59536926495d56248c6afd09d7babe07a62626dd00e82bc93099a24f85b86b9c911e8763d56bcac2410f8e9139f77df9aae4b9b9079a318c6d858a6e6b7f9ba3c98f1cbd2923bd16b90", 0x1000)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  122.165940][ T8549] loop3: detected capacity change from 0 to 16
[  122.185519][ T8556] FAT-fs (loop5): bogus number of reserved sectors
[  122.192075][ T8556] FAT-fs (loop5): Can't find a valid FAT filesystem
[  122.207663][ T8561] loop4: detected capacity change from 0 to 16
[  122.259759][ T8569] FAT-fs (loop2): bogus number of reserved sectors
[  122.266295][ T8569] FAT-fs (loop2): Can't find a valid FAT filesystem
08:50:11 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005b0"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x0)

08:50:11 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:11 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), 0x0, 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:50:11 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:50:11 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x16, &(0x7f0000000280)="5f579ed79400a9c94fd8af556f2cb0453f46823f62428604e722ea22e3d2adb04cd5e1ac63bc76c984c9ae0036529ee534505051a0c1d70bcbe616385fd4a0e1e3953d2afcb5da8bef8f2dff4591ed13471d61ccba1997686490be5a9e8d5fd701e7cf1360ff0ddeb54b63cd83ef47dfee396e16da79fdb6bd7d51accf5517c4fad6ad29b6736ff820e6f1c96c10c0cc9484ac4f217468bb00db28e231029100c67d3e9443df9262a4e30862f9ac31ebde4664baab5c7b95f677eecfa9269442f2b05b1d74ffb705f71089bd934aa275b54c277db5d0b7e0c8f5c305ccdc60d8f88dac0b8eb57ee141d08d7a90bd145a9396248cc1f6ea6c6c0bc1327fd77934ea5ef93bbec3a49ef8eb87f3160c436b2b5e0b4581c9f0851123a3632e19cde75f16ba683172139eda87314518bf5f577bd1a579c183e26b4a1f12ee0b1c5cba97f1e69348a53afa56e93cc0dad5da9363a6e06d3109c4a4a54a5cbfc3d460d837ab1e38ac4cf71711dcf57f9cb0ce01dfc74c370ea40c2524ba930563f602cf603702a95083db3d762219c6a0e63533ca3fe1e8df336c43649d7e1e55ac5263627f8c0557024b6df89ffe6f07162f6dbcb3cf12071922e15fda068943909ebd158fed261beded5d03e3a271899ecafd74b5932918f336926ab4e801cd17b0bdc4c5ba9258f3471cb9292b00fb87d427c225ce941b6f47e656d12951fcbb04a85e9b913322be649e26ac1ca63816796bf149e88eaa48b8a034c93075467b20e317fcc0a1c20f6cb6288005b50f155217037c7750df484b0e393350978d78e8518402bfea892e455d1380a4a3418d336bac19cc839167736ead4e15af72b0103aea017d756edbd3147c55a0ccec74199f1eb9eb817a3351df39fbffd85149601ad7c074aff3856e90eed3bbca5702db3620b089a36b278ea7238d5a799b41c818c90869de9db9be5cd2919cc4b043bf9a80c34b461eef6ab0feb7fa9dfc67ee30548bc7301115f8d82dc2a88a798a708df684a5c7a018a4abda559072c6a163c4d321df4a9d88ec57785b7e54118ee445427015db07c1ae47f7e10b5d038d889ba401ba1273add2ebca5f3422fd2da6e3efc3563d8f9e545b16147cc6cccc586b1c4d665d8e624db0b1be87c4bfe8f1d6303e7975727aef35aceb85d2916fee4ba5af8705065e2a8ddec6ade155a1d27ce8a98f80e1739bb268d4b3247bbac21ecaa5558b4635056b5935422bbcb51b3b98f647ff3e5f61e43720b8cee5b95b78b6d9211cf38ed12b676b411797b1a1dbeb7d3a3633d6f1b8af01c2c6e6b4bc73280743d148a621e5915f4e344f75d42bbfaa769be8625e64a72f516098101bf7459ffbf89316067b8df337964dca69cdf8a1c2d6d51e3a1c92c0c80b807b5ad0c5f92df54b7b551acdf41c3058fbd52d03b50abe7e0acb50f4f77ad30164f146c4ce766cde532ea7e7f650137332fa444f7414c22c968f32c6d0e977b39ceabb72dcea722a7dfb583fb885066496cacc20af767f50c5f4b86499c054db70a6b59bead1d269b997a85fd7eb81596696b0717443a3754d45815f0718a99c594a311879ddb23e4611c15f857aeb3af425b367b23300d3ffd63a3589aa89a7dd9933375897090eab1589653dd5c7e437d15ef42e2901653f9d0b5eb802ce90800326deaa68c3647933043954a403531a1f698df58bd439bb14cf34a60fc1e55fafbf2d3c1fe476bb76dbb948fb3dd4b1b03ab03120762be4f540778ccb89e0aee5418e6c51b65c43ae29f04d8b200d5cb27a804e9c981dda2278a8276db77121139f366d94a7783d669ee190bb2b16c1fe72091014945b48042c5fe1944d7b62634fd016a526d7246ebcf56e5b6201232ae13f18a48a8ace28d6add02a4ca7c85b9eee00fa13073c1c6c13e3eed2e2bfb5e826b1c6d99318018e896b35ee0ee2013bb22b86b75148390fe0932a15d6433d39f56eb66c5093a227d6db4c46b893604100ce0fc16221af87f9bc4e6a7198b3ca71b1ce0984fee1c174ea106736d283760e7c332f5f90cd7bd20b99587062fcebcf6e2b4936002b9cd9ec781fbd1539ea0ee280d20a3f276d0576d2cb77009b47b5743c5e43d8a0aefb7216e0f72f2a6713d24e1405fd105cabb8a3633b828ad0bec8a2858d4dfb5e2bb21472d5cacfdb81c420e53e3fc0b3d8f65cbc2c464dd349ac087c09d6a10ece32f0533c32b844110508a8ab62c491209678e117e4305bf193ed7a441241007dbd7adcde5bf4efda6d0def06e0e9f6cac90183477cf55e54f8be781ed28c10638eb6f036d40679b69c1da42cc2bfe885da7fa921092651b0c6eeb34de07a00e0ca0adeb2c1feb015dfe0e0ea4bebe1e05be2b1dd836081f1774d608757d91421b91029db174e4fb5428437c31ba64099606b69cdcd83f4ea511fa97da4112c83eab436b1ba941465ac206a8f48c18a2253d7b314e3c8a19d42e254d1e0795cf6b0007aa81034d29f4d7e4a0a596105ecd139fa18c88e1f953dd4b454a2096e14ae8733e33ea8697b268c07fec15234b2cfb5678cf4345cd00c9959a0520ff45ae7b7411cdc067a1069907f3780b15b56c96fc505ec6c6975327c348ca0a23c1deb1f5890fc25bec8424949bdf23c314e08de883891d6753e77052bca2959911d378173a45b1b2ccce8a036b585716da11fb9cdb135460f8acb3179ed30ef1eca1927fa0b8458f66755ecc5d7bb9d706e3b2d0c01dca23ec8ba696baf132199b20aa8897938214f81ec8a549ca3c3edf70f8cf3e9900074007b1c184fc4aa30abce4f7a4bcf083520710970f2b7b4f2c0ad008b7aeff389831c1970fd317097666e9a90467425c96fad04457580677218441b71125bdba5846d570348eb1bd6effc3870cd9c3f9c9bc96d3444211ddc7aae06f796df2a78d7a670c2072a5d2b212aef737dc6df423f50dea398c7bf146b2db22e42b723bbef4cc8d457d72eaccd6daa67f43054803cc44781319cfd4df5c14e5ada1acde4876bc8d797b95067e4627ab353086c57395e5c446a8add31887af4aeb9f22e65d8d565a90d57933fa09273f500697a58149273dcdbb2c20fb542fa3fde3be0498954d030d819bc1a2de9180b68f6cc7dacd6aa704c9809eb63b38eef066f9776483f65a92729b4277baeffc3c8ef0ab6111e2049da0fad2f0b2b7771837220b8fc0e2457516db794bccb8cb34d799f096964fd04bce91350f348207813a6f51640bc0d8b9c4f95892c296ef68961ab90e809a51a1eef2cb4365b66063d50902aeeba73ead9564da1c62fe5b8b12bf49024f710ff0bc9b5807ff9dd045746677c8522a4b0841224b6c56ba75a3f768ac3096e97d22db9dc1b7d0668c32f834feabd10789b233b0b11fc7cf531998383490b1372c798e9ee02379aca07a887653c64d3b8fd96797e371940bc108abf6c3ecf69549d2abeb2ea09105778e26cd3f08b90c7007c7eeedffad59b8b3c04faa88cd39d8e23154b0b230c71519d3e6b0af4b1017499a6292723e426334b229b635fe8761a2e99965646357cb1f80eff948142970d7aca2e7748322583f5dc68880de9d4fc13eedd26cfe9d78e90efb868c3d2d0ac18dd82c55b9bd299b035f67603cb11a92f603c8c98b81c588789d5ab0b0421f4dec920d88386d5b2d64586b19bf72b65a28d480d4ec7ba5fa7a4b577ac3e670e307b601bef1a8924787c0fd72989671a30ec843cfbe0ddbab61b1c0e316071e0bd488fcc17b677355f6f1feab32a44bcbc411786c002738c11c4fb5af07bd679f1f6150f2d270d48cd87caa58d437651c4568dea65cb6ffec7ae7b5c8b973dac75586b7f57b3774ca836ed0fb4d212f89c79cce4a1493076a509e9811355aa3447747d2f6d9dbfc4590996a56951f66bfe76d7b2a11893e02579887338c4928372c1d837e9b92a7c1b73671427f51f73c03cd9e3ba437204bed525f2ddde1aac15cf090b10e7f540845c6d643e6d421c4421c9e578e98bd80847ac3eb6687438d2e388b83a987be5479140e7ca2c4dfc038bf82b03faf75924f7fe82bfbf4f7cd25a2105d8db7b07d847ad1edca94323f744cc54640f929dcb6e93509336150469c575b16669d6671b61ab0418d67a90d0eafdc6287ebcb486ef990da526151d1309e2deb5a5ba25b705552052017ae242a77694080b2c648e35044fc731f3fa63e90c52550c26af75517285ca22696b655274e986c076a6cff721ab202c6d3634a88bc860967bc9fa2853f595851c421e3677b4c938a5684cbf45fb78214e8ce47dadf1f25e281ea092b857dd8d61bc4224ace14741320ce9ee63f2a5eef59cf1af1cd4b856ceae09b87eb2c67b6c3dc160da2c178138927eef6762163fe1dcc26e49edca9e1dd6fba3ab0b262d83a2d26939ceedb64974f34726c22a6139c7c63103415e287ded358d7f0b6c93bc626baf81f0efb0690bf790af70f1ac565b01790927ef36a942d3c1e4961ba5e04465a5520e6982c25df1f10db7093aca5959f0c2804cfd3093fa0ca03405d08cb8aa5c1731a6700462c96c7d015fb90fab5da3c366af9230a4e19e0c2dd92f4c24e7e825083332c6dcca9160a3e53c0227b4f41e8b9ffdf5d515efe2d4d665e92a774b2e4bcad4228c8ef58343706cff0e393345a4dcd78073ef1664d23eef7313e3726713bc625cf0cc1bee43ee1a39d615ada40495be8ddb43d6fe18c5b7e79216bd93bd1ee8cd74b8f23a910770b0b4b13e9048cad746929c1594d0b30cabe0529a20eb055e7f42508317e3cfb9b0f564aaa02288173265e75b5b4eb749d4fa04a015be84d02c3cc25b805cea8640d13275ba91d8e5f0ed6865f4eede33c99b7dcb5f81117a0fb18a7fff9bfe90deb327ed5d8da6e56809ef31d8d7e35736cee5521cc57b4356558af88f60f4554d5e12cc61f00c2177ddaa778a5aaba2dd07ef29f72775412ffb1374eea064ee33b5ea5c998b720999e23e7596797960ccd212b1ba46095cb17cc5affd87fbeb82fc345a2ae3f185f9da92e316d545eb4e42b5afc84eb0083c0ea8f4652c0432ead6fcf0c5bd1fe311d2423ea1b96658869f2889962ac40b655dd364811e4433ed1b3ba185f35499b2c79c0be7d01724b3ceea29f35a80703f9352e2100df201998f5d008b13492e7c1fd408dbf4713175f319118ce763ba241c534b4e003cade6c6a92075ce14537e36f5410d46d856c401320ca2d21211786fddcfc70a2ebf108c09c6b92a202e510b55358a26c88232b01d61bc4b43f0595b5015f302391d1ffd00e8937aeef9308ce30904fbf3b0b7b90e93bd51a1762d6f6d59e87b0701fddf80f951e75e1e8403bcf80a09454533995b3c6a030e34678bd34c2da0b344ba25c3d43207443aefab8866e3025887a42d584b8bd053f5e8c34610e5758f5497ace6781677e0e0ad1dadb5213f5b5156d1bf21f8f8efe6c0dc64a2e286f568803a9447143527bae17b4db53957832e5d646769ed50c8772641bd204f583c1732ed0230cdd03201e32fa9b7b54ffc65147c02c5134875a61f493bc34cca0fab088aa0bd1521a6f19568f2526314b7243ffc833cde93b6e2c7372830d315b7880b7640c3556da959a4148572a07b17d9a062272ab2bf88a070a18e6c195ae07977975bbd844462765541b7ac63ab4c0e17239e16a7174b1b36f3e76366ee813482e92ec9259536926495d56248c6afd09d7babe07a62626dd00e82bc93099a24f85b86b9c911e8763d56bcac2410f8e9139f77df9aae4b9b9079a318c6d858a6e6b7f9ba3c98f1cbd2923bd16b90", 0x1000)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:11 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:11 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x16, &(0x7f0000000280)="5f579ed79400a9c94fd8af556f2cb0453f46823f62428604e722ea22e3d2adb04cd5e1ac63bc76c984c9ae0036529ee534505051a0c1d70bcbe616385fd4a0e1e3953d2afcb5da8bef8f2dff4591ed13471d61ccba1997686490be5a9e8d5fd701e7cf1360ff0ddeb54b63cd83ef47dfee396e16da79fdb6bd7d51accf5517c4fad6ad29b6736ff820e6f1c96c10c0cc9484ac4f217468bb00db28e231029100c67d3e9443df9262a4e30862f9ac31ebde4664baab5c7b95f677eecfa9269442f2b05b1d74ffb705f71089bd934aa275b54c277db5d0b7e0c8f5c305ccdc60d8f88dac0b8eb57ee141d08d7a90bd145a9396248cc1f6ea6c6c0bc1327fd77934ea5ef93bbec3a49ef8eb87f3160c436b2b5e0b4581c9f0851123a3632e19cde75f16ba683172139eda87314518bf5f577bd1a579c183e26b4a1f12ee0b1c5cba97f1e69348a53afa56e93cc0dad5da9363a6e06d3109c4a4a54a5cbfc3d460d837ab1e38ac4cf71711dcf57f9cb0ce01dfc74c370ea40c2524ba930563f602cf603702a95083db3d762219c6a0e63533ca3fe1e8df336c43649d7e1e55ac5263627f8c0557024b6df89ffe6f07162f6dbcb3cf12071922e15fda068943909ebd158fed261beded5d03e3a271899ecafd74b5932918f336926ab4e801cd17b0bdc4c5ba9258f3471cb9292b00fb87d427c225ce941b6f47e656d12951fcbb04a85e9b913322be649e26ac1ca63816796bf149e88eaa48b8a034c93075467b20e317fcc0a1c20f6cb6288005b50f155217037c7750df484b0e393350978d78e8518402bfea892e455d1380a4a3418d336bac19cc839167736ead4e15af72b0103aea017d756edbd3147c55a0ccec74199f1eb9eb817a3351df39fbffd85149601ad7c074aff3856e90eed3bbca5702db3620b089a36b278ea7238d5a799b41c818c90869de9db9be5cd2919cc4b043bf9a80c34b461eef6ab0feb7fa9dfc67ee30548bc7301115f8d82dc2a88a798a708df684a5c7a018a4abda559072c6a163c4d321df4a9d88ec57785b7e54118ee445427015db07c1ae47f7e10b5d038d889ba401ba1273add2ebca5f3422fd2da6e3efc3563d8f9e545b16147cc6cccc586b1c4d665d8e624db0b1be87c4bfe8f1d6303e7975727aef35aceb85d2916fee4ba5af8705065e2a8ddec6ade155a1d27ce8a98f80e1739bb268d4b3247bbac21ecaa5558b4635056b5935422bbcb51b3b98f647ff3e5f61e43720b8cee5b95b78b6d9211cf38ed12b676b411797b1a1dbeb7d3a3633d6f1b8af01c2c6e6b4bc73280743d148a621e5915f4e344f75d42bbfaa769be8625e64a72f516098101bf7459ffbf89316067b8df337964dca69cdf8a1c2d6d51e3a1c92c0c80b807b5ad0c5f92df54b7b551acdf41c3058fbd52d03b50abe7e0acb50f4f77ad30164f146c4ce766cde532ea7e7f650137332fa444f7414c22c968f32c6d0e977b39ceabb72dcea722a7dfb583fb885066496cacc20af767f50c5f4b86499c054db70a6b59bead1d269b997a85fd7eb81596696b0717443a3754d45815f0718a99c594a311879ddb23e4611c15f857aeb3af425b367b23300d3ffd63a3589aa89a7dd9933375897090eab1589653dd5c7e437d15ef42e2901653f9d0b5eb802ce90800326deaa68c3647933043954a403531a1f698df58bd439bb14cf34a60fc1e55fafbf2d3c1fe476bb76dbb948fb3dd4b1b03ab03120762be4f540778ccb89e0aee5418e6c51b65c43ae29f04d8b200d5cb27a804e9c981dda2278a8276db77121139f366d94a7783d669ee190bb2b16c1fe72091014945b48042c5fe1944d7b62634fd016a526d7246ebcf56e5b6201232ae13f18a48a8ace28d6add02a4ca7c85b9eee00fa13073c1c6c13e3eed2e2bfb5e826b1c6d99318018e896b35ee0ee2013bb22b86b75148390fe0932a15d6433d39f56eb66c5093a227d6db4c46b893604100ce0fc16221af87f9bc4e6a7198b3ca71b1ce0984fee1c174ea106736d283760e7c332f5f90cd7bd20b99587062fcebcf6e2b4936002b9cd9ec781fbd1539ea0ee280d20a3f276d0576d2cb77009b47b5743c5e43d8a0aefb7216e0f72f2a6713d24e1405fd105cabb8a3633b828ad0bec8a2858d4dfb5e2bb21472d5cacfdb81c420e53e3fc0b3d8f65cbc2c464dd349ac087c09d6a10ece32f0533c32b844110508a8ab62c491209678e117e4305bf193ed7a441241007dbd7adcde5bf4efda6d0def06e0e9f6cac90183477cf55e54f8be781ed28c10638eb6f036d40679b69c1da42cc2bfe885da7fa921092651b0c6eeb34de07a00e0ca0adeb2c1feb015dfe0e0ea4bebe1e05be2b1dd836081f1774d608757d91421b91029db174e4fb5428437c31ba64099606b69cdcd83f4ea511fa97da4112c83eab436b1ba941465ac206a8f48c18a2253d7b314e3c8a19d42e254d1e0795cf6b0007aa81034d29f4d7e4a0a596105ecd139fa18c88e1f953dd4b454a2096e14ae8733e33ea8697b268c07fec15234b2cfb5678cf4345cd00c9959a0520ff45ae7b7411cdc067a1069907f3780b15b56c96fc505ec6c6975327c348ca0a23c1deb1f5890fc25bec8424949bdf23c314e08de883891d6753e77052bca2959911d378173a45b1b2ccce8a036b585716da11fb9cdb135460f8acb3179ed30ef1eca1927fa0b8458f66755ecc5d7bb9d706e3b2d0c01dca23ec8ba696baf132199b20aa8897938214f81ec8a549ca3c3edf70f8cf3e9900074007b1c184fc4aa30abce4f7a4bcf083520710970f2b7b4f2c0ad008b7aeff389831c1970fd317097666e9a90467425c96fad04457580677218441b71125bdba5846d570348eb1bd6effc3870cd9c3f9c9bc96d3444211ddc7aae06f796df2a78d7a670c2072a5d2b212aef737dc6df423f50dea398c7bf146b2db22e42b723bbef4cc8d457d72eaccd6daa67f43054803cc44781319cfd4df5c14e5ada1acde4876bc8d797b95067e4627ab353086c57395e5c446a8add31887af4aeb9f22e65d8d565a90d57933fa09273f500697a58149273dcdbb2c20fb542fa3fde3be0498954d030d819bc1a2de9180b68f6cc7dacd6aa704c9809eb63b38eef066f9776483f65a92729b4277baeffc3c8ef0ab6111e2049da0fad2f0b2b7771837220b8fc0e2457516db794bccb8cb34d799f096964fd04bce91350f348207813a6f51640bc0d8b9c4f95892c296ef68961ab90e809a51a1eef2cb4365b66063d50902aeeba73ead9564da1c62fe5b8b12bf49024f710ff0bc9b5807ff9dd045746677c8522a4b0841224b6c56ba75a3f768ac3096e97d22db9dc1b7d0668c32f834feabd10789b233b0b11fc7cf531998383490b1372c798e9ee02379aca07a887653c64d3b8fd96797e371940bc108abf6c3ecf69549d2abeb2ea09105778e26cd3f08b90c7007c7eeedffad59b8b3c04faa88cd39d8e23154b0b230c71519d3e6b0af4b1017499a6292723e426334b229b635fe8761a2e99965646357cb1f80eff948142970d7aca2e7748322583f5dc68880de9d4fc13eedd26cfe9d78e90efb868c3d2d0ac18dd82c55b9bd299b035f67603cb11a92f603c8c98b81c588789d5ab0b0421f4dec920d88386d5b2d64586b19bf72b65a28d480d4ec7ba5fa7a4b577ac3e670e307b601bef1a8924787c0fd72989671a30ec843cfbe0ddbab61b1c0e316071e0bd488fcc17b677355f6f1feab32a44bcbc411786c002738c11c4fb5af07bd679f1f6150f2d270d48cd87caa58d437651c4568dea65cb6ffec7ae7b5c8b973dac75586b7f57b3774ca836ed0fb4d212f89c79cce4a1493076a509e9811355aa3447747d2f6d9dbfc4590996a56951f66bfe76d7b2a11893e02579887338c4928372c1d837e9b92a7c1b73671427f51f73c03cd9e3ba437204bed525f2ddde1aac15cf090b10e7f540845c6d643e6d421c4421c9e578e98bd80847ac3eb6687438d2e388b83a987be5479140e7ca2c4dfc038bf82b03faf75924f7fe82bfbf4f7cd25a2105d8db7b07d847ad1edca94323f744cc54640f929dcb6e93509336150469c575b16669d6671b61ab0418d67a90d0eafdc6287ebcb486ef990da526151d1309e2deb5a5ba25b705552052017ae242a77694080b2c648e35044fc731f3fa63e90c52550c26af75517285ca22696b655274e986c076a6cff721ab202c6d3634a88bc860967bc9fa2853f595851c421e3677b4c938a5684cbf45fb78214e8ce47dadf1f25e281ea092b857dd8d61bc4224ace14741320ce9ee63f2a5eef59cf1af1cd4b856ceae09b87eb2c67b6c3dc160da2c178138927eef6762163fe1dcc26e49edca9e1dd6fba3ab0b262d83a2d26939ceedb64974f34726c22a6139c7c63103415e287ded358d7f0b6c93bc626baf81f0efb0690bf790af70f1ac565b01790927ef36a942d3c1e4961ba5e04465a5520e6982c25df1f10db7093aca5959f0c2804cfd3093fa0ca03405d08cb8aa5c1731a6700462c96c7d015fb90fab5da3c366af9230a4e19e0c2dd92f4c24e7e825083332c6dcca9160a3e53c0227b4f41e8b9ffdf5d515efe2d4d665e92a774b2e4bcad4228c8ef58343706cff0e393345a4dcd78073ef1664d23eef7313e3726713bc625cf0cc1bee43ee1a39d615ada40495be8ddb43d6fe18c5b7e79216bd93bd1ee8cd74b8f23a910770b0b4b13e9048cad746929c1594d0b30cabe0529a20eb055e7f42508317e3cfb9b0f564aaa02288173265e75b5b4eb749d4fa04a015be84d02c3cc25b805cea8640d13275ba91d8e5f0ed6865f4eede33c99b7dcb5f81117a0fb18a7fff9bfe90deb327ed5d8da6e56809ef31d8d7e35736cee5521cc57b4356558af88f60f4554d5e12cc61f00c2177ddaa778a5aaba2dd07ef29f72775412ffb1374eea064ee33b5ea5c998b720999e23e7596797960ccd212b1ba46095cb17cc5affd87fbeb82fc345a2ae3f185f9da92e316d545eb4e42b5afc84eb0083c0ea8f4652c0432ead6fcf0c5bd1fe311d2423ea1b96658869f2889962ac40b655dd364811e4433ed1b3ba185f35499b2c79c0be7d01724b3ceea29f35a80703f9352e2100df201998f5d008b13492e7c1fd408dbf4713175f319118ce763ba241c534b4e003cade6c6a92075ce14537e36f5410d46d856c401320ca2d21211786fddcfc70a2ebf108c09c6b92a202e510b55358a26c88232b01d61bc4b43f0595b5015f302391d1ffd00e8937aeef9308ce30904fbf3b0b7b90e93bd51a1762d6f6d59e87b0701fddf80f951e75e1e8403bcf80a09454533995b3c6a030e34678bd34c2da0b344ba25c3d43207443aefab8866e3025887a42d584b8bd053f5e8c34610e5758f5497ace6781677e0e0ad1dadb5213f5b5156d1bf21f8f8efe6c0dc64a2e286f568803a9447143527bae17b4db53957832e5d646769ed50c8772641bd204f583c1732ed0230cdd03201e32fa9b7b54ffc65147c02c5134875a61f493bc34cca0fab088aa0bd1521a6f19568f2526314b7243ffc833cde93b6e2c7372830d315b7880b7640c3556da959a4148572a07b17d9a062272ab2bf88a070a18e6c195ae07977975bbd844462765541b7ac63ab4c0e17239e16a7174b1b36f3e76366ee813482e92ec9259536926495d56248c6afd09d7babe07a62626dd00e82bc93099a24f85b86b9c911e8763d56bcac2410f8e9139f77df9aae4b9b9079a318c6d858a6e6b7f9ba3c98f1cbd2923bd16b90", 0x1000)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:11 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000200), 0xf000)

[  122.910113][ T8590] loop3: detected capacity change from 0 to 16
[  122.914848][ T8588] FAT-fs (loop2): bogus number of reserved sectors
[  122.916582][ T8589] loop4: detected capacity change from 0 to 16
[  122.922842][ T8588] FAT-fs (loop2): Can't find a valid FAT filesystem
[  122.933985][ T8592] FAT-fs (loop5): bogus number of reserved sectors
[  122.942652][ T8592] FAT-fs (loop5): Can't find a valid FAT filesystem
08:50:11 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:11 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000200), 0xf000)

08:50:11 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x16, &(0x7f0000000280)="5f579ed79400a9c94fd8af556f2cb0453f46823f62428604e722ea22e3d2adb04cd5e1ac63bc76c984c9ae0036529ee534505051a0c1d70bcbe616385fd4a0e1e3953d2afcb5da8bef8f2dff4591ed13471d61ccba1997686490be5a9e8d5fd701e7cf1360ff0ddeb54b63cd83ef47dfee396e16da79fdb6bd7d51accf5517c4fad6ad29b6736ff820e6f1c96c10c0cc9484ac4f217468bb00db28e231029100c67d3e9443df9262a4e30862f9ac31ebde4664baab5c7b95f677eecfa9269442f2b05b1d74ffb705f71089bd934aa275b54c277db5d0b7e0c8f5c305ccdc60d8f88dac0b8eb57ee141d08d7a90bd145a9396248cc1f6ea6c6c0bc1327fd77934ea5ef93bbec3a49ef8eb87f3160c436b2b5e0b4581c9f0851123a3632e19cde75f16ba683172139eda87314518bf5f577bd1a579c183e26b4a1f12ee0b1c5cba97f1e69348a53afa56e93cc0dad5da9363a6e06d3109c4a4a54a5cbfc3d460d837ab1e38ac4cf71711dcf57f9cb0ce01dfc74c370ea40c2524ba930563f602cf603702a95083db3d762219c6a0e63533ca3fe1e8df336c43649d7e1e55ac5263627f8c0557024b6df89ffe6f07162f6dbcb3cf12071922e15fda068943909ebd158fed261beded5d03e3a271899ecafd74b5932918f336926ab4e801cd17b0bdc4c5ba9258f3471cb9292b00fb87d427c225ce941b6f47e656d12951fcbb04a85e9b913322be649e26ac1ca63816796bf149e88eaa48b8a034c93075467b20e317fcc0a1c20f6cb6288005b50f155217037c7750df484b0e393350978d78e8518402bfea892e455d1380a4a3418d336bac19cc839167736ead4e15af72b0103aea017d756edbd3147c55a0ccec74199f1eb9eb817a3351df39fbffd85149601ad7c074aff3856e90eed3bbca5702db3620b089a36b278ea7238d5a799b41c818c90869de9db9be5cd2919cc4b043bf9a80c34b461eef6ab0feb7fa9dfc67ee30548bc7301115f8d82dc2a88a798a708df684a5c7a018a4abda559072c6a163c4d321df4a9d88ec57785b7e54118ee445427015db07c1ae47f7e10b5d038d889ba401ba1273add2ebca5f3422fd2da6e3efc3563d8f9e545b16147cc6cccc586b1c4d665d8e624db0b1be87c4bfe8f1d6303e7975727aef35aceb85d2916fee4ba5af8705065e2a8ddec6ade155a1d27ce8a98f80e1739bb268d4b3247bbac21ecaa5558b4635056b5935422bbcb51b3b98f647ff3e5f61e43720b8cee5b95b78b6d9211cf38ed12b676b411797b1a1dbeb7d3a3633d6f1b8af01c2c6e6b4bc73280743d148a621e5915f4e344f75d42bbfaa769be8625e64a72f516098101bf7459ffbf89316067b8df337964dca69cdf8a1c2d6d51e3a1c92c0c80b807b5ad0c5f92df54b7b551acdf41c3058fbd52d03b50abe7e0acb50f4f77ad30164f146c4ce766cde532ea7e7f650137332fa444f7414c22c968f32c6d0e977b39ceabb72dcea722a7dfb583fb885066496cacc20af767f50c5f4b86499c054db70a6b59bead1d269b997a85fd7eb81596696b0717443a3754d45815f0718a99c594a311879ddb23e4611c15f857aeb3af425b367b23300d3ffd63a3589aa89a7dd9933375897090eab1589653dd5c7e437d15ef42e2901653f9d0b5eb802ce90800326deaa68c3647933043954a403531a1f698df58bd439bb14cf34a60fc1e55fafbf2d3c1fe476bb76dbb948fb3dd4b1b03ab03120762be4f540778ccb89e0aee5418e6c51b65c43ae29f04d8b200d5cb27a804e9c981dda2278a8276db77121139f366d94a7783d669ee190bb2b16c1fe72091014945b48042c5fe1944d7b62634fd016a526d7246ebcf56e5b6201232ae13f18a48a8ace28d6add02a4ca7c85b9eee00fa13073c1c6c13e3eed2e2bfb5e826b1c6d99318018e896b35ee0ee2013bb22b86b75148390fe0932a15d6433d39f56eb66c5093a227d6db4c46b893604100ce0fc16221af87f9bc4e6a7198b3ca71b1ce0984fee1c174ea106736d283760e7c332f5f90cd7bd20b99587062fcebcf6e2b4936002b9cd9ec781fbd1539ea0ee280d20a3f276d0576d2cb77009b47b5743c5e43d8a0aefb7216e0f72f2a6713d24e1405fd105cabb8a3633b828ad0bec8a2858d4dfb5e2bb21472d5cacfdb81c420e53e3fc0b3d8f65cbc2c464dd349ac087c09d6a10ece32f0533c32b844110508a8ab62c491209678e117e4305bf193ed7a441241007dbd7adcde5bf4efda6d0def06e0e9f6cac90183477cf55e54f8be781ed28c10638eb6f036d40679b69c1da42cc2bfe885da7fa921092651b0c6eeb34de07a00e0ca0adeb2c1feb015dfe0e0ea4bebe1e05be2b1dd836081f1774d608757d91421b91029db174e4fb5428437c31ba64099606b69cdcd83f4ea511fa97da4112c83eab436b1ba941465ac206a8f48c18a2253d7b314e3c8a19d42e254d1e0795cf6b0007aa81034d29f4d7e4a0a596105ecd139fa18c88e1f953dd4b454a2096e14ae8733e33ea8697b268c07fec15234b2cfb5678cf4345cd00c9959a0520ff45ae7b7411cdc067a1069907f3780b15b56c96fc505ec6c6975327c348ca0a23c1deb1f5890fc25bec8424949bdf23c314e08de883891d6753e77052bca2959911d378173a45b1b2ccce8a036b585716da11fb9cdb135460f8acb3179ed30ef1eca1927fa0b8458f66755ecc5d7bb9d706e3b2d0c01dca23ec8ba696baf132199b20aa8897938214f81ec8a549ca3c3edf70f8cf3e9900074007b1c184fc4aa30abce4f7a4bcf083520710970f2b7b4f2c0ad008b7aeff389831c1970fd317097666e9a90467425c96fad04457580677218441b71125bdba5846d570348eb1bd6effc3870cd9c3f9c9bc96d3444211ddc7aae06f796df2a78d7a670c2072a5d2b212aef737dc6df423f50dea398c7bf146b2db22e42b723bbef4cc8d457d72eaccd6daa67f43054803cc44781319cfd4df5c14e5ada1acde4876bc8d797b95067e4627ab353086c57395e5c446a8add31887af4aeb9f22e65d8d565a90d57933fa09273f500697a58149273dcdbb2c20fb542fa3fde3be0498954d030d819bc1a2de9180b68f6cc7dacd6aa704c9809eb63b38eef066f9776483f65a92729b4277baeffc3c8ef0ab6111e2049da0fad2f0b2b7771837220b8fc0e2457516db794bccb8cb34d799f096964fd04bce91350f348207813a6f51640bc0d8b9c4f95892c296ef68961ab90e809a51a1eef2cb4365b66063d50902aeeba73ead9564da1c62fe5b8b12bf49024f710ff0bc9b5807ff9dd045746677c8522a4b0841224b6c56ba75a3f768ac3096e97d22db9dc1b7d0668c32f834feabd10789b233b0b11fc7cf531998383490b1372c798e9ee02379aca07a887653c64d3b8fd96797e371940bc108abf6c3ecf69549d2abeb2ea09105778e26cd3f08b90c7007c7eeedffad59b8b3c04faa88cd39d8e23154b0b230c71519d3e6b0af4b1017499a6292723e426334b229b635fe8761a2e99965646357cb1f80eff948142970d7aca2e7748322583f5dc68880de9d4fc13eedd26cfe9d78e90efb868c3d2d0ac18dd82c55b9bd299b035f67603cb11a92f603c8c98b81c588789d5ab0b0421f4dec920d88386d5b2d64586b19bf72b65a28d480d4ec7ba5fa7a4b577ac3e670e307b601bef1a8924787c0fd72989671a30ec843cfbe0ddbab61b1c0e316071e0bd488fcc17b677355f6f1feab32a44bcbc411786c002738c11c4fb5af07bd679f1f6150f2d270d48cd87caa58d437651c4568dea65cb6ffec7ae7b5c8b973dac75586b7f57b3774ca836ed0fb4d212f89c79cce4a1493076a509e9811355aa3447747d2f6d9dbfc4590996a56951f66bfe76d7b2a11893e02579887338c4928372c1d837e9b92a7c1b73671427f51f73c03cd9e3ba437204bed525f2ddde1aac15cf090b10e7f540845c6d643e6d421c4421c9e578e98bd80847ac3eb6687438d2e388b83a987be5479140e7ca2c4dfc038bf82b03faf75924f7fe82bfbf4f7cd25a2105d8db7b07d847ad1edca94323f744cc54640f929dcb6e93509336150469c575b16669d6671b61ab0418d67a90d0eafdc6287ebcb486ef990da526151d1309e2deb5a5ba25b705552052017ae242a77694080b2c648e35044fc731f3fa63e90c52550c26af75517285ca22696b655274e986c076a6cff721ab202c6d3634a88bc860967bc9fa2853f595851c421e3677b4c938a5684cbf45fb78214e8ce47dadf1f25e281ea092b857dd8d61bc4224ace14741320ce9ee63f2a5eef59cf1af1cd4b856ceae09b87eb2c67b6c3dc160da2c178138927eef6762163fe1dcc26e49edca9e1dd6fba3ab0b262d83a2d26939ceedb64974f34726c22a6139c7c63103415e287ded358d7f0b6c93bc626baf81f0efb0690bf790af70f1ac565b01790927ef36a942d3c1e4961ba5e04465a5520e6982c25df1f10db7093aca5959f0c2804cfd3093fa0ca03405d08cb8aa5c1731a6700462c96c7d015fb90fab5da3c366af9230a4e19e0c2dd92f4c24e7e825083332c6dcca9160a3e53c0227b4f41e8b9ffdf5d515efe2d4d665e92a774b2e4bcad4228c8ef58343706cff0e393345a4dcd78073ef1664d23eef7313e3726713bc625cf0cc1bee43ee1a39d615ada40495be8ddb43d6fe18c5b7e79216bd93bd1ee8cd74b8f23a910770b0b4b13e9048cad746929c1594d0b30cabe0529a20eb055e7f42508317e3cfb9b0f564aaa02288173265e75b5b4eb749d4fa04a015be84d02c3cc25b805cea8640d13275ba91d8e5f0ed6865f4eede33c99b7dcb5f81117a0fb18a7fff9bfe90deb327ed5d8da6e56809ef31d8d7e35736cee5521cc57b4356558af88f60f4554d5e12cc61f00c2177ddaa778a5aaba2dd07ef29f72775412ffb1374eea064ee33b5ea5c998b720999e23e7596797960ccd212b1ba46095cb17cc5affd87fbeb82fc345a2ae3f185f9da92e316d545eb4e42b5afc84eb0083c0ea8f4652c0432ead6fcf0c5bd1fe311d2423ea1b96658869f2889962ac40b655dd364811e4433ed1b3ba185f35499b2c79c0be7d01724b3ceea29f35a80703f9352e2100df201998f5d008b13492e7c1fd408dbf4713175f319118ce763ba241c534b4e003cade6c6a92075ce14537e36f5410d46d856c401320ca2d21211786fddcfc70a2ebf108c09c6b92a202e510b55358a26c88232b01d61bc4b43f0595b5015f302391d1ffd00e8937aeef9308ce30904fbf3b0b7b90e93bd51a1762d6f6d59e87b0701fddf80f951e75e1e8403bcf80a09454533995b3c6a030e34678bd34c2da0b344ba25c3d43207443aefab8866e3025887a42d584b8bd053f5e8c34610e5758f5497ace6781677e0e0ad1dadb5213f5b5156d1bf21f8f8efe6c0dc64a2e286f568803a9447143527bae17b4db53957832e5d646769ed50c8772641bd204f583c1732ed0230cdd03201e32fa9b7b54ffc65147c02c5134875a61f493bc34cca0fab088aa0bd1521a6f19568f2526314b7243ffc833cde93b6e2c7372830d315b7880b7640c3556da959a4148572a07b17d9a062272ab2bf88a070a18e6c195ae07977975bbd844462765541b7ac63ab4c0e17239e16a7174b1b36f3e76366ee813482e92ec9259536926495d56248c6afd09d7babe07a62626dd00e82bc93099a24f85b86b9c911e8763d56bcac2410f8e9139f77df9aae4b9b9079a318c6d858a6e6b7f9ba3c98f1cbd2923bd16b90", 0x1000)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  122.981066][ T8604] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  123.012449][ T8614] loop4: detected capacity change from 0 to 16
08:50:12 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

[  123.065507][ T8621] FAT-fs (loop2): bogus number of reserved sectors
[  123.072073][ T8621] FAT-fs (loop2): Can't find a valid FAT filesystem
[  123.079422][ T8625] FAT-fs (loop5): bogus number of reserved sectors
[  123.086929][ T8625] FAT-fs (loop5): Can't find a valid FAT filesystem
[  123.091915][ T8629] loop4: detected capacity change from 0 to 16
08:50:12 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c0000006800"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x0)

