287ebcb486ef990da526151d1309e2deb5a5ba25b705552052017ae242a77694080b2c648e35044fc731f3fa63e90c52550c26af75517285ca22696b655274e986c076a6cff721ab202c6d3634a88bc860967bc9fa2853f595851c421e3677b4c938a5684cbf45fb78214e8ce47dadf1f25e281ea092b857dd8d61bc4224ace14741320ce9ee63f2a5eef59cf1af1cd4b856ceae09b87eb2c67b6c3dc160da2c178138927eef6762163fe1dcc26e49edca9e1dd6fba3ab0b262d83a2d26939ceedb64974f34726c22a6139c7c63103415e287ded358d7f0b6c93bc626baf81f0efb0690bf790af70f1ac565b01790927ef36a942d3c1e4961ba5e04465a5520e6982c25df1f10db7093aca5959f0c2804cfd3093fa0ca03405d08cb8aa5c1731a6700462c96c7d015fb90fab5da3c366af9230a4e19e0c2dd92f4c24e7e825083332c6dcca9160a3e53c0227b4f41e8b9ffdf5d515efe2d4d665e92a774b2e4bcad4228c8ef58343706cff0e393345a4dcd78073ef1664d23eef7313e3726713bc625cf0cc1bee43ee1a39d615ada40495be8ddb43d6fe18c5b7e79216bd93bd1ee8cd74b8f23a910770b0b4b13e9048cad746929c1594d0b30cabe0529a20eb055e7f42508317e3cfb9b0f564aaa02288173265e75b5b4eb749d4fa04a015be84d02c3cc25b805cea8640d13275ba91d8e5f0ed6865f4eede33c99b7dcb5f81117a0fb18a7fff9bfe90deb327ed5d8da6e56809ef31d8d7e35736cee5521cc57b4356558af88f60f4554d5e12cc61f00c2177ddaa778a5aaba2dd07ef29f72775412ffb1374eea064ee33b5ea5c998b720999e23e7596797960ccd212b1ba46095cb17cc5affd87fbeb82fc345a2ae3f185f9da92e316d545eb4e42b5afc84eb0083c0ea8f4652c0432ead6fcf0c5bd1fe311d2423ea1b96658869f2889962ac40b655dd364811e4433ed1b3ba185f35499b2c79c0be7d01724b3ceea29f35a80703f9352e2100df201998f5d008b13492e7c1fd408dbf4713175f319118ce763ba241c534b4e003cade6c6a92075ce14537e36f5410d46d856c401320ca2d21211786fddcfc70a2ebf108c09c6b92a202e510b55358a26c88232b01d61bc4b43f0595b5015f302391d1ffd00e8937aeef9308ce30904fbf3b0b7b90e93bd51a1762d6f6d59e87b0701fddf80f951e75e1e8403bcf80a09454533995b3c6a030e34678bd34c2da0b344ba25c3d43207443aefab8866e3025887a42d584b8bd053f5e8c34610e5758f5497ace6781677e0e0ad1dadb5213f5b5156d1bf21f8f8efe6c0dc64a2e286f568803a9447143527bae17b4db53957832e5d646769ed50c8772641bd204f583c1732ed0230cdd03201e32fa9b7b54ffc65147c02c5134875a61f493bc34cca0fab088aa0bd1521a6f19568f2526314b7243ffc833cde93b6e2c7372830d315b7880b7640c3556da959a4148572a07b17d9a062272ab2bf88a070a18e6c195ae07977975bbd844462765541b7ac63ab4c0e17239e16a7174b1b36f3e76366ee813482e92ec9259536926495d56248c6afd09d7babe07a62626dd00e82bc93099a24f85b86b9c911e8763d56bcac2410f8e9139f77df9aae4b9b9079a318c6d858a6e6b7f9ba3c98f1cbd2923bd16b90", 0x1000) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:15 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8) splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x0) 08:50:15 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{0x0}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:15 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:50:15 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{0x0}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) [ 126.408358][ T8836] loop5: detected capacity change from 0 to 16 [ 126.414092][ T8837] FAT-fs (loop3): bogus number of reserved sectors [ 126.416350][ T8839] loop4: detected capacity change from 0 to 16 [ 126.421149][ T8837] FAT-fs (loop3): Can't find a valid FAT filesystem [ 126.435397][ T8840] loop2: detected capacity change from 0 to 16 [ 126.443331][ T8838] net_ratelimit: 30 callbacks suppressed [ 126.443341][ T8838] IPv4: Oversized IP packet from 127.0.0.1 08:50:15 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 126.445434][ T8840] FAT-fs (loop2): bogus number of reserved sectors [ 126.449068][ C0] IPv4: Oversized IP packet from 127.0.0.1 [ 126.454806][ T8840] FAT-fs (loop2): Can't find a valid FAT filesystem [ 126.474629][ T8836] FAT-fs (loop5): bogus number of reserved sectors [ 126.481219][ T8836] FAT-fs (loop5): Can't find a valid FAT filesystem 08:50:15 executing program 4 (fault-call:9 fault-nth:0): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:50:15 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:15 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(0xffffffffffffffff, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:15 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{0x0}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) [ 126.508622][ T8852] IPv4: Oversized IP packet from 127.0.0.1 [ 126.514745][ C0] IPv4: Oversized IP packet from 127.0.0.1 [ 126.536583][ T8856] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. 08:50:15 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) [ 126.594122][ T8868] loop2: detected capacity change from 0 to 16 [ 126.609738][ T8868] FAT-fs (loop2): bogus number of reserved sectors [ 126.609816][ T8871] loop5: detected capacity change from 0 to 16 [ 126.616326][ T8868] FAT-fs (loop2): Can't find a valid FAT filesystem [ 126.626277][ T8875] loop4: detected capacity change from 0 to 16 [ 126.632785][ T8874] FAT-fs (loop3): bogus number of reserved sectors [ 126.641760][ T8874] FAT-fs (loop3): Can't find a valid FAT filesystem [ 126.661019][ T8875] FAULT_INJECTION: forcing a failure. [ 126.661019][ T8875] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 126.663379][ T8871] FAT-fs (loop5): bogus number of reserved sectors [ 126.674287][ T8875] CPU: 1 PID: 8875 Comm: syz-executor.4 Not tainted 5.14.0-rc6-syzkaller #0 [ 126.680779][ T8871] FAT-fs (loop5): Can't find a valid FAT filesystem [ 126.689494][ T8875] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 126.689505][ T8875] Call Trace: [ 126.689511][ T8875] dump_stack_lvl+0xb7/0x103 [ 126.713979][ T8875] dump_stack+0x11/0x1a [ 126.718128][ T8875] should_fail+0x23c/0x250 [ 126.722575][ T8875] __alloc_pages+0x102/0x320 [ 126.727166][ T8875] alloc_pages+0x2e8/0x340 [ 126.731706][ T8875] __page_cache_alloc+0x4d/0xf0 [ 126.736547][ T8875] pagecache_get_page+0x5f4/0x900 [ 126.741619][ T8875] grab_cache_page_write_begin+0x3f/0x70 [ 126.747237][ T8875] cont_write_begin+0x501/0x850 [ 126.752135][ T8875] fat_write_begin+0x61/0xf0 [ 126.756766][ T8875] ? fat_block_truncate_page+0x30/0x30 [ 126.762296][ T8875] generic_perform_write+0x196/0x3c0 [ 126.767617][ T8875] __generic_file_write_iter+0x202/0x300 [ 126.773236][ T8875] ? generic_write_checks+0x250/0x290 [ 126.778618][ T8875] generic_file_write_iter+0x75/0x130 [ 126.784048][ T8875] vfs_write+0x69d/0x770 [ 126.788275][ T8875] ksys_write+0xce/0x180 [ 126.792512][ T8875] __x64_sys_write+0x3e/0x50 [ 126.797132][ T8875] do_syscall_64+0x3d/0x90 [ 126.801555][ T8875] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 126.807523][ T8875] RIP: 0033:0x4665e9 [ 126.811399][ T8875] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 126.830990][ T8875] RSP: 002b:00007f9108b78188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 08:50:15 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(0xffffffffffffffff, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:15 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) [ 126.839383][ T8875] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 126.847412][ T8875] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006 [ 126.855453][ T8875] RBP: 00007f9108b781d0 R08: 0000000000000000 R09: 0000000000000000 [ 126.863424][ T8875] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 126.871390][ T8875] R13: 00007ffeec19ddcf R14: 00007f9108b78300 R15: 0000000000022000 [ 126.939619][ T8888] loop2: detected capacity change from 0 to 16 [ 126.951395][ T8888] FAT-fs (loop2): bogus number of reserved sectors [ 126.957914][ T8888] FAT-fs (loop2): Can't find a valid FAT filesystem 08:50:16 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c0000006800"], 0x1c}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8) splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x0) 08:50:16 executing program 4 (fault-call:9 fault-nth:1): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:50:16 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:16 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:50:16 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(0xffffffffffffffff, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:16 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) [ 127.312056][ T8912] loop2: detected capacity change from 0 to 16 [ 127.314656][ T8909] loop4: detected capacity change from 0 to 16 [ 127.322056][ T8912] FAT-fs (loop2): bogus number of reserved sectors [ 127.330932][ T8912] FAT-fs (loop2): Can't find a valid FAT filesystem [ 127.333048][ T8911] FAT-fs (loop3): bogus number of reserved sectors [ 127.343027][ T8915] loop5: detected capacity change from 0 to 16 [ 127.344283][ T8911] FAT-fs (loop3): Can't find a valid FAT filesystem 08:50:16 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, 0x0, 0x0) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 127.367025][ T8909] FAULT_INJECTION: forcing a failure. [ 127.367025][ T8909] name failslab, interval 1, probability 0, space 0, times 1 [ 127.379273][ T8915] FAT-fs (loop5): bogus number of reserved sectors [ 127.379699][ T8909] CPU: 0 PID: 8909 Comm: syz-executor.4 Not tainted 5.14.0-rc6-syzkaller #0 [ 127.386281][ T8915] FAT-fs (loop5): Can't find a valid FAT filesystem [ 127.394988][ T8909] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 127.395001][ T8909] Call Trace: 08:50:16 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400", 0xc}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) [ 127.415287][ T8909] dump_stack_lvl+0xb7/0x103 [ 127.419972][ T8909] dump_stack+0x11/0x1a [ 127.424138][ T8909] should_fail+0x23c/0x250 [ 127.428562][ T8909] ? fat_cache_add+0x219/0x570 [ 127.433423][ T8909] __should_failslab+0x81/0x90 [ 127.438189][ T8909] should_failslab+0x5/0x20 [ 127.442712][ T8909] kmem_cache_alloc+0x46/0x2e0 [ 127.447635][ T8909] fat_cache_add+0x219/0x570 [ 127.452211][ T8909] fat_get_cluster+0x58e/0x870 [ 127.457022][ T8909] ? __brelse+0x2c/0x50 [ 127.461417][ T8909] fat_get_mapped_cluster+0xd0/0x250 [ 127.466901][ T8909] fat_bmap+0x258/0x290 [ 127.471086][ T8909] fat_get_block+0x36d/0x5a0 [ 127.475664][ T8909] __block_write_begin_int+0x4a2/0x1060 [ 127.481282][ T8909] ? fat_block_truncate_page+0x30/0x30 [ 127.487037][ T8909] ? wait_for_stable_page+0x56/0x70 [ 127.492409][ T8909] cont_write_begin+0x522/0x850 [ 127.497251][ T8909] fat_write_begin+0x61/0xf0 [ 127.501822][ T8909] ? fat_block_truncate_page+0x30/0x30 [ 127.507263][ T8909] generic_perform_write+0x196/0x3c0 [ 127.512632][ T8909] __generic_file_write_iter+0x202/0x300 [ 127.518363][ T8909] ? generic_write_checks+0x250/0x290 [ 127.524065][ T8909] generic_file_write_iter+0x75/0x130 [ 127.529593][ T8909] vfs_write+0x69d/0x770 [ 127.533815][ T8909] ksys_write+0xce/0x180 [ 127.538033][ T8909] __x64_sys_write+0x3e/0x50 [ 127.542604][ T8909] do_syscall_64+0x3d/0x90 [ 127.547023][ T8909] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 127.553122][ T8909] RIP: 0033:0x4665e9 [ 127.557013][ T8909] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 127.577147][ T8909] RSP: 002b:00007f9108b78188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 127.585640][ T8909] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 127.593680][ T8909] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006 [ 127.601681][ T8909] RBP: 00007f9108b781d0 R08: 0000000000000000 R09: 0000000000000000 [ 127.609642][ T8909] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 08:50:16 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, 0x0, 0x0) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:16 executing program 4 (fault-call:9 fault-nth:2): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) [ 127.617713][ T8909] R13: 00007ffeec19ddcf R14: 00007f9108b78300 R15: 0000000000022000 08:50:16 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, 0x0, 0x0) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:16 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) [ 127.696807][ T8937] loop2: detected capacity change from 0 to 16 [ 127.713582][ T8943] loop4: detected capacity change from 0 to 16 [ 127.733982][ T8948] loop5: detected capacity change from 0 to 16 [ 127.735924][ T8943] FAULT_INJECTION: forcing a failure. [ 127.735924][ T8943] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 127.740536][ T8937] FAT-fs (loop2): bogus number of reserved sectors [ 127.753417][ T8943] CPU: 0 PID: 8943 Comm: syz-executor.4 Not tainted 5.14.0-rc6-syzkaller #0 [ 127.759946][ T8937] FAT-fs (loop2): Can't find a valid FAT filesystem [ 127.768578][ T8943] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 127.785194][ T8943] Call Trace: [ 127.788638][ T8943] dump_stack_lvl+0xb7/0x103 [ 127.793224][ T8943] dump_stack+0x11/0x1a [ 127.797376][ T8943] should_fail+0x23c/0x250 [ 127.801881][ T8943] should_fail_usercopy+0x16/0x20 [ 127.806907][ T8943] copy_page_from_iter_atomic+0x2c1/0xba0 [ 127.812748][ T8943] ? fat_write_begin+0x61/0xf0 [ 127.817505][ T8943] ? fat_block_truncate_page+0x30/0x30 [ 127.823011][ T8943] ? fat_write_begin+0x79/0xf0 [ 127.827771][ T8943] generic_perform_write+0x1df/0x3c0 [ 127.833099][ T8943] __generic_file_write_iter+0x202/0x300 [ 127.838729][ T8943] ? generic_write_checks+0x250/0x290 [ 127.844104][ T8943] generic_file_write_iter+0x75/0x130 [ 127.846288][ T8948] FAT-fs (loop5): bogus number of reserved sectors [ 127.849645][ T8943] vfs_write+0x69d/0x770 [ 127.849667][ T8943] ksys_write+0xce/0x180 [ 127.856161][ T8948] FAT-fs (loop5): Can't find a valid FAT filesystem [ 127.860410][ T8943] __x64_sys_write+0x3e/0x50 [ 127.860432][ T8943] do_syscall_64+0x3d/0x90 [ 127.881963][ T8943] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 127.887994][ T8943] RIP: 0033:0x4665e9 [ 127.891890][ T8943] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 127.911841][ T8943] RSP: 002b:00007f9108b78188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 127.920234][ T8943] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 127.928330][ T8943] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006 [ 127.936561][ T8943] RBP: 00007f9108b781d0 R08: 0000000000000000 R09: 0000000000000000 [ 127.944800][ T8943] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 127.953307][ T8943] R13: 00007ffeec19ddcf R14: 00007f9108b78300 R15: 0000000000022000 [ 127.970621][ T8943] handle_bad_sector: 76 callbacks suppressed [ 127.970635][ T8943] attempt to access beyond end of device [ 127.970635][ T8943] loop4: rw=2049, want=123, limit=16 [ 127.987996][ T8943] attempt to access beyond end of device [ 127.987996][ T8943] loop4: rw=2049, want=124, limit=16 [ 127.998850][ T8943] buffer_io_error: 76 callbacks suppressed [ 127.998858][ T8943] Buffer I/O error on dev loop4, logical block 123, lost async page write [ 128.014063][ T8943] attempt to access beyond end of device [ 128.014063][ T8943] loop4: rw=2049, want=125, limit=16 [ 128.025043][ T8943] Buffer I/O error on dev loop4, logical block 124, lost async page write [ 128.034547][ T8943] attempt to access beyond end of device [ 128.034547][ T8943] loop4: rw=2049, want=126, limit=16 [ 128.045356][ T8943] Buffer I/O error on dev loop4, logical block 125, lost async page write [ 128.053881][ T8943] attempt to access beyond end of device [ 128.053881][ T8943] loop4: rw=2049, want=127, limit=16 [ 128.065282][ T8943] Buffer I/O error on dev loop4, logical block 126, lost async page write [ 128.074110][ T8943] attempt to access beyond end of device [ 128.074110][ T8943] loop4: rw=2049, want=128, limit=16 [ 128.084892][ T8943] Buffer I/O error on dev loop4, logical block 127, lost async page write 08:50:17 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c0000006800"], 0x1c}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8) splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x0) 08:50:17 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:50:17 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400", 0xc}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:17 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000), 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:17 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:17 executing program 4 (fault-call:9 fault-nth:3): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) [ 128.178869][ T8972] loop4: detected capacity change from 0 to 16 [ 128.179271][ T8974] loop5: detected capacity change from 0 to 16 [ 128.193783][ T8974] FAT-fs (loop5): bogus number of reserved sectors [ 128.196634][ T8979] loop2: detected capacity change from 0 to 16 [ 128.200351][ T8974] FAT-fs (loop5): Can't find a valid FAT filesystem [ 128.201107][ T8975] loop3: detected capacity change from 0 to 16 [ 128.221633][ T8979] FAT-fs (loop2): bogus number of reserved sectors 08:50:17 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000), 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 128.223984][ T8972] FAULT_INJECTION: forcing a failure. [ 128.223984][ T8972] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 128.228187][ T8979] FAT-fs (loop2): Can't find a valid FAT filesystem [ 128.241420][ T8972] CPU: 0 PID: 8972 Comm: syz-executor.4 Not tainted 5.14.0-rc6-syzkaller #0 [ 128.257741][ T8972] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 128.267852][ T8972] Call Trace: [ 128.271136][ T8972] dump_stack_lvl+0xb7/0x103 [ 128.275862][ T8972] dump_stack+0x11/0x1a [ 128.280114][ T8972] should_fail+0x23c/0x250 [ 128.284872][ T8972] __alloc_pages+0x102/0x320 [ 128.289549][ T8972] alloc_pages+0x2e8/0x340 [ 128.293956][ T8972] __page_cache_alloc+0x4d/0xf0 [ 128.298802][ T8972] pagecache_get_page+0x5f4/0x900 [ 128.303820][ T8972] grab_cache_page_write_begin+0x3f/0x70 [ 128.309528][ T8972] cont_write_begin+0x501/0x850 [ 128.314367][ T8972] fat_write_begin+0x61/0xf0 [ 128.318937][ T8972] ? fat_block_truncate_page+0x30/0x30 [ 128.324574][ T8972] generic_perform_write+0x196/0x3c0 [ 128.329918][ T8972] ? fat_write_begin+0xf0/0xf0 [ 128.334661][ T8972] __generic_file_write_iter+0x202/0x300 [ 128.340379][ T8972] ? generic_write_checks+0x250/0x290 [ 128.345826][ T8972] generic_file_write_iter+0x75/0x130 [ 128.351188][ T8972] vfs_write+0x69d/0x770 [ 128.356014][ T8972] ksys_write+0xce/0x180 [ 128.360242][ T8972] __x64_sys_write+0x3e/0x50 [ 128.364814][ T8972] do_syscall_64+0x3d/0x90 [ 128.369341][ T8972] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 128.375311][ T8972] RIP: 0033:0x4665e9 [ 128.379356][ T8972] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 128.399380][ T8972] RSP: 002b:00007f9108b78188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 128.407902][ T8972] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 128.416305][ T8972] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006 08:50:17 executing program 4 (fault-call:9 fault-nth:4): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) [ 128.424441][ T8972] RBP: 00007f9108b781d0 R08: 0000000000000000 R09: 0000000000000000 [ 128.432483][ T8972] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 128.440697][ T8972] R13: 00007ffeec19ddcf R14: 00007f9108b78300 R15: 0000000000022000 08:50:17 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000), 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:17 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400", 0xc}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) [ 128.470785][ T8975] FAT-fs (loop3): bogus number of reserved sectors [ 128.477433][ T8975] FAT-fs (loop3): Can't find a valid FAT filesystem [ 128.509210][ T8996] loop4: detected capacity change from 0 to 16 [ 128.527885][ T8996] FAULT_INJECTION: forcing a failure. [ 128.527885][ T8996] name failslab, interval 1, probability 0, space 0, times 0 [ 128.540486][ T8996] CPU: 0 PID: 8996 Comm: syz-executor.4 Not tainted 5.14.0-rc6-syzkaller #0 [ 128.549442][ T8996] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 128.556066][ T9003] loop5: detected capacity change from 0 to 16 [ 128.560094][ T8996] Call Trace: [ 128.560103][ T8996] dump_stack_lvl+0xb7/0x103 [ 128.574148][ T8996] dump_stack+0x11/0x1a [ 128.578314][ T8996] should_fail+0x23c/0x250 [ 128.582773][ T8996] ? xas_create+0x3fb/0xb30 [ 128.587260][ T8996] __should_failslab+0x81/0x90 [ 128.592007][ T8996] should_failslab+0x5/0x20 [ 128.596493][ T8996] kmem_cache_alloc+0x46/0x2e0 [ 128.601243][ T8996] xas_create+0x3fb/0xb30 [ 128.605554][ T8996] xas_store+0x70/0xca0 [ 128.609818][ T8996] ? memcg_check_events+0x23/0x3b0 [ 128.614946][ T8996] ? cgroup_rstat_updated+0x60/0x1c0 [ 128.620217][ T8996] ? get_page_from_freelist+0x54e/0x820 [ 128.625760][ T8996] ? xas_find_conflict+0x422/0x4c0 [ 128.632070][ T8996] __add_to_page_cache_locked+0x1eb/0x4b0 [ 128.637788][ T8996] ? workingset_activation+0x270/0x270 [ 128.643492][ T8996] add_to_page_cache_lru+0xa0/0x1b0 [ 128.648707][ T8996] pagecache_get_page+0x6a3/0x900 [ 128.653792][ T8996] grab_cache_page_write_begin+0x3f/0x70 [ 128.659457][ T8996] cont_write_begin+0x501/0x850 [ 128.664315][ T8996] fat_write_begin+0x61/0xf0 [ 128.668904][ T8996] ? fat_block_truncate_page+0x30/0x30 [ 128.674350][ T8996] generic_perform_write+0x196/0x3c0 [ 128.679691][ T8996] ? fat_write_begin+0xf0/0xf0 [ 128.684454][ T8996] __generic_file_write_iter+0x202/0x300 [ 128.690073][ T8996] ? generic_write_checks+0x250/0x290 [ 128.695429][ T8996] generic_file_write_iter+0x75/0x130 [ 128.700823][ T8996] vfs_write+0x69d/0x770 [ 128.705047][ T8996] ksys_write+0xce/0x180 [ 128.709272][ T8996] __x64_sys_write+0x3e/0x50 [ 128.713849][ T8996] do_syscall_64+0x3d/0x90 [ 128.718249][ T8996] ? irqentry_exit+0xe/0x30 [ 128.722737][ T8996] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 128.728692][ T8996] RIP: 0033:0x4665e9 [ 128.732568][ T8996] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 128.752564][ T8996] RSP: 002b:00007f9108b78188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 128.761139][ T8996] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 128.769111][ T8996] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006 08:50:17 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400", 0xc}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:17 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) [ 128.777327][ T8996] RBP: 00007f9108b781d0 R08: 0000000000000000 R09: 0000000000000000 [ 128.785416][ T8996] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 128.793371][ T8996] R13: 00007ffeec19ddcf R14: 00007f9108b78300 R15: 0000000000022000 [ 128.849040][ T9003] FAT-fs (loop5): bogus number of reserved sectors [ 128.855802][ T9003] FAT-fs (loop5): Can't find a valid FAT filesystem [ 128.855994][ T9012] loop2: detected capacity change from 0 to 16 [ 128.865967][ T9013] loop3: detected capacity change from 0 to 16 [ 128.872611][ T9012] FAT-fs (loop2): bogus number of reserved sectors [ 128.881679][ T9012] FAT-fs (loop2): Can't find a valid FAT filesystem [ 128.899858][ T9013] FAT-fs (loop3): bogus number of reserved sectors [ 128.906412][ T9013] FAT-fs (loop3): Can't find a valid FAT filesystem 08:50:17 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c0000006800"], 0x1c}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8) splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x0) 08:50:17 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(0xffffffffffffffff, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:17 executing program 4 (fault-call:9 fault-nth:5): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:50:17 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400", 0xc}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:17 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240", 0x12}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:17 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:50:18 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(0xffffffffffffffff, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 129.034136][ T9031] loop3: detected capacity change from 0 to 16 [ 129.046745][ T9034] loop5: detected capacity change from 0 to 16 [ 129.048671][ T9037] loop4: detected capacity change from 0 to 16 [ 129.053793][ T9038] loop2: detected capacity change from 0 to 16 [ 129.076847][ T9037] FAULT_INJECTION: forcing a failure. [ 129.076847][ T9037] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 129.089934][ T9037] CPU: 0 PID: 9037 Comm: syz-executor.4 Not tainted 5.14.0-rc6-syzkaller #0 [ 129.098676][ T9037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 129.108722][ T9037] Call Trace: [ 129.111985][ T9037] dump_stack_lvl+0xb7/0x103 [ 129.116561][ T9037] dump_stack+0x11/0x1a [ 129.120713][ T9037] should_fail+0x23c/0x250 [ 129.125124][ T9037] should_fail_usercopy+0x16/0x20 [ 129.130138][ T9037] copy_page_from_iter_atomic+0x2c1/0xba0 [ 129.135904][ T9037] ? fat_write_begin+0x61/0xf0 [ 129.140658][ T9037] ? fat_block_truncate_page+0x30/0x30 [ 129.146137][ T9037] ? fat_write_begin+0x79/0xf0 [ 129.150896][ T9037] generic_perform_write+0x1df/0x3c0 [ 129.156243][ T9037] ? fat_write_begin+0xf0/0xf0 [ 129.161040][ T9037] __generic_file_write_iter+0x202/0x300 [ 129.167001][ T9037] ? generic_write_checks+0x250/0x290 [ 129.172431][ T9037] generic_file_write_iter+0x75/0x130 [ 129.177790][ T9037] vfs_write+0x69d/0x770 [ 129.182014][ T9037] ksys_write+0xce/0x180 [ 129.186240][ T9037] __x64_sys_write+0x3e/0x50 [ 129.190812][ T9037] do_syscall_64+0x3d/0x90 [ 129.195452][ T9037] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 129.203831][ T9037] RIP: 0033:0x4665e9 [ 129.207710][ T9037] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 129.227940][ T9037] RSP: 002b:00007f9108b78188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 129.236335][ T9037] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 129.244411][ T9037] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006 [ 129.252396][ T9037] RBP: 00007f9108b781d0 R08: 0000000000000000 R09: 0000000000000000 [ 129.260382][ T9037] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 129.268334][ T9037] R13: 00007ffeec19ddcf R14: 00007f9108b78300 R15: 0000000000022000 [ 129.278735][ T9031] FAT-fs (loop3): bogus number of reserved sectors [ 129.285262][ T9031] FAT-fs (loop3): Can't find a valid FAT filesystem [ 129.289906][ T9037] attempt to access beyond end of device [ 129.289906][ T9037] loop4: rw=2049, want=123, limit=16 [ 129.292169][ T9034] FAT-fs (loop5): bogus number of reserved sectors [ 129.309356][ T9034] FAT-fs (loop5): Can't find a valid FAT filesystem [ 129.316578][ T9037] attempt to access beyond end of device [ 129.316578][ T9037] loop4: rw=2049, want=124, limit=16 08:50:18 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(0xffffffffffffffff, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 129.327412][ T9037] Buffer I/O error on dev loop4, logical block 123, lost async page write [ 129.334582][ T9038] FAT-fs (loop2): invalid media value (0x00) [ 129.342132][ T9038] FAT-fs (loop2): Can't find a valid FAT filesystem [ 129.345591][ T9037] attempt to access beyond end of device [ 129.345591][ T9037] loop4: rw=2049, want=125, limit=16 [ 129.359525][ T9037] Buffer I/O error on dev loop4, logical block 124, lost async page write [ 129.368233][ T9037] attempt to access beyond end of device [ 129.368233][ T9037] loop4: rw=2049, want=126, limit=16 08:50:18 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400", 0xc}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:18 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{0x0}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:50:18 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, 0x0, 0x0, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 129.379321][ T9037] Buffer I/O error on dev loop4, logical block 125, lost async page write [ 129.387945][ T9037] Buffer I/O error on dev loop4, logical block 126, lost async page write [ 129.398447][ T9037] Buffer I/O error on dev loop4, logical block 127, lost async page write 08:50:18 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240", 0x12}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) [ 129.457484][ T9068] loop3: detected capacity change from 0 to 16 [ 129.458174][ T9069] loop5: detected capacity change from 0 to 16 [ 129.476216][ T9068] FAT-fs (loop3): bogus number of reserved sectors [ 129.478950][ T9076] loop2: detected capacity change from 0 to 16 [ 129.482761][ T9068] FAT-fs (loop3): Can't find a valid FAT filesystem [ 129.491257][ T9069] FAT-fs (loop5): bogus number of reserved sectors [ 129.502028][ T9069] FAT-fs (loop5): Can't find a valid FAT filesystem [ 129.511512][ T9076] FAT-fs (loop2): invalid media value (0x00) [ 129.517511][ T9076] FAT-fs (loop2): Can't find a valid FAT filesystem 08:50:18 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff}) r1 = socket$inet_udp(0x2, 0x2, 0x0) close(r1) socket(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0x1000000c8) splice(r0, 0x0, r1, 0x0, 0x30000033fe0, 0x0) 08:50:18 executing program 4 (fault-call:9 fault-nth:6): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:50:18 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, 0x0, 0x0, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:18 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240", 0x12}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:18 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{0x0}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:50:18 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240", 0x12}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:18 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, 0x0, 0x0, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 129.910658][ T9100] loop3: detected capacity change from 0 to 16 [ 129.917710][ T9103] loop2: detected capacity change from 0 to 16 [ 129.920961][ T9101] loop5: detected capacity change from 0 to 16 [ 129.933587][ T9102] loop4: detected capacity change from 0 to 16 [ 129.940295][ T9103] FAT-fs (loop2): invalid media value (0x00) [ 129.946383][ T9103] FAT-fs (loop2): Can't find a valid FAT filesystem 08:50:18 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0x0, 0x0, 0x0, 0x0) [ 129.958006][ T9100] FAT-fs (loop3): bogus number of reserved sectors [ 129.964558][ T9100] FAT-fs (loop3): Can't find a valid FAT filesystem [ 129.979852][ T9101] FAT-fs (loop5): invalid media value (0x00) [ 129.985893][ T9101] FAT-fs (loop5): Can't find a valid FAT filesystem [ 129.989629][ T9102] FAULT_INJECTION: forcing a failure. [ 129.989629][ T9102] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 130.005945][ T9102] CPU: 1 PID: 9102 Comm: syz-executor.4 Not tainted 5.14.0-rc6-syzkaller #0 [ 130.014806][ T9102] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 130.025022][ T9102] Call Trace: [ 130.028305][ T9102] dump_stack_lvl+0xb7/0x103 [ 130.032885][ T9102] dump_stack+0x11/0x1a [ 130.037030][ T9102] should_fail+0x23c/0x250 [ 130.041442][ T9102] __alloc_pages+0x102/0x320 [ 130.046045][ T9102] alloc_pages+0x2e8/0x340 [ 130.050469][ T9102] __page_cache_alloc+0x4d/0xf0 [ 130.055309][ T9102] pagecache_get_page+0x5f4/0x900 [ 130.060691][ T9102] grab_cache_page_write_begin+0x3f/0x70 [ 130.066314][ T9102] cont_write_begin+0x501/0x850 [ 130.071243][ T9102] fat_write_begin+0x61/0xf0 [ 130.075830][ T9102] ? fat_block_truncate_page+0x30/0x30 [ 130.081416][ T9102] generic_perform_write+0x196/0x3c0 [ 130.086736][ T9102] ? fat_write_begin+0xf0/0xf0 [ 130.091657][ T9102] __generic_file_write_iter+0x202/0x300 [ 130.097274][ T9102] ? generic_write_checks+0x250/0x290 [ 130.102798][ T9102] generic_file_write_iter+0x75/0x130 [ 130.108178][ T9102] vfs_write+0x69d/0x770 [ 130.112490][ T9102] ksys_write+0xce/0x180 [ 130.116734][ T9102] __x64_sys_write+0x3e/0x50 [ 130.121314][ T9102] do_syscall_64+0x3d/0x90 [ 130.125714][ T9102] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 130.131613][ T9102] RIP: 0033:0x4665e9 [ 130.135488][ T9102] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 08:50:19 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0x0, 0x0, 0x0, 0x0) 08:50:19 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{0x0}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) [ 130.155150][ T9102] RSP: 002b:00007f9108b78188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 130.163542][ T9102] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 130.171603][ T9102] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006 [ 130.179565][ T9102] RBP: 00007f9108b781d0 R08: 0000000000000000 R09: 0000000000000000 [ 130.187530][ T9102] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 130.195490][ T9102] R13: 00007ffeec19ddcf R14: 00007f9108b78300 R15: 0000000000022000 08:50:19 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240", 0x12}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:19 executing program 4 (fault-call:9 fault-nth:7): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) [ 130.292078][ T9134] loop4: detected capacity change from 0 to 16 [ 130.293256][ T9136] loop3: detected capacity change from 0 to 16 [ 130.298464][ T9137] loop5: detected capacity change from 0 to 16 [ 130.316713][ T9137] FAT-fs (loop5): invalid media value (0x00) [ 130.320242][ T9136] FAT-fs (loop3): bogus number of reserved sectors [ 130.323023][ T9137] FAT-fs (loop5): Can't find a valid FAT filesystem [ 130.329483][ T9136] FAT-fs (loop3): Can't find a valid FAT filesystem [ 130.346357][ T9134] FAULT_INJECTION: forcing a failure. [ 130.346357][ T9134] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 130.359802][ T9134] CPU: 1 PID: 9134 Comm: syz-executor.4 Not tainted 5.14.0-rc6-syzkaller #0 [ 130.368549][ T9134] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 130.378602][ T9134] Call Trace: [ 130.381866][ T9134] dump_stack_lvl+0xb7/0x103 [ 130.386455][ T9134] dump_stack+0x11/0x1a [ 130.390600][ T9134] should_fail+0x23c/0x250 [ 130.395026][ T9134] should_fail_usercopy+0x16/0x20 [ 130.400141][ T9134] copy_page_from_iter_atomic+0x2c1/0xba0 [ 130.405894][ T9134] ? fat_write_begin+0x61/0xf0 [ 130.410636][ T9134] ? fat_block_truncate_page+0x30/0x30 [ 130.416091][ T9134] ? fat_write_begin+0x79/0xf0 [ 130.420845][ T9134] generic_perform_write+0x1df/0x3c0 [ 130.426252][ T9134] ? fat_write_begin+0xf0/0xf0 [ 130.431018][ T9134] __generic_file_write_iter+0x202/0x300 [ 130.436669][ T9134] ? generic_write_checks+0x250/0x290 [ 130.442112][ T9134] generic_file_write_iter+0x75/0x130 [ 130.447557][ T9134] vfs_write+0x69d/0x770 [ 130.452161][ T9134] ksys_write+0xce/0x180 [ 130.456387][ T9134] __x64_sys_write+0x3e/0x50 [ 130.461229][ T9134] do_syscall_64+0x3d/0x90 [ 130.465640][ T9134] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 130.471578][ T9134] RIP: 0033:0x4665e9 [ 130.476060][ T9134] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 130.496038][ T9134] RSP: 002b:00007f9108b78188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 130.504435][ T9134] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 130.512565][ T9134] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006 [ 130.521144][ T9134] RBP: 00007f9108b781d0 R08: 0000000000000000 R09: 0000000000000000 [ 130.529164][ T9134] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 130.537406][ T9134] R13: 00007ffeec19ddcf R14: 00007f9108b78300 R15: 0000000000022000 08:50:19 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0x0, 0x0, 0x0, 0x0) 08:50:19 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff}) r1 = socket$inet_udp(0x2, 0x2, 0x0) close(r1) socket(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0x1000000c8) splice(r0, 0x0, r1, 0x0, 0x30000033fe0, 0x0) 08:50:19 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000", 0x15}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:19 executing program 4 (fault-call:9 fault-nth:8): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:50:19 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240", 0x12}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:19 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) [ 130.758912][ T9164] loop3: detected capacity change from 0 to 16 [ 130.767784][ T9164] FAT-fs (loop3): bogus number of reserved sectors [ 130.769813][ T9163] loop2: detected capacity change from 0 to 16 [ 130.774348][ T9164] FAT-fs (loop3): Can't find a valid FAT filesystem [ 130.782831][ T9169] loop5: detected capacity change from 0 to 16 [ 130.791594][ T9168] loop4: detected capacity change from 0 to 16 [ 130.796327][ T9163] FAT-fs (loop2): invalid media value (0x00) 08:50:19 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0), 0x10) [ 130.805349][ T9163] FAT-fs (loop2): Can't find a valid FAT filesystem [ 130.823942][ T9169] FAT-fs (loop5): invalid media value (0x00) [ 130.829971][ T9169] FAT-fs (loop5): Can't find a valid FAT filesystem [ 130.842591][ T9168] FAULT_INJECTION: forcing a failure. [ 130.842591][ T9168] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 130.855880][ T9168] CPU: 1 PID: 9168 Comm: syz-executor.4 Not tainted 5.14.0-rc6-syzkaller #0 [ 130.864724][ T9168] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 130.875087][ T9168] Call Trace: [ 130.878441][ T9168] dump_stack_lvl+0xb7/0x103 [ 130.883139][ T9168] dump_stack+0x11/0x1a [ 130.887279][ T9168] should_fail+0x23c/0x250 [ 130.891750][ T9168] __alloc_pages+0x102/0x320 [ 130.896333][ T9168] alloc_pages+0x2e8/0x340 [ 130.900736][ T9168] __page_cache_alloc+0x4d/0xf0 [ 130.905647][ T9168] pagecache_get_page+0x5f4/0x900 [ 130.910654][ T9168] grab_cache_page_write_begin+0x3f/0x70 [ 130.916292][ T9168] cont_write_begin+0x501/0x850 [ 130.921390][ T9168] fat_write_begin+0x61/0xf0 [ 130.925961][ T9168] ? fat_block_truncate_page+0x30/0x30 [ 130.931401][ T9168] generic_perform_write+0x196/0x3c0 [ 130.936734][ T9168] ? fat_write_begin+0xf0/0xf0 [ 130.941685][ T9168] __generic_file_write_iter+0x202/0x300 [ 130.947304][ T9168] ? generic_write_checks+0x250/0x290 [ 130.952665][ T9168] generic_file_write_iter+0x75/0x130 [ 130.958204][ T9168] vfs_write+0x69d/0x770 [ 130.962458][ T9168] ksys_write+0xce/0x180 [ 130.966686][ T9168] __x64_sys_write+0x3e/0x50 [ 130.971268][ T9168] do_syscall_64+0x3d/0x90 [ 130.975679][ T9168] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 130.981579][ T9168] RIP: 0033:0x4665e9 [ 130.985451][ T9168] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 08:50:20 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0), 0x10) [ 131.005068][ T9168] RSP: 002b:00007f9108b78188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 131.013461][ T9168] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 131.021454][ T9168] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006 [ 131.029476][ T9168] RBP: 00007f9108b781d0 R08: 0000000000000000 R09: 0000000000000000 [ 131.037546][ T9168] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 131.045600][ T9168] R13: 00007ffeec19ddcf R14: 00007f9108b78300 R15: 0000000000022000 08:50:20 executing program 4 (fault-call:9 fault-nth:9): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:50:20 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000", 0x15}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:20 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000", 0x15}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:20 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0), 0x10) 08:50:20 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) [ 131.137310][ T9192] loop2: detected capacity change from 0 to 16 [ 131.141738][ T9197] loop5: detected capacity change from 0 to 16 [ 131.163342][ T9203] loop3: detected capacity change from 0 to 16 [ 131.171972][ T9192] FAT-fs (loop2): invalid media value (0x00) [ 131.177973][ T9192] FAT-fs (loop2): Can't find a valid FAT filesystem [ 131.185527][ T9205] loop4: detected capacity change from 0 to 16 [ 131.192685][ T9197] FAT-fs (loop5): invalid media value (0x00) [ 131.198760][ T9197] FAT-fs (loop5): Can't find a valid FAT filesystem [ 131.207019][ T9203] FAT-fs (loop3): bogus number of reserved sectors [ 131.213574][ T9203] FAT-fs (loop3): Can't find a valid FAT filesystem [ 131.225315][ T9205] FAULT_INJECTION: forcing a failure. [ 131.225315][ T9205] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 131.238457][ T9205] CPU: 0 PID: 9205 Comm: syz-executor.4 Not tainted 5.14.0-rc6-syzkaller #0 [ 131.247135][ T9205] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 131.257180][ T9205] Call Trace: [ 131.260449][ T9205] dump_stack_lvl+0xb7/0x103 [ 131.265055][ T9205] dump_stack+0x11/0x1a [ 131.269196][ T9205] should_fail+0x23c/0x250 [ 131.273687][ T9205] should_fail_usercopy+0x16/0x20 [ 131.278746][ T9205] copy_page_from_iter_atomic+0x2c1/0xba0 [ 131.284453][ T9205] ? fat_write_begin+0x61/0xf0 [ 131.289307][ T9205] ? fat_block_truncate_page+0x30/0x30 [ 131.294753][ T9205] ? fat_write_begin+0x79/0xf0 [ 131.299760][ T9205] generic_perform_write+0x1df/0x3c0 [ 131.305064][ T9205] ? fat_write_begin+0xf0/0xf0 [ 131.309811][ T9205] __generic_file_write_iter+0x202/0x300 [ 131.315487][ T9205] ? generic_write_checks+0x250/0x290 [ 131.320846][ T9205] generic_file_write_iter+0x75/0x130 [ 131.326206][ T9205] vfs_write+0x69d/0x770 [ 131.330568][ T9205] ksys_write+0xce/0x180 [ 131.334795][ T9205] __x64_sys_write+0x3e/0x50 [ 131.339455][ T9205] do_syscall_64+0x3d/0x90 [ 131.343910][ T9205] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 131.349787][ T9205] RIP: 0033:0x4665e9 [ 131.353666][ T9205] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 131.373453][ T9205] RSP: 002b:00007f9108b78188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 131.381851][ T9205] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 131.389816][ T9205] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006 [ 131.397782][ T9205] RBP: 00007f9108b781d0 R08: 0000000000000000 R09: 0000000000000000 [ 131.405780][ T9205] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 131.414012][ T9205] R13: 00007ffeec19ddcf R14: 00007f9108b78300 R15: 0000000000022000 08:50:20 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff}) r1 = socket$inet_udp(0x2, 0x2, 0x0) close(r1) socket(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0x1000000c8) splice(r0, 0x0, r1, 0x0, 0x30000033fe0, 0x0) 08:50:20 executing program 1: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{0x0}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:50:20 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000", 0x15}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:20 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000", 0x15}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:20 executing program 4 (fault-call:9 fault-nth:10): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:50:20 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) [ 131.610601][ T9229] loop1: detected capacity change from 0 to 16 [ 131.611377][ T9234] loop2: detected capacity change from 0 to 16 [ 131.619787][ T9235] loop3: detected capacity change from 0 to 16 [ 131.625767][ T9234] FAT-fs (loop2): invalid media value (0x00) [ 131.630835][ T9233] loop5: detected capacity change from 0 to 16 [ 131.635098][ T9234] FAT-fs (loop2): Can't find a valid FAT filesystem [ 131.636126][ T9236] loop4: detected capacity change from 0 to 16 [ 131.655434][ T9235] FAT-fs (loop3): bogus number of reserved sectors [ 131.657055][ T9229] FAT-fs (loop1): bogus number of reserved sectors [ 131.661985][ T9235] FAT-fs (loop3): Can't find a valid FAT filesystem [ 131.668583][ T9229] FAT-fs (loop1): Can't find a valid FAT filesystem [ 131.676267][ T9233] FAT-fs (loop5): invalid media value (0x00) [ 131.686868][ T9236] FAULT_INJECTION: forcing a failure. [ 131.686868][ T9236] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 131.687712][ T9233] FAT-fs (loop5): Can't find a valid FAT filesystem [ 131.707628][ T9236] CPU: 1 PID: 9236 Comm: syz-executor.4 Not tainted 5.14.0-rc6-syzkaller #0 [ 131.716381][ T9236] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 131.726442][ T9236] Call Trace: [ 131.729710][ T9236] dump_stack_lvl+0xb7/0x103 [ 131.734287][ T9236] dump_stack+0x11/0x1a [ 131.738654][ T9236] should_fail+0x23c/0x250 [ 131.743134][ T9236] __alloc_pages+0x102/0x320 [ 131.747985][ T9236] alloc_pages+0x2e8/0x340 [ 131.752381][ T9236] __page_cache_alloc+0x4d/0xf0 [ 131.757215][ T9236] pagecache_get_page+0x5f4/0x900 [ 131.762290][ T9236] grab_cache_page_write_begin+0x3f/0x70 [ 131.767968][ T9236] cont_write_begin+0x501/0x850 [ 131.772840][ T9236] fat_write_begin+0x61/0xf0 [ 131.777430][ T9236] ? fat_block_truncate_page+0x30/0x30 [ 131.782967][ T9236] generic_perform_write+0x196/0x3c0 [ 131.788265][ T9236] ? fat_write_begin+0xf0/0xf0 [ 131.793010][ T9236] __generic_file_write_iter+0x202/0x300 [ 131.798630][ T9236] ? generic_write_checks+0x250/0x290 [ 131.803986][ T9236] generic_file_write_iter+0x75/0x130 [ 131.809363][ T9236] vfs_write+0x69d/0x770 [ 131.813589][ T9236] ksys_write+0xce/0x180 [ 131.817816][ T9236] __x64_sys_write+0x3e/0x50 [ 131.822429][ T9236] do_syscall_64+0x3d/0x90 [ 131.826896][ T9236] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 131.832778][ T9236] RIP: 0033:0x4665e9 [ 131.836656][ T9236] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 08:50:20 executing program 4 (fault-call:9 fault-nth:11): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) [ 131.856296][ T9236] RSP: 002b:00007f9108b78188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 131.864784][ T9236] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 131.872754][ T9236] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006 [ 131.880719][ T9236] RBP: 00007f9108b781d0 R08: 0000000000000000 R09: 0000000000000000 [ 131.888670][ T9236] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 131.896643][ T9236] R13: 00007ffeec19ddcf R14: 00007f9108b78300 R15: 0000000000022000 08:50:20 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400", 0xc}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:50:20 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f8", 0x16}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:20 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000", 0x15}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:20 executing program 1 (fault-call:9 fault-nth:0): r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 131.976147][ T9258] loop4: detected capacity change from 0 to 16 [ 131.986531][ T9258] FAULT_INJECTION: forcing a failure. [ 131.986531][ T9258] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 131.999866][ T9258] CPU: 1 PID: 9258 Comm: syz-executor.4 Not tainted 5.14.0-rc6-syzkaller #0 [ 132.008676][ T9258] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 132.012103][ T9264] loop5: detected capacity change from 0 to 16 [ 132.018752][ T9258] Call Trace: [ 132.018762][ T9258] dump_stack_lvl+0xb7/0x103 [ 132.018784][ T9258] dump_stack+0x11/0x1a [ 132.036942][ T9258] should_fail+0x23c/0x250 [ 132.041362][ T9258] should_fail_usercopy+0x16/0x20 [ 132.046394][ T9258] copy_page_from_iter_atomic+0x2c1/0xba0 [ 132.052136][ T9258] ? fat_write_begin+0x61/0xf0 [ 132.056901][ T9258] ? fat_block_truncate_page+0x30/0x30 [ 132.062363][ T9258] ? fat_write_begin+0x79/0xf0 [ 132.063269][ T9264] FAT-fs (loop5): invalid media value (0x00) [ 132.067124][ T9258] generic_perform_write+0x1df/0x3c0 [ 132.067152][ T9258] ? fat_write_begin+0xf0/0xf0 [ 132.073137][ T9264] FAT-fs (loop5): Can't find a valid FAT filesystem [ 132.078390][ T9258] __generic_file_write_iter+0x202/0x300 [ 132.095687][ T9258] ? generic_write_checks+0x250/0x290 [ 132.099848][ T9265] loop2: detected capacity change from 0 to 16 [ 132.101062][ T9258] generic_file_write_iter+0x75/0x130 [ 132.101090][ T9258] vfs_write+0x69d/0x770 [ 132.114852][ T9265] FAT-fs (loop2): bogus number of FAT sectors [ 132.116977][ T9258] ksys_write+0xce/0x180 [ 132.117001][ T9258] __x64_sys_write+0x3e/0x50 [ 132.123062][ T9265] FAT-fs (loop2): Can't find a valid FAT filesystem [ 132.127269][ T9258] do_syscall_64+0x3d/0x90 [ 132.143484][ T9258] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 132.147304][ T9266] loop3: detected capacity change from 0 to 16 [ 132.149400][ T9258] RIP: 0033:0x4665e9 08:50:21 executing program 4 (fault-call:9 fault-nth:12): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) [ 132.149417][ T9258] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 132.149432][ T9258] RSP: 002b:00007f9108b78188 EFLAGS: 00000246 [ 132.160598][ T9267] FAULT_INJECTION: forcing a failure. [ 132.160598][ T9267] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 132.179019][ T9258] ORIG_RAX: 0000000000000001 [ 132.179031][ T9258] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 132.179043][ T9258] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006 [ 132.179053][ T9258] RBP: 00007f9108b781d0 R08: 0000000000000000 R09: 0000000000000000 [ 132.179063][ T9258] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 132.179072][ T9258] R13: 00007ffeec19ddcf R14: 00007f9108b78300 R15: 0000000000022000 [ 132.243358][ T9267] CPU: 0 PID: 9267 Comm: syz-executor.1 Not tainted 5.14.0-rc6-syzkaller #0 [ 132.252017][ T9267] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 132.262334][ T9267] Call Trace: [ 132.265700][ T9267] dump_stack_lvl+0xb7/0x103 [ 132.270309][ T9267] dump_stack+0x11/0x1a [ 132.274439][ T9267] should_fail+0x23c/0x250 [ 132.278927][ T9267] should_fail_usercopy+0x16/0x20 [ 132.284018][ T9267] _copy_from_user+0x1c/0xd0 [ 132.288638][ T9267] __sys_sendto+0x1af/0x370 [ 132.293220][ T9267] ? __fget_light+0x21b/0x260 [ 132.297944][ T9267] ? __cond_resched+0x11/0x40 [ 132.302598][ T9267] ? fput+0x2d/0x130 [ 132.306485][ T9267] __x64_sys_sendto+0x74/0x90 [ 132.311149][ T9267] do_syscall_64+0x3d/0x90 [ 132.315549][ T9267] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 132.321451][ T9267] RIP: 0033:0x4665e9 [ 132.325406][ T9267] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 132.345006][ T9267] RSP: 002b:00007f8b030f7188 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 132.353408][ T9267] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 132.361439][ T9267] RDX: 000000000000ffe4 RSI: 0000000020865000 RDI: 0000000000000003 [ 132.369391][ T9267] RBP: 00007f8b030f71d0 R08: 0000000020fd9ff0 R09: 0000000000000010 [ 132.377340][ T9267] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 132.385305][ T9267] R13: 00007ffdd4adc7ef R14: 00007f8b030f7300 R15: 0000000000022000 08:50:21 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0) write$binfmt_misc(r1, 0x0, 0x1000000c8) splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x0) 08:50:21 executing program 1 (fault-call:9 fault-nth:1): r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:21 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f8", 0x16}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:21 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f8", 0x16}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:21 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400", 0xc}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) [ 132.472176][ T9297] FAULT_INJECTION: forcing a failure. [ 132.472176][ T9297] name failslab, interval 1, probability 0, space 0, times 0 [ 132.485634][ T9297] CPU: 0 PID: 9297 Comm: syz-executor.1 Not tainted 5.14.0-rc6-syzkaller #0 [ 132.485806][ T9299] loop4: detected capacity change from 0 to 16 [ 132.494929][ T9297] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 132.494943][ T9297] Call Trace: [ 132.494949][ T9297] dump_stack_lvl+0xb7/0x103 [ 132.519005][ T9297] dump_stack+0x11/0x1a [ 132.523227][ T9297] should_fail+0x23c/0x250 [ 132.527731][ T9297] ? dst_alloc+0x108/0x300 [ 132.531006][ T9299] FAULT_INJECTION: forcing a failure. [ 132.531006][ T9299] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 132.532218][ T9297] __should_failslab+0x81/0x90 [ 132.550184][ T9297] should_failslab+0x5/0x20 [ 132.554765][ T9297] kmem_cache_alloc+0x46/0x2e0 [ 132.559713][ T9297] ? avc_has_perm_noaudit+0x19a/0x240 [ 132.565075][ T9297] dst_alloc+0x108/0x300 [ 132.569303][ T9297] __mkroute_output+0x452/0xc40 [ 132.574345][ T9297] ip_route_output_key_hash_rcu+0x7a8/0x800 [ 132.580225][ T9297] ip_route_output_flow+0xaa/0x160 [ 132.585320][ T9297] udp_sendmsg+0xd48/0x12f0 [ 132.589807][ T9297] ? ip_do_fragment+0x11f0/0x11f0 [ 132.594898][ T9297] ? ip4_datagram_connect+0x40/0x40 [ 132.600206][ T9297] ? _raw_spin_unlock_bh+0x33/0x40 [ 132.605298][ T9297] ? release_sock+0x104/0x110 [ 132.609955][ T9297] inet_sendmsg+0x5f/0x80 [ 132.614268][ T9297] __sys_sendto+0x2a8/0x370 [ 132.618870][ T9297] ? __cond_resched+0x11/0x40 [ 132.623534][ T9297] ? fput+0x2d/0x130 [ 132.627411][ T9297] __x64_sys_sendto+0x74/0x90 [ 132.632074][ T9297] do_syscall_64+0x3d/0x90 [ 132.636474][ T9297] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 132.642368][ T9297] RIP: 0033:0x4665e9 [ 132.646340][ T9297] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 132.665929][ T9297] RSP: 002b:00007f8b030f7188 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 132.674340][ T9297] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 132.682334][ T9297] RDX: 000000000000ffe4 RSI: 0000000020865000 RDI: 0000000000000003 [ 132.690314][ T9297] RBP: 00007f8b030f71d0 R08: 0000000020fd9ff0 R09: 0000000000000010 [ 132.698366][ T9297] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 132.706316][ T9297] R13: 00007ffdd4adc7ef R14: 00007f8b030f7300 R15: 0000000000022000 [ 132.714373][ T9299] CPU: 1 PID: 9299 Comm: syz-executor.4 Not tainted 5.14.0-rc6-syzkaller #0 [ 132.723052][ T9299] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 132.733135][ T9299] Call Trace: [ 132.736413][ T9299] dump_stack_lvl+0xb7/0x103 [ 132.736510][ T9308] loop2: detected capacity change from 0 to 16 [ 132.741011][ T9299] dump_stack+0x11/0x1a [ 132.741031][ T9299] should_fail+0x23c/0x250 [ 132.747552][ T9309] loop3: detected capacity change from 0 to 16 [ 132.751327][ T9299] __alloc_pages+0x102/0x320 [ 132.751349][ T9299] alloc_pages+0x2e8/0x340 [ 132.771030][ T9299] __page_cache_alloc+0x4d/0xf0 [ 132.776053][ T9299] pagecache_get_page+0x5f4/0x900 [ 132.777000][ T9308] FAT-fs (loop2): bogus number of FAT sectors [ 132.781088][ T9299] grab_cache_page_write_begin+0x3f/0x70 [ 132.787167][ T9308] FAT-fs (loop2): Can't find a valid FAT filesystem [ 132.792792][ T9299] cont_write_begin+0x501/0x850 [ 132.792819][ T9299] fat_write_begin+0x61/0xf0 [ 132.799532][ T9309] FAT-fs (loop3): bogus number of reserved sectors [ 132.804329][ T9299] ? fat_block_truncate_page+0x30/0x30 [ 132.808944][ T9309] FAT-fs (loop3): Can't find a valid FAT filesystem [ 132.815498][ T9299] generic_perform_write+0x196/0x3c0 [ 132.832753][ T9299] ? fat_write_begin+0xf0/0xf0 [ 132.837535][ T9299] __generic_file_write_iter+0x202/0x300 [ 132.842562][ T9307] loop5: detected capacity change from 0 to 16 [ 132.843251][ T9299] ? generic_write_checks+0x250/0x290 [ 132.854861][ T9299] generic_file_write_iter+0x75/0x130 [ 132.860262][ T9299] vfs_write+0x69d/0x770 [ 132.864585][ T9299] ksys_write+0xce/0x180 [ 132.868821][ T9299] __x64_sys_write+0x3e/0x50 [ 132.873474][ T9299] do_syscall_64+0x3d/0x90 [ 132.877948][ T9299] ? irqentry_exit+0xe/0x30 [ 132.882445][ T9299] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 132.888359][ T9299] RIP: 0033:0x4665e9 [ 132.892243][ T9299] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 132.911861][ T9299] RSP: 002b:00007f9108b78188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 132.920333][ T9299] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 132.928387][ T9299] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006 [ 132.936866][ T9299] RBP: 00007f9108b781d0 R08: 0000000000000000 R09: 0000000000000000 [ 132.944911][ T9299] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 132.952952][ T9299] R13: 00007ffeec19ddcf R14: 00007f9108b78300 R15: 0000000000022000 [ 132.964495][ T9307] FAT-fs (loop5): bogus number of FAT sectors 08:50:21 executing program 1 (fault-call:9 fault-nth:2): r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:21 executing program 4 (fault-call:9 fault-nth:13): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) [ 132.971661][ T9307] FAT-fs (loop5): Can't find a valid FAT filesystem [ 133.000363][ T9321] FAULT_INJECTION: forcing a failure. [ 133.000363][ T9321] name failslab, interval 1, probability 0, space 0, times 0 [ 133.013168][ T9321] CPU: 1 PID: 9321 Comm: syz-executor.1 Not tainted 5.14.0-rc6-syzkaller #0 [ 133.021944][ T9321] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 133.031991][ T9321] Call Trace: [ 133.035564][ T9321] dump_stack_lvl+0xb7/0x103 [ 133.040148][ T9321] dump_stack+0x11/0x1a [ 133.044281][ T9321] should_fail+0x23c/0x250 [ 133.048688][ T9321] __should_failslab+0x81/0x90 [ 133.053441][ T9321] should_failslab+0x5/0x20 [ 133.058023][ T9321] kmem_cache_alloc_node+0x58/0x2b0 [ 133.063205][ T9321] ? __alloc_skb+0xed/0x420 [ 133.067698][ T9321] __alloc_skb+0xed/0x420 [ 133.072064][ T9321] alloc_skb_with_frags+0x90/0x390 [ 133.077217][ T9321] ? should_fail+0x2a/0x250 [ 133.081758][ T9321] ? should_fail+0x2a/0x250 [ 133.086308][ T9321] sock_alloc_send_pskb+0x436/0x4e0 [ 133.091482][ T9321] sock_alloc_send_skb+0x2d/0x40 [ 133.096398][ T9321] __ip_append_data+0x1352/0x1dc0 [ 133.101478][ T9321] ? dst_alloc+0x29f/0x300 [ 133.105929][ T9321] ? ip_do_fragment+0x11f0/0x11f0 [ 133.110954][ T9321] ? xfrm_lookup_with_ifid+0xb7a/0x15b0 [ 133.116737][ T9321] ip_make_skb+0x142/0x2d0 [ 133.121213][ T9321] ? ip_do_fragment+0x11f0/0x11f0 [ 133.126228][ T9321] udp_sendmsg+0xfba/0x12f0 [ 133.130722][ T9321] ? ip_do_fragment+0x11f0/0x11f0 [ 133.135726][ T9321] ? _raw_spin_unlock_bh+0x33/0x40 [ 133.140992][ T9321] ? release_sock+0x104/0x110 [ 133.145647][ T9321] inet_sendmsg+0x5f/0x80 [ 133.149978][ T9321] __sys_sendto+0x2a8/0x370 [ 133.154464][ T9321] ? __cond_resched+0x11/0x40 [ 133.159165][ T9321] ? fput+0x2d/0x130 [ 133.163089][ T9321] __x64_sys_sendto+0x74/0x90 [ 133.167757][ T9321] do_syscall_64+0x3d/0x90 [ 133.172172][ T9321] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 133.178099][ T9321] RIP: 0033:0x4665e9 [ 133.181989][ T9321] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 133.202035][ T9321] RSP: 002b:00007f8b030f7188 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 133.210969][ T9321] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 133.218930][ T9321] RDX: 000000000000ffe4 RSI: 0000000020865000 RDI: 0000000000000003 [ 133.226897][ T9321] RBP: 00007f8b030f71d0 R08: 0000000020fd9ff0 R09: 0000000000000010 [ 133.234932][ T9321] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 133.242926][ T9321] R13: 00007ffdd4adc7ef R14: 00007f8b030f7300 R15: 0000000000022000 08:50:22 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f8", 0x16}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:22 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f8", 0x16}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:22 executing program 1 (fault-call:9 fault-nth:3): r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:22 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400", 0xc}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) [ 133.283219][ T9328] loop4: detected capacity change from 0 to 16 08:50:22 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0) write$binfmt_misc(r1, 0x0, 0x1000000c8) splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x0) [ 133.325536][ T9332] loop2: detected capacity change from 0 to 16 [ 133.337344][ T9328] FAULT_INJECTION: forcing a failure. [ 133.337344][ T9328] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 133.347389][ T9340] loop3: detected capacity change from 0 to 16 [ 133.350520][ T9328] CPU: 1 PID: 9328 Comm: syz-executor.4 Not tainted 5.14.0-rc6-syzkaller #0 [ 133.365338][ T9328] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 133.369976][ T9340] FAT-fs (loop3): bogus number of reserved sectors [ 133.375726][ T9328] Call Trace: [ 133.375735][ T9328] dump_stack_lvl+0xb7/0x103 [ 133.375757][ T9328] dump_stack+0x11/0x1a [ 133.382253][ T9340] FAT-fs (loop3): Can't find a valid FAT filesystem [ 133.385497][ T9328] should_fail+0x23c/0x250 [ 133.404848][ T9332] FAT-fs (loop2): bogus number of FAT sectors [ 133.405528][ T9328] should_fail_usercopy+0x16/0x20 [ 133.411627][ T9332] FAT-fs (loop2): Can't find a valid FAT filesystem [ 133.416590][ T9328] copy_page_from_iter_atomic+0x2c1/0xba0 [ 133.416618][ T9328] ? fat_write_begin+0x61/0xf0 [ 133.433746][ T9328] ? fat_block_truncate_page+0x30/0x30 [ 133.439428][ T9328] ? fat_write_begin+0x79/0xf0 [ 133.442368][ T9339] FAULT_INJECTION: forcing a failure. [ 133.442368][ T9339] name failslab, interval 1, probability 0, space 0, times 0 [ 133.444189][ T9328] generic_perform_write+0x1df/0x3c0 [ 133.462050][ T9328] ? fat_write_begin+0xf0/0xf0 [ 133.466835][ T9328] __generic_file_write_iter+0x202/0x300 [ 133.472456][ T9328] ? generic_write_checks+0x250/0x290 [ 133.477875][ T9328] generic_file_write_iter+0x75/0x130 [ 133.483297][ T9328] vfs_write+0x69d/0x770 [ 133.487534][ T9328] ksys_write+0xce/0x180 [ 133.491757][ T9328] __x64_sys_write+0x3e/0x50 [ 133.496360][ T9328] do_syscall_64+0x3d/0x90 [ 133.500876][ T9328] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 133.506752][ T9328] RIP: 0033:0x4665e9 [ 133.510651][ T9328] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 133.530610][ T9328] RSP: 002b:00007f9108b78188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 133.539016][ T9328] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 133.547041][ T9328] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006 [ 133.555015][ T9328] RBP: 00007f9108b781d0 R08: 0000000000000000 R09: 0000000000000000 [ 133.563088][ T9328] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 133.571180][ T9328] R13: 00007ffeec19ddcf R14: 00007f9108b78300 R15: 0000000000022000 [ 133.579161][ T9339] CPU: 0 PID: 9339 Comm: syz-executor.1 Not tainted 5.14.0-rc6-syzkaller #0 [ 133.586171][ T9345] loop5: detected capacity change from 0 to 16 [ 133.588017][ T9339] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 133.588029][ T9339] Call Trace: [ 133.588035][ T9339] dump_stack_lvl+0xb7/0x103 [ 133.596376][ T9345] FAT-fs (loop5): bogus number of FAT sectors [ 133.604346][ T9339] dump_stack+0x11/0x1a [ 133.604367][ T9339] should_fail+0x23c/0x250 [ 133.607653][ T9345] FAT-fs (loop5): Can't find a valid FAT filesystem [ 133.612215][ T9339] __should_failslab+0x81/0x90 [ 133.612232][ T9339] should_failslab+0x5/0x20 [ 133.612261][ T9339] kmem_cache_alloc_node_trace+0x58/0x2e0 [ 133.623329][ T9328] handle_bad_sector: 24 callbacks suppressed [ 133.623341][ T9328] attempt to access beyond end of device [ 133.623341][ T9328] loop4: rw=2049, want=123, limit=16 [ 133.626918][ T9339] ? __kmalloc_node_track_caller+0x30/0x40 [ 133.634313][ T9328] attempt to access beyond end of device [ 133.634313][ T9328] loop4: rw=2049, want=124, limit=16 [ 133.638249][ T9339] ? kmem_cache_alloc_node+0x1d4/0x2b0 [ 133.642777][ T9328] buffer_io_error: 19 callbacks suppressed [ 133.642786][ T9328] Buffer I/O error on dev loop4, logical block 123, lost async page write [ 133.648431][ T9339] __kmalloc_node_track_caller+0x30/0x40 [ 133.648488][ T9339] ? alloc_skb_with_frags+0x90/0x390 [ 133.648510][ T9339] __alloc_skb+0x187/0x420 [ 133.658892][ T9328] attempt to access beyond end of device [ 133.658892][ T9328] loop4: rw=2049, want=125, limit=16 [ 133.665681][ T9339] alloc_skb_with_frags+0x90/0x390 [ 133.665709][ T9339] ? should_fail+0x2a/0x250 [ 133.665730][ T9339] ? should_fail+0x2a/0x250 [ 133.671677][ T9328] Buffer I/O error on dev loop4, logical block 124, lost async page write [ 133.682429][ T9339] sock_alloc_send_pskb+0x436/0x4e0 [ 133.682450][ T9339] sock_alloc_send_skb+0x2d/0x40 [ 133.692031][ T9328] attempt to access beyond end of device [ 133.692031][ T9328] loop4: rw=2049, want=126, limit=16 [ 133.693869][ T9339] __ip_append_data+0x1352/0x1dc0 08:50:22 executing program 4 (fault-call:9 fault-nth:14): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) [ 133.693890][ T9339] ? dst_alloc+0x29f/0x300 [ 133.693914][ T9339] ? ip_do_fragment+0x11f0/0x11f0 [ 133.702431][ T9328] Buffer I/O error on dev loop4, logical block 125, lost async page write [ 133.707994][ T9339] ? xfrm_lookup_with_ifid+0xb7a/0x15b0 [ 133.715365][ T9328] attempt to access beyond end of device [ 133.715365][ T9328] loop4: rw=2049, want=127, limit=16 [ 133.717725][ T9339] ip_make_skb+0x142/0x2d0 [ 133.717745][ T9339] ? ip_do_fragment+0x11f0/0x11f0 [ 133.717761][ T9339] udp_sendmsg+0xfba/0x12f0 [ 133.728534][ T9328] Buffer I/O error on dev loop4, logical block 126, lost async page write [ 133.733611][ T9339] ? ip_do_fragment+0x11f0/0x11f0 [ 133.739879][ T9328] attempt to access beyond end of device [ 133.739879][ T9328] loop4: rw=2049, want=128, limit=16 [ 133.742591][ T9339] ? _raw_spin_unlock_bh+0x33/0x40 [ 133.742616][ T9339] ? release_sock+0x104/0x110 [ 133.751277][ T9328] Buffer I/O error on dev loop4, logical block 127, lost async page write [ 133.751582][ T9328] attempt to access beyond end of device [ 133.751582][ T9328] loop4: rw=2049, want=52, limit=16 [ 133.756500][ T9339] inet_sendmsg+0x5f/0x80 [ 133.756522][ T9339] __sys_sendto+0x2a8/0x370 [ 133.756542][ T9339] ? __cond_resched+0x11/0x40 [ 133.756557][ T9339] ? fput+0x2d/0x130 [ 133.761599][ T9328] Buffer I/O error on dev loop4, logical block 51, lost async page write [ 133.772554][ T9339] __x64_sys_sendto+0x74/0x90 [ 133.772579][ T9339] do_syscall_64+0x3d/0x90 [ 133.914053][ T9339] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 133.919940][ T9339] RIP: 0033:0x4665e9 [ 133.923973][ T9339] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 133.944132][ T9339] RSP: 002b:00007f8b030f7188 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 133.952618][ T9339] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 133.960663][ T9339] RDX: 000000000000ffe4 RSI: 0000000020865000 RDI: 0000000000000003 [ 133.968758][ T9339] RBP: 00007f8b030f71d0 R08: 0000000020fd9ff0 R09: 0000000000000010 08:50:22 executing program 1 (fault-call:9 fault-nth:4): r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:22 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, 0x0) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) [ 133.977377][ T9339] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 133.985500][ T9339] R13: 00007ffdd4adc7ef R14: 00007f8b030f7300 R15: 0000000000022000 [ 134.041446][ T9364] FAULT_INJECTION: forcing a failure. [ 134.041446][ T9364] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 134.053403][ T9366] loop2: detected capacity change from 0 to 16 [ 134.054881][ T9364] CPU: 0 PID: 9364 Comm: syz-executor.1 Not tainted 5.14.0-rc6-syzkaller #0 [ 134.069859][ T9364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 134.080041][ T9364] Call Trace: [ 134.083320][ T9364] dump_stack_lvl+0xb7/0x103 [ 134.087967][ T9364] dump_stack+0x11/0x1a [ 134.092128][ T9364] should_fail+0x23c/0x250 [ 134.096795][ T9364] should_fail_usercopy+0x16/0x20 [ 134.102059][ T9364] _copy_from_iter+0x131/0x970 [ 134.106830][ T9364] ? check_stack_object+0x61/0x70 [ 134.111848][ T9364] ? __virt_addr_valid+0x15a/0x1a0 [ 134.117862][ T9364] ? __check_object_size+0x253/0x310 [ 134.123195][ T9364] ip_generic_getfrag+0x90/0x1b0 [ 134.123487][ T9365] loop4: detected capacity change from 0 to 16 [ 134.128354][ T9364] __ip_append_data+0x1713/0x1dc0 08:50:23 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f8", 0x16}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:23 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, 0x0) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:23 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240", 0x12}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) [ 134.128375][ T9364] ? dst_alloc+0x29f/0x300 [ 134.128395][ T9364] ? ip_do_fragment+0x11f0/0x11f0 [ 134.149206][ T9364] ? xfrm_lookup_with_ifid+0xb7a/0x15b0 [ 134.155533][ T9364] ip_make_skb+0x142/0x2d0 [ 134.160324][ T9364] ? ip_do_fragment+0x11f0/0x11f0 [ 134.165365][ T9364] udp_sendmsg+0xfba/0x12f0 [ 134.169921][ T9364] ? ip_do_fragment+0x11f0/0x11f0 [ 134.174943][ T9364] ? _raw_spin_unlock_bh+0x33/0x40 [ 134.180239][ T9364] ? release_sock+0x104/0x110 [ 134.181180][ T9365] FAULT_INJECTION: forcing a failure. [ 134.181180][ T9365] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 134.184916][ T9364] inet_sendmsg+0x5f/0x80 [ 134.202409][ T9364] __sys_sendto+0x2a8/0x370 [ 134.206912][ T9364] ? __cond_resched+0x11/0x40 [ 134.212117][ T9364] ? fput+0x2d/0x130 [ 134.216048][ T9364] __x64_sys_sendto+0x74/0x90 [ 134.220769][ T9364] do_syscall_64+0x3d/0x90 [ 134.225225][ T9364] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 134.231204][ T9364] RIP: 0033:0x4665e9 [ 134.235139][ T9364] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 134.254904][ T9364] RSP: 002b:00007f8b030f7188 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 134.263440][ T9364] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 134.271512][ T9364] RDX: 000000000000ffe4 RSI: 0000000020865000 RDI: 0000000000000003 [ 134.279648][ T9364] RBP: 00007f8b030f71d0 R08: 0000000020fd9ff0 R09: 0000000000000010 [ 134.287599][ T9364] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 134.295626][ T9364] R13: 00007ffdd4adc7ef R14: 00007f8b030f7300 R15: 0000000000022000 [ 134.303594][ T9365] CPU: 1 PID: 9365 Comm: syz-executor.4 Not tainted 5.14.0-rc6-syzkaller #0 [ 134.312352][ T9365] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 134.322528][ T9365] Call Trace: [ 134.323629][ T9380] loop5: detected capacity change from 0 to 16 [ 134.325800][ T9365] dump_stack_lvl+0xb7/0x103 [ 134.334666][ T9382] loop3: detected capacity change from 0 to 16 [ 134.336592][ T9365] dump_stack+0x11/0x1a [ 134.336611][ T9365] should_fail+0x23c/0x250 [ 134.351412][ T9365] __alloc_pages+0x102/0x320 [ 134.355995][ T9365] alloc_pages+0x2e8/0x340 [ 134.356780][ T9380] FAT-fs (loop5): bogus number of FAT sectors [ 134.360404][ T9365] __page_cache_alloc+0x4d/0xf0 [ 134.360429][ T9365] pagecache_get_page+0x5f4/0x900 [ 134.366573][ T9380] FAT-fs (loop5): Can't find a valid FAT filesystem [ 134.371403][ T9365] grab_cache_page_write_begin+0x3f/0x70 08:50:23 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0) write$binfmt_misc(r1, 0x0, 0x1000000c8) splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x0) [ 134.371430][ T9365] cont_write_begin+0x501/0x850 [ 134.376468][ T9382] FAT-fs (loop3): invalid media value (0x00) [ 134.382994][ T9365] fat_write_begin+0x61/0xf0 [ 134.383017][ T9365] ? fat_block_truncate_page+0x30/0x30 [ 134.388674][ T9382] FAT-fs (loop3): Can't find a valid FAT filesystem [ 134.393484][ T9365] generic_perform_write+0x196/0x3c0 [ 134.422007][ T9365] ? fat_write_begin+0xf0/0xf0 [ 134.426968][ T9365] __generic_file_write_iter+0x202/0x300 [ 134.432775][ T9365] ? generic_write_checks+0x250/0x290 [ 134.438174][ T9365] generic_file_write_iter+0x75/0x130 [ 134.443562][ T9365] vfs_write+0x69d/0x770 [ 134.447788][ T9365] ksys_write+0xce/0x180 [ 134.452010][ T9365] __x64_sys_write+0x3e/0x50 [ 134.456763][ T9365] do_syscall_64+0x3d/0x90 [ 134.461263][ T9365] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 134.467182][ T9365] RIP: 0033:0x4665e9 [ 134.471073][ T9365] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 134.490816][ T9365] RSP: 002b:00007f9108b78188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 134.499336][ T9365] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 134.507663][ T9365] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006 [ 134.515735][ T9365] RBP: 00007f9108b781d0 R08: 0000000000000000 R09: 0000000000000000 [ 134.523700][ T9365] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 134.531655][ T9365] R13: 00007ffeec19ddcf R14: 00007f9108b78300 R15: 0000000000022000 08:50:23 executing program 4 (fault-call:9 fault-nth:15): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:50:23 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, 0x0) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:23 executing program 1 (fault-call:9 fault-nth:5): r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:23 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240", 0x12}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:50:23 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, 0x0) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) [ 134.548777][ T9381] loop2: detected capacity change from 0 to 16 [ 134.611491][ T9401] loop5: detected capacity change from 0 to 16 [ 134.619962][ T9402] loop3: detected capacity change from 0 to 16 [ 134.632051][ T9400] FAULT_INJECTION: forcing a failure. [ 134.632051][ T9400] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 134.635703][ T9407] loop4: detected capacity change from 0 to 16 [ 134.646474][ T9400] CPU: 1 PID: 9400 Comm: syz-executor.1 Not tainted 5.14.0-rc6-syzkaller #0 [ 134.661806][ T9400] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 134.668442][ T9407] FAULT_INJECTION: forcing a failure. [ 134.668442][ T9407] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 134.671866][ T9400] Call Trace: [ 134.671876][ T9400] dump_stack_lvl+0xb7/0x103 [ 134.692921][ T9400] dump_stack+0x11/0x1a [ 134.697065][ T9400] should_fail+0x23c/0x250 [ 134.701470][ T9400] __alloc_pages+0x102/0x320 [ 134.706154][ T9400] alloc_pages+0x2e8/0x340 [ 134.710623][ T9400] pte_alloc_one+0x29/0xb0 [ 134.715023][ T9400] ? cgroup_rstat_updated+0x60/0x1c0 [ 134.720302][ T9400] __pte_alloc+0x2f/0x210 [ 134.724739][ T9400] do_anonymous_page+0x79b/0x8a0 [ 134.729675][ T9400] handle_mm_fault+0x98f/0x1a50 [ 134.734526][ T9400] do_user_addr_fault+0x609/0xbe0 [ 134.739551][ T9400] exc_page_fault+0x91/0x220 [ 134.744131][ T9400] asm_exc_page_fault+0x1e/0x30 [ 134.748969][ T9400] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x40 [ 134.755631][ T9400] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 83 f8 [ 134.775755][ T9400] RSP: 0018:ffffc9000ed4f8c8 EFLAGS: 00010202 [ 134.781803][ T9400] RAX: ffff88812dc42a20 RBX: ffff8881089a6e2c RCX: 0000000000000074 [ 134.789756][ T9400] RDX: 0000000000000074 RSI: 0000000020865000 RDI: ffff8881089a6e2c [ 134.797707][ T9400] RBP: 0000000000000000 R08: 0000000000000000 R09: 0001ffffffffffff [ 134.805704][ T9400] R10: 00018881089a6e9f R11: ffff88812dc42040 R12: 0000000000000074 [ 134.813944][ T9400] R13: 0000000000000000 R14: ffffc9000ed4fdd0 R15: 0000000020865000 [ 134.822018][ T9400] _copy_from_iter+0x1ac/0x970 [ 134.826778][ T9400] ? check_stack_object+0x61/0x70 [ 134.831814][ T9400] ? __virt_addr_valid+0x15a/0x1a0 [ 134.836922][ T9400] ? __check_object_size+0x253/0x310 [ 134.842210][ T9400] ip_generic_getfrag+0x90/0x1b0 [ 134.847238][ T9400] __ip_append_data+0x1713/0x1dc0 [ 134.852334][ T9400] ? dst_alloc+0x29f/0x300 [ 134.856824][ T9400] ? ip_do_fragment+0x11f0/0x11f0 [ 134.861831][ T9400] ? xfrm_lookup_with_ifid+0xb7a/0x15b0 [ 134.867453][ T9400] ip_make_skb+0x142/0x2d0 [ 134.871902][ T9400] ? ip_do_fragment+0x11f0/0x11f0 [ 134.877959][ T9400] udp_sendmsg+0xfba/0x12f0 [ 134.882551][ T9400] ? ip_do_fragment+0x11f0/0x11f0 [ 134.887559][ T9400] ? _raw_spin_unlock_bh+0x33/0x40 [ 134.892672][ T9400] ? release_sock+0x104/0x110 [ 134.897333][ T9400] inet_sendmsg+0x5f/0x80 [ 134.901648][ T9400] __sys_sendto+0x2a8/0x370 [ 134.906240][ T9400] ? __cond_resched+0x11/0x40 [ 134.910942][ T9400] ? fput+0x2d/0x130 [ 134.914917][ T9400] __x64_sys_sendto+0x74/0x90 [ 134.919594][ T9400] do_syscall_64+0x3d/0x90 [ 134.924007][ T9400] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 134.929903][ T9400] RIP: 0033:0x4665e9 [ 134.933793][ T9400] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 134.953921][ T9400] RSP: 002b:00007f8b030f7188 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 134.962329][ T9400] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 134.970294][ T9400] RDX: 000000000000ffe4 RSI: 0000000020865000 RDI: 0000000000000003 [ 134.978413][ T9400] RBP: 00007f8b030f71d0 R08: 0000000020fd9ff0 R09: 0000000000000010 [ 134.986378][ T9400] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 134.994388][ T9400] R13: 00007ffdd4adc7ef R14: 00007f8b030f7300 R15: 0000000000022000 [ 135.002444][ T9407] CPU: 0 PID: 9407 Comm: syz-executor.4 Not tainted 5.14.0-rc6-syzkaller #0 [ 135.011227][ T9407] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 135.011456][ T9402] FAT-fs (loop3): invalid media value (0x00) [ 135.021364][ T9407] Call Trace: [ 135.021376][ T9407] dump_stack_lvl+0xb7/0x103 [ 135.021395][ T9407] dump_stack+0x11/0x1a [ 135.021408][ T9407] should_fail+0x23c/0x250 [ 135.027390][ T9402] FAT-fs (loop3): Can't find a valid FAT filesystem [ 135.030800][ T9407] should_fail_usercopy+0x16/0x20 [ 135.043235][ T9400] IPv4: Oversized IP packet from 127.0.0.1 [ 135.044046][ T9407] copy_page_from_iter_atomic+0x2c1/0xba0 [ 135.050664][ C1] IPv4: Oversized IP packet from 127.0.0.1 [ 135.055608][ T9407] ? fat_write_begin+0x61/0xf0 [ 135.077585][ T9407] ? fat_block_truncate_page+0x30/0x30 [ 135.083171][ T9407] ? fat_write_begin+0x79/0xf0 [ 135.088045][ T9407] generic_perform_write+0x1df/0x3c0 [ 135.093444][ T9407] ? fat_write_begin+0xf0/0xf0 [ 135.098191][ T9407] __generic_file_write_iter+0x202/0x300 [ 135.103859][ T9407] ? generic_write_checks+0x250/0x290 [ 135.109216][ T9407] generic_file_write_iter+0x75/0x130 [ 135.114573][ T9407] vfs_write+0x69d/0x770 [ 135.118799][ T9407] ksys_write+0xce/0x180 [ 135.123197][ T9407] __x64_sys_write+0x3e/0x50 [ 135.127864][ T9407] do_syscall_64+0x3d/0x90 [ 135.132278][ T9407] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 135.138173][ T9407] RIP: 0033:0x4665e9 [ 135.142125][ T9407] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 135.164169][ T9407] RSP: 002b:00007f9108b78188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 135.172569][ T9407] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 135.180651][ T9407] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006 [ 135.188604][ T9407] RBP: 00007f9108b781d0 R08: 0000000000000000 R09: 0000000000000000 [ 135.196780][ T9407] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 135.204838][ T9407] R13: 00007ffeec19ddcf R14: 00007f9108b78300 R15: 0000000000022000 08:50:24 executing program 1 (fault-call:9 fault-nth:6): r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 135.229931][ T9415] loop2: detected capacity change from 0 to 16 [ 135.237712][ T9407] attempt to access beyond end of device [ 135.237712][ T9407] loop4: rw=2049, want=123, limit=16 [ 135.253095][ T9417] FAULT_INJECTION: forcing a failure. [ 135.253095][ T9417] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 135.266438][ T9417] CPU: 0 PID: 9417 Comm: syz-executor.1 Not tainted 5.14.0-rc6-syzkaller #0 08:50:24 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240", 0x12}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) [ 135.266949][ T9407] attempt to access beyond end of device [ 135.266949][ T9407] loop4: rw=2049, want=124, limit=16 [ 135.275193][ T9417] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 135.275204][ T9417] Call Trace: [ 135.275210][ T9417] dump_stack_lvl+0xb7/0x103 [ 135.285996][ T9407] Buffer I/O error on dev loop4, logical block 123, lost async page write [ 135.296006][ T9417] dump_stack+0x11/0x1a [ 135.296027][ T9417] should_fail+0x23c/0x250 [ 135.299401][ T9407] attempt to access beyond end of device 08:50:24 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket$inet_udp(0x2, 0x2, 0x0) close(r1) socket(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0) write$binfmt_misc(r0, &(0x7f00000001c0)=ANY=[], 0x1000000c8) splice(0xffffffffffffffff, 0x0, r1, 0x0, 0x30000033fe0, 0x0) 08:50:24 executing program 4 (fault-call:9 fault-nth:16): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) [ 135.299401][ T9407] loop4: rw=2049, want=125, limit=16 [ 135.303863][ T9417] __alloc_pages+0x102/0x320 [ 135.303884][ T9417] alloc_pages+0x2e8/0x340 [ 135.312914][ T9407] Buffer I/O error on dev loop4, logical block 124, lost async page write [ 135.317004][ T9417] skb_page_frag_refill+0x9a/0x1b0 [ 135.324640][ T9407] Buffer I/O error on dev loop4, logical block 125, lost async page write [ 135.332119][ T9417] sk_page_frag_refill+0x31/0x120 [ 135.337396][ T9407] Buffer I/O error on dev loop4, logical block 126, lost async page write [ 135.341130][ T9417] __ip_append_data+0xbc4/0x1dc0 [ 135.377282][ T9422] loop3: detected capacity change from 0 to 16 [ 135.381757][ T9417] ? dst_alloc+0x29f/0x300 [ 135.381797][ T9417] ? ip_do_fragment+0x11f0/0x11f0 [ 135.391108][ T9422] FAT-fs (loop3): invalid media value (0x00) [ 135.392766][ T9417] ip_make_skb+0x142/0x2d0 [ 135.392788][ T9417] ? ip_do_fragment+0x11f0/0x11f0 [ 135.397785][ T9422] FAT-fs (loop3): Can't find a valid FAT filesystem [ 135.403743][ T9417] udp_sendmsg+0xfba/0x12f0 [ 135.403774][ T9417] ? ip_do_fragment+0x11f0/0x11f0 [ 135.403790][ T9417] ? _raw_spin_unlock_bh+0x33/0x40 [ 135.435218][ T9417] ? release_sock+0x104/0x110 [ 135.440659][ T9417] inet_sendmsg+0x5f/0x80 [ 135.445588][ T9417] __sys_sendto+0x2a8/0x370 [ 135.450262][ T9417] ? __cond_resched+0x11/0x40 [ 135.455025][ T9417] ? fput+0x2d/0x130 [ 135.458912][ T9417] __x64_sys_sendto+0x74/0x90 [ 135.463760][ T9417] do_syscall_64+0x3d/0x90 [ 135.468166][ T9417] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 135.474095][ T9417] RIP: 0033:0x4665e9 [ 135.478196][ T9417] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 135.498007][ T9417] RSP: 002b:00007f8b030f7188 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 135.506428][ T9417] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 135.514636][ T9417] RDX: 000000000000ffe4 RSI: 0000000020865000 RDI: 0000000000000003 [ 135.522601][ T9417] RBP: 00007f8b030f71d0 R08: 0000000020fd9ff0 R09: 0000000000000010 08:50:24 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, 0x0) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:24 executing program 1 (fault-call:9 fault-nth:7): r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 135.530571][ T9417] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 135.538746][ T9417] R13: 00007ffdd4adc7ef R14: 00007f8b030f7300 R15: 0000000000022000 [ 135.549717][ T9417] IPv4: Oversized IP packet from 127.0.0.1 [ 135.555720][ C0] IPv4: Oversized IP packet from 127.0.0.1 08:50:24 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000", 0x15}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) [ 135.589865][ T9432] loop4: detected capacity change from 0 to 16 [ 135.603736][ T9434] FAULT_INJECTION: forcing a failure. [ 135.603736][ T9434] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 135.616906][ T9434] CPU: 1 PID: 9434 Comm: syz-executor.1 Not tainted 5.14.0-rc6-syzkaller #0 [ 135.617396][ T9432] FAULT_INJECTION: forcing a failure. [ 135.617396][ T9432] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 135.625586][ T9434] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 135.625600][ T9434] Call Trace: [ 135.625606][ T9434] dump_stack_lvl+0xb7/0x103 [ 135.625631][ T9434] dump_stack+0x11/0x1a [ 135.661007][ T9434] should_fail+0x23c/0x250 [ 135.665500][ T9434] should_fail_usercopy+0x16/0x20 [ 135.670514][ T9434] _copy_from_iter+0x131/0x970 [ 135.675415][ T9434] ? check_stack_object+0x61/0x70 [ 135.680456][ T9434] ? __virt_addr_valid+0x15a/0x1a0 [ 135.685640][ T9434] ? __check_object_size+0x253/0x310 [ 135.690925][ T9434] ip_generic_getfrag+0x90/0x1b0 [ 135.696014][ T9434] __ip_append_data+0xf8e/0x1dc0 [ 135.700959][ T9434] ? ip_do_fragment+0x11f0/0x11f0 [ 135.705976][ T9434] ip_make_skb+0x142/0x2d0 [ 135.710432][ T9434] ? ip_do_fragment+0x11f0/0x11f0 [ 135.716050][ T9434] udp_sendmsg+0xfba/0x12f0 [ 135.720575][ T9434] ? ip_do_fragment+0x11f0/0x11f0 [ 135.725584][ T9434] ? _raw_spin_unlock_bh+0x33/0x40 [ 135.730710][ T9434] ? release_sock+0x104/0x110 [ 135.735463][ T9434] inet_sendmsg+0x5f/0x80 [ 135.739783][ T9434] __sys_sendto+0x2a8/0x370 [ 135.744447][ T9434] ? __cond_resched+0x11/0x40 [ 135.749131][ T9434] ? fput+0x2d/0x130 [ 135.753110][ T9434] __x64_sys_sendto+0x74/0x90 [ 135.757858][ T9434] do_syscall_64+0x3d/0x90 [ 135.762261][ T9434] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 135.768233][ T9434] RIP: 0033:0x4665e9 08:50:24 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(0x0) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) [ 135.772116][ T9434] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 135.791791][ T9434] RSP: 002b:00007f8b030f7188 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 135.800270][ T9434] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 135.808280][ T9434] RDX: 000000000000ffe4 RSI: 0000000020865000 RDI: 0000000000000003 [ 135.816233][ T9434] RBP: 00007f8b030f71d0 R08: 0000000020fd9ff0 R09: 0000000000000010 [ 135.824241][ T9434] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 135.832207][ T9434] R13: 00007ffdd4adc7ef R14: 00007f8b030f7300 R15: 0000000000022000 [ 135.840252][ T9432] CPU: 0 PID: 9432 Comm: syz-executor.4 Not tainted 5.14.0-rc6-syzkaller #0 [ 135.849043][ T9432] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 135.859110][ T9432] Call Trace: [ 135.862382][ T9432] dump_stack_lvl+0xb7/0x103 [ 135.867180][ T9432] dump_stack+0x11/0x1a [ 135.871334][ T9432] should_fail+0x23c/0x250 [ 135.875822][ T9432] __alloc_pages+0x102/0x320 [ 135.880461][ T9432] alloc_pages+0x2e8/0x340 [ 135.880805][ T9438] loop3: detected capacity change from 0 to 16 [ 135.884875][ T9432] __page_cache_alloc+0x4d/0xf0 [ 135.884900][ T9432] pagecache_get_page+0x5f4/0x900 [ 135.900981][ T9432] grab_cache_page_write_begin+0x3f/0x70 [ 135.906795][ T9432] cont_write_begin+0x501/0x850 [ 135.911642][ T9432] fat_write_begin+0x61/0xf0 [ 135.916233][ T9432] ? fat_block_truncate_page+0x30/0x30 [ 135.921687][ T9432] generic_perform_write+0x196/0x3c0 [ 135.926968][ T9432] ? fat_write_begin+0xf0/0xf0 [ 135.931809][ T9432] __generic_file_write_iter+0x202/0x300 [ 135.937514][ T9432] ? generic_write_checks+0x250/0x290 [ 135.942879][ T9432] generic_file_write_iter+0x75/0x130 [ 135.948317][ T9432] vfs_write+0x69d/0x770 [ 135.952541][ T9432] ksys_write+0xce/0x180 [ 135.956774][ T9432] __x64_sys_write+0x3e/0x50 [ 135.961368][ T9432] do_syscall_64+0x3d/0x90 [ 135.965843][ T9432] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 135.971807][ T9432] RIP: 0033:0x4665e9 [ 135.975686][ T9432] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 135.995362][ T9432] RSP: 002b:00007f9108b78188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 136.003920][ T9432] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 136.011885][ T9432] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006 [ 136.019843][ T9432] RBP: 00007f9108b781d0 R08: 0000000000000000 R09: 0000000000000000 [ 136.027795][ T9432] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 08:50:25 executing program 1 (fault-call:9 fault-nth:8): r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 136.035758][ T9432] R13: 00007ffeec19ddcf R14: 00007f9108b78300 R15: 0000000000022000 [ 136.077206][ T9450] loop5: detected capacity change from 0 to 16 [ 136.087450][ T9451] loop2: detected capacity change from 0 to 16 [ 136.103753][ T9455] FAULT_INJECTION: forcing a failure. [ 136.103753][ T9455] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 136.110605][ T9438] FAT-fs (loop3): invalid media value (0x00) [ 136.117090][ T9455] CPU: 1 PID: 9455 Comm: syz-executor.1 Not tainted 5.14.0-rc6-syzkaller #0 [ 136.123081][ T9438] FAT-fs (loop3): Can't find a valid FAT filesystem [ 136.131730][ T9455] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 136.131741][ T9455] Call Trace: [ 136.131747][ T9455] dump_stack_lvl+0xb7/0x103 [ 136.156266][ T9455] dump_stack+0x11/0x1a [ 136.160418][ T9455] should_fail+0x23c/0x250 [ 136.164831][ T9455] __alloc_pages+0x102/0x320 [ 136.169408][ T9455] alloc_pages+0x2e8/0x340 [ 136.173841][ T9455] skb_page_frag_refill+0x9a/0x1b0 [ 136.179141][ T9455] sk_page_frag_refill+0x31/0x120 [ 136.184157][ T9455] __ip_append_data+0xbc4/0x1dc0 [ 136.189087][ T9455] ? ip_do_fragment+0x11f0/0x11f0 [ 136.194095][ T9455] ip_make_skb+0x142/0x2d0 [ 136.198514][ T9455] ? ip_do_fragment+0x11f0/0x11f0 [ 136.203523][ T9455] udp_sendmsg+0xfba/0x12f0 [ 136.208034][ T9455] ? ip_do_fragment+0x11f0/0x11f0 [ 136.213052][ T9455] ? _raw_spin_unlock_bh+0x33/0x40 [ 136.218160][ T9455] ? release_sock+0x104/0x110 [ 136.222817][ T9455] inet_sendmsg+0x5f/0x80 [ 136.227193][ T9455] __sys_sendto+0x2a8/0x370 [ 136.231735][ T9455] ? __cond_resched+0x11/0x40 [ 136.236399][ T9455] ? fput+0x2d/0x130 [ 136.240281][ T9455] __x64_sys_sendto+0x74/0x90 [ 136.244950][ T9455] do_syscall_64+0x3d/0x90 [ 136.249360][ T9455] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 136.255245][ T9455] RIP: 0033:0x4665e9 08:50:25 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket$inet_udp(0x2, 0x2, 0x0) close(r1) socket(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0) write$binfmt_misc(r0, &(0x7f00000001c0)=ANY=[], 0x1000000c8) splice(0xffffffffffffffff, 0x0, r1, 0x0, 0x30000033fe0, 0x0) [ 136.259163][ T9455] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 136.278770][ T9455] RSP: 002b:00007f8b030f7188 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 136.287186][ T9455] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 136.295147][ T9455] RDX: 000000000000ffe4 RSI: 0000000020865000 RDI: 0000000000000003 [ 136.303102][ T9455] RBP: 00007f8b030f71d0 R08: 0000000020fd9ff0 R09: 0000000000000010 [ 136.311058][ T9455] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 136.319014][ T9455] R13: 00007ffdd4adc7ef R14: 00007f8b030f7300 R15: 0000000000022000 08:50:25 executing program 4 (fault-call:9 fault-nth:17): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:50:25 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000", 0x15}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:50:25 executing program 1 (fault-call:9 fault-nth:9): r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 136.339994][ T9455] IPv4: Oversized IP packet from 127.0.0.1 [ 136.345924][ C1] IPv4: Oversized IP packet from 127.0.0.1 08:50:25 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(0x0) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:25 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, 0x0) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) [ 136.383779][ T9466] loop3: detected capacity change from 0 to 16 [ 136.390924][ T9466] FAT-fs (loop3): invalid media value (0x00) [ 136.396957][ T9466] FAT-fs (loop3): Can't find a valid FAT filesystem [ 136.399271][ T9469] loop4: detected capacity change from 0 to 16 [ 136.411669][ T9470] FAULT_INJECTION: forcing a failure. [ 136.411669][ T9470] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 136.414528][ T9469] FAULT_INJECTION: forcing a failure. [ 136.414528][ T9469] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 136.424811][ T9470] CPU: 0 PID: 9470 Comm: syz-executor.1 Not tainted 5.14.0-rc6-syzkaller #0 [ 136.424833][ T9470] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 136.424841][ T9470] Call Trace: [ 136.424849][ T9470] dump_stack_lvl+0xb7/0x103 [ 136.464510][ T9470] dump_stack+0x11/0x1a [ 136.469088][ T9470] should_fail+0x23c/0x250 [ 136.473562][ T9470] should_fail_usercopy+0x16/0x20 [ 136.478571][ T9470] _copy_from_iter+0x131/0x970 [ 136.483762][ T9470] ? check_stack_object+0x61/0x70 [ 136.488776][ T9470] ? __virt_addr_valid+0x15a/0x1a0 [ 136.493942][ T9470] ? __check_object_size+0x253/0x310 [ 136.499226][ T9470] ip_generic_getfrag+0x90/0x1b0 [ 136.504165][ T9470] __ip_append_data+0xf8e/0x1dc0 [ 136.509139][ T9470] ? ip_do_fragment+0x11f0/0x11f0 [ 136.514144][ T9470] ip_make_skb+0x142/0x2d0 [ 136.518542][ T9470] ? ip_do_fragment+0x11f0/0x11f0 [ 136.523702][ T9470] udp_sendmsg+0xfba/0x12f0 [ 136.528191][ T9470] ? ip_do_fragment+0x11f0/0x11f0 [ 136.533213][ T9470] ? _raw_spin_unlock_bh+0x33/0x40 [ 136.538311][ T9470] ? release_sock+0x104/0x110 [ 136.543061][ T9470] inet_sendmsg+0x5f/0x80 [ 136.547450][ T9470] __sys_sendto+0x2a8/0x370 [ 136.551967][ T9470] ? finish_task_switch+0xce/0x290 [ 136.557062][ T9470] ? __schedule+0x42a/0x670 [ 136.561731][ T9470] ? __cond_resched+0x11/0x40 [ 136.566523][ T9470] ? fput+0x2d/0x130 [ 136.570494][ T9470] ? fpregs_restore_userregs+0x10c/0x1c0 [ 136.576434][ T9470] __x64_sys_sendto+0x74/0x90 [ 136.581099][ T9470] do_syscall_64+0x3d/0x90 [ 136.585525][ T9470] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 136.591415][ T9470] RIP: 0033:0x4665e9 [ 136.595299][ T9470] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 136.614889][ T9470] RSP: 002b:00007f8b030f7188 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 136.623284][ T9470] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 136.631238][ T9470] RDX: 000000000000ffe4 RSI: 0000000020865000 RDI: 0000000000000003 [ 136.639191][ T9470] RBP: 00007f8b030f71d0 R08: 0000000020fd9ff0 R09: 0000000000000010 [ 136.647406][ T9470] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 136.655450][ T9470] R13: 00007ffdd4adc7ef R14: 00007f8b030f7300 R15: 0000000000022000 [ 136.663418][ T9469] CPU: 1 PID: 9469 Comm: syz-executor.4 Not tainted 5.14.0-rc6-syzkaller #0 [ 136.672094][ T9469] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 136.682209][ T9469] Call Trace: [ 136.685492][ T9469] dump_stack_lvl+0xb7/0x103 [ 136.690256][ T9469] dump_stack+0x11/0x1a [ 136.694395][ T9469] should_fail+0x23c/0x250 [ 136.698797][ T9469] should_fail_usercopy+0x16/0x20 [ 136.703833][ T9469] copy_page_from_iter_atomic+0x2c1/0xba0 [ 136.709553][ T9469] ? fat_write_begin+0x61/0xf0 [ 136.714295][ T9469] ? fat_block_truncate_page+0x30/0x30 [ 136.720081][ T9469] ? fat_write_begin+0x79/0xf0 [ 136.724949][ T9469] generic_perform_write+0x1df/0x3c0 [ 136.730373][ T9469] ? fat_write_begin+0xf0/0xf0 [ 136.735147][ T9469] __generic_file_write_iter+0x202/0x300 [ 136.741049][ T9469] ? generic_write_checks+0x250/0x290 [ 136.746458][ T9469] generic_file_write_iter+0x75/0x130 [ 136.751833][ T9469] vfs_write+0x69d/0x770 [ 136.756065][ T9469] ksys_write+0xce/0x180 [ 136.760301][ T9469] __x64_sys_write+0x3e/0x50 [ 136.764871][ T9469] do_syscall_64+0x3d/0x90 [ 136.769383][ T9469] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 136.775498][ T9469] RIP: 0033:0x4665e9 [ 136.779376][ T9469] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 136.799059][ T9469] RSP: 002b:00007f9108b78188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 136.807541][ T9469] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 136.815495][ T9469] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006 [ 136.823622][ T9469] RBP: 00007f9108b781d0 R08: 0000000000000000 R09: 0000000000000000 08:50:25 executing program 4 (fault-call:9 fault-nth:18): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:50:25 executing program 1 (fault-call:9 fault-nth:10): r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:25 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000", 0x15}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) [ 136.831725][ T9469] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 136.839742][ T9469] R13: 00007ffeec19ddcf R14: 00007f9108b78300 R15: 0000000000022000 [ 136.888114][ T9482] loop2: detected capacity change from 0 to 16 [ 136.900672][ T9492] loop5: detected capacity change from 0 to 16 [ 136.906670][ T9489] loop3: detected capacity change from 0 to 16 [ 136.924908][ T9486] FAULT_INJECTION: forcing a failure. [ 136.924908][ T9486] name failslab, interval 1, probability 0, space 0, times 0 08:50:25 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(0x0) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) [ 136.937608][ T9486] CPU: 0 PID: 9486 Comm: syz-executor.1 Not tainted 5.14.0-rc6-syzkaller #0 [ 136.939121][ T9489] FAT-fs (loop3): invalid media value (0x00) [ 136.946404][ T9486] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 136.946418][ T9486] Call Trace: [ 136.946425][ T9486] dump_stack_lvl+0xb7/0x103 [ 136.952498][ T9489] FAT-fs (loop3): Can't find a valid FAT filesystem [ 136.962673][ T9486] dump_stack+0x11/0x1a [ 136.962694][ T9486] should_fail+0x23c/0x250 [ 136.975574][ T9498] loop4: detected capacity change from 0 to 16 [ 136.977454][ T9486] __should_failslab+0x81/0x90 [ 136.977476][ T9486] should_failslab+0x5/0x20 [ 136.986789][ T9498] FAULT_INJECTION: forcing a failure. [ 136.986789][ T9498] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 136.992752][ T9486] kmem_cache_alloc_node+0x58/0x2b0 [ 136.992805][ T9486] ? __alloc_skb+0xed/0x420 [ 137.025393][ T9486] __alloc_skb+0xed/0x420 [ 137.029718][ T9486] ip_frag_next+0x8e/0x4a0 [ 137.034132][ T9486] ? skb_checksum_help+0x283/0x2d0 [ 137.039321][ T9486] ip_do_fragment+0x70e/0x11f0 [ 137.044136][ T9486] ? ip_fragment+0x130/0x130 [ 137.048800][ T9486] ip_fragment+0xd2/0x130 [ 137.053187][ T9486] ip_finish_output+0x415/0x490 [ 137.058235][ T9486] ? nf_hook_slow+0x13a/0x170 [ 137.062985][ T9486] ip_output+0xf3/0x1a0 [ 137.067131][ T9486] ? mr_table_dump+0x134/0x510 [ 137.071972][ T9486] ? ip_mc_finish_output+0xf0/0xf0 [ 137.077203][ T9486] ip_local_out+0x164/0x220 [ 137.081735][ T9486] ? __ip_local_out+0x1e0/0x1e0 [ 137.086726][ T9486] ip_send_skb+0x27/0x90 [ 137.090961][ T9486] udp_send_skb+0x62d/0x860 [ 137.096030][ T9486] udp_sendmsg+0xfe4/0x12f0 [ 137.100608][ T9486] ? ip_do_fragment+0x11f0/0x11f0 [ 137.105629][ T9486] ? _raw_spin_unlock_bh+0x33/0x40 [ 137.110779][ T9486] ? release_sock+0x104/0x110 [ 137.115451][ T9486] inet_sendmsg+0x5f/0x80 [ 137.119782][ T9486] __sys_sendto+0x2a8/0x370 [ 137.124330][ T9486] ? __cond_resched+0x11/0x40 [ 137.129007][ T9486] ? fput+0x2d/0x130 [ 137.132885][ T9486] __x64_sys_sendto+0x74/0x90 [ 137.137651][ T9486] do_syscall_64+0x3d/0x90 [ 137.142218][ T9486] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 137.148143][ T9486] RIP: 0033:0x4665e9 [ 137.152043][ T9486] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 137.171681][ T9486] RSP: 002b:00007f8b030f7188 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 137.180077][ T9486] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 137.188119][ T9486] RDX: 000000000000ffe4 RSI: 0000000020865000 RDI: 0000000000000003 [ 137.196086][ T9486] RBP: 00007f8b030f71d0 R08: 0000000020fd9ff0 R09: 0000000000000010 [ 137.204042][ T9486] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 137.212082][ T9486] R13: 00007ffdd4adc7ef R14: 00007f8b030f7300 R15: 0000000000022000 [ 137.220110][ T9498] CPU: 1 PID: 9498 Comm: syz-executor.4 Not tainted 5.14.0-rc6-syzkaller #0 [ 137.229046][ T9498] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 08:50:26 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket$inet_udp(0x2, 0x2, 0x0) close(r1) socket(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0) write$binfmt_misc(r0, &(0x7f00000001c0)=ANY=[], 0x1000000c8) splice(0xffffffffffffffff, 0x0, r1, 0x0, 0x30000033fe0, 0x0) [ 137.239822][ T9498] Call Trace: [ 137.243092][ T9498] dump_stack_lvl+0xb7/0x103 [ 137.247839][ T9498] dump_stack+0x11/0x1a [ 137.252077][ T9498] should_fail+0x23c/0x250 [ 137.256510][ T9498] __alloc_pages+0x102/0x320 [ 137.261242][ T9498] alloc_pages+0x2e8/0x340 [ 137.265924][ T9498] __page_cache_alloc+0x4d/0xf0 [ 137.270770][ T9498] pagecache_get_page+0x5f4/0x900 [ 137.275778][ T9498] grab_cache_page_write_begin+0x3f/0x70 [ 137.281507][ T9498] cont_write_begin+0x501/0x850 [ 137.286428][ T9498] fat_write_begin+0x61/0xf0 [ 137.291014][ T9498] ? fat_block_truncate_page+0x30/0x30 [ 137.296465][ T9498] generic_perform_write+0x196/0x3c0 [ 137.301730][ T9498] ? fat_write_begin+0xf0/0xf0 [ 137.306491][ T9498] __generic_file_write_iter+0x202/0x300 [ 137.312244][ T9498] ? generic_write_checks+0x250/0x290 [ 137.317809][ T9498] generic_file_write_iter+0x75/0x130 [ 137.323161][ T9498] vfs_write+0x69d/0x770 [ 137.327384][ T9498] ksys_write+0xce/0x180 [ 137.331780][ T9498] __x64_sys_write+0x3e/0x50 [ 137.336415][ T9498] do_syscall_64+0x3d/0x90 [ 137.341170][ T9498] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 137.347264][ T9498] RIP: 0033:0x4665e9 [ 137.351240][ T9498] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 137.371476][ T9498] RSP: 002b:00007f9108b78188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 137.379888][ T9498] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 08:50:26 executing program 1 (fault-call:9 fault-nth:11): r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 137.387886][ T9498] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006 [ 137.395950][ T9498] RBP: 00007f9108b781d0 R08: 0000000000000000 R09: 0000000000000000 [ 137.403927][ T9498] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 137.411911][ T9498] R13: 00007ffeec19ddcf R14: 00007f9108b78300 R15: 0000000000022000 08:50:26 executing program 4 (fault-call:9 fault-nth:19): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:50:26 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(0x0) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) [ 