08:50:12 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:50:12 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, 0x0, 0x0, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x16, &(0x7f0000000280)="5f579ed79400a9c94fd8af556f2cb0453f46823f62428604e722ea22e3d2adb04cd5e1ac63bc76c984c9ae0036529ee534505051a0c1d70bcbe616385fd4a0e1e3953d2afcb5da8bef8f2dff4591ed13471d61ccba1997686490be5a9e8d5fd701e7cf1360ff0ddeb54b63cd83ef47dfee396e16da79fdb6bd7d51accf5517c4fad6ad29b6736ff820e6f1c96c10c0cc9484ac4f217468bb00db28e231029100c67d3e9443df9262a4e30862f9ac31ebde4664baab5c7b95f677eecfa9269442f2b05b1d74ffb705f71089bd934aa275b54c277db5d0b7e0c8f5c305ccdc60d8f88dac0b8eb57ee141d08d7a90bd145a9396248cc1f6ea6c6c0bc1327fd77934ea5ef93bbec3a49ef8eb87f3160c436b2b5e0b4581c9f0851123a3632e19cde75f16ba683172139eda87314518bf5f577bd1a579c183e26b4a1f12ee0b1c5cba97f1e69348a53afa56e93cc0dad5da9363a6e06d3109c4a4a54a5cbfc3d460d837ab1e38ac4cf71711dcf57f9cb0ce01dfc74c370ea40c2524ba930563f602cf603702a95083db3d762219c6a0e63533ca3fe1e8df336c43649d7e1e55ac5263627f8c0557024b6df89ffe6f07162f6dbcb3cf12071922e15fda068943909ebd158fed261beded5d03e3a271899ecafd74b5932918f336926ab4e801cd17b0bdc4c5ba9258f3471cb9292b00fb87d427c225ce941b6f47e656d12951fcbb04a85e9b913322be649e26ac1ca63816796bf149e88eaa48b8a034c93075467b20e317fcc0a1c20f6cb6288005b50f155217037c7750df484b0e393350978d78e8518402bfea892e455d1380a4a3418d336bac19cc839167736ead4e15af72b0103aea017d756edbd3147c55a0ccec74199f1eb9eb817a3351df39fbffd85149601ad7c074aff3856e90eed3bbca5702db3620b089a36b278ea7238d5a799b41c818c90869de9db9be5cd2919cc4b043bf9a80c34b461eef6ab0feb7fa9dfc67ee30548bc7301115f8d82dc2a88a798a708df684a5c7a018a4abda559072c6a163c4d321df4a9d88ec57785b7e54118ee445427015db07c1ae47f7e10b5d038d889ba401ba1273add2ebca5f3422fd2da6e3efc3563d8f9e545b16147cc6cccc586b1c4d665d8e624db0b1be87c4bfe8f1d6303e7975727aef35aceb85d2916fee4ba5af8705065e2a8ddec6ade155a1d27ce8a98f80e1739bb268d4b3247bbac21ecaa5558b4635056b5935422bbcb51b3b98f647ff3e5f61e43720b8cee5b95b78b6d9211cf38ed12b676b411797b1a1dbeb7d3a3633d6f1b8af01c2c6e6b4bc73280743d148a621e5915f4e344f75d42bbfaa769be8625e64a72f516098101bf7459ffbf89316067b8df337964dca69cdf8a1c2d6d51e3a1c92c0c80b807b5ad0c5f92df54b7b551acdf41c3058fbd52d03b50abe7e0acb50f4f77ad30164f146c4ce766cde532ea7e7f650137332fa444f7414c22c968f32c6d0e977b39ceabb72dcea722a7dfb583fb885066496cacc20af767f50c5f4b86499c054db70a6b59bead1d269b997a85fd7eb81596696b0717443a3754d45815f0718a99c594a311879ddb23e4611c15f857aeb3af425b367b23300d3ffd63a3589aa89a7dd9933375897090eab1589653dd5c7e437d15ef42e2901653f9d0b5eb802ce90800326deaa68c3647933043954a403531a1f698df58bd439bb14cf34a60fc1e55fafbf2d3c1fe476bb76dbb948fb3dd4b1b03ab03120762be4f540778ccb89e0aee5418e6c51b65c43ae29f04d8b200d5cb27a804e9c981dda2278a8276db77121139f366d94a7783d669ee190bb2b16c1fe72091014945b48042c5fe1944d7b62634fd016a526d7246ebcf56e5b6201232ae13f18a48a8ace28d6add02a4ca7c85b9eee00fa13073c1c6c13e3eed2e2bfb5e826b1c6d99318018e896b35ee0ee2013bb22b86b75148390fe0932a15d6433d39f56eb66c5093a227d6db4c46b893604100ce0fc16221af87f9bc4e6a7198b3ca71b1ce0984fee1c174ea106736d283760e7c332f5f90cd7bd20b99587062fcebcf6e2b4936002b9cd9ec781fbd1539ea0ee280d20a3f276d0576d2cb77009b47b5743c5e43d8a0aefb7216e0f72f2a6713d24e1405fd105cabb8a3633b828ad0bec8a2858d4dfb5e2bb21472d5cacfdb81c420e53e3fc0b3d8f65cbc2c464dd349ac087c09d6a10ece32f0533c32b844110508a8ab62c491209678e117e4305bf193ed7a441241007dbd7adcde5bf4efda6d0def06e0e9f6cac90183477cf55e54f8be781ed28c10638eb6f036d40679b69c1da42cc2bfe885da7fa921092651b0c6eeb34de07a00e0ca0adeb2c1feb015dfe0e0ea4bebe1e05be2b1dd836081f1774d608757d91421b91029db174e4fb5428437c31ba64099606b69cdcd83f4ea511fa97da4112c83eab436b1ba941465ac206a8f48c18a2253d7b314e3c8a19d42e254d1e0795cf6b0007aa81034d29f4d7e4a0a596105ecd139fa18c88e1f953dd4b454a2096e14ae8733e33ea8697b268c07fec15234b2cfb5678cf4345cd00c9959a0520ff45ae7b7411cdc067a1069907f3780b15b56c96fc505ec6c6975327c348ca0a23c1deb1f5890fc25bec8424949bdf23c314e08de883891d6753e77052bca2959911d378173a45b1b2ccce8a036b585716da11fb9cdb135460f8acb3179ed30ef1eca1927fa0b8458f66755ecc5d7bb9d706e3b2d0c01dca23ec8ba696baf132199b20aa8897938214f81ec8a549ca3c3edf70f8cf3e9900074007b1c184fc4aa30abce4f7a4bcf083520710970f2b7b4f2c0ad008b7aeff389831c1970fd317097666e9a90467425c96fad04457580677218441b71125bdba5846d570348eb1bd6effc3870cd9c3f9c9bc96d3444211ddc7aae06f796df2a78d7a670c2072a5d2b212aef737dc6df423f50dea398c7bf146b2db22e42b723bbef4cc8d457d72eaccd6daa67f43054803cc44781319cfd4df5c14e5ada1acde4876bc8d797b95067e4627ab353086c57395e5c446a8add31887af4aeb9f22e65d8d565a90d57933fa09273f500697a58149273dcdbb2c20fb542fa3fde3be0498954d030d819bc1a2de9180b68f6cc7dacd6aa704c9809eb63b38eef066f9776483f65a92729b4277baeffc3c8ef0ab6111e2049da0fad2f0b2b7771837220b8fc0e2457516db794bccb8cb34d799f096964fd04bce91350f348207813a6f51640bc0d8b9c4f95892c296ef68961ab90e809a51a1eef2cb4365b66063d50902aeeba73ead9564da1c62fe5b8b12bf49024f710ff0bc9b5807ff9dd045746677c8522a4b0841224b6c56ba75a3f768ac3096e97d22db9dc1b7d0668c32f834feabd10789b233b0b11fc7cf531998383490b1372c798e9ee02379aca07a887653c64d3b8fd96797e371940bc108abf6c3ecf69549d2abeb2ea09105778e26cd3f08b90c7007c7eeedffad59b8b3c04faa88cd39d8e23154b0b230c71519d3e6b0af4b1017499a6292723e426334b229b635fe8761a2e99965646357cb1f80eff948142970d7aca2e7748322583f5dc68880de9d4fc13eedd26cfe9d78e90efb868c3d2d0ac18dd82c55b9bd299b035f67603cb11a92f603c8c98b81c588789d5ab0b0421f4dec920d88386d5b2d64586b19bf72b65a28d480d4ec7ba5fa7a4b577ac3e670e307b601bef1a8924787c0fd72989671a30ec843cfbe0ddbab61b1c0e316071e0bd488fcc17b677355f6f1feab32a44bcbc411786c002738c11c4fb5af07bd679f1f6150f2d270d48cd87caa58d437651c4568dea65cb6ffec7ae7b5c8b973dac75586b7f57b3774ca836ed0fb4d212f89c79cce4a1493076a509e9811355aa3447747d2f6d9dbfc4590996a56951f66bfe76d7b2a11893e02579887338c4928372c1d837e9b92a7c1b73671427f51f73c03cd9e3ba437204bed525f2ddde1aac15cf090b10e7f540845c6d643e6d421c4421c9e578e98bd80847ac3eb6687438d2e388b83a987be5479140e7ca2c4dfc038bf82b03faf75924f7fe82bfbf4f7cd25a2105d8db7b07d847ad1edca94323f744cc54640f929dcb6e93509336150469c575b16669d6671b61ab0418d67a90d0eafdc6287ebcb486ef990da526151d1309e2deb5a5ba25b705552052017ae242a77694080b2c648e35044fc731f3fa63e90c52550c26af75517285ca22696b655274e986c076a6cff721ab202c6d3634a88bc860967bc9fa2853f595851c421e3677b4c938a5684cbf45fb78214e8ce47dadf1f25e281ea092b857dd8d61bc4224ace14741320ce9ee63f2a5eef59cf1af1cd4b856ceae09b87eb2c67b6c3dc160da2c178138927eef6762163fe1dcc26e49edca9e1dd6fba3ab0b262d83a2d26939ceedb64974f34726c22a6139c7c63103415e287ded358d7f0b6c93bc626baf81f0efb0690bf790af70f1ac565b01790927ef36a942d3c1e4961ba5e04465a5520e6982c25df1f10db7093aca5959f0c2804cfd3093fa0ca03405d08cb8aa5c1731a6700462c96c7d015fb90fab5da3c366af9230a4e19e0c2dd92f4c24e7e825083332c6dcca9160a3e53c0227b4f41e8b9ffdf5d515efe2d4d665e92a774b2e4bcad4228c8ef58343706cff0e393345a4dcd78073ef1664d23eef7313e3726713bc625cf0cc1bee43ee1a39d615ada40495be8ddb43d6fe18c5b7e79216bd93bd1ee8cd74b8f23a910770b0b4b13e9048cad746929c1594d0b30cabe0529a20eb055e7f42508317e3cfb9b0f564aaa02288173265e75b5b4eb749d4fa04a015be84d02c3cc25b805cea8640d13275ba91d8e5f0ed6865f4eede33c99b7dcb5f81117a0fb18a7fff9bfe90deb327ed5d8da6e56809ef31d8d7e35736cee5521cc57b4356558af88f60f4554d5e12cc61f00c2177ddaa778a5aaba2dd07ef29f72775412ffb1374eea064ee33b5ea5c998b720999e23e7596797960ccd212b1ba46095cb17cc5affd87fbeb82fc345a2ae3f185f9da92e316d545eb4e42b5afc84eb0083c0ea8f4652c0432ead6fcf0c5bd1fe311d2423ea1b96658869f2889962ac40b655dd364811e4433ed1b3ba185f35499b2c79c0be7d01724b3ceea29f35a80703f9352e2100df201998f5d008b13492e7c1fd408dbf4713175f319118ce763ba241c534b4e003cade6c6a92075ce14537e36f5410d46d856c401320ca2d21211786fddcfc70a2ebf108c09c6b92a202e510b55358a26c88232b01d61bc4b43f0595b5015f302391d1ffd00e8937aeef9308ce30904fbf3b0b7b90e93bd51a1762d6f6d59e87b0701fddf80f951e75e1e8403bcf80a09454533995b3c6a030e34678bd34c2da0b344ba25c3d43207443aefab8866e3025887a42d584b8bd053f5e8c34610e5758f5497ace6781677e0e0ad1dadb5213f5b5156d1bf21f8f8efe6c0dc64a2e286f568803a9447143527bae17b4db53957832e5d646769ed50c8772641bd204f583c1732ed0230cdd03201e32fa9b7b54ffc65147c02c5134875a61f493bc34cca0fab088aa0bd1521a6f19568f2526314b7243ffc833cde93b6e2c7372830d315b7880b7640c3556da959a4148572a07b17d9a062272ab2bf88a070a18e6c195ae07977975bbd844462765541b7ac63ab4c0e17239e16a7174b1b36f3e76366ee813482e92ec9259536926495d56248c6afd09d7babe07a62626dd00e82bc93099a24f85b86b9c911e8763d56bcac2410f8e9139f77df9aae4b9b9079a318c6d858a6e6b7f9ba3c98f1cbd2923bd16b90", 0x1000)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:12 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000200), 0xf000)

08:50:12 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:12 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:12 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, 0x0, 0x0, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x16, &(0x7f0000000280)="5f579ed79400a9c94fd8af556f2cb0453f46823f62428604e722ea22e3d2adb04cd5e1ac63bc76c984c9ae0036529ee534505051a0c1d70bcbe616385fd4a0e1e3953d2afcb5da8bef8f2dff4591ed13471d61ccba1997686490be5a9e8d5fd701e7cf1360ff0ddeb54b63cd83ef47dfee396e16da79fdb6bd7d51accf5517c4fad6ad29b6736ff820e6f1c96c10c0cc9484ac4f217468bb00db28e231029100c67d3e9443df9262a4e30862f9ac31ebde4664baab5c7b95f677eecfa9269442f2b05b1d74ffb705f71089bd934aa275b54c277db5d0b7e0c8f5c305ccdc60d8f88dac0b8eb57ee141d08d7a90bd145a9396248cc1f6ea6c6c0bc1327fd77934ea5ef93bbec3a49ef8eb87f3160c436b2b5e0b4581c9f0851123a3632e19cde75f16ba683172139eda87314518bf5f577bd1a579c183e26b4a1f12ee0b1c5cba97f1e69348a53afa56e93cc0dad5da9363a6e06d3109c4a4a54a5cbfc3d460d837ab1e38ac4cf71711dcf57f9cb0ce01dfc74c370ea40c2524ba930563f602cf603702a95083db3d762219c6a0e63533ca3fe1e8df336c43649d7e1e55ac5263627f8c0557024b6df89ffe6f07162f6dbcb3cf12071922e15fda068943909ebd158fed261beded5d03e3a271899ecafd74b5932918f336926ab4e801cd17b0bdc4c5ba9258f3471cb9292b00fb87d427c225ce941b6f47e656d12951fcbb04a85e9b913322be649e26ac1ca63816796bf149e88eaa48b8a034c93075467b20e317fcc0a1c20f6cb6288005b50f155217037c7750df484b0e393350978d78e8518402bfea892e455d1380a4a3418d336bac19cc839167736ead4e15af72b0103aea017d756edbd3147c55a0ccec74199f1eb9eb817a3351df39fbffd85149601ad7c074aff3856e90eed3bbca5702db3620b089a36b278ea7238d5a799b41c818c90869de9db9be5cd2919cc4b043bf9a80c34b461eef6ab0feb7fa9dfc67ee30548bc7301115f8d82dc2a88a798a708df684a5c7a018a4abda559072c6a163c4d321df4a9d88ec57785b7e54118ee445427015db07c1ae47f7e10b5d038d889ba401ba1273add2ebca5f3422fd2da6e3efc3563d8f9e545b16147cc6cccc586b1c4d665d8e624db0b1be87c4bfe8f1d6303e7975727aef35aceb85d2916fee4ba5af8705065e2a8ddec6ade155a1d27ce8a98f80e1739bb268d4b3247bbac21ecaa5558b4635056b5935422bbcb51b3b98f647ff3e5f61e43720b8cee5b95b78b6d9211cf38ed12b676b411797b1a1dbeb7d3a3633d6f1b8af01c2c6e6b4bc73280743d148a621e5915f4e344f75d42bbfaa769be8625e64a72f516098101bf7459ffbf89316067b8df337964dca69cdf8a1c2d6d51e3a1c92c0c80b807b5ad0c5f92df54b7b551acdf41c3058fbd52d03b50abe7e0acb50f4f77ad30164f146c4ce766cde532ea7e7f650137332fa444f7414c22c968f32c6d0e977b39ceabb72dcea722a7dfb583fb885066496cacc20af767f50c5f4b86499c054db70a6b59bead1d269b997a85fd7eb81596696b0717443a3754d45815f0718a99c594a311879ddb23e4611c15f857aeb3af425b367b23300d3ffd63a3589aa89a7dd9933375897090eab1589653dd5c7e437d15ef42e2901653f9d0b5eb802ce90800326deaa68c3647933043954a403531a1f698df58bd439bb14cf34a60fc1e55fafbf2d3c1fe476bb76dbb948fb3dd4b1b03ab03120762be4f540778ccb89e0aee5418e6c51b65c43ae29f04d8b200d5cb27a804e9c981dda2278a8276db77121139f366d94a7783d669ee190bb2b16c1fe72091014945b48042c5fe1944d7b62634fd016a526d7246ebcf56e5b6201232ae13f18a48a8ace28d6add02a4ca7c85b9eee00fa13073c1c6c13e3eed2e2bfb5e826b1c6d99318018e896b35ee0ee2013bb22b86b75148390fe0932a15d6433d39f56eb66c5093a227d6db4c46b893604100ce0fc16221af87f9bc4e6a7198b3ca71b1ce0984fee1c174ea106736d283760e7c332f5f90cd7bd20b99587062fcebcf6e2b4936002b9cd9ec781fbd1539ea0ee280d20a3f276d0576d2cb77009b47b5743c5e43d8a0aefb7216e0f72f2a6713d24e1405fd105cabb8a3633b828ad0bec8a2858d4dfb5e2bb21472d5cacfdb81c420e53e3fc0b3d8f65cbc2c464dd349ac087c09d6a10ece32f0533c32b844110508a8ab62c491209678e117e4305bf193ed7a441241007dbd7adcde5bf4efda6d0def06e0e9f6cac90183477cf55e54f8be781ed28c10638eb6f036d40679b69c1da42cc2bfe885da7fa921092651b0c6eeb34de07a00e0ca0adeb2c1feb015dfe0e0ea4bebe1e05be2b1dd836081f1774d608757d91421b91029db174e4fb5428437c31ba64099606b69cdcd83f4ea511fa97da4112c83eab436b1ba941465ac206a8f48c18a2253d7b314e3c8a19d42e254d1e0795cf6b0007aa81034d29f4d7e4a0a596105ecd139fa18c88e1f953dd4b454a2096e14ae8733e33ea8697b268c07fec15234b2cfb5678cf4345cd00c9959a0520ff45ae7b7411cdc067a1069907f3780b15b56c96fc505ec6c6975327c348ca0a23c1deb1f5890fc25bec8424949bdf23c314e08de883891d6753e77052bca2959911d378173a45b1b2ccce8a036b585716da11fb9cdb135460f8acb3179ed30ef1eca1927fa0b8458f66755ecc5d7bb9d706e3b2d0c01dca23ec8ba696baf132199b20aa8897938214f81ec8a549ca3c3edf70f8cf3e9900074007b1c184fc4aa30abce4f7a4bcf083520710970f2b7b4f2c0ad008b7aeff389831c1970fd317097666e9a90467425c96fad04457580677218441b71125bdba5846d570348eb1bd6effc3870cd9c3f9c9bc96d3444211ddc7aae06f796df2a78d7a670c2072a5d2b212aef737dc6df423f50dea398c7bf146b2db22e42b723bbef4cc8d457d72eaccd6daa67f43054803cc44781319cfd4df5c14e5ada1acde4876bc8d797b95067e4627ab353086c57395e5c446a8add31887af4aeb9f22e65d8d565a90d57933fa09273f500697a58149273dcdbb2c20fb542fa3fde3be0498954d030d819bc1a2de9180b68f6cc7dacd6aa704c9809eb63b38eef066f9776483f65a92729b4277baeffc3c8ef0ab6111e2049da0fad2f0b2b7771837220b8fc0e2457516db794bccb8cb34d799f096964fd04bce91350f348207813a6f51640bc0d8b9c4f95892c296ef68961ab90e809a51a1eef2cb4365b66063d50902aeeba73ead9564da1c62fe5b8b12bf49024f710ff0bc9b5807ff9dd045746677c8522a4b0841224b6c56ba75a3f768ac3096e97d22db9dc1b7d0668c32f834feabd10789b233b0b11fc7cf531998383490b1372c798e9ee02379aca07a887653c64d3b8fd96797e371940bc108abf6c3ecf69549d2abeb2ea09105778e26cd3f08b90c7007c7eeedffad59b8b3c04faa88cd39d8e23154b0b230c71519d3e6b0af4b1017499a6292723e426334b229b635fe8761a2e99965646357cb1f80eff948142970d7aca2e7748322583f5dc68880de9d4fc13eedd26cfe9d78e90efb868c3d2d0ac18dd82c55b9bd299b035f67603cb11a92f603c8c98b81c588789d5ab0b0421f4dec920d88386d5b2d64586b19bf72b65a28d480d4ec7ba5fa7a4b577ac3e670e307b601bef1a8924787c0fd72989671a30ec843cfbe0ddbab61b1c0e316071e0bd488fcc17b677355f6f1feab32a44bcbc411786c002738c11c4fb5af07bd679f1f6150f2d270d48cd87caa58d437651c4568dea65cb6ffec7ae7b5c8b973dac75586b7f57b3774ca836ed0fb4d212f89c79cce4a1493076a509e9811355aa3447747d2f6d9dbfc4590996a56951f66bfe76d7b2a11893e02579887338c4928372c1d837e9b92a7c1b73671427f51f73c03cd9e3ba437204bed525f2ddde1aac15cf090b10e7f540845c6d643e6d421c4421c9e578e98bd80847ac3eb6687438d2e388b83a987be5479140e7ca2c4dfc038bf82b03faf75924f7fe82bfbf4f7cd25a2105d8db7b07d847ad1edca94323f744cc54640f929dcb6e93509336150469c575b16669d6671b61ab0418d67a90d0eafdc6287ebcb486ef990da526151d1309e2deb5a5ba25b705552052017ae242a77694080b2c648e35044fc731f3fa63e90c52550c26af75517285ca22696b655274e986c076a6cff721ab202c6d3634a88bc860967bc9fa2853f595851c421e3677b4c938a5684cbf45fb78214e8ce47dadf1f25e281ea092b857dd8d61bc4224ace14741320ce9ee63f2a5eef59cf1af1cd4b856ceae09b87eb2c67b6c3dc160da2c178138927eef6762163fe1dcc26e49edca9e1dd6fba3ab0b262d83a2d26939ceedb64974f34726c22a6139c7c63103415e287ded358d7f0b6c93bc626baf81f0efb0690bf790af70f1ac565b01790927ef36a942d3c1e4961ba5e04465a5520e6982c25df1f10db7093aca5959f0c2804cfd3093fa0ca03405d08cb8aa5c1731a6700462c96c7d015fb90fab5da3c366af9230a4e19e0c2dd92f4c24e7e825083332c6dcca9160a3e53c0227b4f41e8b9ffdf5d515efe2d4d665e92a774b2e4bcad4228c8ef58343706cff0e393345a4dcd78073ef1664d23eef7313e3726713bc625cf0cc1bee43ee1a39d615ada40495be8ddb43d6fe18c5b7e79216bd93bd1ee8cd74b8f23a910770b0b4b13e9048cad746929c1594d0b30cabe0529a20eb055e7f42508317e3cfb9b0f564aaa02288173265e75b5b4eb749d4fa04a015be84d02c3cc25b805cea8640d13275ba91d8e5f0ed6865f4eede33c99b7dcb5f81117a0fb18a7fff9bfe90deb327ed5d8da6e56809ef31d8d7e35736cee5521cc57b4356558af88f60f4554d5e12cc61f00c2177ddaa778a5aaba2dd07ef29f72775412ffb1374eea064ee33b5ea5c998b720999e23e7596797960ccd212b1ba46095cb17cc5affd87fbeb82fc345a2ae3f185f9da92e316d545eb4e42b5afc84eb0083c0ea8f4652c0432ead6fcf0c5bd1fe311d2423ea1b96658869f2889962ac40b655dd364811e4433ed1b3ba185f35499b2c79c0be7d01724b3ceea29f35a80703f9352e2100df201998f5d008b13492e7c1fd408dbf4713175f319118ce763ba241c534b4e003cade6c6a92075ce14537e36f5410d46d856c401320ca2d21211786fddcfc70a2ebf108c09c6b92a202e510b55358a26c88232b01d61bc4b43f0595b5015f302391d1ffd00e8937aeef9308ce30904fbf3b0b7b90e93bd51a1762d6f6d59e87b0701fddf80f951e75e1e8403bcf80a09454533995b3c6a030e34678bd34c2da0b344ba25c3d43207443aefab8866e3025887a42d584b8bd053f5e8c34610e5758f5497ace6781677e0e0ad1dadb5213f5b5156d1bf21f8f8efe6c0dc64a2e286f568803a9447143527bae17b4db53957832e5d646769ed50c8772641bd204f583c1732ed0230cdd03201e32fa9b7b54ffc65147c02c5134875a61f493bc34cca0fab088aa0bd1521a6f19568f2526314b7243ffc833cde93b6e2c7372830d315b7880b7640c3556da959a4148572a07b17d9a062272ab2bf88a070a18e6c195ae07977975bbd844462765541b7ac63ab4c0e17239e16a7174b1b36f3e76366ee813482e92ec9259536926495d56248c6afd09d7babe07a62626dd00e82bc93099a24f85b86b9c911e8763d56bcac2410f8e9139f77df9aae4b9b9079a318c6d858a6e6b7f9ba3c98f1cbd2923bd16b90", 0x1000)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:12 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, 0x0, 0x0)

[  123.776067][ T8647] loop4: detected capacity change from 0 to 16
[  123.779834][ T8648] loop2: detected capacity change from 0 to 16
[  123.797376][ T8651] FAT-fs (loop5): bogus number of reserved sectors
[  123.803945][ T8651] FAT-fs (loop5): Can't find a valid FAT filesystem
08:50:12 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:50:12 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, 0x0, 0x0, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x16, &(0x7f0000000280)="5f579ed79400a9c94fd8af556f2cb0453f46823f62428604e722ea22e3d2adb04cd5e1ac63bc76c984c9ae0036529ee534505051a0c1d70bcbe616385fd4a0e1e3953d2afcb5da8bef8f2dff4591ed13471d61ccba1997686490be5a9e8d5fd701e7cf1360ff0ddeb54b63cd83ef47dfee396e16da79fdb6bd7d51accf5517c4fad6ad29b6736ff820e6f1c96c10c0cc9484ac4f217468bb00db28e231029100c67d3e9443df9262a4e30862f9ac31ebde4664baab5c7b95f677eecfa9269442f2b05b1d74ffb705f71089bd934aa275b54c277db5d0b7e0c8f5c305ccdc60d8f88dac0b8eb57ee141d08d7a90bd145a9396248cc1f6ea6c6c0bc1327fd77934ea5ef93bbec3a49ef8eb87f3160c436b2b5e0b4581c9f0851123a3632e19cde75f16ba683172139eda87314518bf5f577bd1a579c183e26b4a1f12ee0b1c5cba97f1e69348a53afa56e93cc0dad5da9363a6e06d3109c4a4a54a5cbfc3d460d837ab1e38ac4cf71711dcf57f9cb0ce01dfc74c370ea40c2524ba930563f602cf603702a95083db3d762219c6a0e63533ca3fe1e8df336c43649d7e1e55ac5263627f8c0557024b6df89ffe6f07162f6dbcb3cf12071922e15fda068943909ebd158fed261beded5d03e3a271899ecafd74b5932918f336926ab4e801cd17b0bdc4c5ba9258f3471cb9292b00fb87d427c225ce941b6f47e656d12951fcbb04a85e9b913322be649e26ac1ca63816796bf149e88eaa48b8a034c93075467b20e317fcc0a1c20f6cb6288005b50f155217037c7750df484b0e393350978d78e8518402bfea892e455d1380a4a3418d336bac19cc839167736ead4e15af72b0103aea017d756edbd3147c55a0ccec74199f1eb9eb817a3351df39fbffd85149601ad7c074aff3856e90eed3bbca5702db3620b089a36b278ea7238d5a799b41c818c90869de9db9be5cd2919cc4b043bf9a80c34b461eef6ab0feb7fa9dfc67ee30548bc7301115f8d82dc2a88a798a708df684a5c7a018a4abda559072c6a163c4d321df4a9d88ec57785b7e54118ee445427015db07c1ae47f7e10b5d038d889ba401ba1273add2ebca5f3422fd2da6e3efc3563d8f9e545b16147cc6cccc586b1c4d665d8e624db0b1be87c4bfe8f1d6303e7975727aef35aceb85d2916fee4ba5af8705065e2a8ddec6ade155a1d27ce8a98f80e1739bb268d4b3247bbac21ecaa5558b4635056b5935422bbcb51b3b98f647ff3e5f61e43720b8cee5b95b78b6d9211cf38ed12b676b411797b1a1dbeb7d3a3633d6f1b8af01c2c6e6b4bc73280743d148a621e5915f4e344f75d42bbfaa769be8625e64a72f516098101bf7459ffbf89316067b8df337964dca69cdf8a1c2d6d51e3a1c92c0c80b807b5ad0c5f92df54b7b551acdf41c3058fbd52d03b50abe7e0acb50f4f77ad30164f146c4ce766cde532ea7e7f650137332fa444f7414c22c968f32c6d0e977b39ceabb72dcea722a7dfb583fb885066496cacc20af767f50c5f4b86499c054db70a6b59bead1d269b997a85fd7eb81596696b0717443a3754d45815f0718a99c594a311879ddb23e4611c15f857aeb3af425b367b23300d3ffd63a3589aa89a7dd9933375897090eab1589653dd5c7e437d15ef42e2901653f9d0b5eb802ce90800326deaa68c3647933043954a403531a1f698df58bd439bb14cf34a60fc1e55fafbf2d3c1fe476bb76dbb948fb3dd4b1b03ab03120762be4f540778ccb89e0aee5418e6c51b65c43ae29f04d8b200d5cb27a804e9c981dda2278a8276db77121139f366d94a7783d669ee190bb2b16c1fe72091014945b48042c5fe1944d7b62634fd016a526d7246ebcf56e5b6201232ae13f18a48a8ace28d6add02a4ca7c85b9eee00fa13073c1c6c13e3eed2e2bfb5e826b1c6d99318018e896b35ee0ee2013bb22b86b75148390fe0932a15d6433d39f56eb66c5093a227d6db4c46b893604100ce0fc16221af87f9bc4e6a7198b3ca71b1ce0984fee1c174ea106736d283760e7c332f5f90cd7bd20b99587062fcebcf6e2b4936002b9cd9ec781fbd1539ea0ee280d20a3f276d0576d2cb77009b47b5743c5e43d8a0aefb7216e0f72f2a6713d24e1405fd105cabb8a3633b828ad0bec8a2858d4dfb5e2bb21472d5cacfdb81c420e53e3fc0b3d8f65cbc2c464dd349ac087c09d6a10ece32f0533c32b844110508a8ab62c491209678e117e4305bf193ed7a441241007dbd7adcde5bf4efda6d0def06e0e9f6cac90183477cf55e54f8be781ed28c10638eb6f036d40679b69c1da42cc2bfe885da7fa921092651b0c6eeb34de07a00e0ca0adeb2c1feb015dfe0e0ea4bebe1e05be2b1dd836081f1774d608757d91421b91029db174e4fb5428437c31ba64099606b69cdcd83f4ea511fa97da4112c83eab436b1ba941465ac206a8f48c18a2253d7b314e3c8a19d42e254d1e0795cf6b0007aa81034d29f4d7e4a0a596105ecd139fa18c88e1f953dd4b454a2096e14ae8733e33ea8697b268c07fec15234b2cfb5678cf4345cd00c9959a0520ff45ae7b7411cdc067a1069907f3780b15b56c96fc505ec6c6975327c348ca0a23c1deb1f5890fc25bec8424949bdf23c314e08de883891d6753e77052bca2959911d378173a45b1b2ccce8a036b585716da11fb9cdb135460f8acb3179ed30ef1eca1927fa0b8458f66755ecc5d7bb9d706e3b2d0c01dca23ec8ba696baf132199b20aa8897938214f81ec8a549ca3c3edf70f8cf3e9900074007b1c184fc4aa30abce4f7a4bcf083520710970f2b7b4f2c0ad008b7aeff389831c1970fd317097666e9a90467425c96fad04457580677218441b71125bdba5846d570348eb1bd6effc3870cd9c3f9c9bc96d3444211ddc7aae06f796df2a78d7a670c2072a5d2b212aef737dc6df423f50dea398c7bf146b2db22e42b723bbef4cc8d457d72eaccd6daa67f43054803cc44781319cfd4df5c14e5ada1acde4876bc8d797b95067e4627ab353086c57395e5c446a8add31887af4aeb9f22e65d8d565a90d57933fa09273f500697a58149273dcdbb2c20fb542fa3fde3be0498954d030d819bc1a2de9180b68f6cc7dacd6aa704c9809eb63b38eef066f9776483f65a92729b4277baeffc3c8ef0ab6111e2049da0fad2f0b2b7771837220b8fc0e2457516db794bccb8cb34d799f096964fd04bce91350f348207813a6f51640bc0d8b9c4f95892c296ef68961ab90e809a51a1eef2cb4365b66063d50902aeeba73ead9564da1c62fe5b8b12bf49024f710ff0bc9b5807ff9dd045746677c8522a4b0841224b6c56ba75a3f768ac3096e97d22db9dc1b7d0668c32f834feabd10789b233b0b11fc7cf531998383490b1372c798e9ee02379aca07a887653c64d3b8fd96797e371940bc108abf6c3ecf69549d2abeb2ea09105778e26cd3f08b90c7007c7eeedffad59b8b3c04faa88cd39d8e23154b0b230c71519d3e6b0af4b1017499a6292723e426334b229b635fe8761a2e99965646357cb1f80eff948142970d7aca2e7748322583f5dc68880de9d4fc13eedd26cfe9d78e90efb868c3d2d0ac18dd82c55b9bd299b035f67603cb11a92f603c8c98b81c588789d5ab0b0421f4dec920d88386d5b2d64586b19bf72b65a28d480d4ec7ba5fa7a4b577ac3e670e307b601bef1a8924787c0fd72989671a30ec843cfbe0ddbab61b1c0e316071e0bd488fcc17b677355f6f1feab32a44bcbc411786c002738c11c4fb5af07bd679f1f6150f2d270d48cd87caa58d437651c4568dea65cb6ffec7ae7b5c8b973dac75586b7f57b3774ca836ed0fb4d212f89c79cce4a1493076a509e9811355aa3447747d2f6d9dbfc4590996a56951f66bfe76d7b2a11893e02579887338c4928372c1d837e9b92a7c1b73671427f51f73c03cd9e3ba437204bed525f2ddde1aac15cf090b10e7f540845c6d643e6d421c4421c9e578e98bd80847ac3eb6687438d2e388b83a987be5479140e7ca2c4dfc038bf82b03faf75924f7fe82bfbf4f7cd25a2105d8db7b07d847ad1edca94323f744cc54640f929dcb6e93509336150469c575b16669d6671b61ab0418d67a90d0eafdc6287ebcb486ef990da526151d1309e2deb5a5ba25b705552052017ae242a77694080b2c648e35044fc731f3fa63e90c52550c26af75517285ca22696b655274e986c076a6cff721ab202c6d3634a88bc860967bc9fa2853f595851c421e3677b4c938a5684cbf45fb78214e8ce47dadf1f25e281ea092b857dd8d61bc4224ace14741320ce9ee63f2a5eef59cf1af1cd4b856ceae09b87eb2c67b6c3dc160da2c178138927eef6762163fe1dcc26e49edca9e1dd6fba3ab0b262d83a2d26939ceedb64974f34726c22a6139c7c63103415e287ded358d7f0b6c93bc626baf81f0efb0690bf790af70f1ac565b01790927ef36a942d3c1e4961ba5e04465a5520e6982c25df1f10db7093aca5959f0c2804cfd3093fa0ca03405d08cb8aa5c1731a6700462c96c7d015fb90fab5da3c366af9230a4e19e0c2dd92f4c24e7e825083332c6dcca9160a3e53c0227b4f41e8b9ffdf5d515efe2d4d665e92a774b2e4bcad4228c8ef58343706cff0e393345a4dcd78073ef1664d23eef7313e3726713bc625cf0cc1bee43ee1a39d615ada40495be8ddb43d6fe18c5b7e79216bd93bd1ee8cd74b8f23a910770b0b4b13e9048cad746929c1594d0b30cabe0529a20eb055e7f42508317e3cfb9b0f564aaa02288173265e75b5b4eb749d4fa04a015be84d02c3cc25b805cea8640d13275ba91d8e5f0ed6865f4eede33c99b7dcb5f81117a0fb18a7fff9bfe90deb327ed5d8da6e56809ef31d8d7e35736cee5521cc57b4356558af88f60f4554d5e12cc61f00c2177ddaa778a5aaba2dd07ef29f72775412ffb1374eea064ee33b5ea5c998b720999e23e7596797960ccd212b1ba46095cb17cc5affd87fbeb82fc345a2ae3f185f9da92e316d545eb4e42b5afc84eb0083c0ea8f4652c0432ead6fcf0c5bd1fe311d2423ea1b96658869f2889962ac40b655dd364811e4433ed1b3ba185f35499b2c79c0be7d01724b3ceea29f35a80703f9352e2100df201998f5d008b13492e7c1fd408dbf4713175f319118ce763ba241c534b4e003cade6c6a92075ce14537e36f5410d46d856c401320ca2d21211786fddcfc70a2ebf108c09c6b92a202e510b55358a26c88232b01d61bc4b43f0595b5015f302391d1ffd00e8937aeef9308ce30904fbf3b0b7b90e93bd51a1762d6f6d59e87b0701fddf80f951e75e1e8403bcf80a09454533995b3c6a030e34678bd34c2da0b344ba25c3d43207443aefab8866e3025887a42d584b8bd053f5e8c34610e5758f5497ace6781677e0e0ad1dadb5213f5b5156d1bf21f8f8efe6c0dc64a2e286f568803a9447143527bae17b4db53957832e5d646769ed50c8772641bd204f583c1732ed0230cdd03201e32fa9b7b54ffc65147c02c5134875a61f493bc34cca0fab088aa0bd1521a6f19568f2526314b7243ffc833cde93b6e2c7372830d315b7880b7640c3556da959a4148572a07b17d9a062272ab2bf88a070a18e6c195ae07977975bbd844462765541b7ac63ab4c0e17239e16a7174b1b36f3e76366ee813482e92ec9259536926495d56248c6afd09d7babe07a62626dd00e82bc93099a24f85b86b9c911e8763d56bcac2410f8e9139f77df9aae4b9b9079a318c6d858a6e6b7f9ba3c98f1cbd2923bd16b90", 0x1000)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  123.841170][ T8648] FAT-fs (loop2): bogus number of reserved sectors
[  123.847800][ T8648] FAT-fs (loop2): Can't find a valid FAT filesystem
08:50:12 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:12 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0x0, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x16, &(0x7f0000000280)="5f579ed79400a9c94fd8af556f2cb0453f46823f62428604e722ea22e3d2adb04cd5e1ac63bc76c984c9ae0036529ee534505051a0c1d70bcbe616385fd4a0e1e3953d2afcb5da8bef8f2dff4591ed13471d61ccba1997686490be5a9e8d5fd701e7cf1360ff0ddeb54b63cd83ef47dfee396e16da79fdb6bd7d51accf5517c4fad6ad29b6736ff820e6f1c96c10c0cc9484ac4f217468bb00db28e231029100c67d3e9443df9262a4e30862f9ac31ebde4664baab5c7b95f677eecfa9269442f2b05b1d74ffb705f71089bd934aa275b54c277db5d0b7e0c8f5c305ccdc60d8f88dac0b8eb57ee141d08d7a90bd145a9396248cc1f6ea6c6c0bc1327fd77934ea5ef93bbec3a49ef8eb87f3160c436b2b5e0b4581c9f0851123a3632e19cde75f16ba683172139eda87314518bf5f577bd1a579c183e26b4a1f12ee0b1c5cba97f1e69348a53afa56e93cc0dad5da9363a6e06d3109c4a4a54a5cbfc3d460d837ab1e38ac4cf71711dcf57f9cb0ce01dfc74c370ea40c2524ba930563f602cf603702a95083db3d762219c6a0e63533ca3fe1e8df336c43649d7e1e55ac5263627f8c0557024b6df89ffe6f07162f6dbcb3cf12071922e15fda068943909ebd158fed261beded5d03e3a271899ecafd74b5932918f336926ab4e801cd17b0bdc4c5ba9258f3471cb9292b00fb87d427c225ce941b6f47e656d12951fcbb04a85e9b913322be649e26ac1ca63816796bf149e88eaa48b8a034c93075467b20e317fcc0a1c20f6cb6288005b50f155217037c7750df484b0e393350978d78e8518402bfea892e455d1380a4a3418d336bac19cc839167736ead4e15af72b0103aea017d756edbd3147c55a0ccec74199f1eb9eb817a3351df39fbffd85149601ad7c074aff3856e90eed3bbca5702db3620b089a36b278ea7238d5a799b41c818c90869de9db9be5cd2919cc4b043bf9a80c34b461eef6ab0feb7fa9dfc67ee30548bc7301115f8d82dc2a88a798a708df684a5c7a018a4abda559072c6a163c4d321df4a9d88ec57785b7e54118ee445427015db07c1ae47f7e10b5d038d889ba401ba1273add2ebca5f3422fd2da6e3efc3563d8f9e545b16147cc6cccc586b1c4d665d8e624db0b1be87c4bfe8f1d6303e7975727aef35aceb85d2916fee4ba5af8705065e2a8ddec6ade155a1d27ce8a98f80e1739bb268d4b3247bbac21ecaa5558b4635056b5935422bbcb51b3b98f647ff3e5f61e43720b8cee5b95b78b6d9211cf38ed12b676b411797b1a1dbeb7d3a3633d6f1b8af01c2c6e6b4bc73280743d148a621e5915f4e344f75d42bbfaa769be8625e64a72f516098101bf7459ffbf89316067b8df337964dca69cdf8a1c2d6d51e3a1c92c0c80b807b5ad0c5f92df54b7b551acdf41c3058fbd52d03b50abe7e0acb50f4f77ad30164f146c4ce766cde532ea7e7f650137332fa444f7414c22c968f32c6d0e977b39ceabb72dcea722a7dfb583fb885066496cacc20af767f50c5f4b86499c054db70a6b59bead1d269b997a85fd7eb81596696b0717443a3754d45815f0718a99c594a311879ddb23e4611c15f857aeb3af425b367b23300d3ffd63a3589aa89a7dd9933375897090eab1589653dd5c7e437d15ef42e2901653f9d0b5eb802ce90800326deaa68c3647933043954a403531a1f698df58bd439bb14cf34a60fc1e55fafbf2d3c1fe476bb76dbb948fb3dd4b1b03ab03120762be4f540778ccb89e0aee5418e6c51b65c43ae29f04d8b200d5cb27a804e9c981dda2278a8276db77121139f366d94a7783d669ee190bb2b16c1fe72091014945b48042c5fe1944d7b62634fd016a526d7246ebcf56e5b6201232ae13f18a48a8ace28d6add02a4ca7c85b9eee00fa13073c1c6c13e3eed2e2bfb5e826b1c6d99318018e896b35ee0ee2013bb22b86b75148390fe0932a15d6433d39f56eb66c5093a227d6db4c46b893604100ce0fc16221af87f9bc4e6a7198b3ca71b1ce0984fee1c174ea106736d283760e7c332f5f90cd7bd20b99587062fcebcf6e2b4936002b9cd9ec781fbd1539ea0ee280d20a3f276d0576d2cb77009b47b5743c5e43d8a0aefb7216e0f72f2a6713d24e1405fd105cabb8a3633b828ad0bec8a2858d4dfb5e2bb21472d5cacfdb81c420e53e3fc0b3d8f65cbc2c464dd349ac087c09d6a10ece32f0533c32b844110508a8ab62c491209678e117e4305bf193ed7a441241007dbd7adcde5bf4efda6d0def06e0e9f6cac90183477cf55e54f8be781ed28c10638eb6f036d40679b69c1da42cc2bfe885da7fa921092651b0c6eeb34de07a00e0ca0adeb2c1feb015dfe0e0ea4bebe1e05be2b1dd836081f1774d608757d91421b91029db174e4fb5428437c31ba64099606b69cdcd83f4ea511fa97da4112c83eab436b1ba941465ac206a8f48c18a2253d7b314e3c8a19d42e254d1e0795cf6b0007aa81034d29f4d7e4a0a596105ecd139fa18c88e1f953dd4b454a2096e14ae8733e33ea8697b268c07fec15234b2cfb5678cf4345cd00c9959a0520ff45ae7b7411cdc067a1069907f3780b15b56c96fc505ec6c6975327c348ca0a23c1deb1f5890fc25bec8424949bdf23c314e08de883891d6753e77052bca2959911d378173a45b1b2ccce8a036b585716da11fb9cdb135460f8acb3179ed30ef1eca1927fa0b8458f66755ecc5d7bb9d706e3b2d0c01dca23ec8ba696baf132199b20aa8897938214f81ec8a549ca3c3edf70f8cf3e9900074007b1c184fc4aa30abce4f7a4bcf083520710970f2b7b4f2c0ad008b7aeff389831c1970fd317097666e9a90467425c96fad04457580677218441b71125bdba5846d570348eb1bd6effc3870cd9c3f9c9bc96d3444211ddc7aae06f796df2a78d7a670c2072a5d2b212aef737dc6df423f50dea398c7bf146b2db22e42b723bbef4cc8d457d72eaccd6daa67f43054803cc44781319cfd4df5c14e5ada1acde4876bc8d797b95067e4627ab353086c57395e5c446a8add31887af4aeb9f22e65d8d565a90d57933fa09273f500697a58149273dcdbb2c20fb542fa3fde3be0498954d030d819bc1a2de9180b68f6cc7dacd6aa704c9809eb63b38eef066f9776483f65a92729b4277baeffc3c8ef0ab6111e2049da0fad2f0b2b7771837220b8fc0e2457516db794bccb8cb34d799f096964fd04bce91350f348207813a6f51640bc0d8b9c4f95892c296ef68961ab90e809a51a1eef2cb4365b66063d50902aeeba73ead9564da1c62fe5b8b12bf49024f710ff0bc9b5807ff9dd045746677c8522a4b0841224b6c56ba75a3f768ac3096e97d22db9dc1b7d0668c32f834feabd10789b233b0b11fc7cf531998383490b1372c798e9ee02379aca07a887653c64d3b8fd96797e371940bc108abf6c3ecf69549d2abeb2ea09105778e26cd3f08b90c7007c7eeedffad59b8b3c04faa88cd39d8e23154b0b230c71519d3e6b0af4b1017499a6292723e426334b229b635fe8761a2e99965646357cb1f80eff948142970d7aca2e7748322583f5dc68880de9d4fc13eedd26cfe9d78e90efb868c3d2d0ac18dd82c55b9bd299b035f67603cb11a92f603c8c98b81c588789d5ab0b0421f4dec920d88386d5b2d64586b19bf72b65a28d480d4ec7ba5fa7a4b577ac3e670e307b601bef1a8924787c0fd72989671a30ec843cfbe0ddbab61b1c0e316071e0bd488fcc17b677355f6f1feab32a44bcbc411786c002738c11c4fb5af07bd679f1f6150f2d270d48cd87caa58d437651c4568dea65cb6ffec7ae7b5c8b973dac75586b7f57b3774ca836ed0fb4d212f89c79cce4a1493076a509e9811355aa3447747d2f6d9dbfc4590996a56951f66bfe76d7b2a11893e02579887338c4928372c1d837e9b92a7c1b73671427f51f73c03cd9e3ba437204bed525f2ddde1aac15cf090b10e7f540845c6d643e6d421c4421c9e578e98bd80847ac3eb6687438d2e388b83a987be5479140e7ca2c4dfc038bf82b03faf75924f7fe82bfbf4f7cd25a2105d8db7b07d847ad1edca94323f744cc54640f929dcb6e93509336150469c575b16669d6671b61ab0418d67a90d0eafdc6287ebcb486ef990da526151d1309e2deb5a5ba25b705552052017ae242a77694080b2c648e35044fc731f3fa63e90c52550c26af75517285ca22696b655274e986c076a6cff721ab202c6d3634a88bc860967bc9fa2853f595851c421e3677b4c938a5684cbf45fb78214e8ce47dadf1f25e281ea092b857dd8d61bc4224ace14741320ce9ee63f2a5eef59cf1af1cd4b856ceae09b87eb2c67b6c3dc160da2c178138927eef6762163fe1dcc26e49edca9e1dd6fba3ab0b262d83a2d26939ceedb64974f34726c22a6139c7c63103415e287ded358d7f0b6c93bc626baf81f0efb0690bf790af70f1ac565b01790927ef36a942d3c1e4961ba5e04465a5520e6982c25df1f10db7093aca5959f0c2804cfd3093fa0ca03405d08cb8aa5c1731a6700462c96c7d015fb90fab5da3c366af9230a4e19e0c2dd92f4c24e7e825083332c6dcca9160a3e53c0227b4f41e8b9ffdf5d515efe2d4d665e92a774b2e4bcad4228c8ef58343706cff0e393345a4dcd78073ef1664d23eef7313e3726713bc625cf0cc1bee43ee1a39d615ada40495be8ddb43d6fe18c5b7e79216bd93bd1ee8cd74b8f23a910770b0b4b13e9048cad746929c1594d0b30cabe0529a20eb055e7f42508317e3cfb9b0f564aaa02288173265e75b5b4eb749d4fa04a015be84d02c3cc25b805cea8640d13275ba91d8e5f0ed6865f4eede33c99b7dcb5f81117a0fb18a7fff9bfe90deb327ed5d8da6e56809ef31d8d7e35736cee5521cc57b4356558af88f60f4554d5e12cc61f00c2177ddaa778a5aaba2dd07ef29f72775412ffb1374eea064ee33b5ea5c998b720999e23e7596797960ccd212b1ba46095cb17cc5affd87fbeb82fc345a2ae3f185f9da92e316d545eb4e42b5afc84eb0083c0ea8f4652c0432ead6fcf0c5bd1fe311d2423ea1b96658869f2889962ac40b655dd364811e4433ed1b3ba185f35499b2c79c0be7d01724b3ceea29f35a80703f9352e2100df201998f5d008b13492e7c1fd408dbf4713175f319118ce763ba241c534b4e003cade6c6a92075ce14537e36f5410d46d856c401320ca2d21211786fddcfc70a2ebf108c09c6b92a202e510b55358a26c88232b01d61bc4b43f0595b5015f302391d1ffd00e8937aeef9308ce30904fbf3b0b7b90e93bd51a1762d6f6d59e87b0701fddf80f951e75e1e8403bcf80a09454533995b3c6a030e34678bd34c2da0b344ba25c3d43207443aefab8866e3025887a42d584b8bd053f5e8c34610e5758f5497ace6781677e0e0ad1dadb5213f5b5156d1bf21f8f8efe6c0dc64a2e286f568803a9447143527bae17b4db53957832e5d646769ed50c8772641bd204f583c1732ed0230cdd03201e32fa9b7b54ffc65147c02c5134875a61f493bc34cca0fab088aa0bd1521a6f19568f2526314b7243ffc833cde93b6e2c7372830d315b7880b7640c3556da959a4148572a07b17d9a062272ab2bf88a070a18e6c195ae07977975bbd844462765541b7ac63ab4c0e17239e16a7174b1b36f3e76366ee813482e92ec9259536926495d56248c6afd09d7babe07a62626dd00e82bc93099a24f85b86b9c911e8763d56bcac2410f8e9139f77df9aae4b9b9079a318c6d858a6e6b7f9ba3c98f1cbd2923bd16b90", 0x1000)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  123.927061][ T8677] loop4: detected capacity change from 0 to 16
[  123.955638][ T8682] FAT-fs (loop5): bogus number of reserved sectors
[  123.962255][ T8682] FAT-fs (loop5): Can't find a valid FAT filesystem
08:50:13 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:13 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c0000006800"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x0)