137.438768][ T9507] FAULT_INJECTION: forcing a failure. [ 137.438768][ T9507] name failslab, interval 1, probability 0, space 0, times 0 [ 137.451508][ T9507] CPU: 1 PID: 9507 Comm: syz-executor.1 Not tainted 5.14.0-rc6-syzkaller #0 [ 137.460219][ T9507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 137.470281][ T9507] Call Trace: [ 137.473605][ T9507] dump_stack_lvl+0xb7/0x103 [ 137.478173][ T9507] dump_stack+0x11/0x1a [ 137.482315][ T9507] should_fail+0x23c/0x250 [ 137.486786][ T9507] __should_failslab+0x81/0x90 [ 137.491527][ T9507] should_failslab+0x5/0x20 [ 137.496009][ T9507] kmem_cache_alloc_node_trace+0x58/0x2e0 [ 137.501712][ T9507] ? __kmalloc_node_track_caller+0x30/0x40 [ 137.507656][ T9507] ? kmem_cache_alloc_node+0x1d4/0x2b0 [ 137.513161][ T9507] __kmalloc_node_track_caller+0x30/0x40 [ 137.518953][ T9507] ? ip_frag_next+0x8e/0x4a0 [ 137.523529][ T9507] __alloc_skb+0x187/0x420 [ 137.527966][ T9507] ip_frag_next+0x8e/0x4a0 [ 137.532363][ T9507] ? skb_checksum_help+0x283/0x2d0 [ 137.537458][ T9507] ip_do_fragment+0x70e/0x11f0 [ 137.542206][ T9507] ? ip_fragment+0x130/0x130 [ 137.546776][ T9507] ip_fragment+0xd2/0x130 [ 137.551186][ T9507] ip_finish_output+0x415/0x490 [ 137.556030][ T9507] ? nf_hook_slow+0x13a/0x170 [ 137.560815][ T9507] ip_output+0xf3/0x1a0 [ 137.566152][ T9507] ? mr_table_dump+0x134/0x510 [ 137.571012][ T9507] ? ip_mc_finish_output+0xf0/0xf0 [ 137.576392][ T9507] ip_local_out+0x164/0x220 [ 137.581002][ T9507] ? __ip_local_out+0x1e0/0x1e0 [ 137.586044][ T9507] ip_send_skb+0x27/0x90 [ 137.590367][ T9507] udp_send_skb+0x62d/0x860 [ 137.594919][ T9507] udp_sendmsg+0xfe4/0x12f0 [ 137.599427][ T9507] ? ip_do_fragment+0x11f0/0x11f0 [ 137.604460][ T9507] ? _raw_spin_unlock_bh+0x33/0x40 [ 137.609555][ T9507] ? release_sock+0x104/0x110 [ 137.614248][ T9507] inet_sendmsg+0x5f/0x80 [ 137.618629][ T9507] __sys_sendto+0x2a8/0x370 [ 137.623158][ T9507] ? __cond_resched+0x11/0x40 [ 137.627811][ T9507] ? fput+0x2d/0x130 [ 137.631685][ T9507] __x64_sys_sendto+0x74/0x90 [ 137.636343][ T9507] do_syscall_64+0x3d/0x90 [ 137.640738][ T9507] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 137.646713][ T9507] RIP: 0033:0x4665e9 [ 137.650670][ T9507] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 137.670383][ T9507] RSP: 002b:00007f8b030f7188 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 137.678786][ T9507] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 137.686827][ T9507] RDX: 000000000000ffe4 RSI: 0000000020865000 RDI: 0000000000000003 [ 137.694777][ T9507] RBP: 00007f8b030f71d0 R08: 0000000020fd9ff0 R09: 0000000000000010 [ 137.702736][ T9507] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 137.710786][ T9507] R13: 00007ffdd4adc7ef R14: 00007f8b030f7300 R15: 0000000000022000 08:50:26 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f8", 0x16}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:50:26 executing program 1 (fault-call:9 fault-nth:12): r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:26 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(0x0, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) [ 137.741747][ T9513] loop2: detected capacity change from 0 to 16 [ 137.766661][ T9516] loop5: detected capacity change from 0 to 16 [ 137.784503][ T9523] loop4: detected capacity change from 0 to 16 [ 137.788420][ T9524] FAULT_INJECTION: forcing a failure. [ 137.788420][ T9524] name failslab, interval 1, probability 0, space 0, times 0 [ 137.803276][ T9524] CPU: 1 PID: 9524 Comm: syz-executor.1 Not tainted 5.14.0-rc6-syzkaller #0 [ 137.812118][ T9524] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 137.822500][ T9524] Call Trace: [ 137.825344][ T9523] FAULT_INJECTION: forcing a failure. [ 137.825344][ T9523] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 137.825774][ T9524] dump_stack_lvl+0xb7/0x103 [ 137.825797][ T9524] dump_stack+0x11/0x1a [ 137.847509][ T9524] should_fail+0x23c/0x250 [ 137.852014][ T9524] ? skb_clone+0x12c/0x1f0 [ 137.856522][ T9524] __should_failslab+0x81/0x90 [ 137.861313][ T9524] should_failslab+0x5/0x20 [ 137.865826][ T9524] kmem_cache_alloc+0x46/0x2e0 [ 137.870579][ T9524] skb_clone+0x12c/0x1f0 [ 137.874829][ T9524] dev_queue_xmit_nit+0x145/0x5f0 [ 137.879839][ T9524] xmit_one+0x71/0x270 [ 137.883958][ T9524] __dev_queue_xmit+0x693/0xa50 [ 137.888927][ T9524] dev_queue_xmit+0x13/0x20 [ 137.893416][ T9524] ip_finish_output2+0xa93/0xb10 [ 137.898336][ T9524] ip_do_fragment+0x7c6/0x11f0 [ 137.903128][ T9524] ? ip_fragment+0x130/0x130 [ 137.907698][ T9524] ip_fragment+0xd2/0x130 [ 137.912021][ T9524] ip_finish_output+0x415/0x490 [ 137.916861][ T9524] ? nf_hook_slow+0x13a/0x170 [ 137.921521][ T9524] ip_output+0xf3/0x1a0 [ 137.925662][ T9524] ? mr_table_dump+0x134/0x510 [ 137.930498][ T9524] ? ip_mc_finish_output+0xf0/0xf0 [ 137.935597][ T9524] ip_local_out+0x164/0x220 [ 137.940177][ T9524] ? __ip_local_out+0x1e0/0x1e0 [ 137.945073][ T9524] ip_send_skb+0x27/0x90 [ 137.949313][ T9524] udp_send_skb+0x62d/0x860 [ 137.954152][ T9524] udp_sendmsg+0xfe4/0x12f0 [ 137.958713][ T9524] ? ip_do_fragment+0x11f0/0x11f0 [ 137.963833][ T9524] ? _raw_spin_unlock_bh+0x33/0x40 [ 137.968929][ T9524] ? release_sock+0x104/0x110 [ 137.973586][ T9524] inet_sendmsg+0x5f/0x80 [ 137.977979][ T9524] __sys_sendto+0x2a8/0x370 [ 137.982661][ T9524] ? __cond_resched+0x11/0x40 [ 137.987383][ T9524] ? fput+0x2d/0x130 [ 137.991324][ T9524] __x64_sys_sendto+0x74/0x90 [ 137.996013][ T9524] do_syscall_64+0x3d/0x90 [ 138.000509][ T9524] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 138.006393][ T9524] RIP: 0033:0x4665e9 [ 138.010733][ T9524] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 138.030564][ T9524] RSP: 002b:00007f8b030f7188 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 138.039028][ T9524] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 138.047121][ T9524] RDX: 000000000000ffe4 RSI: 0000000020865000 RDI: 0000000000000003 [ 138.055255][ T9524] RBP: 00007f8b030f71d0 R08: 0000000020fd9ff0 R09: 0000000000000010 [ 138.063415][ T9524] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 138.072008][ T9524] R13: 00007ffdd4adc7ef R14: 00007f8b030f7300 R15: 0000000000022000 [ 138.080055][ T9523] CPU: 0 PID: 9523 Comm: syz-executor.4 Not tainted 5.14.0-rc6-syzkaller #0 [ 138.080318][ T9524] IPv4: Oversized IP packet from 127.0.0.1 [ 138.089200][ T9523] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 138.089211][ T9523] Call Trace: [ 138.089217][ T9523] dump_stack_lvl+0xb7/0x103 [ 138.098950][ C1] IPv4: Oversized IP packet from 127.0.0.1 [ 138.105224][ T9523] dump_stack+0x11/0x1a [ 138.105246][ T9523] should_fail+0x23c/0x250 [ 138.127512][ T9523] should_fail_usercopy+0x16/0x20 [ 138.132706][ T9523] copy_page_from_iter_atomic+0x2c1/0xba0 [ 138.138428][ T9523] ? fat_write_begin+0x61/0xf0 [ 138.143405][ T9523] ? fat_block_truncate_page+0x30/0x30 [ 138.149003][ T9523] ? fat_write_begin+0x79/0xf0 [ 138.153840][ T9523] generic_perform_write+0x1df/0x3c0 [ 138.159114][ T9523] ? fat_write_begin+0xf0/0xf0 [ 138.163878][ T9523] __generic_file_write_iter+0x202/0x300 [ 138.169626][ T9523] ? generic_write_checks+0x250/0x290 [ 138.174986][ T9523] generic_file_write_iter+0x75/0x130 [ 138.180348][ T9523] vfs_write+0x69d/0x770 [ 138.184839][ T9523] ksys_write+0xce/0x180 [ 138.189514][ T9523] __x64_sys_write+0x3e/0x50 [ 138.194103][ T9523] do_syscall_64+0x3d/0x90 [ 138.198537][ T9523] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 138.204462][ T9523] RIP: 0033:0x4665e9 [ 138.208340][ T9523] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 138.228162][ T9523] RSP: 002b:00007f9108b78188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 08:50:27 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8) splice(r0, 0x0, 0xffffffffffffffff, 0x0, 0x30000033fe0, 0x0) 08:50:27 executing program 1 (fault-call:9 fault-nth:13): r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 138.236656][ T9523] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 138.244757][ T9523] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006 [ 138.252856][ T9523] RBP: 00007f9108b781d0 R08: 0000000000000000 R09: 0000000000000000 [ 138.260814][ T9523] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 138.268864][ T9523] R13: 00007ffeec19ddcf R14: 00007f9108b78300 R15: 0000000000022000 08:50:27 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(0x0) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) [ 138.305742][ T9530] loop3: detected capacity change from 0 to 16 08:50:27 executing program 4 (fault-call:9 fault-nth:20): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:50:27 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(0x0, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) [ 138.353384][ T9543] loop2: detected capacity change from 0 to 16 [ 138.355084][ T9542] FAULT_INJECTION: forcing a failure. [ 138.355084][ T9542] name failslab, interval 1, probability 0, space 0, times 0 [ 138.372178][ T9542] CPU: 0 PID: 9542 Comm: syz-executor.1 Not tainted 5.14.0-rc6-syzkaller #0 [ 138.380862][ T9542] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 138.390926][ T9542] Call Trace: [ 138.394206][ T9542] dump_stack_lvl+0xb7/0x103 [ 138.398931][ T9542] dump_stack+0x11/0x1a [ 138.403081][ T9542] should_fail+0x23c/0x250 [ 138.407553][ T9542] ? inet_frag_find+0x343/0xb20 [ 138.412487][ T9542] __should_failslab+0x81/0x90 [ 138.417265][ T9542] should_failslab+0x5/0x20 [ 138.421747][ T9542] kmem_cache_alloc+0x46/0x2e0 [ 138.426666][ T9542] inet_frag_find+0x343/0xb20 [ 138.431324][ T9542] ? rmqueue_pcplist+0x145/0x1d0 [ 138.436313][ T9542] ? get_page_from_freelist+0x54e/0x820 [ 138.441845][ T9542] ? ip_expire+0x380/0x380 [ 138.446307][ T9542] ? ip4_key_hashfn+0x110/0x110 [ 138.451167][ T9542] ? ip4_obj_hashfn+0x110/0x110 [ 138.455995][ T9542] ip_defrag+0x170/0x1160 [ 138.460303][ T9542] ? __alloc_pages+0x194/0x320 [ 138.465054][ T9542] ? skb_copy_bits+0x458/0x4c0 [ 138.469994][ T9542] ? __mod_node_page_state+0x18/0x80 [ 138.475303][ T9542] ip_check_defrag+0x2ba/0x3c0 [ 138.480078][ T9542] packet_rcv_fanout+0xcb/0xa40 [ 138.484922][ T9542] ? __skb_clone+0x2db/0x300 [ 138.489502][ T9542] ? packet_direct_xmit+0x170/0x170 [ 138.495146][ T9542] dev_queue_xmit_nit+0x5a4/0x5f0 [ 138.500153][ T9542] xmit_one+0x71/0x270 [ 138.504346][ T9542] __dev_queue_xmit+0x693/0xa50 [ 138.509244][ T9542] dev_queue_xmit+0x13/0x20 [ 138.513887][ T9542] ip_finish_output2+0xa93/0xb10 [ 138.518806][ T9542] ip_do_fragment+0x7c6/0x11f0 [ 138.523700][ T9542] ? ip_fragment+0x130/0x130 [ 138.528332][ T9542] ip_fragment+0xd2/0x130 [ 138.532641][ T9542] ip_finish_output+0x415/0x490 [ 138.537524][ T9542] ? nf_hook_slow+0x13a/0x170 [ 138.542195][ T9542] ip_output+0xf3/0x1a0 [ 138.546435][ T9542] ? mr_table_dump+0x134/0x510 [ 138.551196][ T9542] ? ip_mc_finish_output+0xf0/0xf0 [ 138.556296][ T9542] ip_local_out+0x164/0x220 [ 138.560898][ T9542] ? __ip_local_out+0x1e0/0x1e0 [ 138.565730][ T9542] ip_send_skb+0x27/0x90 [ 138.569967][ T9542] udp_send_skb+0x62d/0x860 [ 138.574472][ T9542] udp_sendmsg+0xfe4/0x12f0 [ 138.578968][ T9542] ? ip_do_fragment+0x11f0/0x11f0 [ 138.583997][ T9542] ? _raw_spin_unlock_bh+0x33/0x40 [ 138.589114][ T9542] ? release_sock+0x104/0x110 [ 138.593789][ T9542] inet_sendmsg+0x5f/0x80 [ 138.598145][ T9542] __sys_sendto+0x2a8/0x370 [ 138.602659][ T9542] ? __cond_resched+0x11/0x40 [ 138.607314][ T9542] ? kcsan_setup_watchpoint+0x231/0x3e0 [ 138.612843][ T9542] __x64_sys_sendto+0x74/0x90 [ 138.617504][ T9542] do_syscall_64+0x3d/0x90 [ 138.621928][ T9542] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 138.627802][ T9542] RIP: 0033:0x4665e9 [ 138.631718][ T9542] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 138.651390][ T9542] RSP: 002b:00007f8b030f7188 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 138.659787][ T9542] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 138.667754][ T9542] RDX: 000000000000ffe4 RSI: 0000000020865000 RDI: 0000000000000003 [ 138.675702][ T9542] RBP: 00007f8b030f71d0 R08: 0000000020fd9ff0 R09: 0000000000000010 [ 138.683684][ T9542] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 138.691737][ T9542] R13: 00007ffdd4adc7ef R14: 00007f8b030f7300 R15: 0000000000022000 08:50:27 executing program 1 (fault-call:9 fault-nth:14): r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:27 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f8", 0x16}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) [ 138.699932][ T9542] IPv4: Oversized IP packet from 127.0.0.1 [ 138.705774][ C0] IPv4: Oversized IP packet from 127.0.0.1 [ 138.755540][ T9562] loop5: detected capacity change from 0 to 16 [ 138.763911][ T9561] loop4: detected capacity change from 0 to 16 [ 138.767518][ T9564] loop3: detected capacity change from 0 to 16 [ 138.782652][ T9565] loop2: detected capacity change from 0 to 16 [ 138.793356][ T9564] FAT-fs (loop3): bogus number of FAT sectors [ 138.794161][ T9569] FAULT_INJECTION: forcing a failure. 08:50:27 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(0x0) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) [ 138.794161][ T9569] name failslab, interval 1, probability 0, space 0, times 0 [ 138.799506][ T9564] FAT-fs (loop3): Can't find a valid FAT filesystem [ 138.812186][ T9569] CPU: 0 PID: 9569 Comm: syz-executor.1 Not tainted 5.14.0-rc6-syzkaller #0 [ 138.827579][ T9569] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 138.837638][ T9569] Call Trace: [ 138.840934][ T9569] dump_stack_lvl+0xb7/0x103 [ 138.845654][ T9569] dump_stack+0x11/0x1a [ 138.849820][ T9569] should_fail+0x23c/0x250 [ 138.854248][ T9569] __should_failslab+0x81/0x90 [ 138.859042][ T9569] should_failslab+0x5/0x20 [ 138.861604][ T9565] handle_bad_sector: 25 callbacks suppressed [ 138.861616][ T9565] attempt to access beyond end of device [ 138.861616][ T9565] loop2: rw=2049, want=122, limit=16 [ 138.864020][ T9569] kmem_cache_alloc_node+0x58/0x2b0 [ 138.870036][ T9565] buffer_io_error: 21 callbacks suppressed [ 138.870046][ T9565] Buffer I/O error on dev loop2, logical block 121, lost async page write [ 138.880818][ T9569] ? __dev_queue_xmit+0x829/0xa50 [ 138.880852][ T9569] ? __alloc_skb+0xed/0x420 [ 138.908561][ T9565] attempt to access beyond end of device [ 138.908561][ T9565] loop2: rw=2049, want=123, limit=16 [ 138.909851][ T9569] __alloc_skb+0xed/0x420 [ 138.920643][ T9565] Buffer I/O error on dev loop2, logical block 122, lost async page write [ 138.924943][ T9569] ip_frag_next+0x8e/0x4a0 [ 138.934677][ T9565] attempt to access beyond end of device [ 138.934677][ T9565] loop2: rw=2049, want=124, limit=16 [ 138.937815][ T9569] ip_do_fragment+0x815/0x11f0 [ 138.937842][ T9569] ? ip_fragment+0x130/0x130 [ 138.948600][ T9565] Buffer I/O error on dev loop2, logical block 123, lost async page write [ 138.953368][ T9569] ip_fragment+0xd2/0x130 [ 138.953385][ T9569] ip_finish_output+0x415/0x490 [ 138.953406][ T9569] ? nf_hook_slow+0x13a/0x170 [ 138.953421][ T9569] ip_output+0xf3/0x1a0 [ 138.960190][ T9565] attempt to access beyond end of device [ 138.960190][ T9565] loop2: rw=2049, want=125, limit=16 [ 138.966581][ T9569] ? mr_table_dump+0x134/0x510 [ 138.966603][ T9569] ? ip_mc_finish_output+0xf0/0xf0 [ 138.970929][ T9565] Buffer I/O error on dev loop2, logical block 124, lost async page write [ 138.975734][ T9569] ip_local_out+0x164/0x220 [ 138.981770][ T9565] attempt to access beyond end of device [ 138.981770][ T9565] loop2: rw=2049, want=126, limit=16 [ 138.984603][ T9569] ? __ip_local_out+0x1e0/0x1e0 [ 138.995988][ T9565] Buffer I/O error on dev loop2, logical block 125, lost async page write [ 139.001226][ T9569] ip_send_skb+0x27/0x90 [ 139.001244][ T9569] udp_send_skb+0x62d/0x860 [ 139.007520][ T9565] attempt to access beyond end of device [ 139.007520][ T9565] loop2: rw=2049, want=127, limit=16 [ 139.014802][ T9569] udp_sendmsg+0xfe4/0x12f0 [ 139.014834][ T9569] ? ip_do_fragment+0x11f0/0x11f0 [ 139.014849][ T9569] ? _raw_spin_unlock_bh+0x33/0x40 [ 139.019359][ T9565] Buffer I/O error on dev loop2, logical block 126, lost async page write [ 139.030074][ T9569] ? release_sock+0x104/0x110 [ 139.030147][ T9569] inet_sendmsg+0x5f/0x80 [ 139.041222][ T9561] FAULT_INJECTION: forcing a failure. [ 139.041222][ T9561] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 139.043509][ T9569] __sys_sendto+0x2a8/0x370 [ 139.113368][ T9569] ? __cond_resched+0x11/0x40 [ 139.118089][ T9569] ? fput+0x2d/0x130 [ 139.121993][ T9569] __x64_sys_sendto+0x74/0x90 [ 139.126657][ T9569] do_syscall_64+0x3d/0x90 [ 139.131063][ T9569] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 139.137045][ T9569] RIP: 0033:0x4665e9 [ 139.140920][ T9569] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 139.162064][ T9569] RSP: 002b:00007f8b030f7188 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 139.170459][ T9569] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 139.178437][ T9569] RDX: 000000000000ffe4 RSI: 0000000020865000 RDI: 0000000000000003 [ 139.186392][ T9569] RBP: 00007f8b030f71d0 R08: 0000000020fd9ff0 R09: 0000000000000010 [ 139.194633][ T9569] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 139.202693][ T9569] R13: 00007ffdd4adc7ef R14: 00007f8b030f7300 R15: 0000000000022000 [ 139.210656][ T9561] CPU: 1 PID: 9561 Comm: syz-executor.4 Not tainted 5.14.0-rc6-syzkaller #0 [ 139.216716][ T9565] attempt to access beyond end of device [ 139.216716][ T9565] loop2: rw=2049, want=128, limit=16 [ 139.219694][ T9561] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 139.231021][ T9565] Buffer I/O error on dev loop2, logical block 127, lost async page write [ 139.241307][ T9561] Call Trace: [ 139.241315][ T9561] dump_stack_lvl+0xb7/0x103 08:50:28 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(0x0, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:28 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8) splice(r0, 0x0, 0xffffffffffffffff, 0x0, 0x30000033fe0, 0x0) [ 139.241334][ T9561] dump_stack+0x11/0x1a [ 139.241348][ T9561] should_fail+0x23c/0x250 [ 139.266167][ T9561] __alloc_pages+0x102/0x320 [ 139.270776][ T9561] alloc_pages+0x2e8/0x340 [ 139.275288][ T9561] __page_cache_alloc+0x4d/0xf0 [ 139.280188][ T9561] pagecache_get_page+0x5f4/0x900 [ 139.285256][ T9561] grab_cache_page_write_begin+0x3f/0x70 [ 139.290907][ T9561] cont_write_begin+0x501/0x850 [ 139.295847][ T9561] fat_write_begin+0x61/0xf0 [ 139.300535][ T9561] ? fat_block_truncate_page+0x30/0x30 [ 139.305993][ T9561] generic_perform_write+0x196/0x3c0 [ 139.311295][ T9561] ? fat_write_begin+0xf0/0xf0 [ 139.316147][ T9561] __generic_file_write_iter+0x202/0x300 [ 139.321817][ T9561] ? generic_write_checks+0x250/0x290 [ 139.327186][ T9561] generic_file_write_iter+0x75/0x130 [ 139.333458][ T9561] vfs_write+0x69d/0x770 [ 139.338043][ T9561] ksys_write+0xce/0x180 [ 139.342323][ T9561] __x64_sys_write+0x3e/0x50 [ 139.347080][ T9561] do_syscall_64+0x3d/0x90 [ 139.351486][ T9561] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 139.357758][ T9561] RIP: 0033:0x4665e9 [ 139.361802][ T9561] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 139.381591][ T9561] RSP: 002b:00007f9108b78188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 139.390594][ T9561] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 139.398680][ T9561] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006 08:50:28 executing program 1 (fault-call:9 fault-nth:15): r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:28 executing program 4 (fault-call:9 fault-nth:21): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) [ 139.406779][ T9561] RBP: 00007f9108b781d0 R08: 0000000000000000 R09: 0000000000000000 [ 139.414956][ T9561] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 139.423130][ T9561] R13: 00007ffeec19ddcf R14: 00007f9108b78300 R15: 0000000000022000 [ 139.457061][ T9586] FAULT_INJECTION: forcing a failure. [ 139.457061][ T9586] name failslab, interval 1, probability 0, space 0, times 0 [ 139.470557][ T9586] CPU: 1 PID: 9586 Comm: syz-executor.1 Not tainted 5.14.0-rc6-syzkaller #0 [ 139.479740][ T9586] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 139.490004][ T9586] Call Trace: [ 139.494114][ T9586] dump_stack_lvl+0xb7/0x103 [ 139.498970][ T9586] dump_stack+0x11/0x1a [ 139.503296][ T9586] should_fail+0x23c/0x250 [ 139.507742][ T9586] __should_failslab+0x81/0x90 [ 139.512507][ T9586] should_failslab+0x5/0x20 [ 139.517022][ T9586] kmem_cache_alloc_node_trace+0x58/0x2e0 [ 139.523076][ T9586] ? __kmalloc_node_track_caller+0x30/0x40 [ 139.529304][ T9586] ? kmem_cache_alloc_node+0x1d4/0x2b0 [ 139.535203][ T9586] __kmalloc_node_track_caller+0x30/0x40 [ 139.540908][ T9586] ? ip_frag_next+0x8e/0x4a0 [ 139.545733][ T9586] __alloc_skb+0x187/0x420 [ 139.550162][ T9586] ip_frag_next+0x8e/0x4a0 [ 139.554648][ T9586] ip_do_fragment+0x815/0x11f0 [ 139.559949][ T9586] ? ip_fragment+0x130/0x130 [ 139.564902][ T9586] ip_fragment+0xd2/0x130 [ 139.569396][ T9586] ip_finish_output+0x415/0x490 [ 139.574306][ T9586] ? nf_hook_slow+0x13a/0x170 [ 139.578970][ T9586] ip_output+0xf3/0x1a0 [ 139.583318][ T9586] ? mr_table_dump+0x134/0x510 [ 139.588217][ T9586] ? ip_mc_finish_output+0xf0/0xf0 [ 139.593313][ T9586] ip_local_out+0x164/0x220 [ 139.598063][ T9586] ? __ip_local_out+0x1e0/0x1e0 [ 139.603263][ T9586] ip_send_skb+0x27/0x90 [ 139.607640][ T9586] udp_send_skb+0x62d/0x860 [ 139.612135][ T9586] udp_sendmsg+0xfe4/0x12f0 [ 139.616688][ T9586] ? ip_do_fragment+0x11f0/0x11f0 [ 139.621890][ T9586] ? _raw_spin_unlock_bh+0x33/0x40 [ 139.627073][ T9586] ? release_sock+0x104/0x110 [ 139.631775][ T9586] inet_sendmsg+0x5f/0x80 [ 139.636117][ T9586] __sys_sendto+0x2a8/0x370 [ 139.640612][ T9586] ? __cond_resched+0x11/0x40 [ 139.646568][ T9586] ? fput+0x2d/0x130 [ 139.650442][ T9586] __x64_sys_sendto+0x74/0x90 [ 139.655360][ T9586] do_syscall_64+0x3d/0x90 [ 139.659873][ T9586] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 139.666036][ T9586] RIP: 0033:0x4665e9 [ 139.669908][ T9586] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 139.689749][ T9586] RSP: 002b:00007f8b030f7188 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 139.699191][ T9586] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 139.707386][ T9586] RDX: 000000000000ffe4 RSI: 0000000020865000 RDI: 0000000000000003 [ 139.715466][ T9586] RBP: 00007f8b030f71d0 R08: 0000000020fd9ff0 R09: 0000000000000010 [ 139.723444][ T9586] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 139.731724][ T9586] R13: 00007ffdd4adc7ef R14: 00007f8b030f7300 R15: 0000000000022000 [ 139.750470][ T9590] loop5: detected capacity change from 0 to 16 08:50:28 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f8", 0x16}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:50:28 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(0x0, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:28 executing program 1 (fault-call:9 fault-nth:16): r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 139.804077][ T9599] loop2: detected capacity change from 0 to 16 [ 139.805291][ T9598] loop4: detected capacity change from 0 to 16 [ 139.819621][ T9604] loop3: detected capacity change from 0 to 16 [ 139.834365][ T9604] FAT-fs (loop3): bogus number of FAT sectors [ 139.840542][ T9604] FAT-fs (loop3): Can't find a valid FAT filesystem [ 139.842362][ T9598] FAULT_INJECTION: forcing a failure. [ 139.842362][ T9598] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 139.860292][ T9598] CPU: 1 PID: 9598 Comm: syz-executor.4 Not tainted 5.14.0-rc6-syzkaller #0 [ 139.868968][ T9598] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 139.869215][ T9603] FAULT_INJECTION: forcing a failure. [ 139.869215][ T9603] name failslab, interval 1, probability 0, space 0, times 0 [ 139.879189][ T9598] Call Trace: [ 139.879199][ T9598] dump_stack_lvl+0xb7/0x103 [ 139.900524][ T9598] dump_stack+0x11/0x1a [ 139.904670][ T9598] should_fail+0x23c/0x250 [ 139.909105][ T9598] should_fail_usercopy+0x16/0x20 [ 139.914219][ T9598] copy_page_from_iter_atomic+0x2c1/0xba0 [ 139.920107][ T9598] ? fat_write_begin+0x61/0xf0 [ 139.925033][ T9598] ? fat_block_truncate_page+0x30/0x30 [ 139.930528][ T9598] ? fat_write_begin+0x79/0xf0 [ 139.935451][ T9598] generic_perform_write+0x1df/0x3c0 [ 139.940812][ T9598] ? fat_write_begin+0xf0/0xf0 [ 139.945560][ T9598] __generic_file_write_iter+0x202/0x300 [ 139.951363][ T9598] ? generic_write_checks+0x250/0x290 [ 139.956752][ T9598] generic_file_write_iter+0x75/0x130 [ 139.962964][ T9598] vfs_write+0x69d/0x770 [ 139.967541][ T9598] ksys_write+0xce/0x180 [ 139.971766][ T9598] __x64_sys_write+0x3e/0x50 [ 139.976350][ T9598] do_syscall_64+0x3d/0x90 [ 139.980904][ T9598] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 139.986793][ T9598] RIP: 0033:0x4665e9 [ 139.990671][ T9598] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 140.010541][ T9598] RSP: 002b:00007f9108b78188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 140.018937][ T9598] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 140.026986][ T9598] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006 [ 140.035046][ T9598] RBP: 00007f9108b781d0 R08: 0000000000000000 R09: 0000000000000000 [ 140.043209][ T9598] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 140.051172][ T9598] R13: 00007ffeec19ddcf R14: 00007f9108b78300 R15: 0000000000022000 [ 140.059128][ T9603] CPU: 0 PID: 9603 Comm: syz-executor.1 Not tainted 5.14.0-rc6-syzkaller #0 [ 140.067969][ T9603] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 140.068152][ T9599] attempt to access beyond end of device [ 140.068152][ T9599] loop2: rw=2049, want=122, limit=16 [ 140.078014][ T9603] Call Trace: [ 140.078024][ T9603] dump_stack_lvl+0xb7/0x103 [ 140.078044][ T9603] dump_stack+0x11/0x1a [ 140.088815][ T9599] Buffer I/O error on dev loop2, logical block 121, lost async page write [ 140.092039][ T9603] should_fail+0x23c/0x250 [ 140.103984][ T9599] attempt to access beyond end of device [ 140.103984][ T9599] loop2: rw=2049, want=123, limit=16 [ 140.109225][ T9603] ? skb_clone+0x12c/0x1f0 [ 140.109249][ T9603] __should_failslab+0x81/0x90 [ 140.109265][ T9603] should_failslab+0x5/0x20 [ 140.113668][ T9599] Buffer I/O error on dev loop2, logical block 122, lost async page write [ 140.124400][ T9603] kmem_cache_alloc+0x46/0x2e0 [ 140.124424][ T9603] skb_clone+0x12c/0x1f0 [ 140.130714][ T9599] attempt to access beyond end of device [ 140.130714][ T9599] loop2: rw=2049, want=124, limit=16 [ 140.133563][ T9603] dev_queue_xmit_nit+0x145/0x5f0 [ 140.138058][ T9599] Buffer I/O error on dev loop2, logical block 123, lost async page write [ 140.146529][ T9603] xmit_one+0x71/0x270 [ 140.183829][ T9603] __dev_queue_xmit+0x693/0xa50 [ 140.188842][ T9603] dev_queue_xmit+0x13/0x20 [ 140.189008][ T9613] loop5: detected capacity change from 0 to 16 [ 140.193382][ T9603] ip_finish_output2+0xa93/0xb10 [ 140.193405][ T9603] ip_do_fragment+0x7c6/0x11f0 [ 140.209492][ T9603] ? ip_fragment+0x130/0x130 [ 140.214154][ T9603] ip_fragment+0xd2/0x130 [ 140.218594][ T9603] ip_finish_output+0x415/0x490 [ 140.223585][ T9603] ? nf_hook_slow+0x13a/0x170 [ 140.228257][ T9603] ip_output+0xf3/0x1a0 [ 140.232480][ T9603] ? mr_table_dump+0x134/0x510 [ 140.237228][ T9603] ? ip_mc_finish_output+0xf0/0xf0 [ 140.242358][ T9603] ip_local_out+0x164/0x220 [ 140.246860][ T9603] ? __ip_local_out+0x1e0/0x1e0 [ 140.251693][ T9603] ip_send_skb+0x27/0x90 [ 140.255917][ T9603] udp_send_skb+0x62d/0x860 [ 140.260415][ T9603] udp_sendmsg+0xfe4/0x12f0 [ 140.264916][ T9603] ? ip_do_fragment+0x11f0/0x11f0 [ 140.269979][ T9603] ? _raw_spin_unlock_bh+0x33/0x40 [ 140.275076][ T9603] ? release_sock+0x104/0x110 [ 140.279766][ T9603] inet_sendmsg+0x5f/0x80 [ 140.284095][ T9603] __sys_sendto+0x2a8/0x370 [ 140.288670][ T9603] ? __cond_resched+0x11/0x40 [ 140.293324][ T9603] ? fput+0x2d/0x130 [ 140.297216][ T9603] __x64_sys_sendto+0x74/0x90 [ 140.301896][ T9603] do_syscall_64+0x3d/0x90 [ 140.306505][ T9603] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 140.312390][ T9603] RIP: 0033:0x4665e9 [ 140.316264][ T9603] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 140.336133][ T9603] RSP: 002b:00007f8b030f7188 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 140.344525][ T9603] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 08:50:29 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:29 executing program 4 (fault-call:9 fault-nth:22): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:50:29 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, 0x0) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:50:29 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8) splice(r0, 0x0, 0xffffffffffffffff, 0x0, 0x30000033fe0, 0x0) 08:50:29 executing program 1 (fault-call:9 fault-nth:17): r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 140.352478][ T9603] RDX: 000000000000ffe4 RSI: 0000000020865000 RDI: 0000000000000003 [ 140.360452][ T9603] RBP: 00007f8b030f71d0 R08: 0000000020fd9ff0 R09: 0000000000000010 [ 140.368521][ T9603] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 140.376483][ T9603] R13: 00007ffdd4adc7ef R14: 00007f8b030f7300 R15: 0000000000022000 [ 140.384558][ C0] IPv4: Oversized IP packet from 127.0.0.1 [ 140.390387][ C0] IPv4: Oversized IP packet from 127.0.0.1 08:50:29 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(0x0, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) [ 140.446403][ T9629] loop4: detected capacity change from 0 to 16 [ 140.453242][ T9632] loop2: detected capacity change from 0 to 16 [ 140.454601][ T9631] loop3: detected capacity change from 0 to 16 [ 140.463493][ T9633] FAULT_INJECTION: forcing a failure. [ 140.463493][ T9633] name failslab, interval 1, probability 0, space 0, times 0 [ 140.478611][ T9633] CPU: 0 PID: 9633 Comm: syz-executor.1 Not tainted 5.14.0-rc6-syzkaller #0 [ 140.487285][ T9633] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 140.497332][ T9633] Call Trace: [ 140.500617][ T9633] dump_stack_lvl+0xb7/0x103 [ 140.505239][ T9633] dump_stack+0x11/0x1a [ 140.509376][ T9633] should_fail+0x23c/0x250 [ 140.513780][ T9633] ? skb_clone+0x12c/0x1f0 [ 140.518268][ T9633] __should_failslab+0x81/0x90 [ 140.523026][ T9633] should_failslab+0x5/0x20 [ 140.527524][ T9633] kmem_cache_alloc+0x46/0x2e0 [ 140.532270][ T9633] ? ip4_obj_hashfn+0xad/0x110 [ 140.537103][ T9633] skb_clone+0x12c/0x1f0 [ 140.541378][ T9633] inet_frag_reasm_prepare+0x3e/0x630 [ 140.546734][ T9633] ? ip4_obj_hashfn+0x110/0x110 [ 140.551585][ T9633] ? ip_expire+0x380/0x380 [ 140.556085][ T9633] ? ip4_key_hashfn+0x110/0x110 [ 140.560979][ T9633] ? ip4_obj_hashfn+0x110/0x110 [ 140.565844][ T9633] ip_defrag+0xd3f/0x1160 [ 140.570388][ T9633] ip_check_defrag+0x2ba/0x3c0 [ 140.575205][ T9633] packet_rcv_fanout+0xcb/0xa40 [ 140.580053][ T9633] ? __skb_clone+0x2db/0x300 [ 140.584809][ T9633] ? packet_direct_xmit+0x170/0x170 [ 140.590001][ T9633] dev_queue_xmit_nit+0x5a4/0x5f0 [ 140.595069][ T9633] xmit_one+0x71/0x270 [ 140.599133][ T9633] __dev_queue_xmit+0x693/0xa50 [ 140.604015][ T9633] dev_queue_xmit+0x13/0x20 [ 140.608520][ T9633] ip_finish_output2+0xa93/0xb10 [ 140.613698][ T9633] ip_do_fragment+0x7c6/0x11f0 [ 140.618451][ T9633] ? ip_fragment+0x130/0x130 [ 140.623039][ T9633] ip_fragment+0xd2/0x130 [ 140.627429][ T9633] ip_finish_output+0x415/0x490 [ 140.632283][ T9633] ? nf_hook_slow+0x13a/0x170 [ 140.636941][ T9633] ip_output+0xf3/0x1a0 [ 140.641132][ T9633] ? mr_table_dump+0x134/0x510 [ 140.645887][ T9633] ? ip_mc_finish_output+0xf0/0xf0 [ 140.650984][ T9633] ip_local_out+0x164/0x220 [ 140.655473][ T9633] ? __ip_local_out+0x1e0/0x1e0 [ 140.660313][ T9633] ip_send_skb+0x27/0x90 [ 140.664623][ T9633] udp_send_skb+0x62d/0x860 [ 140.669113][ T9633] udp_sendmsg+0xfe4/0x12f0 [ 140.673639][ T9633] ? ip_do_fragment+0x11f0/0x11f0 [ 140.678759][ T9633] ? _raw_spin_unlock_bh+0x33/0x40 [ 140.683853][ T9633] ? release_sock+0x104/0x110 [ 140.688618][ T9633] inet_sendmsg+0x5f/0x80 [ 140.693142][ T9633] __sys_sendto+0x2a8/0x370 [ 140.697645][ T9633] ? __cond_resched+0x11/0x40 [ 140.702408][ T9633] ? fput+0x2d/0x130 [ 140.706337][ T9633] __x64_sys_sendto+0x74/0x90 [ 140.710997][ T9633] do_syscall_64+0x3d/0x90 [ 140.715410][ T9633] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 140.721295][ T9633] RIP: 0033:0x4665e9 [ 140.725171][ T9633] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 140.744863][ T9633] RSP: 002b:00007f8b030f7188 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 140.753266][ T9633] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 140.761244][ T9633] RDX: 000000000000ffe4 RSI: 0000000020865000 RDI: 0000000000000003 [ 140.769196][ T9633] RBP: 00007f8b030f71d0 R08: 0000000020fd9ff0 R09: 0000000000000010 [ 140.777217][ T9633] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 140.785353][ T9633] R13: 00007ffdd4adc7ef R14: 00007f8b030f7300 R15: 0000000000022000 [ 140.793398][ C0] IPv4: Oversized IP packet from 127.0.0.1 08:50:29 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:29 executing program 1 (fault-call:9 fault-nth:18): r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:29 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(0x0, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) [ 140.821734][ T9648] loop5: detected capacity change from 0 to 16 08:50:29 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:50:29 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) [ 140.878498][ T9655] loop2: detected capacity change from 0 to 16 [ 140.887154][ T9658] FAULT_INJECTION: forcing a failure. [ 140.887154][ T9658] name failslab, interval 1, probability 0, space 0, times 0 [ 140.899919][ T9658] CPU: 1 PID: 9658 Comm: syz-executor.1 Not tainted 5.14.0-rc6-syzkaller #0 [ 140.908637][ T9658] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 140.918748][ T9658] Call Trace: [ 140.922025][ T9658] dump_stack_lvl+0xb7/0x103 [ 140.926994][ T9658] dump_stack+0x11/0x1a [ 140.931160][ T9658] should_fail+0x23c/0x250 [ 140.935607][ T9658] __should_failslab+0x81/0x90 [ 140.940388][ T9658] should_failslab+0x5/0x20 [ 140.944864][ T9658] kmem_cache_alloc_node_trace+0x58/0x2e0 [ 140.950634][ T9658] ? __kmalloc_node_track_caller+0x30/0x40 [ 140.956501][ T9658] ? ___cache_free+0x3c/0x300 [ 140.961158][ T9658] ? inet_frag_reasm_prepare+0x1fb/0x630 [ 140.966837][ T9658] __kmalloc_node_track_caller+0x30/0x40 [ 140.972572][ T9658] pskb_expand_head+0xc9/0x920 [ 140.977314][ T9658] inet_frag_reasm_prepare+0x1fb/0x630 [ 140.982747][ T9658] ? ip_expire+0x380/0x380 [ 140.987154][ T9658] ? ip4_key_hashfn+0x110/0x110 [ 140.991982][ T9658] ? ip4_obj_hashfn+0x110/0x110 [ 140.996823][ T9658] ip_defrag+0xd3f/0x1160 [ 141.001178][ T9658] ip_check_defrag+0x2ba/0x3c0 [ 141.006080][ T9658] packet_rcv_fanout+0xcb/0xa40 [ 141.010912][ T9658] ? __skb_clone+0x2db/0x300 [ 141.015526][ T9658] ? packet_direct_xmit+0x170/0x170 [ 141.020872][ T9658] dev_queue_xmit_nit+0x5a4/0x5f0 [ 141.025966][ T9658] xmit_one+0x71/0x270 [ 141.030103][ T9658] __dev_queue_xmit+0x693/0xa50 [ 141.034955][ T9658] dev_queue_xmit+0x13/0x20 [ 141.039479][ T9658] ip_finish_output2+0xa93/0xb10 [ 141.044456][ T9658] ip_do_fragment+0x7c6/0x11f0 [ 141.049212][ T9658] ? ip_fragment+0x130/0x130 [ 141.053841][ T9658] ip_fragment+0xd2/0x130 [ 141.058250][ T9658] ip_finish_output+0x415/0x490 [ 141.063088][ T9658] ? nf_hook_slow+0x13a/0x170 [ 141.067769][ T9658] ip_output+0xf3/0x1a0 [ 141.072164][ T9658] ? mr_table_dump+0x134/0x510 [ 141.076995][ T9658] ? ip_mc_finish_output+0xf0/0xf0 [ 141.082111][ T9658] ip_local_out+0x164/0x220 [ 141.086663][ T9658] ? __ip_local_out+0x1e0/0x1e0 [ 141.091496][ T9658] ip_send_skb+0x27/0x90 [ 141.095754][ T9658] udp_send_skb+0x62d/0x860 [ 141.100250][ T9658] udp_sendmsg+0xfe4/0x12f0 [ 141.104734][ T9658] ? ip_do_fragment+0x11f0/0x11f0 [ 141.109811][ T9658] ? _raw_spin_unlock_bh+0x33/0x40 [ 141.114986][ T9658] ? release_sock+0x104/0x110 [ 141.119639][ T9658] inet_sendmsg+0x5f/0x80 [ 141.123950][ T9658] __sys_sendto+0x2a8/0x370 [ 141.128475][ T9658] ? __cond_resched+0x11/0x40 [ 141.133128][ T9658] ? fput+0x2d/0x130 [ 141.137098][ T9658] __x64_sys_sendto+0x74/0x90 [ 141.141869][ T9658] do_syscall_64+0x3d/0x90 [ 141.146288][ T9658] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 141.152162][ T9658] RIP: 0033:0x4665e9 [ 141.156040][ T9658] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 141.175845][ T9658] RSP: 002b:00007f8b030f7188 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 141.184245][ T9658] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 141.192254][ T9658] RDX: 000000000000ffe4 RSI: 0000000020865000 RDI: 0000000000000003 [ 141.200223][ T9658] RBP: 00007f8b030f71d0 R08: 0000000020fd9ff0 R09: 0000000000000010 [ 141.208185][ T9658] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 141.216194][ T9658] R13: 00007ffdd4adc7ef R14: 00007f8b030f7300 R15: 0000000000022000 [ 141.224311][ C1] IPv4: Oversized IP packet from 127.0.0.1 08:50:30 executing program 1 (fault-call:9 fault-nth:19): r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:30 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8) splice(r0, 0x0, r2, 0x0, 0x0, 0x0) 08:50:30 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, 0x0) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:50:30 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r0, &(0x7f0000000200), 0xf000) [ 141.265488][ T9665] loop5: detected capacity change from 0 to 16 [ 141.273516][ T9670] loop2: detected capacity change from 0 to 16 [ 141.279481][ T9666] IPv4: Oversized IP packet from 127.0.0.1 [ 141.285560][ C1] IPv4: Oversized IP packet from 127.0.0.1 [ 141.298665][ T9669] loop4: detected capacity change from 0 to 16 08:50:30 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:30 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0x2, 0xf000) [ 141.329667][ T9666] FAULT_INJECTION: forcing a failure. [ 141.329667][ T9666] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 141.332576][ T9682] loop3: detected capacity change from 0 to 16 [ 141.343282][ T9666] CPU: 1 PID: 9666 Comm: syz-executor.1 Not tainted 5.14.0-rc6-syzkaller #0 [ 141.358074][ T9666] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 141.369045][ T9666] Call Trace: [ 141.372322][ T9666] dump_stack_lvl+0xb7/0x103 [ 141.376923][ T9666] dump_stack+0x11/0x1a [ 141.381075][ T9666] should_fail+0x23c/0x250 [ 141.385495][ T9666] should_fail_usercopy+0x16/0x20 [ 141.390588][ T9666] _copy_to_user+0x1c/0x90 [ 141.394984][ T9666] simple_read_from_buffer+0xab/0x120 [ 141.400430][ T9666] proc_fail_nth_read+0xf6/0x140 [ 141.405354][ T9666] ? rw_verify_area+0x136/0x250 [ 141.410215][ T9666] ? proc_fault_inject_write+0x200/0x200 [ 141.415987][ T9666] vfs_read+0x154/0x5d0 [ 141.420119][ T9666] ? finish_task_switch+0xce/0x290 [ 141.425212][ T9666] ? __fget_light+0x21b/0x260 [ 141.429867][ T9666] ? __cond_resched+0x11/0x40 [ 141.434544][ T9666] ksys_read+0xce/0x180 [ 141.438724][ T9666] __x64_sys_read+0x3e/0x50 [ 141.443214][ T9666] do_syscall_64+0x3d/0x90 [ 141.447620][ T9666] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 141.453561][ T9666] RIP: 0033:0x41936c [ 141.457510][ T9666] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48 08:50:30 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 141.477089][ T9666] RSP: 002b:00007f8b030f7170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 141.485509][ T9666] RAX: ffffffffffffffda RBX: 000000000000ffe4 RCX: 000000000041936c [ 141.493456][ T9666] RDX: 000000000000000f RSI: 00007f8b030f71e0 RDI: 0000000000000006 [ 141.501750][ T9666] RBP: 00007f8b030f71d0 R08: 0000000000000000 R09: 0000000000000010 [ 141.509697][ T9666] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 141.517694][ T9666] R13: 00007ffdd4adc7ef R14: 00007f8b030f7300 R15: 0000000000022000 08:50:30 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r0, &(0x7f0000000200), 0xf000) 08:50:30 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, 0x0) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) [ 141.544760][ T9690] loop2: detected capacity change from 0 to 16 [ 141.548587][ T9691] IPv4: Oversized IP packet from 127.0.0.1 [ 141.556872][ C0] IPv4: Oversized IP packet from 127.0.0.1 [ 141.582657][ T9698] loop4: detected capacity change from 0 to 16 08:50:30 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0x74, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:30 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:30 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0x3, 0xf000) [ 141.589993][ T9699] loop5: detected capacity change from 0 to 16 08:50:30 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0x8074, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 141.639607][ T9712] loop2: detected capacity change from 0 to 16 [ 141.650474][ T9714] loop5: detected capacity change from 0 to 16 [ 141.653926][ T9718] loop3: detected capacity change from 0 to 16 [ 141.687923][ T9724] loop4: detected capacity change from 0 to 16 08:50:31 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:31 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8) splice(r0, 0x0, r2, 0x0, 0x0, 0x0) 08:50:31 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r0, &(0x7f0000000200), 0xf000) 08:50:31 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0x20874fe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:31 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0x4, 0xf000) 08:50:31 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(0x0) r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:50:31 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0x7ffff000, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:31 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r0, &(0x7f0000000200), 0xf000) [ 142.149112][ T9747] loop5: detected capacity change from 0 to 16 [ 142.149406][ T9749] loop3: detected capacity change from 0 to 16 [ 142.168243][ T9751] loop2: detected capacity change from 0 to 16 [ 142.174680][ T9752] loop4: detected capacity change from 0 to 16 08:50:31 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, 0x0, 0x0) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:31 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xfffffdef, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:31 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(0x0) r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:50:31 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0x5, 0xf000) [ 142.253654][ T9771] loop5: detected capacity change from 0 to 16 08:50:31 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r0, &(0x7f0000000200), 0xf000) [ 142.300469][ T9783] loop2: detected capacity change from 0 to 16 [ 142.341166][ T9792] loop4: detected capacity change from 0 to 16 [ 142.341167][ T9790] loop3: detected capacity change from 0 to 16 [ 142.392674][ T9804] loop5: detected capacity change from 0 to 16 08:50:31 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8) splice(r0, 0x0, r2, 0x0, 0x0, 0x0) 08:50:31 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x2, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:31 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, 0x0, 0x0) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:31 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(0x0) r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:50:31 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0x6, 0xf000) 08:50:31 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r0, &(0x7f0000000200), 0xf000) [ 143.013809][ T9823] loop5: detected capacity change from 0 to 16 [ 143.018303][ T9826] loop4: detected capacity change from 0 to 16 [ 143.025899][ T9827] loop2: detected capacity change from 0 to 16 [ 143.026766][ T9825] loop3: detected capacity change from 0 to 16 [ 143.042159][ T9828] IPv4: Oversized IP packet from 127.0.0.1 [ 143.048077][ C1] IPv4: Oversized IP packet from 127.0.0.1 08:50:32 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0x7, 0xf000) 08:50:32 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, 0x0, 0x0) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:32 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, 0x0, 0x0) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:32 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(0x0, 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:50:32 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x3, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 143.141720][ T9853] loop4: detected capacity change from 0 to 16 [ 143.155242][ T9855] loop5: detected capacity change from 0 to 16 [ 143.156452][ T9858] loop2: detected capacity change from 0 to 16 08:50:32 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x4, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 143.191288][ T9866] loop3: detected capacity change from 0 to 16 08:50:32 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x5, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:32 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, 0x0, 0x0) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:32 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0x8, 0xf000) 08:50:32 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080), 0x0) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:32 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(0x0, 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:50:32 executing program 0 (fault-call:6 fault-nth:0): pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8) splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x0) 08:50:32 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x6, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 143.901345][ T9890] loop4: detected capacity change from 0 to 16 [ 143.913747][ T9897] loop2: detected capacity change from 0 to 16 [ 143.928305][ T9891] loop3: detected capacity change from 0 to 16 [ 143.928494][ T9890] handle_bad_sector: 108 callbacks suppressed [ 143.928504][ T9890] attempt to access beyond end of device [ 143.928504][ T9890] loop4: rw=2049, want=124, limit=16 [ 143.934876][ T9893] loop5: detected capacity change from 0 to 16 [ 143.954991][ T9901] FAULT_INJECTION: forcing a failure. [ 143.954991][ T9901] name failslab, interval 1, probability 0, space 0, times 0 [ 143.970389][ T9901] CPU: 1 PID: 9901 Comm: syz-executor.0 Not tainted 5.14.0-rc6-syzkaller #0 [ 143.979060][ T9901] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 143.989117][ T9901] Call Trace: [ 143.992592][ T9901] dump_stack_lvl+0xb7/0x103 [ 143.997184][ T9901] dump_stack+0x11/0x1a [ 144.001341][ T9901] should_fail+0x23c/0x250 [ 144.005866][ T9901] __should_failslab+0x81/0x90 [ 144.010716][ T9901] should_failslab+0x5/0x20 [ 144.012580][ T9897] attempt to access beyond end of device [ 144.012580][ T9897] loop2: rw=2049, want=122, limit=16 [ 144.015212][ T9901] kmem_cache_alloc_node_trace+0x58/0x2e0 [ 144.026276][ T9897] buffer_io_error: 101 callbacks suppressed [ 144.026286][ T9897] Buffer I/O error on dev loop2, logical block 121, lost async page write [ 144.032013][ T9901] ? __get_vm_area_node+0x11b/0x260 [ 144.032047][ T9901] ? local_bh_enable+0x1b/0x20 [ 144.042896][ T9891] attempt to access beyond end of device [ 144.042896][ T9891] loop3: rw=2049, want=122, limit=16 [ 144.046470][ T9901] ? lock_sock_nested+0x128/0x160 [ 144.051687][ T9891] Buffer I/O error on dev loop3, logical block 121, lost async page write [ 144.056490][ T9901] __get_vm_area_node+0x11b/0x260 [ 144.085732][ T9901] __vmalloc_node_range+0xb7/0x5a0 [ 144.090919][ T9901] ? netlink_sendmsg+0x427/0x7c0 [ 144.095923][ T9901] ? rht_key_hashfn+0x60/0x60 [ 144.100660][ T9901] ? netlink_hash+0x90/0x90 [ 144.105165][ T9901] ? netlink_sendmsg+0x427/0x7c0 [ 144.110099][ T9901] vmalloc+0x5a/0x70 [ 144.113994][ T9901] ? netlink_sendmsg+0x427/0x7c0 [ 144.119021][ T9901] netlink_sendmsg+0x427/0x7c0 [ 144.123782][ T9901] ? netlink_getsockopt+0x720/0x720 [ 144.128902][ T9891] attempt to access beyond end of device [ 144.128902][ T9891] loop3: rw=2049, want=123, limit=16 [ 144.128995][ T9901] kernel_sendmsg+0x97/0xd0 [ 144.139787][ T9891] Buffer I/O error on dev loop3, logical block 122, lost async page write [ 144.144319][ T9901] sock_no_sendpage+0x84/0xb0 [ 144.155684][ T9897] attempt to access beyond end of device [ 144.155684][ T9897] loop2: rw=2049, want=123, limit=16 [ 144.157529][ T9901] ? remove_waiter+0x151/0x440 [ 144.157551][ T9901] ? __receive_sock+0x20/0x20 [ 144.168538][ T9897] Buffer I/O error on dev loop2, logical block 122, lost async page write [ 144.173266][ T9901] kernel_sendpage+0x187/0x200 [ 144.179396][ T9897] attempt to access beyond end of device [ 144.179396][ T9897] loop2: rw=2049, want=124, limit=16 [ 144.186391][ T9901] ? __receive_sock+0x20/0x20 [ 144.186413][ T9901] sock_sendpage+0x5a/0x70 [ 144.191285][ T9897] Buffer I/O error on dev loop2, logical block 123, lost async page write [ 144.201990][ T9901] pipe_to_sendpage+0x128/0x160 [ 144.208047][ T9891] attempt to access beyond end of device [ 144.208047][ T9891] loop3: rw=2049, want=124, limit=16 [ 144.211113][ T9901] ? sock_fasync+0xc0/0xc0 [ 144.219793][ T9891] Buffer I/O error on dev loop3, logical block 123, lost async page write [ 144.224603][ T9901] __splice_from_pipe+0x207/0x500 [ 144.236231][ T9897] attempt to access beyond end of device [ 144.236231][ T9897] loop2: rw=2049, want=125, limit=16 [ 144.239724][ T9901] ? generic_splice_sendpage+0xb0/0xb0 [ 144.239751][ T9901] generic_splice_sendpage+0x80/0xb0 [ 144.248248][ T9897] Buffer I/O error on dev loop2, logical block 124, lost async page write [ 144.253234][ T9901] ? iter_file_splice_write+0x750/0x750 [ 144.265374][ T9891] attempt to access beyond end of device [ 144.265374][ T9891] loop3: rw=2049, want=125, limit=16 [ 144.269390][ T9901] do_splice+0x9aa/0xd30 [ 144.269416][ T9901] ? vfs_write+0x50c/0x770 [ 144.274795][ T9891] Buffer I/O error on dev loop3, logical block 124, lost async page write [ 144.283306][ T9901] ? __fget_light+0x21b/0x260 [ 144.283327][ T9901] __se_sys_splice+0x2a6/0x390 [ 144.290183][ T9897] attempt to access beyond end of device [ 144.290183][ T9897] loop2: rw=2049, want=126, limit=16 [ 144.299583][ T9901] __x64_sys_splice+0x74/0x80 [ 144.299608][ T9901] do_syscall_64+0x3d/0x90 [ 144.299627][ T9901] entry_SYSCALL_64_after_hwframe+0x44/0xae 08:50:33 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(0x0, 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:50:33 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0x9, 0xf000) 08:50:33 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080), 0x0) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) [ 144.303847][ T9897] Buffer I/O error on dev loop2, logical block 125, lost async page write [ 144.308235][ T9901] RIP: 0033:0x4665e9 [ 144.308249][ T9901] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 144.318263][ T9891] Buffer I/O error on dev loop3, logical block 125, lost async page write [ 144.321370][ T9901] RSP: 002b:00007f7453ae6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 144.321389][ T9901] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665e9 [ 144.409091][ T9901] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003 [ 144.417049][ T9901] RBP: 00007f7453ae61d0 R08: 0000030000033fe0 R09: 0000000000000000 [ 144.425013][ T9901] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 144.432967][ T9901] R13: 00007ffda37b726f R14: 00007f7453ae6300 R15: 0000000000022000 [ 144.440978][ T9901] syz-executor.0: vmalloc error: size 4416, vm_struct allocation failed, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0 [ 144.455016][ T9901] CPU: 1 PID: 9901 Comm: syz-executor.0 Not tainted 5.14.0-rc6-syzkaller #0 [ 144.463678][ T9901] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 144.473711][ T9901] Call Trace: [ 144.476985][ T9901] dump_stack_lvl+0xb7/0x103 [ 144.481693][ T9901] dump_stack+0x11/0x1a [ 144.485835][ T9901] warn_alloc+0x105/0x160 [ 144.490252][ T9901] ? lock_sock_nested+0x128/0x160 [ 144.495316][ T9901] __vmalloc_node_range+0x20f/0x5a0 [ 144.500502][ T9901] ? rht_key_hashfn+0x60/0x60 [ 144.505233][ T9901] ? netlink_hash+0x90/0x90 [ 144.509804][ T9901] ? netlink_sendmsg+0x427/0x7c0 [ 144.514788][ T9901] vmalloc+0x5a/0x70 [ 144.518665][ T9901] ? netlink_sendmsg+0x427/0x7c0 [ 144.523665][ T9901] netlink_sendmsg+0x427/0x7c0 [ 144.528569][ T9901] ? netlink_getsockopt+0x720/0x720 [ 144.533907][ T9901] kernel_sendmsg+0x97/0xd0 [ 144.538434][ T9901] sock_no_sendpage+0x84/0xb0 [ 144.543093][ T9901] ? remove_waiter+0x151/0x440 [ 144.547834][ T9901] ? __receive_sock+0x20/0x20 [ 144.552490][ T9901] kernel_sendpage+0x187/0x200 [ 144.557258][ T9901] ? __receive_sock+0x20/0x20 [ 144.561935][ T9901] sock_sendpage+0x5a/0x70 [ 144.566418][ T9901] pipe_to_sendpage+0x128/0x160 [ 144.571248][ T9901] ? sock_fasync+0xc0/0xc0 [ 144.575700][ T9901] __splice_from_pipe+0x207/0x500 [ 144.580763][ T9901] ? generic_splice_sendpage+0xb0/0xb0 [ 144.586379][ T9901] generic_splice_sendpage+0x80/0xb0 [ 144.591654][ T9901] ? iter_file_splice_write+0x750/0x750 [ 144.597512][ T9901] do_splice+0x9aa/0xd30 [ 144.601826][ T9901] ? vfs_write+0x50c/0x770 [ 144.606219][ T9901] ? __fget_light+0x21b/0x260 [ 144.611002][ T9901] __se_sys_splice+0x2a6/0x390 [ 144.615846][ T9901] __x64_sys_splice+0x74/0x80 [ 144.620537][ T9901] do_syscall_64+0x3d/0x90 [ 144.624949][ T9901] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 144.631475][ T9901] RIP: 0033:0x4665e9 [ 144.635361][ T9901] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 144.655107][ T9901] RSP: 002b:00007f7453ae6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 144.663514][ T9901] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665e9 [ 144.671471][ T9901] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003 [ 144.679436][ T9901] RBP: 00007f7453ae61d0 R08: 0000030000033fe0 R09: 0000000000000000 [ 144.687387][ T9901] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 144.695429][ T9901] R13: 00007ffda37b726f R14: 00007f7453ae6300 R15: 0000000000022000 [ 144.703424][ T9901] Mem-Info: [ 144.706529][ T9901] active_anon:71 inactive_anon:81942 isolated_anon:0 [ 144.706529][ T9901] active_file:5225 inactive_file:38629 isolated_file:0 [ 144.706529][ T9901] unevictable:0 dirty:275 writeback:0 [ 144.706529][ T9901] slab_reclaimable:3756 slab_unreclaimable:5987 [ 144.706529][ T9901] mapped:60290 shmem:2618 pagetables:1140 bounce:0 [ 144.706529][ T9901] free:1826871 free_pcp:2913 free_cma:0 [ 144.743513][ T9901] Node 0 active_anon:284kB inactive_anon:327768kB active_file:20900kB inactive_file:154516kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:241160kB dirty:1100kB writeback:0kB shmem:10472kB writeback_tmp:0kB kernel_stack:1776kB pagetables:4560kB all_unreclaimable? no [ 144.770464][ T9901] Node 0 DMA free:15360kB min:20kB low:32kB high:44kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 144.796378][ T9901] lowmem_reserve[]: 0 2942 7920 7920 [ 144.801826][ T9901] Node 0 DMA32 free:3014332kB min:4224kB low:7236kB high:10248kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:3017344kB mlocked:0kB bounce:0kB free_pcp:3012kB local_pcp:2960kB free_cma:0kB [ 144.829995][ T9901] lowmem_reserve[]: 0 0 4978 4978 [ 144.835022][ T9901] Node 0 Normal free:4277792kB min:7152kB low:12248kB high:17344kB reserved_highatomic:0KB active_anon:284kB inactive_anon:327768kB active_file:20900kB inactive_file:154516kB unevictable:0kB writepending:1100kB present:5242880kB managed:5098028kB mlocked:0kB bounce:0kB free_pcp:8684kB local_pcp:5892kB free_cma:0kB [ 144.864978][ T9901] lowmem_reserve[]: 0 0 0 0 [ 144.869518][ T9901] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 144.882338][ T9901] Node 0 DMA32: 3*4kB (M) 2*8kB (M) 4*16kB (M) 3*32kB (M) 2*64kB (M) 3*128kB (M) 2*256kB (M) 3*512kB (M) 3*1024kB (M) 1*2048kB (M) 734*4096kB (M) = 3014332kB [ 144.898340][ T9901] Node 0 Normal: 10*4kB (UE) 73*8kB (U) 25*16kB (UME) 49*32kB (UM) 34*64kB (UME) 3*128kB (UM) 2*256kB (UM) 4*512kB (M) 4*1024kB (ME) 3*2048kB (M) 1040*4096kB (UM) = 4277792kB [ 144.916047][ T9901] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 144.925343][ T9901] 17184 total pagecache pages [ 144.930019][ T9901] 0 pages in swap cache [ 144.934158][ T9901] Swap cache stats: add 0, delete 0, find 0/0 [ 144.940264][ T9901] Free swap = 0kB [ 144.944051][ T9901] Total swap = 0kB [ 144.947746][ T9901] 2097051 pages RAM 08:50:33 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8) splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x0) 08:50:33 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, 0x0, 0x0) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:33 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x7, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 144.951658][ T9901] 0 pages HighMem/MovableOnly [ 144.956499][ T9901] 64368 pages reserved 08:50:34 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x8, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 145.033587][ T9939] loop3: detected capacity change from 0 to 16 [ 145.044266][ T9941] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 145.044915][ T9942] loop2: detected capacity change from 0 to 16 [ 145.059198][ T9943] loop5: detected capacity change from 0 to 16 [ 145.061136][ T9945] loop4: detected capacity change from 0 to 16 08:50:34 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080), 0x0) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:34 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:50:34 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x9, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:34 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0xa, 0xf000) 08:50:34 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080), 0x0) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:34 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xa, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:34 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xb, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:34 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x0, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) [ 145.171045][ T9966] loop2: detected capacity change from 0 to 16 [ 145.191887][ T9971] loop5: detected capacity change from 0 to 16 [ 145.210580][ T9977] loop3: detected capacity change from 0 to 16 [ 145.239100][ T9982] loop4: detected capacity change from 0 to 16 [ 145.282622][ T9992] loop2: detected capacity change from 0 to 16 08:50:34 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8) splice(r0, 0x0, r2, 0x0, 0xffffffffffffffff, 0x0) 08:50:34 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:50:34 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080), 0x0) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:34 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0xb, 0xf000) 08:50:34 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xc, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:34 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x0, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) [ 145.847302][T10007] net_ratelimit: 6 callbacks suppressed [ 145.847316][T10007] IPv4: Oversized IP packet from 127.0.0.1 [ 145.858951][ C1] IPv4: Oversized IP packet from 127.0.0.1 [ 145.865965][T10008] loop5: detected capacity change from 0 to 16 [ 145.868406][T10011] loop4: detected capacity change from 0 to 16 [ 145.872856][T10010] loop2: detected capacity change from 0 to 16 [ 145.879908][T10012] loop3: detected capacity change from 0 to 16 08:50:34 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080), 0x0) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:34 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x0, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:34 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:50:34 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xd, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:34 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0xc, 0xf000) [ 145.975806][T10029] loop5: detected capacity change from 0 to 16 08:50:34 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xe, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 146.018160][T10041] loop2: detected capacity change from 0 to 16 [ 146.028551][T10045] loop3: detected capacity change from 0 to 16 [ 146.041331][T10047] loop4: detected capacity change from 0 to 16 [ 146.050459][T10046] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 146.072117][T10051] IPv4: Oversized IP packet from 127.0.0.1 [ 146.078015][ C1] IPv4: Oversized IP packet from 127.0.0.1 08:50:35 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8) splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x2) 08:50:35 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x0, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:35 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, 0x0, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:35 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000740)=ANY=[], 0x178) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:35 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xf, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:35 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0xd, 0xf000) 08:50:35 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x10, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:35 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, 0x0, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) [ 146.736280][T10077] loop2: detected capacity change from 0 to 16 [ 146.750163][T10081] loop4: detected capacity change from 0 to 16 [ 146.752731][T10080] loop3: detected capacity change from 0 to 16 [ 146.766401][T10086] loop5: detected capacity change from 0 to 16 08:50:35 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x0, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:35 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0xe, 0xf000) 08:50:35 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000740)=ANY=[], 0x178) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:35 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x11, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 146.828907][T10097] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 146.861723][T10104] loop2: detected capacity change from 0 to 16 [ 146.868551][T10107] loop5: detected capacity change from 0 to 16 [ 146.907180][T10117] loop4: detected capacity change from 0 to 16 [ 146.924392][T10119] loop3: detected capacity change from 0 to 16 08:50:36 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8) splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x3) 08:50:36 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x0, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:36 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x12, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:36 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000740)=ANY=[], 0x178) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:36 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, 0x0, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:36 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0xf, 0xf000) 08:50:36 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, 0x0, 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:50:36 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x18, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 147.618304][T10142] loop3: detected capacity change from 0 to 16 [ 147.621155][T10143] loop5: detected capacity change from 0 to 16 [ 147.637674][T10144] loop4: detected capacity change from 0 to 16 [ 147.644106][T10146] loop2: detected capacity change from 0 to 16 08:50:36 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, 0x0, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) [ 147.682082][T10160] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 147.700314][T10162] loop3: detected capacity change from 0 to 16 08:50:36 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000), 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:36 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0x10, 0xf000) 08:50:36 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x25, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 147.766889][T10173] loop5: detected capacity change from 0 to 16 [ 147.800186][T10184] loop4: detected capacity change from 0 to 16 [ 147.826262][T10187] loop2: detected capacity change from 0 to 16 08:50:37 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8) splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x4) 08:50:37 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, 0x0, 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:50:37 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x48, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:37 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, 0x0, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:37 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0x22, 0xf000) 08:50:37 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000), 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) [ 148.495200][T10209] loop4: detected capacity change from 0 to 16 [ 148.501336][T10212] loop2: detected capacity change from 0 to 16 [ 148.502161][T10211] loop5: detected capacity change from 0 to 16 [ 148.508748][T10213] loop3: detected capacity change from 0 to 16 [ 148.528476][T10214] IPv4: Oversized IP packet from 127.0.0.1 [ 148.534459][ C1] IPv4: Oversized IP packet from 127.0.0.1 08:50:37 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000), 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:37 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, 0x0, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:37 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0x6f, 0xf000) 08:50:37 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x4c, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:37 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, 0x0, 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) [ 148.573875][T10227] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 148.628544][T10239] loop4: detected capacity change from 0 to 16 [ 148.635708][T10241] loop2: detected capacity change from 0 to 16 [ 148.647539][T10243] loop5: detected capacity change from 0 to 16 [ 148.655998][T10245] IPv4: Oversized IP packet from 127.0.0.1 [ 148.661912][ C0] IPv4: Oversized IP packet from 127.0.0.1 [ 148.673523][T10242] loop3: detected capacity change from 0 to 16 08:50:37 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) [ 148.758321][T10261] loop3: detected capacity change from 0 to 16 08:50:38 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8) splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x5) 08:50:38 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000), 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:38 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0x75, 0xf000) 08:50:38 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x60, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:38 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:38 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) [ 149.366611][T10279] loop3: detected capacity change from 0 to 16 [ 149.371935][T10280] loop5: detected capacity change from 0 to 16 [ 149.373056][T10281] loop2: detected capacity change from 0 to 16 [ 149.382020][T10283] IPv4: Oversized IP packet from 127.0.0.1 [ 149.386464][T10284] loop4: detected capacity change from 0 to 16 [ 149.391036][ C1] IPv4: Oversized IP packet from 127.0.0.1 [ 149.420046][T10281] handle_bad_sector: 216 callbacks suppressed [ 149.420058][T10281] attempt to access beyond end of device [ 149.420058][T10281] loop2: rw=2049, want=123, limit=16 [ 149.437012][T10281] buffer_io_error: 206 callbacks suppressed [ 149.437023][T10281] Buffer I/O error on dev loop2, logical block 122, lost async page write [ 149.460252][T10280] attempt to access beyond end of device [ 149.460252][T10280] loop5: rw=2049, want=123, limit=16 [ 149.467355][T10281] attempt to access beyond end of device [ 149.467355][T10281] loop2: rw=2049, want=124, limit=16 [ 149.471087][T10280] Buffer I/O error on dev loop5, logical block 122, lost async page write [ 149.472406][T10280] attempt to access beyond end of device [ 149.472406][T10280] loop5: rw=2049, want=124, limit=16 [ 149.481905][T10281] Buffer I/O error on dev loop2, logical block 123, lost async page write [ 149.493471][T10281] attempt to access beyond end of device [ 149.493471][T10281] loop2: rw=2049, want=125, limit=16 08:50:38 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) [ 149.501186][T10280] Buffer I/O error on dev loop5, logical block 123, lost async page write [ 149.509779][T10281] Buffer I/O error on dev loop2, logical block 124, lost async page write [ 149.542262][T10301] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 149.548908][T10281] attempt to access beyond end of device [ 149.548908][T10281] loop2: rw=2049, want=126, limit=16 [ 149.562253][T10281] Buffer I/O error on dev loop2, logical block 125, lost async page write 08:50:38 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x64, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:38 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0xca, 0xf000) [ 149.562406][T10280] attempt to access beyond end of device [ 149.562406][T10280] loop5: rw=2049, want=125, limit=16 [ 149.577813][T10281] attempt to access beyond end of device [ 149.577813][T10281] loop2: rw=2049, want=127, limit=16 [ 149.581692][T10280] Buffer I/O error on dev loop5, logical block 124, lost async page write [ 149.592525][T10281] Buffer I/O error on dev loop2, logical block 126, lost async page write [ 149.612533][T10281] attempt to access beyond end of device 08:50:38 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x68, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 149.612533][T10281] loop2: rw=2049, want=128, limit=16 [ 149.623447][T10281] Buffer I/O error on dev loop2, logical block 127, lost async page write [ 149.638081][T10280] attempt to access beyond end of device [ 149.638081][T10280] loop5: rw=2049, want=126, limit=16 [ 149.649077][T10280] Buffer I/O error on dev loop5, logical block 125, lost async page write 08:50:38 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x6c, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:38 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) [ 149.677628][T10318] loop3: detected capacity change from 0 to 16 [ 149.680237][T10319] loop4: detected capacity change from 0 to 16 [ 149.760951][T10334] loop2: detected capacity change from 0 to 16 08:50:39 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8) splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x6) 08:50:39 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0xcc, 0xf000) 08:50:39 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000), 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:39 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:39 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x74, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:39 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:39 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000), 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:39 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x7a, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:39 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) [ 150.283085][T10353] loop3: detected capacity change from 0 to 16 [ 150.285177][T10351] loop5: detected capacity change from 0 to 16 [ 150.303393][T10360] loop4: detected capacity change from 0 to 16 [ 150.318218][T10361] loop2: detected capacity change from 0 to 16 08:50:39 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0xcd, 0xf000) 08:50:39 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:39 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) [ 150.390472][T10373] loop5: detected capacity change from 0 to 16 [ 150.409224][T10383] loop3: detected capacity change from 0 to 16 [ 150.413372][T10382] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 150.474308][T10391] loop4: detected capacity change from 0 to 16 [ 150.489019][T10396] loop2: detected capacity change from 0 to 16 [ 150.507294][T10400] loop3: detected capacity change from 0 to 16 08:50:40 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8) splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x7) 08:50:40 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xe0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:40 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:40 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:40 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0xf0, 0xf000) 08:50:40 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, 0x0, 0x0) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:50:40 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x1f4, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 151.207080][T10422] net_ratelimit: 6 callbacks suppressed [ 151.207125][T10422] IPv4: Oversized IP packet from 127.0.0.1 [ 151.208170][T10421] loop5: detected capacity change from 0 to 16 [ 151.212766][ C0] IPv4: Oversized IP packet from 127.0.0.1 [ 151.219770][T10423] loop2: detected capacity change from 0 to 16 [ 151.226479][T10424] loop4: detected capacity change from 0 to 16 [ 151.230939][T10425] loop3: detected capacity change from 0 to 16 08:50:40 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:40 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0x204, 0xf000) 08:50:40 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:40 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x300, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:40 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(0xffffffffffffffff, &(0x7f0000000200), 0xf000) [ 151.290875][T10437] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 151.328055][T10443] loop2: detected capacity change from 0 to 16 [ 151.366584][T10454] IPv4: Oversized IP packet from 127.0.0.1 [ 151.372662][ C0] IPv4: Oversized IP packet from 127.0.0.1 [ 151.380076][T10455] loop4: detected capacity change from 0 to 16 [ 151.388045][T10457] loop5: detected capacity change from 0 to 16 [ 151.439409][T10467] loop2: detected capacity change from 0 to 16 08:50:41 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, 0x0, 0x0) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:50:41 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:41 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8) splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x8) 08:50:41 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x3e8, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:41 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0x300, 0xf000) 08:50:41 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(0xffffffffffffffff, &(0x7f0000000200), 0xf000) 08:50:41 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, 0x0, 0x0) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) [ 152.092544][T10485] loop4: detected capacity change from 0 to 16 [ 152.096766][T10484] loop3: detected capacity change from 0 to 16 [ 152.099049][T10486] loop2: detected capacity change from 0 to 16 [ 152.108203][T10487] IPv4: Oversized IP packet from 127.0.0.1 [ 152.113921][T10489] loop5: detected capacity change from 0 to 16 [ 152.116935][ C1] IPv4: Oversized IP packet from 127.0.0.1 08:50:41 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(0xffffffffffffffff, &(0x7f0000000200), 0xf000) 08:50:41 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:41 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0x402, 0xf000) 08:50:41 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x500, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 152.206140][T10506] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 152.216407][T10510] loop3: detected capacity change from 0 to 16 [ 152.237503][T10515] IPv4: Oversized IP packet from 127.0.0.1 [ 152.243485][ C1] IPv4: Oversized IP packet from 127.0.0.1 [ 152.249650][T10509] loop2: detected capacity change from 0 to 16 08:50:41 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080), 0x0) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:50:41 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, 0x0, 0x0) 08:50:41 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) [ 152.297678][T10526] loop5: detected capacity change from 0 to 16 [ 152.309044][T10527] loop4: detected capacity change from 0 to 16 [ 152.366612][T10542] loop3: detected capacity change from 0 to 16 [ 152.384302][T10539] loop5: detected capacity change from 0 to 16 [ 152.405210][T10550] loop2: detected capacity change from 0 to 16 08:50:41 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8) splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x9) 08:50:41 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x600, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:41 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0x406, 0xf000) 08:50:41 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080), 0x0) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:50:41 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:41 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, 0x0, 0x0) 08:50:42 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, 0x0, 0x0) 08:50:42 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x700, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 153.007715][T10564] loop2: detected capacity change from 0 to 16 [ 153.008921][T10563] loop4: detected capacity change from 0 to 16 [ 153.014221][T10566] loop3: detected capacity change from 0 to 16 [ 153.028656][T10568] IPv4: Oversized IP packet from 127.0.0.1 [ 153.034527][ C0] IPv4: Oversized IP packet from 127.0.0.1 [ 153.046651][T10567] loop5: detected capacity change from 0 to 16 08:50:42 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0x500, 0xf000) 08:50:42 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080), 0x0) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:50:42 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(0xffffffffffffffff, &(0x7f0000000200), 0xf000) 08:50:42 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x810, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 153.124627][T10583] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 153.136005][T10589] loop2: detected capacity change from 0 to 16 [ 153.151191][T10590] loop4: detected capacity change from 0 to 16 [ 153.155750][T10597] loop3: detected capacity change from 0 to 16 [ 153.225828][T10608] loop5: detected capacity change from 0 to 16 08:50:42 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8) splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0xa) 08:50:42 executing program 2 (fault-call:7 fault-nth:0): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:42 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x0, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:50:42 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0x600, 0xf000) 08:50:42 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x900, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:42 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(0xffffffffffffffff, &(0x7f0000000200), 0xf000) 08:50:42 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(0xffffffffffffffff, &(0x7f0000000200), 0xf000) [ 153.904992][T10628] loop5: detected capacity change from 0 to 16 [ 153.914895][T10630] loop2: detected capacity change from 0 to 16 [ 153.923811][T10633] loop4: detected capacity change from 0 to 16 [ 153.938118][T10634] loop3: detected capacity change from 0 to 16 [ 153.959437][T10630] FAULT_INJECTION: forcing a failure. [ 153.959437][T10630] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 153.972922][T10630] CPU: 0 PID: 10630 Comm: syz-executor.2 Not tainted 5.14.0-rc6-syzkaller #0 [ 153.982475][T10630] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 153.986965][T10647] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 153.992640][T10630] Call Trace: 08:50:42 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0x604, 0xf000) 08:50:42 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xa00, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 153.992650][T10630] dump_stack_lvl+0xb7/0x103 [ 153.992674][T10630] dump_stack+0x11/0x1a [ 153.992687][T10630] should_fail+0x23c/0x250 [ 154.019158][T10630] __alloc_pages+0x102/0x320 [ 154.023798][T10630] alloc_pages+0x2e8/0x340 [ 154.028226][T10630] __page_cache_alloc+0x4d/0xf0 [ 154.033174][T10630] pagecache_get_page+0x5f4/0x900 [ 154.038343][T10630] grab_cache_page_write_begin+0x3f/0x70 [ 154.043988][T10630] cont_write_begin+0x501/0x850 [ 154.048850][T10630] fat_write_begin+0x61/0xf0 [ 154.053617][T10630] ? fat_block_truncate_page+0x30/0x30 [ 154.059879][T10630] generic_perform_write+0x196/0x3c0 [ 154.065292][T10630] __generic_file_write_iter+0x202/0x300 [ 154.071079][T10630] ? generic_write_checks+0x250/0x290 [ 154.076475][T10630] generic_file_write_iter+0x75/0x130 [ 154.081842][T10630] vfs_write+0x69d/0x770 [ 154.086170][T10630] ksys_write+0xce/0x180 [ 154.090417][T10630] __x64_sys_write+0x3e/0x50 [ 154.095021][T10630] do_syscall_64+0x3d/0x90 [ 154.099509][T10630] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 154.105490][T10630] RIP: 0033:0x4665e9 [ 154.109382][T10630] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 154.129218][T10630] RSP: 002b:00007f6378f72188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 154.137647][T10630] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 154.145699][T10630] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000004 08:50:43 executing program 2 (fault-call:7 fault-nth:1): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:43 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x0, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:50:43 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xb00, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 154.153680][T10630] RBP: 00007f6378f721d0 R08: 0000000000000000 R09: 0000000000000000 [ 154.161708][T10630] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 154.169862][T10630] R13: 00007ffe6f0dae5f R14: 00007f6378f72300 R15: 0000000000022000 [ 154.188345][T10646] loop5: detected capacity change from 0 to 16 [ 154.253113][T10672] loop2: detected capacity change from 0 to 16 [ 154.264779][T10672] FAULT_INJECTION: forcing a failure. [ 154.264779][T10672] name failslab, interval 1, probability 0, space 0, times 0 [ 154.271651][T10674] loop4: detected capacity change from 0 to 16 [ 154.278042][T10672] CPU: 1 PID: 10672 Comm: syz-executor.2 Not tainted 5.14.0-rc6-syzkaller #0 [ 154.293092][T10672] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 154.303750][T10672] Call Trace: [ 154.307280][T10672] dump_stack_lvl+0xb7/0x103 [ 154.311861][T10672] dump_stack+0x11/0x1a [ 154.316090][T10672] should_fail+0x23c/0x250 [ 154.320504][T10672] ? fat_cache_add+0x219/0x570 [ 154.325290][T10672] __should_failslab+0x81/0x90 [ 154.330099][T10672] should_failslab+0x5/0x20 [ 154.334590][T10672] kmem_cache_alloc+0x46/0x2e0 [ 154.339360][T10672] fat_cache_add+0x219/0x570 [ 154.344230][T10672] fat_get_cluster+0x58e/0x870 [ 154.349327][T10672] ? __brelse+0x2c/0x50 [ 154.353582][T10672] fat_get_mapped_cluster+0xd0/0x250 [ 154.359604][T10672] fat_bmap+0x258/0x290 [ 154.363836][T10672] fat_get_block+0x36d/0x5a0 [ 154.368798][T10672] __block_write_begin_int+0x4a2/0x1060 [ 154.374793][T10672] ? fat_block_truncate_page+0x30/0x30 [ 154.380473][T10672] ? wait_for_stable_page+0x56/0x70 [ 154.385746][T10672] cont_write_begin+0x522/0x850 [ 154.390752][T10672] fat_write_begin+0x61/0xf0 [ 154.395370][T10672] ? fat_block_truncate_page+0x30/0x30 [ 154.400915][T10672] generic_perform_write+0x196/0x3c0 [ 154.406248][T10672] __generic_file_write_iter+0x202/0x300 [ 154.411957][T10672] ? generic_write_checks+0x250/0x290 [ 154.417464][T10672] generic_file_write_iter+0x75/0x130 [ 154.423124][T10672] vfs_write+0x69d/0x770 [ 154.427359][T10672] ksys_write+0xce/0x180 [ 154.431588][T10672] __x64_sys_write+0x3e/0x50 [ 154.436176][T10672] do_syscall_64+0x3d/0x90 [ 154.440634][T10672] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 154.446763][T10672] RIP: 0033:0x4665e9 [ 154.450689][T10672] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 154.470747][T10672] RSP: 002b:00007f6378f72188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 154.479165][T10672] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 154.487152][T10672] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000004 [ 154.496362][T10672] RBP: 00007f6378f721d0 R08: 0000000000000000 R09: 0000000000000000 [ 154.504930][T10672] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 154.513525][T10672] R13: 00007ffe6f0dae5f R14: 00007f6378f72300 R15: 0000000000022000 [ 154.523072][T10676] loop3: detected capacity change from 0 to 16 [ 154.544778][T10672] handle_bad_sector: 110 callbacks suppressed [ 154.544793][T10672] attempt to access beyond end of device [ 154.544793][T10672] loop2: rw=2049, want=123, limit=16 [ 154.562025][T10672] buffer_io_error: 100 callbacks suppressed [ 154.562036][T10672] Buffer I/O error on dev loop2, logical block 122, lost async page write [ 154.581204][T10672] attempt to access beyond end of device [ 154.581204][T10672] loop2: rw=2049, want=124, limit=16 [ 154.592296][T10672] Buffer I/O error on dev loop2, logical block 123, lost async page write [ 154.603028][T10672] attempt to access beyond end of device [ 154.603028][T10672] loop2: rw=2049, want=125, limit=16 [ 154.613831][T10672] Buffer I/O error on dev loop2, logical block 124, lost async page write [ 154.639895][T10672] attempt to access beyond end of device [ 154.639895][T10672] loop2: rw=2049, want=126, limit=16 [ 154.651259][T10672] Buffer I/O error on dev loop2, logical block 125, lost async page write [ 154.659909][T10672] attempt to access beyond end of device [ 154.659909][T10672] loop2: rw=2049, want=127, limit=16 [ 154.670835][T10672] Buffer I/O error on dev loop2, logical block 126, lost async page write [ 154.679403][T10672] attempt to access beyond end of device [ 154.679403][T10672] loop2: rw=2049, want=128, limit=16 [ 154.690209][T10672] Buffer I/O error on dev loop2, logical block 127, lost async page write 08:50:43 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8) splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0xb) 08:50:43 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, 0x0, 0x0) 08:50:43 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xc00, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:43 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x0, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:50:43 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0x700, 0xf000) 08:50:43 executing program 2 (fault-call:7 fault-nth:2): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:43 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, 0x0, 0x0) [ 154.791692][T10707] loop5: detected capacity change from 0 to 16 [ 154.793441][T10709] loop2: detected capacity change from 0 to 16 [ 154.801821][T10712] loop4: detected capacity change from 0 to 16 [ 154.804397][T10710] loop3: detected capacity change from 0 to 16 [ 154.842688][T10709] FAULT_INJECTION: forcing a failure. [ 154.842688][T10709] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 154.850186][T10712] attempt to access beyond end of device [ 154.850186][T10712] loop4: rw=2049, want=124, limit=16 [ 154.856005][T10709] CPU: 0 PID: 10709 Comm: syz-executor.2 Not tainted 5.14.0-rc6-syzkaller #0 [ 154.875451][T10709] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 154.885673][T10709] Call Trace: [ 154.889379][T10709] dump_stack_lvl+0xb7/0x103 [ 154.894115][T10709] dump_stack+0x11/0x1a [ 154.898288][T10709] should_fail+0x23c/0x250 [ 154.902714][T10709] should_fail_usercopy+0x16/0x20 [ 154.907761][T10709] copy_page_from_iter_atomic+0x2c1/0xba0 [ 154.913473][T10709] ? fat_write_begin+0x61/0xf0 [ 154.918329][T10709] ? fat_block_truncate_page+0x30/0x30 [ 154.923782][T10709] ? fat_write_begin+0x79/0xf0 [ 154.928539][T10709] generic_perform_write+0x1df/0x3c0 [ 154.934116][T10709] __generic_file_write_iter+0x202/0x300 [ 154.939866][T10709] ? generic_write_checks+0x250/0x290 [ 154.945228][T10709] generic_file_write_iter+0x75/0x130 [ 154.950733][T10709] vfs_write+0x69d/0x770 [ 154.954960][T10709] ksys_write+0xce/0x180 [ 154.959200][T10709] __x64_sys_write+0x3e/0x50 [ 154.963777][T10709] do_syscall_64+0x3d/0x90 [ 154.968274][T10709] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 154.974190][T10709] RIP: 0033:0x4665e9 [ 154.978102][T10709] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 154.997957][T10709] RSP: 002b:00007f6378f72188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 155.006350][T10709] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 155.014328][T10709] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000004 [ 155.022454][T10709] RBP: 00007f6378f721d0 R08: 0000000000000000 R09: 0000000000000000 [ 155.030428][T10709] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 08:50:44 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xca5, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:44 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0x900, 0xf000) [ 155.038657][T10709] R13: 00007ffe6f0dae5f R14: 00007f6378f72300 R15: 0000000000022000 [ 155.053234][T10722] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 155.078948][T10709] attempt to access beyond end of device [ 155.078948][T10709] loop2: rw=2049, want=122, limit=16 08:50:44 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xd00, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 155.093008][T10709] attempt to access beyond end of device [ 155.093008][T10709] loop2: rw=2049, want=123, limit=16 [ 155.104037][T10709] Buffer I/O error on dev loop2, logical block 122, lost async page write [ 155.112699][T10709] attempt to access beyond end of device [ 155.112699][T10709] loop2: rw=2049, want=124, limit=16 [ 155.123630][T10709] Buffer I/O error on dev loop2, logical block 123, lost async page write [ 155.129762][T10732] loop5: detected capacity change from 0 to 16 08:50:44 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, 0x0, 0x0) 08:50:44 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, 0x0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) [ 155.164285][T10709] Buffer I/O error on dev loop2, logical block 124, lost async page write [ 155.178873][T10746] loop4: detected capacity change from 0 to 16 [ 155.182786][T10709] Buffer I/O error on dev loop2, logical block 125, lost async page write [ 155.232617][T10756] loop5: detected capacity change from 0 to 16 [ 155.233202][T10757] loop3: detected capacity change from 0 to 16 08:50:44 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8) splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0xc) 08:50:44 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xe00, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:44 executing program 2 (fault-call:7 fault-nth:3): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:44 executing program 5 (fault-call:7 fault-nth:0): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:44 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0xa00, 0xf000) 08:50:44 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, 0x0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) [ 155.642411][T10780] loop2: detected capacity change from 0 to 16 [ 155.646328][T10781] loop5: detected capacity change from 0 to 16 [ 155.651176][T10783] loop3: detected capacity change from 0 to 16 [ 155.655092][T10782] loop4: detected capacity change from 0 to 16 [ 155.670770][T10780] FAULT_INJECTION: forcing a failure. [ 155.670770][T10780] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 155.684043][T10780] CPU: 0 PID: 10780 Comm: syz-executor.2 Not tainted 5.14.0-rc6-syzkaller #0 [ 155.692984][T10780] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 155.703045][T10780] Call Trace: [ 155.706347][T10780] dump_stack_lvl+0xb7/0x103 [ 155.710942][T10780] dump_stack+0x11/0x1a [ 155.715166][T10780] should_fail+0x23c/0x250 [ 155.717772][T10781] FAULT_INJECTION: forcing a failure. [ 155.717772][T10781] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 155.719584][T10780] __alloc_pages+0x102/0x320 [ 155.719609][T10780] alloc_pages+0x2e8/0x340 [ 155.742059][T10780] __page_cache_alloc+0x4d/0xf0 [ 155.746907][T10780] pagecache_get_page+0x5f4/0x900 [ 155.752057][T10780] grab_cache_page_write_begin+0x3f/0x70 [ 155.757696][T10780] cont_write_begin+0x501/0x850 [ 155.762534][T10780] fat_write_begin+0x61/0xf0 [ 155.767197][T10780] ? fat_block_truncate_page+0x30/0x30 [ 155.772877][T10780] generic_perform_write+0x196/0x3c0 [ 155.778239][T10780] ? fat_write_begin+0xf0/0xf0 [ 155.783074][T10780] __generic_file_write_iter+0x202/0x300 [ 155.788790][T10780] ? generic_write_checks+0x250/0x290 [ 155.794255][T10780] generic_file_write_iter+0x75/0x130 [ 155.799689][T10780] vfs_write+0x69d/0x770 [ 155.803932][T10780] ksys_write+0xce/0x180 [ 155.808165][T10780] __x64_sys_write+0x3e/0x50 [ 155.812849][T10780] do_syscall_64+0x3d/0x90 [ 155.817256][T10780] ? irqentry_exit+0xe/0x30 [ 155.821748][T10780] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 155.827642][T10780] RIP: 0033:0x4665e9 [ 155.831609][T10780] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 155.851287][T10780] RSP: 002b:00007f6378f72188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 155.859918][T10780] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 155.867970][T10780] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000004 [ 155.875926][T10780] RBP: 00007f6378f721d0 R08: 0000000000000000 R09: 0000000000000000 [ 155.883898][T10780] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 08:50:44 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0xb00, 0xf000) [ 155.891926][T10780] R13: 00007ffe6f0dae5f R14: 00007f6378f72300 R15: 0000000000022000 [ 155.899994][T10781] CPU: 1 PID: 10781 Comm: syz-executor.5 Not tainted 5.14.0-rc6-syzkaller #0 [ 155.908770][T10781] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 155.918942][T10781] Call Trace: [ 155.922221][T10781] dump_stack_lvl+0xb7/0x103 [ 155.926815][T10781] dump_stack+0x11/0x1a [ 155.931018][T10781] should_fail+0x23c/0x250 08:50:44 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, 0x0, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:50:44 executing program 2 (fault-call:7 fault-nth:4): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) [ 155.934413][T10797] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 155.935430][T10781] __alloc_pages+0x102/0x320 [ 155.935453][T10781] alloc_pages+0x2e8/0x340 [ 155.953736][T10781] __page_cache_alloc+0x4d/0xf0 [ 155.958661][T10781] pagecache_get_page+0x5f4/0x900 [ 155.963781][T10781] grab_cache_page_write_begin+0x3f/0x70 [ 155.969564][T10781] cont_write_begin+0x501/0x850 [ 155.974434][T10781] fat_write_begin+0x61/0xf0 [ 155.979008][T10781] ? fat_block_truncate_page+0x30/0x30 [ 155.984454][T10781] generic_perform_write+0x196/0x3c0 [ 155.989724][T10781] __generic_file_write_iter+0x202/0x300 [ 155.995339][T10781] ? generic_write_checks+0x250/0x290 [ 156.000699][T10781] generic_file_write_iter+0x75/0x130 [ 156.006065][T10781] vfs_write+0x69d/0x770 [ 156.010321][T10781] ksys_write+0xce/0x180 [ 156.014600][T10781] __x64_sys_write+0x3e/0x50 [ 156.019243][T10781] do_syscall_64+0x3d/0x90 [ 156.023733][T10781] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 156.029743][T10781] RIP: 0033:0x4665e9 [ 156.033622][T10781] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 156.053604][T10781] RSP: 002b:00007f6884076188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 156.062199][T10781] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 156.070326][T10781] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000004 [ 156.078281][T10781] RBP: 00007f68840761d0 R08: 0000000000000000 R09: 0000000000000000 [ 156.086249][T10781] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 08:50:45 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xf00, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:45 executing program 5 (fault-call:7 fault-nth:1): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:45 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x1008, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 156.094443][T10781] R13: 00007ffde1a7070f R14: 00007f6884076300 R15: 0000000000022000 [ 156.173847][T10811] loop3: detected capacity change from 0 to 16 [ 156.176638][T10821] loop4: detected capacity change from 0 to 16 [ 156.191516][T10822] loop2: detected capacity change from 0 to 16 [ 156.198109][T10823] loop5: detected capacity change from 0 to 16 [ 156.216650][T10823] FAULT_INJECTION: forcing a failure. [ 156.216650][T10823] name failslab, interval 1, probability 0, space 0, times 0 [ 156.229413][T10823] CPU: 0 PID: 10823 Comm: syz-executor.5 Not tainted 5.14.0-rc6-syzkaller #0 [ 156.238209][T10823] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 156.248260][T10823] Call Trace: [ 156.251535][T10823] dump_stack_lvl+0xb7/0x103 [ 156.256128][T10823] dump_stack+0x11/0x1a [ 156.260713][T10823] should_fail+0x23c/0x250 [ 156.265134][T10823] ? fat_cache_add+0x219/0x570 [ 156.269981][T10823] __should_failslab+0x81/0x90 [ 156.274746][T10823] should_failslab+0x5/0x20 [ 156.279244][T10823] kmem_cache_alloc+0x46/0x2e0 [ 156.279453][T10822] FAULT_INJECTION: forcing a failure. [ 156.279453][T10822] name failslab, interval 1, probability 0, space 0, times 0 [ 156.284089][T10823] fat_cache_add+0x219/0x570 [ 156.301230][T10823] fat_get_cluster+0x58e/0x870 [ 156.305992][T10823] ? __brelse+0x2c/0x50 [ 156.310184][T10823] fat_get_mapped_cluster+0xd0/0x250 [ 156.315493][T10823] fat_bmap+0x258/0x290 [ 156.319637][T10823] fat_get_block+0x36d/0x5a0 [ 156.324451][T10823] __block_write_begin_int+0x4a2/0x1060 [ 156.330219][T10823] ? fat_block_truncate_page+0x30/0x30 [ 156.335670][T10823] ? wait_for_stable_page+0x56/0x70 [ 156.340863][T10823] cont_write_begin+0x522/0x850 [ 156.345697][T10823] fat_write_begin+0x61/0xf0 [ 156.350280][T10823] ? fat_block_truncate_page+0x30/0x30 [ 156.355904][T10823] generic_perform_write+0x196/0x3c0 [ 156.361179][T10823] __generic_file_write_iter+0x202/0x300 [ 156.367019][T10823] ? generic_write_checks+0x250/0x290 [ 156.372401][T10823] generic_file_write_iter+0x75/0x130 [ 156.377883][T10823] vfs_write+0x69d/0x770 [ 156.382110][T10823] ksys_write+0xce/0x180 [ 156.386343][T10823] __x64_sys_write+0x3e/0x50 [ 156.390916][T10823] do_syscall_64+0x3d/0x90 [ 156.395318][T10823] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 156.401256][T10823] RIP: 0033:0x4665e9 [ 156.405145][T10823] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 156.424734][T10823] RSP: 002b:00007f6884076188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 156.433147][T10823] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 156.441112][T10823] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000004 [ 156.449160][T10823] RBP: 00007f68840761d0 R08: 0000000000000000 R09: 0000000000000000 [ 156.457551][T10823] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 156.465506][T10823] R13: 00007ffde1a7070f R14: 00007f6884076300 R15: 0000000000022000 [ 156.473637][T10822] CPU: 1 PID: 10822 Comm: syz-executor.2 Not tainted 5.14.0-rc6-syzkaller #0 [ 156.482392][T10822] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 156.492437][T10822] Call Trace: [ 156.495800][T10822] dump_stack_lvl+0xb7/0x103 [ 156.500380][T10822] dump_stack+0x11/0x1a [ 156.504537][T10822] should_fail+0x23c/0x250 [ 156.508940][T10822] ? xas_create+0x3fb/0xb30 [ 156.513504][T10822] __should_failslab+0x81/0x90 [ 156.518242][T10822] should_failslab+0x5/0x20 [ 156.522725][T10822] kmem_cache_alloc+0x46/0x2e0 [ 156.527518][T10822] xas_create+0x3fb/0xb30 [ 156.531861][T10822] xas_store+0x70/0xca0 [ 156.535996][T10822] ? memcg_check_events+0x23/0x3b0 [ 156.541099][T10822] ? cgroup_rstat_updated+0x60/0x1c0 [ 156.546362][T10822] ? get_page_from_freelist+0x54e/0x820 [ 156.551884][T10822] ? xas_find_conflict+0x422/0x4c0 [ 156.556985][T10822] __add_to_page_cache_locked+0x1eb/0x4b0 [ 156.562696][T10822] ? workingset_activation+0x270/0x270 [ 156.568301][T10822] add_to_page_cache_lru+0xa0/0x1b0 [ 156.573484][T10822] pagecache_get_page+0x6a3/0x900 [ 156.578529][T10822] grab_cache_page_write_begin+0x3f/0x70 [ 156.584255][T10822] cont_write_begin+0x501/0x850 [ 156.589106][T10822] fat_write_begin+0x61/0xf0 [ 156.593687][T10822] ? fat_block_truncate_page+0x30/0x30 [ 156.599228][T10822] generic_perform_write+0x196/0x3c0 [ 156.604587][T10822] ? fat_write_begin+0xf0/0xf0 [ 156.609335][T10822] __generic_file_write_iter+0x202/0x300 [ 156.615388][T10822] ? generic_write_checks+0x250/0x290 [ 156.620745][T10822] generic_file_write_iter+0x75/0x130 [ 156.626112][T10822] vfs_write+0x69d/0x770 [ 156.630483][T10822] ksys_write+0xce/0x180 [ 156.634766][T10822] __x64_sys_write+0x3e/0x50 [ 156.639334][T10822] do_syscall_64+0x3d/0x90 [ 156.643739][T10822] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 156.649756][T10822] RIP: 0033:0x4665e9 [ 156.653739][T10822] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 08:50:45 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8) splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0xd) 08:50:45 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x1100, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:45 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000), 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:50:45 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0xc00, 0xf000) 08:50:45 executing program 5 (fault-call:7 fault-nth:2): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) [ 156.673558][T10822] RSP: 002b:00007f6378f72188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 156.682178][T10822] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 156.690215][T10822] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000004 [ 156.698229][T10822] RBP: 00007f6378f721d0 R08: 0000000000000000 R09: 0000000000000000 [ 156.706266][T10822] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 156.714212][T10822] R13: 00007ffe6f0dae5f R14: 00007f6378f72300 R15: 0000000000022000 08:50:45 executing program 2 (fault-call:7 fault-nth:5): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) [ 156.750131][T10840] net_ratelimit: 18 callbacks suppressed [ 156.750145][T10840] IPv4: Oversized IP packet from 127.0.0.1 [ 156.761897][ C1] IPv4: Oversized IP packet from 127.0.0.1 08:50:45 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x1200, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 156.791890][T10853] loop3: detected capacity change from 0 to 16 [ 156.792837][T10852] loop4: detected capacity change from 0 to 16 [ 156.798296][T10854] loop5: detected capacity change from 0 to 16 [ 156.807262][T10855] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 156.821069][T10854] FAULT_INJECTION: forcing a failure. [ 156.821069][T10854] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 156.834142][T10854] CPU: 1 PID: 10854 Comm: syz-executor.5 Not tainted 5.14.0-rc6-syzkaller #0 [ 156.842962][T10854] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 156.853179][T10854] Call Trace: [ 156.856530][T10854] dump_stack_lvl+0xb7/0x103 [ 156.861300][T10854] dump_stack+0x11/0x1a [ 156.865442][T10854] should_fail+0x23c/0x250 [ 156.869934][T10854] should_fail_usercopy+0x16/0x20 [ 156.874989][T10854] copy_page_from_iter_atomic+0x2c1/0xba0 [ 156.880792][T10854] ? fat_write_begin+0x61/0xf0 [ 156.885552][T10854] ? fat_block_truncate_page+0x30/0x30 [ 156.891050][T10854] ? fat_write_begin+0x79/0xf0 [ 156.895886][T10854] generic_perform_write+0x1df/0x3c0 [ 156.901624][T10854] __generic_file_write_iter+0x202/0x300 [ 156.907278][T10854] ? generic_write_checks+0x250/0x290 [ 156.912642][T10854] generic_file_write_iter+0x75/0x130 [ 156.918075][T10854] vfs_write+0x69d/0x770 [ 156.922308][T10854] ksys_write+0xce/0x180 [ 156.926538][T10854] __x64_sys_write+0x3e/0x50 [ 156.931111][T10854] do_syscall_64+0x3d/0x90 [ 156.935515][T10854] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 156.941403][T10854] RIP: 0033:0x4665e9 [ 156.945278][T10854] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 156.965062][T10854] RSP: 002b:00007f6884076188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 156.973562][T10854] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 156.981539][T10854] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000004 [ 156.989494][T10854] RBP: 00007f68840761d0 R08: 0000000000000000 R09: 0000000000000000 [ 156.997493][T10854] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 157.005552][T10854] R13: 00007ffde1a7070f R14: 00007f6884076300 R15: 0000000000022000 08:50:46 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000), 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) [ 157.036941][T10868] IPv4: Oversized IP packet from 127.0.0.1 [ 157.040624][T10869] loop2: detected capacity change from 0 to 16 [ 157.042864][ C0] IPv4: Oversized IP packet from 127.0.0.1 [ 157.059172][T10869] FAULT_INJECTION: forcing a failure. [ 157.059172][T10869] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 157.072262][T10869] CPU: 1 PID: 10869 Comm: syz-executor.2 Not tainted 5.14.0-rc6-syzkaller #0 08:50:46 executing program 5 (fault-call:7 fault-nth:3): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) [ 157.081041][T10869] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 157.091264][T10869] Call Trace: [ 157.094584][T10869] dump_stack_lvl+0xb7/0x103 [ 157.099351][T10869] dump_stack+0x11/0x1a [ 157.103554][T10869] should_fail+0x23c/0x250 [ 157.108062][T10869] should_fail_usercopy+0x16/0x20 [ 157.113265][T10869] copy_page_from_iter_atomic+0x2c1/0xba0 [ 157.118982][T10869] ? fat_write_begin+0x61/0xf0 [ 157.123854][T10869] ? fat_block_truncate_page+0x30/0x30 [ 157.129401][T10869] ? fat_write_begin+0x79/0xf0 [ 157.134223][T10869] generic_perform_write+0x1df/0x3c0 [ 157.139541][T10869] ? fat_write_begin+0xf0/0xf0 [ 157.144289][T10869] __generic_file_write_iter+0x202/0x300 [ 157.149972][T10869] ? generic_write_checks+0x250/0x290 [ 157.155446][T10869] generic_file_write_iter+0x75/0x130 [ 157.161030][T10869] vfs_write+0x69d/0x770 [ 157.165313][T10869] ksys_write+0xce/0x180 [ 157.169594][T10869] __x64_sys_write+0x3e/0x50 [ 157.174257][T10869] do_syscall_64+0x3d/0x90 [ 157.178669][T10869] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 157.184563][T10869] RIP: 0033:0x4665e9 [ 157.188469][T10869] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 157.208118][T10869] RSP: 002b:00007f6378f72188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 157.216536][T10869] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 157.224588][T10869] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000004 [ 157.232540][T10869] RBP: 00007f6378f721d0 R08: 0000000000000000 R09: 0000000000000000 [ 157.240494][T10869] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 157.248641][T10869] R13: 00007ffe6f0dae5f R14: 00007f6378f72300 R15: 0000000000022000 08:50:46 executing program 2 (fault-call:7 fault-nth:6): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:46 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0xd00, 0xf000) 08:50:46 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x1800, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 157.281352][T10881] loop3: detected capacity change from 0 to 16 [ 157.315622][T10888] loop5: detected capacity change from 0 to 16 [ 157.324020][T10890] IPv4: Oversized IP packet from 127.0.0.1 [ 157.329922][ C1] IPv4: Oversized IP packet from 127.0.0.1 [ 157.354699][T10888] FAULT_INJECTION: forcing a failure. [ 157.354699][T10888] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 157.362678][T10902] loop4: detected capacity change from 0 to 16 [ 157.368229][T10888] CPU: 1 PID: 10888 Comm: syz-executor.5 Not tainted 5.14.0-rc6-syzkaller #0 [ 157.383238][T10888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 157.393918][T10888] Call Trace: [ 157.397189][T10888] dump_stack_lvl+0xb7/0x103 [ 157.401776][T10888] dump_stack+0x11/0x1a [ 157.406023][T10888] should_fail+0x23c/0x250 [ 157.410442][T10888] __alloc_pages+0x102/0x320 [ 157.415059][T10888] alloc_pages+0x2e8/0x340 [ 157.419523][T10888] __page_cache_alloc+0x4d/0xf0 [ 157.424537][T10888] pagecache_get_page+0x5f4/0x900 [ 157.429711][T10888] grab_cache_page_write_begin+0x3f/0x70 [ 157.435335][T10888] cont_write_begin+0x501/0x850 [ 157.440174][T10888] fat_write_begin+0x61/0xf0 [ 157.444749][T10888] ? fat_block_truncate_page+0x30/0x30 [ 157.450380][T10888] generic_perform_write+0x196/0x3c0 [ 157.455715][T10888] ? fat_write_begin+0xf0/0xf0 [ 157.460461][T10888] __generic_file_write_iter+0x202/0x300 [ 157.466168][T10888] ? generic_write_checks+0x250/0x290 [ 157.471528][T10888] generic_file_write_iter+0x75/0x130 [ 157.477184][T10888] vfs_write+0x69d/0x770 [ 157.481414][T10888] ksys_write+0xce/0x180 [ 157.485642][T10888] __x64_sys_write+0x3e/0x50 [ 157.490309][T10888] do_syscall_64+0x3d/0x90 [ 157.494727][T10888] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 157.500646][T10888] RIP: 0033:0x4665e9 [ 157.504709][T10888] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 157.524390][T10888] RSP: 002b:00007f6884076188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 157.532790][T10888] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 157.540771][T10888] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000004 08:50:46 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8) splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0xe) 08:50:46 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000), 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:50:46 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x2000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:46 executing program 5 (fault-call:7 fault-nth:4): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) [ 157.548728][T10888] RBP: 00007f68840761d0 R08: 0000000000000000 R09: 0000000000000000 [ 157.556686][T10888] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 157.564728][T10888] R13: 00007ffde1a7070f R14: 00007f6884076300 R15: 0000000000022000 [ 157.592318][T10901] loop2: detected capacity change from 0 to 16 [ 157.619663][T10901] FAULT_INJECTION: forcing a failure. [ 157.619663][T10901] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 157.633279][T10901] CPU: 0 PID: 10901 Comm: syz-executor.2 Not tainted 5.14.0-rc6-syzkaller #0 [ 157.641539][T10917] IPv4: Oversized IP packet from 127.0.0.1 [ 157.642038][T10901] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 157.647916][ C1] IPv4: Oversized IP packet from 127.0.0.1 [ 157.658299][T10901] Call Trace: [ 157.658308][T10901] dump_stack_lvl+0xb7/0x103 [ 157.658329][T10901] dump_stack+0x11/0x1a [ 157.676262][T10901] should_fail+0x23c/0x250 [ 157.680703][T10901] __alloc_pages+0x102/0x320 [ 157.685280][T10901] alloc_pages+0x2e8/0x340 [ 157.689821][T10901] __page_cache_alloc+0x4d/0xf0 [ 157.694921][T10901] pagecache_get_page+0x5f4/0x900 [ 157.699950][T10901] grab_cache_page_write_begin+0x3f/0x70 [ 157.705693][T10901] cont_write_begin+0x501/0x850 [ 157.710569][T10901] fat_write_begin+0x61/0xf0 [ 157.715241][T10901] ? fat_block_truncate_page+0x30/0x30 [ 157.720740][T10901] generic_perform_write+0x196/0x3c0 [ 157.726015][T10901] ? fat_write_begin+0xf0/0xf0 [ 157.730761][T10901] __generic_file_write_iter+0x202/0x300 [ 157.736463][T10901] ? generic_write_checks+0x250/0x290 [ 157.741951][T10901] generic_file_write_iter+0x75/0x130 [ 157.747364][T10901] vfs_write+0x69d/0x770 [ 157.751597][T10901] ksys_write+0xce/0x180 [ 157.755843][T10901] __x64_sys_write+0x3e/0x50 [ 157.760546][T10901] do_syscall_64+0x3d/0x90 [ 157.764951][T10901] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 157.770860][T10901] RIP: 0033:0x4665e9 [ 157.774736][T10901] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 157.794530][T10901] RSP: 002b:00007f6378f72188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 157.802927][T10901] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 157.810884][T10901] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000004 08:50:46 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0xe00, 0xf000) 08:50:46 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x2500, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:46 executing program 2 (fault-call:7 fault-nth:7): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) [ 157.818939][T10901] RBP: 00007f6378f721d0 R08: 0000000000000000 R09: 0000000000000000 [ 157.826892][T10901] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 157.834844][T10901] R13: 00007ffe6f0dae5f R14: 00007f6378f72300 R15: 0000000000022000 [ 157.851098][T10918] loop3: detected capacity change from 0 to 16 [ 157.858014][T10921] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. 08:50:46 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x4000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 157.893008][T10927] IPv4: Oversized IP packet from 127.0.0.1 [ 157.898906][ C0] IPv4: Oversized IP packet from 127.0.0.1 [ 157.916437][T10932] loop5: detected capacity change from 0 to 16 [ 157.934072][T10932] FAULT_INJECTION: forcing a failure. [ 157.934072][T10932] name failslab, interval 1, probability 0, space 0, times 0 [ 157.947256][T10932] CPU: 0 PID: 10932 Comm: syz-executor.5 Not tainted 5.14.0-rc6-syzkaller #0 [ 157.947447][T10940] loop4: detected capacity change from 0 to 16 [ 157.956014][T10932] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 157.956028][T10932] Call Trace: [ 157.956035][T10932] dump_stack_lvl+0xb7/0x103 [ 157.965060][T10945] loop2: detected capacity change from 0 to 16 [ 157.972812][T10932] dump_stack+0x11/0x1a [ 157.972851][T10932] should_fail+0x23c/0x250 [ 157.995661][T10932] ? xas_create+0x3fb/0xb30 [ 157.998972][T10945] FAULT_INJECTION: forcing a failure. [ 157.998972][T10945] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 158.000236][T10932] __should_failslab+0x81/0x90 [ 158.018114][T10932] should_failslab+0x5/0x20 [ 158.022630][T10932] kmem_cache_alloc+0x46/0x2e0 [ 158.027483][T10932] xas_create+0x3fb/0xb30 [ 158.031910][T10932] xas_store+0x70/0xca0 [ 158.036099][T10932] ? memcg_check_events+0x23/0x3b0 [ 158.041277][T10932] ? cgroup_rstat_updated+0x60/0x1c0 [ 158.046560][T10932] ? get_page_from_freelist+0x54e/0x820 [ 158.052203][T10932] ? xas_find_conflict+0x422/0x4c0 [ 158.057311][T10932] __add_to_page_cache_locked+0x1eb/0x4b0 [ 158.063019][T10932] ? workingset_activation+0x270/0x270 [ 158.068717][T10932] add_to_page_cache_lru+0xa0/0x1b0 [ 158.073917][T10932] pagecache_get_page+0x6a3/0x900 [ 158.078970][T10932] grab_cache_page_write_begin+0x3f/0x70 [ 158.084602][T10932] cont_write_begin+0x501/0x850 [ 158.089492][T10932] fat_write_begin+0x61/0xf0 [ 158.094175][T10932] ? fat_block_truncate_page+0x30/0x30 [ 158.099626][T10932] generic_perform_write+0x196/0x3c0 [ 158.104915][T10932] ? fat_write_begin+0xf0/0xf0 [ 158.109714][T10932] __generic_file_write_iter+0x202/0x300 [ 158.115355][T10932] ? generic_write_checks+0x250/0x290 [ 158.120753][T10932] generic_file_write_iter+0x75/0x130 [ 158.126113][T10932] vfs_write+0x69d/0x770 [ 158.130449][T10932] ksys_write+0xce/0x180 [ 158.134678][T10932] __x64_sys_write+0x3e/0x50 [ 158.139251][T10932] do_syscall_64+0x3d/0x90 [ 158.143651][T10932] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 158.149751][T10932] RIP: 0033:0x4665e9 [ 158.153712][T10932] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 158.173361][T10932] RSP: 002b:00007f6884076188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 158.181929][T10932] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 08:50:47 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) [ 158.189889][T10932] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000004 [ 158.197839][T10932] RBP: 00007f68840761d0 R08: 0000000000000000 R09: 0000000000000000 [ 158.205808][T10932] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 158.213879][T10932] R13: 00007ffde1a7070f R14: 00007f6884076300 R15: 0000000000022000 [ 158.221925][T10945] CPU: 1 PID: 10945 Comm: syz-executor.2 Not tainted 5.14.0-rc6-syzkaller #0 [ 158.230721][T10945] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 158.240770][T10945] Call Trace: [ 158.244055][T10945] dump_stack_lvl+0xb7/0x103 [ 158.248755][T10945] dump_stack+0x11/0x1a [ 158.252912][T10945] should_fail+0x23c/0x250 [ 158.257374][T10945] should_fail_usercopy+0x16/0x20 [ 158.262680][T10945] copy_page_from_iter_atomic+0x2c1/0xba0 [ 158.268400][T10945] ? fat_write_begin+0x61/0xf0 [ 158.273148][T10945] ? fat_block_truncate_page+0x30/0x30 [ 158.278665][T10945] ? fat_write_begin+0x79/0xf0 [ 158.283487][T10945] generic_perform_write+0x1df/0x3c0 [ 158.289004][T10945] ? fat_write_begin+0xf0/0xf0 [ 158.294011][T10945] __generic_file_write_iter+0x202/0x300 [ 158.299717][T10945] ? generic_write_checks+0x250/0x290 [ 158.305074][T10945] generic_file_write_iter+0x75/0x130 [ 158.310518][T10945] vfs_write+0x69d/0x770 [ 158.314746][T10945] ksys_write+0xce/0x180 [ 158.318986][T10945] __x64_sys_write+0x3e/0x50 [ 158.323615][T10945] do_syscall_64+0x3d/0x90 [ 158.328016][T10945] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 158.333945][T10945] RIP: 0033:0x4665e9 [ 158.337999][T10945] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 158.357585][T10945] RSP: 002b:00007f6378f72188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 158.365980][T10945] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 158.374071][T10945] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000004 [ 158.382032][T10945] RBP: 00007f6378f721d0 R08: 0000000000000000 R09: 0000000000000000 08:50:47 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x4800, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 158.389985][T10945] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 158.397939][T10945] R13: 00007ffe6f0dae5f R14: 00007f6378f72300 R15: 0000000000022000 [ 158.412992][T10957] loop3: detected capacity change from 0 to 16 08:50:47 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:50:47 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8) splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0xf) 08:50:47 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0xf00, 0xf000) 08:50:47 executing program 5 (fault-call:7 fault-nth:5): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:47 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x4c00, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:47 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:50:47 executing program 2 (fault-call:7 fault-nth:8): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) [ 158.502013][T10976] loop3: detected capacity change from 0 to 16 08:50:47 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x6000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 158.561216][T10992] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 158.575411][T10997] loop5: detected capacity change from 0 to 16 [ 158.582996][T10998] loop4: detected capacity change from 0 to 16 [ 158.591388][T11003] loop3: detected capacity change from 0 to 16 [ 158.594302][T11002] loop2: detected capacity change from 0 to 16 [ 158.609478][T10997] FAULT_INJECTION: forcing a failure. [ 158.609478][T10997] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 158.620795][T11002] FAULT_INJECTION: forcing a failure. [ 158.620795][T11002] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 158.622633][T10997] CPU: 1 PID: 10997 Comm: syz-executor.5 Not tainted 5.14.0-rc6-syzkaller #0 [ 158.644623][T10997] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 158.654668][T10997] Call Trace: [ 158.657931][T10997] dump_stack_lvl+0xb7/0x103 [ 158.662572][T10997] dump_stack+0x11/0x1a [ 158.666724][T10997] should_fail+0x23c/0x250 [ 158.671143][T10997] should_fail_usercopy+0x16/0x20 [ 158.676198][T10997] copy_page_from_iter_atomic+0x2c1/0xba0 [ 158.681987][T10997] ? fat_write_begin+0x61/0xf0 [ 158.686914][T10997] ? fat_block_truncate_page+0x30/0x30 [ 158.692407][T10997] ? fat_write_begin+0x79/0xf0 [ 158.697160][T10997] generic_perform_write+0x1df/0x3c0 [ 158.702441][T10997] ? fat_write_begin+0xf0/0xf0 [ 158.707195][T10997] __generic_file_write_iter+0x202/0x300 [ 158.712815][T10997] ? generic_write_checks+0x250/0x290 [ 158.718177][T10997] generic_file_write_iter+0x75/0x130 [ 158.723537][T10997] vfs_write+0x69d/0x770 [ 158.727907][T10997] ksys_write+0xce/0x180 [ 158.732232][T10997] __x64_sys_write+0x3e/0x50 [ 158.737011][T10997] do_syscall_64+0x3d/0x90 [ 158.741426][T10997] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 158.747307][T10997] RIP: 0033:0x4665e9 [ 158.751185][T10997] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 158.771196][T10997] RSP: 002b:00007f6884076188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 158.779692][T10997] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 158.787911][T10997] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000004 [ 158.796068][T10997] RBP: 00007f68840761d0 R08: 0000000000000000 R09: 0000000000000000 [ 158.804027][T10997] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 158.811987][T10997] R13: 00007ffde1a7070f R14: 00007f6884076300 R15: 0000000000022000 [ 158.819949][T11002] CPU: 0 PID: 11002 Comm: syz-executor.2 Not tainted 5.14.0-rc6-syzkaller #0 [ 158.829052][T11002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 158.839399][T11002] Call Trace: [ 158.842755][T11002] dump_stack_lvl+0xb7/0x103 [ 158.847509][T11002] dump_stack+0x11/0x1a [ 158.851657][T11002] should_fail+0x23c/0x250 [ 158.856238][T11002] __alloc_pages+0x102/0x320 [ 158.861078][T11002] alloc_pages+0x2e8/0x340 [ 158.866193][T11002] __page_cache_alloc+0x4d/0xf0 [ 158.871207][T11002] pagecache_get_page+0x5f4/0x900 [ 158.876379][T11002] grab_cache_page_write_begin+0x3f/0x70 [ 158.882096][T11002] cont_write_begin+0x501/0x850 [ 158.886950][T11002] fat_write_begin+0x61/0xf0 [ 158.891610][T11002] ? fat_block_truncate_page+0x30/0x30 [ 158.897061][T11002] generic_perform_write+0x196/0x3c0 [ 158.902616][T11002] ? fat_write_begin+0xf0/0xf0 [ 158.907390][T11002] __generic_file_write_iter+0x202/0x300 [ 158.913636][T11002] ? generic_write_checks+0x250/0x290 [ 158.919295][T11002] generic_file_write_iter+0x75/0x130 [ 158.924661][T11002] vfs_write+0x69d/0x770 [ 158.928978][T11002] ksys_write+0xce/0x180 [ 158.933228][T11002] __x64_sys_write+0x3e/0x50 [ 158.938005][T11002] do_syscall_64+0x3d/0x90 [ 158.942475][T11002] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 158.948705][T11002] RIP: 0033:0x4665e9 [ 158.952763][T11002] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 158.973103][T11002] RSP: 002b:00007f6378f72188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 158.982018][T11002] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 158.990061][T11002] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000004 [ 158.998200][T11002] RBP: 00007f6378f721d0 R08: 0000000000000000 R09: 0000000000000000 08:50:48 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x6400, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:48 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0xff6, 0xf000) [ 159.006174][T11002] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 159.014129][T11002] R13: 00007ffe6f0dae5f R14: 00007f6378f72300 R15: 0000000000022000 08:50:48 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:50:48 executing program 2 (fault-call:7 fault-nth:9): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:48 executing program 5 (fault-call:7 fault-nth:6): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) [ 159.103970][T11021] loop4: detected capacity change from 0 to 16 [ 159.118486][T11025] loop3: detected capacity change from 0 to 16 [ 159.136449][T11032] loop2: detected capacity change from 0 to 16 [ 159.142348][T11033] loop5: detected capacity change from 0 to 16 [ 159.170972][T11033] FAULT_INJECTION: forcing a failure. [ 159.170972][T11033] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 159.171607][T11032] FAULT_INJECTION: forcing a failure. [ 159.171607][T11032] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 159.184251][T11033] CPU: 1 PID: 11033 Comm: syz-executor.5 Not tainted 5.14.0-rc6-syzkaller #0 [ 159.205992][T11033] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 159.216091][T11033] Call Trace: [ 159.219358][T11033] dump_stack_lvl+0xb7/0x103 [ 159.223972][T11033] dump_stack+0x11/0x1a [ 159.228113][T11033] should_fail+0x23c/0x250 [ 159.232596][T11033] __alloc_pages+0x102/0x320 [ 159.237183][T11033] alloc_pages+0x2e8/0x340 [ 159.241634][T11033] __page_cache_alloc+0x4d/0xf0 [ 159.246491][T11033] pagecache_get_page+0x5f4/0x900 [ 159.251538][T11033] grab_cache_page_write_begin+0x3f/0x70 [ 159.257212][T11033] cont_write_begin+0x501/0x850 [ 159.262086][T11033] fat_write_begin+0x61/0xf0 [ 159.266660][T11033] ? fat_block_truncate_page+0x30/0x30 [ 159.272127][T11033] generic_perform_write+0x196/0x3c0 [ 159.277456][T11033] ? fat_write_begin+0xf0/0xf0 [ 159.282217][T11033] __generic_file_write_iter+0x202/0x300 [ 159.287844][T11033] ? generic_write_checks+0x250/0x290 [ 159.293296][T11033] generic_file_write_iter+0x75/0x130 [ 159.298739][T11033] vfs_write+0x69d/0x770 [ 159.303091][T11033] ksys_write+0xce/0x180 [ 159.307319][T11033] __x64_sys_write+0x3e/0x50 [ 159.312091][T11033] do_syscall_64+0x3d/0x90 [ 159.316496][T11033] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 159.322500][T11033] RIP: 0033:0x4665e9 [ 159.326493][T11033] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 159.347474][T11033] RSP: 002b:00007f6884076188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 159.356097][T11033] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 159.364077][T11033] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000004 [ 159.372130][T11033] RBP: 00007f68840761d0 R08: 0000000000000000 R09: 0000000000000000 [ 159.380098][T11033] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 159.389158][T11033] R13: 00007ffde1a7070f R14: 00007f6884076300 R15: 0000000000022000 [ 159.397204][T11032] CPU: 0 PID: 11032 Comm: syz-executor.2 Not tainted 5.14.0-rc6-syzkaller #0 [ 159.406223][T11032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 159.416275][T11032] Call Trace: 08:50:48 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8) splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x10) 08:50:48 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x6800, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:48 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:50:48 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0x2000, 0xf000) 08:50:48 executing program 5 (fault-call:7 fault-nth:7): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) [ 159.419553][T11032] dump_stack_lvl+0xb7/0x103 [ 159.424134][T11032] dump_stack+0x11/0x1a [ 159.428283][T11032] should_fail+0x23c/0x250 [ 159.432697][T11032] should_fail_usercopy+0x16/0x20 [ 159.437909][T11032] copy_page_from_iter_atomic+0x2c1/0xba0 [ 159.443999][T11032] ? fat_write_begin+0x61/0xf0 [ 159.448807][T11032] ? fat_block_truncate_page+0x30/0x30 [ 159.454580][T11032] ? fat_write_begin+0x79/0xf0 [ 159.459867][T11032] generic_perform_write+0x1df/0x3c0 [ 159.465271][T11032] ? fat_write_begin+0xf0/0xf0 [ 159.470026][T11032] __generic_file_write_iter+0x202/0x300 [ 159.475639][T11032] ? generic_write_checks+0x250/0x290 [ 159.480995][T11032] generic_file_write_iter+0x75/0x130 [ 159.486463][T11032] vfs_write+0x69d/0x770 [ 159.490879][T11032] ksys_write+0xce/0x180 [ 159.495319][T11032] __x64_sys_write+0x3e/0x50 [ 159.499987][T11032] do_syscall_64+0x3d/0x90 [ 159.504389][T11032] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 159.510271][T11032] RIP: 0033:0x4665e9 [ 159.514216][T11032] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 159.533968][T11032] RSP: 002b:00007f6378f72188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 159.542656][T11032] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 159.550989][T11032] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000004 [ 159.558947][T11032] RBP: 00007f6378f721d0 R08: 0000000000000000 R09: 0000000000000000 [ 159.566998][T11032] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 159.574988][T11032] R13: 00007ffe6f0dae5f R14: 00007f6378f72300 R15: 0000000000022000 [ 159.585388][T11032] handle_bad_sector: 99 callbacks suppressed [ 159.585403][T11032] attempt to access beyond end of device [ 159.585403][T11032] loop2: rw=2049, want=122, limit=16 [ 159.612338][T11032] attempt to access beyond end of device 08:50:48 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:50:48 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x6c00, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 159.612338][T11032] loop2: rw=2049, want=123, limit=16 [ 159.613332][T11048] loop3: detected capacity change from 0 to 16 [ 159.624137][T11032] buffer_io_error: 86 callbacks suppressed [ 159.624150][T11032] Buffer I/O error on dev loop2, logical block 122, lost async page write [ 159.645651][T11032] attempt to access beyond end of device [ 159.645651][T11032] loop2: rw=2049, want=124, limit=16 [ 159.656725][T11032] Buffer I/O error on dev loop2, logical block 123, lost async page write [ 159.665982][T11032] attempt to access beyond end of device [ 159.665982][T11032] loop2: rw=2049, want=125, limit=16 [ 159.676851][T11054] loop5: detected capacity change from 0 to 16 [ 159.680744][T11054] FAULT_INJECTION: forcing a failure. [ 159.680744][T11054] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 159.683137][T11032] Buffer I/O error on dev loop2, logical block 124, lost async page write [ 159.696430][T11054] CPU: 1 PID: 11054 Comm: syz-executor.5 Not tainted 5.14.0-rc6-syzkaller #0 [ 159.714621][T11054] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 159.724531][T11060] loop4: detected capacity change from 0 to 16 [ 159.725159][T11054] Call Trace: [ 159.725167][T11054] dump_stack_lvl+0xb7/0x103 [ 159.725189][T11054] dump_stack+0x11/0x1a [ 159.739635][T11032] attempt to access beyond end of device [ 159.739635][T11032] loop2: rw=2049, want=126, limit=16 [ 159.739821][T11054] should_fail+0x23c/0x250 [ 159.743983][T11032] Buffer I/O error on dev loop2, logical block 125, lost async page write [ 159.755380][T11054] should_fail_usercopy+0x16/0x20 [ 159.760394][T11060] attempt to access beyond end of device [ 159.760394][T11060] loop4: rw=2049, want=124, limit=16 [ 159.768315][T11054] copy_page_from_iter_atomic+0x2c1/0xba0 [ 159.783178][T11032] attempt to access beyond end of device [ 159.783178][T11032] loop2: rw=2049, want=127, limit=16 [ 159.784267][T11054] ? fat_write_begin+0x61/0xf0 [ 159.790353][T11032] Buffer I/O error on dev loop2, logical block 126, lost async page write [ 159.791772][T11032] attempt to access beyond end of device 08:50:48 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0x2200, 0xf000) 08:50:48 executing program 2 (fault-call:7 fault-nth:10): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) [ 159.791772][T11032] loop2: rw=2049, want=128, limit=16 [ 159.801444][T11054] ? fat_block_truncate_page+0x30/0x30 [ 159.801481][T11054] ? fat_write_begin+0x79/0xf0 [ 159.806312][T11032] Buffer I/O error on dev loop2, logical block 127, lost async page write [ 159.814865][T11054] generic_perform_write+0x1df/0x3c0 [ 159.825724][T11032] attempt to access beyond end of device [ 159.825724][T11032] loop2: rw=2049, want=42, limit=16 [ 159.831041][T11054] ? fat_write_begin+0xf0/0xf0 [ 159.831059][T11054] __generic_file_write_iter+0x202/0x300 [ 159.870717][T11054] ? generic_write_checks+0x250/0x290 [ 159.876114][T11054] generic_file_write_iter+0x75/0x130 [ 159.881495][T11054] vfs_write+0x69d/0x770 [ 159.885829][T11054] ksys_write+0xce/0x180 [ 159.890069][T11054] __x64_sys_write+0x3e/0x50 [ 159.894703][T11054] do_syscall_64+0x3d/0x90 [ 159.899104][T11054] ? irqentry_exit+0xe/0x30 [ 159.903654][T11054] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 159.909639][T11054] RIP: 0033:0x4665e9 [ 159.913624][T11054] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 159.933269][T11054] RSP: 002b:00007f6884076188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 159.942028][T11054] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 159.949994][T11054] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000004 [ 159.958218][T11054] RBP: 00007f68840761d0 R08: 0000000000000000 R09: 0000000000000000 [ 159.966177][T11054] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 159.974129][T11054] R13: 00007ffde1a7070f R14: 00007f6884076300 R15: 0000000000022000 [ 159.990340][T11054] attempt to access beyond end of device [ 159.990340][T11054] loop5: rw=2049, want=122, limit=16 [ 160.001640][T11054] Buffer I/O error on dev loop5, logical block 122, lost async page write [ 160.002658][T11069] loop3: detected capacity change from 0 to 16 08:50:48 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x7400, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:49 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(0xffffffffffffffff, &(0x7f0000000200), 0xf000) [ 160.010901][T11054] Buffer I/O error on dev loop5, logical block 123, lost async page write [ 160.035073][T11054] Buffer I/O error on dev loop5, logical block 124, lost async page write [ 160.046936][T11054] Buffer I/O error on dev loop5, logical block 125, lost async page write [ 160.056318][T11076] loop2: detected capacity change from 0 to 16 [ 160.072941][T11076] FAULT_INJECTION: forcing a failure. [ 160.072941][T11076] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 160.076444][T11081] loop4: detected capacity change from 0 to 16 [ 160.086370][T11076] CPU: 1 PID: 11076 Comm: syz-executor.2 Not tainted 5.14.0-rc6-syzkaller #0 [ 160.102578][T11076] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 160.112971][T11076] Call Trace: [ 160.116307][T11076] dump_stack_lvl+0xb7/0x103 [ 160.120989][T11076] dump_stack+0x11/0x1a [ 160.125217][T11076] should_fail+0x23c/0x250 [ 160.129633][T11076] __alloc_pages+0x102/0x320 [ 160.134649][T11076] alloc_pages+0x2e8/0x340 [ 160.139053][T11076] __page_cache_alloc+0x4d/0xf0 [ 160.143897][T11076] pagecache_get_page+0x5f4/0x900 [ 160.149069][T11076] grab_cache_page_write_begin+0x3f/0x70 [ 160.154687][T11076] cont_write_begin+0x501/0x850 [ 160.159578][T11076] fat_write_begin+0x61/0xf0 [ 160.164218][T11076] ? fat_block_truncate_page+0x30/0x30 [ 160.169667][T11076] generic_perform_write+0x196/0x3c0 [ 160.174936][T11076] ? fat_write_begin+0xf0/0xf0 [ 160.182938][T11076] __generic_file_write_iter+0x202/0x300 [ 160.188559][T11076] ? generic_write_checks+0x250/0x290 [ 160.194004][T11076] generic_file_write_iter+0x75/0x130 [ 160.199368][T11076] vfs_write+0x69d/0x770 [ 160.203594][T11076] ksys_write+0xce/0x180 [ 160.208951][T11076] __x64_sys_write+0x3e/0x50 [ 160.213530][T11076] do_syscall_64+0x3d/0x90 [ 160.217942][T11076] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 160.223828][T11076] RIP: 0033:0x4665e9 [ 160.227719][T11076] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 160.247332][T11076] RSP: 002b:00007f6378f72188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 160.255955][T11076] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 160.263922][T11076] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000004 08:50:49 executing program 5 (fault-call:7 fault-nth:8): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:49 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8) splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x11) [ 160.271874][T11076] RBP: 00007f6378f721d0 R08: 0000000000000000 R09: 0000000000000000 [ 160.279828][T11076] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 160.287780][T11076] R13: 00007ffe6f0dae5f R14: 00007f6378f72300 R15: 0000000000022000 08:50:49 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x7a00, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:49 executing program 2 (fault-call:7 fault-nth:11): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:49 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(0xffffffffffffffff, &(0x7f0000000200), 0xf000) 08:50:49 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0x3f00, 0xf000) [ 160.342696][T11090] loop3: detected capacity change from 0 to 16 [ 160.377518][T11099] loop5: detected capacity change from 0 to 16 [ 160.394825][T11099] FAULT_INJECTION: forcing a failure. [ 160.394825][T11099] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 160.405576][T11106] loop2: detected capacity change from 0 to 16 [ 160.408476][T11099] CPU: 1 PID: 11099 Comm: syz-executor.5 Not tainted 5.14.0-rc6-syzkaller #0 [ 160.423523][T11099] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 160.433592][T11099] Call Trace: [ 160.436867][T11099] dump_stack_lvl+0xb7/0x103 [ 160.441464][T11099] dump_stack+0x11/0x1a [ 160.445601][T11099] should_fail+0x23c/0x250 [ 160.450124][T11099] __alloc_pages+0x102/0x320 [ 160.454706][T11099] alloc_pages+0x2e8/0x340 [ 160.459105][T11099] __page_cache_alloc+0x4d/0xf0 [ 160.463939][T11099] pagecache_get_page+0x5f4/0x900 [ 160.468960][T11099] grab_cache_page_write_begin+0x3f/0x70 [ 160.474589][T11099] cont_write_begin+0x501/0x850 [ 160.479433][T11099] fat_write_begin+0x61/0xf0 [ 160.484091][T11099] ? fat_block_truncate_page+0x30/0x30 [ 160.489543][T11099] generic_perform_write+0x196/0x3c0 [ 160.494816][T11099] ? fat_write_begin+0xf0/0xf0 [ 160.499570][T11099] __generic_file_write_iter+0x202/0x300 [ 160.505187][T11099] ? generic_write_checks+0x250/0x290 [ 160.510543][T11099] generic_file_write_iter+0x75/0x130 [ 160.515901][T11099] vfs_write+0x69d/0x770 [ 160.520212][T11099] ksys_write+0xce/0x180 [ 160.524450][T11099] __x64_sys_write+0x3e/0x50 [ 160.529031][T11099] do_syscall_64+0x3d/0x90 [ 160.533431][T11099] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 160.539428][T11099] RIP: 0033:0x4665e9 [ 160.543299][T11099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 160.563058][T11099] RSP: 002b:00007f6884076188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 160.571452][T11099] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 160.579503][T11099] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000004 [ 160.587455][T11099] RBP: 00007f68840761d0 R08: 0000000000000000 R09: 0000000000000000 08:50:49 executing program 5 (fault-call:7 fault-nth:9): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) [ 160.595409][T11099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 160.603377][T11099] R13: 00007ffde1a7070f R14: 00007f6884076300 R15: 0000000000022000 [ 160.635822][T11112] loop3: detected capacity change from 0 to 16 08:50:49 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(0xffffffffffffffff, &(0x7f0000000200), 0xf000) [ 160.644408][T11109] FAULT_INJECTION: forcing a failure. [ 160.644408][T11109] name failslab, interval 1, probability 0, space 0, times 0 [ 160.657070][T11109] CPU: 1 PID: 11109 Comm: syz-executor.2 Not tainted 5.14.0-rc6-syzkaller #0 [ 160.660773][T11117] loop4: detected capacity change from 0 to 16 [ 160.665824][T11109] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 160.665836][T11109] Call Trace: [ 160.665843][T11109] dump_stack_lvl+0xb7/0x103 [ 160.689866][T11109] dump_stack+0x11/0x1a 08:50:49 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xa50c, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 160.694021][T11109] should_fail+0x23c/0x250 [ 160.698439][T11109] ? mempool_alloc_slab+0x16/0x20 [ 160.703498][T11109] __should_failslab+0x81/0x90 [ 160.708254][T11109] should_failslab+0x5/0x20 [ 160.712747][T11109] kmem_cache_alloc+0x46/0x2e0 [ 160.717514][T11109] ? bit_wait+0x50/0x50 [ 160.721753][T11109] mempool_alloc_slab+0x16/0x20 [ 160.726598][T11109] ? mempool_free+0x130/0x130 [ 160.731282][T11109] mempool_alloc+0x8c/0x300 [ 160.735782][T11109] ? __sync_dirty_buffer+0x1c2/0x1e0 [ 160.741059][T11109] ? __brelse+0x2c/0x50 [ 160.745219][T11109] bio_alloc_bioset+0xcc/0x480 [ 160.749999][T11109] ? do_writepages+0x110/0x150 [ 160.754752][T11109] submit_bh_wbc+0x130/0x330 [ 160.759340][T11109] ? __writeback_single_inode+0x2ad/0x440 [ 160.765093][T11109] ? __list_del_entry_valid+0x54/0xc0 [ 160.770467][T11109] write_dirty_buffer+0xde/0xf0 [ 160.775389][T11109] sync_mapping_buffers+0x2bf/0x8b0 [ 160.780595][T11109] ext4_sync_file+0x4d5/0x670 [ 160.785274][T11109] ? tsan.module_ctor+0x10/0x10 [ 160.790113][T11109] vfs_fsync_range+0x107/0x120 08:50:49 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0x4000, 0xf000) [ 160.794976][T11109] iomap_dio_complete+0x2d5/0x3c0 [ 160.800011][T11109] iomap_dio_rw+0x4e/0x70 [ 160.804398][T11109] ? ext4_file_write_iter+0x4d1/0x11d0 [ 160.809981][T11109] ext4_file_write_iter+0xa04/0x11d0 [ 160.815287][T11109] ? ext4_file_write_iter+0x4d1/0x11d0 [ 160.820746][T11109] ? iov_iter_init+0xb1/0xf0 [ 160.825624][T11109] vfs_write+0x69d/0x770 [ 160.829845][T11109] ksys_write+0xce/0x180 [ 160.834153][T11109] __x64_sys_write+0x3e/0x50 [ 160.838738][T11109] do_syscall_64+0x3d/0x90 [ 160.843141][T11109] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 160.849037][T11109] RIP: 0033:0x4665e9 [ 160.852909][T11109] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 160.872821][T11109] RSP: 002b:00007f6378f51188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 160.881216][T11109] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665e9 [ 160.889189][T11109] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006 08:50:49 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xe000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 160.897163][T11109] RBP: 00007f6378f511d0 R08: 0000000000000000 R09: 0000000000000000 [ 160.905120][T11109] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 160.913222][T11109] R13: 00007ffe6f0dae5f R14: 00007f6378f51300 R15: 0000000000022000 08:50:49 executing program 2 (fault-call:7 fault-nth:12): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:49 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xe803, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 160.956312][T11135] loop5: detected capacity change from 0 to 16 [ 160.980754][T11145] loop4: detected capacity change from 0 to 16 [ 160.983940][T11135] FAULT_INJECTION: forcing a failure. [ 160.983940][T11135] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 161.001974][T11135] CPU: 1 PID: 11135 Comm: syz-executor.5 Not tainted 5.14.0-rc6-syzkaller #0 [ 161.007896][T11146] loop3: detected capacity change from 0 to 16 [ 161.010824][T11135] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 161.027303][T11135] Call Trace: [ 161.031019][T11135] dump_stack_lvl+0xb7/0x103 [ 161.035685][T11135] dump_stack+0x11/0x1a [ 161.039916][T11135] should_fail+0x23c/0x250 [ 161.044323][T11135] should_fail_usercopy+0x16/0x20 [ 161.049378][T11135] copy_page_from_iter_atomic+0x2c1/0xba0 [ 161.055125][T11135] ? fat_write_begin+0x61/0xf0 [ 161.059886][T11135] ? fat_block_truncate_page+0x30/0x30 [ 161.065422][T11135] ? fat_write_begin+0x79/0xf0 [ 161.070228][T11135] generic_perform_write+0x1df/0x3c0 [ 161.075530][T11135] ? fat_write_begin+0xf0/0xf0 [ 161.080294][T11135] __generic_file_write_iter+0x202/0x300 [ 161.086085][T11135] ? generic_write_checks+0x250/0x290 [ 161.091748][T11135] generic_file_write_iter+0x75/0x130 [ 161.097381][T11135] vfs_write+0x69d/0x770 [ 161.101838][T11135] ksys_write+0xce/0x180 [ 161.106492][T11135] __x64_sys_write+0x3e/0x50 [ 161.111068][T11135] do_syscall_64+0x3d/0x90 [ 161.115684][T11135] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 161.121790][T11135] RIP: 0033:0x4665e9 [ 161.125669][T11135] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 161.146474][T11135] RSP: 002b:00007f6884076188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 161.155139][T11135] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 161.163117][T11135] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000004 [ 161.171435][T11135] RBP: 00007f68840761d0 R08: 0000000000000000 R09: 0000000000000000 [ 161.179479][T11135] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 161.187705][T11135] R13: 00007ffde1a7070f R14: 00007f6884076300 R15: 0000000000022000 08:50:50 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8) splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x12) 08:50:50 executing program 5 (fault-call:7 fault-nth:10): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) [ 161.223860][T11159] loop2: detected capacity change from 0 to 16 [ 161.260865][T11159] FAULT_INJECTION: forcing a failure. [ 161.260865][T11159] name fail_page_alloc, interval 1, probability 0, space 0, times 0 08:50:50 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, 0x0, 0x0) 08:50:50 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xe8ff, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:50 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0x6f00, 0xf000) [ 161.274309][T11159] CPU: 0 PID: 11159 Comm: syz-executor.2 Not tainted 5.14.0-rc6-syzkaller #0 [ 161.283157][T11159] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 161.293266][T11159] Call Trace: [ 161.296540][T11159] dump_stack_lvl+0xb7/0x103 [ 161.301142][T11159] dump_stack+0x11/0x1a [ 161.305302][T11159] should_fail+0x23c/0x250 [ 161.309728][T11159] __alloc_pages+0x102/0x320 [ 161.314429][T11159] alloc_pages+0x2e8/0x340 [ 161.318982][T11159] __page_cache_alloc+0x4d/0xf0 [ 161.323868][T11159] pagecache_get_page+0x5f4/0x900 [ 161.328879][T11159] grab_cache_page_write_begin+0x3f/0x70 [ 161.334665][T11159] cont_write_begin+0x501/0x850 [ 161.339703][T11159] fat_write_begin+0x61/0xf0 [ 161.344320][T11159] ? fat_block_truncate_page+0x30/0x30 [ 161.349859][T11159] generic_perform_write+0x196/0x3c0 [ 161.355354][T11159] ? fat_write_begin+0xf0/0xf0 [ 161.360096][T11159] __generic_file_write_iter+0x202/0x300 [ 161.365747][T11159] ? generic_write_checks+0x250/0x290 [ 161.371202][T11159] generic_file_write_iter+0x75/0x130 [ 161.376576][T11159] vfs_write+0x69d/0x770 [ 161.380810][T11159] ksys_write+0xce/0x180 [ 161.385032][T11159] __x64_sys_write+0x3e/0x50 [ 161.389605][T11159] do_syscall_64+0x3d/0x90 [ 161.394033][T11159] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 161.399929][T11159] RIP: 0033:0x4665e9 [ 161.403888][T11159] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 08:50:50 executing program 2 (fault-call:7 fault-nth:13): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) [ 161.423679][T11159] RSP: 002b:00007f6378f72188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 161.432283][T11159] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 161.440237][T11159] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000004 [ 161.449538][T11159] RBP: 00007f6378f721d0 R08: 0000000000000000 R09: 0000000000000000 [ 161.457490][T11159] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 161.465572][T11159] R13: 00007ffe6f0dae5f R14: 00007f6378f72300 R15: 0000000000022000 [ 161.495841][T11176] loop5: detected capacity change from 0 to 16 [ 161.508908][T11176] FAULT_INJECTION: forcing a failure. [ 161.508908][T11176] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 161.522610][T11176] CPU: 1 PID: 11176 Comm: syz-executor.5 Not tainted 5.14.0-rc6-syzkaller #0 [ 161.531541][T11176] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 161.541645][T11176] Call Trace: 08:50:50 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xf401, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 161.542576][T11183] loop2: detected capacity change from 0 to 16 [ 161.544919][T11176] dump_stack_lvl+0xb7/0x103 [ 161.555665][T11176] dump_stack+0x11/0x1a [ 161.559816][T11176] should_fail+0x23c/0x250 [ 161.561630][T11183] FAULT_INJECTION: forcing a failure. [ 161.561630][T11183] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 161.564238][T11176] __alloc_pages+0x102/0x320 [ 161.564263][T11176] alloc_pages+0x2e8/0x340 [ 161.586421][T11176] __page_cache_alloc+0x4d/0xf0 [ 161.591262][T11176] pagecache_get_page+0x5f4/0x900 [ 161.596272][T11176] grab_cache_page_write_begin+0x3f/0x70 [ 161.601890][T11176] cont_write_begin+0x501/0x850 [ 161.606821][T11176] fat_write_begin+0x61/0xf0 [ 161.611396][T11176] ? fat_block_truncate_page+0x30/0x30 [ 161.616879][T11176] generic_perform_write+0x196/0x3c0 [ 161.622157][T11176] ? fat_write_begin+0xf0/0xf0 [ 161.626920][T11176] __generic_file_write_iter+0x202/0x300 [ 161.632544][T11176] ? generic_write_checks+0x250/0x290 [ 161.637975][T11176] generic_file_write_iter+0x75/0x130 [ 161.643333][T11176] vfs_write+0x69d/0x770 [ 161.647556][T11176] ksys_write+0xce/0x180 [ 161.651783][T11176] __x64_sys_write+0x3e/0x50 [ 161.656378][T11176] do_syscall_64+0x3d/0x90 [ 161.660813][T11176] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 161.666769][T11176] RIP: 0033:0x4665e9 [ 161.670748][T11176] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 161.690388][T11176] RSP: 002b:00007f6884076188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 161.698780][T11176] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 161.706732][T11176] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000004 [ 161.714709][T11176] RBP: 00007f68840761d0 R08: 0000000000000000 R09: 0000000000000000 [ 161.722719][T11176] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 161.730680][T11176] R13: 00007ffde1a7070f R14: 00007f6884076300 R15: 0000000000022000 08:50:50 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, 0x0, 0x0) [ 161.738892][T11183] CPU: 0 PID: 11183 Comm: syz-executor.2 Not tainted 5.14.0-rc6-syzkaller #0 [ 161.747648][T11183] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 161.757695][T11183] Call Trace: [ 161.760971][T11183] dump_stack_lvl+0xb7/0x103 [ 161.765562][T11183] dump_stack+0x11/0x1a [ 161.767499][T11194] loop3: detected capacity change from 0 to 16 [ 161.769713][T11183] should_fail+0x23c/0x250 [ 161.780333][T11183] should_fail_usercopy+0x16/0x20 [ 161.785360][T11183] copy_page_from_iter_atomic+0x2c1/0xba0 [ 161.791089][T11183] ? fat_write_begin+0x61/0xf0 08:50:50 executing program 5 (fault-call:7 fault-nth:11): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) [ 161.795866][T11183] ? fat_block_truncate_page+0x30/0x30 [ 161.801384][T11183] ? fat_write_begin+0x79/0xf0 [ 161.806136][T11183] generic_perform_write+0x1df/0x3c0 [ 161.811680][T11183] ? fat_write_begin+0xf0/0xf0 [ 161.816491][T11183] __generic_file_write_iter+0x202/0x300 [ 161.822127][T11183] ? generic_write_checks+0x250/0x290 [ 161.827498][T11183] generic_file_write_iter+0x75/0x130 [ 161.832887][T11183] vfs_write+0x69d/0x770 [ 