08:50:13 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:50:13 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0x0, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x16, &(0x7f0000000280)="5f579ed79400a9c94fd8af556f2cb0453f46823f62428604e722ea22e3d2adb04cd5e1ac63bc76c984c9ae0036529ee534505051a0c1d70bcbe616385fd4a0e1e3953d2afcb5da8bef8f2dff4591ed13471d61ccba1997686490be5a9e8d5fd701e7cf1360ff0ddeb54b63cd83ef47dfee396e16da79fdb6bd7d51accf5517c4fad6ad29b6736ff820e6f1c96c10c0cc9484ac4f217468bb00db28e231029100c67d3e9443df9262a4e30862f9ac31ebde4664baab5c7b95f677eecfa9269442f2b05b1d74ffb705f71089bd934aa275b54c277db5d0b7e0c8f5c305ccdc60d8f88dac0b8eb57ee141d08d7a90bd145a9396248cc1f6ea6c6c0bc1327fd77934ea5ef93bbec3a49ef8eb87f3160c436b2b5e0b4581c9f0851123a3632e19cde75f16ba683172139eda87314518bf5f577bd1a579c183e26b4a1f12ee0b1c5cba97f1e69348a53afa56e93cc0dad5da9363a6e06d3109c4a4a54a5cbfc3d460d837ab1e38ac4cf71711dcf57f9cb0ce01dfc74c370ea40c2524ba930563f602cf603702a95083db3d762219c6a0e63533ca3fe1e8df336c43649d7e1e55ac5263627f8c0557024b6df89ffe6f07162f6dbcb3cf12071922e15fda068943909ebd158fed261beded5d03e3a271899ecafd74b5932918f336926ab4e801cd17b0bdc4c5ba9258f3471cb9292b00fb87d427c225ce941b6f47e656d12951fcbb04a85e9b913322be649e26ac1ca63816796bf149e88eaa48b8a034c93075467b20e317fcc0a1c20f6cb6288005b50f155217037c7750df484b0e393350978d78e8518402bfea892e455d1380a4a3418d336bac19cc839167736ead4e15af72b0103aea017d756edbd3147c55a0ccec74199f1eb9eb817a3351df39fbffd85149601ad7c074aff3856e90eed3bbca5702db3620b089a36b278ea7238d5a799b41c818c90869de9db9be5cd2919cc4b043bf9a80c34b461eef6ab0feb7fa9dfc67ee30548bc7301115f8d82dc2a88a798a708df684a5c7a018a4abda559072c6a163c4d321df4a9d88ec57785b7e54118ee445427015db07c1ae47f7e10b5d038d889ba401ba1273add2ebca5f3422fd2da6e3efc3563d8f9e545b16147cc6cccc586b1c4d665d8e624db0b1be87c4bfe8f1d6303e7975727aef35aceb85d2916fee4ba5af8705065e2a8ddec6ade155a1d27ce8a98f80e1739bb268d4b3247bbac21ecaa5558b4635056b5935422bbcb51b3b98f647ff3e5f61e43720b8cee5b95b78b6d9211cf38ed12b676b411797b1a1dbeb7d3a3633d6f1b8af01c2c6e6b4bc73280743d148a621e5915f4e344f75d42bbfaa769be8625e64a72f516098101bf7459ffbf89316067b8df337964dca69cdf8a1c2d6d51e3a1c92c0c80b807b5ad0c5f92df54b7b551acdf41c3058fbd52d03b50abe7e0acb50f4f77ad30164f146c4ce766cde532ea7e7f650137332fa444f7414c22c968f32c6d0e977b39ceabb72dcea722a7dfb583fb885066496cacc20af767f50c5f4b86499c054db70a6b59bead1d269b997a85fd7eb81596696b0717443a3754d45815f0718a99c594a311879ddb23e4611c15f857aeb3af425b367b23300d3ffd63a3589aa89a7dd9933375897090eab1589653dd5c7e437d15ef42e2901653f9d0b5eb802ce90800326deaa68c3647933043954a403531a1f698df58bd439bb14cf34a60fc1e55fafbf2d3c1fe476bb76dbb948fb3dd4b1b03ab03120762be4f540778ccb89e0aee5418e6c51b65c43ae29f04d8b200d5cb27a804e9c981dda2278a8276db77121139f366d94a7783d669ee190bb2b16c1fe72091014945b48042c5fe1944d7b62634fd016a526d7246ebcf56e5b6201232ae13f18a48a8ace28d6add02a4ca7c85b9eee00fa13073c1c6c13e3eed2e2bfb5e826b1c6d99318018e896b35ee0ee2013bb22b86b75148390fe0932a15d6433d39f56eb66c5093a227d6db4c46b893604100ce0fc16221af87f9bc4e6a7198b3ca71b1ce0984fee1c174ea106736d283760e7c332f5f90cd7bd20b99587062fcebcf6e2b4936002b9cd9ec781fbd1539ea0ee280d20a3f276d0576d2cb77009b47b5743c5e43d8a0aefb7216e0f72f2a6713d24e1405fd105cabb8a3633b828ad0bec8a2858d4dfb5e2bb21472d5cacfdb81c420e53e3fc0b3d8f65cbc2c464dd349ac087c09d6a10ece32f0533c32b844110508a8ab62c491209678e117e4305bf193ed7a441241007dbd7adcde5bf4efda6d0def06e0e9f6cac90183477cf55e54f8be781ed28c10638eb6f036d40679b69c1da42cc2bfe885da7fa921092651b0c6eeb34de07a00e0ca0adeb2c1feb015dfe0e0ea4bebe1e05be2b1dd836081f1774d608757d91421b91029db174e4fb5428437c31ba64099606b69cdcd83f4ea511fa97da4112c83eab436b1ba941465ac206a8f48c18a2253d7b314e3c8a19d42e254d1e0795cf6b0007aa81034d29f4d7e4a0a596105ecd139fa18c88e1f953dd4b454a2096e14ae8733e33ea8697b268c07fec15234b2cfb5678cf4345cd00c9959a0520ff45ae7b7411cdc067a1069907f3780b15b56c96fc505ec6c6975327c348ca0a23c1deb1f5890fc25bec8424949bdf23c314e08de883891d6753e77052bca2959911d378173a45b1b2ccce8a036b585716da11fb9cdb135460f8acb3179ed30ef1eca1927fa0b8458f66755ecc5d7bb9d706e3b2d0c01dca23ec8ba696baf132199b20aa8897938214f81ec8a549ca3c3edf70f8cf3e9900074007b1c184fc4aa30abce4f7a4bcf083520710970f2b7b4f2c0ad008b7aeff389831c1970fd317097666e9a90467425c96fad04457580677218441b71125bdba5846d570348eb1bd6effc3870cd9c3f9c9bc96d3444211ddc7aae06f796df2a78d7a670c2072a5d2b212aef737dc6df423f50dea398c7bf146b2db22e42b723bbef4cc8d457d72eaccd6daa67f43054803cc44781319cfd4df5c14e5ada1acde4876bc8d797b95067e4627ab353086c57395e5c446a8add31887af4aeb9f22e65d8d565a90d57933fa09273f500697a58149273dcdbb2c20fb542fa3fde3be0498954d030d819bc1a2de9180b68f6cc7dacd6aa704c9809eb63b38eef066f9776483f65a92729b4277baeffc3c8ef0ab6111e2049da0fad2f0b2b7771837220b8fc0e2457516db794bccb8cb34d799f096964fd04bce91350f348207813a6f51640bc0d8b9c4f95892c296ef68961ab90e809a51a1eef2cb4365b66063d50902aeeba73ead9564da1c62fe5b8b12bf49024f710ff0bc9b5807ff9dd045746677c8522a4b0841224b6c56ba75a3f768ac3096e97d22db9dc1b7d0668c32f834feabd10789b233b0b11fc7cf531998383490b1372c798e9ee02379aca07a887653c64d3b8fd96797e371940bc108abf6c3ecf69549d2abeb2ea09105778e26cd3f08b90c7007c7eeedffad59b8b3c04faa88cd39d8e23154b0b230c71519d3e6b0af4b1017499a6292723e426334b229b635fe8761a2e99965646357cb1f80eff948142970d7aca2e7748322583f5dc68880de9d4fc13eedd26cfe9d78e90efb868c3d2d0ac18dd82c55b9bd299b035f67603cb11a92f603c8c98b81c588789d5ab0b0421f4dec920d88386d5b2d64586b19bf72b65a28d480d4ec7ba5fa7a4b577ac3e670e307b601bef1a8924787c0fd72989671a30ec843cfbe0ddbab61b1c0e316071e0bd488fcc17b677355f6f1feab32a44bcbc411786c002738c11c4fb5af07bd679f1f6150f2d270d48cd87caa58d437651c4568dea65cb6ffec7ae7b5c8b973dac75586b7f57b3774ca836ed0fb4d212f89c79cce4a1493076a509e9811355aa3447747d2f6d9dbfc4590996a56951f66bfe76d7b2a11893e02579887338c4928372c1d837e9b92a7c1b73671427f51f73c03cd9e3ba437204bed525f2ddde1aac15cf090b10e7f540845c6d643e6d421c4421c9e578e98bd80847ac3eb6687438d2e388b83a987be5479140e7ca2c4dfc038bf82b03faf75924f7fe82bfbf4f7cd25a2105d8db7b07d847ad1edca94323f744cc54640f929dcb6e93509336150469c575b16669d6671b61ab0418d67a90d0eafdc6287ebcb486ef990da526151d1309e2deb5a5ba25b705552052017ae242a77694080b2c648e35044fc731f3fa63e90c52550c26af75517285ca22696b655274e986c076a6cff721ab202c6d3634a88bc860967bc9fa2853f595851c421e3677b4c938a5684cbf45fb78214e8ce47dadf1f25e281ea092b857dd8d61bc4224ace14741320ce9ee63f2a5eef59cf1af1cd4b856ceae09b87eb2c67b6c3dc160da2c178138927eef6762163fe1dcc26e49edca9e1dd6fba3ab0b262d83a2d26939ceedb64974f34726c22a6139c7c63103415e287ded358d7f0b6c93bc626baf81f0efb0690bf790af70f1ac565b01790927ef36a942d3c1e4961ba5e04465a5520e6982c25df1f10db7093aca5959f0c2804cfd3093fa0ca03405d08cb8aa5c1731a6700462c96c7d015fb90fab5da3c366af9230a4e19e0c2dd92f4c24e7e825083332c6dcca9160a3e53c0227b4f41e8b9ffdf5d515efe2d4d665e92a774b2e4bcad4228c8ef58343706cff0e393345a4dcd78073ef1664d23eef7313e3726713bc625cf0cc1bee43ee1a39d615ada40495be8ddb43d6fe18c5b7e79216bd93bd1ee8cd74b8f23a910770b0b4b13e9048cad746929c1594d0b30cabe0529a20eb055e7f42508317e3cfb9b0f564aaa02288173265e75b5b4eb749d4fa04a015be84d02c3cc25b805cea8640d13275ba91d8e5f0ed6865f4eede33c99b7dcb5f81117a0fb18a7fff9bfe90deb327ed5d8da6e56809ef31d8d7e35736cee5521cc57b4356558af88f60f4554d5e12cc61f00c2177ddaa778a5aaba2dd07ef29f72775412ffb1374eea064ee33b5ea5c998b720999e23e7596797960ccd212b1ba46095cb17cc5affd87fbeb82fc345a2ae3f185f9da92e316d545eb4e42b5afc84eb0083c0ea8f4652c0432ead6fcf0c5bd1fe311d2423ea1b96658869f2889962ac40b655dd364811e4433ed1b3ba185f35499b2c79c0be7d01724b3ceea29f35a80703f9352e2100df201998f5d008b13492e7c1fd408dbf4713175f319118ce763ba241c534b4e003cade6c6a92075ce14537e36f5410d46d856c401320ca2d21211786fddcfc70a2ebf108c09c6b92a202e510b55358a26c88232b01d61bc4b43f0595b5015f302391d1ffd00e8937aeef9308ce30904fbf3b0b7b90e93bd51a1762d6f6d59e87b0701fddf80f951e75e1e8403bcf80a09454533995b3c6a030e34678bd34c2da0b344ba25c3d43207443aefab8866e3025887a42d584b8bd053f5e8c34610e5758f5497ace6781677e0e0ad1dadb5213f5b5156d1bf21f8f8efe6c0dc64a2e286f568803a9447143527bae17b4db53957832e5d646769ed50c8772641bd204f583c1732ed0230cdd03201e32fa9b7b54ffc65147c02c5134875a61f493bc34cca0fab088aa0bd1521a6f19568f2526314b7243ffc833cde93b6e2c7372830d315b7880b7640c3556da959a4148572a07b17d9a062272ab2bf88a070a18e6c195ae07977975bbd844462765541b7ac63ab4c0e17239e16a7174b1b36f3e76366ee813482e92ec9259536926495d56248c6afd09d7babe07a62626dd00e82bc93099a24f85b86b9c911e8763d56bcac2410f8e9139f77df9aae4b9b9079a318c6d858a6e6b7f9ba3c98f1cbd2923bd16b90", 0x1000)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:13 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, 0x0, 0x0)

08:50:13 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

[  124.688584][ T8707] loop5: detected capacity change from 0 to 16
[  124.691349][ T8706] loop4: detected capacity change from 0 to 16
[  124.701335][ T8707] FAT-fs (loop5): bogus number of reserved sectors
[  124.704244][ T8710] loop2: detected capacity change from 0 to 16
[  124.707853][ T8707] FAT-fs (loop5): Can't find a valid FAT filesystem
[  124.730121][ T8710] FAT-fs (loop2): bogus number of reserved sectors
08:50:13 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0x0, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x16, &(0x7f0000000280)="5f579ed79400a9c94fd8af556f2cb0453f46823f62428604e722ea22e3d2adb04cd5e1ac63bc76c984c9ae0036529ee534505051a0c1d70bcbe616385fd4a0e1e3953d2afcb5da8bef8f2dff4591ed13471d61ccba1997686490be5a9e8d5fd701e7cf1360ff0ddeb54b63cd83ef47dfee396e16da79fdb6bd7d51accf5517c4fad6ad29b6736ff820e6f1c96c10c0cc9484ac4f217468bb00db28e231029100c67d3e9443df9262a4e30862f9ac31ebde4664baab5c7b95f677eecfa9269442f2b05b1d74ffb705f71089bd934aa275b54c277db5d0b7e0c8f5c305ccdc60d8f88dac0b8eb57ee141d08d7a90bd145a9396248cc1f6ea6c6c0bc1327fd77934ea5ef93bbec3a49ef8eb87f3160c436b2b5e0b4581c9f0851123a3632e19cde75f16ba683172139eda87314518bf5f577bd1a579c183e26b4a1f12ee0b1c5cba97f1e69348a53afa56e93cc0dad5da9363a6e06d3109c4a4a54a5cbfc3d460d837ab1e38ac4cf71711dcf57f9cb0ce01dfc74c370ea40c2524ba930563f602cf603702a95083db3d762219c6a0e63533ca3fe1e8df336c43649d7e1e55ac5263627f8c0557024b6df89ffe6f07162f6dbcb3cf12071922e15fda068943909ebd158fed261beded5d03e3a271899ecafd74b5932918f336926ab4e801cd17b0bdc4c5ba9258f3471cb9292b00fb87d427c225ce941b6f47e656d12951fcbb04a85e9b913322be649e26ac1ca63816796bf149e88eaa48b8a034c93075467b20e317fcc0a1c20f6cb6288005b50f155217037c7750df484b0e393350978d78e8518402bfea892e455d1380a4a3418d336bac19cc839167736ead4e15af72b0103aea017d756edbd3147c55a0ccec74199f1eb9eb817a3351df39fbffd85149601ad7c074aff3856e90eed3bbca5702db3620b089a36b278ea7238d5a799b41c818c90869de9db9be5cd2919cc4b043bf9a80c34b461eef6ab0feb7fa9dfc67ee30548bc7301115f8d82dc2a88a798a708df684a5c7a018a4abda559072c6a163c4d321df4a9d88ec57785b7e54118ee445427015db07c1ae47f7e10b5d038d889ba401ba1273add2ebca5f3422fd2da6e3efc3563d8f9e545b16147cc6cccc586b1c4d665d8e624db0b1be87c4bfe8f1d6303e7975727aef35aceb85d2916fee4ba5af8705065e2a8ddec6ade155a1d27ce8a98f80e1739bb268d4b3247bbac21ecaa5558b4635056b5935422bbcb51b3b98f647ff3e5f61e43720b8cee5b95b78b6d9211cf38ed12b676b411797b1a1dbeb7d3a3633d6f1b8af01c2c6e6b4bc73280743d148a621e5915f4e344f75d42bbfaa769be8625e64a72f516098101bf7459ffbf89316067b8df337964dca69cdf8a1c2d6d51e3a1c92c0c80b807b5ad0c5f92df54b7b551acdf41c3058fbd52d03b50abe7e0acb50f4f77ad30164f146c4ce766cde532ea7e7f650137332fa444f7414c22c968f32c6d0e977b39ceabb72dcea722a7dfb583fb885066496cacc20af767f50c5f4b86499c054db70a6b59bead1d269b997a85fd7eb81596696b0717443a3754d45815f0718a99c594a311879ddb23e4611c15f857aeb3af425b367b23300d3ffd63a3589aa89a7dd9933375897090eab1589653dd5c7e437d15ef42e2901653f9d0b5eb802ce90800326deaa68c3647933043954a403531a1f698df58bd439bb14cf34a60fc1e55fafbf2d3c1fe476bb76dbb948fb3dd4b1b03ab03120762be4f540778ccb89e0aee5418e6c51b65c43ae29f04d8b200d5cb27a804e9c981dda2278a8276db77121139f366d94a7783d669ee190bb2b16c1fe72091014945b48042c5fe1944d7b62634fd016a526d7246ebcf56e5b6201232ae13f18a48a8ace28d6add02a4ca7c85b9eee00fa13073c1c6c13e3eed2e2bfb5e826b1c6d99318018e896b35ee0ee2013bb22b86b75148390fe0932a15d6433d39f56eb66c5093a227d6db4c46b893604100ce0fc16221af87f9bc4e6a7198b3ca71b1ce0984fee1c174ea106736d283760e7c332f5f90cd7bd20b99587062fcebcf6e2b4936002b9cd9ec781fbd1539ea0ee280d20a3f276d0576d2cb77009b47b5743c5e43d8a0aefb7216e0f72f2a6713d24e1405fd105cabb8a3633b828ad0bec8a2858d4dfb5e2bb21472d5cacfdb81c420e53e3fc0b3d8f65cbc2c464dd349ac087c09d6a10ece32f0533c32b844110508a8ab62c491209678e117e4305bf193ed7a441241007dbd7adcde5bf4efda6d0def06e0e9f6cac90183477cf55e54f8be781ed28c10638eb6f036d40679b69c1da42cc2bfe885da7fa921092651b0c6eeb34de07a00e0ca0adeb2c1feb015dfe0e0ea4bebe1e05be2b1dd836081f1774d608757d91421b91029db174e4fb5428437c31ba64099606b69cdcd83f4ea511fa97da4112c83eab436b1ba941465ac206a8f48c18a2253d7b314e3c8a19d42e254d1e0795cf6b0007aa81034d29f4d7e4a0a596105ecd139fa18c88e1f953dd4b454a2096e14ae8733e33ea8697b268c07fec15234b2cfb5678cf4345cd00c9959a0520ff45ae7b7411cdc067a1069907f3780b15b56c96fc505ec6c6975327c348ca0a23c1deb1f5890fc25bec8424949bdf23c314e08de883891d6753e77052bca2959911d378173a45b1b2ccce8a036b585716da11fb9cdb135460f8acb3179ed30ef1eca1927fa0b8458f66755ecc5d7bb9d706e3b2d0c01dca23ec8ba696baf132199b20aa8897938214f81ec8a549ca3c3edf70f8cf3e9900074007b1c184fc4aa30abce4f7a4bcf083520710970f2b7b4f2c0ad008b7aeff389831c1970fd317097666e9a90467425c96fad04457580677218441b71125bdba5846d570348eb1bd6effc3870cd9c3f9c9bc96d3444211ddc7aae06f796df2a78d7a670c2072a5d2b212aef737dc6df423f50dea398c7bf146b2db22e42b723bbef4cc8d457d72eaccd6daa67f43054803cc44781319cfd4df5c14e5ada1acde4876bc8d797b95067e4627ab353086c57395e5c446a8add31887af4aeb9f22e65d8d565a90d57933fa09273f500697a58149273dcdbb2c20fb542fa3fde3be0498954d030d819bc1a2de9180b68f6cc7dacd6aa704c9809eb63b38eef066f9776483f65a92729b4277baeffc3c8ef0ab6111e2049da0fad2f0b2b7771837220b8fc0e2457516db794bccb8cb34d799f096964fd04bce91350f348207813a6f51640bc0d8b9c4f95892c296ef68961ab90e809a51a1eef2cb4365b66063d50902aeeba73ead9564da1c62fe5b8b12bf49024f710ff0bc9b5807ff9dd045746677c8522a4b0841224b6c56ba75a3f768ac3096e97d22db9dc1b7d0668c32f834feabd10789b233b0b11fc7cf531998383490b1372c798e9ee02379aca07a887653c64d3b8fd96797e371940bc108abf6c3ecf69549d2abeb2ea09105778e26cd3f08b90c7007c7eeedffad59b8b3c04faa88cd39d8e23154b0b230c71519d3e6b0af4b1017499a6292723e426334b229b635fe8761a2e99965646357cb1f80eff948142970d7aca2e7748322583f5dc68880de9d4fc13eedd26cfe9d78e90efb868c3d2d0ac18dd82c55b9bd299b035f67603cb11a92f603c8c98b81c588789d5ab0b0421f4dec920d88386d5b2d64586b19bf72b65a28d480d4ec7ba5fa7a4b577ac3e670e307b601bef1a8924787c0fd72989671a30ec843cfbe0ddbab61b1c0e316071e0bd488fcc17b677355f6f1feab32a44bcbc411786c002738c11c4fb5af07bd679f1f6150f2d270d48cd87caa58d437651c4568dea65cb6ffec7ae7b5c8b973dac75586b7f57b3774ca836ed0fb4d212f89c79cce4a1493076a509e9811355aa3447747d2f6d9dbfc4590996a56951f66bfe76d7b2a11893e02579887338c4928372c1d837e9b92a7c1b73671427f51f73c03cd9e3ba437204bed525f2ddde1aac15cf090b10e7f540845c6d643e6d421c4421c9e578e98bd80847ac3eb6687438d2e388b83a987be5479140e7ca2c4dfc038bf82b03faf75924f7fe82bfbf4f7cd25a2105d8db7b07d847ad1edca94323f744cc54640f929dcb6e93509336150469c575b16669d6671b61ab0418d67a90d0eafdc6287ebcb486ef990da526151d1309e2deb5a5ba25b705552052017ae242a77694080b2c648e35044fc731f3fa63e90c52550c26af75517285ca22696b655274e986c076a6cff721ab202c6d3634a88bc860967bc9fa2853f595851c421e3677b4c938a5684cbf45fb78214e8ce47dadf1f25e281ea092b857dd8d61bc4224ace14741320ce9ee63f2a5eef59cf1af1cd4b856ceae09b87eb2c67b6c3dc160da2c178138927eef6762163fe1dcc26e49edca9e1dd6fba3ab0b262d83a2d26939ceedb64974f34726c22a6139c7c63103415e287ded358d7f0b6c93bc626baf81f0efb0690bf790af70f1ac565b01790927ef36a942d3c1e4961ba5e04465a5520e6982c25df1f10db7093aca5959f0c2804cfd3093fa0ca03405d08cb8aa5c1731a6700462c96c7d015fb90fab5da3c366af9230a4e19e0c2dd92f4c24e7e825083332c6dcca9160a3e53c0227b4f41e8b9ffdf5d515efe2d4d665e92a774b2e4bcad4228c8ef58343706cff0e393345a4dcd78073ef1664d23eef7313e3726713bc625cf0cc1bee43ee1a39d615ada40495be8ddb43d6fe18c5b7e79216bd93bd1ee8cd74b8f23a910770b0b4b13e9048cad746929c1594d0b30cabe0529a20eb055e7f42508317e3cfb9b0f564aaa02288173265e75b5b4eb749d4fa04a015be84d02c3cc25b805cea8640d13275ba91d8e5f0ed6865f4eede33c99b7dcb5f81117a0fb18a7fff9bfe90deb327ed5d8da6e56809ef31d8d7e35736cee5521cc57b4356558af88f60f4554d5e12cc61f00c2177ddaa778a5aaba2dd07ef29f72775412ffb1374eea064ee33b5ea5c998b720999e23e7596797960ccd212b1ba46095cb17cc5affd87fbeb82fc345a2ae3f185f9da92e316d545eb4e42b5afc84eb0083c0ea8f4652c0432ead6fcf0c5bd1fe311d2423ea1b96658869f2889962ac40b655dd364811e4433ed1b3ba185f35499b2c79c0be7d01724b3ceea29f35a80703f9352e2100df201998f5d008b13492e7c1fd408dbf4713175f319118ce763ba241c534b4e003cade6c6a92075ce14537e36f5410d46d856c401320ca2d21211786fddcfc70a2ebf108c09c6b92a202e510b55358a26c88232b01d61bc4b43f0595b5015f302391d1ffd00e8937aeef9308ce30904fbf3b0b7b90e93bd51a1762d6f6d59e87b0701fddf80f951e75e1e8403bcf80a09454533995b3c6a030e34678bd34c2da0b344ba25c3d43207443aefab8866e3025887a42d584b8bd053f5e8c34610e5758f5497ace6781677e0e0ad1dadb5213f5b5156d1bf21f8f8efe6c0dc64a2e286f568803a9447143527bae17b4db53957832e5d646769ed50c8772641bd204f583c1732ed0230cdd03201e32fa9b7b54ffc65147c02c5134875a61f493bc34cca0fab088aa0bd1521a6f19568f2526314b7243ffc833cde93b6e2c7372830d315b7880b7640c3556da959a4148572a07b17d9a062272ab2bf88a070a18e6c195ae07977975bbd844462765541b7ac63ab4c0e17239e16a7174b1b36f3e76366ee813482e92ec9259536926495d56248c6afd09d7babe07a62626dd00e82bc93099a24f85b86b9c911e8763d56bcac2410f8e9139f77df9aae4b9b9079a318c6d858a6e6b7f9ba3c98f1cbd2923bd16b90", 0x1000)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:13 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

[  124.736711][ T8710] FAT-fs (loop2): Can't find a valid FAT filesystem
08:50:13 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, 0x0, 0x0)