161.837129][T11183] ksys_write+0xce/0x180 [ 161.841233][T11193] loop4: detected capacity change from 0 to 16 [ 161.841368][T11183] __x64_sys_write+0x3e/0x50 [ 161.852156][T11183] do_syscall_64+0x3d/0x90 [ 161.856668][T11183] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 161.862650][T11183] RIP: 0033:0x4665e9 [ 161.866532][T11183] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 161.886291][T11183] RSP: 002b:00007f6378f72188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 08:50:50 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0x7500, 0xf000) 08:50:50 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xfcff, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:50 executing program 2 (fault-call:7 fault-nth:14): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) [ 161.894703][T11183] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 161.902697][T11183] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000004 [ 161.910752][T11183] RBP: 00007f6378f721d0 R08: 0000000000000000 R09: 0000000000000000 [ 161.918819][T11183] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 161.926819][T11183] R13: 00007ffe6f0dae5f R14: 00007f6378f72300 R15: 0000000000022000 [ 161.973155][T11218] loop4: detected capacity change from 0 to 16 [ 161.984921][T11222] loop5: detected capacity change from 0 to 16 [ 162.001146][T11225] loop3: detected capacity change from 0 to 16 [ 162.014312][T11222] FAULT_INJECTION: forcing a failure. [ 162.014312][T11222] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 162.027531][T11222] CPU: 1 PID: 11222 Comm: syz-executor.5 Not tainted 5.14.0-rc6-syzkaller #0 [ 162.036457][T11222] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 162.046709][T11222] Call Trace: [ 162.049986][T11222] dump_stack_lvl+0xb7/0x103 [ 162.054592][T11222] dump_stack+0x11/0x1a [ 162.058752][T11222] should_fail+0x23c/0x250 [ 162.063173][T11222] should_fail_usercopy+0x16/0x20 [ 162.068307][T11222] copy_page_from_iter_atomic+0x2c1/0xba0 [ 162.074026][T11222] ? fat_write_begin+0x61/0xf0 [ 162.078773][T11222] ? fat_block_truncate_page+0x30/0x30 [ 162.084233][T11222] ? fat_write_begin+0x79/0xf0 [ 162.089069][T11222] generic_perform_write+0x1df/0x3c0 [ 162.094346][T11222] ? fat_write_begin+0xf0/0xf0 [ 162.099091][T11222] __generic_file_write_iter+0x202/0x300 [ 162.104726][T11222] ? generic_write_checks+0x250/0x290 [ 162.110083][T11222] generic_file_write_iter+0x75/0x130 [ 162.115520][T11222] vfs_write+0x69d/0x770 [ 162.119745][T11222] ksys_write+0xce/0x180 [ 162.123970][T11222] __x64_sys_write+0x3e/0x50 [ 162.128548][T11222] do_syscall_64+0x3d/0x90 [ 162.132952][T11222] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 162.138833][T11222] RIP: 0033:0x4665e9 [ 162.142765][T11222] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 162.162368][T11222] RSP: 002b:00007f6884076188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 162.170770][T11222] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 162.178786][T11222] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000004 [ 162.186830][T11222] RBP: 00007f68840761d0 R08: 0000000000000000 R09: 0000000000000000 [ 162.194923][T11222] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 162.203060][T11222] R13: 00007ffde1a7070f R14: 00007f6884076300 R15: 0000000000022000 [ 162.216423][T11231] loop2: detected capacity change from 0 to 16 [ 162.237522][T11240] FAULT_INJECTION: forcing a failure. [ 162.237522][T11240] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 162.250595][T11240] CPU: 0 PID: 11240 Comm: syz-executor.2 Not tainted 5.14.0-rc6-syzkaller #0 [ 162.259433][T11240] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 162.269579][T11240] Call Trace: [ 162.272927][T11240] dump_stack_lvl+0xb7/0x103 [ 162.277520][T11240] dump_stack+0x11/0x1a [ 162.281675][T11240] should_fail+0x23c/0x250 08:50:51 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8) splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x25) 08:50:51 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xffe8, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:51 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, 0x0, 0x0) 08:50:51 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0x8008, 0xf000) 08:50:51 executing program 5 (fault-call:7 fault-nth:12): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) [ 162.286133][T11240] should_fail_usercopy+0x16/0x20 [ 162.291270][T11240] _copy_from_user+0x1c/0xd0 [ 162.295904][T11240] kstrtouint_from_user+0x6f/0x130 [ 162.301019][T11240] ? _copy_to_user+0x77/0x90 [ 162.305613][T11240] ? fsnotify_perm+0x59/0x2e0 [ 162.310285][T11240] proc_fail_nth_write+0x38/0x140 [ 162.315547][T11240] ? proc_fail_nth_read+0x140/0x140 [ 162.320731][T11240] vfs_write+0x1f3/0x770 [ 162.324969][T11240] ? __fget_light+0x21b/0x260 [ 162.329619][T11240] ? __cond_resched+0x11/0x40 [ 162.334324][T11240] ksys_write+0xce/0x180 [ 162.338552][T11240] __x64_sys_write+0x3e/0x50 [ 162.343173][T11240] do_syscall_64+0x3d/0x90 [ 162.347580][T11240] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 162.353625][T11240] RIP: 0033:0x4192cf [ 162.357497][T11240] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48 [ 162.377130][T11240] RSP: 002b:00007f6378f51170 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 08:50:51 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:51 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xfffc, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:51 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x34000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 162.385611][T11240] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000004192cf [ 162.393565][T11240] RDX: 0000000000000001 RSI: 00007f6378f511e0 RDI: 0000000000000007 [ 162.401608][T11240] RBP: 00007f6378f511d0 R08: 0000000000000000 R09: 0000000000000000 [ 162.409661][T11240] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 162.417627][T11240] R13: 00007ffe6f0dae5f R14: 00007f6378f51300 R15: 0000000000022000 [ 162.465843][T11259] net_ratelimit: 18 callbacks suppressed [ 162.465855][T11259] IPv4: Oversized IP packet from 127.0.0.1 [ 162.477379][ C1] IPv4: Oversized IP packet from 127.0.0.1 [ 162.489850][T11265] loop3: detected capacity change from 0 to 16 [ 162.506852][T11272] loop2: detected capacity change from 0 to 16 08:50:51 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0xa00, 0xf000) 08:50:51 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x400300, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:51 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0x2, 0xf000) [ 162.522067][T11277] loop4: detected capacity change from 0 to 16 [ 162.529519][T11278] loop5: detected capacity change from 0 to 16 08:50:51 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0xca00, 0xf000) [ 162.569716][T11286] IPv4: Oversized IP packet from 127.0.0.1 [ 162.575861][ C1] IPv4: Oversized IP packet from 127.0.0.1 [ 162.583328][T11278] FAULT_INJECTION: forcing a failure. [ 162.583328][T11278] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 162.596583][T11278] CPU: 1 PID: 11278 Comm: syz-executor.5 Not tainted 5.14.0-rc6-syzkaller #0 [ 162.605359][T11278] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 162.615477][T11278] Call Trace: [ 162.618752][T11278] dump_stack_lvl+0xb7/0x103 [ 162.623322][T11278] dump_stack+0x11/0x1a [ 162.627501][T11278] should_fail+0x23c/0x250 [ 162.631901][T11278] __alloc_pages+0x102/0x320 [ 162.636538][T11278] alloc_pages+0x2e8/0x340 [ 162.640939][T11278] __page_cache_alloc+0x4d/0xf0 [ 162.645900][T11278] pagecache_get_page+0x5f4/0x900 [ 162.650906][T11278] grab_cache_page_write_begin+0x3f/0x70 [ 162.656643][T11278] cont_write_begin+0x501/0x850 [ 162.661559][T11278] fat_write_begin+0x61/0xf0 [ 162.666125][T11278] ? fat_block_truncate_page+0x30/0x30 [ 162.671600][T11278] generic_perform_write+0x196/0x3c0 [ 162.677091][T11278] ? fat_write_begin+0xf0/0xf0 [ 162.681830][T11278] __generic_file_write_iter+0x202/0x300 [ 162.687500][T11278] ? generic_write_checks+0x250/0x290 [ 162.693149][T11278] generic_file_write_iter+0x75/0x130 [ 162.698580][T11278] vfs_write+0x69d/0x770 [ 162.702813][T11278] ksys_write+0xce/0x180 [ 162.707052][T11278] __x64_sys_write+0x3e/0x50 [ 162.711688][T11278] do_syscall_64+0x3d/0x90 [ 162.716207][T11278] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 162.722096][T11278] RIP: 0033:0x4665e9 [ 162.725985][T11278] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 162.745593][T11278] RSP: 002b:00007f6884076188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 162.754006][T11278] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 162.754727][T11299] loop3: detected capacity change from 0 to 16 [ 162.761974][T11278] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000004 [ 162.762000][T11278] RBP: 00007f68840761d0 R08: 0000000000000000 R09: 0000000000000000 [ 162.762010][T11278] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 162.792019][T11278] R13: 00007ffde1a7070f R14: 00007f6884076300 R15: 0000000000022000 [ 162.807957][T11290] loop2: detected capacity change from 0 to 16 [ 162.844612][T11309] loop4: detected capacity change from 0 to 16 08:50:52 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8) splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x30) 08:50:52 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xe0ffff, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:52 executing program 3 (fault-call:8 fault-nth:0): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:50:52 executing program 5 (fault-call:7 fault-nth:13): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:52 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0x3, 0xf000) 08:50:52 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0xcc00, 0xf000) 08:50:52 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x1000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 163.166506][T11329] loop4: detected capacity change from 0 to 16 [ 163.176882][T11332] loop2: detected capacity change from 0 to 16 [ 163.210565][T11339] loop3: detected capacity change from 0 to 16 [ 163.217033][T11340] loop5: detected capacity change from 0 to 16 [ 163.240723][T11339] FAULT_INJECTION: forcing a failure. [ 163.240723][T11339] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 163.243659][T11340] FAULT_INJECTION: forcing a failure. [ 163.243659][T11340] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 163.254247][T11339] CPU: 1 PID: 11339 Comm: syz-executor.3 Not tainted 5.14.0-rc6-syzkaller #0 [ 163.276070][T11339] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 163.286288][T11339] Call Trace: [ 163.289551][T11339] dump_stack_lvl+0xb7/0x103 [ 163.294139][T11339] dump_stack+0x11/0x1a [ 163.298330][T11339] should_fail+0x23c/0x250 [ 163.302831][T11339] __alloc_pages+0x102/0x320 [ 163.307412][T11339] alloc_pages+0x2e8/0x340 [ 163.311898][T11339] __page_cache_alloc+0x4d/0xf0 [ 163.316754][T11339] pagecache_get_page+0x5f4/0x900 [ 163.321765][T11339] grab_cache_page_write_begin+0x3f/0x70 [ 163.327409][T11339] cont_write_begin+0x501/0x850 [ 163.332260][T11339] fat_write_begin+0x61/0xf0 [ 163.336840][T11339] ? fat_block_truncate_page+0x30/0x30 [ 163.342307][T11339] generic_perform_write+0x196/0x3c0 [ 163.347885][T11339] __generic_file_write_iter+0x202/0x300 [ 163.353500][T11339] ? generic_write_checks+0x250/0x290 [ 163.359038][T11339] generic_file_write_iter+0x75/0x130 [ 163.364413][T11339] vfs_write+0x69d/0x770 [ 163.368647][T11339] ksys_write+0xce/0x180 [ 163.373160][T11339] __x64_sys_write+0x3e/0x50 [ 163.377828][T11339] do_syscall_64+0x3d/0x90 [ 163.382314][T11339] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 163.388202][T11339] RIP: 0033:0x4665e9 [ 163.392265][T11339] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 163.412845][T11339] RSP: 002b:00007f654f380188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 163.421442][T11339] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 163.430495][T11339] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006 [ 163.438688][T11339] RBP: 00007f654f3801d0 R08: 0000000000000000 R09: 0000000000000000 [ 163.446848][T11339] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 163.455075][T11339] R13: 00007fff92e1b66f R14: 00007f654f380300 R15: 0000000000022000 [ 163.463099][T11340] CPU: 0 PID: 11340 Comm: syz-executor.5 Not tainted 5.14.0-rc6-syzkaller #0 [ 163.469043][T11350] IPv4: Oversized IP packet from 127.0.0.1 [ 163.472333][T11340] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 163.472346][T11340] Call Trace: [ 163.472352][T11340] dump_stack_lvl+0xb7/0x103 [ 163.478583][ C1] IPv4: Oversized IP packet from 127.0.0.1 [ 163.488585][T11340] dump_stack+0x11/0x1a [ 163.488603][T11340] should_fail+0x23c/0x250 08:50:52 executing program 3 (fault-call:8 fault-nth:1): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:50:52 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0xcd00, 0xf000) 08:50:52 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0x4, 0xf000) [ 163.511446][T11340] should_fail_usercopy+0x16/0x20 [ 163.516482][T11340] copy_page_from_iter_atomic+0x2c1/0xba0 [ 163.522205][T11340] ? fat_write_begin+0x61/0xf0 [ 163.526993][T11340] ? fat_block_truncate_page+0x30/0x30 [ 163.532589][T11340] ? fat_write_begin+0x79/0xf0 [ 163.537347][T11340] generic_perform_write+0x1df/0x3c0 [ 163.542683][T11340] ? fat_write_begin+0xf0/0xf0 [ 163.547456][T11340] __generic_file_write_iter+0x202/0x300 [ 163.553168][T11340] ? generic_write_checks+0x250/0x290 [ 163.558658][T11340] generic_file_write_iter+0x75/0x130 [ 163.564210][T11340] vfs_write+0x69d/0x770 [ 163.568611][T11340] ksys_write+0xce/0x180 [ 163.573077][T11340] __x64_sys_write+0x3e/0x50 [ 163.577649][T11340] do_syscall_64+0x3d/0x90 [ 163.582063][T11340] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 163.588048][T11340] RIP: 0033:0x4665e9 [ 163.591928][T11340] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 08:50:52 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x2000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:52 executing program 5 (fault-call:7 fault-nth:14): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) [ 163.611872][T11340] RSP: 002b:00007f6884076188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 163.620258][T11340] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 163.628212][T11340] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000004 [ 163.636215][T11340] RBP: 00007f68840761d0 R08: 0000000000000000 R09: 0000000000000000 [ 163.644315][T11340] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 163.652285][T11340] R13: 00007ffde1a7070f R14: 00007f6884076300 R15: 0000000000022000 [ 163.685979][T11360] IPv4: Oversized IP packet from 127.0.0.1 [ 163.691868][ C1] IPv4: Oversized IP packet from 127.0.0.1 [ 163.726795][T11374] loop3: detected capacity change from 0 to 16 [ 163.741690][T11376] loop2: detected capacity change from 0 to 16 [ 163.742347][T11378] loop4: detected capacity change from 0 to 16 [ 163.764644][T11379] loop5: detected capacity change from 0 to 16 [ 163.770098][T11374] FAULT_INJECTION: forcing a failure. [ 163.770098][T11374] name failslab, interval 1, probability 0, space 0, times 0 [ 163.783718][T11374] CPU: 0 PID: 11374 Comm: syz-executor.3 Not tainted 5.14.0-rc6-syzkaller #0 [ 163.791498][T11379] FAULT_INJECTION: forcing a failure. [ 163.791498][T11379] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 163.792657][T11374] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 163.792670][T11374] Call Trace: [ 163.792677][T11374] dump_stack_lvl+0xb7/0x103 [ 163.824344][T11374] dump_stack+0x11/0x1a [ 163.828507][T11374] should_fail+0x23c/0x250 [ 163.833043][T11374] ? fat_cache_add+0x219/0x570 [ 163.837882][T11374] __should_failslab+0x81/0x90 [ 163.842675][T11374] should_failslab+0x5/0x20 [ 163.847404][T11374] kmem_cache_alloc+0x46/0x2e0 [ 163.852152][T11374] fat_cache_add+0x219/0x570 [ 163.856817][T11374] fat_get_cluster+0x58e/0x870 [ 163.861911][T11374] ? __brelse+0x2c/0x50 [ 163.866639][T11374] fat_get_mapped_cluster+0xd0/0x250 [ 163.872314][T11374] fat_bmap+0x258/0x290 [ 163.876547][T11374] fat_get_block+0x36d/0x5a0 [ 163.881444][T11374] __block_write_begin_int+0x4a2/0x1060 [ 163.887078][T11374] ? fat_block_truncate_page+0x30/0x30 [ 163.892803][T11374] ? wait_for_stable_page+0x56/0x70 [ 163.897992][T11374] cont_write_begin+0x522/0x850 [ 163.902851][T11374] fat_write_begin+0x61/0xf0 [ 163.907437][T11374] ? fat_block_truncate_page+0x30/0x30 [ 163.913013][T11374] generic_perform_write+0x196/0x3c0 [ 163.918379][T11374] __generic_file_write_iter+0x202/0x300 [ 163.924083][T11374] ? generic_write_checks+0x250/0x290 [ 163.929620][T11374] generic_file_write_iter+0x75/0x130 [ 163.935007][T11374] vfs_write+0x69d/0x770 [ 163.939243][T11374] ksys_write+0xce/0x180 [ 163.943556][T11374] __x64_sys_write+0x3e/0x50 [ 163.948141][T11374] do_syscall_64+0x3d/0x90 [ 163.952543][T11374] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 163.958424][T11374] RIP: 0033:0x4665e9 [ 163.962321][T11374] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 163.981911][T11374] RSP: 002b:00007f654f380188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 163.990317][T11374] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 163.998881][T11374] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006 [ 164.006961][T11374] RBP: 00007f654f3801d0 R08: 0000000000000000 R09: 0000000000000000 [ 164.015024][T11374] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 164.023265][T11374] R13: 00007fff92e1b66f R14: 00007f654f380300 R15: 0000000000022000 [ 164.031246][T11379] CPU: 1 PID: 11379 Comm: syz-executor.5 Not tainted 5.14.0-rc6-syzkaller #0 [ 164.040241][T11379] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 164.050304][T11379] Call Trace: [ 164.053579][T11379] dump_stack_lvl+0xb7/0x103 [ 164.058376][T11379] dump_stack+0x11/0x1a [ 164.062712][T11379] should_fail+0x23c/0x250 [ 164.067157][T11379] __alloc_pages+0x102/0x320 [ 164.071742][T11379] alloc_pages+0x2e8/0x340 08:50:53 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8) splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x48) 08:50:53 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x3000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:53 executing program 3 (fault-call:8 fault-nth:2): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) [ 164.076158][T11379] __page_cache_alloc+0x4d/0xf0 [ 164.081134][T11379] pagecache_get_page+0x5f4/0x900 [ 164.086646][T11379] grab_cache_page_write_begin+0x3f/0x70 [ 164.092311][T11379] cont_write_begin+0x501/0x850 [ 164.097296][T11379] fat_write_begin+0x61/0xf0 [ 164.101984][T11379] ? fat_block_truncate_page+0x30/0x30 [ 164.107472][T11379] generic_perform_write+0x196/0x3c0 [ 164.112829][T11379] ? fat_write_begin+0xf0/0xf0 [ 164.122491][T11379] __generic_file_write_iter+0x202/0x300 08:50:53 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0x5, 0xf000) [ 164.128145][T11379] ? generic_write_checks+0x250/0x290 [ 164.133522][T11379] generic_file_write_iter+0x75/0x130 [ 164.139027][T11379] vfs_write+0x69d/0x770 [ 164.143300][T11379] ksys_write+0xce/0x180 [ 164.147739][T11379] __x64_sys_write+0x3e/0x50 [ 164.152333][T11379] do_syscall_64+0x3d/0x90 [ 164.156764][T11379] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 164.158064][T11395] IPv4: Oversized IP packet from 127.0.0.1 [ 164.162697][T11379] RIP: 0033:0x4665e9 [ 164.162716][T11379] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 164.162735][T11379] RSP: 002b:00007f6884076188 EFLAGS: 00000246 [ 164.168672][ C0] IPv4: Oversized IP packet from 127.0.0.1 [ 164.172513][T11379] ORIG_RAX: 0000000000000001 [ 164.172521][T11379] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 164.218689][T11379] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000004 08:50:53 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x4000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:53 executing program 5 (fault-call:7 fault-nth:15): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) [ 164.226649][T11379] RBP: 00007f68840761d0 R08: 0000000000000000 R09: 0000000000000000 [ 164.234806][T11379] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 164.243411][T11379] R13: 00007ffde1a7070f R14: 00007f6884076300 R15: 0000000000022000 08:50:53 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0xdfff, 0xf000) [ 164.292937][T11405] loop3: detected capacity change from 0 to 16 [ 164.304763][T11409] loop2: detected capacity change from 0 to 16 [ 164.340619][T11419] loop5: detected capacity change from 0 to 16 [ 164.343111][T11405] FAULT_INJECTION: forcing a failure. [ 164.343111][T11405] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 164.360746][T11405] CPU: 0 PID: 11405 Comm: syz-executor.3 Not tainted 5.14.0-rc6-syzkaller #0 [ 164.369640][T11405] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 164.372517][T11419] FAULT_INJECTION: forcing a failure. [ 164.372517][T11419] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 164.379693][T11405] Call Trace: [ 164.379703][T11405] dump_stack_lvl+0xb7/0x103 [ 164.379728][T11405] dump_stack+0x11/0x1a [ 164.379743][T11405] should_fail+0x23c/0x250 [ 164.409269][T11405] should_fail_usercopy+0x16/0x20 [ 164.414332][T11405] copy_page_from_iter_atomic+0x2c1/0xba0 [ 164.420312][T11405] ? fat_write_begin+0x61/0xf0 [ 164.425111][T11405] ? fat_block_truncate_page+0x30/0x30 [ 164.430908][T11405] ? fat_write_begin+0x79/0xf0 [ 164.435655][T11405] generic_perform_write+0x1df/0x3c0 [ 164.440929][T11405] __generic_file_write_iter+0x202/0x300 [ 164.446781][T11405] ? generic_write_checks+0x250/0x290 [ 164.452142][T11405] generic_file_write_iter+0x75/0x130 [ 164.457854][T11405] vfs_write+0x69d/0x770 [ 164.462086][T11405] ksys_write+0xce/0x180 [ 164.466321][T11405] __x64_sys_write+0x3e/0x50 [ 164.470924][T11405] do_syscall_64+0x3d/0x90 [ 164.475448][T11405] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 164.481851][T11405] RIP: 0033:0x4665e9 [ 164.485903][T11405] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 164.505825][T11405] RSP: 002b:00007f654f380188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 164.514484][T11405] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 164.522452][T11405] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006 [ 164.530594][T11405] RBP: 00007f654f3801d0 R08: 0000000000000000 R09: 0000000000000000 08:50:53 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0x6, 0xf000) [ 164.538550][T11405] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 164.546702][T11405] R13: 00007fff92e1b66f R14: 00007f654f380300 R15: 0000000000022000 [ 164.555345][T11419] CPU: 1 PID: 11419 Comm: syz-executor.5 Not tainted 5.14.0-rc6-syzkaller #0 [ 164.564319][T11419] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 164.574588][T11419] Call Trace: [ 164.577862][T11419] dump_stack_lvl+0xb7/0x103 [ 164.582491][T11419] dump_stack+0x11/0x1a [ 164.586896][T11419] should_fail+0x23c/0x250 08:50:53 executing program 3 (fault-call:8 fault-nth:3): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:50:53 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x5000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 164.591543][T11419] should_fail_usercopy+0x16/0x20 [ 164.596627][T11419] copy_page_from_iter_atomic+0x2c1/0xba0 [ 164.602448][T11419] ? fat_write_begin+0x61/0xf0 [ 164.607223][T11419] ? fat_block_truncate_page+0x30/0x30 [ 164.612730][T11419] ? fat_write_begin+0x79/0xf0 [ 164.617492][T11419] generic_perform_write+0x1df/0x3c0 [ 164.622798][T11419] ? fat_write_begin+0xf0/0xf0 [ 164.627588][T11419] __generic_file_write_iter+0x202/0x300 [ 164.633967][T11419] ? generic_write_checks+0x250/0x290 08:50:53 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0xeffd, 0xf000) [ 164.634839][T11425] loop4: detected capacity change from 0 to 16 [ 164.639430][T11419] generic_file_write_iter+0x75/0x130 [ 164.639458][T11419] vfs_write+0x69d/0x770 [ 164.655283][T11419] ksys_write+0xce/0x180 [ 164.659562][T11419] __x64_sys_write+0x3e/0x50 [ 164.664280][T11419] do_syscall_64+0x3d/0x90 [ 164.668790][T11419] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 164.674986][T11419] RIP: 0033:0x4665e9 [ 164.678878][T11419] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 164.698731][T11419] RSP: 002b:00007f6884076188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 164.707144][T11419] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 164.715112][T11419] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000004 [ 164.723311][T11419] RBP: 00007f68840761d0 R08: 0000000000000000 R09: 0000000000000000 [ 164.731317][T11419] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 164.739374][T11419] R13: 00007ffde1a7070f R14: 00007f6884076300 R15: 0000000000022000 [ 164.751001][T11419] handle_bad_sector: 88 callbacks suppressed [ 164.751010][T11419] attempt to access beyond end of device [ 164.751010][T11419] loop5: rw=2049, want=122, limit=16 [ 164.768586][T11419] attempt to access beyond end of device [ 164.768586][T11419] loop5: rw=2049, want=123, limit=16 [ 164.779409][T11419] buffer_io_error: 68 callbacks suppressed [ 164.779419][T11419] Buffer I/O error on dev loop5, logical block 122, lost async page write [ 164.793896][T11419] attempt to access beyond end of device [ 164.793896][T11419] loop5: rw=2049, want=124, limit=16 [ 164.804968][T11419] Buffer I/O error on dev loop5, logical block 123, lost async page write 08:50:53 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x6000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 164.833034][T11447] loop2: detected capacity change from 0 to 16 [ 164.839809][T11419] attempt to access beyond end of device [ 164.839809][T11419] loop5: rw=2049, want=125, limit=16 [ 164.847504][T11448] loop3: detected capacity change from 0 to 16 [ 164.850727][T11419] Buffer I/O error on dev loop5, logical block 124, lost async page write [ 164.865902][T11448] FAULT_INJECTION: forcing a failure. [ 164.865902][T11448] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 164.870386][T11454] loop4: detected capacity change from 0 to 16 [ 164.880112][T11448] CPU: 0 PID: 11448 Comm: syz-executor.3 Not tainted 5.14.0-rc6-syzkaller #0 [ 164.889955][T11419] attempt to access beyond end of device [ 164.889955][T11419] loop5: rw=2049, want=126, limit=16 [ 164.895160][T11448] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 164.895173][T11448] Call Trace: [ 164.895181][T11448] dump_stack_lvl+0xb7/0x103 [ 164.905927][T11419] Buffer I/O error on dev loop5, logical block 125, lost async page write [ 164.916111][T11448] dump_stack+0x11/0x1a [ 164.920457][T11419] attempt to access beyond end of device [ 164.920457][T11419] loop5: rw=2049, want=127, limit=16 [ 164.924000][T11448] should_fail+0x23c/0x250 [ 164.932631][T11419] Buffer I/O error on dev loop5, logical block 126, lost async page write [ 164.936708][T11448] __alloc_pages+0x102/0x320 [ 164.965221][T11448] alloc_pages+0x2e8/0x340 [ 164.969847][T11448] __page_cache_alloc+0x4d/0xf0 [ 164.971293][T11447] attempt to access beyond end of device [ 164.971293][T11447] loop2: rw=2049, want=123, limit=16 [ 164.974730][T11448] pagecache_get_page+0x5f4/0x900 [ 164.985778][T11447] Buffer I/O error on dev loop2, logical block 122, lost async page write [ 164.990757][T11448] grab_cache_page_write_begin+0x3f/0x70 [ 165.002325][T11454] attempt to access beyond end of device [ 165.002325][T11454] loop4: rw=2049, want=124, limit=16 [ 165.005094][T11448] cont_write_begin+0x501/0x850 [ 165.020940][T11448] fat_write_begin+0x61/0xf0 [ 165.025621][T11448] ? fat_block_truncate_page+0x30/0x30 [ 165.031121][T11448] generic_perform_write+0x196/0x3c0 [ 165.036423][T11448] ? fat_write_begin+0xf0/0xf0 [ 165.041302][T11448] __generic_file_write_iter+0x202/0x300 [ 165.047050][T11448] ? generic_write_checks+0x250/0x290 [ 165.052512][T11448] generic_file_write_iter+0x75/0x130 [ 165.057894][T11448] vfs_write+0x69d/0x770 [ 165.062200][T11448] ksys_write+0xce/0x180 [ 165.066501][T11448] __x64_sys_write+0x3e/0x50 [ 165.067062][T11419] attempt to access beyond end of device [ 165.067062][T11419] loop5: rw=2049, want=128, limit=16 [ 165.071093][T11448] do_syscall_64+0x3d/0x90 [ 165.071126][T11448] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 165.082107][T11419] Buffer I/O error on dev loop5, logical block 127, lost async page write [ 165.086465][T11448] RIP: 0033:0x4665e9 [ 165.101922][T11447] attempt to access beyond end of device [ 165.101922][T11447] loop2: rw=2049, want=124, limit=16 08:50:54 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8) splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x4c) 08:50:54 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0xf000, 0xf000) [ 165.104901][T11448] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 165.104920][T11448] RSP: 002b:00007f654f380188 EFLAGS: 00000246 [ 165.115860][T11447] Buffer I/O error on dev loop2, logical block 123, lost async page write [ 165.135725][T11448] ORIG_RAX: 0000000000000001 [ 165.135734][T11448] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 165.135744][T11448] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006 [ 165.143585][T11447] Buffer I/O error on dev loop2, logical block 124, lost async page write 08:50:54 executing program 5 (fault-call:7 fault-nth:16): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:54 executing program 3 (fault-call:8 fault-nth:4): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:50:54 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x7000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 165.150570][T11448] RBP: 00007f654f3801d0 R08: 0000000000000000 R09: 0000000000000000 [ 165.150585][T11448] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 165.150596][T11448] R13: 00007fff92e1b66f R14: 00007f654f380300 R15: 0000000000022000 [ 165.206253][T11447] Buffer I/O error on dev loop2, logical block 125, lost async page write [ 165.257314][T11482] loop5: detected capacity change from 0 to 16 [ 165.269933][T11482] FAULT_INJECTION: forcing a failure. [ 165.269933][T11482] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 165.275442][T11485] loop3: detected capacity change from 0 to 16 [ 165.283279][T11482] CPU: 0 PID: 11482 Comm: syz-executor.5 Not tainted 5.14.0-rc6-syzkaller #0 [ 165.291690][T11486] loop4: detected capacity change from 0 to 16 [ 165.298476][T11482] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 165.298491][T11482] Call Trace: [ 165.298498][T11482] dump_stack_lvl+0xb7/0x103 [ 165.298520][T11482] dump_stack+0x11/0x1a [ 165.298534][T11482] should_fail+0x23c/0x250 [ 165.332092][T11482] __alloc_pages+0x102/0x320 [ 165.336842][T11482] alloc_pages+0x2e8/0x340 [ 165.341252][T11482] __page_cache_alloc+0x4d/0xf0 [ 165.346212][T11482] pagecache_get_page+0x5f4/0x900 [ 165.351482][T11482] grab_cache_page_write_begin+0x3f/0x70 [ 165.357102][T11482] cont_write_begin+0x501/0x850 [ 165.361984][T11482] fat_write_begin+0x61/0xf0 [ 165.366592][T11482] ? fat_block_truncate_page+0x30/0x30 [ 165.372299][T11482] generic_perform_write+0x196/0x3c0 [ 165.377807][T11482] ? fat_write_begin+0xf0/0xf0 [ 165.382602][T11482] __generic_file_write_iter+0x202/0x300 [ 165.388230][T11482] ? generic_write_checks+0x250/0x290 [ 165.393784][T11482] generic_file_write_iter+0x75/0x130 [ 165.399218][T11482] vfs_write+0x69d/0x770 [ 165.403448][T11482] ksys_write+0xce/0x180 [ 165.407758][T11482] __x64_sys_write+0x3e/0x50 [ 165.412373][T11482] do_syscall_64+0x3d/0x90 [ 165.416773][T11482] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 165.422662][T11482] RIP: 0033:0x4665e9 [ 165.426650][T11482] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 165.446341][T11482] RSP: 002b:00007f6884076188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 08:50:54 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0x7, 0xf000) 08:50:54 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x8000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 165.454969][T11482] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 165.463011][T11482] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000004 [ 165.471055][T11482] RBP: 00007f68840761d0 R08: 0000000000000000 R09: 0000000000000000 [ 165.479019][T11482] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 165.487123][T11482] R13: 00007ffde1a7070f R14: 00007f6884076300 R15: 0000000000022000 08:50:54 executing program 5 (fault-call:7 fault-nth:17): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) [ 165.518367][T11493] FAULT_INJECTION: forcing a failure. [ 165.518367][T11493] name failslab, interval 1, probability 0, space 0, times 0 [ 165.531682][T11493] CPU: 1 PID: 11493 Comm: syz-executor.3 Not tainted 5.14.0-rc6-syzkaller #0 [ 165.540450][T11493] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 165.550728][T11493] Call Trace: [ 165.554089][T11493] dump_stack_lvl+0xb7/0x103 [ 165.559580][T11493] dump_stack+0x11/0x1a [ 165.560947][T11497] loop2: detected capacity change from 0 to 16 [ 165.563746][T11493] should_fail+0x23c/0x250 [ 165.563825][T11493] ? ext4_mb_new_blocks+0x2e7/0x1f90 [ 165.563848][T11493] __should_failslab+0x81/0x90 [ 165.584843][T11493] should_failslab+0x5/0x20 [ 165.589690][T11493] kmem_cache_alloc+0x46/0x2e0 [ 165.594556][T11493] ext4_mb_new_blocks+0x2e7/0x1f90 [ 165.599751][T11493] ? ext4_find_extent+0x6cf/0x7f0 [ 165.604800][T11493] ? ext4_ext_search_right+0x300/0x540 [ 165.610342][T11493] ? ext4_inode_to_goal_block+0x1bd/0x1d0 [ 165.616221][T11493] ext4_ext_map_blocks+0x1569/0x1f00 [ 165.621520][T11493] ? __down_write_common+0x42/0x810 [ 165.626703][T11493] ? __down_read_common+0x16d/0x530 [ 165.631907][T11493] ? percpu_counter_add_batch+0x69/0xd0 [ 165.637463][T11493] ? ext4_es_lookup_extent+0x206/0x490 [ 165.642939][T11493] ext4_map_blocks+0x70d/0xef0 [ 165.647703][T11493] ? ext4_iomap_begin+0x3f7/0x620 [ 165.652710][T11493] ? __cond_resched+0x11/0x40 [ 165.657386][T11493] ext4_iomap_begin+0x4a0/0x620 [ 165.662232][T11493] iomap_apply+0x8d/0x400 [ 165.666602][T11493] ? rmqueue+0x4a/0xcc0 [ 165.670743][T11493] __iomap_dio_rw+0x62e/0xa60 [ 165.675476][T11493] ? __iomap_dio_rw+0xa60/0xa60 [ 165.680367][T11493] iomap_dio_rw+0x30/0x70 [ 165.684709][T11493] ? ext4_file_write_iter+0x4d1/0x11d0 [ 165.690324][T11493] ext4_file_write_iter+0xa04/0x11d0 [ 165.695609][T11493] ? ext4_file_write_iter+0x4d1/0x11d0 [ 165.701050][T11493] ? iov_iter_init+0xb1/0xf0 [ 165.705642][T11493] vfs_write+0x69d/0x770 [ 165.710030][T11493] ksys_write+0xce/0x180 [ 165.714351][T11493] __x64_sys_write+0x3e/0x50 [ 165.719291][T11493] do_syscall_64+0x3d/0x90 [ 165.723700][T11493] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 165.730187][T11493] RIP: 0033:0x4665e9 [ 165.734063][T11493] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 165.753674][T11493] RSP: 002b:00007f654f35f188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 165.762341][T11493] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665e9 [ 165.770375][T11493] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000007 [ 165.778413][T11493] RBP: 00007f654f35f1d0 R08: 0000000000000000 R09: 0000000000000000 [ 165.786374][T11493] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 165.794392][T11493] R13: 00007fff92e1b66f R14: 00007f654f35f300 R15: 0000000000022000 08:50:54 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x9000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:54 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0xf60f, 0xf000) [ 165.868221][T11511] loop5: detected capacity change from 0 to 16 08:50:54 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xa000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:54 executing program 3 (fault-call:8 fault-nth:5): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) [ 165.910054][T11511] FAULT_INJECTION: forcing a failure. [ 165.910054][T11511] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 165.923424][T11511] CPU: 1 PID: 11511 Comm: syz-executor.5 Not tainted 5.14.0-rc6-syzkaller #0 [ 165.932439][T11511] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 165.942610][T11511] Call Trace: [ 165.946020][T11511] dump_stack_lvl+0xb7/0x103 [ 165.948964][T11527] loop4: detected capacity change from 0 to 16 [ 165.950619][T11511] dump_stack+0x11/0x1a [ 165.950639][T11511] should_fail+0x23c/0x250 [ 165.965543][T11511] should_fail_usercopy+0x16/0x20 [ 165.970700][T11511] copy_page_from_iter_atomic+0x2c1/0xba0 [ 165.976529][T11511] ? fat_write_begin+0x61/0xf0 [ 165.981289][T11511] ? fat_block_truncate_page+0x30/0x30 [ 165.986991][T11511] ? fat_write_begin+0x79/0xf0 [ 165.991835][T11511] generic_perform_write+0x1df/0x3c0 [ 165.997114][T11511] ? fat_write_begin+0xf0/0xf0 [ 166.001884][T11511] __generic_file_write_iter+0x202/0x300 [ 166.007603][T11511] ? generic_write_checks+0x250/0x290 [ 166.013130][T11511] generic_file_write_iter+0x75/0x130 [ 166.018588][T11511] vfs_write+0x69d/0x770 [ 166.022903][T11511] ksys_write+0xce/0x180 [ 166.027171][T11511] __x64_sys_write+0x3e/0x50 [ 166.032114][T11511] do_syscall_64+0x3d/0x90 [ 166.036528][T11511] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 166.042585][T11511] RIP: 0033:0x4665e9 [ 166.046495][T11511] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 166.066637][T11511] RSP: 002b:00007f6884076188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 166.075138][T11511] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 166.083429][T11511] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000004 [ 166.091400][T11511] RBP: 00007f68840761d0 R08: 0000000000000000 R09: 0000000000000000 [ 166.099406][T11511] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 166.107545][T11511] R13: 00007ffde1a7070f R14: 00007f6884076300 R15: 0000000000022000 08:50:55 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8) splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x60) 08:50:55 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0x8, 0xf000) [ 166.131318][T11533] loop3: detected capacity change from 0 to 16 [ 166.168853][T11544] loop2: detected capacity change from 0 to 16 [ 166.174278][T11533] FAULT_INJECTION: forcing a failure. 08:50:55 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xb000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:55 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0x9, 0xf000) [ 166.174278][T11533] name failslab, interval 1, probability 0, space 0, times 0 [ 166.188700][T11533] CPU: 1 PID: 11533 Comm: syz-executor.3 Not tainted 5.14.0-rc6-syzkaller #0 [ 166.197722][T11533] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 166.207776][T11533] Call Trace: [ 166.211444][T11533] dump_stack_lvl+0xb7/0x103 [ 166.216314][T11533] dump_stack+0x11/0x1a [ 166.220657][T11533] should_fail+0x23c/0x250 [ 166.225339][T11533] ? __es_insert_extent+0x51f/0xe70 08:50:55 executing program 5 (fault-call:7 fault-nth:18): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) [ 166.230791][T11533] __should_failslab+0x81/0x90 [ 166.236191][T11533] should_failslab+0x5/0x20 [ 166.240874][T11533] kmem_cache_alloc+0x46/0x2e0 [ 166.245702][T11533] __es_insert_extent+0x51f/0xe70 [ 166.250984][T11533] ? ext4_ext_map_blocks+0x10a8/0x1f00 [ 166.256521][T11533] ext4_es_insert_extent+0x1bb/0x19d0 [ 166.261899][T11533] ? percpu_counter_add_batch+0x69/0xd0 [ 166.267779][T11533] ? ext4_es_lookup_extent+0x206/0x490 [ 166.273288][T11533] ext4_map_blocks+0xa4c/0xef0 [ 166.278201][T11533] ? ext4_iomap_begin+0x3f7/0x620 [ 166.283535][T11533] ? __cond_resched+0x11/0x40 [ 166.288272][T11533] ext4_iomap_begin+0x4a0/0x620 [ 166.293235][T11533] iomap_apply+0x8d/0x400 [ 166.297856][T11533] __iomap_dio_rw+0x62e/0xa60 [ 166.302542][T11533] ? __iomap_dio_rw+0xa60/0xa60 [ 166.307384][T11533] iomap_dio_rw+0x30/0x70 [ 166.311792][T11533] ? ext4_file_write_iter+0x4d1/0x11d0 [ 166.317258][T11533] ext4_file_write_iter+0xa04/0x11d0 [ 166.322546][T11533] ? ext4_file_write_iter+0x4d1/0x11d0 [ 166.328510][T11533] ? iov_iter_init+0xb1/0xf0 [ 166.333086][T11533] vfs_write+0x69d/0x770 [ 166.337841][T11533] ksys_write+0xce/0x180 [ 166.342103][T11533] __x64_sys_write+0x3e/0x50 [ 166.346800][T11533] do_syscall_64+0x3d/0x90 [ 166.351476][T11533] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 166.357354][T11533] RIP: 0033:0x4665e9 [ 166.361409][T11533] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 08:50:55 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0xfdef, 0xf000) 08:50:55 executing program 3 (fault-call:8 fault-nth:6): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:50:55 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xc000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 166.381474][T11533] RSP: 002b:00007f654f380188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 166.389868][T11533] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 166.397948][T11533] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006 [ 166.405926][T11533] RBP: 00007f654f3801d0 R08: 0000000000000000 R09: 0000000000000000 [ 166.413934][T11533] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 166.421974][T11533] R13: 00007fff92e1b66f R14: 00007f654f380300 R15: 0000000000022000 08:50:55 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xd000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 166.504087][T11579] loop3: detected capacity change from 0 to 16 [ 166.513987][T11580] loop5: detected capacity change from 0 to 16 [ 166.526224][T11579] FAULT_INJECTION: forcing a failure. [ 166.526224][T11579] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 166.531413][T11582] loop2: detected capacity change from 0 to 16 [ 166.539494][T11579] CPU: 0 PID: 11579 Comm: syz-executor.3 Not tainted 5.14.0-rc6-syzkaller #0 08:50:55 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xe000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 166.554516][T11579] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 166.564773][T11579] Call Trace: [ 166.568404][T11579] dump_stack_lvl+0xb7/0x103 [ 166.573289][T11579] dump_stack+0x11/0x1a [ 166.577445][T11579] should_fail+0x23c/0x250 [ 166.581877][T11579] __alloc_pages+0x102/0x320 [ 166.586513][T11579] alloc_pages+0x2e8/0x340 [ 166.590952][T11579] __page_cache_alloc+0x4d/0xf0 [ 166.591511][T11583] loop4: detected capacity change from 0 to 16 [ 166.595879][T11579] pagecache_get_page+0x5f4/0x900 [ 166.607170][T11579] grab_cache_page_write_begin+0x3f/0x70 [ 166.612891][T11579] cont_write_begin+0x501/0x850 [ 166.617780][T11579] fat_write_begin+0x61/0xf0 [ 166.622424][T11579] ? fat_block_truncate_page+0x30/0x30 [ 166.627876][T11579] generic_perform_write+0x196/0x3c0 [ 166.633206][T11579] ? fat_write_begin+0xf0/0xf0 [ 166.638011][T11579] __generic_file_write_iter+0x202/0x300 [ 166.643674][T11579] ? generic_write_checks+0x250/0x290 [ 166.649046][T11579] generic_file_write_iter+0x75/0x130 [ 166.654510][T11579] vfs_write+0x69d/0x770 [ 166.658739][T11579] ksys_write+0xce/0x180 [ 166.662964][T11579] __x64_sys_write+0x3e/0x50 [ 166.667820][T11579] do_syscall_64+0x3d/0x90 [ 166.672225][T11579] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 166.678102][T11579] RIP: 0033:0x4665e9 [ 166.682024][T11579] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 166.702126][T11579] RSP: 002b:00007f654f380188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 166.710523][T11579] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 166.718520][T11579] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006 [ 166.726476][T11579] RBP: 00007f654f3801d0 R08: 0000000000000000 R09: 0000000000000000 [ 166.734517][T11579] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 166.742470][T11579] R13: 00007fff92e1b66f R14: 00007f654f380300 R15: 0000000000022000 08:50:55 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xf000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:55 executing program 3 (fault-call:8 fault-nth:7): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) [ 166.846531][T11614] loop3: detected capacity change from 0 to 16 [ 166.856490][T11614] FAULT_INJECTION: forcing a failure. [ 166.856490][T11614] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 166.869851][T11614] CPU: 0 PID: 11614 Comm: syz-executor.3 Not tainted 5.14.0-rc6-syzkaller #0 [ 166.878671][T11614] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 166.888813][T11614] Call Trace: [ 166.892089][T11614] dump_stack_lvl+0xb7/0x103 [ 166.896683][T11614] dump_stack+0x11/0x1a [ 166.900895][T11614] should_fail+0x23c/0x250 [ 166.905397][T11614] should_fail_usercopy+0x16/0x20 [ 166.910629][T11614] copy_page_from_iter_atomic+0x2c1/0xba0 [ 166.916863][T11614] ? fat_write_begin+0x61/0xf0 [ 166.921611][T11614] ? fat_block_truncate_page+0x30/0x30 [ 166.927051][T11614] ? fat_write_begin+0x79/0xf0 [ 166.931803][T11614] generic_perform_write+0x1df/0x3c0 [ 166.937107][T11614] ? fat_write_begin+0xf0/0xf0 [ 166.941889][T11614] __generic_file_write_iter+0x202/0x300 [ 166.948661][T11614] ? generic_write_checks+0x250/0x290 [ 166.954023][T11614] generic_file_write_iter+0x75/0x130 [ 166.959411][T11614] vfs_write+0x69d/0x770 [ 166.963933][T11614] ksys_write+0xce/0x180 [ 166.968161][T11614] __x64_sys_write+0x3e/0x50 [ 166.972726][T11614] do_syscall_64+0x3d/0x90 [ 166.977209][T11614] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 166.983121][T11614] RIP: 0033:0x4665e9 08:50:55 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8) splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x68) 08:50:55 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0xa, 0xf000) 08:50:55 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200), 0xf000) 08:50:55 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0xff0f, 0xf000) 08:50:55 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x10000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 166.986989][T11614] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 167.006836][T11614] RSP: 002b:00007f654f380188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 167.015251][T11614] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 167.023226][T11614] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006 [ 167.031258][T11614] RBP: 00007f654f3801d0 R08: 0000000000000000 R09: 0000000000000000 [ 167.039235][T11614] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 08:50:56 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x10080000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 167.047211][T11614] R13: 00007fff92e1b66f R14: 00007f654f380300 R15: 0000000000022000 [ 167.053108][T11627] loop4: detected capacity change from 0 to 16 [ 167.065846][T11624] loop2: detected capacity change from 0 to 16 [ 167.080509][T11632] loop5: detected capacity change from 0 to 16 08:50:56 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0xffdf, 0xf000) 08:50:56 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0xb, 0xf000) 08:50:56 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0x2, 0xf000) 08:50:56 executing program 3 (fault-call:8 fault-nth:8): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:50:56 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x11000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:56 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x12000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 167.192121][T11656] loop4: detected capacity change from 0 to 16 [ 167.216954][T11663] loop2: detected capacity change from 0 to 16 [ 167.224393][T11666] loop5: detected capacity change from 0 to 16 [ 167.247622][T11671] loop3: detected capacity change from 0 to 16 [ 167.299003][T11671] FAULT_INJECTION: forcing a failure. [ 167.299003][T11671] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 167.312378][T11671] CPU: 1 PID: 11671 Comm: syz-executor.3 Not tainted 5.14.0-rc6-syzkaller #0 [ 167.321137][T11671] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 167.331539][T11671] Call Trace: [ 167.334828][T11671] dump_stack_lvl+0xb7/0x103 [ 167.339598][T11671] dump_stack+0x11/0x1a [ 167.343902][T11671] should_fail+0x23c/0x250 [ 167.349332][T11671] __alloc_pages+0x102/0x320 [ 167.354184][T11671] alloc_pages+0x2e8/0x340 [ 167.358587][T11671] __page_cache_alloc+0x4d/0xf0 [ 167.363501][T11671] pagecache_get_page+0x5f4/0x900 [ 167.368530][T11671] grab_cache_page_write_begin+0x3f/0x70 [ 167.374155][T11671] cont_write_begin+0x501/0x850 [ 167.379102][T11671] fat_write_begin+0x61/0xf0 [ 167.383679][T11671] ? fat_block_truncate_page+0x30/0x30 [ 167.389135][T11671] generic_perform_write+0x196/0x3c0 [ 167.394583][T11671] ? fat_write_begin+0xf0/0xf0 [ 167.399326][T11671] __generic_file_write_iter+0x202/0x300 [ 167.404943][T11671] ? generic_write_checks+0x250/0x290 [ 167.410313][T11671] generic_file_write_iter+0x75/0x130 [ 167.415739][T11671] vfs_write+0x69d/0x770 [ 167.422059][T11671] ksys_write+0xce/0x180 [ 167.426375][T11671] __x64_sys_write+0x3e/0x50 [ 167.430953][T11671] do_syscall_64+0x3d/0x90 [ 167.435364][T11671] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 167.441286][T11671] RIP: 0033:0x4665e9 [ 167.445204][T11671] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 167.464795][T11671] RSP: 002b:00007f654f380188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 167.473192][T11671] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 167.481229][T11671] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006 [ 167.489199][T11671] RBP: 00007f654f3801d0 R08: 0000000000000000 R09: 0000000000000000 [ 167.497241][T11671] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 167.505194][T11671] R13: 00007fff92e1b66f R14: 00007f654f380300 R15: 0000000000022000 08:50:56 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8) splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x6c) 08:50:56 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x18000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:56 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0x1517f, 0xf000) 08:50:56 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0xc, 0xf000) 08:50:56 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0x3, 0xf000) 08:50:56 executing program 3 (fault-call:8 fault-nth:9): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) [ 167.901082][T11706] loop5: detected capacity change from 0 to 16 [ 167.906478][T11705] loop3: detected capacity change from 0 to 16 [ 167.909171][T11708] loop2: detected capacity