08:50:13 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:13 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:13 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x16, &(0x7f0000000280)="5f579ed79400a9c94fd8af556f2cb0453f46823f62428604e722ea22e3d2adb04cd5e1ac63bc76c984c9ae0036529ee534505051a0c1d70bcbe616385fd4a0e1e3953d2afcb5da8bef8f2dff4591ed13471d61ccba1997686490be5a9e8d5fd701e7cf1360ff0ddeb54b63cd83ef47dfee396e16da79fdb6bd7d51accf5517c4fad6ad29b6736ff820e6f1c96c10c0cc9484ac4f217468bb00db28e231029100c67d3e9443df9262a4e30862f9ac31ebde4664baab5c7b95f677eecfa9269442f2b05b1d74ffb705f71089bd934aa275b54c277db5d0b7e0c8f5c305ccdc60d8f88dac0b8eb57ee141d08d7a90bd145a9396248cc1f6ea6c6c0bc1327fd77934ea5ef93bbec3a49ef8eb87f3160c436b2b5e0b4581c9f0851123a3632e19cde75f16ba683172139eda87314518bf5f577bd1a579c183e26b4a1f12ee0b1c5cba97f1e69348a53afa56e93cc0dad5da9363a6e06d3109c4a4a54a5cbfc3d460d837ab1e38ac4cf71711dcf57f9cb0ce01dfc74c370ea40c2524ba930563f602cf603702a95083db3d762219c6a0e63533ca3fe1e8df336c43649d7e1e55ac5263627f8c0557024b6df89ffe6f07162f6dbcb3cf12071922e15fda068943909ebd158fed261beded5d03e3a271899ecafd74b5932918f336926ab4e801cd17b0bdc4c5ba9258f3471cb9292b00fb87d427c225ce941b6f47e656d12951fcbb04a85e9b913322be649e26ac1ca63816796bf149e88eaa48b8a034c93075467b20e317fcc0a1c20f6cb6288005b50f155217037c7750df484b0e393350978d78e8518402bfea892e455d1380a4a3418d336bac19cc839167736ead4e15af72b0103aea017d756edbd3147c55a0ccec74199f1eb9eb817a3351df39fbffd85149601ad7c074aff3856e90eed3bbca5702db3620b089a36b278ea7238d5a799b41c818c90869de9db9be5cd2919cc4b043bf9a80c34b461eef6ab0feb7fa9dfc67ee30548bc7301115f8d82dc2a88a798a708df684a5c7a018a4abda559072c6a163c4d321df4a9d88ec57785b7e54118ee445427015db07c1ae47f7e10b5d038d889ba401ba1273add2ebca5f3422fd2da6e3efc3563d8f9e545b16147cc6cccc586b1c4d665d8e624db0b1be87c4bfe8f1d6303e7975727aef35aceb85d2916fee4ba5af8705065e2a8ddec6ade155a1d27ce8a98f80e1739bb268d4b3247bbac21ecaa5558b4635056b5935422bbcb51b3b98f647ff3e5f61e43720b8cee5b95b78b6d9211cf38ed12b676b411797b1a1dbeb7d3a3633d6f1b8af01c2c6e6b4bc73280743d148a621e5915f4e344f75d42bbfaa769be8625e64a72f516098101bf7459ffbf89316067b8df337964dca69cdf8a1c2d6d51e3a1c92c0c80b807b5ad0c5f92df54b7b551acdf41c3058fbd52d03b50abe7e0acb50f4f77ad30164f146c4ce766cde532ea7e7f650137332fa444f7414c22c968f32c6d0e977b39ceabb72dcea722a7dfb583fb885066496cacc20af767f50c5f4b86499c054db70a6b59bead1d269b997a85fd7eb81596696b0717443a3754d45815f0718a99c594a311879ddb23e4611c15f857aeb3af425b367b23300d3ffd63a3589aa89a7dd9933375897090eab1589653dd5c7e437d15ef42e2901653f9d0b5eb802ce90800326deaa68c3647933043954a403531a1f698df58bd439bb14cf34a60fc1e55fafbf2d3c1fe476bb76dbb948fb3dd4b1b03ab03120762be4f540778ccb89e0aee5418e6c51b65c43ae29f04d8b200d5cb27a804e9c981dda2278a8276db77121139f366d94a7783d669ee190bb2b16c1fe72091014945b48042c5fe1944d7b62634fd016a526d7246ebcf56e5b6201232ae13f18a48a8ace28d6add02a4ca7c85b9eee00fa13073c1c6c13e3eed2e2bfb5e826b1c6d99318018e896b35ee0ee2013bb22b86b75148390fe0932a15d6433d39f56eb66c5093a227d6db4c46b893604100ce0fc16221af87f9bc4e6a7198b3ca71b1ce0984fee1c174ea106736d283760e7c332f5f90cd7bd20b99587062fcebcf6e2b4936002b9cd9ec781fbd1539ea0ee280d20a3f276d0576d2cb77009b47b5743c5e43d8a0aefb7216e0f72f2a6713d24e1405fd105cabb8a3633b828ad0bec8a2858d4dfb5e2bb21472d5cacfdb81c420e53e3fc0b3d8f65cbc2c464dd349ac087c09d6a10ece32f0533c32b844110508a8ab62c491209678e117e4305bf193ed7a441241007dbd7adcde5bf4efda6d0def06e0e9f6cac90183477cf55e54f8be781ed28c10638eb6f036d40679b69c1da42cc2bfe885da7fa921092651b0c6eeb34de07a00e0ca0adeb2c1feb015dfe0e0ea4bebe1e05be2b1dd836081f1774d608757d91421b91029db174e4fb5428437c31ba64099606b69cdcd83f4ea511fa97da4112c83eab436b1ba941465ac206a8f48c18a2253d7b314e3c8a19d42e254d1e0795cf6b0007aa81034d29f4d7e4a0a596105ecd139fa18c88e1f953dd4b454a2096e14ae8733e33ea8697b268c07fec15234b2cfb5678cf4345cd00c9959a0520ff45ae7b7411cdc067a1069907f3780b15b56c96fc505ec6c6975327c348ca0a23c1deb1f5890fc25bec8424949bdf23c314e08de883891d6753e77052bca2959911d378173a45b1b2ccce8a036b585716da11fb9cdb135460f8acb3179ed30ef1eca1927fa0b8458f66755ecc5d7bb9d706e3b2d0c01dca23ec8ba696baf132199b20aa8897938214f81ec8a549ca3c3edf70f8cf3e9900074007b1c184fc4aa30abce4f7a4bcf083520710970f2b7b4f2c0ad008b7aeff389831c1970fd317097666e9a90467425c96fad04457580677218441b71125bdba5846d570348eb1bd6effc3870cd9c3f9c9bc96d3444211ddc7aae06f796df2a78d7a670c2072a5d2b212aef737dc6df423f50dea398c7bf146b2db22e42b723bbef4cc8d457d72eaccd6daa67f43054803cc44781319cfd4df5c14e5ada1acde4876bc8d797b95067e4627ab353086c57395e5c446a8add31887af4aeb9f22e65d8d565a90d57933fa09273f500697a58149273dcdbb2c20fb542fa3fde3be0498954d030d819bc1a2de9180b68f6cc7dacd6aa704c9809eb63b38eef066f9776483f65a92729b4277baeffc3c8ef0ab6111e2049da0fad2f0b2b7771837220b8fc0e2457516db794bccb8cb34d799f096964fd04bce91350f348207813a6f51640bc0d8b9c4f95892c296ef68961ab90e809a51a1eef2cb4365b66063d50902aeeba73ead9564da1c62fe5b8b12bf49024f710ff0bc9b5807ff9dd045746677c8522a4b0841224b6c56ba75a3f768ac3096e97d22db9dc1b7d0668c32f834feabd10789b233b0b11fc7cf531998383490b1372c798e9ee02379aca07a887653c64d3b8fd96797e371940bc108abf6c3ecf69549d2abeb2ea09105778e26cd3f08b90c7007c7eeedffad59b8b3c04faa88cd39d8e23154b0b230c71519d3e6b0af4b1017499a6292723e426334b229b635fe8761a2e99965646357cb1f80eff948142970d7aca2e7748322583f5dc68880de9d4fc13eedd26cfe9d78e90efb868c3d2d0ac18dd82c55b9bd299b035f67603cb11a92f603c8c98b81c588789d5ab0b0421f4dec920d88386d5b2d64586b19bf72b65a28d480d4ec7ba5fa7a4b577ac3e670e307b601bef1a8924787c0fd72989671a30ec843cfbe0ddbab61b1c0e316071e0bd488fcc17b677355f6f1feab32a44bcbc411786c002738c11c4fb5af07bd679f1f6150f2d270d48cd87caa58d437651c4568dea65cb6ffec7ae7b5c8b973dac75586b7f57b3774ca836ed0fb4d212f89c79cce4a1493076a509e9811355aa3447747d2f6d9dbfc4590996a56951f66bfe76d7b2a11893e02579887338c4928372c1d837e9b92a7c1b73671427f51f73c03cd9e3ba437204bed525f2ddde1aac15cf090b10e7f540845c6d643e6d421c4421c9e578e98bd80847ac3eb6687438d2e388b83a987be5479140e7ca2c4dfc038bf82b03faf75924f7fe82bfbf4f7cd25a2105d8db7b07d847ad1edca94323f744cc54640f929dcb6e93509336150469c575b16669d6671b61ab0418d67a90d0eafdc6287ebcb486ef990da526151d1309e2deb5a5ba25b705552052017ae242a77694080b2c648e35044fc731f3fa63e90c52550c26af75517285ca22696b655274e986c076a6cff721ab202c6d3634a88bc860967bc9fa2853f595851c421e3677b4c938a5684cbf45fb78214e8ce47dadf1f25e281ea092b857dd8d61bc4224ace14741320ce9ee63f2a5eef59cf1af1cd4b856ceae09b87eb2c67b6c3dc160da2c178138927eef6762163fe1dcc26e49edca9e1dd6fba3ab0b262d83a2d26939ceedb64974f34726c22a6139c7c63103415e287ded358d7f0b6c93bc626baf81f0efb0690bf790af70f1ac565b01790927ef36a942d3c1e4961ba5e04465a5520e6982c25df1f10db7093aca5959f0c2804cfd3093fa0ca03405d08cb8aa5c1731a6700462c96c7d015fb90fab5da3c366af9230a4e19e0c2dd92f4c24e7e825083332c6dcca9160a3e53c0227b4f41e8b9ffdf5d515efe2d4d665e92a774b2e4bcad4228c8ef58343706cff0e393345a4dcd78073ef1664d23eef7313e3726713bc625cf0cc1bee43ee1a39d615ada40495be8ddb43d6fe18c5b7e79216bd93bd1ee8cd74b8f23a910770b0b4b13e9048cad746929c1594d0b30cabe0529a20eb055e7f42508317e3cfb9b0f564aaa02288173265e75b5b4eb749d4fa04a015be84d02c3cc25b805cea8640d13275ba91d8e5f0ed6865f4eede33c99b7dcb5f81117a0fb18a7fff9bfe90deb327ed5d8da6e56809ef31d8d7e35736cee5521cc57b4356558af88f60f4554d5e12cc61f00c2177ddaa778a5aaba2dd07ef29f72775412ffb1374eea064ee33b5ea5c998b720999e23e7596797960ccd212b1ba46095cb17cc5affd87fbeb82fc345a2ae3f185f9da92e316d545eb4e42b5afc84eb0083c0ea8f4652c0432ead6fcf0c5bd1fe311d2423ea1b96658869f2889962ac40b655dd364811e4433ed1b3ba185f35499b2c79c0be7d01724b3ceea29f35a80703f9352e2100df201998f5d008b13492e7c1fd408dbf4713175f319118ce763ba241c534b4e003cade6c6a92075ce14537e36f5410d46d856c401320ca2d21211786fddcfc70a2ebf108c09c6b92a202e510b55358a26c88232b01d61bc4b43f0595b5015f302391d1ffd00e8937aeef9308ce30904fbf3b0b7b90e93bd51a1762d6f6d59e87b0701fddf80f951e75e1e8403bcf80a09454533995b3c6a030e34678bd34c2da0b344ba25c3d43207443aefab8866e3025887a42d584b8bd053f5e8c34610e5758f5497ace6781677e0e0ad1dadb5213f5b5156d1bf21f8f8efe6c0dc64a2e286f568803a9447143527bae17b4db53957832e5d646769ed50c8772641bd204f583c1732ed0230cdd03201e32fa9b7b54ffc65147c02c5134875a61f493bc34cca0fab088aa0bd1521a6f19568f2526314b7243ffc833cde93b6e2c7372830d315b7880b7640c3556da959a4148572a07b17d9a062272ab2bf88a070a18e6c195ae07977975bbd844462765541b7ac63ab4c0e17239e16a7174b1b36f3e76366ee813482e92ec9259536926495d56248c6afd09d7babe07a62626dd00e82bc93099a24f85b86b9c911e8763d56bcac2410f8e9139f77df9aae4b9b9079a318c6d858a6e6b7f9ba3c98f1cbd2923bd16b90", 0x1000)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  124.817820][ T8730] FAT-fs (loop3): bogus number of reserved sectors
[  124.824376][ T8730] FAT-fs (loop3): Can't find a valid FAT filesystem
[  124.853079][ T8739] loop5: detected capacity change from 0 to 16
[  124.860501][ T8740] loop2: detected capacity change from 0 to 16
08:50:13 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x16, &(0x7f0000000280)="5f579ed79400a9c94fd8af556f2cb0453f46823f62428604e722ea22e3d2adb04cd5e1ac63bc76c984c9ae0036529ee534505051a0c1d70bcbe616385fd4a0e1e3953d2afcb5da8bef8f2dff4591ed13471d61ccba1997686490be5a9e8d5fd701e7cf1360ff0ddeb54b63cd83ef47dfee396e16da79fdb6bd7d51accf5517c4fad6ad29b6736ff820e6f1c96c10c0cc9484ac4f217468bb00db28e231029100c67d3e9443df9262a4e30862f9ac31ebde4664baab5c7b95f677eecfa9269442f2b05b1d74ffb705f71089bd934aa275b54c277db5d0b7e0c8f5c305ccdc60d8f88dac0b8eb57ee141d08d7a90bd145a9396248cc1f6ea6c6c0bc1327fd77934ea5ef93bbec3a49ef8eb87f3160c436b2b5e0b4581c9f0851123a3632e19cde75f16ba683172139eda87314518bf5f577bd1a579c183e26b4a1f12ee0b1c5cba97f1e69348a53afa56e93cc0dad5da9363a6e06d3109c4a4a54a5cbfc3d460d837ab1e38ac4cf71711dcf57f9cb0ce01dfc74c370ea40c2524ba930563f602cf603702a95083db3d762219c6a0e63533ca3fe1e8df336c43649d7e1e55ac5263627f8c0557024b6df89ffe6f07162f6dbcb3cf12071922e15fda068943909ebd158fed261beded5d03e3a271899ecafd74b5932918f336926ab4e801cd17b0bdc4c5ba9258f3471cb9292b00fb87d427c225ce941b6f47e656d12951fcbb04a85e9b913322be649e26ac1ca63816796bf149e88eaa48b8a034c93075467b20e317fcc0a1c20f6cb6288005b50f155217037c7750df484b0e393350978d78e8518402bfea892e455d1380a4a3418d336bac19cc839167736ead4e15af72b0103aea017d756edbd3147c55a0ccec74199f1eb9eb817a3351df39fbffd85149601ad7c074aff3856e90eed3bbca5702db3620b089a36b278ea7238d5a799b41c818c90869de9db9be5cd2919cc4b043bf9a80c34b461eef6ab0feb7fa9dfc67ee30548bc7301115f8d82dc2a88a798a708df684a5c7a018a4abda559072c6a163c4d321df4a9d88ec57785b7e54118ee445427015db07c1ae47f7e10b5d038d889ba401ba1273add2ebca5f3422fd2da6e3efc3563d8f9e545b16147cc6cccc586b1c4d665d8e624db0b1be87c4bfe8f1d6303e7975727aef35aceb85d2916fee4ba5af8705065e2a8ddec6ade155a1d27ce8a98f80e1739bb268d4b3247bbac21ecaa5558b4635056b5935422bbcb51b3b98f647ff3e5f61e43720b8cee5b95b78b6d9211cf38ed12b676b411797b1a1dbeb7d3a3633d6f1b8af01c2c6e6b4bc73280743d148a621e5915f4e344f75d42bbfaa769be8625e64a72f516098101bf7459ffbf89316067b8df337964dca69cdf8a1c2d6d51e3a1c92c0c80b807b5ad0c5f92df54b7b551acdf41c3058fbd52d03b50abe7e0acb50f4f77ad30164f146c4ce766cde532ea7e7f650137332fa444f7414c22c968f32c6d0e977b39ceabb72dcea722a7dfb583fb885066496cacc20af767f50c5f4b86499c054db70a6b59bead1d269b997a85fd7eb81596696b0717443a3754d45815f0718a99c594a311879ddb23e4611c15f857aeb3af425b367b23300d3ffd63a3589aa89a7dd9933375897090eab1589653dd5c7e437d15ef42e2901653f9d0b5eb802ce90800326deaa68c3647933043954a403531a1f698df58bd439bb14cf34a60fc1e55fafbf2d3c1fe476bb76dbb948fb3dd4b1b03ab03120762be4f540778ccb89e0aee5418e6c51b65c43ae29f04d8b200d5cb27a804e9c981dda2278a8276db77121139f366d94a7783d669ee190bb2b16c1fe72091014945b48042c5fe1944d7b62634fd016a526d7246ebcf56e5b6201232ae13f18a48a8ace28d6add02a4ca7c85b9eee00fa13073c1c6c13e3eed2e2bfb5e826b1c6d99318018e896b35ee0ee2013bb22b86b75148390fe0932a15d6433d39f56eb66c5093a227d6db4c46b893604100ce0fc16221af87f9bc4e6a7198b3ca71b1ce0984fee1c174ea106736d283760e7c332f5f90cd7bd20b99587062fcebcf6e2b4936002b9cd9ec781fbd1539ea0ee280d20a3f276d0576d2cb77009b47b5743c5e43d8a0aefb7216e0f72f2a6713d24e1405fd105cabb8a3633b828ad0bec8a2858d4dfb5e2bb21472d5cacfdb81c420e53e3fc0b3d8f65cbc2c464dd349ac087c09d6a10ece32f0533c32b844110508a8ab62c491209678e117e4305bf193ed7a441241007dbd7adcde5bf4efda6d0def06e0e9f6cac90183477cf55e54f8be781ed28c10638eb6f036d40679b69c1da42cc2bfe885da7fa921092651b0c6eeb34de07a00e0ca0adeb2c1feb015dfe0e0ea4bebe1e05be2b1dd836081f1774d608757d91421b91029db174e4fb5428437c31ba64099606b69cdcd83f4ea511fa97da4112c83eab436b1ba941465ac206a8f48c18a2253d7b314e3c8a19d42e254d1e0795cf6b0007aa81034d29f4d7e4a0a596105ecd139fa18c88e1f953dd4b454a2096e14ae8733e33ea8697b268c07fec15234b2cfb5678cf4345cd00c9959a0520ff45ae7b7411cdc067a1069907f3780b15b56c96fc505ec6c6975327c348ca0a23c1deb1f5890fc25bec8424949bdf23c314e08de883891d6753e77052bca2959911d378173a45b1b2ccce8a036b585716da11fb9cdb135460f8acb3179ed30ef1eca1927fa0b8458f66755ecc5d7bb9d706e3b2d0c01dca23ec8ba696baf132199b20aa8897938214f81ec8a549ca3c3edf70f8cf3e9900074007b1c184fc4aa30abce4f7a4bcf083520710970f2b7b4f2c0ad008b7aeff389831c1970fd317097666e9a90467425c96fad04457580677218441b71125bdba5846d570348eb1bd6effc3870cd9c3f9c9bc96d3444211ddc7aae06f796df2a78d7a670c2072a5d2b212aef737dc6df423f50dea398c7bf146b2db22e42b723bbef4cc8d457d72eaccd6daa67f43054803cc44781319cfd4df5c14e5ada1acde4876bc8d797b95067e4627ab353086c57395e5c446a8add31887af4aeb9f22e65d8d565a90d57933fa09273f500697a58149273dcdbb2c20fb542fa3fde3be0498954d030d819bc1a2de9180b68f6cc7dacd6aa704c9809eb63b38eef066f9776483f65a92729b4277baeffc3c8ef0ab6111e2049da0fad2f0b2b7771837220b8fc0e2457516db794bccb8cb34d799f096964fd04bce91350f348207813a6f51640bc0d8b9c4f95892c296ef68961ab90e809a51a1eef2cb4365b66063d50902aeeba73ead9564da1c62fe5b8b12bf49024f710ff0bc9b5807ff9dd045746677c8522a4b0841224b6c56ba75a3f768ac3096e97d22db9dc1b7d0668c32f834feabd10789b233b0b11fc7cf531998383490b1372c798e9ee02379aca07a887653c64d3b8fd96797e371940bc108abf6c3ecf69549d2abeb2ea09105778e26cd3f08b90c7007c7eeedffad59b8b3c04faa88cd39d8e23154b0b230c71519d3e6b0af4b1017499a6292723e426334b229b635fe8761a2e99965646357cb1f80eff948142970d7aca2e7748322583f5dc68880de9d4fc13eedd26cfe9d78e90efb868c3d2d0ac18dd82c55b9bd299b035f67603cb11a92f603c8c98b81c588789d5ab0b0421f4dec920d88386d5b2d64586b19bf72b65a28d480d4ec7ba5fa7a4b577ac3e670e307b601bef1a8924787c0fd72989671a30ec843cfbe0ddbab61b1c0e316071e0bd488fcc17b677355f6f1feab32a44bcbc411786c002738c11c4fb5af07bd679f1f6150f2d270d48cd87caa58d437651c4568dea65cb6ffec7ae7b5c8b973dac75586b7f57b3774ca836ed0fb4d212f89c79cce4a1493076a509e9811355aa3447747d2f6d9dbfc4590996a56951f66bfe76d7b2a11893e02579887338c4928372c1d837e9b92a7c1b73671427f51f73c03cd9e3ba437204bed525f2ddde1aac15cf090b10e7f540845c6d643e6d421c4421c9e578e98bd80847ac3eb6687438d2e388b83a987be5479140e7ca2c4dfc038bf82b03faf75924f7fe82bfbf4f7cd25a2105d8db7b07d847ad1edca94323f744cc54640f929dcb6e93509336150469c575b16669d6671b61ab0418d67a90d0eafdc6287ebcb486ef990da526151d1309e2deb5a5ba25b705552052017ae242a77694080b2c648e35044fc731f3fa63e90c52550c26af75517285ca22696b655274e986c076a6cff721ab202c6d3634a88bc860967bc9fa2853f595851c421e3677b4c938a5684cbf45fb78214e8ce47dadf1f25e281ea092b857dd8d61bc4224ace14741320ce9ee63f2a5eef59cf1af1cd4b856ceae09b87eb2c67b6c3dc160da2c178138927eef6762163fe1dcc26e49edca9e1dd6fba3ab0b262d83a2d26939ceedb64974f34726c22a6139c7c63103415e287ded358d7f0b6c93bc626baf81f0efb0690bf790af70f1ac565b01790927ef36a942d3c1e4961ba5e04465a5520e6982c25df1f10db7093aca5959f0c2804cfd3093fa0ca03405d08cb8aa5c1731a6700462c96c7d015fb90fab5da3c366af9230a4e19e0c2dd92f4c24e7e825083332c6dcca9160a3e53c0227b4f41e8b9ffdf5d515efe2d4d665e92a774b2e4bcad4228c8ef58343706cff0e393345a4dcd78073ef1664d23eef7313e3726713bc625cf0cc1bee43ee1a39d615ada40495be8ddb43d6fe18c5b7e79216bd93bd1ee8cd74b8f23a910770b0b4b13e9048cad746929c1594d0b30cabe0529a20eb055e7f42508317e3cfb9b0f564aaa02288173265e75b5b4eb749d4fa04a015be84d02c3cc25b805cea8640d13275ba91d8e5f0ed6865f4eede33c99b7dcb5f81117a0fb18a7fff9bfe90deb327ed5d8da6e56809ef31d8d7e35736cee5521cc57b4356558af88f60f4554d5e12cc61f00c2177ddaa778a5aaba2dd07ef29f72775412ffb1374eea064ee33b5ea5c998b720999e23e7596797960ccd212b1ba46095cb17cc5affd87fbeb82fc345a2ae3f185f9da92e316d545eb4e42b5afc84eb0083c0ea8f4652c0432ead6fcf0c5bd1fe311d2423ea1b96658869f2889962ac40b655dd364811e4433ed1b3ba185f35499b2c79c0be7d01724b3ceea29f35a80703f9352e2100df201998f5d008b13492e7c1fd408dbf4713175f319118ce763ba241c534b4e003cade6c6a92075ce14537e36f5410d46d856c401320ca2d21211786fddcfc70a2ebf108c09c6b92a202e510b55358a26c88232b01d61bc4b43f0595b5015f302391d1ffd00e8937aeef9308ce30904fbf3b0b7b90e93bd51a1762d6f6d59e87b0701fddf80f951e75e1e8403bcf80a09454533995b3c6a030e34678bd34c2da0b344ba25c3d43207443aefab8866e3025887a42d584b8bd053f5e8c34610e5758f5497ace6781677e0e0ad1dadb5213f5b5156d1bf21f8f8efe6c0dc64a2e286f568803a9447143527bae17b4db53957832e5d646769ed50c8772641bd204f583c1732ed0230cdd03201e32fa9b7b54ffc65147c02c5134875a61f493bc34cca0fab088aa0bd1521a6f19568f2526314b7243ffc833cde93b6e2c7372830d315b7880b7640c3556da959a4148572a07b17d9a062272ab2bf88a070a18e6c195ae07977975bbd844462765541b7ac63ab4c0e17239e16a7174b1b36f3e76366ee813482e92ec9259536926495d56248c6afd09d7babe07a62626dd00e82bc93099a24f85b86b9c911e8763d56bcac2410f8e9139f77df9aae4b9b9079a318c6d858a6e6b7f9ba3c98f1cbd2923bd16b90", 0x1000)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  124.875112][ T8739] FAT-fs (loop5): bogus number of reserved sectors
[  124.880006][ T8744] loop4: detected capacity change from 0 to 16
[  124.881657][ T8739] FAT-fs (loop5): Can't find a valid FAT filesystem
[  124.894546][ T8740] FAT-fs (loop2): bogus number of reserved sectors
[  124.901208][ T8740] FAT-fs (loop2): Can't find a valid FAT filesystem
08:50:14 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c0000006800"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x0)

08:50:14 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:50:14 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:50:14 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x16, &(0x7f0000000280)="5f579ed79400a9c94fd8af556f2cb0453f46823f62428604e722ea22e3d2adb04cd5e1ac63bc76c984c9ae0036529ee534505051a0c1d70bcbe616385fd4a0e1e3953d2afcb5da8bef8f2dff4591ed13471d61ccba1997686490be5a9e8d5fd701e7cf1360ff0ddeb54b63cd83ef47dfee396e16da79fdb6bd7d51accf5517c4fad6ad29b6736ff820e6f1c96c10c0cc9484ac4f217468bb00db28e231029100c67d3e9443df9262a4e30862f9ac31ebde4664baab5c7b95f677eecfa9269442f2b05b1d74ffb705f71089bd934aa275b54c277db5d0b7e0c8f5c305ccdc60d8f88dac0b8eb57ee141d08d7a90bd145a9396248cc1f6ea6c6c0bc1327fd77934ea5ef93bbec3a49ef8eb87f3160c436b2b5e0b4581c9f0851123a3632e19cde75f16ba683172139eda87314518bf5f577bd1a579c183e26b4a1f12ee0b1c5cba97f1e69348a53afa56e93cc0dad5da9363a6e06d3109c4a4a54a5cbfc3d460d837ab1e38ac4cf71711dcf57f9cb0ce01dfc74c370ea40c2524ba930563f602cf603702a95083db3d762219c6a0e63533ca3fe1e8df336c43649d7e1e55ac5263627f8c0557024b6df89ffe6f07162f6dbcb3cf12071922e15fda068943909ebd158fed261beded5d03e3a271899ecafd74b5932918f336926ab4e801cd17b0bdc4c5ba9258f3471cb9292b00fb87d427c225ce941b6f47e656d12951fcbb04a85e9b913322be649e26ac1ca63816796bf149e88eaa48b8a034c93075467b20e317fcc0a1c20f6cb6288005b50f155217037c7750df484b0e393350978d78e8518402bfea892e455d1380a4a3418d336bac19cc839167736ead4e15af72b0103aea017d756edbd3147c55a0ccec74199f1eb9eb817a3351df39fbffd85149601ad7c074aff3856e90eed3bbca5702db3620b089a36b278ea7238d5a799b41c818c90869de9db9be5cd2919cc4b043bf9a80c34b461eef6ab0feb7fa9dfc67ee30548bc7301115f8d82dc2a88a798a708df684a5c7a018a4abda559072c6a163c4d321df4a9d88ec57785b7e54118ee445427015db07c1ae47f7e10b5d038d889ba401ba1273add2ebca5f3422fd2da6e3efc3563d8f9e545b16147cc6cccc586b1c4d665d8e624db0b1be87c4bfe8f1d6303e7975727aef35aceb85d2916fee4ba5af8705065e2a8ddec6ade155a1d27ce8a98f80e1739bb268d4b3247bbac21ecaa5558b4635056b5935422bbcb51b3b98f647ff3e5f61e43720b8cee5b95b78b6d9211cf38ed12b676b411797b1a1dbeb7d3a3633d6f1b8af01c2c6e6b4bc73280743d148a621e5915f4e344f75d42bbfaa769be8625e64a72f516098101bf7459ffbf89316067b8df337964dca69cdf8a1c2d6d51e3a1c92c0c80b807b5ad0c5f92df54b7b551acdf41c3058fbd52d03b50abe7e0acb50f4f77ad30164f146c4ce766cde532ea7e7f650137332fa444f7414c22c968f32c6d0e977b39ceabb72dcea722a7dfb583fb885066496cacc20af767f50c5f4b86499c054db70a6b59bead1d269b997a85fd7eb81596696b0717443a3754d45815f0718a99c594a311879ddb23e4611c15f857aeb3af425b367b23300d3ffd63a3589aa89a7dd9933375897090eab1589653dd5c7e437d15ef42e2901653f9d0b5eb802ce90800326deaa68c3647933043954a403531a1f698df58bd439bb14cf34a60fc1e55fafbf2d3c1fe476bb76dbb948fb3dd4b1b03ab03120762be4f540778ccb89e0aee5418e6c51b65c43ae29f04d8b200d5cb27a804e9c981dda2278a8276db77121139f366d94a7783d669ee190bb2b16c1fe72091014945b48042c5fe1944d7b62634fd016a526d7246ebcf56e5b6201232ae13f18a48a8ace28d6add02a4ca7c85b9eee00fa13073c1c6c13e3eed2e2bfb5e826b1c6d99318018e896b35ee0ee2013bb22b86b75148390fe0932a15d6433d39f56eb66c5093a227d6db4c46b893604100ce0fc16221af87f9bc4e6a7198b3ca71b1ce0984fee1c174ea106736d283760e7c332f5f90cd7bd20b99587062fcebcf6e2b4936002b9cd9ec781fbd1539ea0ee280d20a3f276d0576d2cb77009b47b5743c5e43d8a0aefb7216e0f72f2a6713d24e1405fd105cabb8a3633b828ad0bec8a2858d4dfb5e2bb21472d5cacfdb81c420e53e3fc0b3d8f65cbc2c464dd349ac087c09d6a10ece32f0533c32b844110508a8ab62c491209678e117e4305bf193ed7a441241007dbd7adcde5bf4efda6d0def06e0e9f6cac90183477cf55e54f8be781ed28c10638eb6f036d40679b69c1da42cc2bfe885da7fa921092651b0c6eeb34de07a00e0ca0adeb2c1feb015dfe0e0ea4bebe1e05be2b1dd836081f1774d608757d91421b91029db174e4fb5428437c31ba64099606b69cdcd83f4ea511fa97da4112c83eab436b1ba941465ac206a8f48c18a2253d7b314e3c8a19d42e254d1e0795cf6b0007aa81034d29f4d7e4a0a596105ecd139fa18c88e1f953dd4b454a2096e14ae8733e33ea8697b268c07fec15234b2cfb5678cf4345cd00c9959a0520ff45ae7b7411cdc067a1069907f3780b15b56c96fc505ec6c6975327c348ca0a23c1deb1f5890fc25bec8424949bdf23c314e08de883891d6753e77052bca2959911d378173a45b1b2ccce8a036b585716da11fb9cdb135460f8acb3179ed30ef1eca1927fa0b8458f66755ecc5d7bb9d706e3b2d0c01dca23ec8ba696baf132199b20aa8897938214f81ec8a549ca3c3edf70f8cf3e9900074007b1c184fc4aa30abce4f7a4bcf083520710970f2b7b4f2c0ad008b7aeff389831c1970fd317097666e9a90467425c96fad04457580677218441b71125bdba5846d570348eb1bd6effc3870cd9c3f9c9bc96d3444211ddc7aae06f796df2a78d7a670c2072a5d2b212aef737dc6df423f50dea398c7bf146b2db22e42b723bbef4cc8d457d72eaccd6daa67f43054803cc44781319cfd4df5c14e5ada1acde4876bc8d797b95067e4627ab353086c57395e5c446a8add31887af4aeb9f22e65d8d565a90d57933fa09273f500697a58149273dcdbb2c20fb542fa3fde3be0498954d030d819bc1a2de9180b68f6cc7dacd6aa704c9809eb63b38eef066f9776483f65a92729b4277baeffc3c8ef0ab6111e2049da0fad2f0b2b7771837220b8fc0e2457516db794bccb8cb34d799f096964fd04bce91350f348207813a6f51640bc0d8b9c4f95892c296ef68961ab90e809a51a1eef2cb4365b66063d50902aeeba73ead9564da1c62fe5b8b12bf49024f710ff0bc9b5807ff9dd045746677c8522a4b0841224b6c56ba75a3f768ac3096e97d22db9dc1b7d0668c32f834feabd10789b233b0b11fc7cf531998383490b1372c798e9ee02379aca07a887653c64d3b8fd96797e371940bc108abf6c3ecf69549d2abeb2ea09105778e26cd3f08b90c7007c7eeedffad59b8b3c04faa88cd39d8e23154b0b230c71519d3e6b0af4b1017499a6292723e426334b229b635fe8761a2e99965646357cb1f80eff948142970d7aca2e7748322583f5dc68880de9d4fc13eedd26cfe9d78e90efb868c3d2d0ac18dd82c55b9bd299b035f67603cb11a92f603c8c98b81c588789d5ab0b0421f4dec920d88386d5b2d64586b19bf72b65a28d480d4ec7ba5fa7a4b577ac3e670e307b601bef1a8924787c0fd72989671a30ec843cfbe0ddbab61b1c0e316071e0bd488fcc17b677355f6f1feab32a44bcbc411786c002738c11c4fb5af07bd679f1f6150f2d270d48cd87caa58d437651c4568dea65cb6ffec7ae7b5c8b973dac75586b7f57b3774ca836ed0fb4d212f89c79cce4a1493076a509e9811355aa3447747d2f6d9dbfc4590996a56951f66bfe76d7b2a11893e02579887338c4928372c1d837e9b92a7c1b73671427f51f73c03cd9e3ba437204bed525f2ddde1aac15cf090b10e7f540845c6d643e6d421c4421c9e578e98bd80847ac3eb6687438d2e388b83a987be5479140e7ca2c4dfc038bf82b03faf75924f7fe82bfbf4f7cd25a2105d8db7b07d847ad1edca94323f744cc54640f929dcb6e93509336150469c575b16669d6671b61ab0418d67a90d0eafdc6287ebcb486ef990da526151d1309e2deb5a5ba25b705552052017ae242a77694080b2c648e35044fc731f3fa63e90c52550c26af75517285ca22696b655274e986c076a6cff721ab202c6d3634a88bc860967bc9fa2853f595851c421e3677b4c938a5684cbf45fb78214e8ce47dadf1f25e281ea092b857dd8d61bc4224ace14741320ce9ee63f2a5eef59cf1af1cd4b856ceae09b87eb2c67b6c3dc160da2c178138927eef6762163fe1dcc26e49edca9e1dd6fba3ab0b262d83a2d26939ceedb64974f34726c22a6139c7c63103415e287ded358d7f0b6c93bc626baf81f0efb0690bf790af70f1ac565b01790927ef36a942d3c1e4961ba5e04465a5520e6982c25df1f10db7093aca5959f0c2804cfd3093fa0ca03405d08cb8aa5c1731a6700462c96c7d015fb90fab5da3c366af9230a4e19e0c2dd92f4c24e7e825083332c6dcca9160a3e53c0227b4f41e8b9ffdf5d515efe2d4d665e92a774b2e4bcad4228c8ef58343706cff0e393345a4dcd78073ef1664d23eef7313e3726713bc625cf0cc1bee43ee1a39d615ada40495be8ddb43d6fe18c5b7e79216bd93bd1ee8cd74b8f23a910770b0b4b13e9048cad746929c1594d0b30cabe0529a20eb055e7f42508317e3cfb9b0f564aaa02288173265e75b5b4eb749d4fa04a015be84d02c3cc25b805cea8640d13275ba91d8e5f0ed6865f4eede33c99b7dcb5f81117a0fb18a7fff9bfe90deb327ed5d8da6e56809ef31d8d7e35736cee5521cc57b4356558af88f60f4554d5e12cc61f00c2177ddaa778a5aaba2dd07ef29f72775412ffb1374eea064ee33b5ea5c998b720999e23e7596797960ccd212b1ba46095cb17cc5affd87fbeb82fc345a2ae3f185f9da92e316d545eb4e42b5afc84eb0083c0ea8f4652c0432ead6fcf0c5bd1fe311d2423ea1b96658869f2889962ac40b655dd364811e4433ed1b3ba185f35499b2c79c0be7d01724b3ceea29f35a80703f9352e2100df201998f5d008b13492e7c1fd408dbf4713175f319118ce763ba241c534b4e003cade6c6a92075ce14537e36f5410d46d856c401320ca2d21211786fddcfc70a2ebf108c09c6b92a202e510b55358a26c88232b01d61bc4b43f0595b5015f302391d1ffd00e8937aeef9308ce30904fbf3b0b7b90e93bd51a1762d6f6d59e87b0701fddf80f951e75e1e8403bcf80a09454533995b3c6a030e34678bd34c2da0b344ba25c3d43207443aefab8866e3025887a42d584b8bd053f5e8c34610e5758f5497ace6781677e0e0ad1dadb5213f5b5156d1bf21f8f8efe6c0dc64a2e286f568803a9447143527bae17b4db53957832e5d646769ed50c8772641bd204f583c1732ed0230cdd03201e32fa9b7b54ffc65147c02c5134875a61f493bc34cca0fab088aa0bd1521a6f19568f2526314b7243ffc833cde93b6e2c7372830d315b7880b7640c3556da959a4148572a07b17d9a062272ab2bf88a070a18e6c195ae07977975bbd844462765541b7ac63ab4c0e17239e16a7174b1b36f3e76366ee813482e92ec9259536926495d56248c6afd09d7babe07a62626dd00e82bc93099a24f85b86b9c911e8763d56bcac2410f8e9139f77df9aae4b9b9079a318c6d858a6e6b7f9ba3c98f1cbd2923bd16b90", 0x1000)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:14 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{0x0}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:14 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

[  125.529679][ T8773] loop4: detected capacity change from 0 to 16
[  125.544460][ T8775] loop5: detected capacity change from 0 to 16
[  125.547609][ T8774] FAT-fs (loop3): bogus number of reserved sectors
[  125.557157][ T8774] FAT-fs (loop3): Can't find a valid FAT filesystem
[  125.565753][ T8782] loop2: detected capacity change from 0 to 16
08:50:14 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:50:14 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, &(0x7f0000000280)="5f579ed79400a9c94fd8af556f2cb0453f46823f62428604e722ea22e3d2adb04cd5e1ac63bc76c984c9ae0036529ee534505051a0c1d70bcbe616385fd4a0e1e3953d2afcb5da8bef8f2dff4591ed13471d61ccba1997686490be5a9e8d5fd701e7cf1360ff0ddeb54b63cd83ef47dfee396e16da79fdb6bd7d51accf5517c4fad6ad29b6736ff820e6f1c96c10c0cc9484ac4f217468bb00db28e231029100c67d3e9443df9262a4e30862f9ac31ebde4664baab5c7b95f677eecfa9269442f2b05b1d74ffb705f71089bd934aa275b54c277db5d0b7e0c8f5c305ccdc60d8f88dac0b8eb57ee141d08d7a90bd145a9396248cc1f6ea6c6c0bc1327fd77934ea5ef93bbec3a49ef8eb87f3160c436b2b5e0b4581c9f0851123a3632e19cde75f16ba683172139eda87314518bf5f577bd1a579c183e26b4a1f12ee0b1c5cba97f1e69348a53afa56e93cc0dad5da9363a6e06d3109c4a4a54a5cbfc3d460d837ab1e38ac4cf71711dcf57f9cb0ce01dfc74c370ea40c2524ba930563f602cf603702a95083db3d762219c6a0e63533ca3fe1e8df336c43649d7e1e55ac5263627f8c0557024b6df89ffe6f07162f6dbcb3cf12071922e15fda068943909ebd158fed261beded5d03e3a271899ecafd74b5932918f336926ab4e801cd17b0bdc4c5ba9258f3471cb9292b00fb87d427c225ce941b6f47e656d12951fcbb04a85e9b913322be649e26ac1ca63816796bf149e88eaa48b8a034c93075467b20e317fcc0a1c20f6cb6288005b50f155217037c7750df484b0e393350978d78e8518402bfea892e455d1380a4a3418d336bac19cc839167736ead4e15af72b0103aea017d756edbd3147c55a0ccec74199f1eb9eb817a3351df39fbffd85149601ad7c074aff3856e90eed3bbca5702db3620b089a36b278ea7238d5a799b41c818c90869de9db9be5cd2919cc4b043bf9a80c34b461eef6ab0feb7fa9dfc67ee30548bc7301115f8d82dc2a88a798a708df684a5c7a018a4abda559072c6a163c4d321df4a9d88ec57785b7e54118ee445427015db07c1ae47f7e10b5d038d889ba401ba1273add2ebca5f3422fd2da6e3efc3563d8f9e545b16147cc6cccc586b1c4d665d8e624db0b1be87c4bfe8f1d6303e7975727aef35aceb85d2916fee4ba5af8705065e2a8ddec6ade155a1d27ce8a98f80e1739bb268d4b3247bbac21ecaa5558b4635056b5935422bbcb51b3b98f647ff3e5f61e43720b8cee5b95b78b6d9211cf38ed12b676b411797b1a1dbeb7d3a3633d6f1b8af01c2c6e6b4bc73280743d148a621e5915f4e344f75d42bbfaa769be8625e64a72f516098101bf7459ffbf89316067b8df337964dca69cdf8a1c2d6d51e3a1c92c0c80b807b5ad0c5f92df54b7b551acdf41c3058fbd52d03b50abe7e0acb50f4f77ad30164f146c4ce766cde532ea7e7f650137332fa444f7414c22c968f32c6d0e977b39ceabb72dcea722a7dfb583fb885066496cacc20af767f50c5f4b86499c054db70a6b59bead1d269b997a85fd7eb81596696b0717443a3754d45815f0718a99c594a311879ddb23e4611c15f857aeb3af425b367b23300d3ffd63a3589aa89a7dd9933375897090eab1589653dd5c7e437d15ef42e2901653f9d0b5eb802ce90800326deaa68c3647933043954a403531a1f698df58bd439bb14cf34a60fc1e55fafbf2d3c1fe476bb76dbb948fb3dd4b1b03ab03120762be4f540778ccb89e0aee5418e6c51b65c43ae29f04d8b200d5cb27a804e9c981dda2278a8276db77121139f366d94a7783d669ee190bb2b16c1fe72091014945b48042c5fe1944d7b62634fd016a526d7246ebcf56e5b6201232ae13f18a48a8ace28d6add02a4ca7c85b9eee00fa13073c1c6c13e3eed2e2bfb5e826b1c6d99318018e896b35ee0ee2013bb22b86b75148390fe0932a15d6433d39f56eb66c5093a227d6db4c46b893604100ce0fc16221af87f9bc4e6a7198b3ca71b1ce0984fee1c174ea106736d283760e7c332f5f90cd7bd20b99587062fcebcf6e2b4936002b9cd9ec781fbd1539ea0ee280d20a3f276d0576d2cb77009b47b5743c5e43d8a0aefb7216e0f72f2a6713d24e1405fd105cabb8a3633b828ad0bec8a2858d4dfb5e2bb21472d5cacfdb81c420e53e3fc0b3d8f65cbc2c464dd349ac087c09d6a10ece32f0533c32b844110508a8ab62c491209678e117e4305bf193ed7a441241007dbd7adcde5bf4efda6d0def06e0e9f6cac90183477cf55e54f8be781ed28c10638eb6f036d40679b69c1da42cc2bfe885da7fa921092651b0c6eeb34de07a00e0ca0adeb2c1feb015dfe0e0ea4bebe1e05be2b1dd836081f1774d608757d91421b91029db174e4fb5428437c31ba64099606b69cdcd83f4ea511fa97da4112c83eab436b1ba941465ac206a8f48c18a2253d7b314e3c8a19d42e254d1e0795cf6b0007aa81034d29f4d7e4a0a596105ecd139fa18c88e1f953dd4b454a2096e14ae8733e33ea8697b268c07fec15234b2cfb5678cf4345cd00c9959a0520ff45ae7b7411cdc067a1069907f3780b15b56c96fc505ec6c6975327c348ca0a23c1deb1f5890fc25bec8424949bdf23c314e08de883891d6753e77052bca2959911d378173a45b1b2ccce8a036b585716da11fb9cdb135460f8acb3179ed30ef1eca1927fa0b8458f66755ecc5d7bb9d706e3b2d0c01dca23ec8ba696baf132199b20aa8897938214f81ec8a549ca3c3edf70f8cf3e9900074007b1c184fc4aa30abce4f7a4bcf083520710970f2b7b4f2c0ad008b7aeff389831c1970fd317097666e9a90467425c96fad04457580677218441b71125bdba5846d570348eb1bd6effc3870cd9c3f9c9bc96d3444211ddc7aae06f796df2a78d7a670c2072a5d2b212aef737dc6df423f50dea398c7bf146b2db22e42b723bbef4cc8d457d72eaccd6daa67f43054803cc44781319cfd4df5c14e5ada1acde4876bc8d797b95067e4627ab353086c57395e5c446a8add31887af4aeb9f22e65d8d565a90d57933fa09273f500697a58149273dcdbb2c20fb542fa3fde3be0498954d030d819bc1a2de9180b68f6cc7dacd6aa704c9809eb63b38eef066f9776483f65a92729b4277baeffc3c8ef0ab6111e2049da0fad2f0b2b7771837220b8fc0e2457516db794bccb8cb34d799f096964fd04bce91350f348207813a6f51640bc0d8b9c4f95892c296ef68961ab90e809a51a1eef2cb4365b66063d50902aeeba73ead9564da1c62fe5b8b12bf49024f710ff0bc9b5807ff9dd045746677c8522a4b0841224b6c56ba75a3f768ac3096e97d22db9dc1b7d0668c32f834feabd10789b233b0b11fc7cf531998383490b1372c798e9ee02379aca07a887653c64d3b8fd96797e371940bc108abf6c3ecf69549d2abeb2ea09105778e26cd3f08b90c7007c7eeedffad59b8b3c04faa88cd39d8e23154b0b230c71519d3e6b0af4b1017499a6292723e426334b229b635fe8761a2e99965646357cb1f80eff948142970d7aca2e7748322583f5dc68880de9d4fc13eedd26cfe9d78e90efb868c3d2d0ac18dd82c55b9bd299b035f67603cb11a92f603c8c98b81c588789d5ab0b0421f4dec920d88386d5b2d64586b19bf72b65a28d480d4ec7ba5fa7a4b577ac3e670e307b601bef1a8924787c0fd72989671a30ec843cfbe0ddbab61b1c0e316071e0bd488fcc17b677355f6f1feab32a44bcbc411786c002738c11c4fb5af07bd679f1f6150f2d270d48cd87caa58d437651c4568dea65cb6ffec7ae7b5c8b973dac75586b7f57b3774ca836ed0fb4d212f89c79cce4a1493076a509e9811355aa3447747d2f6d9dbfc4590996a56951f66bfe76d7b2a11893e02579887338c4928372c1d837e9b92a7c1b73671427f51f73c03cd9e3ba437204bed525f2ddde1aac15cf090b10e7f540845c6d643e6d421c4421c9e578e98bd80847ac3eb6687438d2e388b83a987be5479140e7ca2c4dfc038bf82b03faf75924f7fe82bfbf4f7cd25a2105d8db7b07d847ad1edca94323f744cc54640f929dcb6e93509336150469c575b16669d6671b61ab0418d67a90d0eafdc6287ebcb486ef990da526151d1309e2deb5a5ba25b705552052017ae242a77694080b2c648e35044fc731f3fa63e90c52550c26af75517285ca22696b655274e986c076a6cff721ab202c6d3634a88bc860967bc9fa2853f595851c421e3677b4c938a5684cbf45fb78214e8ce47dadf1f25e281ea092b857dd8d61bc4224ace14741320ce9ee63f2a5eef59cf1af1cd4b856ceae09b87eb2c67b6c3dc160da2c178138927eef6762163fe1dcc26e49edca9e1dd6fba3ab0b262d83a2d26939ceedb64974f34726c22a6139c7c63103415e287ded358d7f0b6c93bc626baf81f0efb0690bf790af70f1ac565b01790927ef36a942d3c1e4961ba5e04465a5520e6982c25df1f10db7093aca5959f0c2804cfd3093fa0ca03405d08cb8aa5c1731a6700462c96c7d015fb90fab5da3c366af9230a4e19e0c2dd92f4c24e7e825083332c6dcca9160a3e53c0227b4f41e8b9ffdf5d515efe2d4d665e92a774b2e4bcad4228c8ef58343706cff0e393345a4dcd78073ef1664d23eef7313e3726713bc625cf0cc1bee43ee1a39d615ada40495be8ddb43d6fe18c5b7e79216bd93bd1ee8cd74b8f23a910770b0b4b13e9048cad746929c1594d0b30cabe0529a20eb055e7f42508317e3cfb9b0f564aaa02288173265e75b5b4eb749d4fa04a015be84d02c3cc25b805cea8640d13275ba91d8e5f0ed6865f4eede33c99b7dcb5f81117a0fb18a7fff9bfe90deb327ed5d8da6e56809ef31d8d7e35736cee5521cc57b4356558af88f60f4554d5e12cc61f00c2177ddaa778a5aaba2dd07ef29f72775412ffb1374eea064ee33b5ea5c998b720999e23e7596797960ccd212b1ba46095cb17cc5affd87fbeb82fc345a2ae3f185f9da92e316d545eb4e42b5afc84eb0083c0ea8f4652c0432ead6fcf0c5bd1fe311d2423ea1b96658869f2889962ac40b655dd364811e4433ed1b3ba185f35499b2c79c0be7d01724b3ceea29f35a80703f9352e2100df201998f5d008b13492e7c1fd408dbf4713175f319118ce763ba241c534b4e003cade6c6a92075ce14537e36f5410d46d856c401320ca2d21211786fddcfc70a2ebf108c09c6b92a202e510b55358a26c88232b01d61bc4b43f0595b5015f302391d1ffd00e8937aeef9308ce30904fbf3b0b7b90e93bd51a1762d6f6d59e87b0701fddf80f951e75e1e8403bcf80a09454533995b3c6a030e34678bd34c2da0b344ba25c3d43207443aefab8866e3025887a42d584b8bd053f5e8c34610e5758f5497ace6781677e0e0ad1dadb5213f5b5156d1bf21f8f8efe6c0dc64a2e286f568803a9447143527bae17b4db53957832e5d646769ed50c8772641bd204f583c1732ed0230cdd03201e32fa9b7b54ffc65147c02c5134875a61f493bc34cca0fab088aa0bd1521a6f19568f2526314b7243ffc833cde93b6e2c7372830d315b7880b7640c3556da959a4148572a07b17d9a062272ab2bf88a070a18e6c195ae07977975bbd844462765541b7ac63ab4c0e17239e16a7174b1b36f3e76366ee813482e92ec9259536926495d56248c6afd09d7babe07a62626dd00e82bc93099a24f85b86b9c911e8763d56bcac2410f8e9139f77df9aae4b9b9079a318c6d858a6e6b7f9ba3c98f1cbd2923bd16b90", 0x1000)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:14 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{0x0}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:14 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, &(0x7f0000000280)="5f579ed79400a9c94fd8af556f2cb0453f46823f62428604e722ea22e3d2adb04cd5e1ac63bc76c984c9ae0036529ee534505051a0c1d70bcbe616385fd4a0e1e3953d2afcb5da8bef8f2dff4591ed13471d61ccba1997686490be5a9e8d5fd701e7cf1360ff0ddeb54b63cd83ef47dfee396e16da79fdb6bd7d51accf5517c4fad6ad29b6736ff820e6f1c96c10c0cc9484ac4f217468bb00db28e231029100c67d3e9443df9262a4e30862f9ac31ebde4664baab5c7b95f677eecfa9269442f2b05b1d74ffb705f71089bd934aa275b54c277db5d0b7e0c8f5c305ccdc60d8f88dac0b8eb57ee141d08d7a90bd145a9396248cc1f6ea6c6c0bc1327fd77934ea5ef93bbec3a49ef8eb87f3160c436b2b5e0b4581c9f0851123a3632e19cde75f16ba683172139eda87314518bf5f577bd1a579c183e26b4a1f12ee0b1c5cba97f1e69348a53afa56e93cc0dad5da9363a6e06d3109c4a4a54a5cbfc3d460d837ab1e38ac4cf71711dcf57f9cb0ce01dfc74c370ea40c2524ba930563f602cf603702a95083db3d762219c6a0e63533ca3fe1e8df336c43649d7e1e55ac5263627f8c0557024b6df89ffe6f07162f6dbcb3cf12071922e15fda068943909ebd158fed261beded5d03e3a271899ecafd74b5932918f336926ab4e801cd17b0bdc4c5ba9258f3471cb9292b00fb87d427c225ce941b6f47e656d12951fcbb04a85e9b913322be649e26ac1ca63816796bf149e88eaa48b8a034c93075467b20e317fcc0a1c20f6cb6288005b50f155217037c7750df484b0e393350978d78e8518402bfea892e455d1380a4a3418d336bac19cc839167736ead4e15af72b0103aea017d756edbd3147c55a0ccec74199f1eb9eb817a3351df39fbffd85149601ad7c074aff3856e90eed3bbca5702db3620b089a36b278ea7238d5a799b41c818c90869de9db9be5cd2919cc4b043bf9a80c34b461eef6ab0feb7fa9dfc67ee30548bc7301115f8d82dc2a88a798a708df684a5c7a018a4abda559072c6a163c4d321df4a9d88ec57785b7e54118ee445427015db07c1ae47f7e10b5d038d889ba401ba1273add2ebca5f3422fd2da6e3efc3563d8f9e545b16147cc6cccc586b1c4d665d8e624db0b1be87c4bfe8f1d6303e7975727aef35aceb85d2916fee4ba5af8705065e2a8ddec6ade155a1d27ce8a98f80e1739bb268d4b3247bbac21ecaa5558b4635056b5935422bbcb51b3b98f647ff3e5f61e43720b8cee5b95b78b6d9211cf38ed12b676b411797b1a1dbeb7d3a3633d6f1b8af01c2c6e6b4bc73280743d148a621e5915f4e344f75d42bbfaa769be8625e64a72f516098101bf7459ffbf89316067b8df337964dca69cdf8a1c2d6d51e3a1c92c0c80b807b5ad0c5f92df54b7b551acdf41c3058fbd52d03b50abe7e0acb50f4f77ad30164f146c4ce766cde532ea7e7f650137332fa444f7414c22c968f32c6d0e977b39ceabb72dcea722a7dfb583fb885066496cacc20af767f50c5f4b86499c054db70a6b59bead1d269b997a85fd7eb81596696b0717443a3754d45815f0718a99c594a311879ddb23e4611c15f857aeb3af425b367b23300d3ffd63a3589aa89a7dd9933375897090eab1589653dd5c7e437d15ef42e2901653f9d0b5eb802ce90800326deaa68c3647933043954a403531a1f698df58bd439bb14cf34a60fc1e55fafbf2d3c1fe476bb76dbb948fb3dd4b1b03ab03120762be4f540778ccb89e0aee5418e6c51b65c43ae29f04d8b200d5cb27a804e9c981dda2278a8276db77121139f366d94a7783d669ee190bb2b16c1fe72091014945b48042c5fe1944d7b62634fd016a526d7246ebcf56e5b6201232ae13f18a48a8ace28d6add02a4ca7c85b9eee00fa13073c1c6c13e3eed2e2bfb5e826b1c6d99318018e896b35ee0ee2013bb22b86b75148390fe0932a15d6433d39f56eb66c5093a227d6db4c46b893604100ce0fc16221af87f9bc4e6a7198b3ca71b1ce0984fee1c174ea106736d283760e7c332f5f90cd7bd20b99587062fcebcf6e2b4936002b9cd9ec781fbd1539ea0ee280d20a3f276d0576d2cb77009b47b5743c5e43d8a0aefb7216e0f72f2a6713d24e1405fd105cabb8a3633b828ad0bec8a2858d4dfb5e2bb21472d5cacfdb81c420e53e3fc0b3d8f65cbc2c464dd349ac087c09d6a10ece32f0533c32b844110508a8ab62c491209678e117e4305bf193ed7a441241007dbd7adcde5bf4efda6d0def06e0e9f6cac90183477cf55e54f8be781ed28c10638eb6f036d40679b69c1da42cc2bfe885da7fa921092651b0c6eeb34de07a00e0ca0adeb2c1feb015dfe0e0ea4bebe1e05be2b1dd836081f1774d608757d91421b91029db174e4fb5428437c31ba64099606b69cdcd83f4ea511fa97da4112c83eab436b1ba941465ac206a8f48c18a2253d7b314e3c8a19d42e254d1e0795cf6b0007aa81034d29f4d7e4a0a596105ecd139fa18c88e1f953dd4b454a2096e14ae8733e33ea8697b268c07fec15234b2cfb5678cf4345cd00c9959a0520ff45ae7b7411cdc067a1069907f3780b15b56c96fc505ec6c6975327c348ca0a23c1deb1f5890fc25bec8424949bdf23c314e08de883891d6753e77052bca2959911d378173a45b1b2ccce8a036b585716da11fb9cdb135460f8acb3179ed30ef1eca1927fa0b8458f66755ecc5d7bb9d706e3b2d0c01dca23ec8ba696baf132199b20aa8897938214f81ec8a549ca3c3edf70f8cf3e9900074007b1c184fc4aa30abce4f7a4bcf083520710970f2b7b4f2c0ad008b7aeff389831c1970fd317097666e9a90467425c96fad04457580677218441b71125bdba5846d570348eb1bd6effc3870cd9c3f9c9bc96d3444211ddc7aae06f796df2a78d7a670c2072a5d2b212aef737dc6df423f50dea398c7bf146b2db22e42b723bbef4cc8d457d72eaccd6daa67f43054803cc44781319cfd4df5c14e5ada1acde4876bc8d797b95067e4627ab353086c57395e5c446a8add31887af4aeb9f22e65d8d565a90d57933fa09273f500697a58149273dcdbb2c20fb542fa3fde3be0498954d030d819bc1a2de9180b68f6cc7dacd6aa704c9809eb63b38eef066f9776483f65a92729b4277baeffc3c8ef0ab6111e2049da0fad2f0b2b7771837220b8fc0e2457516db794bccb8cb34d799f096964fd04bce91350f348207813a6f51640bc0d8b9c4f95892c296ef68961ab90e809a51a1eef2cb4365b66063d50902aeeba73ead9564da1c62fe5b8b12bf49024f710ff0bc9b5807ff9dd045746677c8522a4b0841224b6c56ba75a3f768ac3096e97d22db9dc1b7d0668c32f834feabd10789b233b0b11fc7cf531998383490b1372c798e9ee02379aca07a887653c64d3b8fd96797e371940bc108abf6c3ecf69549d2abeb2ea09105778e26cd3f08b90c7007c7eeedffad59b8b3c04faa88cd39d8e23154b0b230c71519d3e6b0af4b1017499a6292723e426334b229b635fe8761a2e99965646357cb1f80eff948142970d7aca2e7748322583f5dc68880de9d4fc13eedd26cfe9d78e90efb868c3d2d0ac18dd82c55b9bd299b035f67603cb11a92f603c8c98b81c588789d5ab0b0421f4dec920d88386d5b2d64586b19bf72b65a28d480d4ec7ba5fa7a4b577ac3e670e307b601bef1a8924787c0fd72989671a30ec843cfbe0ddbab61b1c0e316071e0bd488fcc17b677355f6f1feab32a44bcbc411786c002738c11c4fb5af07bd679f1f6150f2d270d48cd87caa58d437651c4568dea65cb6ffec7ae7b5c8b973dac75586b7f57b3774ca836ed0fb4d212f89c79cce4a1493076a509e9811355aa3447747d2f6d9dbfc4590996a56951f66bfe76d7b2a11893e02579887338c4928372c1d837e9b92a7c1b73671427f51f73c03cd9e3ba437204bed525f2ddde1aac15cf090b10e7f540845c6d643e6d421c4421c9e578e98bd80847ac3eb6687438d2e388b83a987be5479140e7ca2c4dfc038bf82b03faf75924f7fe82bfbf4f7cd25a2105d8db7b07d847ad1edca94323f744cc54640f929dcb6e93509336150469c575b16669d6671b61ab0418d67a90d0eafdc6287ebcb486ef990da526151d1309e2deb5a5ba25b705552052017ae242a77694080b2c648e35044fc731f3fa63e90c52550c26af75517285ca22696b655274e986c076a6cff721ab202c6d3634a88bc860967bc9fa2853f595851c421e3677b4c938a5684cbf45fb78214e8ce47dadf1f25e281ea092b857dd8d61bc4224ace14741320ce9ee63f2a5eef59cf1af1cd4b856ceae09b87eb2c67b6c3dc160da2c178138927eef6762163fe1dcc26e49edca9e1dd6fba3ab0b262d83a2d26939ceedb64974f34726c22a6139c7c63103415e287ded358d7f0b6c93bc626baf81f0efb0690bf790af70f1ac565b01790927ef36a942d3c1e4961ba5e04465a5520e6982c25df1f10db7093aca5959f0c2804cfd3093fa0ca03405d08cb8aa5c1731a6700462c96c7d015fb90fab5da3c366af9230a4e19e0c2dd92f4c24e7e825083332c6dcca9160a3e53c0227b4f41e8b9ffdf5d515efe2d4d665e92a774b2e4bcad4228c8ef58343706cff0e393345a4dcd78073ef1664d23eef7313e3726713bc625cf0cc1bee43ee1a39d615ada40495be8ddb43d6fe18c5b7e79216bd93bd1ee8cd74b8f23a910770b0b4b13e9048cad746929c1594d0b30cabe0529a20eb055e7f42508317e3cfb9b0f564aaa02288173265e75b5b4eb749d4fa04a015be84d02c3cc25b805cea8640d13275ba91d8e5f0ed6865f4eede33c99b7dcb5f81117a0fb18a7fff9bfe90deb327ed5d8da6e56809ef31d8d7e35736cee5521cc57b4356558af88f60f4554d5e12cc61f00c2177ddaa778a5aaba2dd07ef29f72775412ffb1374eea064ee33b5ea5c998b720999e23e7596797960ccd212b1ba46095cb17cc5affd87fbeb82fc345a2ae3f185f9da92e316d545eb4e42b5afc84eb0083c0ea8f4652c0432ead6fcf0c5bd1fe311d2423ea1b96658869f2889962ac40b655dd364811e4433ed1b3ba185f35499b2c79c0be7d01724b3ceea29f35a80703f9352e2100df201998f5d008b13492e7c1fd408dbf4713175f319118ce763ba241c534b4e003cade6c6a92075ce14537e36f5410d46d856c401320ca2d21211786fddcfc70a2ebf108c09c6b92a202e510b55358a26c88232b01d61bc4b43f0595b5015f302391d1ffd00e8937aeef9308ce30904fbf3b0b7b90e93bd51a1762d6f6d59e87b0701fddf80f951e75e1e8403bcf80a09454533995b3c6a030e34678bd34c2da0b344ba25c3d43207443aefab8866e3025887a42d584b8bd053f5e8c34610e5758f5497ace6781677e0e0ad1dadb5213f5b5156d1bf21f8f8efe6c0dc64a2e286f568803a9447143527bae17b4db53957832e5d646769ed50c8772641bd204f583c1732ed0230cdd03201e32fa9b7b54ffc65147c02c5134875a61f493bc34cca0fab088aa0bd1521a6f19568f2526314b7243ffc833cde93b6e2c7372830d315b7880b7640c3556da959a4148572a07b17d9a062272ab2bf88a070a18e6c195ae07977975bbd844462765541b7ac63ab4c0e17239e16a7174b1b36f3e76366ee813482e92ec9259536926495d56248c6afd09d7babe07a62626dd00e82bc93099a24f85b86b9c911e8763d56bcac2410f8e9139f77df9aae4b9b9079a318c6d858a6e6b7f9ba3c98f1cbd2923bd16b90", 0x1000)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  125.583486][ T8775] FAT-fs (loop5): bogus number of reserved sectors
[  125.590056][ T8775] FAT-fs (loop5): Can't find a valid FAT filesystem
[  125.591656][ T8782] FAT-fs (loop2): bogus number of reserved sectors
[  125.603276][ T8782] FAT-fs (loop2): Can't find a valid FAT filesystem
08:50:14 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{0x0}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:14 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

[  125.676283][ T8801] loop5: detected capacity change from 0 to 16
[  125.684113][ T8802] loop4: detected capacity change from 0 to 16
[  125.698916][ T8801] FAT-fs (loop5): bogus number of reserved sectors
[  125.705570][ T8801] FAT-fs (loop5): Can't find a valid FAT filesystem
[  125.713455][ T8811] loop2: detected capacity change from 0 to 16
[  125.741404][ T8811] FAT-fs (loop2): bogus number of reserved sectors
[  125.747978][ T8811] FAT-fs (loop2): Can't find a valid FAT filesystem
[  125.752068][ T8812] FAT-fs (loop3): bogus number of reserved sectors
[  125.761110][ T8812] FAT-fs (loop3): Can't find a valid FAT filesystem
08:50:15 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
write$P9_RFSYNC(r0, &(0x7f00000000c0)={0x7, 0x33, 0x2}, 0x7)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)

08:50:15 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, &(0x7f0000000280)="5f579ed79400a9c94fd8af556f2cb0453f46823f62428604e722ea22e3d2adb04cd5e1ac63bc76c984c9ae0036529ee534505051a0c1d70bcbe616385fd4a0e1e3953d2afcb5da8bef8f2dff4591ed13471d61ccba1997686490be5a9e8d5fd701e7cf1360ff0ddeb54b63cd83ef47dfee396e16da79fdb6bd7d51accf5517c4fad6ad29b6736ff820e6f1c96c10c0cc9484ac4f217468bb00db28e231029100c67d3e9443df9262a4e30862f9ac31ebde4664baab5c7b95f677eecfa9269442f2b05b1d74ffb705f71089bd934aa275b54c277db5d0b7e0c8f5c305ccdc60d8f88dac0b8eb57ee141d08d7a90bd145a9396248cc1f6ea6c6c0bc1327fd77934ea5ef93bbec3a49ef8eb87f3160c436b2b5e0b4581c9f0851123a3632e19cde75f16ba683172139eda87314518bf5f577bd1a579c183e26b4a1f12ee0b1c5cba97f1e69348a53afa56e93cc0dad5da9363a6e06d3109c4a4a54a5cbfc3d460d837ab1e38ac4cf71711dcf57f9cb0ce01dfc74c370ea40c2524ba930563f602cf603702a95083db3d762219c6a0e63533ca3fe1e8df336c43649d7e1e55ac5263627f8c0557024b6df89ffe6f07162f6dbcb3cf12071922e15fda068943909ebd158fed261beded5d03e3a271899ecafd74b5932918f336926ab4e801cd17b0bdc4c5ba9258f3471cb9292b00fb87d427c225ce941b6f47e656d12951fcbb04a85e9b913322be649e26ac1ca63816796bf149e88eaa48b8a034c93075467b20e317fcc0a1c20f6cb6288005b50f155217037c7750df484b0e393350978d78e8518402bfea892e455d1380a4a3418d336bac19cc839167736ead4e15af72b0103aea017d756edbd3147c55a0ccec74199f1eb9eb817a3351df39fbffd85149601ad7c074aff3856e90eed3bbca5702db3620b089a36b278ea7238d5a799b41c818c90869de9db9be5cd2919cc4b043bf9a80c34b461eef6ab0feb7fa9dfc67ee30548bc7301115f8d82dc2a88a798a708df684a5c7a018a4abda559072c6a163c4d321df4a9d88ec57785b7e54118ee445427015db07c1ae47f7e10b5d038d889ba401ba1273add2ebca5f3422fd2da6e3efc3563d8f9e545b16147cc6cccc586b1c4d665d8e624db0b1be87c4bfe8f1d6303e7975727aef35aceb85d2916fee4ba5af8705065e2a8ddec6ade155a1d27ce8a98f80e1739bb268d4b3247bbac21ecaa5558b4635056b5935422bbcb51b3b98f647ff3e5f61e43720b8cee5b95b78b6d9211cf38ed12b676b411797b1a1dbeb7d3a3633d6f1b8af01c2c6e6b4bc73280743d148a621e5915f4e344f75d42bbfaa769be8625e64a72f516098101bf7459ffbf89316067b8df337964dca69cdf8a1c2d6d51e3a1c92c0c80b807b5ad0c5f92df54b7b551acdf41c3058fbd52d03b50abe7e0acb50f4f77ad30164f146c4ce766cde532ea7e7f650137332fa444f7414c22c968f32c6d0e977b39ceabb72dcea722a7dfb583fb885066496cacc20af767f50c5f4b86499c054db70a6b59bead1d269b997a85fd7eb81596696b0717443a3754d45815f0718a99c594a311879ddb23e4611c15f857aeb3af425b367b23300d3ffd63a3589aa89a7dd9933375897090eab1589653dd5c7e437d15ef42e2901653f9d0b5eb802ce90800326deaa68c3647933043954a403531a1f698df58bd439bb14cf34a60fc1e55fafbf2d3c1fe476bb76dbb948fb3dd4b1b03ab03120762be4f540778ccb89e0aee5418e6c51b65c43ae29f04d8b200d5cb27a804e9c981dda2278a8276db77121139f366d94a7783d669ee190bb2b16c1fe72091014945b48042c5fe1944d7b62634fd016a526d7246ebcf56e5b6201232ae13f18a48a8ace28d6add02a4ca7c85b9eee00fa13073c1c6c13e3eed2e2bfb5e826b1c6d99318018e896b35ee0ee2013bb22b86b75148390fe0932a15d6433d39f56eb66c5093a227d6db4c46b893604100ce0fc16221af87f9bc4e6a7198b3ca71b1ce0984fee1c174ea106736d283760e7c332f5f90cd7bd20b99587062fcebcf6e2b4936002b9cd9ec781fbd1539ea0ee280d20a3f276d0576d2cb77009b47b5743c5e43d8a0aefb7216e0f72f2a6713d24e1405fd105cabb8a3633b828ad0bec8a2858d4dfb5e2bb21472d5cacfdb81c420e53e3fc0b3d8f65cbc2c464dd349ac087c09d6a10ece32f0533c32b844110508a8ab62c491209678e117e4305bf193ed7a441241007dbd7adcde5bf4efda6d0def06e0e9f6cac90183477cf55e54f8be781ed28c10638eb6f036d40679b69c1da42cc2bfe885da7fa921092651b0c6eeb34de07a00e0ca0adeb2c1feb015dfe0e0ea4bebe1e05be2b1dd836081f1774d608757d91421b91029db174e4fb5428437c31ba64099606b69cdcd83f4ea511fa97da4112c83eab436b1ba941465ac206a8f48c18a2253d7b314e3c8a19d42e254d1e0795cf6b0007aa81034d29f4d7e4a0a596105ecd139fa18c88e1f953dd4b454a2096e14ae8733e33ea8697b268c07fec15234b2cfb5678cf4345cd00c9959a0520ff45ae7b7411cdc067a1069907f3780b15b56c96fc505ec6c6975327c348ca0a23c1deb1f5890fc25bec8424949bdf23c314e08de883891d6753e77052bca2959911d378173a45b1b2ccce8a036b585716da11fb9cdb135460f8acb3179ed30ef1eca1927fa0b8458f66755ecc5d7bb9d706e3b2d0c01dca23ec8ba696baf132199b20aa8897938214f81ec8a549ca3c3edf70f8cf3e9900074007b1c184fc4aa30abce4f7a4bcf083520710970f2b7b4f2c0ad008b7aeff389831c1970fd317097666e9a90467425c96fad04457580677218441b71125bdba5846d570348eb1bd6effc3870cd9c3f9c9bc96d3444211ddc7aae06f796df2a78d7a670c2072a5d2b212aef737dc6df423f50dea398c7bf146b2db22e42b723bbef4cc8d457d72eaccd6daa67f43054803cc44781319cfd4df5c14e5ada1acde4876bc8d797b95067e4627ab353086c57395e5c446a8add31887af4aeb9f22e65d8d565a90d57933fa09273f500697a58149273dcdbb2c20fb542fa3fde3be0498954d030d819bc1a2de9180b68f6cc7dacd6aa704c9809eb63b38eef066f9776483f65a92729b4277baeffc3c8ef0ab6111e2049da0fad2f0b2b7771837220b8fc0e2457516db794bccb8cb34d799f096964fd04bce91350f348207813a6f51640bc0d8b9c4f95892c296ef68961ab90e809a51a1eef2cb4365b66063d50902aeeba73ead9564da1c62fe5b8b12bf49024f710ff0bc9b5807ff9dd045746677c8522a4b0841224b6c56ba75a3f768ac3096e97d22db9dc1b7d0668c32f834feabd10789b233b0b11fc7cf531998383490b1372c798e9ee02379aca07a887653c64d3b8fd96797e371940bc108abf6c3ecf69549d2abeb2ea09105778e26cd3f08b90c7007c7eeedffad59b8b3c04faa88cd39d8e23154b0b230c71519d3e6b0af4b1017499a6292723e426334b229b635fe8761a2e99965646357cb1f80eff948142970d7aca2e7748322583f5dc68880de9d4fc13eedd26cfe9d78e90efb868c3d2d0ac18dd82c55b9bd299b035f67603cb11a92f603c8c98b81c588789d5ab0b0421f4dec920d88386d5b2d64586b19bf72b65a28d480d4ec7ba5fa7a4b577ac3e670e307b601bef1a8924787c0fd72989671a30ec843cfbe0ddbab61b1c0e316071e0bd488fcc17b677355f6f1feab32a44bcbc411786c002738c11c4fb5af07bd679f1f6150f2d270d48cd87caa58d437651c4568dea65cb6ffec7ae7b5c8b973dac75586b7f57b3774ca836ed0fb4d212f89c79cce4a1493076a509e9811355aa3447747d2f6d9dbfc4590996a56951f66bfe76d7b2a11893e02579887338c4928372c1d837e9b92a7c1b73671427f51f73c03cd9e3ba437204bed525f2ddde1aac15cf090b10e7f540845c6d643e6d421c4421c9e578e98bd80847ac3eb6687438d2e388b83a987be5479140e7ca2c4dfc038bf82b03faf75924f7fe82bfbf4f7cd25a2105d8db7b07d847ad1edca94323f744cc54640f929dcb6e93509336150469c575b16669d6671b61ab0418d67a90d0eafdc6287ebcb486ef990da526151d1309e2deb5a5ba25b705552052017ae242a77694080b2c648e35044fc731f3fa63e90c52550c26af75517285ca22696b655274e986c076a6cff721ab202c6d3634a88bc860967bc9fa2853f595851c421e3677b4c938a5684cbf45fb78214e8ce47dadf1f25e281ea092b857dd8d61bc4224ace14741320ce9ee63f2a5eef59cf1af1cd4b856ceae09b87eb2c67b6c3dc160da2c178138927eef6762163fe1dcc26e49edca9e1dd6fba3ab0b262d83a2d26939ceedb64974f34726c22a6139c7c63103415e287ded358d7f0b6c93bc626baf81f0efb0690bf790af70f1ac565b01790927ef36a942d3c1e4961ba5e04465a5520e6982c25df1f10db7093aca5959f0c2804cfd3093fa0ca03405d08cb8aa5c1731a6700462c96c7d015fb90fab5da3c366af9230a4e19e0c2dd92f4c24e7e825083332c6dcca9160a3e53c0227b4f41e8b9ffdf5d515efe2d4d665e92a774b2e4bcad4228c8ef58343706cff0e393345a4dcd78073ef1664d23eef7313e3726713bc625cf0cc1bee43ee1a39d615ada40495be8ddb43d6fe18c5b7e79216bd93bd1ee8cd74b8f23a910770b0b4b13e9048cad746929c1594d0b30cabe0529a20eb055e7f42508317e3cfb9b0f564aaa02288173265e75b5b4eb749d4fa04a015be84d02c3cc25b805cea8640d13275ba91d8e5f0ed6865f4eede33c99b7dcb5f81117a0fb18a7fff9bfe90deb327ed5d8da6e56809ef31d8d7e35736cee5521cc57b4356558af88f60f4554d5e12cc61f00c2177ddaa778a5aaba2dd07ef29f72775412ffb1374eea064ee33b5ea5c998b720999e23e7596797960ccd212b1ba46095cb17cc5affd87fbeb82fc345a2ae3f185f9da92e316d545eb4e42b5afc84eb0083c0ea8f4652c0432ead6fcf0c5bd1fe311d2423ea1b96658869f2889962ac40b655dd364811e4433ed1b3ba185f35499b2c79c0be7d01724b3ceea29f35a80703f9352e2100df201998f5d008b13492e7c1fd408dbf4713175f319118ce763ba241c534b4e003cade6c6a92075ce14537e36f5410d46d856c401320ca2d21211786fddcfc70a2ebf108c09c6b92a202e510b55358a26c88232b01d61bc4b43f0595b5015f302391d1ffd00e8937aeef9308ce30904fbf3b0b7b90e93bd51a1762d6f6d59e87b0701fddf80f951e75e1e8403bcf80a09454533995b3c6a030e34678bd34c2da0b344ba25c3d43207443aefab8866e3025887a42d584b8bd053f5e8c34610e5758f5497ace6781677e0e0ad1dadb5213f5b5156d1bf21f8f8efe6c0dc64a2e286f568803a9447143527bae17b4db53957832e5d646769ed50c8772641bd204f583c1732ed0230cdd03201e32fa9b7b54ffc65147c02c5134875a61f493bc34cca0fab088aa0bd1521a6f19568f2526314b7243ffc833cde93b6e2c7372830d315b7880b7640c3556da959a4148572a07b17d9a062272ab2bf88a070a18e6c195ae07977975bbd844462765541b7ac63ab4c0e17239e16a7174b1b36f3e76366ee813482e92ec9259536926495d56248c6afd09d7babe07a62626dd00e82bc93099a24f85b86b9c911e8763d56bcac2410f8e9139f77df9aae4b9b9079a318c6d858a6e6b7f9ba3c98f1cbd2923bd16b90", 0x1000)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:15 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x0)

08:50:15 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{0x0}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:15 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:50:15 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{0x0}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

[  126.408358][ T8836] loop5: detected capacity change from 0 to 16
[  126.414092][ T8837] FAT-fs (loop3): bogus number of reserved sectors
[  126.416350][ T8839] loop4: detected capacity change from 0 to 16
[  126.421149][ T8837] FAT-fs (loop3): Can't find a valid FAT filesystem
[  126.435397][ T8840] loop2: detected capacity change from 0 to 16
[  126.443331][ T8838] net_ratelimit: 30 callbacks suppressed
[  126.443341][ T8838] IPv4: Oversized IP packet from 127.0.0.1
08:50:15 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  126.445434][ T8840] FAT-fs (loop2): bogus number of reserved sectors
[  126.449068][    C0] IPv4: Oversized IP packet from 127.0.0.1
[  126.454806][ T8840] FAT-fs (loop2): Can't find a valid FAT filesystem
[  126.474629][ T8836] FAT-fs (loop5): bogus number of reserved sectors
[  126.481219][ T8836] FAT-fs (loop5): Can't find a valid FAT filesystem
08:50:15 executing program 4 (fault-call:9 fault-nth:0):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:50:15 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:15 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(0xffffffffffffffff, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:15 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{0x0}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

[  126.508622][ T8852] IPv4: Oversized IP packet from 127.0.0.1
[  126.514745][    C0] IPv4: Oversized IP packet from 127.0.0.1
[  126.536583][ T8856] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
08:50:15 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

[  126.594122][ T8868] loop2: detected capacity change from 0 to 16
[  126.609738][ T8868] FAT-fs (loop2): bogus number of reserved sectors
[  126.609816][ T8871] loop5: detected capacity change from 0 to 16
[  126.616326][ T8868] FAT-fs (loop2): Can't find a valid FAT filesystem
[  126.626277][ T8875] loop4: detected capacity change from 0 to 16
[  126.632785][ T8874] FAT-fs (loop3): bogus number of reserved sectors
[  126.641760][ T8874] FAT-fs (loop3): Can't find a valid FAT filesystem
[  126.661019][ T8875] FAULT_INJECTION: forcing a failure.
[  126.661019][ T8875] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  126.663379][ T8871] FAT-fs (loop5): bogus number of reserved sectors
[  126.674287][ T8875] CPU: 1 PID: 8875 Comm: syz-executor.4 Not tainted 5.14.0-rc6-syzkaller #0
[  126.680779][ T8871] FAT-fs (loop5): Can't find a valid FAT filesystem
[  126.689494][ T8875] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  126.689505][ T8875] Call Trace:
[  126.689511][ T8875]  dump_stack_lvl+0xb7/0x103
[  126.713979][ T8875]  dump_stack+0x11/0x1a
[  126.718128][ T8875]  should_fail+0x23c/0x250
[  126.722575][ T8875]  __alloc_pages+0x102/0x320
[  126.727166][ T8875]  alloc_pages+0x2e8/0x340
[  126.731706][ T8875]  __page_cache_alloc+0x4d/0xf0
[  126.736547][ T8875]  pagecache_get_page+0x5f4/0x900
[  126.741619][ T8875]  grab_cache_page_write_begin+0x3f/0x70
[  126.747237][ T8875]  cont_write_begin+0x501/0x850
[  126.752135][ T8875]  fat_write_begin+0x61/0xf0
[  126.756766][ T8875]  ? fat_block_truncate_page+0x30/0x30
[  126.762296][ T8875]  generic_perform_write+0x196/0x3c0
[  126.767617][ T8875]  __generic_file_write_iter+0x202/0x300
[  126.773236][ T8875]  ? generic_write_checks+0x250/0x290
[  126.778618][ T8875]  generic_file_write_iter+0x75/0x130
[  126.784048][ T8875]  vfs_write+0x69d/0x770
[  126.788275][ T8875]  ksys_write+0xce/0x180
[  126.792512][ T8875]  __x64_sys_write+0x3e/0x50
[  126.797132][ T8875]  do_syscall_64+0x3d/0x90
[  126.801555][ T8875]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  126.807523][ T8875] RIP: 0033:0x4665e9
[  126.811399][ T8875] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  126.830990][ T8875] RSP: 002b:00007f9108b78188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
08:50:15 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(0xffffffffffffffff, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:15 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

[  126.839383][ T8875] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  126.847412][ T8875] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006
[  126.855453][ T8875] RBP: 00007f9108b781d0 R08: 0000000000000000 R09: 0000000000000000
[  126.863424][ T8875] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  126.871390][ T8875] R13: 00007ffeec19ddcf R14: 00007f9108b78300 R15: 0000000000022000
[  126.939619][ T8888] loop2: detected capacity change from 0 to 16
[  126.951395][ T8888] FAT-fs (loop2): bogus number of reserved sectors
[  126.957914][ T8888] FAT-fs (loop2): Can't find a valid FAT filesystem
08:50:16 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c0000006800"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x0)

08:50:16 executing program 4 (fault-call:9 fault-nth:1):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:50:16 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:16 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:50:16 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(0xffffffffffffffff, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:16 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

[  127.312056][ T8912] loop2: detected capacity change from 0 to 16
[  127.314656][ T8909] loop4: detected capacity change from 0 to 16
[  127.322056][ T8912] FAT-fs (loop2): bogus number of reserved sectors
[  127.330932][ T8912] FAT-fs (loop2): Can't find a valid FAT filesystem
[  127.333048][ T8911] FAT-fs (loop3): bogus number of reserved sectors
[  127.343027][ T8915] loop5: detected capacity change from 0 to 16
[  127.344283][ T8911] FAT-fs (loop3): Can't find a valid FAT filesystem
08:50:16 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, 0x0, 0x0)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  127.367025][ T8909] FAULT_INJECTION: forcing a failure.
[  127.367025][ T8909] name failslab, interval 1, probability 0, space 0, times 1
[  127.379273][ T8915] FAT-fs (loop5): bogus number of reserved sectors
[  127.379699][ T8909] CPU: 0 PID: 8909 Comm: syz-executor.4 Not tainted 5.14.0-rc6-syzkaller #0
[  127.386281][ T8915] FAT-fs (loop5): Can't find a valid FAT filesystem
[  127.394988][ T8909] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  127.395001][ T8909] Call Trace:
08:50:16 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400", 0xc}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

[  127.415287][ T8909]  dump_stack_lvl+0xb7/0x103
[  127.419972][ T8909]  dump_stack+0x11/0x1a
[  127.424138][ T8909]  should_fail+0x23c/0x250
[  127.428562][ T8909]  ? fat_cache_add+0x219/0x570
[  127.433423][ T8909]  __should_failslab+0x81/0x90
[  127.438189][ T8909]  should_failslab+0x5/0x20
[  127.442712][ T8909]  kmem_cache_alloc+0x46/0x2e0
[  127.447635][ T8909]  fat_cache_add+0x219/0x570
[  127.452211][ T8909]  fat_get_cluster+0x58e/0x870
[  127.457022][ T8909]  ? __brelse+0x2c/0x50
[  127.461417][ T8909]  fat_get_mapped_cluster+0xd0/0x250
[  127.466901][ T8909]  fat_bmap+0x258/0x290
[  127.471086][ T8909]  fat_get_block+0x36d/0x5a0
[  127.475664][ T8909]  __block_write_begin_int+0x4a2/0x1060
[  127.481282][ T8909]  ? fat_block_truncate_page+0x30/0x30
[  127.487037][ T8909]  ? wait_for_stable_page+0x56/0x70
[  127.492409][ T8909]  cont_write_begin+0x522/0x850
[  127.497251][ T8909]  fat_write_begin+0x61/0xf0
[  127.501822][ T8909]  ? fat_block_truncate_page+0x30/0x30
[  127.507263][ T8909]  generic_perform_write+0x196/0x3c0
[  127.512632][ T8909]  __generic_file_write_iter+0x202/0x300
[  127.518363][ T8909]  ? generic_write_checks+0x250/0x290
[  127.524065][ T8909]  generic_file_write_iter+0x75/0x130
[  127.529593][ T8909]  vfs_write+0x69d/0x770
[  127.533815][ T8909]  ksys_write+0xce/0x180
[  127.538033][ T8909]  __x64_sys_write+0x3e/0x50
[  127.542604][ T8909]  do_syscall_64+0x3d/0x90
[  127.547023][ T8909]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  127.553122][ T8909] RIP: 0033:0x4665e9
[  127.557013][ T8909] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  127.577147][ T8909] RSP: 002b:00007f9108b78188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  127.585640][ T8909] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  127.593680][ T8909] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006
[  127.601681][ T8909] RBP: 00007f9108b781d0 R08: 0000000000000000 R09: 0000000000000000
[  127.609642][ T8909] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
08:50:16 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, 0x0, 0x0)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:16 executing program 4 (fault-call:9 fault-nth:2):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

[  127.617713][ T8909] R13: 00007ffeec19ddcf R14: 00007f9108b78300 R15: 0000000000022000
08:50:16 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, 0x0, 0x0)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:16 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

[  127.696807][ T8937] loop2: detected capacity change from 0 to 16
[  127.713582][ T8943] loop4: detected capacity change from 0 to 16
[  127.733982][ T8948] loop5: detected capacity change from 0 to 16
[  127.735924][ T8943] FAULT_INJECTION: forcing a failure.
[  127.735924][ T8943] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  127.740536][ T8937] FAT-fs (loop2): bogus number of reserved sectors
[  127.753417][ T8943] CPU: 0 PID: 8943 Comm: syz-executor.4 Not tainted 5.14.0-rc6-syzkaller #0
[  127.759946][ T8937] FAT-fs (loop2): Can't find a valid FAT filesystem
[  127.768578][ T8943] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  127.785194][ T8943] Call Trace:
[  127.788638][ T8943]  dump_stack_lvl+0xb7/0x103
[  127.793224][ T8943]  dump_stack+0x11/0x1a
[  127.797376][ T8943]  should_fail+0x23c/0x250
[  127.801881][ T8943]  should_fail_usercopy+0x16/0x20
[  127.806907][ T8943]  copy_page_from_iter_atomic+0x2c1/0xba0
[  127.812748][ T8943]  ? fat_write_begin+0x61/0xf0
[  127.817505][ T8943]  ? fat_block_truncate_page+0x30/0x30
[  127.823011][ T8943]  ? fat_write_begin+0x79/0xf0
[  127.827771][ T8943]  generic_perform_write+0x1df/0x3c0
[  127.833099][ T8943]  __generic_file_write_iter+0x202/0x300
[  127.838729][ T8943]  ? generic_write_checks+0x250/0x290
[  127.844104][ T8943]  generic_file_write_iter+0x75/0x130
[  127.846288][ T8948] FAT-fs (loop5): bogus number of reserved sectors
[  127.849645][ T8943]  vfs_write+0x69d/0x770
[  127.849667][ T8943]  ksys_write+0xce/0x180
[  127.856161][ T8948] FAT-fs (loop5): Can't find a valid FAT filesystem
[  127.860410][ T8943]  __x64_sys_write+0x3e/0x50
[  127.860432][ T8943]  do_syscall_64+0x3d/0x90
[  127.881963][ T8943]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  127.887994][ T8943] RIP: 0033:0x4665e9
[  127.891890][ T8943] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  127.911841][ T8943] RSP: 002b:00007f9108b78188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  127.920234][ T8943] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  127.928330][ T8943] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006
[  127.936561][ T8943] RBP: 00007f9108b781d0 R08: 0000000000000000 R09: 0000000000000000
[  127.944800][ T8943] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  127.953307][ T8943] R13: 00007ffeec19ddcf R14: 00007f9108b78300 R15: 0000000000022000
[  127.970621][ T8943] handle_bad_sector: 76 callbacks suppressed
[  127.970635][ T8943] attempt to access beyond end of device
[  127.970635][ T8943] loop4: rw=2049, want=123, limit=16
[  127.987996][ T8943] attempt to access beyond end of device
[  127.987996][ T8943] loop4: rw=2049, want=124, limit=16
[  127.998850][ T8943] buffer_io_error: 76 callbacks suppressed
[  127.998858][ T8943] Buffer I/O error on dev loop4, logical block 123, lost async page write
[  128.014063][ T8943] attempt to access beyond end of device
[  128.014063][ T8943] loop4: rw=2049, want=125, limit=16
[  128.025043][ T8943] Buffer I/O error on dev loop4, logical block 124, lost async page write
[  128.034547][ T8943] attempt to access beyond end of device
[  128.034547][ T8943] loop4: rw=2049, want=126, limit=16
[  128.045356][ T8943] Buffer I/O error on dev loop4, logical block 125, lost async page write
[  128.053881][ T8943] attempt to access beyond end of device
[  128.053881][ T8943] loop4: rw=2049, want=127, limit=16
[  128.065282][ T8943] Buffer I/O error on dev loop4, logical block 126, lost async page write
[  128.074110][ T8943] attempt to access beyond end of device
[  128.074110][ T8943] loop4: rw=2049, want=128, limit=16
[  128.084892][ T8943] Buffer I/O error on dev loop4, logical block 127, lost async page write
08:50:17 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c0000006800"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x0)