change from 0 to 16 [ 167.923462][T11710] loop4: detected capacity change from 0 to 16 [ 167.928737][T11709] net_ratelimit: 30 callbacks suppressed [ 167.928749][T11709] IPv4: Oversized IP packet from 127.0.0.1 [ 167.941266][ C1] IPv4: Oversized IP packet from 127.0.0.1 [ 167.950131][T11705] FAULT_INJECTION: forcing a failure. [ 167.950131][T11705] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 167.964043][T11705] CPU: 1 PID: 11705 Comm: syz-executor.3 Not tainted 5.14.0-rc6-syzkaller #0 [ 167.972807][T11705] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 167.983038][T11705] Call Trace: [ 167.986337][T11705] dump_stack_lvl+0xb7/0x103 [ 167.991021][T11705] dump_stack+0x11/0x1a [ 167.995212][T11705] should_fail+0x23c/0x250 08:50:56 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0x20000, 0xf000) [ 167.999739][T11705] should_fail_usercopy+0x16/0x20 [ 168.004778][T11705] copy_page_from_iter_atomic+0x2c1/0xba0 [ 168.010593][T11705] ? fat_write_begin+0x61/0xf0 [ 168.015360][T11705] ? fat_block_truncate_page+0x30/0x30 [ 168.020869][T11705] ? fat_write_begin+0x79/0xf0 [ 168.025647][T11705] generic_perform_write+0x1df/0x3c0 [ 168.030947][T11705] ? fat_write_begin+0xf0/0xf0 [ 168.035754][T11705] __generic_file_write_iter+0x202/0x300 [ 168.041407][T11705] ? generic_write_checks+0x250/0x290 08:50:57 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0xd, 0xf000) 08:50:57 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0x4, 0xf000) [ 168.046906][T11705] generic_file_write_iter+0x75/0x130 [ 168.052411][T11705] vfs_write+0x69d/0x770 [ 168.056743][T11705] ksys_write+0xce/0x180 [ 168.061182][T11705] __x64_sys_write+0x3e/0x50 [ 168.066653][T11705] do_syscall_64+0x3d/0x90 [ 168.071170][T11705] ? irqentry_exit+0xe/0x30 [ 168.075744][T11705] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 168.081657][T11705] RIP: 0033:0x4665e9 [ 168.085609][T11705] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 168.105423][T11705] RSP: 002b:00007f654f380188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 168.113832][T11705] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 168.121791][T11705] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006 [ 168.130043][T11705] RBP: 00007f654f3801d0 R08: 0000000000000000 R09: 0000000000000000 [ 168.138278][T11705] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 08:50:57 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x20000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:57 executing program 3 (fault-call:8 fault-nth:10): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) [ 168.146337][T11705] R13: 00007fff92e1b66f R14: 00007f654f380300 R15: 0000000000022000 08:50:57 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x25000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 168.181959][T11736] IPv4: Oversized IP packet from 127.0.0.1 [ 168.187847][ C0] IPv4: Oversized IP packet from 127.0.0.1 [ 168.221781][T11748] loop4: detected capacity change from 0 to 16 [ 168.236895][T11751] loop5: detected capacity change from 0 to 16 [ 168.246487][T11753] loop2: detected capacity change from 0 to 16 [ 168.265767][T11760] IPv4: Oversized IP packet from 127.0.0.1 [ 168.266745][T11761] loop3: detected capacity change from 0 to 16 [ 168.271765][ C0] IPv4: Oversized IP packet from 127.0.0.1 [ 168.328366][T11761] FAULT_INJECTION: forcing a failure. [ 168.328366][T11761] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 168.341910][T11761] CPU: 0 PID: 11761 Comm: syz-executor.3 Not tainted 5.14.0-rc6-syzkaller #0 [ 168.350767][T11761] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 168.360818][T11761] Call Trace: [ 168.364111][T11761] dump_stack_lvl+0xb7/0x103 [ 168.368689][T11761] dump_stack+0x11/0x1a [ 168.372891][T11761] should_fail+0x23c/0x250 [ 168.377480][T11761] __alloc_pages+0x102/0x320 [ 168.382050][T11761] alloc_pages+0x2e8/0x340 [ 168.386478][T11761] __page_cache_alloc+0x4d/0xf0 [ 168.391412][T11761] pagecache_get_page+0x5f4/0x900 [ 168.396603][T11761] grab_cache_page_write_begin+0x3f/0x70 [ 168.402301][T11761] cont_write_begin+0x501/0x850 [ 168.407178][T11761] fat_write_begin+0x61/0xf0 [ 168.411832][T11761] ? fat_block_truncate_page+0x30/0x30 [ 168.417368][T11761] generic_perform_write+0x196/0x3c0 [ 168.422717][T11761] ? fat_write_begin+0xf0/0xf0 [ 168.427478][T11761] __generic_file_write_iter+0x202/0x300 [ 168.433100][T11761] ? generic_write_checks+0x250/0x290 [ 168.438495][T11761] generic_file_write_iter+0x75/0x130 [ 168.443922][T11761] vfs_write+0x69d/0x770 [ 168.448177][T11761] ksys_write+0xce/0x180 [ 168.452424][T11761] __x64_sys_write+0x3e/0x50 [ 168.456997][T11761] do_syscall_64+0x3d/0x90 [ 168.461532][T11761] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 168.467405][T11761] RIP: 0033:0x4665e9 [ 168.471304][T11761] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 168.490977][T11761] RSP: 002b:00007f654f380188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 168.499369][T11761] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 168.507372][T11761] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006 [ 168.515503][T11761] RBP: 00007f654f3801d0 R08: 0000000000000000 R09: 0000000000000000 [ 168.523554][T11761] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 168.531563][T11761] R13: 00007fff92e1b66f R14: 00007f654f380300 R15: 0000000000022000 08:50:57 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8) splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x74) 08:50:57 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0x40000, 0xf000) 08:50:57 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x40000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:57 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0x5, 0xf000) 08:50:57 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0xe, 0xf000) 08:50:57 executing program 3 (fault-call:8 fault-nth:11): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) [ 168.779408][T11783] loop4: detected capacity change from 0 to 16 [ 168.811149][T11791] loop2: detected capacity change from 0 to 16 [ 168.822793][T11792] IPv4: Oversized IP packet from 127.0.0.1 08:50:57 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0x60000, 0xf000) 08:50:57 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0x6, 0xf000) [ 168.825476][T11795] loop3: detected capacity change from 0 to 16 [ 168.828792][ C1] IPv4: Oversized IP packet from 127.0.0.1 [ 168.841418][T11796] loop5: detected capacity change from 0 to 16 08:50:57 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0xf, 0xf000) [ 168.884072][T11795] FAULT_INJECTION: forcing a failure. [ 168.884072][T11795] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 168.897319][T11795] CPU: 0 PID: 11795 Comm: syz-executor.3 Not tainted 5.14.0-rc6-syzkaller #0 [ 168.906265][T11795] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 168.916523][T11795] Call Trace: [ 168.919888][T11795] dump_stack_lvl+0xb7/0x103 [ 168.924565][T11795] dump_stack+0x11/0x1a [ 168.928805][T11795] should_fail+0x23c/0x250 [ 168.933212][T11795] should_fail_usercopy+0x16/0x20 [ 168.938631][T11795] copy_page_from_iter_atomic+0x2c1/0xba0 [ 168.944495][T11795] ? fat_write_begin+0x61/0xf0 [ 168.949279][T11795] ? fat_block_truncate_page+0x30/0x30 [ 168.954818][T11795] ? fat_write_begin+0x79/0xf0 [ 168.959718][T11795] generic_perform_write+0x1df/0x3c0 [ 168.965102][T11795] ? fat_write_begin+0xf0/0xf0 [ 168.969858][T11795] __generic_file_write_iter+0x202/0x300 [ 168.975557][T11795] ? generic_write_checks+0x250/0x290 [ 168.980935][T11795] generic_file_write_iter+0x75/0x130 [ 168.986406][T11795] vfs_write+0x69d/0x770 [ 168.990651][T11795] ksys_write+0xce/0x180 [ 168.994897][T11795] __x64_sys_write+0x3e/0x50 [ 168.999595][T11795] do_syscall_64+0x3d/0x90 [ 169.004147][T11795] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 169.010026][T11795] RIP: 0033:0x4665e9 [ 169.014011][T11795] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 08:50:58 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x48000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 169.034032][T11795] RSP: 002b:00007f654f380188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 169.042456][T11795] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 169.050479][T11795] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006 [ 169.058544][T11795] RBP: 00007f654f3801d0 R08: 0000000000000000 R09: 0000000000000000 [ 169.066505][T11795] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 169.074481][T11795] R13: 00007fff92e1b66f R14: 00007f654f380300 R15: 0000000000022000 08:50:58 executing program 3 (fault-call:8 fault-nth:12): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) [ 169.106658][T11811] loop5: detected capacity change from 0 to 16 [ 169.122922][T11820] IPv4: Oversized IP packet from 127.0.0.1 [ 169.128828][ C1] IPv4: Oversized IP packet from 127.0.0.1 [ 169.135485][T11823] loop4: detected capacity change from 0 to 16 08:50:58 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x4c000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 169.165349][T11829] loop2: detected capacity change from 0 to 16 [ 169.192347][T11811] loop5: detected capacity change from 0 to 16 [ 169.233561][T11847] loop3: detected capacity change from 0 to 16 [ 169.250803][T11847] FAULT_INJECTION: forcing a failure. [ 169.250803][T11847] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 169.264155][T11847] CPU: 0 PID: 11847 Comm: syz-executor.3 Not tainted 5.14.0-rc6-syzkaller #0 [ 169.273097][T11847] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 169.283495][T11847] Call Trace: [ 169.286758][T11847] dump_stack_lvl+0xb7/0x103 [ 169.291335][T11847] dump_stack+0x11/0x1a [ 169.295546][T11847] should_fail+0x23c/0x250 [ 169.299955][T11847] __alloc_pages+0x102/0x320 [ 169.304645][T11847] alloc_pages+0x2e8/0x340 [ 169.309186][T11847] __page_cache_alloc+0x4d/0xf0 [ 169.314126][T11847] pagecache_get_page+0x5f4/0x900 [ 169.319143][T11847] grab_cache_page_write_begin+0x3f/0x70 [ 169.324821][T11847] cont_write_begin+0x501/0x850 [ 169.329720][T11847] fat_write_begin+0x61/0xf0 [ 169.334378][T11847] ? fat_block_truncate_page+0x30/0x30 [ 169.340111][T11847] generic_perform_write+0x196/0x3c0 [ 169.345663][T11847] ? fat_write_begin+0xf0/0xf0 [ 169.350472][T11847] __generic_file_write_iter+0x202/0x300 [ 169.356171][T11847] ? generic_write_checks+0x250/0x290 [ 169.361649][T11847] generic_file_write_iter+0x75/0x130 [ 169.367073][T11847] vfs_write+0x69d/0x770 [ 169.371335][T11847] ksys_write+0xce/0x180 [ 169.375654][T11847] __x64_sys_write+0x3e/0x50 [ 169.380234][T11847] do_syscall_64+0x3d/0x90 [ 169.384739][T11847] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 169.390711][T11847] RIP: 0033:0x4665e9 [ 169.394583][T11847] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 169.414293][T11847] RSP: 002b:00007f654f380188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 169.422777][T11847] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 169.430971][T11847] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006 [ 169.438921][T11847] RBP: 00007f654f3801d0 R08: 0000000000000000 R09: 0000000000000000 [ 169.446887][T11847] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 169.454928][T11847] R13: 00007fff92e1b66f R14: 00007f654f380300 R15: 0000000000022000 08:50:58 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8) splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x7a) 08:50:58 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0x80000, 0xf000) 08:50:58 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0x7, 0xf000) 08:50:58 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0x10, 0xf000) 08:50:58 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x60000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:58 executing program 3 (fault-call:8 fault-nth:13): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) [ 169.673228][T11862] loop2: detected capacity change from 0 to 16 [ 169.679998][T11864] loop4: detected capacity change from 0 to 16 [ 169.702940][T11870] loop3: detected capacity change from 0 to 16 [ 169.719249][T11871] loop5: detected capacity change from 0 to 16 [ 169.723740][T11870] FAULT_INJECTION: forcing a failure. [ 169.723740][T11870] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 169.738514][T11870] CPU: 1 PID: 11870 Comm: syz-executor.3 Not tainted 5.14.0-rc6-syzkaller #0 [ 169.747368][T11870] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 169.757419][T11870] Call Trace: [ 169.760788][T11870] dump_stack_lvl+0xb7/0x103 [ 169.765377][T11870] dump_stack+0x11/0x1a 08:50:58 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0x16, 0xf000) 08:50:58 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x64000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 169.769608][T11870] should_fail+0x23c/0x250 [ 169.774032][T11870] should_fail_usercopy+0x16/0x20 [ 169.779150][T11870] copy_page_from_iter_atomic+0x2c1/0xba0 [ 169.785065][T11870] ? fat_write_begin+0x61/0xf0 [ 169.789854][T11870] ? fat_block_truncate_page+0x30/0x30 [ 169.795541][T11870] ? fat_write_begin+0x79/0xf0 [ 169.800425][T11870] generic_perform_write+0x1df/0x3c0 [ 169.805902][T11870] ? fat_write_begin+0xf0/0xf0 [ 169.810768][T11870] __generic_file_write_iter+0x202/0x300 [ 169.816521][T11870] ? generic_write_checks+0x250/0x290 08:50:58 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0xa0000, 0xf000) 08:50:58 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0x8, 0xf000) [ 169.822184][T11870] generic_file_write_iter+0x75/0x130 [ 169.827921][T11870] vfs_write+0x69d/0x770 [ 169.832178][T11870] ksys_write+0xce/0x180 [ 169.836464][T11870] __x64_sys_write+0x3e/0x50 [ 169.841230][T11870] do_syscall_64+0x3d/0x90 [ 169.845835][T11870] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 169.851739][T11870] RIP: 0033:0x4665e9 [ 169.855758][T11870] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 169.875801][T11870] RSP: 002b:00007f654f380188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 169.884202][T11870] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 169.892154][T11870] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006 [ 169.900194][T11870] RBP: 00007f654f3801d0 R08: 0000000000000000 R09: 0000000000000000 [ 169.908187][T11870] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 169.916221][T11870] R13: 00007fff92e1b66f R14: 00007f654f380300 R15: 0000000000022000 [ 169.926301][T11870] handle_bad_sector: 127 callbacks suppressed [ 169.926320][T11870] attempt to access beyond end of device [ 169.926320][T11870] loop3: rw=2049, want=122, limit=16 [ 169.943540][T11870] attempt to access beyond end of device [ 169.943540][T11870] loop3: rw=2049, want=123, limit=16 [ 169.954347][T11870] buffer_io_error: 110 callbacks suppressed [ 169.954359][T11870] Buffer I/O error on dev loop3, logical block 122, lost async page write [ 169.969047][T11870] attempt to access beyond end of device 08:50:58 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x68000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 169.969047][T11870] loop3: rw=2049, want=124, limit=16 [ 169.980965][T11870] Buffer I/O error on dev loop3, logical block 123, lost async page write [ 169.990594][T11870] attempt to access beyond end of device [ 169.990594][T11870] loop3: rw=2049, want=125, limit=16 [ 170.001445][T11870] Buffer I/O error on dev loop3, logical block 124, lost async page write [ 170.012515][T11899] loop2: detected capacity change from 0 to 16 [ 170.015322][T11870] attempt to access beyond end of device [ 170.015322][T11870] loop3: rw=2049, want=126, limit=16 [ 170.029672][T11870] Buffer I/O error on dev loop3, logical block 125, lost async page write [ 170.058018][T11910] loop4: detected capacity change from 0 to 16 [ 170.061202][T11899] attempt to access beyond end of device [ 170.061202][T11899] loop2: rw=2049, want=123, limit=16 08:50:59 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x6c000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 170.066604][T11911] loop5: detected capacity change from 0 to 16 [ 170.075158][T11899] Buffer I/O error on dev loop2, logical block 122, lost async page write [ 170.079736][T11899] attempt to access beyond end of device [ 170.079736][T11899] loop2: rw=2049, want=124, limit=16 [ 170.090841][T11870] attempt to access beyond end of device [ 170.090841][T11870] loop3: rw=2049, want=127, limit=16 [ 170.100706][T11899] Buffer I/O error on dev loop2, logical block 123, lost async page write [ 170.115264][T11899] attempt to access beyond end of device [ 170.115264][T11899] loop2: rw=2049, want=125, limit=16 [ 170.120006][T11870] Buffer I/O error on dev loop3, logical block 126, lost async page write [ 170.130865][T11899] Buffer I/O error on dev loop2, logical block 124, lost async page write [ 170.153593][T11899] attempt to access beyond end of device [ 170.153593][T11899] loop2: rw=2049, want=126, limit=16 [ 170.164424][T11899] Buffer I/O error on dev loop2, logical block 125, lost async page write [ 170.174536][T11899] Buffer I/O error on dev loop2, logical block 126, lost async page write 08:50:59 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8) splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x127) 08:50:59 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0xc0000, 0xf000) 08:50:59 executing program 3 (fault-call:8 fault-nth:14): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:50:59 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0x17, 0xf000) 08:50:59 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0x9, 0xf000) 08:50:59 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x74000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 170.560881][T11944] loop5: detected capacity change from 0 to 16 [ 170.567511][T11946] loop3: detected capacity change from 0 to 16 [ 170.575221][T11947] loop2: detected capacity change from 0 to 16 [ 170.582451][T11948] loop4: detected capacity change from 0 to 16 [ 170.606666][T11946] FAULT_INJECTION: forcing a failure. [ 170.606666][T11946] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 170.620169][T11946] CPU: 1 PID: 11946 Comm: syz-executor.3 Not tainted 5.14.0-rc6-syzkaller #0 [ 170.628994][T11946] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 170.639097][T11946] Call Trace: [ 170.642369][T11946] dump_stack_lvl+0xb7/0x103 [ 170.647017][T11946] dump_stack+0x11/0x1a [ 170.651236][T11946] should_fail+0x23c/0x250 [ 170.655674][T11946] __alloc_pages+0x102/0x320 08:50:59 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x7a000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:50:59 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0x18, 0xf000) 08:50:59 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0xe0000, 0xf000) [ 170.660347][T11946] alloc_pages+0x2e8/0x340 [ 170.664800][T11946] __page_cache_alloc+0x4d/0xf0 [ 170.669723][T11946] pagecache_get_page+0x5f4/0x900 [ 170.674827][T11946] grab_cache_page_write_begin+0x3f/0x70 [ 170.680538][T11946] cont_write_begin+0x501/0x850 [ 170.685406][T11946] fat_write_begin+0x61/0xf0 [ 170.690081][T11946] ? fat_block_truncate_page+0x30/0x30 [ 170.695560][T11946] generic_perform_write+0x196/0x3c0 [ 170.700914][T11946] ? fat_write_begin+0xf0/0xf0 [ 170.705676][T11946] __generic_file_write_iter+0x202/0x300 08:50:59 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0xa, 0xf000) [ 170.711556][T11946] ? generic_write_checks+0x250/0x290 [ 170.717018][T11946] generic_file_write_iter+0x75/0x130 [ 170.722398][T11946] vfs_write+0x69d/0x770 [ 170.726715][T11946] ksys_write+0xce/0x180 [ 170.730984][T11946] __x64_sys_write+0x3e/0x50 [ 170.735603][T11946] do_syscall_64+0x3d/0x90 [ 170.740003][T11946] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 170.745915][T11946] RIP: 0033:0x4665e9 [ 170.749785][T11946] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 170.769374][T11946] RSP: 002b:00007f654f380188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 170.777780][T11946] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 170.785733][T11946] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006 [ 170.793794][T11946] RBP: 00007f654f3801d0 R08: 0000000000000000 R09: 0000000000000000 [ 170.801743][T11946] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 08:50:59 executing program 3 (fault-call:8 fault-nth:15): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:50:59 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x97ffffff, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 170.809699][T11946] R13: 00007fff92e1b66f R14: 00007f654f380300 R15: 0000000000022000 [ 170.862370][T11982] loop4: detected capacity change from 0 to 16 [ 170.885547][T11990] loop3: detected capacity change from 0 to 16 [ 170.892595][T11992] loop2: detected capacity change from 0 to 16 [ 170.895845][T11993] loop5: detected capacity change from 0 to 16 [ 170.915539][T11990] FAULT_INJECTION: forcing a failure. [ 170.915539][T11990] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 170.928687][T11990] CPU: 1 PID: 11990 Comm: syz-executor.3 Not tainted 5.14.0-rc6-syzkaller #0 [ 170.937578][T11990] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 170.947828][T11990] Call Trace: [ 170.951106][T11990] dump_stack_lvl+0xb7/0x103 [ 170.955932][T11990] dump_stack+0x11/0x1a [ 170.960085][T11990] should_fail+0x23c/0x250 [ 170.964538][T11990] should_fail_usercopy+0x16/0x20 [ 170.969661][T11990] copy_page_from_iter_atomic+0x2c1/0xba0 [ 170.975398][T11990] ? fat_write_begin+0x61/0xf0 [ 170.980163][T11990] ? fat_block_truncate_page+0x30/0x30 [ 170.985672][T11990] ? fat_write_begin+0x79/0xf0 [ 170.990526][T11990] generic_perform_write+0x1df/0x3c0 [ 170.995851][T11990] ? fat_write_begin+0xf0/0xf0 [ 171.000809][T11990] __generic_file_write_iter+0x202/0x300 [ 171.006456][T11990] ? generic_write_checks+0x250/0x290 [ 171.011935][T11990] generic_file_write_iter+0x75/0x130 [ 171.017449][T11990] vfs_write+0x69d/0x770 [ 171.021874][T11990] ksys_write+0xce/0x180 [ 171.026122][T11990] __x64_sys_write+0x3e/0x50 [ 171.030850][T11990] do_syscall_64+0x3d/0x90 [ 171.035486][T11990] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 171.041818][T11990] RIP: 0033:0x4665e9 [ 171.045691][T11990] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 171.065552][T11990] RSP: 002b:00007f654f380188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 171.074028][T11990] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 171.081985][T11990] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006 [ 171.090395][T11990] RBP: 00007f654f3801d0 R08: 0000000000000000 R09: 0000000000000000 [ 171.098928][T11990] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 171.107527][T11990] R13: 00007fff92e1b66f R14: 00007f654f380300 R15: 0000000000022000 08:51:00 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8) splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x300) 08:51:00 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xa50c0000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:51:00 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0xb, 0xf000) 08:51:00 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0x100000, 0xf000) 08:51:00 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0x22, 0xf000) 08:51:00 executing program 3 (fault-call:8 fault-nth:16): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:51:00 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xe0000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 171.439159][T12028] loop4: detected capacity change from 0 to 16 [ 171.446658][T12031] loop2: detected capacity change from 0 to 16 [ 171.455334][T12032] loop5: detected capacity change from 0 to 16 08:51:00 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0xc, 0xf000) [ 171.482662][T12034] loop3: detected capacity change from 0 to 16 [ 171.515261][T12034] FAULT_INJECTION: forcing a failure. [ 171.515261][T12034] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 171.528660][T12034] CPU: 1 PID: 12034 Comm: syz-executor.3 Not tainted 5.14.0-rc6-syzkaller #0 [ 171.537421][T12034] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 171.547483][T12034] Call Trace: [ 171.550785][T12034] dump_stack_lvl+0xb7/0x103 [ 171.555431][T12034] dump_stack+0x11/0x1a [ 171.559606][T12034] should_fail+0x23c/0x250 [ 171.564047][T12034] __alloc_pages+0x102/0x320 [ 171.568831][T12034] alloc_pages+0x2e8/0x340 [ 171.573264][T12034] __page_cache_alloc+0x4d/0xf0 [ 171.578143][T12034] pagecache_get_page+0x5f4/0x900 08:51:00 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0x7fffff, 0xf000) 08:51:00 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xe8030000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 171.583262][T12034] grab_cache_page_write_begin+0x3f/0x70 [ 171.588976][T12034] cont_write_begin+0x501/0x850 [ 171.593885][T12034] fat_write_begin+0x61/0xf0 [ 171.598630][T12034] ? fat_block_truncate_page+0x30/0x30 [ 171.604090][T12034] generic_perform_write+0x196/0x3c0 [ 171.609425][T12034] ? fat_write_begin+0xf0/0xf0 [ 171.614192][T12034] __generic_file_write_iter+0x202/0x300 [ 171.616757][T12059] loop5: detected capacity change from 0 to 16 [ 171.619831][T12034] ? generic_write_checks+0x250/0x290 08:51:00 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0x76, 0xf000) [ 171.619857][T12034] generic_file_write_iter+0x75/0x130 [ 171.619880][T12034] vfs_write+0x69d/0x770 [ 171.640959][T12034] ksys_write+0xce/0x180 [ 171.645203][T12034] __x64_sys_write+0x3e/0x50 [ 171.649943][T12034] do_syscall_64+0x3d/0x90 [ 171.654438][T12034] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 171.660328][T12034] RIP: 0033:0x4665e9 [ 171.664283][T12034] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 08:51:00 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0xd, 0xf000) [ 171.683977][T12034] RSP: 002b:00007f654f380188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 171.692390][T12034] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 171.700357][T12034] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006 [ 171.708574][T12034] RBP: 00007f654f3801d0 R08: 0000000000000000 R09: 0000000000000000 [ 171.716531][T12034] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 171.724558][T12034] R13: 00007fff92e1b66f R14: 00007f654f380300 R15: 0000000000022000 [ 171.801364][T12085] loop5: detected capacity change from 0 to 16 [ 171.808202][T12087] loop4: detected capacity change from 0 to 16 [ 171.810410][T12086] loop2: detected capacity change from 0 to 16 08:51:01 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8) splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x500) 08:51:01 executing program 3 (fault-call:8 fault-nth:17): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:51:01 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xe8ff0000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:51:01 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0xf00000, 0xf000) 08:51:01 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0xe, 0xf000) 08:51:01 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0xf0, 0xf000) [ 172.329399][T12112] loop3: detected capacity change from 0 to 16 [ 172.329399][T12117] loop5: detected capacity change from 0 to 16 [ 172.340764][T12116] loop2: detected capacity change from 0 to 16 [ 172.348991][T12119] loop4: detected capacity change from 0 to 16 [ 172.360787][T12112] FAULT_INJECTION: forcing a failure. [ 172.360787][T12112] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 172.373981][T12112] CPU: 1 PID: 12112 Comm: syz-executor.3 Not tainted 5.14.0-rc6-syzkaller #0 [ 172.382740][T12112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 172.392803][T12112] Call Trace: [ 172.396078][T12112] dump_stack_lvl+0xb7/0x103 [ 172.400684][T12112] dump_stack+0x11/0x1a [ 172.404841][T12112] should_fail+0x23c/0x250 [ 172.409255][T12112] should_fail_usercopy+0x16/0x20 [ 172.414692][T12112] copy_page_from_iter_atomic+0x2c1/0xba0 [ 172.420412][T12112] ? fat_write_begin+0x61/0xf0 08:51:01 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0x1000000, 0xf000) 08:51:01 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0x204, 0xf000) 08:51:01 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0xf, 0xf000) [ 172.425260][T12112] ? fat_block_truncate_page+0x30/0x30 [ 172.430813][T12112] ? fat_write_begin+0x79/0xf0 [ 172.435566][T12112] generic_perform_write+0x1df/0x3c0 [ 172.440856][T12112] ? fat_write_begin+0xf0/0xf0 [ 172.445636][T12112] __generic_file_write_iter+0x202/0x300 [ 172.451474][T12112] ? generic_write_checks+0x250/0x290 [ 172.456980][T12112] generic_file_write_iter+0x75/0x130 [ 172.462410][T12112] vfs_write+0x69d/0x770 [ 172.466668][T12112] ksys_write+0xce/0x180 [ 172.470918][T12112] __x64_sys_write+0x3e/0x50 [ 172.475488][T12112] do_syscall_64+0x3d/0x90 [ 172.479909][T12112] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 172.485849][T12112] RIP: 0033:0x4665e9 [ 172.489829][T12112] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 172.509540][T12112] RSP: 002b:00007f654f380188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 172.518069][T12112] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 08:51:01 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xf4010000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:51:01 executing program 3 (fault-call:8 fault-nth:18): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:51:01 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xfcff0000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 172.526552][T12112] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006 [ 172.534512][T12112] RBP: 00007f654f3801d0 R08: 0000000000000000 R09: 0000000000000000 [ 172.542458][T12112] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 172.550513][T12112] R13: 00007fff92e1b66f R14: 00007f654f380300 R15: 0000000000022000 [ 172.630805][T12152] loop5: detected capacity change from 0 to 16 [ 172.651636][T12156] loop4: detected capacity change from 0 to 16 [ 172.653728][T12157] loop3: detected capacity change from 0 to 16 [ 172.662548][T12158] loop2: detected capacity change from 0 to 16 [ 172.679316][T12157] FAULT_INJECTION: forcing a failure. [ 172.679316][T12157] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 172.692840][T12157] CPU: 0 PID: 12157 Comm: syz-executor.3 Not tainted 5.14.0-rc6-syzkaller #0 [ 172.701889][T12157] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 172.712426][T12157] Call Trace: [ 172.715707][T12157] dump_stack_lvl+0xb7/0x103 [ 172.720310][T12157] dump_stack+0x11/0x1a [ 172.724599][T12157] should_fail+0x23c/0x250 [ 172.729032][T12157] __alloc_pages+0x102/0x320 [ 172.733684][T12157] alloc_pages+0x2e8/0x340 [ 172.738110][T12157] __page_cache_alloc+0x4d/0xf0 [ 172.742972][T12157] pagecache_get_page+0x5f4/0x900 [ 172.748243][T12157] grab_cache_page_write_begin+0x3f/0x70 [ 172.753919][T12157] cont_write_begin+0x501/0x850 [ 172.758800][T12157] fat_write_begin+0x61/0xf0 [ 172.763938][T12157] ? fat_block_truncate_page+0x30/0x30 [ 172.769638][T12157] generic_perform_write+0x196/0x3c0 [ 172.775018][T12157] ? fat_write_begin+0xf0/0xf0 [ 172.779935][T12157] __generic_file_write_iter+0x202/0x300 [ 172.785564][T12157] ? generic_write_checks+0x250/0x290 [ 172.791030][T12157] generic_file_write_iter+0x75/0x130 [ 172.796386][T12157] vfs_write+0x69d/0x770 [ 172.800624][T12157] ksys_write+0xce/0x180 [ 172.804860][T12157] __x64_sys_write+0x3e/0x50 [ 172.809438][T12157] do_syscall_64+0x3d/0x90 [ 172.814712][T12157] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 172.821243][T12157] RIP: 0033:0x4665e9 [ 172.825487][T12157] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 172.845408][T12157] RSP: 002b:00007f654f380188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 172.854042][T12157] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 172.862817][T12157] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006 [ 172.870986][T12157] RBP: 00007f654f3801d0 R08: 0000000000000000 R09: 0000000000000000 [ 172.879079][T12157] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 172.887263][T12157] R13: 00007fff92e1b66f R14: 00007f654f380300 R15: 0000000000022000 08:51:02 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8) splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x600) 08:51:02 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0x300, 0xf000) 08:51:02 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0x10, 0xf000) 08:51:02 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0x2000000, 0xf000) 08:51:02 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xffff0000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:51:02 executing program 3 (fault-call:8 fault-nth:19): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:51:02 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0x22, 0xf000) [ 173.199860][T12193] loop3: detected capacity change from 0 to 16 [ 173.201047][T12192] loop5: detected capacity change from 0 to 16 [ 173.206377][T12194] loop4: detected capacity change from 0 to 16 [ 173.220938][T12195] net_ratelimit: 26 callbacks suppressed [ 173.221025][T12195] IPv4: Oversized IP packet from 127.0.0.1 [ 173.232832][ C0] IPv4: Oversized IP packet from 127.0.0.1 [ 173.240222][T12197] loop2: detected capacity change from 0 to 16 08:51:02 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xffffe000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 173.262805][T12193] FAULT_INJECTION: forcing a failure. [ 173.262805][T12193] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 173.275895][T12193] CPU: 1 PID: 12193 Comm: syz-executor.3 Not tainted 5.14.0-rc6-syzkaller #0 [ 173.284689][T12193] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 173.294813][T12193] Call Trace: [ 173.298091][T12193] dump_stack_lvl+0xb7/0x103 [ 173.303017][T12193] dump_stack+0x11/0x1a [ 173.307205][T12193] should_fail+0x23c/0x250 08:51:02 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0x402, 0xf000) [ 173.311745][T12193] should_fail_usercopy+0x16/0x20 [ 173.316781][T12193] copy_page_from_iter_atomic+0x2c1/0xba0 [ 173.322532][T12193] ? fat_write_begin+0x61/0xf0 [ 173.327554][T12193] ? fat_block_truncate_page+0x30/0x30 [ 173.333015][T12193] ? fat_write_begin+0x79/0xf0 [ 173.337777][T12193] generic_perform_write+0x1df/0x3c0 [ 173.343067][T12193] ? fat_write_begin+0xf0/0xf0 [ 173.347879][T12193] __generic_file_write_iter+0x202/0x300 [ 173.353592][T12193] ? generic_write_checks+0x250/0x290 08:51:02 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0x2040000, 0xf000) [ 173.359075][T12193] generic_file_write_iter+0x75/0x130 [ 173.364553][T12193] vfs_write+0x69d/0x770 [ 173.368971][T12193] ksys_write+0xce/0x180 [ 173.373212][T12193] __x64_sys_write+0x3e/0x50 [ 173.377806][T12193] do_syscall_64+0x3d/0x90 [ 173.382242][T12193] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 173.388133][T12193] RIP: 0033:0x4665e9 [ 173.392172][T12193] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 173.412454][T12193] RSP: 002b:00007f654f380188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 173.420935][T12193] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 173.428903][T12193] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006 [ 173.436959][T12193] RBP: 00007f654f3801d0 R08: 0000000000000000 R09: 0000000000000000 [ 173.445165][T12193] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 173.453414][T12193] R13: 00007fff92e1b66f R14: 00007f654f380300 R15: 0000000000022000 08:51:02 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xffffff97, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:51:02 executing program 3 (fault-call:8 fault-nth:20): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) [ 173.481624][T12225] loop5: detected capacity change from 0 to 16 [ 173.546794][T12240] loop2: detected capacity change from 0 to 16 [ 173.551124][T12244] loop4: detected capacity change from 0 to 16 [ 173.576960][T12248] loop3: detected capacity change from 0 to 16 [ 173.602535][T12248] FAULT_INJECTION: forcing a failure. [ 173.602535][T12248] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 173.616117][T12248] CPU: 1 PID: 12248 Comm: syz-executor.3 Not tainted 5.14.0-rc6-syzkaller #0 [ 173.625196][T12248] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 173.635806][T12248] Call Trace: [ 173.639076][T12248] dump_stack_lvl+0xb7/0x103 [ 173.643767][T12248] dump_stack+0x11/0x1a [ 173.647915][T12248] should_fail+0x23c/0x250 [ 173.652334][T12248] __alloc_pages+0x102/0x320 [ 173.657051][T12248] alloc_pages+0x2e8/0x340 [ 173.661445][T12248] __page_cache_alloc+0x4d/0xf0 [ 173.666278][T12248] pagecache_get_page+0x5f4/0x900 [ 173.671286][T12248] grab_cache_page_write_begin+0x3f/0x70 [ 173.676936][T12248] cont_write_begin+0x501/0x850 [ 173.681824][T12248] fat_write_begin+0x61/0xf0 [ 173.686635][T12248] ? fat_block_truncate_page+0x30/0x30 [ 173.692075][T12248] generic_perform_write+0x196/0x3c0 [ 173.697952][T12248] ? fat_write_begin+0xf0/0xf0 [ 173.702746][T12248] __generic_file_write_iter+0x202/0x300 [ 173.708373][T12248] ? generic_write_checks+0x250/0x290 [ 173.714136][T12248] generic_file_write_iter+0x75/0x130 [ 173.719719][T12248] vfs_write+0x69d/0x770 [ 173.724030][T12248] ksys_write+0xce/0x180 [ 173.728252][T12248] __x64_sys_write+0x3e/0x50 [ 173.732906][T12248] do_syscall_64+0x3d/0x90 [ 173.737302][T12248] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 173.743262][T12248] RIP: 0033:0x4665e9 [ 173.747230][T12248] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 173.766945][T12248] RSP: 002b:00007f654f380188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 173.775504][T12248] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 173.783810][T12248] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006 [ 173.791889][T12248] RBP: 00007f654f3801d0 R08: 0000000000000000 R09: 0000000000000000 [ 173.800128][T12248] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 173.808170][T12248] R13: 00007fff92e1b66f R14: 00007f654f380300 R15: 0000000000022000 08:51:02 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0x4c, 0xf000) 08:51:02 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8) splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x700) 08:51:02 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x1000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:51:02 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0x406, 0xf000) 08:51:02 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0x3000000, 0xf000) 08:51:02 executing program 3 (fault-call:8 fault-nth:21): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:51:03 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x40030000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 174.066191][T12271] IPv4: Oversized IP packet from 127.0.0.1 [ 174.072262][ C1] IPv4: Oversized IP packet from 127.0.0.1 [ 174.094573][T12274] loop4: detected capacity change from 0 to 16 [ 174.094718][T12275] loop2: detected capacity change from 0 to 16 [ 174.107763][T12277] loop5: detected capacity change from 0 to 16 [ 174.113367][T12276] loop3: detected capacity change from 0 to 16 [ 174.132431][T12284] IPv4: Oversized IP packet from 127.0.0.1 [ 174.138418][ C1] IPv4: Oversized IP packet from 127.0.0.1 [ 174.150966][T12276] FAULT_INJECTION: forcing a failure. [ 174.150966][T12276] name fail_usercopy, interval 1, probability 0, space 0, times 0 08:51:03 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0x4000000, 0xf000) 08:51:03 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0x4d, 0xf000) [ 174.164501][T12276] CPU: 1 PID: 12276 Comm: syz-executor.3 Not tainted 5.14.0-rc6-syzkaller #0 [ 174.173588][T12276] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 174.183909][T12276] Call Trace: [ 174.187301][T12276] dump_stack_lvl+0xb7/0x103 [ 174.191936][T12276] dump_stack+0x11/0x1a [ 174.196208][T12276] should_fail+0x23c/0x250 [ 174.200700][T12276] should_fail_usercopy+0x16/0x20 [ 174.205717][T12276] copy_page_from_iter_atomic+0x2c1/0xba0 [ 174.211544][T12276] ? fat_write_begin+0x61/0xf0 [ 174.216404][T12276] ? fat_block_truncate_page+0x30/0x30 [ 174.222318][T12276] ? fat_write_begin+0x79/0xf0 [ 174.227567][T12276] generic_perform_write+0x1df/0x3c0 [ 174.233214][T12276] ? fat_write_begin+0xf0/0xf0 [ 174.237975][T12276] __generic_file_write_iter+0x202/0x300 [ 174.243991][T12276] ? generic_write_checks+0x250/0x290 [ 174.249442][T12276] generic_file_write_iter+0x75/0x130 [ 174.255306][T12276] vfs_write+0x69d/0x770 [ 174.259812][T12276] ksys_write+0xce/0x180 [ 174.265189][T12276] __x64_sys_write+0x3e/0x50 [ 174.269804][T12276] do_syscall_64+0x3d/0x90 [ 174.274285][T12276] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 174.280219][T12276] RIP: 0033:0x4665e9 [ 174.284408][T12276] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 174.304401][T12276] RSP: 002b:00007f654f380188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 08:51:03 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xe0ffff00000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 174.312883][T12276] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 174.320957][T12276] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006 [ 174.329009][T12276] RBP: 00007f654f3801d0 R08: 0000000000000000 R09: 0000000000000000 [ 174.336983][T12276] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 174.344944][T12276] R13: 00007fff92e1b66f R14: 00007f654f380300 R15: 0000000000022000 08:51:03 executing program 3 (fault-call:8 fault-nth:22): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:51:03 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0x500, 0xf000) [ 174.378655][T12275] loop2: detected capacity change from 0 to 16 08:51:03 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x100000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 174.434747][T12314] loop5: detected capacity change from 0 to 16 [ 174.440215][T12315] loop4: detected capacity change from 0 to 16 [ 174.441880][T12305] IPv4: Oversized IP packet from 127.0.0.1 [ 174.453119][ C0] IPv4: Oversized IP packet from 127.0.0.1 [ 174.458154][T12316] loop3: detected capacity change from 0 to 16 [ 174.469604][T12318] loop2: detected capacity change from 0 to 16 [ 174.503204][T12316] FAULT_INJECTION: forcing a failure. [ 174.503204][T12316] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 174.516740][T12316] CPU: 0 PID: 12316 Comm: syz-executor.3 Not tainted 5.14.0-rc6-syzkaller #0 [ 174.525499][T12316] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 174.535712][T12316] Call Trace: [ 174.539105][T12316] dump_stack_lvl+0xb7/0x103 [ 174.543891][T12316] dump_stack+0x11/0x1a [ 174.548221][T12316] should_fail+0x23c/0x250 [ 174.552691][T12316] __alloc_pages+0x102/0x320 [ 174.557459][T12316] alloc_pages+0x2e8/0x340 [ 174.561943][T12316] __page_cache_alloc+0x4d/0xf0 [ 174.566976][T12316] pagecache_get_page+0x5f4/0x900 [ 174.572221][T12316] grab_cache_page_write_begin+0x3f/0x70 [ 174.578176][T12316] cont_write_begin+0x501/0x850 [ 174.583557][T12316] fat_write_begin+0x61/0xf0 [ 174.588217][T12316] ? fat_block_truncate_page+0x30/0x30 [ 174.592212][T12337] IPv4: Oversized IP packet from 127.0.0.1 [ 174.593781][T12316] generic_perform_write+0x196/0x3c0 [ 174.599643][ C1] IPv4: Oversized IP packet from 127.0.0.1 [ 174.604956][T12316] ? fat_write_begin+0xf0/0xf0 [ 174.615761][T12316] __generic_file_write_iter+0x202/0x300 [ 174.621603][T12316] ? generic_write_checks+0x250/0x290 [ 174.627068][T12316] generic_file_write_iter+0x75/0x130 [ 174.632469][T12316] vfs_write+0x69d/0x770 [ 174.636976][T12316] ksys_write+0xce/0x180 [ 174.641203][T12316] __x64_sys_write+0x3e/0x50 [ 174.645839][T12316] do_syscall_64+0x3d/0x90 [ 174.650341][T12316] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 174.656438][T12316] RIP: 0033:0x4665e9 [ 174.660330][T12316] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 174.680356][T12316] RSP: 002b:00007f654f380188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 174.689203][T12316] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 174.697449][T12316] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006 [ 174.705689][T12316] RBP: 00007f654f3801d0 R08: 0000000000000000 R09: 0000000000000000 [ 174.713698][T12316] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 174.721865][T12316] R13: 00007fff92e1b66f R14: 00007f654f380300 R15: 0000000000022000 08:51:03 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8) splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x900) 08:51:03 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0x600, 0xf000) 08:51:03 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0x4e, 0xf000) 08:51:03 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0x5000000, 0xf000) 08:51:03 executing program 3 (fault-call:8 fault-nth:23): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:51:03 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x200000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 174.956583][T12357] loop3: detected capacity change from 0 to 16 [ 174.956658][T12356] loop5: detected capacity change from 0 to 16 [ 174.963155][T12359] loop4: detected capacity change from 0 to 16 [ 174.972536][T12358] loop2: detected capacity change from 0 to 16 [ 174.983539][T12357] FAULT_INJECTION: forcing a failure. [ 174.983539][T12357] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 174.997095][T12357] CPU: 1 PID: 12357 Comm: syz-executor.3 Not tainted 5.14.0-rc6-syzkaller #0 [ 175.005872][T12357] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 175.016013][T12357] Call Trace: [ 175.019398][T12357] dump_stack_lvl+0xb7/0x103 [ 175.023184][T12356] handle_bad_sector: 167 callbacks suppressed [ 175.023196][T12356] attempt to access beyond end of device [ 175.023196][T12356] loop5: rw=2049, want=123, limit=16 [ 175.023988][T12357] dump_stack+0x11/0x1a [ 175.030249][T12356] buffer_io_error: 146 callbacks suppressed [ 175.030260][T12356] Buffer I/O error on dev loop5, logical block 122, lost async page write [ 175.041185][T12357] should_fail+0x23c/0x250 [ 175.052757][T12359] attempt to access beyond end of device [ 175.052757][T12359] loop4: rw=2049, want=124, limit=16 [ 175.059891][T12357] should_fail_usercopy+0x16/0x20 [ 175.073518][T12358] attempt to access beyond end of device [ 175.073518][T12358] loop2: rw=2049, want=123, limit=16 [ 175.075341][T12357] copy_page_from_iter_atomic+0x2c1/0xba0 [ 175.080384][T12358] Buffer I/O error on dev loop2, logical block 122, lost async page write [ 175.091168][T12357] ? fat_write_begin+0x61/0xf0 [ 175.091191][T12357] ? fat_block_truncate_page+0x30/0x30 [ 175.091213][T12357] ? fat_write_begin+0x79/0xf0 [ 175.121036][T12357] generic_perform_write+0x1df/0x3c0 [ 175.126354][T12357] ? fat_write_begin+0xf0/0xf0 [ 175.128128][T12356] attempt to access beyond end of device [ 175.128128][T12356] loop5: rw=2049, want=124, limit=16 [ 175.131128][T12357] __generic_file_write_iter+0x202/0x300 [ 175.131156][T12357] ? generic_write_checks+0x250/0x290 08:51:04 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0x6000000, 0xf000) [ 175.142150][T12356] Buffer I/O error on dev loop5, logical block 123, lost async page write [ 175.147912][T12357] generic_file_write_iter+0x75/0x130 [ 175.147948][T12357] vfs_write+0x69d/0x770 [ 175.156144][T12358] attempt to access beyond end of device [ 175.156144][T12358] loop2: rw=2049, want=124, limit=16 [ 175.162141][T12357] ksys_write+0xce/0x180 [ 175.162168][T12357] __x64_sys_write+0x3e/0x50 [ 175.162184][T12357] do_syscall_64+0x3d/0x90 [ 175.162202][T12357] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 175.167751][T12358] Buffer I/O error on dev loop2, logical block 123, lost async page write [ 175.171938][T12357] RIP: 0033:0x4665e9 [ 175.186067][T12356] attempt to access beyond end of device [ 175.186067][T12356] loop5: rw=2049, want=125, limit=16 [ 175.186889][T12357] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 175.186905][T12357] RSP: 002b:00007f654f380188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 175.186923][T12357] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 175.191518][T12356] Buffer I/O error on dev loop5, logical block 124, lost async page write [ 175.195901][T12357] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006 [ 175.195915][T12357] RBP: 00007f654f3801d0 R08: 0000000000000000 R09: 0000000000000000 [ 175.203258][T12358] attempt to access beyond end of device [ 175.203258][T12358] loop2: rw=2049, want=125, limit=16 [ 175.210245][T12357] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 08:51:04 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x300000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 175.210259][T12357] R13: 00007fff92e1b66f R14: 00007f654f380300 R15: 0000000000022000 [ 175.214177][T12358] Buffer I/O error on dev loop2, logical block 124, lost async page write [ 175.230512][T12357] attempt to access beyond end of device [ 175.230512][T12357] loop3: rw=2049, want=122, limit=16 [ 175.246419][T12356] attempt to access beyond end of device [ 175.246419][T12356] loop5: rw=2049, want=126, limit=16 [ 175.263599][T12357] attempt to access beyond end of device [ 175.263599][T12357] loop3: rw=2049, want=123, limit=16 08:51:04 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0x76, 0xf000) 08:51:04 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0x604, 0xf000) 08:51:04 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x400000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:51:04 executing program 3 (fault-call:8 fault-nth:24): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) [ 175.269684][T12356] Buffer I/O error on dev loop5, logical block 125, lost async page write [ 175.277943][T12357] Buffer I/O error on dev loop3, logical block 122, lost async page write [ 175.286199][T12356] Buffer I/O error on dev loop5, logical block 126, lost async page write [ 175.299580][T12357] Buffer I/O error on dev loop3, logical block 123, lost async page write [ 175.438445][T12396] loop4: detected capacity change from 0 to 16 [ 175.451104][T12389] loop5: detected capacity change from 0 to 16 [ 175.484581][T12407] loop2: detected capacity change from 0 to 16 [ 175.498145][T12410] loop3: detected capacity change from 0 to 16 [ 175.518003][T12410] FAULT_INJECTION: forcing a failure. [ 175.518003][T12410] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 