08:50:17 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:50:17 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400", 0xc}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:17 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000), 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:17 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:17 executing program 4 (fault-call:9 fault-nth:3):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

[  128.178869][ T8972] loop4: detected capacity change from 0 to 16
[  128.179271][ T8974] loop5: detected capacity change from 0 to 16
[  128.193783][ T8974] FAT-fs (loop5): bogus number of reserved sectors
[  128.196634][ T8979] loop2: detected capacity change from 0 to 16
[  128.200351][ T8974] FAT-fs (loop5): Can't find a valid FAT filesystem
[  128.201107][ T8975] loop3: detected capacity change from 0 to 16
[  128.221633][ T8979] FAT-fs (loop2): bogus number of reserved sectors
08:50:17 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000), 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  128.223984][ T8972] FAULT_INJECTION: forcing a failure.
[  128.223984][ T8972] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  128.228187][ T8979] FAT-fs (loop2): Can't find a valid FAT filesystem
[  128.241420][ T8972] CPU: 0 PID: 8972 Comm: syz-executor.4 Not tainted 5.14.0-rc6-syzkaller #0
[  128.257741][ T8972] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  128.267852][ T8972] Call Trace:
[  128.271136][ T8972]  dump_stack_lvl+0xb7/0x103
[  128.275862][ T8972]  dump_stack+0x11/0x1a
[  128.280114][ T8972]  should_fail+0x23c/0x250
[  128.284872][ T8972]  __alloc_pages+0x102/0x320
[  128.289549][ T8972]  alloc_pages+0x2e8/0x340
[  128.293956][ T8972]  __page_cache_alloc+0x4d/0xf0
[  128.298802][ T8972]  pagecache_get_page+0x5f4/0x900
[  128.303820][ T8972]  grab_cache_page_write_begin+0x3f/0x70
[  128.309528][ T8972]  cont_write_begin+0x501/0x850
[  128.314367][ T8972]  fat_write_begin+0x61/0xf0
[  128.318937][ T8972]  ? fat_block_truncate_page+0x30/0x30
[  128.324574][ T8972]  generic_perform_write+0x196/0x3c0
[  128.329918][ T8972]  ? fat_write_begin+0xf0/0xf0
[  128.334661][ T8972]  __generic_file_write_iter+0x202/0x300
[  128.340379][ T8972]  ? generic_write_checks+0x250/0x290
[  128.345826][ T8972]  generic_file_write_iter+0x75/0x130
[  128.351188][ T8972]  vfs_write+0x69d/0x770
[  128.356014][ T8972]  ksys_write+0xce/0x180
[  128.360242][ T8972]  __x64_sys_write+0x3e/0x50
[  128.364814][ T8972]  do_syscall_64+0x3d/0x90
[  128.369341][ T8972]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  128.375311][ T8972] RIP: 0033:0x4665e9
[  128.379356][ T8972] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  128.399380][ T8972] RSP: 002b:00007f9108b78188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  128.407902][ T8972] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  128.416305][ T8972] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006
08:50:17 executing program 4 (fault-call:9 fault-nth:4):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

[  128.424441][ T8972] RBP: 00007f9108b781d0 R08: 0000000000000000 R09: 0000000000000000
[  128.432483][ T8972] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  128.440697][ T8972] R13: 00007ffeec19ddcf R14: 00007f9108b78300 R15: 0000000000022000
08:50:17 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000), 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:17 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400", 0xc}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

[  128.470785][ T8975] FAT-fs (loop3): bogus number of reserved sectors
[  128.477433][ T8975] FAT-fs (loop3): Can't find a valid FAT filesystem
[  128.509210][ T8996] loop4: detected capacity change from 0 to 16
[  128.527885][ T8996] FAULT_INJECTION: forcing a failure.
[  128.527885][ T8996] name failslab, interval 1, probability 0, space 0, times 0
[  128.540486][ T8996] CPU: 0 PID: 8996 Comm: syz-executor.4 Not tainted 5.14.0-rc6-syzkaller #0
[  128.549442][ T8996] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  128.556066][ T9003] loop5: detected capacity change from 0 to 16
[  128.560094][ T8996] Call Trace:
[  128.560103][ T8996]  dump_stack_lvl+0xb7/0x103
[  128.574148][ T8996]  dump_stack+0x11/0x1a
[  128.578314][ T8996]  should_fail+0x23c/0x250
[  128.582773][ T8996]  ? xas_create+0x3fb/0xb30
[  128.587260][ T8996]  __should_failslab+0x81/0x90
[  128.592007][ T8996]  should_failslab+0x5/0x20
[  128.596493][ T8996]  kmem_cache_alloc+0x46/0x2e0
[  128.601243][ T8996]  xas_create+0x3fb/0xb30
[  128.605554][ T8996]  xas_store+0x70/0xca0
[  128.609818][ T8996]  ? memcg_check_events+0x23/0x3b0
[  128.614946][ T8996]  ? cgroup_rstat_updated+0x60/0x1c0
[  128.620217][ T8996]  ? get_page_from_freelist+0x54e/0x820
[  128.625760][ T8996]  ? xas_find_conflict+0x422/0x4c0
[  128.632070][ T8996]  __add_to_page_cache_locked+0x1eb/0x4b0
[  128.637788][ T8996]  ? workingset_activation+0x270/0x270
[  128.643492][ T8996]  add_to_page_cache_lru+0xa0/0x1b0
[  128.648707][ T8996]  pagecache_get_page+0x6a3/0x900
[  128.653792][ T8996]  grab_cache_page_write_begin+0x3f/0x70
[  128.659457][ T8996]  cont_write_begin+0x501/0x850
[  128.664315][ T8996]  fat_write_begin+0x61/0xf0
[  128.668904][ T8996]  ? fat_block_truncate_page+0x30/0x30
[  128.674350][ T8996]  generic_perform_write+0x196/0x3c0
[  128.679691][ T8996]  ? fat_write_begin+0xf0/0xf0
[  128.684454][ T8996]  __generic_file_write_iter+0x202/0x300
[  128.690073][ T8996]  ? generic_write_checks+0x250/0x290
[  128.695429][ T8996]  generic_file_write_iter+0x75/0x130
[  128.700823][ T8996]  vfs_write+0x69d/0x770
[  128.705047][ T8996]  ksys_write+0xce/0x180
[  128.709272][ T8996]  __x64_sys_write+0x3e/0x50
[  128.713849][ T8996]  do_syscall_64+0x3d/0x90
[  128.718249][ T8996]  ? irqentry_exit+0xe/0x30
[  128.722737][ T8996]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  128.728692][ T8996] RIP: 0033:0x4665e9
[  128.732568][ T8996] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  128.752564][ T8996] RSP: 002b:00007f9108b78188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  128.761139][ T8996] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  128.769111][ T8996] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006
08:50:17 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400", 0xc}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:17 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

[  128.777327][ T8996] RBP: 00007f9108b781d0 R08: 0000000000000000 R09: 0000000000000000
[  128.785416][ T8996] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  128.793371][ T8996] R13: 00007ffeec19ddcf R14: 00007f9108b78300 R15: 0000000000022000
[  128.849040][ T9003] FAT-fs (loop5): bogus number of reserved sectors
[  128.855802][ T9003] FAT-fs (loop5): Can't find a valid FAT filesystem
[  128.855994][ T9012] loop2: detected capacity change from 0 to 16
[  128.865967][ T9013] loop3: detected capacity change from 0 to 16
[  128.872611][ T9012] FAT-fs (loop2): bogus number of reserved sectors
[  128.881679][ T9012] FAT-fs (loop2): Can't find a valid FAT filesystem
[  128.899858][ T9013] FAT-fs (loop3): bogus number of reserved sectors
[  128.906412][ T9013] FAT-fs (loop3): Can't find a valid FAT filesystem
08:50:17 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c0000006800"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x0)

08:50:17 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(0xffffffffffffffff, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:17 executing program 4 (fault-call:9 fault-nth:5):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:50:17 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400", 0xc}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:17 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240", 0x12}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:17 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:50:18 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(0xffffffffffffffff, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  129.034136][ T9031] loop3: detected capacity change from 0 to 16
[  129.046745][ T9034] loop5: detected capacity change from 0 to 16
[  129.048671][ T9037] loop4: detected capacity change from 0 to 16
[  129.053793][ T9038] loop2: detected capacity change from 0 to 16
[  129.076847][ T9037] FAULT_INJECTION: forcing a failure.
[  129.076847][ T9037] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  129.089934][ T9037] CPU: 0 PID: 9037 Comm: syz-executor.4 Not tainted 5.14.0-rc6-syzkaller #0
[  129.098676][ T9037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  129.108722][ T9037] Call Trace:
[  129.111985][ T9037]  dump_stack_lvl+0xb7/0x103
[  129.116561][ T9037]  dump_stack+0x11/0x1a
[  129.120713][ T9037]  should_fail+0x23c/0x250
[  129.125124][ T9037]  should_fail_usercopy+0x16/0x20
[  129.130138][ T9037]  copy_page_from_iter_atomic+0x2c1/0xba0
[  129.135904][ T9037]  ? fat_write_begin+0x61/0xf0
[  129.140658][ T9037]  ? fat_block_truncate_page+0x30/0x30
[  129.146137][ T9037]  ? fat_write_begin+0x79/0xf0
[  129.150896][ T9037]  generic_perform_write+0x1df/0x3c0
[  129.156243][ T9037]  ? fat_write_begin+0xf0/0xf0
[  129.161040][ T9037]  __generic_file_write_iter+0x202/0x300
[  129.167001][ T9037]  ? generic_write_checks+0x250/0x290
[  129.172431][ T9037]  generic_file_write_iter+0x75/0x130
[  129.177790][ T9037]  vfs_write+0x69d/0x770
[  129.182014][ T9037]  ksys_write+0xce/0x180
[  129.186240][ T9037]  __x64_sys_write+0x3e/0x50
[  129.190812][ T9037]  do_syscall_64+0x3d/0x90
[  129.195452][ T9037]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  129.203831][ T9037] RIP: 0033:0x4665e9
[  129.207710][ T9037] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  129.227940][ T9037] RSP: 002b:00007f9108b78188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  129.236335][ T9037] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  129.244411][ T9037] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006
[  129.252396][ T9037] RBP: 00007f9108b781d0 R08: 0000000000000000 R09: 0000000000000000
[  129.260382][ T9037] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  129.268334][ T9037] R13: 00007ffeec19ddcf R14: 00007f9108b78300 R15: 0000000000022000
[  129.278735][ T9031] FAT-fs (loop3): bogus number of reserved sectors
[  129.285262][ T9031] FAT-fs (loop3): Can't find a valid FAT filesystem
[  129.289906][ T9037] attempt to access beyond end of device
[  129.289906][ T9037] loop4: rw=2049, want=123, limit=16
[  129.292169][ T9034] FAT-fs (loop5): bogus number of reserved sectors
[  129.309356][ T9034] FAT-fs (loop5): Can't find a valid FAT filesystem
[  129.316578][ T9037] attempt to access beyond end of device
[  129.316578][ T9037] loop4: rw=2049, want=124, limit=16
08:50:18 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(0xffffffffffffffff, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  129.327412][ T9037] Buffer I/O error on dev loop4, logical block 123, lost async page write
[  129.334582][ T9038] FAT-fs (loop2): invalid media value (0x00)
[  129.342132][ T9038] FAT-fs (loop2): Can't find a valid FAT filesystem
[  129.345591][ T9037] attempt to access beyond end of device
[  129.345591][ T9037] loop4: rw=2049, want=125, limit=16
[  129.359525][ T9037] Buffer I/O error on dev loop4, logical block 124, lost async page write
[  129.368233][ T9037] attempt to access beyond end of device
[  129.368233][ T9037] loop4: rw=2049, want=126, limit=16
08:50:18 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400", 0xc}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:18 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{0x0}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:50:18 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, 0x0, 0x0, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  129.379321][ T9037] Buffer I/O error on dev loop4, logical block 125, lost async page write
[  129.387945][ T9037] Buffer I/O error on dev loop4, logical block 126, lost async page write
[  129.398447][ T9037] Buffer I/O error on dev loop4, logical block 127, lost async page write
08:50:18 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240", 0x12}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

[  129.457484][ T9068] loop3: detected capacity change from 0 to 16
[  129.458174][ T9069] loop5: detected capacity change from 0 to 16
[  129.476216][ T9068] FAT-fs (loop3): bogus number of reserved sectors
[  129.478950][ T9076] loop2: detected capacity change from 0 to 16
[  129.482761][ T9068] FAT-fs (loop3): Can't find a valid FAT filesystem
[  129.491257][ T9069] FAT-fs (loop5): bogus number of reserved sectors
[  129.502028][ T9069] FAT-fs (loop5): Can't find a valid FAT filesystem
[  129.511512][ T9076] FAT-fs (loop2): invalid media value (0x00)
[  129.517511][ T9076] FAT-fs (loop2): Can't find a valid FAT filesystem
08:50:18 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff})
r1 = socket$inet_udp(0x2, 0x2, 0x0)
close(r1)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(r0, 0x0, r1, 0x0, 0x30000033fe0, 0x0)

08:50:18 executing program 4 (fault-call:9 fault-nth:6):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:50:18 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, 0x0, 0x0, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:18 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240", 0x12}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:18 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{0x0}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:50:18 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240", 0x12}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:18 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, 0x0, 0x0, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  129.910658][ T9100] loop3: detected capacity change from 0 to 16
[  129.917710][ T9103] loop2: detected capacity change from 0 to 16
[  129.920961][ T9101] loop5: detected capacity change from 0 to 16
[  129.933587][ T9102] loop4: detected capacity change from 0 to 16
[  129.940295][ T9103] FAT-fs (loop2): invalid media value (0x00)
[  129.946383][ T9103] FAT-fs (loop2): Can't find a valid FAT filesystem
08:50:18 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0x0, 0x0, 0x0, 0x0)

[  129.958006][ T9100] FAT-fs (loop3): bogus number of reserved sectors
[  129.964558][ T9100] FAT-fs (loop3): Can't find a valid FAT filesystem
[  129.979852][ T9101] FAT-fs (loop5): invalid media value (0x00)
[  129.985893][ T9101] FAT-fs (loop5): Can't find a valid FAT filesystem
[  129.989629][ T9102] FAULT_INJECTION: forcing a failure.
[  129.989629][ T9102] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  130.005945][ T9102] CPU: 1 PID: 9102 Comm: syz-executor.4 Not tainted 5.14.0-rc6-syzkaller #0
[  130.014806][ T9102] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  130.025022][ T9102] Call Trace:
[  130.028305][ T9102]  dump_stack_lvl+0xb7/0x103
[  130.032885][ T9102]  dump_stack+0x11/0x1a
[  130.037030][ T9102]  should_fail+0x23c/0x250
[  130.041442][ T9102]  __alloc_pages+0x102/0x320
[  130.046045][ T9102]  alloc_pages+0x2e8/0x340
[  130.050469][ T9102]  __page_cache_alloc+0x4d/0xf0
[  130.055309][ T9102]  pagecache_get_page+0x5f4/0x900
[  130.060691][ T9102]  grab_cache_page_write_begin+0x3f/0x70
[  130.066314][ T9102]  cont_write_begin+0x501/0x850
[  130.071243][ T9102]  fat_write_begin+0x61/0xf0
[  130.075830][ T9102]  ? fat_block_truncate_page+0x30/0x30
[  130.081416][ T9102]  generic_perform_write+0x196/0x3c0
[  130.086736][ T9102]  ? fat_write_begin+0xf0/0xf0
[  130.091657][ T9102]  __generic_file_write_iter+0x202/0x300
[  130.097274][ T9102]  ? generic_write_checks+0x250/0x290
[  130.102798][ T9102]  generic_file_write_iter+0x75/0x130
[  130.108178][ T9102]  vfs_write+0x69d/0x770
[  130.112490][ T9102]  ksys_write+0xce/0x180
[  130.116734][ T9102]  __x64_sys_write+0x3e/0x50
[  130.121314][ T9102]  do_syscall_64+0x3d/0x90
[  130.125714][ T9102]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  130.131613][ T9102] RIP: 0033:0x4665e9
[  130.135488][ T9102] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
08:50:19 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0x0, 0x0, 0x0, 0x0)

08:50:19 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{0x0}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

[  130.155150][ T9102] RSP: 002b:00007f9108b78188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  130.163542][ T9102] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  130.171603][ T9102] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006
[  130.179565][ T9102] RBP: 00007f9108b781d0 R08: 0000000000000000 R09: 0000000000000000
[  130.187530][ T9102] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  130.195490][ T9102] R13: 00007ffeec19ddcf R14: 00007f9108b78300 R15: 0000000000022000
08:50:19 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240", 0x12}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:19 executing program 4 (fault-call:9 fault-nth:7):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

[  130.292078][ T9134] loop4: detected capacity change from 0 to 16
[  130.293256][ T9136] loop3: detected capacity change from 0 to 16
[  130.298464][ T9137] loop5: detected capacity change from 0 to 16
[  130.316713][ T9137] FAT-fs (loop5): invalid media value (0x00)
[  130.320242][ T9136] FAT-fs (loop3): bogus number of reserved sectors
[  130.323023][ T9137] FAT-fs (loop5): Can't find a valid FAT filesystem
[  130.329483][ T9136] FAT-fs (loop3): Can't find a valid FAT filesystem
[  130.346357][ T9134] FAULT_INJECTION: forcing a failure.
[  130.346357][ T9134] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  130.359802][ T9134] CPU: 1 PID: 9134 Comm: syz-executor.4 Not tainted 5.14.0-rc6-syzkaller #0
[  130.368549][ T9134] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  130.378602][ T9134] Call Trace:
[  130.381866][ T9134]  dump_stack_lvl+0xb7/0x103
[  130.386455][ T9134]  dump_stack+0x11/0x1a
[  130.390600][ T9134]  should_fail+0x23c/0x250
[  130.395026][ T9134]  should_fail_usercopy+0x16/0x20
[  130.400141][ T9134]  copy_page_from_iter_atomic+0x2c1/0xba0
[  130.405894][ T9134]  ? fat_write_begin+0x61/0xf0
[  130.410636][ T9134]  ? fat_block_truncate_page+0x30/0x30
[  130.416091][ T9134]  ? fat_write_begin+0x79/0xf0
[  130.420845][ T9134]  generic_perform_write+0x1df/0x3c0
[  130.426252][ T9134]  ? fat_write_begin+0xf0/0xf0
[  130.431018][ T9134]  __generic_file_write_iter+0x202/0x300
[  130.436669][ T9134]  ? generic_write_checks+0x250/0x290
[  130.442112][ T9134]  generic_file_write_iter+0x75/0x130
[  130.447557][ T9134]  vfs_write+0x69d/0x770
[  130.452161][ T9134]  ksys_write+0xce/0x180
[  130.456387][ T9134]  __x64_sys_write+0x3e/0x50
[  130.461229][ T9134]  do_syscall_64+0x3d/0x90
[  130.465640][ T9134]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  130.471578][ T9134] RIP: 0033:0x4665e9
[  130.476060][ T9134] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  130.496038][ T9134] RSP: 002b:00007f9108b78188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  130.504435][ T9134] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  130.512565][ T9134] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006
[  130.521144][ T9134] RBP: 00007f9108b781d0 R08: 0000000000000000 R09: 0000000000000000
[  130.529164][ T9134] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  130.537406][ T9134] R13: 00007ffeec19ddcf R14: 00007f9108b78300 R15: 0000000000022000
08:50:19 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0x0, 0x0, 0x0, 0x0)

08:50:19 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff})
r1 = socket$inet_udp(0x2, 0x2, 0x0)
close(r1)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(r0, 0x0, r1, 0x0, 0x30000033fe0, 0x0)

08:50:19 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000", 0x15}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:19 executing program 4 (fault-call:9 fault-nth:8):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:50:19 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240", 0x12}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:19 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

[  130.758912][ T9164] loop3: detected capacity change from 0 to 16
[  130.767784][ T9164] FAT-fs (loop3): bogus number of reserved sectors
[  130.769813][ T9163] loop2: detected capacity change from 0 to 16
[  130.774348][ T9164] FAT-fs (loop3): Can't find a valid FAT filesystem
[  130.782831][ T9169] loop5: detected capacity change from 0 to 16
[  130.791594][ T9168] loop4: detected capacity change from 0 to 16
[  130.796327][ T9163] FAT-fs (loop2): invalid media value (0x00)
08:50:19 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0), 0x10)

[  130.805349][ T9163] FAT-fs (loop2): Can't find a valid FAT filesystem
[  130.823942][ T9169] FAT-fs (loop5): invalid media value (0x00)
[  130.829971][ T9169] FAT-fs (loop5): Can't find a valid FAT filesystem
[  130.842591][ T9168] FAULT_INJECTION: forcing a failure.
[  130.842591][ T9168] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  130.855880][ T9168] CPU: 1 PID: 9168 Comm: syz-executor.4 Not tainted 5.14.0-rc6-syzkaller #0
[  130.864724][ T9168] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  130.875087][ T9168] Call Trace:
[  130.878441][ T9168]  dump_stack_lvl+0xb7/0x103
[  130.883139][ T9168]  dump_stack+0x11/0x1a
[  130.887279][ T9168]  should_fail+0x23c/0x250
[  130.891750][ T9168]  __alloc_pages+0x102/0x320
[  130.896333][ T9168]  alloc_pages+0x2e8/0x340
[  130.900736][ T9168]  __page_cache_alloc+0x4d/0xf0
[  130.905647][ T9168]  pagecache_get_page+0x5f4/0x900
[  130.910654][ T9168]  grab_cache_page_write_begin+0x3f/0x70
[  130.916292][ T9168]  cont_write_begin+0x501/0x850
[  130.921390][ T9168]  fat_write_begin+0x61/0xf0
[  130.925961][ T9168]  ? fat_block_truncate_page+0x30/0x30
[  130.931401][ T9168]  generic_perform_write+0x196/0x3c0
[  130.936734][ T9168]  ? fat_write_begin+0xf0/0xf0
[  130.941685][ T9168]  __generic_file_write_iter+0x202/0x300
[  130.947304][ T9168]  ? generic_write_checks+0x250/0x290
[  130.952665][ T9168]  generic_file_write_iter+0x75/0x130
[  130.958204][ T9168]  vfs_write+0x69d/0x770
[  130.962458][ T9168]  ksys_write+0xce/0x180
[  130.966686][ T9168]  __x64_sys_write+0x3e/0x50
[  130.971268][ T9168]  do_syscall_64+0x3d/0x90
[  130.975679][ T9168]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  130.981579][ T9168] RIP: 0033:0x4665e9
[  130.985451][ T9168] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
08:50:20 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0), 0x10)

[  131.005068][ T9168] RSP: 002b:00007f9108b78188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  131.013461][ T9168] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  131.021454][ T9168] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006
[  131.029476][ T9168] RBP: 00007f9108b781d0 R08: 0000000000000000 R09: 0000000000000000
[  131.037546][ T9168] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  131.045600][ T9168] R13: 00007ffeec19ddcf R14: 00007f9108b78300 R15: 0000000000022000
08:50:20 executing program 4 (fault-call:9 fault-nth:9):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:50:20 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000", 0x15}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:20 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000", 0x15}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:20 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0), 0x10)

08:50:20 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

[  131.137310][ T9192] loop2: detected capacity change from 0 to 16
[  131.141738][ T9197] loop5: detected capacity change from 0 to 16
[  131.163342][ T9203] loop3: detected capacity change from 0 to 16
[  131.171972][ T9192] FAT-fs (loop2): invalid media value (0x00)
[  131.177973][ T9192] FAT-fs (loop2): Can't find a valid FAT filesystem
[  131.185527][ T9205] loop4: detected capacity change from 0 to 16
[  131.192685][ T9197] FAT-fs (loop5): invalid media value (0x00)
[  131.198760][ T9197] FAT-fs (loop5): Can't find a valid FAT filesystem
[  131.207019][ T9203] FAT-fs (loop3): bogus number of reserved sectors
[  131.213574][ T9203] FAT-fs (loop3): Can't find a valid FAT filesystem
[  131.225315][ T9205] FAULT_INJECTION: forcing a failure.
[  131.225315][ T9205] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  131.238457][ T9205] CPU: 0 PID: 9205 Comm: syz-executor.4 Not tainted 5.14.0-rc6-syzkaller #0
[  131.247135][ T9205] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  131.257180][ T9205] Call Trace:
[  131.260449][ T9205]  dump_stack_lvl+0xb7/0x103
[  131.265055][ T9205]  dump_stack+0x11/0x1a
[  131.269196][ T9205]  should_fail+0x23c/0x250
[  131.273687][ T9205]  should_fail_usercopy+0x16/0x20
[  131.278746][ T9205]  copy_page_from_iter_atomic+0x2c1/0xba0
[  131.284453][ T9205]  ? fat_write_begin+0x61/0xf0
[  131.289307][ T9205]  ? fat_block_truncate_page+0x30/0x30
[  131.294753][ T9205]  ? fat_write_begin+0x79/0xf0
[  131.299760][ T9205]  generic_perform_write+0x1df/0x3c0
[  131.305064][ T9205]  ? fat_write_begin+0xf0/0xf0
[  131.309811][ T9205]  __generic_file_write_iter+0x202/0x300
[  131.315487][ T9205]  ? generic_write_checks+0x250/0x290
[  131.320846][ T9205]  generic_file_write_iter+0x75/0x130
[  131.326206][ T9205]  vfs_write+0x69d/0x770
[  131.330568][ T9205]  ksys_write+0xce/0x180
[  131.334795][ T9205]  __x64_sys_write+0x3e/0x50
[  131.339455][ T9205]  do_syscall_64+0x3d/0x90
[  131.343910][ T9205]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  131.349787][ T9205] RIP: 0033:0x4665e9
[  131.353666][ T9205] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  131.373453][ T9205] RSP: 002b:00007f9108b78188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  131.381851][ T9205] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  131.389816][ T9205] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006
[  131.397782][ T9205] RBP: 00007f9108b781d0 R08: 0000000000000000 R09: 0000000000000000
[  131.405780][ T9205] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  131.414012][ T9205] R13: 00007ffeec19ddcf R14: 00007f9108b78300 R15: 0000000000022000
08:50:20 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff})
r1 = socket$inet_udp(0x2, 0x2, 0x0)
close(r1)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(r0, 0x0, r1, 0x0, 0x30000033fe0, 0x0)

08:50:20 executing program 1:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{0x0}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:50:20 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000", 0x15}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:20 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000", 0x15}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:20 executing program 4 (fault-call:9 fault-nth:10):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:50:20 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

[  131.610601][ T9229] loop1: detected capacity change from 0 to 16
[  131.611377][ T9234] loop2: detected capacity change from 0 to 16
[  131.619787][ T9235] loop3: detected capacity change from 0 to 16
[  131.625767][ T9234] FAT-fs (loop2): invalid media value (0x00)
[  131.630835][ T9233] loop5: detected capacity change from 0 to 16
[  131.635098][ T9234] FAT-fs (loop2): Can't find a valid FAT filesystem
[  131.636126][ T9236] loop4: detected capacity change from 0 to 16
[  131.655434][ T9235] FAT-fs (loop3): bogus number of reserved sectors
[  131.657055][ T9229] FAT-fs (loop1): bogus number of reserved sectors
[  131.661985][ T9235] FAT-fs (loop3): Can't find a valid FAT filesystem
[  131.668583][ T9229] FAT-fs (loop1): Can't find a valid FAT filesystem
[  131.676267][ T9233] FAT-fs (loop5): invalid media value (0x00)
[  131.686868][ T9236] FAULT_INJECTION: forcing a failure.
[  131.686868][ T9236] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  131.687712][ T9233] FAT-fs (loop5): Can't find a valid FAT filesystem
[  131.707628][ T9236] CPU: 1 PID: 9236 Comm: syz-executor.4 Not tainted 5.14.0-rc6-syzkaller #0
[  131.716381][ T9236] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  131.726442][ T9236] Call Trace:
[  131.729710][ T9236]  dump_stack_lvl+0xb7/0x103
[  131.734287][ T9236]  dump_stack+0x11/0x1a
[  131.738654][ T9236]  should_fail+0x23c/0x250
[  131.743134][ T9236]  __alloc_pages+0x102/0x320
[  131.747985][ T9236]  alloc_pages+0x2e8/0x340
[  131.752381][ T9236]  __page_cache_alloc+0x4d/0xf0
[  131.757215][ T9236]  pagecache_get_page+0x5f4/0x900
[  131.762290][ T9236]  grab_cache_page_write_begin+0x3f/0x70
[  131.767968][ T9236]  cont_write_begin+0x501/0x850
[  131.772840][ T9236]  fat_write_begin+0x61/0xf0
[  131.777430][ T9236]  ? fat_block_truncate_page+0x30/0x30
[  131.782967][ T9236]  generic_perform_write+0x196/0x3c0
[  131.788265][ T9236]  ? fat_write_begin+0xf0/0xf0
[  131.793010][ T9236]  __generic_file_write_iter+0x202/0x300
[  131.798630][ T9236]  ? generic_write_checks+0x250/0x290
[  131.803986][ T9236]  generic_file_write_iter+0x75/0x130
[  131.809363][ T9236]  vfs_write+0x69d/0x770
[  131.813589][ T9236]  ksys_write+0xce/0x180
[  131.817816][ T9236]  __x64_sys_write+0x3e/0x50
[  131.822429][ T9236]  do_syscall_64+0x3d/0x90
[  131.826896][ T9236]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  131.832778][ T9236] RIP: 0033:0x4665e9
[  131.836656][ T9236] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
08:50:20 executing program 4 (fault-call:9 fault-nth:11):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

[  131.856296][ T9236] RSP: 002b:00007f9108b78188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  131.864784][ T9236] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  131.872754][ T9236] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006
[  131.880719][ T9236] RBP: 00007f9108b781d0 R08: 0000000000000000 R09: 0000000000000000
[  131.888670][ T9236] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  131.896643][ T9236] R13: 00007ffeec19ddcf R14: 00007f9108b78300 R15: 0000000000022000
08:50:20 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400", 0xc}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:50:20 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f8", 0x16}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:20 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000", 0x15}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:20 executing program 1 (fault-call:9 fault-nth:0):
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  131.976147][ T9258] loop4: detected capacity change from 0 to 16
[  131.986531][ T9258] FAULT_INJECTION: forcing a failure.
[  131.986531][ T9258] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  131.999866][ T9258] CPU: 1 PID: 9258 Comm: syz-executor.4 Not tainted 5.14.0-rc6-syzkaller #0
[  132.008676][ T9258] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  132.012103][ T9264] loop5: detected capacity change from 0 to 16
[  132.018752][ T9258] Call Trace:
[  132.018762][ T9258]  dump_stack_lvl+0xb7/0x103
[  132.018784][ T9258]  dump_stack+0x11/0x1a
[  132.036942][ T9258]  should_fail+0x23c/0x250
[  132.041362][ T9258]  should_fail_usercopy+0x16/0x20
[  132.046394][ T9258]  copy_page_from_iter_atomic+0x2c1/0xba0
[  132.052136][ T9258]  ? fat_write_begin+0x61/0xf0
[  132.056901][ T9258]  ? fat_block_truncate_page+0x30/0x30
[  132.062363][ T9258]  ? fat_write_begin+0x79/0xf0
[  132.063269][ T9264] FAT-fs (loop5): invalid media value (0x00)
[  132.067124][ T9258]  generic_perform_write+0x1df/0x3c0
[  132.067152][ T9258]  ? fat_write_begin+0xf0/0xf0
[  132.073137][ T9264] FAT-fs (loop5): Can't find a valid FAT filesystem
[  132.078390][ T9258]  __generic_file_write_iter+0x202/0x300
[  132.095687][ T9258]  ? generic_write_checks+0x250/0x290
[  132.099848][ T9265] loop2: detected capacity change from 0 to 16
[  132.101062][ T9258]  generic_file_write_iter+0x75/0x130
[  132.101090][ T9258]  vfs_write+0x69d/0x770
[  132.114852][ T9265] FAT-fs (loop2): bogus number of FAT sectors
[  132.116977][ T9258]  ksys_write+0xce/0x180
[  132.117001][ T9258]  __x64_sys_write+0x3e/0x50
[  132.123062][ T9265] FAT-fs (loop2): Can't find a valid FAT filesystem
[  132.127269][ T9258]  do_syscall_64+0x3d/0x90
[  132.143484][ T9258]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  132.147304][ T9266] loop3: detected capacity change from 0 to 16
[  132.149400][ T9258] RIP: 0033:0x4665e9
08:50:21 executing program 4 (fault-call:9 fault-nth:12):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

[  132.149417][ T9258] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  132.149432][ T9258] RSP: 002b:00007f9108b78188 EFLAGS: 00000246
[  132.160598][ T9267] FAULT_INJECTION: forcing a failure.
[  132.160598][ T9267] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  132.179019][ T9258]  ORIG_RAX: 0000000000000001
[  132.179031][ T9258] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  132.179043][ T9258] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006
[  132.179053][ T9258] RBP: 00007f9108b781d0 R08: 0000000000000000 R09: 0000000000000000
[  132.179063][ T9258] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  132.179072][ T9258] R13: 00007ffeec19ddcf R14: 00007f9108b78300 R15: 0000000000022000
[  132.243358][ T9267] CPU: 0 PID: 9267 Comm: syz-executor.1 Not tainted 5.14.0-rc6-syzkaller #0
[  132.252017][ T9267] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  132.262334][ T9267] Call Trace:
[  132.265700][ T9267]  dump_stack_lvl+0xb7/0x103
[  132.270309][ T9267]  dump_stack+0x11/0x1a
[  132.274439][ T9267]  should_fail+0x23c/0x250
[  132.278927][ T9267]  should_fail_usercopy+0x16/0x20
[  132.284018][ T9267]  _copy_from_user+0x1c/0xd0
[  132.288638][ T9267]  __sys_sendto+0x1af/0x370
[  132.293220][ T9267]  ? __fget_light+0x21b/0x260
[  132.297944][ T9267]  ? __cond_resched+0x11/0x40
[  132.302598][ T9267]  ? fput+0x2d/0x130
[  132.306485][ T9267]  __x64_sys_sendto+0x74/0x90
[  132.311149][ T9267]  do_syscall_64+0x3d/0x90
[  132.315549][ T9267]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  132.321451][ T9267] RIP: 0033:0x4665e9
[  132.325406][ T9267] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  132.345006][ T9267] RSP: 002b:00007f8b030f7188 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  132.353408][ T9267] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  132.361439][ T9267] RDX: 000000000000ffe4 RSI: 0000000020865000 RDI: 0000000000000003
[  132.369391][ T9267] RBP: 00007f8b030f71d0 R08: 0000000020fd9ff0 R09: 0000000000000010
[  132.377340][ T9267] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  132.385305][ T9267] R13: 00007ffdd4adc7ef R14: 00007f8b030f7300 R15: 0000000000022000
08:50:21 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r1, 0x0, 0x1000000c8)
splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x0)

08:50:21 executing program 1 (fault-call:9 fault-nth:1):
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:21 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f8", 0x16}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:21 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f8", 0x16}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:21 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400", 0xc}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

[  132.472176][ T9297] FAULT_INJECTION: forcing a failure.
[  132.472176][ T9297] name failslab, interval 1, probability 0, space 0, times 0
[  132.485634][ T9297] CPU: 0 PID: 9297 Comm: syz-executor.1 Not tainted 5.14.0-rc6-syzkaller #0
[  132.485806][ T9299] loop4: detected capacity change from 0 to 16
[  132.494929][ T9297] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  132.494943][ T9297] Call Trace:
[  132.494949][ T9297]  dump_stack_lvl+0xb7/0x103
[  132.519005][ T9297]  dump_stack+0x11/0x1a
[  132.523227][ T9297]  should_fail+0x23c/0x250
[  132.527731][ T9297]  ? dst_alloc+0x108/0x300
[  132.531006][ T9299] FAULT_INJECTION: forcing a failure.
[  132.531006][ T9299] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  132.532218][ T9297]  __should_failslab+0x81/0x90
[  132.550184][ T9297]  should_failslab+0x5/0x20
[  132.554765][ T9297]  kmem_cache_alloc+0x46/0x2e0
[  132.559713][ T9297]  ? avc_has_perm_noaudit+0x19a/0x240
[  132.565075][ T9297]  dst_alloc+0x108/0x300
[  132.569303][ T9297]  __mkroute_output+0x452/0xc40
[  132.574345][ T9297]  ip_route_output_key_hash_rcu+0x7a8/0x800
[  132.580225][ T9297]  ip_route_output_flow+0xaa/0x160
[  132.585320][ T9297]  udp_sendmsg+0xd48/0x12f0
[  132.589807][ T9297]  ? ip_do_fragment+0x11f0/0x11f0
[  132.594898][ T9297]  ? ip4_datagram_connect+0x40/0x40
[  132.600206][ T9297]  ? _raw_spin_unlock_bh+0x33/0x40
[  132.605298][ T9297]  ? release_sock+0x104/0x110
[  132.609955][ T9297]  inet_sendmsg+0x5f/0x80
[  132.614268][ T9297]  __sys_sendto+0x2a8/0x370
[  132.618870][ T9297]  ? __cond_resched+0x11/0x40
[  132.623534][ T9297]  ? fput+0x2d/0x130
[  132.627411][ T9297]  __x64_sys_sendto+0x74/0x90
[  132.632074][ T9297]  do_syscall_64+0x3d/0x90
[  132.636474][ T9297]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  132.642368][ T9297] RIP: 0033:0x4665e9
[  132.646340][ T9297] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  132.665929][ T9297] RSP: 002b:00007f8b030f7188 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  132.674340][ T9297] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  132.682334][ T9297] RDX: 000000000000ffe4 RSI: 0000000020865000 RDI: 0000000000000003
[  132.690314][ T9297] RBP: 00007f8b030f71d0 R08: 0000000020fd9ff0 R09: 0000000000000010
[  132.698366][ T9297] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  132.706316][ T9297] R13: 00007ffdd4adc7ef R14: 00007f8b030f7300 R15: 0000000000022000
[  132.714373][ T9299] CPU: 1 PID: 9299 Comm: syz-executor.4 Not tainted 5.14.0-rc6-syzkaller #0
[  132.723052][ T9299] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  132.733135][ T9299] Call Trace:
[  132.736413][ T9299]  dump_stack_lvl+0xb7/0x103
[  132.736510][ T9308] loop2: detected capacity change from 0 to 16
[  132.741011][ T9299]  dump_stack+0x11/0x1a
[  132.741031][ T9299]  should_fail+0x23c/0x250
[  132.747552][ T9309] loop3: detected capacity change from 0 to 16
[  132.751327][ T9299]  __alloc_pages+0x102/0x320
[  132.751349][ T9299]  alloc_pages+0x2e8/0x340
[  132.771030][ T9299]  __page_cache_alloc+0x4d/0xf0
[  132.776053][ T9299]  pagecache_get_page+0x5f4/0x900
[  132.777000][ T9308] FAT-fs (loop2): bogus number of FAT sectors
[  132.781088][ T9299]  grab_cache_page_write_begin+0x3f/0x70
[  132.787167][ T9308] FAT-fs (loop2): Can't find a valid FAT filesystem
[  132.792792][ T9299]  cont_write_begin+0x501/0x850
[  132.792819][ T9299]  fat_write_begin+0x61/0xf0
[  132.799532][ T9309] FAT-fs (loop3): bogus number of reserved sectors
[  132.804329][ T9299]  ? fat_block_truncate_page+0x30/0x30
[  132.808944][ T9309] FAT-fs (loop3): Can't find a valid FAT filesystem
[  132.815498][ T9299]  generic_perform_write+0x196/0x3c0
[  132.832753][ T9299]  ? fat_write_begin+0xf0/0xf0
[  132.837535][ T9299]  __generic_file_write_iter+0x202/0x300
[  132.842562][ T9307] loop5: detected capacity change from 0 to 16
[  132.843251][ T9299]  ? generic_write_checks+0x250/0x290
[  132.854861][ T9299]  generic_file_write_iter+0x75/0x130
[  132.860262][ T9299]  vfs_write+0x69d/0x770
[  132.864585][ T9299]  ksys_write+0xce/0x180
[  132.868821][ T9299]  __x64_sys_write+0x3e/0x50
[  132.873474][ T9299]  do_syscall_64+0x3d/0x90
[  132.877948][ T9299]  ? irqentry_exit+0xe/0x30
[  132.882445][ T9299]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  132.888359][ T9299] RIP: 0033:0x4665e9
[  132.892243][ T9299] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  132.911861][ T9299] RSP: 002b:00007f9108b78188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  132.920333][ T9299] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  132.928387][ T9299] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006
[  132.936866][ T9299] RBP: 00007f9108b781d0 R08: 0000000000000000 R09: 0000000000000000
[  132.944911][ T9299] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  132.952952][ T9299] R13: 00007ffeec19ddcf R14: 00007f9108b78300 R15: 0000000000022000
[  132.964495][ T9307] FAT-fs (loop5): bogus number of FAT sectors
08:50:21 executing program 1 (fault-call:9 fault-nth:2):
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:21 executing program 4 (fault-call:9 fault-nth:13):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

[  132.971661][ T9307] FAT-fs (loop5): Can't find a valid FAT filesystem
[  133.000363][ T9321] FAULT_INJECTION: forcing a failure.
[  133.000363][ T9321] name failslab, interval 1, probability 0, space 0, times 0
[  133.013168][ T9321] CPU: 1 PID: 9321 Comm: syz-executor.1 Not tainted 5.14.0-rc6-syzkaller #0
[  133.021944][ T9321] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  133.031991][ T9321] Call Trace:
[  133.035564][ T9321]  dump_stack_lvl+0xb7/0x103
[  133.040148][ T9321]  dump_stack+0x11/0x1a
[  133.044281][ T9321]  should_fail+0x23c/0x250
[  133.048688][ T9321]  __should_failslab+0x81/0x90
[  133.053441][ T9321]  should_failslab+0x5/0x20
[  133.058023][ T9321]  kmem_cache_alloc_node+0x58/0x2b0
[  133.063205][ T9321]  ? __alloc_skb+0xed/0x420
[  133.067698][ T9321]  __alloc_skb+0xed/0x420
[  133.072064][ T9321]  alloc_skb_with_frags+0x90/0x390
[  133.077217][ T9321]  ? should_fail+0x2a/0x250
[  133.081758][ T9321]  ? should_fail+0x2a/0x250
[  133.086308][ T9321]  sock_alloc_send_pskb+0x436/0x4e0
[  133.091482][ T9321]  sock_alloc_send_skb+0x2d/0x40
[  133.096398][ T9321]  __ip_append_data+0x1352/0x1dc0
[  133.101478][ T9321]  ? dst_alloc+0x29f/0x300
[  133.105929][ T9321]  ? ip_do_fragment+0x11f0/0x11f0
[  133.110954][ T9321]  ? xfrm_lookup_with_ifid+0xb7a/0x15b0
[  133.116737][ T9321]  ip_make_skb+0x142/0x2d0
[  133.121213][ T9321]  ? ip_do_fragment+0x11f0/0x11f0
[  133.126228][ T9321]  udp_sendmsg+0xfba/0x12f0
[  133.130722][ T9321]  ? ip_do_fragment+0x11f0/0x11f0
[  133.135726][ T9321]  ? _raw_spin_unlock_bh+0x33/0x40
[  133.140992][ T9321]  ? release_sock+0x104/0x110
[  133.145647][ T9321]  inet_sendmsg+0x5f/0x80
[  133.149978][ T9321]  __sys_sendto+0x2a8/0x370
[  133.154464][ T9321]  ? __cond_resched+0x11/0x40
[  133.159165][ T9321]  ? fput+0x2d/0x130
[  133.163089][ T9321]  __x64_sys_sendto+0x74/0x90
[  133.167757][ T9321]  do_syscall_64+0x3d/0x90
[  133.172172][ T9321]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  133.178099][ T9321] RIP: 0033:0x4665e9
[  133.181989][ T9321] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  133.202035][ T9321] RSP: 002b:00007f8b030f7188 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  133.210969][ T9321] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  133.218930][ T9321] RDX: 000000000000ffe4 RSI: 0000000020865000 RDI: 0000000000000003
[  133.226897][ T9321] RBP: 00007f8b030f71d0 R08: 0000000020fd9ff0 R09: 0000000000000010
[  133.234932][ T9321] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  133.242926][ T9321] R13: 00007ffdd4adc7ef R14: 00007f8b030f7300 R15: 0000000000022000
08:50:22 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f8", 0x16}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:22 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f8", 0x16}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:22 executing program 1 (fault-call:9 fault-nth:3):
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:22 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400", 0xc}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

[  133.283219][ T9328] loop4: detected capacity change from 0 to 16
08:50:22 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r1, 0x0, 0x1000000c8)
splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x0)

[  133.325536][ T9332] loop2: detected capacity change from 0 to 16
[  133.337344][ T9328] FAULT_INJECTION: forcing a failure.
[  133.337344][ T9328] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  133.347389][ T9340] loop3: detected capacity change from 0 to 16
[  133.350520][ T9328] CPU: 1 PID: 9328 Comm: syz-executor.4 Not tainted 5.14.0-rc6-syzkaller #0
[  133.365338][ T9328] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  133.369976][ T9340] FAT-fs (loop3): bogus number of reserved sectors
[  133.375726][ T9328] Call Trace:
[  133.375735][ T9328]  dump_stack_lvl+0xb7/0x103
[  133.375757][ T9328]  dump_stack+0x11/0x1a
[  133.382253][ T9340] FAT-fs (loop3): Can't find a valid FAT filesystem
[  133.385497][ T9328]  should_fail+0x23c/0x250
[  133.404848][ T9332] FAT-fs (loop2): bogus number of FAT sectors
[  133.405528][ T9328]  should_fail_usercopy+0x16/0x20
[  133.411627][ T9332] FAT-fs (loop2): Can't find a valid FAT filesystem
[  133.416590][ T9328]  copy_page_from_iter_atomic+0x2c1/0xba0
[  133.416618][ T9328]  ? fat_write_begin+0x61/0xf0
[  133.433746][ T9328]  ? fat_block_truncate_page+0x30/0x30
[  133.439428][ T9328]  ? fat_write_begin+0x79/0xf0
[  133.442368][ T9339] FAULT_INJECTION: forcing a failure.
[  133.442368][ T9339] name failslab, interval 1, probability 0, space 0, times 0
[  133.444189][ T9328]  generic_perform_write+0x1df/0x3c0
[  133.462050][ T9328]  ? fat_write_begin+0xf0/0xf0
[  133.466835][ T9328]  __generic_file_write_iter+0x202/0x300
[  133.472456][ T9328]  ? generic_write_checks+0x250/0x290
[  133.477875][ T9328]  generic_file_write_iter+0x75/0x130
[  133.483297][ T9328]  vfs_write+0x69d/0x770
[  133.487534][ T9328]  ksys_write+0xce/0x180
[  133.491757][ T9328]  __x64_sys_write+0x3e/0x50
[  133.496360][ T9328]  do_syscall_64+0x3d/0x90
[  133.500876][ T9328]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  133.506752][ T9328] RIP: 0033:0x4665e9
[  133.510651][ T9328] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  133.530610][ T9328] RSP: 002b:00007f9108b78188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  133.539016][ T9328] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  133.547041][ T9328] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006
[  133.555015][ T9328] RBP: 00007f9108b781d0 R08: 0000000000000000 R09: 0000000000000000
[  133.563088][ T9328] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  133.571180][ T9328] R13: 00007ffeec19ddcf R14: 00007f9108b78300 R15: 0000000000022000
[  133.579161][ T9339] CPU: 0 PID: 9339 Comm: syz-executor.1 Not tainted 5.14.0-rc6-syzkaller #0
[  133.586171][ T9345] loop5: detected capacity change from 0 to 16
[  133.588017][ T9339] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  133.588029][ T9339] Call Trace:
[  133.588035][ T9339]  dump_stack_lvl+0xb7/0x103
[  133.596376][ T9345] FAT-fs (loop5): bogus number of FAT sectors
[  133.604346][ T9339]  dump_stack+0x11/0x1a
[  133.604367][ T9339]  should_fail+0x23c/0x250
[  133.607653][ T9345] FAT-fs (loop5): Can't find a valid FAT filesystem
[  133.612215][ T9339]  __should_failslab+0x81/0x90
[  133.612232][ T9339]  should_failslab+0x5/0x20
[  133.612261][ T9339]  kmem_cache_alloc_node_trace+0x58/0x2e0
[  133.623329][ T9328] handle_bad_sector: 24 callbacks suppressed
[  133.623341][ T9328] attempt to access beyond end of device
[  133.623341][ T9328] loop4: rw=2049, want=123, limit=16
[  133.626918][ T9339]  ? __kmalloc_node_track_caller+0x30/0x40
[  133.634313][ T9328] attempt to access beyond end of device
[  133.634313][ T9328] loop4: rw=2049, want=124, limit=16
[  133.638249][ T9339]  ? kmem_cache_alloc_node+0x1d4/0x2b0
[  133.642777][ T9328] buffer_io_error: 19 callbacks suppressed
[  133.642786][ T9328] Buffer I/O error on dev loop4, logical block 123, lost async page write
[  133.648431][ T9339]  __kmalloc_node_track_caller+0x30/0x40
[  133.648488][ T9339]  ? alloc_skb_with_frags+0x90/0x390
[  133.648510][ T9339]  __alloc_skb+0x187/0x420
[  133.658892][ T9328] attempt to access beyond end of device
[  133.658892][ T9328] loop4: rw=2049, want=125, limit=16
[  133.665681][ T9339]  alloc_skb_with_frags+0x90/0x390
[  133.665709][ T9339]  ? should_fail+0x2a/0x250
[  133.665730][ T9339]  ? should_fail+0x2a/0x250
[  133.671677][ T9328] Buffer I/O error on dev loop4, logical block 124, lost async page write
[  133.682429][ T9339]  sock_alloc_send_pskb+0x436/0x4e0
[  133.682450][ T9339]  sock_alloc_send_skb+0x2d/0x40
[  133.692031][ T9328] attempt to access beyond end of device
[  133.692031][ T9328] loop4: rw=2049, want=126, limit=16
[  133.693869][ T9339]  __ip_append_data+0x1352/0x1dc0
08:50:22 executing program 4 (fault-call:9 fault-nth:14):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

[  133.693890][ T9339]  ? dst_alloc+0x29f/0x300
[  133.693914][ T9339]  ? ip_do_fragment+0x11f0/0x11f0
[  133.702431][ T9328] Buffer I/O error on dev loop4, logical block 125, lost async page write
[  133.707994][ T9339]  ? xfrm_lookup_with_ifid+0xb7a/0x15b0
[  133.715365][ T9328] attempt to access beyond end of device
[  133.715365][ T9328] loop4: rw=2049, want=127, limit=16
[  133.717725][ T9339]  ip_make_skb+0x142/0x2d0
[  133.717745][ T9339]  ? ip_do_fragment+0x11f0/0x11f0
[  133.717761][ T9339]  udp_sendmsg+0xfba/0x12f0
[  133.728534][ T9328] Buffer I/O error on dev loop4, logical block 126, lost async page write
[  133.733611][ T9339]  ? ip_do_fragment+0x11f0/0x11f0
[  133.739879][ T9328] attempt to access beyond end of device
[  133.739879][ T9328] loop4: rw=2049, want=128, limit=16
[  133.742591][ T9339]  ? _raw_spin_unlock_bh+0x33/0x40
[  133.742616][ T9339]  ? release_sock+0x104/0x110
[  133.751277][ T9328] Buffer I/O error on dev loop4, logical block 127, lost async page write
[  133.751582][ T9328] attempt to access beyond end of device
[  133.751582][ T9328] loop4: rw=2049, want=52, limit=16
[  133.756500][ T9339]  inet_sendmsg+0x5f/0x80
[  133.756522][ T9339]  __sys_sendto+0x2a8/0x370
[  133.756542][ T9339]  ? __cond_resched+0x11/0x40
[  133.756557][ T9339]  ? fput+0x2d/0x130
[  133.761599][ T9328] Buffer I/O error on dev loop4, logical block 51, lost async page write
[  133.772554][ T9339]  __x64_sys_sendto+0x74/0x90
[  133.772579][ T9339]  do_syscall_64+0x3d/0x90
[  133.914053][ T9339]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  133.919940][ T9339] RIP: 0033:0x4665e9
[  133.923973][ T9339] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  133.944132][ T9339] RSP: 002b:00007f8b030f7188 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  133.952618][ T9339] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  133.960663][ T9339] RDX: 000000000000ffe4 RSI: 0000000020865000 RDI: 0000000000000003
[  133.968758][ T9339] RBP: 00007f8b030f71d0 R08: 0000000020fd9ff0 R09: 0000000000000010
08:50:22 executing program 1 (fault-call:9 fault-nth:4):
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:22 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, 0x0)
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

[  133.977377][ T9339] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  133.985500][ T9339] R13: 00007ffdd4adc7ef R14: 00007f8b030f7300 R15: 0000000000022000
[  134.041446][ T9364] FAULT_INJECTION: forcing a failure.
[  134.041446][ T9364] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  134.053403][ T9366] loop2: detected capacity change from 0 to 16
[  134.054881][ T9364] CPU: 0 PID: 9364 Comm: syz-executor.1 Not tainted 5.14.0-rc6-syzkaller #0
[  134.069859][ T9364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  134.080041][ T9364] Call Trace:
[  134.083320][ T9364]  dump_stack_lvl+0xb7/0x103
[  134.087967][ T9364]  dump_stack+0x11/0x1a
[  134.092128][ T9364]  should_fail+0x23c/0x250
[  134.096795][ T9364]  should_fail_usercopy+0x16/0x20
[  134.102059][ T9364]  _copy_from_iter+0x131/0x970
[  134.106830][ T9364]  ? check_stack_object+0x61/0x70
[  134.111848][ T9364]  ? __virt_addr_valid+0x15a/0x1a0
[  134.117862][ T9364]  ? __check_object_size+0x253/0x310
[  134.123195][ T9364]  ip_generic_getfrag+0x90/0x1b0
[  134.123487][ T9365] loop4: detected capacity change from 0 to 16
[  134.128354][ T9364]  __ip_append_data+0x1713/0x1dc0
08:50:23 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f8", 0x16}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:23 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, 0x0)
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:23 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240", 0x12}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

[  134.128375][ T9364]  ? dst_alloc+0x29f/0x300
[  134.128395][ T9364]  ? ip_do_fragment+0x11f0/0x11f0
[  134.149206][ T9364]  ? xfrm_lookup_with_ifid+0xb7a/0x15b0
[  134.155533][ T9364]  ip_make_skb+0x142/0x2d0
[  134.160324][ T9364]  ? ip_do_fragment+0x11f0/0x11f0
[  134.165365][ T9364]  udp_sendmsg+0xfba/0x12f0
[  134.169921][ T9364]  ? ip_do_fragment+0x11f0/0x11f0
[  134.174943][ T9364]  ? _raw_spin_unlock_bh+0x33/0x40
[  134.180239][ T9364]  ? release_sock+0x104/0x110
[  134.181180][ T9365] FAULT_INJECTION: forcing a failure.
[  134.181180][ T9365] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  134.184916][ T9364]  inet_sendmsg+0x5f/0x80
[  134.202409][ T9364]  __sys_sendto+0x2a8/0x370
[  134.206912][ T9364]  ? __cond_resched+0x11/0x40
[  134.212117][ T9364]  ? fput+0x2d/0x130
[  134.216048][ T9364]  __x64_sys_sendto+0x74/0x90
[  134.220769][ T9364]  do_syscall_64+0x3d/0x90
[  134.225225][ T9364]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  134.231204][ T9364] RIP: 0033:0x4665e9
[  134.235139][ T9364] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  134.254904][ T9364] RSP: 002b:00007f8b030f7188 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  134.263440][ T9364] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  134.271512][ T9364] RDX: 000000000000ffe4 RSI: 0000000020865000 RDI: 0000000000000003
[  134.279648][ T9364] RBP: 00007f8b030f71d0 R08: 0000000020fd9ff0 R09: 0000000000000010
[  134.287599][ T9364] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  134.295626][ T9364] R13: 00007ffdd4adc7ef R14: 00007f8b030f7300 R15: 0000000000022000
[  134.303594][ T9365] CPU: 1 PID: 9365 Comm: syz-executor.4 Not tainted 5.14.0-rc6-syzkaller #0
[  134.312352][ T9365] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  134.322528][ T9365] Call Trace:
[  134.323629][ T9380] loop5: detected capacity change from 0 to 16
[  134.325800][ T9365]  dump_stack_lvl+0xb7/0x103
[  134.334666][ T9382] loop3: detected capacity change from 0 to 16
[  134.336592][ T9365]  dump_stack+0x11/0x1a
[  134.336611][ T9365]  should_fail+0x23c/0x250
[  134.351412][ T9365]  __alloc_pages+0x102/0x320
[  134.355995][ T9365]  alloc_pages+0x2e8/0x340
[  134.356780][ T9380] FAT-fs (loop5): bogus number of FAT sectors
[  134.360404][ T9365]  __page_cache_alloc+0x4d/0xf0
[  134.360429][ T9365]  pagecache_get_page+0x5f4/0x900
[  134.366573][ T9380] FAT-fs (loop5): Can't find a valid FAT filesystem
[  134.371403][ T9365]  grab_cache_page_write_begin+0x3f/0x70
08:50:23 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r1, 0x0, 0x1000000c8)
splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x0)

[  134.371430][ T9365]  cont_write_begin+0x501/0x850
[  134.376468][ T9382] FAT-fs (loop3): invalid media value (0x00)
[  134.382994][ T9365]  fat_write_begin+0x61/0xf0
[  134.383017][ T9365]  ? fat_block_truncate_page+0x30/0x30
[  134.388674][ T9382] FAT-fs (loop3): Can't find a valid FAT filesystem
[  134.393484][ T9365]  generic_perform_write+0x196/0x3c0
[  134.422007][ T9365]  ? fat_write_begin+0xf0/0xf0
[  134.426968][ T9365]  __generic_file_write_iter+0x202/0x300
[  134.432775][ T9365]  ? generic_write_checks+0x250/0x290
[  134.438174][ T9365]  generic_file_write_iter+0x75/0x130
[  134.443562][ T9365]  vfs_write+0x69d/0x770
[  134.447788][ T9365]  ksys_write+0xce/0x180
[  134.452010][ T9365]  __x64_sys_write+0x3e/0x50
[  134.456763][ T9365]  do_syscall_64+0x3d/0x90
[  134.461263][ T9365]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  134.467182][ T9365] RIP: 0033:0x4665e9
[  134.471073][ T9365] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  134.490816][ T9365] RSP: 002b:00007f9108b78188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  134.499336][ T9365] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  134.507663][ T9365] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006
[  134.515735][ T9365] RBP: 00007f9108b781d0 R08: 0000000000000000 R09: 0000000000000000
[  134.523700][ T9365] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  134.531655][ T9365] R13: 00007ffeec19ddcf R14: 00007f9108b78300 R15: 0000000000022000
08:50:23 executing program 4 (fault-call:9 fault-nth:15):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:50:23 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, 0x0)
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:23 executing program 1 (fault-call:9 fault-nth:5):
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:23 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240", 0x12}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:50:23 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, 0x0)
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

[  134.548777][ T9381] loop2: detected capacity change from 0 to 16
[  134.611491][ T9401] loop5: detected capacity change from 0 to 16
[  134.619962][ T9402] loop3: detected capacity change from 0 to 16
[  134.632051][ T9400] FAULT_INJECTION: forcing a failure.
[  134.632051][ T9400] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  134.635703][ T9407] loop4: detected capacity change from 0 to 16
[  134.646474][ T9400] CPU: 1 PID: 9400 Comm: syz-executor.1 Not tainted 5.14.0-rc6-syzkaller #0
[  134.661806][ T9400] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  134.668442][ T9407] FAULT_INJECTION: forcing a failure.
[  134.668442][ T9407] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  134.671866][ T9400] Call Trace:
[  134.671876][ T9400]  dump_stack_lvl+0xb7/0x103
[  134.692921][ T9400]  dump_stack+0x11/0x1a
[  134.697065][ T9400]  should_fail+0x23c/0x250
[  134.701470][ T9400]  __alloc_pages+0x102/0x320
[  134.706154][ T9400]  alloc_pages+0x2e8/0x340
[  134.710623][ T9400]  pte_alloc_one+0x29/0xb0
[  134.715023][ T9400]  ? cgroup_rstat_updated+0x60/0x1c0
[  134.720302][ T9400]  __pte_alloc+0x2f/0x210
[  134.724739][ T9400]  do_anonymous_page+0x79b/0x8a0
[  134.729675][ T9400]  handle_mm_fault+0x98f/0x1a50
[  134.734526][ T9400]  do_user_addr_fault+0x609/0xbe0
[  134.739551][ T9400]  exc_page_fault+0x91/0x220
[  134.744131][ T9400]  asm_exc_page_fault+0x1e/0x30
[  134.748969][ T9400] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x40
[  134.755631][ T9400] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 <f3> a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 83 f8
[  134.775755][ T9400] RSP: 0018:ffffc9000ed4f8c8 EFLAGS: 00010202
[  134.781803][ T9400] RAX: ffff88812dc42a20 RBX: ffff8881089a6e2c RCX: 0000000000000074
[  134.789756][ T9400] RDX: 0000000000000074 RSI: 0000000020865000 RDI: ffff8881089a6e2c
[  134.797707][ T9400] RBP: 0000000000000000 R08: 0000000000000000 R09: 0001ffffffffffff
[  134.805704][ T9400] R10: 00018881089a6e9f R11: ffff88812dc42040 R12: 0000000000000074
[  134.813944][ T9400] R13: 0000000000000000 R14: ffffc9000ed4fdd0 R15: 0000000020865000
[  134.822018][ T9400]  _copy_from_iter+0x1ac/0x970
[  134.826778][ T9400]  ? check_stack_object+0x61/0x70
[  134.831814][ T9400]  ? __virt_addr_valid+0x15a/0x1a0
[  134.836922][ T9400]  ? __check_object_size+0x253/0x310
[  134.842210][ T9400]  ip_generic_getfrag+0x90/0x1b0
[  134.847238][ T9400]  __ip_append_data+0x1713/0x1dc0
[  134.852334][ T9400]  ? dst_alloc+0x29f/0x300
[  134.856824][ T9400]  ? ip_do_fragment+0x11f0/0x11f0
[  134.861831][ T9400]  ? xfrm_lookup_with_ifid+0xb7a/0x15b0
[  134.867453][ T9400]  ip_make_skb+0x142/0x2d0
[  134.871902][ T9400]  ? ip_do_fragment+0x11f0/0x11f0
[  134.877959][ T9400]  udp_sendmsg+0xfba/0x12f0
[  134.882551][ T9400]  ? ip_do_fragment+0x11f0/0x11f0
[  134.887559][ T9400]  ? _raw_spin_unlock_bh+0x33/0x40
[  134.892672][ T9400]  ? release_sock+0x104/0x110
[  134.897333][ T9400]  inet_sendmsg+0x5f/0x80
[  134.901648][ T9400]  __sys_sendto+0x2a8/0x370
[  134.906240][ T9400]  ? __cond_resched+0x11/0x40
[  134.910942][ T9400]  ? fput+0x2d/0x130
[  134.914917][ T9400]  __x64_sys_sendto+0x74/0x90
[  134.919594][ T9400]  do_syscall_64+0x3d/0x90
[  134.924007][ T9400]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  134.929903][ T9400] RIP: 0033:0x4665e9
[  134.933793][ T9400] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  134.953921][ T9400] RSP: 002b:00007f8b030f7188 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  134.962329][ T9400] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  134.970294][ T9400] RDX: 000000000000ffe4 RSI: 0000000020865000 RDI: 0000000000000003
[  134.978413][ T9400] RBP: 00007f8b030f71d0 R08: 0000000020fd9ff0 R09: 0000000000000010
[  134.986378][ T9400] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  134.994388][ T9400] R13: 00007ffdd4adc7ef R14: 00007f8b030f7300 R15: 0000000000022000
[  135.002444][ T9407] CPU: 0 PID: 9407 Comm: syz-executor.4 Not tainted 5.14.0-rc6-syzkaller #0
[  135.011227][ T9407] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  135.011456][ T9402] FAT-fs (loop3): invalid media value (0x00)
[  135.021364][ T9407] Call Trace:
[  135.021376][ T9407]  dump_stack_lvl+0xb7/0x103
[  135.021395][ T9407]  dump_stack+0x11/0x1a
[  135.021408][ T9407]  should_fail+0x23c/0x250
[  135.027390][ T9402] FAT-fs (loop3): Can't find a valid FAT filesystem
[  135.030800][ T9407]  should_fail_usercopy+0x16/0x20
[  135.043235][ T9400] IPv4: Oversized IP packet from 127.0.0.1
[  135.044046][ T9407]  copy_page_from_iter_atomic+0x2c1/0xba0
[  135.050664][    C1] IPv4: Oversized IP packet from 127.0.0.1
[  135.055608][ T9407]  ? fat_write_begin+0x61/0xf0
[  135.077585][ T9407]  ? fat_block_truncate_page+0x30/0x30
[  135.083171][ T9407]  ? fat_write_begin+0x79/0xf0
[  135.088045][ T9407]  generic_perform_write+0x1df/0x3c0
[  135.093444][ T9407]  ? fat_write_begin+0xf0/0xf0
[  135.098191][ T9407]  __generic_file_write_iter+0x202/0x300
[  135.103859][ T9407]  ? generic_write_checks+0x250/0x290
[  135.109216][ T9407]  generic_file_write_iter+0x75/0x130
[  135.114573][ T9407]  vfs_write+0x69d/0x770
[  135.118799][ T9407]  ksys_write+0xce/0x180
[  135.123197][ T9407]  __x64_sys_write+0x3e/0x50
[  135.127864][ T9407]  do_syscall_64+0x3d/0x90
[  135.132278][ T9407]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  135.138173][ T9407] RIP: 0033:0x4665e9
[  135.142125][ T9407] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  135.164169][ T9407] RSP: 002b:00007f9108b78188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  135.172569][ T9407] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  135.180651][ T9407] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006
[  135.188604][ T9407] RBP: 00007f9108b781d0 R08: 0000000000000000 R09: 0000000000000000
[  135.196780][ T9407] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  135.204838][ T9407] R13: 00007ffeec19ddcf R14: 00007f9108b78300 R15: 0000000000022000
08:50:24 executing program 1 (fault-call:9 fault-nth:6):
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  135.229931][ T9415] loop2: detected capacity change from 0 to 16
[  135.237712][ T9407] attempt to access beyond end of device
[  135.237712][ T9407] loop4: rw=2049, want=123, limit=16
[  135.253095][ T9417] FAULT_INJECTION: forcing a failure.
[  135.253095][ T9417] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  135.266438][ T9417] CPU: 0 PID: 9417 Comm: syz-executor.1 Not tainted 5.14.0-rc6-syzkaller #0
08:50:24 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240", 0x12}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

[  135.266949][ T9407] attempt to access beyond end of device
[  135.266949][ T9407] loop4: rw=2049, want=124, limit=16
[  135.275193][ T9417] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  135.275204][ T9417] Call Trace:
[  135.275210][ T9417]  dump_stack_lvl+0xb7/0x103
[  135.285996][ T9407] Buffer I/O error on dev loop4, logical block 123, lost async page write
[  135.296006][ T9417]  dump_stack+0x11/0x1a
[  135.296027][ T9417]  should_fail+0x23c/0x250
[  135.299401][ T9407] attempt to access beyond end of device
08:50:24 executing program 0:
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket$inet_udp(0x2, 0x2, 0x0)
close(r1)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r0, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(0xffffffffffffffff, 0x0, r1, 0x0, 0x30000033fe0, 0x0)

08:50:24 executing program 4 (fault-call:9 fault-nth:16):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

[  135.299401][ T9407] loop4: rw=2049, want=125, limit=16
[  135.303863][ T9417]  __alloc_pages+0x102/0x320
[  135.303884][ T9417]  alloc_pages+0x2e8/0x340
[  135.312914][ T9407] Buffer I/O error on dev loop4, logical block 124, lost async page write
[  135.317004][ T9417]  skb_page_frag_refill+0x9a/0x1b0
[  135.324640][ T9407] Buffer I/O error on dev loop4, logical block 125, lost async page write
[  135.332119][ T9417]  sk_page_frag_refill+0x31/0x120
[  135.337396][ T9407] Buffer I/O error on dev loop4, logical block 126, lost async page write
[  135.341130][ T9417]  __ip_append_data+0xbc4/0x1dc0
[  135.377282][ T9422] loop3: detected capacity change from 0 to 16
[  135.381757][ T9417]  ? dst_alloc+0x29f/0x300
[  135.381797][ T9417]  ? ip_do_fragment+0x11f0/0x11f0
[  135.391108][ T9422] FAT-fs (loop3): invalid media value (0x00)
[  135.392766][ T9417]  ip_make_skb+0x142/0x2d0
[  135.392788][ T9417]  ? ip_do_fragment+0x11f0/0x11f0
[  135.397785][ T9422] FAT-fs (loop3): Can't find a valid FAT filesystem
[  135.403743][ T9417]  udp_sendmsg+0xfba/0x12f0
[  135.403774][ T9417]  ? ip_do_fragment+0x11f0/0x11f0
[  135.403790][ T9417]  ? _raw_spin_unlock_bh+0x33/0x40
[  135.435218][ T9417]  ? release_sock+0x104/0x110
[  135.440659][ T9417]  inet_sendmsg+0x5f/0x80
[  135.445588][ T9417]  __sys_sendto+0x2a8/0x370
[  135.450262][ T9417]  ? __cond_resched+0x11/0x40
[  135.455025][ T9417]  ? fput+0x2d/0x130
[  135.458912][ T9417]  __x64_sys_sendto+0x74/0x90
[  135.463760][ T9417]  do_syscall_64+0x3d/0x90
[  135.468166][ T9417]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  135.474095][ T9417] RIP: 0033:0x4665e9
[  135.478196][ T9417] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  135.498007][ T9417] RSP: 002b:00007f8b030f7188 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  135.506428][ T9417] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  135.514636][ T9417] RDX: 000000000000ffe4 RSI: 0000000020865000 RDI: 0000000000000003
[  135.522601][ T9417] RBP: 00007f8b030f71d0 R08: 0000000020fd9ff0 R09: 0000000000000010
08:50:24 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, 0x0)
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:24 executing program 1 (fault-call:9 fault-nth:7):
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  135.530571][ T9417] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  135.538746][ T9417] R13: 00007ffdd4adc7ef R14: 00007f8b030f7300 R15: 0000000000022000
[  135.549717][ T9417] IPv4: Oversized IP packet from 127.0.0.1
[  135.555720][    C0] IPv4: Oversized IP packet from 127.0.0.1
08:50:24 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000", 0x15}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

[  135.589865][ T9432] loop4: detected capacity change from 0 to 16
[  135.603736][ T9434] FAULT_INJECTION: forcing a failure.
[  135.603736][ T9434] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  135.616906][ T9434] CPU: 1 PID: 9434 Comm: syz-executor.1 Not tainted 5.14.0-rc6-syzkaller #0
[  135.617396][ T9432] FAULT_INJECTION: forcing a failure.
[  135.617396][ T9432] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  135.625586][ T9434] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  135.625600][ T9434] Call Trace:
[  135.625606][ T9434]  dump_stack_lvl+0xb7/0x103
[  135.625631][ T9434]  dump_stack+0x11/0x1a
[  135.661007][ T9434]  should_fail+0x23c/0x250
[  135.665500][ T9434]  should_fail_usercopy+0x16/0x20
[  135.670514][ T9434]  _copy_from_iter+0x131/0x970
[  135.675415][ T9434]  ? check_stack_object+0x61/0x70
[  135.680456][ T9434]  ? __virt_addr_valid+0x15a/0x1a0
[  135.685640][ T9434]  ? __check_object_size+0x253/0x310
[  135.690925][ T9434]  ip_generic_getfrag+0x90/0x1b0
[  135.696014][ T9434]  __ip_append_data+0xf8e/0x1dc0
[  135.700959][ T9434]  ? ip_do_fragment+0x11f0/0x11f0
[  135.705976][ T9434]  ip_make_skb+0x142/0x2d0
[  135.710432][ T9434]  ? ip_do_fragment+0x11f0/0x11f0
[  135.716050][ T9434]  udp_sendmsg+0xfba/0x12f0
[  135.720575][ T9434]  ? ip_do_fragment+0x11f0/0x11f0
[  135.725584][ T9434]  ? _raw_spin_unlock_bh+0x33/0x40
[  135.730710][ T9434]  ? release_sock+0x104/0x110
[  135.735463][ T9434]  inet_sendmsg+0x5f/0x80
[  135.739783][ T9434]  __sys_sendto+0x2a8/0x370
[  135.744447][ T9434]  ? __cond_resched+0x11/0x40
[  135.749131][ T9434]  ? fput+0x2d/0x130
[  135.753110][ T9434]  __x64_sys_sendto+0x74/0x90
[  135.757858][ T9434]  do_syscall_64+0x3d/0x90
[  135.762261][ T9434]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  135.768233][ T9434] RIP: 0033:0x4665e9
08:50:24 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(0x0)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

[  135.772116][ T9434] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  135.791791][ T9434] RSP: 002b:00007f8b030f7188 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  135.800270][ T9434] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  135.808280][ T9434] RDX: 000000000000ffe4 RSI: 0000000020865000 RDI: 0000000000000003
[  135.816233][ T9434] RBP: 00007f8b030f71d0 R08: 0000000020fd9ff0 R09: 0000000000000010
[  135.824241][ T9434] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  135.832207][ T9434] R13: 00007ffdd4adc7ef R14: 00007f8b030f7300 R15: 0000000000022000
[  135.840252][ T9432] CPU: 0 PID: 9432 Comm: syz-executor.4 Not tainted 5.14.0-rc6-syzkaller #0
[  135.849043][ T9432] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  135.859110][ T9432] Call Trace:
[  135.862382][ T9432]  dump_stack_lvl+0xb7/0x103
[  135.867180][ T9432]  dump_stack+0x11/0x1a
[  135.871334][ T9432]  should_fail+0x23c/0x250
[  135.875822][ T9432]  __alloc_pages+0x102/0x320
[  135.880461][ T9432]  alloc_pages+0x2e8/0x340
[  135.880805][ T9438] loop3: detected capacity change from 0 to 16
[  135.884875][ T9432]  __page_cache_alloc+0x4d/0xf0
[  135.884900][ T9432]  pagecache_get_page+0x5f4/0x900
[  135.900981][ T9432]  grab_cache_page_write_begin+0x3f/0x70
[  135.906795][ T9432]  cont_write_begin+0x501/0x850
[  135.911642][ T9432]  fat_write_begin+0x61/0xf0
[  135.916233][ T9432]  ? fat_block_truncate_page+0x30/0x30
[  135.921687][ T9432]  generic_perform_write+0x196/0x3c0
[  135.926968][ T9432]  ? fat_write_begin+0xf0/0xf0
[  135.931809][ T9432]  __generic_file_write_iter+0x202/0x300
[  135.937514][ T9432]  ? generic_write_checks+0x250/0x290
[  135.942879][ T9432]  generic_file_write_iter+0x75/0x130
[  135.948317][ T9432]  vfs_write+0x69d/0x770
[  135.952541][ T9432]  ksys_write+0xce/0x180
[  135.956774][ T9432]  __x64_sys_write+0x3e/0x50
[  135.961368][ T9432]  do_syscall_64+0x3d/0x90
[  135.965843][ T9432]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  135.971807][ T9432] RIP: 0033:0x4665e9
[  135.975686][ T9432] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  135.995362][ T9432] RSP: 002b:00007f9108b78188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  136.003920][ T9432] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  136.011885][ T9432] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006
[  136.019843][ T9432] RBP: 00007f9108b781d0 R08: 0000000000000000 R09: 0000000000000000
[  136.027795][ T9432] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
08:50:25 executing program 1 (fault-call:9 fault-nth:8):
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  136.035758][ T9432] R13: 00007ffeec19ddcf R14: 00007f9108b78300 R15: 0000000000022000
[  136.077206][ T9450] loop5: detected capacity change from 0 to 16
[  136.087450][ T9451] loop2: detected capacity change from 0 to 16
[  136.103753][ T9455] FAULT_INJECTION: forcing a failure.
[  136.103753][ T9455] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  136.110605][ T9438] FAT-fs (loop3): invalid media value (0x00)
[  136.117090][ T9455] CPU: 1 PID: 9455 Comm: syz-executor.1 Not tainted 5.14.0-rc6-syzkaller #0
[  136.123081][ T9438] FAT-fs (loop3): Can't find a valid FAT filesystem
[  136.131730][ T9455] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  136.131741][ T9455] Call Trace:
[  136.131747][ T9455]  dump_stack_lvl+0xb7/0x103
[  136.156266][ T9455]  dump_stack+0x11/0x1a
[  136.160418][ T9455]  should_fail+0x23c/0x250
[  136.164831][ T9455]  __alloc_pages+0x102/0x320
[  136.169408][ T9455]  alloc_pages+0x2e8/0x340
[  136.173841][ T9455]  skb_page_frag_refill+0x9a/0x1b0
[  136.179141][ T9455]  sk_page_frag_refill+0x31/0x120
[  136.184157][ T9455]  __ip_append_data+0xbc4/0x1dc0
[  136.189087][ T9455]  ? ip_do_fragment+0x11f0/0x11f0
[  136.194095][ T9455]  ip_make_skb+0x142/0x2d0
[  136.198514][ T9455]  ? ip_do_fragment+0x11f0/0x11f0
[  136.203523][ T9455]  udp_sendmsg+0xfba/0x12f0
[  136.208034][ T9455]  ? ip_do_fragment+0x11f0/0x11f0
[  136.213052][ T9455]  ? _raw_spin_unlock_bh+0x33/0x40
[  136.218160][ T9455]  ? release_sock+0x104/0x110
[  136.222817][ T9455]  inet_sendmsg+0x5f/0x80
[  136.227193][ T9455]  __sys_sendto+0x2a8/0x370
[  136.231735][ T9455]  ? __cond_resched+0x11/0x40
[  136.236399][ T9455]  ? fput+0x2d/0x130
[  136.240281][ T9455]  __x64_sys_sendto+0x74/0x90
[  136.244950][ T9455]  do_syscall_64+0x3d/0x90
[  136.249360][ T9455]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  136.255245][ T9455] RIP: 0033:0x4665e9
08:50:25 executing program 0:
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket$inet_udp(0x2, 0x2, 0x0)
close(r1)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r0, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(0xffffffffffffffff, 0x0, r1, 0x0, 0x30000033fe0, 0x0)

[  136.259163][ T9455] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  136.278770][ T9455] RSP: 002b:00007f8b030f7188 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  136.287186][ T9455] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  136.295147][ T9455] RDX: 000000000000ffe4 RSI: 0000000020865000 RDI: 0000000000000003
[  136.303102][ T9455] RBP: 00007f8b030f71d0 R08: 0000000020fd9ff0 R09: 0000000000000010
[  136.311058][ T9455] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  136.319014][ T9455] R13: 00007ffdd4adc7ef R14: 00007f8b030f7300 R15: 0000000000022000
08:50:25 executing program 4 (fault-call:9 fault-nth:17):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:50:25 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000", 0x15}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:50:25 executing program 1 (fault-call:9 fault-nth:9):
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  136.339994][ T9455] IPv4: Oversized IP packet from 127.0.0.1
[  136.345924][    C1] IPv4: Oversized IP packet from 127.0.0.1
08:50:25 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(0x0)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:25 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, 0x0)
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

[  136.383779][ T9466] loop3: detected capacity change from 0 to 16
[  136.390924][ T9466] FAT-fs (loop3): invalid media value (0x00)
[  136.396957][ T9466] FAT-fs (loop3): Can't find a valid FAT filesystem
[  136.399271][ T9469] loop4: detected capacity change from 0 to 16
[  136.411669][ T9470] FAULT_INJECTION: forcing a failure.
[  136.411669][ T9470] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  136.414528][ T9469] FAULT_INJECTION: forcing a failure.
[  136.414528][ T9469] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  136.424811][ T9470] CPU: 0 PID: 9470 Comm: syz-executor.1 Not tainted 5.14.0-rc6-syzkaller #0
[  136.424833][ T9470] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  136.424841][ T9470] Call Trace:
[  136.424849][ T9470]  dump_stack_lvl+0xb7/0x103
[  136.464510][ T9470]  dump_stack+0x11/0x1a
[  136.469088][ T9470]  should_fail+0x23c/0x250
[  136.473562][ T9470]  should_fail_usercopy+0x16/0x20
[  136.478571][ T9470]  _copy_from_iter+0x131/0x970
[  136.483762][ T9470]  ? check_stack_object+0x61/0x70
[  136.488776][ T9470]  ? __virt_addr_valid+0x15a/0x1a0
[  136.493942][ T9470]  ? __check_object_size+0x253/0x310
[  136.499226][ T9470]  ip_generic_getfrag+0x90/0x1b0
[  136.504165][ T9470]  __ip_append_data+0xf8e/0x1dc0
[  136.509139][ T9470]  ? ip_do_fragment+0x11f0/0x11f0
[  136.514144][ T9470]  ip_make_skb+0x142/0x2d0
[  136.518542][ T9470]  ? ip_do_fragment+0x11f0/0x11f0
[  136.523702][ T9470]  udp_sendmsg+0xfba/0x12f0
[  136.528191][ T9470]  ? ip_do_fragment+0x11f0/0x11f0
[  136.533213][ T9470]  ? _raw_spin_unlock_bh+0x33/0x40
[  136.538311][ T9470]  ? release_sock+0x104/0x110
[  136.543061][ T9470]  inet_sendmsg+0x5f/0x80
[  136.547450][ T9470]  __sys_sendto+0x2a8/0x370
[  136.551967][ T9470]  ? finish_task_switch+0xce/0x290
[  136.557062][ T9470]  ? __schedule+0x42a/0x670
[  136.561731][ T9470]  ? __cond_resched+0x11/0x40
[  136.566523][ T9470]  ? fput+0x2d/0x130
[  136.570494][ T9470]  ? fpregs_restore_userregs+0x10c/0x1c0
[  136.576434][ T9470]  __x64_sys_sendto+0x74/0x90
[  136.581099][ T9470]  do_syscall_64+0x3d/0x90
[  136.585525][ T9470]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  136.591415][ T9470] RIP: 0033:0x4665e9
[  136.595299][ T9470] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  136.614889][ T9470] RSP: 002b:00007f8b030f7188 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  136.623284][ T9470] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  136.631238][ T9470] RDX: 000000000000ffe4 RSI: 0000000020865000 RDI: 0000000000000003
[  136.639191][ T9470] RBP: 00007f8b030f71d0 R08: 0000000020fd9ff0 R09: 0000000000000010
[  136.647406][ T9470] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  136.655450][ T9470] R13: 00007ffdd4adc7ef R14: 00007f8b030f7300 R15: 0000000000022000
[  136.663418][ T9469] CPU: 1 PID: 9469 Comm: syz-executor.4 Not tainted 5.14.0-rc6-syzkaller #0
[  136.672094][ T9469] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  136.682209][ T9469] Call Trace:
[  136.685492][ T9469]  dump_stack_lvl+0xb7/0x103
[  136.690256][ T9469]  dump_stack+0x11/0x1a
[  136.694395][ T9469]  should_fail+0x23c/0x250
[  136.698797][ T9469]  should_fail_usercopy+0x16/0x20
[  136.703833][ T9469]  copy_page_from_iter_atomic+0x2c1/0xba0
[  136.709553][ T9469]  ? fat_write_begin+0x61/0xf0
[  136.714295][ T9469]  ? fat_block_truncate_page+0x30/0x30
[  136.720081][ T9469]  ? fat_write_begin+0x79/0xf0
[  136.724949][ T9469]  generic_perform_write+0x1df/0x3c0
[  136.730373][ T9469]  ? fat_write_begin+0xf0/0xf0
[  136.735147][ T9469]  __generic_file_write_iter+0x202/0x300
[  136.741049][ T9469]  ? generic_write_checks+0x250/0x290
[  136.746458][ T9469]  generic_file_write_iter+0x75/0x130
[  136.751833][ T9469]  vfs_write+0x69d/0x770
[  136.756065][ T9469]  ksys_write+0xce/0x180
[  136.760301][ T9469]  __x64_sys_write+0x3e/0x50
[  136.764871][ T9469]  do_syscall_64+0x3d/0x90
[  136.769383][ T9469]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  136.775498][ T9469] RIP: 0033:0x4665e9
[  136.779376][ T9469] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  136.799059][ T9469] RSP: 002b:00007f9108b78188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  136.807541][ T9469] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  136.815495][ T9469] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006
[  136.823622][ T9469] RBP: 00007f9108b781d0 R08: 0000000000000000 R09: 0000000000000000
08:50:25 executing program 4 (fault-call:9 fault-nth:18):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:50:25 executing program 1 (fault-call:9 fault-nth:10):
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:25 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000", 0x15}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