175.531268][T12410] CPU: 1 PID: 12410 Comm: syz-executor.3 Not tainted 5.14.0-rc6-syzkaller #0 [ 175.540226][T12410] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 175.550347][T12410] Call Trace: [ 175.553607][T12410] dump_stack_lvl+0xb7/0x103 [ 175.558214][T12410] dump_stack+0x11/0x1a [ 175.562346][T12410] should_fail+0x23c/0x250 [ 175.566775][T12410] __alloc_pages+0x102/0x320 [ 175.571357][T12410] alloc_pages+0x2e8/0x340 [ 175.575803][T12410] __page_cache_alloc+0x4d/0xf0 [ 175.580712][T12410] pagecache_get_page+0x5f4/0x900 [ 175.585744][T12410] grab_cache_page_write_begin+0x3f/0x70 [ 175.591704][T12410] cont_write_begin+0x501/0x850 [ 175.596535][T12410] fat_write_begin+0x61/0xf0 [ 175.601117][T12410] ? fat_block_truncate_page+0x30/0x30 [ 175.606569][T12410] generic_perform_write+0x196/0x3c0 [ 175.611966][T12410] ? fat_write_begin+0xf0/0xf0 [ 175.616704][T12410] __generic_file_write_iter+0x202/0x300 [ 175.622324][T12410] ? generic_write_checks+0x250/0x290 [ 175.627719][T12410] generic_file_write_iter+0x75/0x130 [ 175.633117][T12410] vfs_write+0x69d/0x770 [ 175.637412][T12410] ksys_write+0xce/0x180 [ 175.641656][T12410] __x64_sys_write+0x3e/0x50 [ 175.646495][T12410] do_syscall_64+0x3d/0x90 [ 175.650957][T12410] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 175.656832][T12410] RIP: 0033:0x4665e9 [ 175.660712][T12410] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 175.680444][T12410] RSP: 002b:00007f654f380188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 175.689580][T12410] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 175.697534][T12410] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006 [ 175.705656][T12410] RBP: 00007f654f3801d0 R08: 0000000000000000 R09: 0000000000000000 [ 175.713676][T12410] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 175.721654][T12410] R13: 00007fff92e1b66f R14: 00007f654f380300 R15: 0000000000022000 08:51:04 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8) splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0xa00) 08:51:04 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x500000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:51:04 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0xf0, 0xf000) 08:51:04 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0x6040000, 0xf000) 08:51:04 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0x700, 0xf000) 08:51:04 executing program 3 (fault-call:8 fault-nth:25): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:51:04 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x600000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 175.809767][T12430] loop5: detected capacity change from 0 to 16 [ 175.828669][T12435] loop3: detected capacity change from 0 to 16 [ 175.831107][T12433] loop2: detected capacity change from 0 to 16 [ 175.841664][T12436] loop4: detected capacity change from 0 to 16 08:51:04 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0x204, 0xf000) [ 175.862254][T12435] FAULT_INJECTION: forcing a failure. [ 175.862254][T12435] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 175.875435][T12435] CPU: 1 PID: 12435 Comm: syz-executor.3 Not tainted 5.14.0-rc6-syzkaller #0 [ 175.884332][T12435] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 175.894468][T12435] Call Trace: [ 175.897745][T12435] dump_stack_lvl+0xb7/0x103 [ 175.902341][T12435] dump_stack+0x11/0x1a [ 175.906497][T12435] should_fail+0x23c/0x250 [ 175.910919][T12435] should_fail_usercopy+0x16/0x20 [ 175.915953][T12435] copy_page_from_iter_atomic+0x2c1/0xba0 [ 175.921682][T12435] ? fat_write_begin+0x61/0xf0 [ 175.926443][T12435] ? fat_block_truncate_page+0x30/0x30 [ 175.931997][T12435] ? fat_write_begin+0x79/0xf0 [ 175.936759][T12435] generic_perform_write+0x1df/0x3c0 [ 175.942051][T12435] ? fat_write_begin+0xf0/0xf0 [ 175.946810][T12435] __generic_file_write_iter+0x202/0x300 [ 175.952447][T12435] ? generic_write_checks+0x250/0x290 08:51:04 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0x7000000, 0xf000) 08:51:04 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0x900, 0xf000) [ 175.957834][T12435] generic_file_write_iter+0x75/0x130 [ 175.963203][T12435] vfs_write+0x69d/0x770 [ 175.967446][T12435] ksys_write+0xce/0x180 [ 175.971764][T12435] __x64_sys_write+0x3e/0x50 [ 175.976366][T12435] do_syscall_64+0x3d/0x90 [ 175.980789][T12435] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 175.986769][T12435] RIP: 0033:0x4665e9 [ 175.990811][T12435] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 08:51:05 executing program 3 (fault-call:8 fault-nth:26): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:51:05 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x700000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 176.010835][T12435] RSP: 002b:00007f654f380188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 176.019435][T12435] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 176.027384][T12435] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006 [ 176.035354][T12435] RBP: 00007f654f3801d0 R08: 0000000000000000 R09: 0000000000000000 [ 176.043305][T12435] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 176.051254][T12435] R13: 00007fff92e1b66f R14: 00007f654f380300 R15: 0000000000022000 [ 176.127626][T12473] loop3: detected capacity change from 0 to 16 [ 176.140349][T12474] loop4: detected capacity change from 0 to 16 [ 176.141363][T12473] FAULT_INJECTION: forcing a failure. [ 176.141363][T12473] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 176.147495][T12477] loop5: detected capacity change from 0 to 16 [ 176.159768][T12473] CPU: 1 PID: 12473 Comm: syz-executor.3 Not tainted 5.14.0-rc6-syzkaller #0 [ 176.167691][T12478] loop2: detected capacity change from 0 to 16 [ 176.174682][T12473] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 176.191157][T12473] Call Trace: [ 176.194432][T12473] dump_stack_lvl+0xb7/0x103 [ 176.199019][T12473] dump_stack+0x11/0x1a [ 176.203203][T12473] should_fail+0x23c/0x250 [ 176.207656][T12473] __alloc_pages+0x102/0x320 [ 176.212262][T12473] alloc_pages+0x2e8/0x340 [ 176.216675][T12473] __page_cache_alloc+0x4d/0xf0 [ 176.221518][T12473] pagecache_get_page+0x5f4/0x900 [ 176.226542][T12473] grab_cache_page_write_begin+0x3f/0x70 [ 176.232217][T12473] cont_write_begin+0x501/0x850 [ 176.237090][T12473] fat_write_begin+0x61/0xf0 [ 176.241705][T12473] ? fat_block_truncate_page+0x30/0x30 [ 176.247155][T12473] generic_perform_write+0x196/0x3c0 [ 176.252432][T12473] ? fat_write_begin+0xf0/0xf0 [ 176.257199][T12473] __generic_file_write_iter+0x202/0x300 [ 176.262991][T12473] ? generic_write_checks+0x250/0x290 [ 176.268416][T12473] generic_file_write_iter+0x75/0x130 [ 176.273948][T12473] vfs_write+0x69d/0x770 [ 176.278176][T12473] ksys_write+0xce/0x180 [ 176.282504][T12473] __x64_sys_write+0x3e/0x50 [ 176.287162][T12473] do_syscall_64+0x3d/0x90 [ 176.291574][T12473] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 176.297543][T12473] RIP: 0033:0x4665e9 [ 176.301456][T12473] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 176.321345][T12473] RSP: 002b:00007f654f380188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 176.329817][T12473] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 176.337806][T12473] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006 [ 176.345773][T12473] RBP: 00007f654f3801d0 R08: 0000000000000000 R09: 0000000000000000 [ 176.354060][T12473] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 176.362103][T12473] R13: 00007fff92e1b66f R14: 00007f654f380300 R15: 0000000000022000 08:51:05 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8) splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0xb00) 08:51:05 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x800000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:51:05 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0x8000000, 0xf000) 08:51:05 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0x300, 0xf000) 08:51:05 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0xa00, 0xf000) 08:51:05 executing program 3 (fault-call:8 fault-nth:27): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:51:05 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x900000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 176.698294][T12509] loop3: detected capacity change from 0 to 16 [ 176.705803][T12510] loop2: detected capacity change from 0 to 16 [ 176.708988][T12513] loop5: detected capacity change from 0 to 16 [ 176.713608][T12514] loop4: detected capacity change from 0 to 16 [ 176.754740][T12509] FAULT_INJECTION: forcing a failure. [ 176.754740][T12509] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 176.768630][T12509] CPU: 1 PID: 12509 Comm: syz-executor.3 Not tainted 5.14.0-rc6-syzkaller #0 [ 176.777681][T12509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 176.787733][T12509] Call Trace: [ 176.791005][T12509] dump_stack_lvl+0xb7/0x103 [ 176.795833][T12509] dump_stack+0x11/0x1a [ 176.800095][T12509] should_fail+0x23c/0x250 [ 176.804516][T12509] __alloc_pages+0x102/0x320 [ 176.809212][T12509] kmem_getpages+0x1a/0xd0 [ 176.813729][T12509] cache_grow_begin+0x4c/0x1a0 [ 176.818505][T12509] cache_alloc_refill+0x326/0x3d0 [ 176.823615][T12509] kmem_cache_alloc+0x266/0x2e0 [ 176.828551][T12509] ? alloc_buffer_head+0x2f/0x190 [ 176.833927][T12509] alloc_buffer_head+0x2f/0x190 [ 176.838990][T12509] alloc_page_buffers+0x139/0x290 [ 176.844120][T12509] create_empty_buffers+0x2c/0x360 [ 176.849242][T12509] __block_write_begin_int+0x195/0x1060 08:51:05 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0xb00, 0xf000) [ 176.854815][T12509] ? add_to_page_cache_lru+0x150/0x1b0 [ 176.860341][T12509] ? fat_block_truncate_page+0x30/0x30 [ 176.866127][T12509] ? wait_for_stable_page+0x56/0x70 [ 176.871460][T12509] cont_write_begin+0x522/0x850 [ 176.876488][T12509] fat_write_begin+0x61/0xf0 [ 176.881062][T12509] ? fat_block_truncate_page+0x30/0x30 [ 176.886575][T12509] generic_perform_write+0x196/0x3c0 [ 176.891972][T12509] ? fat_write_begin+0xf0/0xf0 [ 176.896724][T12509] __generic_file_write_iter+0x202/0x300 [ 176.902473][T12509] ? generic_write_checks+0x250/0x290 [ 176.907845][T12509] generic_file_write_iter+0x75/0x130 [ 176.913303][T12509] vfs_write+0x69d/0x770 [ 176.917631][T12509] ksys_write+0xce/0x180 [ 176.921911][T12509] __x64_sys_write+0x3e/0x50 [ 176.927179][T12509] do_syscall_64+0x3d/0x90 [ 176.931678][T12509] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 176.937639][T12509] RIP: 0033:0x4665e9 [ 176.941527][T12509] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 176.961749][T12509] RSP: 002b:00007f654f380188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 176.970401][T12509] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 176.978474][T12509] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006 [ 176.986425][T12509] RBP: 00007f654f3801d0 R08: 0000000000000000 R09: 0000000000000000 [ 176.994376][T12509] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 08:51:05 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0x8800000, 0xf000) 08:51:05 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0x402, 0xf000) 08:51:05 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xa00000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:51:05 executing program 3 (fault-call:8 fault-nth:28): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) [ 177.002323][T12509] R13: 00007fff92e1b66f R14: 00007f654f380300 R15: 0000000000022000 [ 177.085251][T12554] loop5: detected capacity change from 0 to 16 [ 177.085403][T12555] loop4: detected capacity change from 0 to 16 [ 177.098735][T12558] loop3: detected capacity change from 0 to 16 [ 177.105469][T12559] loop2: detected capacity change from 0 to 16 [ 177.133003][T12558] FAULT_INJECTION: forcing a failure. [ 177.133003][T12558] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 177.146304][T12558] CPU: 0 PID: 12558 Comm: syz-executor.3 Not tainted 5.14.0-rc6-syzkaller #0 [ 177.155161][T12558] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 177.165220][T12558] Call Trace: [ 177.168598][T12558] dump_stack_lvl+0xb7/0x103 [ 177.173190][T12558] dump_stack+0x11/0x1a [ 177.177440][T12558] should_fail+0x23c/0x250 [ 177.181854][T12558] __alloc_pages+0x102/0x320 [ 177.186531][T12558] alloc_pages+0x2e8/0x340 [ 177.191296][T12558] __page_cache_alloc+0x4d/0xf0 [ 177.196160][T12558] pagecache_get_page+0x5f4/0x900 [ 177.201193][T12558] grab_cache_page_write_begin+0x3f/0x70 [ 177.206979][T12558] cont_write_begin+0x501/0x850 [ 177.211856][T12558] fat_write_begin+0x61/0xf0 [ 177.216446][T12558] ? fat_block_truncate_page+0x30/0x30 [ 177.222066][T12558] generic_perform_write+0x196/0x3c0 [ 177.227418][T12558] ? fat_write_begin+0xf0/0xf0 [ 177.232191][T12558] __generic_file_write_iter+0x202/0x300 [ 177.237836][T12558] ? generic_write_checks+0x250/0x290 [ 177.243311][T12558] generic_file_write_iter+0x75/0x130 [ 177.248885][T12558] vfs_write+0x69d/0x770 [ 177.253112][T12558] ksys_write+0xce/0x180 [ 177.257330][T12558] __x64_sys_write+0x3e/0x50 [ 177.261896][T12558] do_syscall_64+0x3d/0x90 [ 177.266344][T12558] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 177.272244][T12558] RIP: 0033:0x4665e9 [ 177.276255][T12558] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 177.295860][T12558] RSP: 002b:00007f654f380188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 177.304308][T12558] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 177.312309][T12558] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006 [ 177.320622][T12558] RBP: 00007f654f3801d0 R08: 0000000000000000 R09: 0000000000000000 [ 177.328616][T12558] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 177.336689][T12558] R13: 00007fff92e1b66f R14: 00007f654f380300 R15: 0000000000022000 08:51:06 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8) splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0xc00) 08:51:06 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xb00000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:51:06 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0xc00, 0xf000) 08:51:06 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0x406, 0xf000) 08:51:06 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0x9000000, 0xf000) 08:51:06 executing program 3 (fault-call:8 fault-nth:29): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) [ 177.569659][T12596] loop2: detected capacity change from 0 to 16 [ 177.576393][T12597] loop5: detected capacity change from 0 to 16 [ 177.589528][T12598] loop3: detected capacity change from 0 to 16 [ 177.591240][T12601] loop4: detected capacity change from 0 to 16 08:51:06 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0x500, 0xf000) 08:51:06 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xc00000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:51:06 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0xd00, 0xf000) [ 177.627987][T12598] FAULT_INJECTION: forcing a failure. [ 177.627987][T12598] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 177.641081][T12598] CPU: 1 PID: 12598 Comm: syz-executor.3 Not tainted 5.14.0-rc6-syzkaller #0 [ 177.649851][T12598] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 177.660010][T12598] Call Trace: [ 177.663288][T12598] dump_stack_lvl+0xb7/0x103 [ 177.667885][T12598] dump_stack+0x11/0x1a [ 177.672043][T12598] should_fail+0x23c/0x250 [ 177.676498][T12598] should_fail_usercopy+0x16/0x20 [ 177.681533][T12598] copy_page_from_iter_atomic+0x2c1/0xba0 [ 177.687299][T12598] ? fat_write_begin+0x61/0xf0 [ 177.692082][T12598] ? fat_block_truncate_page+0x30/0x30 [ 177.697647][T12598] ? fat_write_begin+0x79/0xf0 [ 177.702407][T12598] generic_perform_write+0x1df/0x3c0 [ 177.707721][T12598] ? fat_write_begin+0xf0/0xf0 [ 177.712525][T12598] __generic_file_write_iter+0x202/0x300 [ 177.718177][T12598] ? generic_write_checks+0x250/0x290 08:51:06 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0xa000000, 0xf000) [ 177.723641][T12598] generic_file_write_iter+0x75/0x130 [ 177.729082][T12598] vfs_write+0x69d/0x770 [ 177.733391][T12598] ksys_write+0xce/0x180 [ 177.737682][T12598] __x64_sys_write+0x3e/0x50 [ 177.742266][T12598] do_syscall_64+0x3d/0x90 [ 177.746665][T12598] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 177.752544][T12598] RIP: 0033:0x4665e9 [ 177.756415][T12598] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 08:51:06 executing program 3 (fault-call:8 fault-nth:30): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:51:06 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xd00000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 177.776258][T12598] RSP: 002b:00007f654f380188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 177.784875][T12598] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 177.792914][T12598] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006 [ 177.800864][T12598] RBP: 00007f654f3801d0 R08: 0000000000000000 R09: 0000000000000000 [ 177.808815][T12598] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 177.816865][T12598] R13: 00007fff92e1b66f R14: 00007f654f380300 R15: 0000000000022000 [ 177.886870][T12634] loop3: detected capacity change from 0 to 16 [ 177.894389][T12639] loop5: detected capacity change from 0 to 16 [ 177.910969][T12634] FAULT_INJECTION: forcing a failure. [ 177.910969][T12634] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 177.915564][T12642] loop2: detected capacity change from 0 to 16 [ 177.924244][T12634] CPU: 1 PID: 12634 Comm: syz-executor.3 Not tainted 5.14.0-rc6-syzkaller #0 [ 177.930619][T12643] loop4: detected capacity change from 0 to 16 [ 177.939108][T12634] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 177.939123][T12634] Call Trace: [ 177.939129][T12634] dump_stack_lvl+0xb7/0x103 [ 177.939151][T12634] dump_stack+0x11/0x1a [ 177.967453][T12634] should_fail+0x23c/0x250 [ 177.971876][T12634] __alloc_pages+0x102/0x320 [ 177.976553][T12634] alloc_pages+0x2e8/0x340 [ 177.980970][T12634] __page_cache_alloc+0x4d/0xf0 [ 177.985818][T12634] pagecache_get_page+0x5f4/0x900 [ 177.991621][T12634] grab_cache_page_write_begin+0x3f/0x70 [ 177.997319][T12634] cont_write_begin+0x501/0x850 [ 178.002162][T12634] fat_write_begin+0x61/0xf0 [ 178.006821][T12634] ? fat_block_truncate_page+0x30/0x30 [ 178.012270][T12634] generic_perform_write+0x196/0x3c0 [ 178.017601][T12634] ? fat_write_begin+0xf0/0xf0 [ 178.022359][T12634] __generic_file_write_iter+0x202/0x300 [ 178.028008][T12634] ? generic_write_checks+0x250/0x290 [ 178.033478][T12634] generic_file_write_iter+0x75/0x130 [ 178.038971][T12634] vfs_write+0x69d/0x770 [ 178.043317][T12634] ksys_write+0xce/0x180 [ 178.047641][T12634] __x64_sys_write+0x3e/0x50 [ 178.052248][T12634] do_syscall_64+0x3d/0x90 [ 178.056659][T12634] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 178.062570][T12634] RIP: 0033:0x4665e9 [ 178.066455][T12634] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 178.086063][T12634] RSP: 002b:00007f654f380188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 178.094458][T12634] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 178.102438][T12634] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006 [ 178.110393][T12634] RBP: 00007f654f3801d0 R08: 0000000000000000 R09: 0000000000000000 [ 178.118358][T12634] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 178.126311][T12634] R13: 00007fff92e1b66f R14: 00007f654f380300 R15: 0000000000022000 08:51:07 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8) splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0xd00) 08:51:07 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xe00000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:51:07 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0xb000000, 0xf000) 08:51:07 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0x600, 0xf000) 08:51:07 executing program 3 (fault-call:8 fault-nth:31): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:51:07 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0xe00, 0xf000) [ 178.422097][T12679] loop4: detected capacity change from 0 to 16 [ 178.428520][T12680] loop5: detected capacity change from 0 to 16 [ 178.432301][T12681] loop2: detected capacity change from 0 to 16 [ 178.440016][T12684] loop3: detected capacity change from 0 to 16 [ 178.444691][T12683] net_ratelimit: 24 callbacks suppressed [ 178.444766][T12683] IPv4: Oversized IP packet from 127.0.0.1 [ 178.458709][ C0] IPv4: Oversized IP packet from 127.0.0.1 [ 178.497900][T12684] FAULT_INJECTION: forcing a failure. [ 178.497900][T12684] name failslab, interval 1, probability 0, space 0, times 0 [ 178.510875][T12684] CPU: 1 PID: 12684 Comm: syz-executor.3 Not tainted 5.14.0-rc6-syzkaller #0 [ 178.519638][T12684] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 178.529768][T12684] Call Trace: [ 178.533049][T12684] dump_stack_lvl+0xb7/0x103 [ 178.537648][T12684] dump_stack+0x11/0x1a [ 178.541930][T12684] should_fail+0x23c/0x250 08:51:07 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0xc000000, 0xf000) 08:51:07 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0xf00, 0xf000) 08:51:07 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0x604, 0xf000) [ 178.546552][T12684] ? fat_cache_add+0x219/0x570 [ 178.551576][T12684] __should_failslab+0x81/0x90 [ 178.556412][T12684] should_failslab+0x5/0x20 [ 178.561121][T12684] kmem_cache_alloc+0x46/0x2e0 [ 178.565868][T12684] fat_cache_add+0x219/0x570 [ 178.570790][T12684] fat_get_cluster+0x58e/0x870 [ 178.575858][T12684] fat_get_mapped_cluster+0xd0/0x250 [ 178.581202][T12684] fat_bmap+0x258/0x290 [ 178.585438][T12684] fat_get_block+0x36d/0x5a0 [ 178.590031][T12684] __block_write_begin_int+0x4a2/0x1060 [ 178.595607][T12684] ? fat_block_truncate_page+0x30/0x30 [ 178.601045][T12684] ? wait_for_stable_page+0x56/0x70 [ 178.606745][T12684] cont_write_begin+0x522/0x850 [ 178.611781][T12684] fat_write_begin+0x61/0xf0 [ 178.616363][T12684] ? fat_block_truncate_page+0x30/0x30 [ 178.621927][T12684] generic_perform_write+0x196/0x3c0 [ 178.627196][T12684] ? fat_write_begin+0xf0/0xf0 [ 178.631953][T12684] __generic_file_write_iter+0x202/0x300 [ 178.637626][T12684] ? generic_write_checks+0x250/0x290 [ 178.643001][T12684] generic_file_write_iter+0x75/0x130 [ 178.648357][T12684] vfs_write+0x69d/0x770 [ 178.652578][T12684] ksys_write+0xce/0x180 [ 178.656853][T12684] __x64_sys_write+0x3e/0x50 [ 178.661524][T12684] do_syscall_64+0x3d/0x90 [ 178.666030][T12684] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 178.671913][T12684] RIP: 0033:0x4665e9 [ 178.675800][T12684] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 08:51:07 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xf00000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:51:07 executing program 3 (fault-call:8 fault-nth:32): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) [ 178.696257][T12684] RSP: 002b:00007f654f380188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 178.704649][T12684] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 178.712709][T12684] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006 [ 178.721007][T12684] RBP: 00007f654f3801d0 R08: 0000000000000000 R09: 0000000000000000 [ 178.728961][T12684] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 178.736917][T12684] R13: 00007fff92e1b66f R14: 00007f654f380300 R15: 0000000000022000 08:51:07 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x1000000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 178.776146][T12705] IPv4: Oversized IP packet from 127.0.0.1 [ 178.782255][ C1] IPv4: Oversized IP packet from 127.0.0.1 [ 178.837021][T12719] loop5: detected capacity change from 0 to 16 [ 178.838753][T12720] loop2: detected capacity change from 0 to 16 [ 178.848034][T12722] IPv4: Oversized IP packet from 127.0.0.1 [ 178.851203][T12721] loop3: detected capacity change from 0 to 16 [ 178.855941][ C0] IPv4: Oversized IP packet from 127.0.0.1 [ 178.863840][T12726] loop4: detected capacity change from 0 to 16 [ 178.890909][T12721] FAULT_INJECTION: forcing a failure. [ 178.890909][T12721] name failslab, interval 1, probability 0, space 0, times 0 [ 178.903710][T12721] CPU: 1 PID: 12721 Comm: syz-executor.3 Not tainted 5.14.0-rc6-syzkaller #0 [ 178.912597][T12721] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 178.923175][T12721] Call Trace: [ 178.926464][T12721] dump_stack_lvl+0xb7/0x103 [ 178.931053][T12721] dump_stack+0x11/0x1a [ 178.935217][T12721] should_fail+0x23c/0x250 [ 178.939906][T12721] ? fat_cache_add+0x219/0x570 [ 178.944679][T12721] __should_failslab+0x81/0x90 [ 178.949446][T12721] should_failslab+0x5/0x20 [ 178.953960][T12721] kmem_cache_alloc+0x46/0x2e0 [ 178.958739][T12721] fat_cache_add+0x219/0x570 [ 178.963332][T12721] fat_get_cluster+0x58e/0x870 [ 178.968115][T12721] fat_get_mapped_cluster+0xd0/0x250 [ 178.973435][T12721] fat_bmap+0x258/0x290 [ 178.977598][T12721] fat_get_block+0x36d/0x5a0 [ 178.982202][T12721] __block_write_begin_int+0x4a2/0x1060 [ 178.987761][T12721] ? fat_block_truncate_page+0x30/0x30 [ 178.993337][T12721] ? wait_for_stable_page+0x56/0x70 [ 178.998561][T12721] cont_write_begin+0x522/0x850 [ 179.003424][T12721] fat_write_begin+0x61/0xf0 [ 179.008129][T12721] ? fat_block_truncate_page+0x30/0x30 [ 179.013641][T12721] generic_perform_write+0x196/0x3c0 [ 179.018944][T12721] ? fat_write_begin+0xf0/0xf0 [ 179.023708][T12721] __generic_file_write_iter+0x202/0x300 [ 179.029409][T12721] ? generic_write_checks+0x250/0x290 [ 179.034841][T12721] generic_file_write_iter+0x75/0x130 [ 179.040226][T12721] vfs_write+0x69d/0x770 [ 179.044503][T12721] ksys_write+0xce/0x180 [ 179.048736][T12721] __x64_sys_write+0x3e/0x50 [ 179.053364][T12721] do_syscall_64+0x3d/0x90 [ 179.057897][T12721] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 179.063781][T12721] RIP: 0033:0x4665e9 [ 179.067833][T12721] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 179.087749][T12721] RSP: 002b:00007f654f380188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 179.096320][T12721] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 179.104378][T12721] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006 [ 179.112337][T12721] RBP: 00007f654f3801d0 R08: 0000000000000000 R09: 0000000000000000 [ 179.120289][T12721] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 179.128294][T12721] R13: 00007fff92e1b66f R14: 00007f654f380300 R15: 0000000000022000 08:51:08 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8) splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0xe00) 08:51:08 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x1008000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:51:08 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0x700, 0xf000) 08:51:08 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0xff6, 0xf000) 08:51:08 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0xd000000, 0xf000) 08:51:08 executing program 3 (fault-call:8 fault-nth:33): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) [ 179.297976][T12764] loop2: detected capacity change from 0 to 16 [ 179.308491][T12765] IPv4: Oversized IP packet from 127.0.0.1 [ 179.310418][T12766] loop3: detected capacity change from 0 to 16 [ 179.314364][ C0] IPv4: Oversized IP packet from 127.0.0.1 [ 179.324139][T12768] loop4: detected capacity change from 0 to 16 [ 179.332809][T12767] loop5: detected capacity change from 0 to 16 08:51:08 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0x1600, 0xf000) 08:51:08 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0x900, 0xf000) [ 179.347728][T12766] FAULT_INJECTION: forcing a failure. [ 179.347728][T12766] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 179.360801][T12766] CPU: 0 PID: 12766 Comm: syz-executor.3 Not tainted 5.14.0-rc6-syzkaller #0 [ 179.369564][T12766] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 179.379614][T12766] Call Trace: [ 179.382892][T12766] dump_stack_lvl+0xb7/0x103 [ 179.387512][T12766] dump_stack+0x11/0x1a [ 179.391761][T12766] should_fail+0x23c/0x250 [ 179.396186][T12766] should_fail_usercopy+0x16/0x20 [ 179.401355][T12766] copy_page_from_iter_atomic+0x2c1/0xba0 [ 179.407082][T12766] ? fat_write_begin+0x61/0xf0 [ 179.411888][T12766] ? fat_block_truncate_page+0x30/0x30 [ 179.417355][T12766] ? fat_write_begin+0x79/0xf0 [ 179.422138][T12766] generic_perform_write+0x1df/0x3c0 [ 179.427427][T12766] ? fat_write_begin+0xf0/0xf0 [ 179.432210][T12766] __generic_file_write_iter+0x202/0x300 [ 179.437852][T12766] ? generic_write_checks+0x250/0x290 [ 179.443232][T12766] generic_file_write_iter+0x75/0x130 08:51:08 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0xe000000, 0xf000) [ 179.448803][T12766] vfs_write+0x69d/0x770 [ 179.453053][T12766] ksys_write+0xce/0x180 [ 179.457390][T12766] __x64_sys_write+0x3e/0x50 [ 179.462075][T12766] do_syscall_64+0x3d/0x90 [ 179.466585][T12766] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 179.472482][T12766] RIP: 0033:0x4665e9 [ 179.476419][T12766] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 08:51:08 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x1100000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:51:08 executing program 3 (fault-call:8 fault-nth:34): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) [ 179.496132][T12766] RSP: 002b:00007f654f380188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 179.504663][T12766] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 179.512612][T12766] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006 [ 179.520615][T12766] RBP: 00007f654f3801d0 R08: 0000000000000000 R09: 0000000000000000 [ 179.528602][T12766] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 179.536554][T12766] R13: 00007fff92e1b66f R14: 00007f654f380300 R15: 0000000000022000 08:51:08 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x1200000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 179.574252][T12792] IPv4: Oversized IP packet from 127.0.0.1 [ 179.580242][ C0] IPv4: Oversized IP packet from 127.0.0.1 [ 179.642763][T12808] loop4: detected capacity change from 0 to 16 [ 179.643467][T12810] loop2: detected capacity change from 0 to 16 [ 179.651685][T12813] loop5: detected capacity change from 0 to 16 [ 179.659424][T12811] loop3: detected capacity change from 0 to 16 [ 179.684753][T12811] FAULT_INJECTION: forcing a failure. [ 179.684753][T12811] name failslab, interval 1, probability 0, space 0, times 0 [ 179.697505][T12811] CPU: 0 PID: 12811 Comm: syz-executor.3 Not tainted 5.14.0-rc6-syzkaller #0 [ 179.706264][T12811] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 179.716352][T12811] Call Trace: [ 179.719696][T12811] dump_stack_lvl+0xb7/0x103 [ 179.724290][T12811] dump_stack+0x11/0x1a [ 179.728486][T12811] should_fail+0x23c/0x250 [ 179.732926][T12811] ? mempool_alloc_slab+0x16/0x20 [ 179.737949][T12811] __should_failslab+0x81/0x90 [ 179.742831][T12811] should_failslab+0x5/0x20 [ 179.747358][T12811] kmem_cache_alloc+0x46/0x2e0 [ 179.752121][T12811] ? __brelse+0x2c/0x50 [ 179.756398][T12811] mempool_alloc_slab+0x16/0x20 [ 179.761244][T12811] ? mempool_free+0x130/0x130 [ 179.765945][T12811] mempool_alloc+0x8c/0x300 [ 179.770473][T12811] ? xas_find+0x1b0/0x3c0 [ 179.774812][T12811] bio_alloc_bioset+0xcc/0x480 [ 179.779585][T12811] ? bdev_write_page+0x82/0x130 [ 179.784448][T12811] __mpage_writepage+0xa40/0x1080 [ 179.789478][T12811] ? __mod_memcg_lruvec_state+0xa7/0x190 [ 179.795154][T12811] ? percpu_counter_add_batch+0x69/0xd0 [ 179.800747][T12811] write_cache_pages+0x4d7/0x810 [ 179.805748][T12811] ? mpage_writepages+0x120/0x120 [ 179.810903][T12811] ? fat_readpage+0x20/0x20 [ 179.815437][T12811] ? fat_block_truncate_page+0x30/0x30 [ 179.820921][T12811] mpage_writepages+0x6d/0x120 [ 179.825679][T12811] ? fat_block_truncate_page+0x30/0x30 [ 179.831160][T12811] fat_writepages+0x20/0x30 [ 179.835654][T12811] do_writepages+0x7b/0x150 [ 179.840269][T12811] ? generic_perform_write+0x34d/0x3c0 [ 179.845775][T12811] filemap_write_and_wait_range+0x20a/0x390 [ 179.851655][T12811] __generic_file_write_iter+0x231/0x300 [ 179.857598][T12811] ? generic_write_checks+0x250/0x290 [ 179.863036][T12811] generic_file_write_iter+0x75/0x130 [ 179.868478][T12811] vfs_write+0x69d/0x770 [ 179.872761][T12811] ksys_write+0xce/0x180 [ 179.876989][T12811] __x64_sys_write+0x3e/0x50 [ 179.881639][T12811] do_syscall_64+0x3d/0x90 [ 179.886115][T12811] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 179.892033][T12811] RIP: 0033:0x4665e9 [ 179.895970][T12811] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 179.916031][T12811] RSP: 002b:00007f654f380188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 179.924662][T12811] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9 [ 179.932806][T12811] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006 [ 179.940846][T12811] RBP: 00007f654f3801d0 R08: 0000000000000000 R09: 0000000000000000 [ 179.948905][T12811] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 179.957006][T12811] R13: 00007fff92e1b66f R14: 00007f654f380300 R15: 0000000000022000 08:51:09 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0xf000000, 0xf000) 08:51:09 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8) splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0xf00) 08:51:09 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x1800000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:51:09 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0xa00, 0xf000) 08:51:09 executing program 3 (fault-call:8 fault-nth:35): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:51:09 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0x1700, 0xf000) [ 180.182872][T12853] loop2: detected capacity change from 0 to 16 [ 180.189253][T12854] loop4: detected capacity change from 0 to 16 [ 180.189843][T12855] loop3: detected capacity change from 0 to 16 [ 180.195698][T12856] loop5: detected capacity change from 0 to 16 [ 180.218372][T12853] handle_bad_sector: 180 callbacks suppressed [ 180.218385][T12853] attempt to access beyond end of device 08:51:09 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x2000000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 180.218385][T12853] loop2: rw=2049, want=123, limit=16 [ 180.235328][T12853] buffer_io_error: 164 callbacks suppressed [ 180.235340][T12853] Buffer I/O error on dev loop2, logical block 122, lost async page write [ 180.241564][T12854] attempt to access beyond end of device [ 180.241564][T12854] loop4: rw=2049, want=124, limit=16 [ 180.271023][T12856] attempt to access beyond end of device [ 180.271023][T12856] loop5: rw=2049, want=123, limit=16 [ 180.281858][T12856] Buffer I/O error on dev loop5, logical block 122, lost async page write [ 180.282197][T12853] attempt to access beyond end of device [ 180.282197][T12853] loop2: rw=2049, want=124, limit=16 [ 180.301252][T12853] Buffer I/O error on dev loop2, logical block 123, lost async page write [ 180.304663][T12856] attempt to access beyond end of device [ 180.304663][T12856] loop5: rw=2049, want=124, limit=16 [ 180.320560][T12856] Buffer I/O error on dev loop5, logical block 123, lost async page write [ 180.327812][T12853] attempt to access beyond end of device [ 180.327812][T12853] loop2: rw=2049, want=125, limit=16 [ 180.332189][T12856] attempt to access beyond end of device [ 180.332189][T12856] loop5: rw=2049, want=125, limit=16 [ 180.339837][T12853] Buffer I/O error on dev loop2, logical block 124, lost async page write [ 180.350684][T12856] Buffer I/O error on dev loop5, logical block 124, lost async page write [ 180.366244][T12853] attempt to access beyond end of device [ 180.366244][T12853] loop2: rw=2049, want=126, limit=16 08:51:09 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0xfffffff, 0xf000) [ 180.370315][T12856] attempt to access beyond end of device [ 180.370315][T12856] loop5: rw=2049, want=126, limit=16 [ 180.378579][T12853] Buffer I/O error on dev loop2, logical block 125, lost async page write [ 180.389454][T12856] Buffer I/O error on dev loop5, logical block 125, lost async page write [ 180.389686][T12856] attempt to access beyond end of device [ 180.389686][T12856] loop5: rw=2049, want=127, limit=16 [ 180.417328][T12856] Buffer I/O error on dev loop5, logical block 126, lost async page write 08:51:09 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0xf000) 08:51:09 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0xb00, 0xf000) 08:51:09 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x2500000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 180.417701][T12853] Buffer I/O error on dev loop2, logical block 126, lost async page write 08:51:09 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0x1800, 0xf000) 08:51:09 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x4000000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 180.510869][T12898] loop4: detected capacity change from 0 to 16 [ 180.535999][T12903] loop5: detected capacity change from 0 to 16 [ 180.545588][T12906] loop2: detected capacity change from 0 to 16 [ 180.547368][T12904] loop3: detected capacity change from 0 to 16 08:51:09 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8) splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0xfe4) 08:51:09 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x4800000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:51:09 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0xc00, 0xf000) 08:51:09 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0x10000000, 0xf000) 08:51:09 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0x2, 0xf000) 08:51:09 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0x2000, 0xf000) 08:51:10 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0x3, 0xf000) 08:51:10 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x4c00000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 181.024619][T12935] loop4: detected capacity change from 0 to 16 [ 181.035743][T12939] loop2: detected capacity change from 0 to 16 [ 181.036987][T12944] loop3: detected capacity change from 0 to 16 [ 181.058375][T12943] loop5: detected capacity change from 0 to 16 08:51:10 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0x10e6af32, 0xf000) 08:51:10 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0xd00, 0xf000) 08:51:10 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0x2200, 0xf000) 08:51:10 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0x4, 0xf000) [ 181.107091][T12958] loop3: detected capacity change from 0 to 16 [ 181.160576][T12975] loop4: detected capacity change from 0 to 16 [ 181.180108][T12982] loop2: detected capacity change from 0 to 16 [ 181.187390][T12974] loop3: detected capacity change from 0 to 16 [ 181.199040][T12984] loop5: detected capacity change from 0 to 16 08:51:10 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8) splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x1100) 08:51:10 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x6000000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:51:10 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0x3f00, 0xf000) 08:51:10 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0x20000000, 0xf000) 08:51:10 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0x5, 0xf000) 08:51:10 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0xe00, 0xf000) 08:51:10 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x6400000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:51:10 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0x6, 0xf000) [ 181.897366][T13010] loop3: detected capacity change from 0 to 16 [ 181.904941][T13011] loop2: detected capacity change from 0 to 16 [ 181.912474][T13012] loop4: detected capacity change from 0 to 16 [ 181.913574][T13016] loop5: detected capacity change from 0 to 16 08:51:10 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x6800000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:51:10 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0xf00, 0xf000) 08:51:10 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0x4000, 0xf000) 08:51:10 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0x22000000, 0xf000) [ 182.013918][T13044] loop3: detected capacity change from 0 to 16 [ 182.031938][T13050] loop2: detected capacity change from 0 to 16 [ 182.039097][T13040] loop5: detected capacity change from 0 to 16 [ 182.046133][T13053] loop4: detected capacity change from 0 to 16 08:51:11 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x6c00000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:51:11 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0x7600, 0xf000) 08:51:11 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0xff6, 0xf000) 08:51:11 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0x32afe610, 0xf000) 08:51:11 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0x7, 0xf000) 08:51:11 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8) splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x1200) 08:51:11 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x7400000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 182.774587][T13082] loop2: detected capacity change from 0 to 16 [ 182.776085][T13081] loop4: detected capacity change from 0 to 16 [ 182.781037][T13084] loop5: detected capacity change from 0 to 16 [ 182.788584][T13083] loop3: detected capacity change from 0 to 16 08:51:11 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0x2000, 0xf000) 08:51:11 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0x8008, 0xf000) 08:51:11 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x7a00000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:51:11 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0x3f000000, 0xf000) 08:51:11 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0x8, 0xf000) [ 182.886969][T13105] loop5: detected capacity change from 0 to 16 [ 182.904805][T13118] loop2: detected capacity change from 0 to 16 [ 182.925427][T13124] loop3: detected capacity change from 0 to 16 08:51:11 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x97ffffff00000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 182.935959][T13123] loop4: detected capacity change from 0 to 16 08:51:12 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8) splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x2000) 08:51:12 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0x2200, 0xf000) 08:51:12 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0x9, 0xf000) 08:51:12 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0xeffd, 0xf000) 08:51:12 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xa50c000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:51:12 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0x40000000, 0xf000) 08:51:12 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0xa, 0xf000) [ 183.626043][T13153] net_ratelimit: 28 callbacks suppressed [ 183.626056][T13153] IPv4: Oversized IP packet from 127.0.0.1 [ 183.633527][T13154] loop2: detected capacity change from 0 to 16 [ 183.637646][ C0] IPv4: Oversized IP packet from 127.0.0.1 [ 183.644168][T13157] loop5: detected capacity change from 0 to 16 [ 183.649829][T13155] loop4: detected capacity change from 0 to 16 [ 183.662355][T13158] loop3: detected capacity change from 0 to 16 08:51:12 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0x6f000000, 0xf000) 08:51:12 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0xefff, 0xf000) 08:51:12 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xe000000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:51:12 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0x3f00, 0xf000) 08:51:12 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0xb, 0xf000) [ 183.747925][T13181] loop3: detected capacity change from 0 to 16 [ 183.755544][T13182] IPv4: Oversized IP packet from 127.0.0.1 [ 183.761428][ C0] IPv4: Oversized IP packet from 127.0.0.1 [ 183.775789][T13188] loop4: detected capacity change from 0 to 16 [ 183.779884][T13191] loop2: detected capacity change from 0 to 16 [ 183.830083][T13199] loop5: detected capacity change from 0 to 16 [ 183.867824][T13211] loop3: detected capacity change from 0 to 16 08:51:13 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8) splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x2500) 08:51:13 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xe803000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:51:13 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0xf000, 0xf000) 08:51:13 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0x75000000, 0xf000) 08:51:13 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0x4000, 0xf000) 08:51:13 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0xc, 0xf000) 08:51:13 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0x4c00, 0xf000) [ 184.521707][T13232] loop2: detected capacity change from 0 to 16 [ 184.529331][T13233] IPv4: Oversized IP packet from 127.0.0.1 [ 184.535192][ C1] IPv4: Oversized IP packet from 127.0.0.1 [ 184.542498][T13236] loop5: detected capacity change from 0 to 16 [ 184.545401][T13235] loop3: detected capacity change from 0 to 16 [ 184.561818][T13237] loop4: detected capacity change from 0 to 16 08:51:13 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0xf60f, 0xf000) 08:51:13 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xe8ff000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:51:13 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0xd, 0xf000) 08:51:13 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0x7f510100, 0xf000) 08:51:13 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0xfdef, 0xf000) [ 184.653555][T13259] IPv4: Oversized IP packet from 127.0.0.1 [ 184.659509][ C0] IPv4: Oversized IP packet from 127.0.0.1 [ 184.661309][T13265] loop2: detected capacity change from 0 to 16 [ 184.669710][T13264] loop5: detected capacity change from 0 to 16 [ 184.691816][T13266] loop3: detected capacity change from 0 to 16 [ 184.762953][T13283] loop4: detected capacity change from 0 to 16 [ 184.778417][T13291] loop2: detected capacity change from 0 to 16 08:51:14 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0) write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8) splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x2701) 08:51:14 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xf401000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:51:14 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0xe, 0xf000) 08:51:14 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0x4d00, 0xf000) 08:51:14 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0xff0f, 0xf000) 08:51:14 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0xca000000, 0xf000) [ 185.412343][T13316] loop2: detected capacity change from 0 to 16 [ 185.418862][T13317] loop4: detected capacity change from 0 to 16 [ 185.444285][T13316] handle_bad_sector: 224 callbacks suppressed [ 185.444298][T13316] attempt to access beyond end of device [ 185.444298][T13316] loop2: rw=2049, want=123, limit=16 [ 185.444845][T13323] loop5: detected capacity change from 0 to 16 [ 185.450453][T13316] buffer_io_error: 212 callbacks suppressed [ 185.450463][T13316] Buffer I/O error on dev loop2, logical block 122, lost async page write [ 185.466110][T13324] loop3: detected capacity change from 0 to 16 [ 185.473568][T13325] IPv4: Oversized IP packet from 127.0.0.1 [ 185.493900][ C0] IPv4: Oversized IP packet from 127.0.0.1 [ 185.503711][T13317] attempt to access beyond end of device [ 185.503711][T13317] loop4: rw=2049, want=124, limit=16 [ 185.533263][T13324] attempt to access beyond end of device [ 185.533263][T13324] loop3: rw=2049, want=123, limit=16 [ 185.536633][T13316] attempt to access beyond end of device [ 185.536633][T13316] loop2: rw=2049, want=124, limit=16 [ 185.544340][T13324] Buffer I/O error on dev loop3, logical block 122, lost async page write [ 185.555090][T13316] Buffer I/O error on dev loop2, logical block 123, lost async page write [ 185.569608][T13316] attempt to access beyond end of device [ 185.569608][T13316] loop2: rw=2049, want=125, limit=16 08:51:14 executing program 4: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0xcc000000, 0xf000) [ 185.573119][T13323] attempt to access beyond end of device [ 185.573119][T13323] loop5: rw=2049, want=123, limit=16 [ 185.583037][T13316] Buffer I/O error on dev loop2, logical block 124, lost async page write [ 185.585568][T13316] attempt to access beyond end of device [ 185.585568][T13316] loop2: rw=2049, want=126, limit=16 [ 185.593839][T13323] Buffer I/O error on dev loop5, logical block 122, lost async page write [ 185.594193][T13323] attempt to access beyond end of device [ 185.594193][T13323] loop5: rw=2049, want=124, limit=16 08:51:14 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xfcff000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) [ 185.602397][T13316] Buffer I/O error on dev loop2, logical block 125, lost async page write [ 185.613181][T13323] Buffer I/O error on dev loop5, logical block 123, lost async page write [ 185.622444][T13324] attempt to access beyond end of device [ 185.622444][T13324] loop3: rw=2049, want=124, limit=16 [ 185.633818][T13323] attempt to access beyond end of device [ 185.633818][T13323] loop5: rw=2049, want=125, limit=16 [ 185.641244][T13324] Buffer I/O error on dev loop3, logical block 123, lost async page write 08:51:14 executing program 2: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0xffef, 0xf000) 08:51:14 executing program 5: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r1, &(0x7f0000000200)=0x4e00, 0xf000) 08:51:14 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xffff000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10) 08:51:14 executing program 3: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5) set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200)=0xf, 0xf000) [ 185.651475][T13324] Buffer I/O error on dev loop3, logical block 124, lost async page write [ 185.660696][T13323] Buffer I/O error on dev loop5, logical block 124, lost async page write [ 185.755090][T13359] loop4: detected capacity change from 0 to 16 [ 185.786241][T13368] ==================================================================