[  136.831725][ T9469] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  136.839742][ T9469] R13: 00007ffeec19ddcf R14: 00007f9108b78300 R15: 0000000000022000
[  136.888114][ T9482] loop2: detected capacity change from 0 to 16
[  136.900672][ T9492] loop5: detected capacity change from 0 to 16
[  136.906670][ T9489] loop3: detected capacity change from 0 to 16
[  136.924908][ T9486] FAULT_INJECTION: forcing a failure.
[  136.924908][ T9486] name failslab, interval 1, probability 0, space 0, times 0
08:50:25 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(0x0)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

[  136.937608][ T9486] CPU: 0 PID: 9486 Comm: syz-executor.1 Not tainted 5.14.0-rc6-syzkaller #0
[  136.939121][ T9489] FAT-fs (loop3): invalid media value (0x00)
[  136.946404][ T9486] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  136.946418][ T9486] Call Trace:
[  136.946425][ T9486]  dump_stack_lvl+0xb7/0x103
[  136.952498][ T9489] FAT-fs (loop3): Can't find a valid FAT filesystem
[  136.962673][ T9486]  dump_stack+0x11/0x1a
[  136.962694][ T9486]  should_fail+0x23c/0x250
[  136.975574][ T9498] loop4: detected capacity change from 0 to 16
[  136.977454][ T9486]  __should_failslab+0x81/0x90
[  136.977476][ T9486]  should_failslab+0x5/0x20
[  136.986789][ T9498] FAULT_INJECTION: forcing a failure.
[  136.986789][ T9498] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  136.992752][ T9486]  kmem_cache_alloc_node+0x58/0x2b0
[  136.992805][ T9486]  ? __alloc_skb+0xed/0x420
[  137.025393][ T9486]  __alloc_skb+0xed/0x420
[  137.029718][ T9486]  ip_frag_next+0x8e/0x4a0
[  137.034132][ T9486]  ? skb_checksum_help+0x283/0x2d0
[  137.039321][ T9486]  ip_do_fragment+0x70e/0x11f0
[  137.044136][ T9486]  ? ip_fragment+0x130/0x130
[  137.048800][ T9486]  ip_fragment+0xd2/0x130
[  137.053187][ T9486]  ip_finish_output+0x415/0x490
[  137.058235][ T9486]  ? nf_hook_slow+0x13a/0x170
[  137.062985][ T9486]  ip_output+0xf3/0x1a0
[  137.067131][ T9486]  ? mr_table_dump+0x134/0x510
[  137.071972][ T9486]  ? ip_mc_finish_output+0xf0/0xf0
[  137.077203][ T9486]  ip_local_out+0x164/0x220
[  137.081735][ T9486]  ? __ip_local_out+0x1e0/0x1e0
[  137.086726][ T9486]  ip_send_skb+0x27/0x90
[  137.090961][ T9486]  udp_send_skb+0x62d/0x860
[  137.096030][ T9486]  udp_sendmsg+0xfe4/0x12f0
[  137.100608][ T9486]  ? ip_do_fragment+0x11f0/0x11f0
[  137.105629][ T9486]  ? _raw_spin_unlock_bh+0x33/0x40
[  137.110779][ T9486]  ? release_sock+0x104/0x110
[  137.115451][ T9486]  inet_sendmsg+0x5f/0x80
[  137.119782][ T9486]  __sys_sendto+0x2a8/0x370
[  137.124330][ T9486]  ? __cond_resched+0x11/0x40
[  137.129007][ T9486]  ? fput+0x2d/0x130
[  137.132885][ T9486]  __x64_sys_sendto+0x74/0x90
[  137.137651][ T9486]  do_syscall_64+0x3d/0x90
[  137.142218][ T9486]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  137.148143][ T9486] RIP: 0033:0x4665e9
[  137.152043][ T9486] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  137.171681][ T9486] RSP: 002b:00007f8b030f7188 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  137.180077][ T9486] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  137.188119][ T9486] RDX: 000000000000ffe4 RSI: 0000000020865000 RDI: 0000000000000003
[  137.196086][ T9486] RBP: 00007f8b030f71d0 R08: 0000000020fd9ff0 R09: 0000000000000010
[  137.204042][ T9486] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  137.212082][ T9486] R13: 00007ffdd4adc7ef R14: 00007f8b030f7300 R15: 0000000000022000
[  137.220110][ T9498] CPU: 1 PID: 9498 Comm: syz-executor.4 Not tainted 5.14.0-rc6-syzkaller #0
[  137.229046][ T9498] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
08:50:26 executing program 0:
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket$inet_udp(0x2, 0x2, 0x0)
close(r1)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r0, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(0xffffffffffffffff, 0x0, r1, 0x0, 0x30000033fe0, 0x0)

[  137.239822][ T9498] Call Trace:
[  137.243092][ T9498]  dump_stack_lvl+0xb7/0x103
[  137.247839][ T9498]  dump_stack+0x11/0x1a
[  137.252077][ T9498]  should_fail+0x23c/0x250
[  137.256510][ T9498]  __alloc_pages+0x102/0x320
[  137.261242][ T9498]  alloc_pages+0x2e8/0x340
[  137.265924][ T9498]  __page_cache_alloc+0x4d/0xf0
[  137.270770][ T9498]  pagecache_get_page+0x5f4/0x900
[  137.275778][ T9498]  grab_cache_page_write_begin+0x3f/0x70
[  137.281507][ T9498]  cont_write_begin+0x501/0x850
[  137.286428][ T9498]  fat_write_begin+0x61/0xf0
[  137.291014][ T9498]  ? fat_block_truncate_page+0x30/0x30
[  137.296465][ T9498]  generic_perform_write+0x196/0x3c0
[  137.301730][ T9498]  ? fat_write_begin+0xf0/0xf0
[  137.306491][ T9498]  __generic_file_write_iter+0x202/0x300
[  137.312244][ T9498]  ? generic_write_checks+0x250/0x290
[  137.317809][ T9498]  generic_file_write_iter+0x75/0x130
[  137.323161][ T9498]  vfs_write+0x69d/0x770
[  137.327384][ T9498]  ksys_write+0xce/0x180
[  137.331780][ T9498]  __x64_sys_write+0x3e/0x50
[  137.336415][ T9498]  do_syscall_64+0x3d/0x90
[  137.341170][ T9498]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  137.347264][ T9498] RIP: 0033:0x4665e9
[  137.351240][ T9498] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  137.371476][ T9498] RSP: 002b:00007f9108b78188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  137.379888][ T9498] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
08:50:26 executing program 1 (fault-call:9 fault-nth:11):
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  137.387886][ T9498] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006
[  137.395950][ T9498] RBP: 00007f9108b781d0 R08: 0000000000000000 R09: 0000000000000000
[  137.403927][ T9498] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  137.411911][ T9498] R13: 00007ffeec19ddcf R14: 00007f9108b78300 R15: 0000000000022000
08:50:26 executing program 4 (fault-call:9 fault-nth:19):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:50:26 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(0x0)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

[  137.438768][ T9507] FAULT_INJECTION: forcing a failure.
[  137.438768][ T9507] name failslab, interval 1, probability 0, space 0, times 0
[  137.451508][ T9507] CPU: 1 PID: 9507 Comm: syz-executor.1 Not tainted 5.14.0-rc6-syzkaller #0
[  137.460219][ T9507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  137.470281][ T9507] Call Trace:
[  137.473605][ T9507]  dump_stack_lvl+0xb7/0x103
[  137.478173][ T9507]  dump_stack+0x11/0x1a
[  137.482315][ T9507]  should_fail+0x23c/0x250
[  137.486786][ T9507]  __should_failslab+0x81/0x90
[  137.491527][ T9507]  should_failslab+0x5/0x20
[  137.496009][ T9507]  kmem_cache_alloc_node_trace+0x58/0x2e0
[  137.501712][ T9507]  ? __kmalloc_node_track_caller+0x30/0x40
[  137.507656][ T9507]  ? kmem_cache_alloc_node+0x1d4/0x2b0
[  137.513161][ T9507]  __kmalloc_node_track_caller+0x30/0x40
[  137.518953][ T9507]  ? ip_frag_next+0x8e/0x4a0
[  137.523529][ T9507]  __alloc_skb+0x187/0x420
[  137.527966][ T9507]  ip_frag_next+0x8e/0x4a0
[  137.532363][ T9507]  ? skb_checksum_help+0x283/0x2d0
[  137.537458][ T9507]  ip_do_fragment+0x70e/0x11f0
[  137.542206][ T9507]  ? ip_fragment+0x130/0x130
[  137.546776][ T9507]  ip_fragment+0xd2/0x130
[  137.551186][ T9507]  ip_finish_output+0x415/0x490
[  137.556030][ T9507]  ? nf_hook_slow+0x13a/0x170
[  137.560815][ T9507]  ip_output+0xf3/0x1a0
[  137.566152][ T9507]  ? mr_table_dump+0x134/0x510
[  137.571012][ T9507]  ? ip_mc_finish_output+0xf0/0xf0
[  137.576392][ T9507]  ip_local_out+0x164/0x220
[  137.581002][ T9507]  ? __ip_local_out+0x1e0/0x1e0
[  137.586044][ T9507]  ip_send_skb+0x27/0x90
[  137.590367][ T9507]  udp_send_skb+0x62d/0x860
[  137.594919][ T9507]  udp_sendmsg+0xfe4/0x12f0
[  137.599427][ T9507]  ? ip_do_fragment+0x11f0/0x11f0
[  137.604460][ T9507]  ? _raw_spin_unlock_bh+0x33/0x40
[  137.609555][ T9507]  ? release_sock+0x104/0x110
[  137.614248][ T9507]  inet_sendmsg+0x5f/0x80
[  137.618629][ T9507]  __sys_sendto+0x2a8/0x370
[  137.623158][ T9507]  ? __cond_resched+0x11/0x40
[  137.627811][ T9507]  ? fput+0x2d/0x130
[  137.631685][ T9507]  __x64_sys_sendto+0x74/0x90
[  137.636343][ T9507]  do_syscall_64+0x3d/0x90
[  137.640738][ T9507]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  137.646713][ T9507] RIP: 0033:0x4665e9
[  137.650670][ T9507] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  137.670383][ T9507] RSP: 002b:00007f8b030f7188 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  137.678786][ T9507] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  137.686827][ T9507] RDX: 000000000000ffe4 RSI: 0000000020865000 RDI: 0000000000000003
[  137.694777][ T9507] RBP: 00007f8b030f71d0 R08: 0000000020fd9ff0 R09: 0000000000000010
[  137.702736][ T9507] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  137.710786][ T9507] R13: 00007ffdd4adc7ef R14: 00007f8b030f7300 R15: 0000000000022000
08:50:26 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f8", 0x16}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:50:26 executing program 1 (fault-call:9 fault-nth:12):
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:26 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(0x0, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

[  137.741747][ T9513] loop2: detected capacity change from 0 to 16
[  137.766661][ T9516] loop5: detected capacity change from 0 to 16
[  137.784503][ T9523] loop4: detected capacity change from 0 to 16
[  137.788420][ T9524] FAULT_INJECTION: forcing a failure.
[  137.788420][ T9524] name failslab, interval 1, probability 0, space 0, times 0
[  137.803276][ T9524] CPU: 1 PID: 9524 Comm: syz-executor.1 Not tainted 5.14.0-rc6-syzkaller #0
[  137.812118][ T9524] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  137.822500][ T9524] Call Trace:
[  137.825344][ T9523] FAULT_INJECTION: forcing a failure.
[  137.825344][ T9523] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  137.825774][ T9524]  dump_stack_lvl+0xb7/0x103
[  137.825797][ T9524]  dump_stack+0x11/0x1a
[  137.847509][ T9524]  should_fail+0x23c/0x250
[  137.852014][ T9524]  ? skb_clone+0x12c/0x1f0
[  137.856522][ T9524]  __should_failslab+0x81/0x90
[  137.861313][ T9524]  should_failslab+0x5/0x20
[  137.865826][ T9524]  kmem_cache_alloc+0x46/0x2e0
[  137.870579][ T9524]  skb_clone+0x12c/0x1f0
[  137.874829][ T9524]  dev_queue_xmit_nit+0x145/0x5f0
[  137.879839][ T9524]  xmit_one+0x71/0x270
[  137.883958][ T9524]  __dev_queue_xmit+0x693/0xa50
[  137.888927][ T9524]  dev_queue_xmit+0x13/0x20
[  137.893416][ T9524]  ip_finish_output2+0xa93/0xb10
[  137.898336][ T9524]  ip_do_fragment+0x7c6/0x11f0
[  137.903128][ T9524]  ? ip_fragment+0x130/0x130
[  137.907698][ T9524]  ip_fragment+0xd2/0x130
[  137.912021][ T9524]  ip_finish_output+0x415/0x490
[  137.916861][ T9524]  ? nf_hook_slow+0x13a/0x170
[  137.921521][ T9524]  ip_output+0xf3/0x1a0
[  137.925662][ T9524]  ? mr_table_dump+0x134/0x510
[  137.930498][ T9524]  ? ip_mc_finish_output+0xf0/0xf0
[  137.935597][ T9524]  ip_local_out+0x164/0x220
[  137.940177][ T9524]  ? __ip_local_out+0x1e0/0x1e0
[  137.945073][ T9524]  ip_send_skb+0x27/0x90
[  137.949313][ T9524]  udp_send_skb+0x62d/0x860
[  137.954152][ T9524]  udp_sendmsg+0xfe4/0x12f0
[  137.958713][ T9524]  ? ip_do_fragment+0x11f0/0x11f0
[  137.963833][ T9524]  ? _raw_spin_unlock_bh+0x33/0x40
[  137.968929][ T9524]  ? release_sock+0x104/0x110
[  137.973586][ T9524]  inet_sendmsg+0x5f/0x80
[  137.977979][ T9524]  __sys_sendto+0x2a8/0x370
[  137.982661][ T9524]  ? __cond_resched+0x11/0x40
[  137.987383][ T9524]  ? fput+0x2d/0x130
[  137.991324][ T9524]  __x64_sys_sendto+0x74/0x90
[  137.996013][ T9524]  do_syscall_64+0x3d/0x90
[  138.000509][ T9524]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  138.006393][ T9524] RIP: 0033:0x4665e9
[  138.010733][ T9524] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  138.030564][ T9524] RSP: 002b:00007f8b030f7188 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  138.039028][ T9524] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  138.047121][ T9524] RDX: 000000000000ffe4 RSI: 0000000020865000 RDI: 0000000000000003
[  138.055255][ T9524] RBP: 00007f8b030f71d0 R08: 0000000020fd9ff0 R09: 0000000000000010
[  138.063415][ T9524] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  138.072008][ T9524] R13: 00007ffdd4adc7ef R14: 00007f8b030f7300 R15: 0000000000022000
[  138.080055][ T9523] CPU: 0 PID: 9523 Comm: syz-executor.4 Not tainted 5.14.0-rc6-syzkaller #0
[  138.080318][ T9524] IPv4: Oversized IP packet from 127.0.0.1
[  138.089200][ T9523] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  138.089211][ T9523] Call Trace:
[  138.089217][ T9523]  dump_stack_lvl+0xb7/0x103
[  138.098950][    C1] IPv4: Oversized IP packet from 127.0.0.1
[  138.105224][ T9523]  dump_stack+0x11/0x1a
[  138.105246][ T9523]  should_fail+0x23c/0x250
[  138.127512][ T9523]  should_fail_usercopy+0x16/0x20
[  138.132706][ T9523]  copy_page_from_iter_atomic+0x2c1/0xba0
[  138.138428][ T9523]  ? fat_write_begin+0x61/0xf0
[  138.143405][ T9523]  ? fat_block_truncate_page+0x30/0x30
[  138.149003][ T9523]  ? fat_write_begin+0x79/0xf0
[  138.153840][ T9523]  generic_perform_write+0x1df/0x3c0
[  138.159114][ T9523]  ? fat_write_begin+0xf0/0xf0
[  138.163878][ T9523]  __generic_file_write_iter+0x202/0x300
[  138.169626][ T9523]  ? generic_write_checks+0x250/0x290
[  138.174986][ T9523]  generic_file_write_iter+0x75/0x130
[  138.180348][ T9523]  vfs_write+0x69d/0x770
[  138.184839][ T9523]  ksys_write+0xce/0x180
[  138.189514][ T9523]  __x64_sys_write+0x3e/0x50
[  138.194103][ T9523]  do_syscall_64+0x3d/0x90
[  138.198537][ T9523]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  138.204462][ T9523] RIP: 0033:0x4665e9
[  138.208340][ T9523] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  138.228162][ T9523] RSP: 002b:00007f9108b78188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
08:50:27 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(r0, 0x0, 0xffffffffffffffff, 0x0, 0x30000033fe0, 0x0)

08:50:27 executing program 1 (fault-call:9 fault-nth:13):
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  138.236656][ T9523] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  138.244757][ T9523] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006
[  138.252856][ T9523] RBP: 00007f9108b781d0 R08: 0000000000000000 R09: 0000000000000000
[  138.260814][ T9523] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  138.268864][ T9523] R13: 00007ffeec19ddcf R14: 00007f9108b78300 R15: 0000000000022000
08:50:27 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(0x0)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

[  138.305742][ T9530] loop3: detected capacity change from 0 to 16
08:50:27 executing program 4 (fault-call:9 fault-nth:20):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:50:27 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(0x0, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

[  138.353384][ T9543] loop2: detected capacity change from 0 to 16
[  138.355084][ T9542] FAULT_INJECTION: forcing a failure.
[  138.355084][ T9542] name failslab, interval 1, probability 0, space 0, times 0
[  138.372178][ T9542] CPU: 0 PID: 9542 Comm: syz-executor.1 Not tainted 5.14.0-rc6-syzkaller #0
[  138.380862][ T9542] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  138.390926][ T9542] Call Trace:
[  138.394206][ T9542]  dump_stack_lvl+0xb7/0x103
[  138.398931][ T9542]  dump_stack+0x11/0x1a
[  138.403081][ T9542]  should_fail+0x23c/0x250
[  138.407553][ T9542]  ? inet_frag_find+0x343/0xb20
[  138.412487][ T9542]  __should_failslab+0x81/0x90
[  138.417265][ T9542]  should_failslab+0x5/0x20
[  138.421747][ T9542]  kmem_cache_alloc+0x46/0x2e0
[  138.426666][ T9542]  inet_frag_find+0x343/0xb20
[  138.431324][ T9542]  ? rmqueue_pcplist+0x145/0x1d0
[  138.436313][ T9542]  ? get_page_from_freelist+0x54e/0x820
[  138.441845][ T9542]  ? ip_expire+0x380/0x380
[  138.446307][ T9542]  ? ip4_key_hashfn+0x110/0x110
[  138.451167][ T9542]  ? ip4_obj_hashfn+0x110/0x110
[  138.455995][ T9542]  ip_defrag+0x170/0x1160
[  138.460303][ T9542]  ? __alloc_pages+0x194/0x320
[  138.465054][ T9542]  ? skb_copy_bits+0x458/0x4c0
[  138.469994][ T9542]  ? __mod_node_page_state+0x18/0x80
[  138.475303][ T9542]  ip_check_defrag+0x2ba/0x3c0
[  138.480078][ T9542]  packet_rcv_fanout+0xcb/0xa40
[  138.484922][ T9542]  ? __skb_clone+0x2db/0x300
[  138.489502][ T9542]  ? packet_direct_xmit+0x170/0x170
[  138.495146][ T9542]  dev_queue_xmit_nit+0x5a4/0x5f0
[  138.500153][ T9542]  xmit_one+0x71/0x270
[  138.504346][ T9542]  __dev_queue_xmit+0x693/0xa50
[  138.509244][ T9542]  dev_queue_xmit+0x13/0x20
[  138.513887][ T9542]  ip_finish_output2+0xa93/0xb10
[  138.518806][ T9542]  ip_do_fragment+0x7c6/0x11f0
[  138.523700][ T9542]  ? ip_fragment+0x130/0x130
[  138.528332][ T9542]  ip_fragment+0xd2/0x130
[  138.532641][ T9542]  ip_finish_output+0x415/0x490
[  138.537524][ T9542]  ? nf_hook_slow+0x13a/0x170
[  138.542195][ T9542]  ip_output+0xf3/0x1a0
[  138.546435][ T9542]  ? mr_table_dump+0x134/0x510
[  138.551196][ T9542]  ? ip_mc_finish_output+0xf0/0xf0
[  138.556296][ T9542]  ip_local_out+0x164/0x220
[  138.560898][ T9542]  ? __ip_local_out+0x1e0/0x1e0
[  138.565730][ T9542]  ip_send_skb+0x27/0x90
[  138.569967][ T9542]  udp_send_skb+0x62d/0x860
[  138.574472][ T9542]  udp_sendmsg+0xfe4/0x12f0
[  138.578968][ T9542]  ? ip_do_fragment+0x11f0/0x11f0
[  138.583997][ T9542]  ? _raw_spin_unlock_bh+0x33/0x40
[  138.589114][ T9542]  ? release_sock+0x104/0x110
[  138.593789][ T9542]  inet_sendmsg+0x5f/0x80
[  138.598145][ T9542]  __sys_sendto+0x2a8/0x370
[  138.602659][ T9542]  ? __cond_resched+0x11/0x40
[  138.607314][ T9542]  ? kcsan_setup_watchpoint+0x231/0x3e0
[  138.612843][ T9542]  __x64_sys_sendto+0x74/0x90
[  138.617504][ T9542]  do_syscall_64+0x3d/0x90
[  138.621928][ T9542]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  138.627802][ T9542] RIP: 0033:0x4665e9
[  138.631718][ T9542] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  138.651390][ T9542] RSP: 002b:00007f8b030f7188 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  138.659787][ T9542] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  138.667754][ T9542] RDX: 000000000000ffe4 RSI: 0000000020865000 RDI: 0000000000000003
[  138.675702][ T9542] RBP: 00007f8b030f71d0 R08: 0000000020fd9ff0 R09: 0000000000000010
[  138.683684][ T9542] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  138.691737][ T9542] R13: 00007ffdd4adc7ef R14: 00007f8b030f7300 R15: 0000000000022000
08:50:27 executing program 1 (fault-call:9 fault-nth:14):
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:27 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f8", 0x16}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

[  138.699932][ T9542] IPv4: Oversized IP packet from 127.0.0.1
[  138.705774][    C0] IPv4: Oversized IP packet from 127.0.0.1
[  138.755540][ T9562] loop5: detected capacity change from 0 to 16
[  138.763911][ T9561] loop4: detected capacity change from 0 to 16
[  138.767518][ T9564] loop3: detected capacity change from 0 to 16
[  138.782652][ T9565] loop2: detected capacity change from 0 to 16
[  138.793356][ T9564] FAT-fs (loop3): bogus number of FAT sectors
[  138.794161][ T9569] FAULT_INJECTION: forcing a failure.
08:50:27 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(0x0)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

[  138.794161][ T9569] name failslab, interval 1, probability 0, space 0, times 0
[  138.799506][ T9564] FAT-fs (loop3): Can't find a valid FAT filesystem
[  138.812186][ T9569] CPU: 0 PID: 9569 Comm: syz-executor.1 Not tainted 5.14.0-rc6-syzkaller #0
[  138.827579][ T9569] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  138.837638][ T9569] Call Trace:
[  138.840934][ T9569]  dump_stack_lvl+0xb7/0x103
[  138.845654][ T9569]  dump_stack+0x11/0x1a
[  138.849820][ T9569]  should_fail+0x23c/0x250
[  138.854248][ T9569]  __should_failslab+0x81/0x90
[  138.859042][ T9569]  should_failslab+0x5/0x20
[  138.861604][ T9565] handle_bad_sector: 25 callbacks suppressed
[  138.861616][ T9565] attempt to access beyond end of device
[  138.861616][ T9565] loop2: rw=2049, want=122, limit=16
[  138.864020][ T9569]  kmem_cache_alloc_node+0x58/0x2b0
[  138.870036][ T9565] buffer_io_error: 21 callbacks suppressed
[  138.870046][ T9565] Buffer I/O error on dev loop2, logical block 121, lost async page write
[  138.880818][ T9569]  ? __dev_queue_xmit+0x829/0xa50
[  138.880852][ T9569]  ? __alloc_skb+0xed/0x420
[  138.908561][ T9565] attempt to access beyond end of device
[  138.908561][ T9565] loop2: rw=2049, want=123, limit=16
[  138.909851][ T9569]  __alloc_skb+0xed/0x420
[  138.920643][ T9565] Buffer I/O error on dev loop2, logical block 122, lost async page write
[  138.924943][ T9569]  ip_frag_next+0x8e/0x4a0
[  138.934677][ T9565] attempt to access beyond end of device
[  138.934677][ T9565] loop2: rw=2049, want=124, limit=16
[  138.937815][ T9569]  ip_do_fragment+0x815/0x11f0
[  138.937842][ T9569]  ? ip_fragment+0x130/0x130
[  138.948600][ T9565] Buffer I/O error on dev loop2, logical block 123, lost async page write
[  138.953368][ T9569]  ip_fragment+0xd2/0x130
[  138.953385][ T9569]  ip_finish_output+0x415/0x490
[  138.953406][ T9569]  ? nf_hook_slow+0x13a/0x170
[  138.953421][ T9569]  ip_output+0xf3/0x1a0
[  138.960190][ T9565] attempt to access beyond end of device
[  138.960190][ T9565] loop2: rw=2049, want=125, limit=16
[  138.966581][ T9569]  ? mr_table_dump+0x134/0x510
[  138.966603][ T9569]  ? ip_mc_finish_output+0xf0/0xf0
[  138.970929][ T9565] Buffer I/O error on dev loop2, logical block 124, lost async page write
[  138.975734][ T9569]  ip_local_out+0x164/0x220
[  138.981770][ T9565] attempt to access beyond end of device
[  138.981770][ T9565] loop2: rw=2049, want=126, limit=16
[  138.984603][ T9569]  ? __ip_local_out+0x1e0/0x1e0
[  138.995988][ T9565] Buffer I/O error on dev loop2, logical block 125, lost async page write
[  139.001226][ T9569]  ip_send_skb+0x27/0x90
[  139.001244][ T9569]  udp_send_skb+0x62d/0x860
[  139.007520][ T9565] attempt to access beyond end of device
[  139.007520][ T9565] loop2: rw=2049, want=127, limit=16
[  139.014802][ T9569]  udp_sendmsg+0xfe4/0x12f0
[  139.014834][ T9569]  ? ip_do_fragment+0x11f0/0x11f0
[  139.014849][ T9569]  ? _raw_spin_unlock_bh+0x33/0x40
[  139.019359][ T9565] Buffer I/O error on dev loop2, logical block 126, lost async page write
[  139.030074][ T9569]  ? release_sock+0x104/0x110
[  139.030147][ T9569]  inet_sendmsg+0x5f/0x80
[  139.041222][ T9561] FAULT_INJECTION: forcing a failure.
[  139.041222][ T9561] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  139.043509][ T9569]  __sys_sendto+0x2a8/0x370
[  139.113368][ T9569]  ? __cond_resched+0x11/0x40
[  139.118089][ T9569]  ? fput+0x2d/0x130
[  139.121993][ T9569]  __x64_sys_sendto+0x74/0x90
[  139.126657][ T9569]  do_syscall_64+0x3d/0x90
[  139.131063][ T9569]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  139.137045][ T9569] RIP: 0033:0x4665e9
[  139.140920][ T9569] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  139.162064][ T9569] RSP: 002b:00007f8b030f7188 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  139.170459][ T9569] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  139.178437][ T9569] RDX: 000000000000ffe4 RSI: 0000000020865000 RDI: 0000000000000003
[  139.186392][ T9569] RBP: 00007f8b030f71d0 R08: 0000000020fd9ff0 R09: 0000000000000010
[  139.194633][ T9569] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  139.202693][ T9569] R13: 00007ffdd4adc7ef R14: 00007f8b030f7300 R15: 0000000000022000
[  139.210656][ T9561] CPU: 1 PID: 9561 Comm: syz-executor.4 Not tainted 5.14.0-rc6-syzkaller #0
[  139.216716][ T9565] attempt to access beyond end of device
[  139.216716][ T9565] loop2: rw=2049, want=128, limit=16
[  139.219694][ T9561] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  139.231021][ T9565] Buffer I/O error on dev loop2, logical block 127, lost async page write
[  139.241307][ T9561] Call Trace:
[  139.241315][ T9561]  dump_stack_lvl+0xb7/0x103
08:50:28 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(0x0, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:28 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(r0, 0x0, 0xffffffffffffffff, 0x0, 0x30000033fe0, 0x0)

[  139.241334][ T9561]  dump_stack+0x11/0x1a
[  139.241348][ T9561]  should_fail+0x23c/0x250
[  139.266167][ T9561]  __alloc_pages+0x102/0x320
[  139.270776][ T9561]  alloc_pages+0x2e8/0x340
[  139.275288][ T9561]  __page_cache_alloc+0x4d/0xf0
[  139.280188][ T9561]  pagecache_get_page+0x5f4/0x900
[  139.285256][ T9561]  grab_cache_page_write_begin+0x3f/0x70
[  139.290907][ T9561]  cont_write_begin+0x501/0x850
[  139.295847][ T9561]  fat_write_begin+0x61/0xf0
[  139.300535][ T9561]  ? fat_block_truncate_page+0x30/0x30
[  139.305993][ T9561]  generic_perform_write+0x196/0x3c0
[  139.311295][ T9561]  ? fat_write_begin+0xf0/0xf0
[  139.316147][ T9561]  __generic_file_write_iter+0x202/0x300
[  139.321817][ T9561]  ? generic_write_checks+0x250/0x290
[  139.327186][ T9561]  generic_file_write_iter+0x75/0x130
[  139.333458][ T9561]  vfs_write+0x69d/0x770
[  139.338043][ T9561]  ksys_write+0xce/0x180
[  139.342323][ T9561]  __x64_sys_write+0x3e/0x50
[  139.347080][ T9561]  do_syscall_64+0x3d/0x90
[  139.351486][ T9561]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  139.357758][ T9561] RIP: 0033:0x4665e9
[  139.361802][ T9561] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  139.381591][ T9561] RSP: 002b:00007f9108b78188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  139.390594][ T9561] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  139.398680][ T9561] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006
08:50:28 executing program 1 (fault-call:9 fault-nth:15):
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:28 executing program 4 (fault-call:9 fault-nth:21):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

[  139.406779][ T9561] RBP: 00007f9108b781d0 R08: 0000000000000000 R09: 0000000000000000
[  139.414956][ T9561] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  139.423130][ T9561] R13: 00007ffeec19ddcf R14: 00007f9108b78300 R15: 0000000000022000
[  139.457061][ T9586] FAULT_INJECTION: forcing a failure.
[  139.457061][ T9586] name failslab, interval 1, probability 0, space 0, times 0
[  139.470557][ T9586] CPU: 1 PID: 9586 Comm: syz-executor.1 Not tainted 5.14.0-rc6-syzkaller #0
[  139.479740][ T9586] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  139.490004][ T9586] Call Trace:
[  139.494114][ T9586]  dump_stack_lvl+0xb7/0x103
[  139.498970][ T9586]  dump_stack+0x11/0x1a
[  139.503296][ T9586]  should_fail+0x23c/0x250
[  139.507742][ T9586]  __should_failslab+0x81/0x90
[  139.512507][ T9586]  should_failslab+0x5/0x20
[  139.517022][ T9586]  kmem_cache_alloc_node_trace+0x58/0x2e0
[  139.523076][ T9586]  ? __kmalloc_node_track_caller+0x30/0x40
[  139.529304][ T9586]  ? kmem_cache_alloc_node+0x1d4/0x2b0
[  139.535203][ T9586]  __kmalloc_node_track_caller+0x30/0x40
[  139.540908][ T9586]  ? ip_frag_next+0x8e/0x4a0
[  139.545733][ T9586]  __alloc_skb+0x187/0x420
[  139.550162][ T9586]  ip_frag_next+0x8e/0x4a0
[  139.554648][ T9586]  ip_do_fragment+0x815/0x11f0
[  139.559949][ T9586]  ? ip_fragment+0x130/0x130
[  139.564902][ T9586]  ip_fragment+0xd2/0x130
[  139.569396][ T9586]  ip_finish_output+0x415/0x490
[  139.574306][ T9586]  ? nf_hook_slow+0x13a/0x170
[  139.578970][ T9586]  ip_output+0xf3/0x1a0
[  139.583318][ T9586]  ? mr_table_dump+0x134/0x510
[  139.588217][ T9586]  ? ip_mc_finish_output+0xf0/0xf0
[  139.593313][ T9586]  ip_local_out+0x164/0x220
[  139.598063][ T9586]  ? __ip_local_out+0x1e0/0x1e0
[  139.603263][ T9586]  ip_send_skb+0x27/0x90
[  139.607640][ T9586]  udp_send_skb+0x62d/0x860
[  139.612135][ T9586]  udp_sendmsg+0xfe4/0x12f0
[  139.616688][ T9586]  ? ip_do_fragment+0x11f0/0x11f0
[  139.621890][ T9586]  ? _raw_spin_unlock_bh+0x33/0x40
[  139.627073][ T9586]  ? release_sock+0x104/0x110
[  139.631775][ T9586]  inet_sendmsg+0x5f/0x80
[  139.636117][ T9586]  __sys_sendto+0x2a8/0x370
[  139.640612][ T9586]  ? __cond_resched+0x11/0x40
[  139.646568][ T9586]  ? fput+0x2d/0x130
[  139.650442][ T9586]  __x64_sys_sendto+0x74/0x90
[  139.655360][ T9586]  do_syscall_64+0x3d/0x90
[  139.659873][ T9586]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  139.666036][ T9586] RIP: 0033:0x4665e9
[  139.669908][ T9586] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  139.689749][ T9586] RSP: 002b:00007f8b030f7188 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  139.699191][ T9586] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  139.707386][ T9586] RDX: 000000000000ffe4 RSI: 0000000020865000 RDI: 0000000000000003
[  139.715466][ T9586] RBP: 00007f8b030f71d0 R08: 0000000020fd9ff0 R09: 0000000000000010
[  139.723444][ T9586] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  139.731724][ T9586] R13: 00007ffdd4adc7ef R14: 00007f8b030f7300 R15: 0000000000022000
[  139.750470][ T9590] loop5: detected capacity change from 0 to 16
08:50:28 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f8", 0x16}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:50:28 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(0x0, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:28 executing program 1 (fault-call:9 fault-nth:16):
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  139.804077][ T9599] loop2: detected capacity change from 0 to 16
[  139.805291][ T9598] loop4: detected capacity change from 0 to 16
[  139.819621][ T9604] loop3: detected capacity change from 0 to 16
[  139.834365][ T9604] FAT-fs (loop3): bogus number of FAT sectors
[  139.840542][ T9604] FAT-fs (loop3): Can't find a valid FAT filesystem
[  139.842362][ T9598] FAULT_INJECTION: forcing a failure.
[  139.842362][ T9598] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  139.860292][ T9598] CPU: 1 PID: 9598 Comm: syz-executor.4 Not tainted 5.14.0-rc6-syzkaller #0
[  139.868968][ T9598] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  139.869215][ T9603] FAULT_INJECTION: forcing a failure.
[  139.869215][ T9603] name failslab, interval 1, probability 0, space 0, times 0
[  139.879189][ T9598] Call Trace:
[  139.879199][ T9598]  dump_stack_lvl+0xb7/0x103
[  139.900524][ T9598]  dump_stack+0x11/0x1a
[  139.904670][ T9598]  should_fail+0x23c/0x250
[  139.909105][ T9598]  should_fail_usercopy+0x16/0x20
[  139.914219][ T9598]  copy_page_from_iter_atomic+0x2c1/0xba0
[  139.920107][ T9598]  ? fat_write_begin+0x61/0xf0
[  139.925033][ T9598]  ? fat_block_truncate_page+0x30/0x30
[  139.930528][ T9598]  ? fat_write_begin+0x79/0xf0
[  139.935451][ T9598]  generic_perform_write+0x1df/0x3c0
[  139.940812][ T9598]  ? fat_write_begin+0xf0/0xf0
[  139.945560][ T9598]  __generic_file_write_iter+0x202/0x300
[  139.951363][ T9598]  ? generic_write_checks+0x250/0x290
[  139.956752][ T9598]  generic_file_write_iter+0x75/0x130
[  139.962964][ T9598]  vfs_write+0x69d/0x770
[  139.967541][ T9598]  ksys_write+0xce/0x180
[  139.971766][ T9598]  __x64_sys_write+0x3e/0x50
[  139.976350][ T9598]  do_syscall_64+0x3d/0x90
[  139.980904][ T9598]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  139.986793][ T9598] RIP: 0033:0x4665e9
[  139.990671][ T9598] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  140.010541][ T9598] RSP: 002b:00007f9108b78188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  140.018937][ T9598] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  140.026986][ T9598] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006
[  140.035046][ T9598] RBP: 00007f9108b781d0 R08: 0000000000000000 R09: 0000000000000000
[  140.043209][ T9598] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  140.051172][ T9598] R13: 00007ffeec19ddcf R14: 00007f9108b78300 R15: 0000000000022000
[  140.059128][ T9603] CPU: 0 PID: 9603 Comm: syz-executor.1 Not tainted 5.14.0-rc6-syzkaller #0
[  140.067969][ T9603] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  140.068152][ T9599] attempt to access beyond end of device
[  140.068152][ T9599] loop2: rw=2049, want=122, limit=16
[  140.078014][ T9603] Call Trace:
[  140.078024][ T9603]  dump_stack_lvl+0xb7/0x103
[  140.078044][ T9603]  dump_stack+0x11/0x1a
[  140.088815][ T9599] Buffer I/O error on dev loop2, logical block 121, lost async page write
[  140.092039][ T9603]  should_fail+0x23c/0x250
[  140.103984][ T9599] attempt to access beyond end of device
[  140.103984][ T9599] loop2: rw=2049, want=123, limit=16
[  140.109225][ T9603]  ? skb_clone+0x12c/0x1f0
[  140.109249][ T9603]  __should_failslab+0x81/0x90
[  140.109265][ T9603]  should_failslab+0x5/0x20
[  140.113668][ T9599] Buffer I/O error on dev loop2, logical block 122, lost async page write
[  140.124400][ T9603]  kmem_cache_alloc+0x46/0x2e0
[  140.124424][ T9603]  skb_clone+0x12c/0x1f0
[  140.130714][ T9599] attempt to access beyond end of device
[  140.130714][ T9599] loop2: rw=2049, want=124, limit=16
[  140.133563][ T9603]  dev_queue_xmit_nit+0x145/0x5f0
[  140.138058][ T9599] Buffer I/O error on dev loop2, logical block 123, lost async page write
[  140.146529][ T9603]  xmit_one+0x71/0x270
[  140.183829][ T9603]  __dev_queue_xmit+0x693/0xa50
[  140.188842][ T9603]  dev_queue_xmit+0x13/0x20
[  140.189008][ T9613] loop5: detected capacity change from 0 to 16
[  140.193382][ T9603]  ip_finish_output2+0xa93/0xb10
[  140.193405][ T9603]  ip_do_fragment+0x7c6/0x11f0
[  140.209492][ T9603]  ? ip_fragment+0x130/0x130
[  140.214154][ T9603]  ip_fragment+0xd2/0x130
[  140.218594][ T9603]  ip_finish_output+0x415/0x490
[  140.223585][ T9603]  ? nf_hook_slow+0x13a/0x170
[  140.228257][ T9603]  ip_output+0xf3/0x1a0
[  140.232480][ T9603]  ? mr_table_dump+0x134/0x510
[  140.237228][ T9603]  ? ip_mc_finish_output+0xf0/0xf0
[  140.242358][ T9603]  ip_local_out+0x164/0x220
[  140.246860][ T9603]  ? __ip_local_out+0x1e0/0x1e0
[  140.251693][ T9603]  ip_send_skb+0x27/0x90
[  140.255917][ T9603]  udp_send_skb+0x62d/0x860
[  140.260415][ T9603]  udp_sendmsg+0xfe4/0x12f0
[  140.264916][ T9603]  ? ip_do_fragment+0x11f0/0x11f0
[  140.269979][ T9603]  ? _raw_spin_unlock_bh+0x33/0x40
[  140.275076][ T9603]  ? release_sock+0x104/0x110
[  140.279766][ T9603]  inet_sendmsg+0x5f/0x80
[  140.284095][ T9603]  __sys_sendto+0x2a8/0x370
[  140.288670][ T9603]  ? __cond_resched+0x11/0x40
[  140.293324][ T9603]  ? fput+0x2d/0x130
[  140.297216][ T9603]  __x64_sys_sendto+0x74/0x90
[  140.301896][ T9603]  do_syscall_64+0x3d/0x90
[  140.306505][ T9603]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  140.312390][ T9603] RIP: 0033:0x4665e9
[  140.316264][ T9603] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  140.336133][ T9603] RSP: 002b:00007f8b030f7188 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  140.344525][ T9603] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
08:50:29 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:29 executing program 4 (fault-call:9 fault-nth:22):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:50:29 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, 0x0)
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:50:29 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(r0, 0x0, 0xffffffffffffffff, 0x0, 0x30000033fe0, 0x0)

08:50:29 executing program 1 (fault-call:9 fault-nth:17):
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  140.352478][ T9603] RDX: 000000000000ffe4 RSI: 0000000020865000 RDI: 0000000000000003
[  140.360452][ T9603] RBP: 00007f8b030f71d0 R08: 0000000020fd9ff0 R09: 0000000000000010
[  140.368521][ T9603] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  140.376483][ T9603] R13: 00007ffdd4adc7ef R14: 00007f8b030f7300 R15: 0000000000022000
[  140.384558][    C0] IPv4: Oversized IP packet from 127.0.0.1
[  140.390387][    C0] IPv4: Oversized IP packet from 127.0.0.1
08:50:29 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(0x0, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

[  140.446403][ T9629] loop4: detected capacity change from 0 to 16
[  140.453242][ T9632] loop2: detected capacity change from 0 to 16
[  140.454601][ T9631] loop3: detected capacity change from 0 to 16
[  140.463493][ T9633] FAULT_INJECTION: forcing a failure.
[  140.463493][ T9633] name failslab, interval 1, probability 0, space 0, times 0
[  140.478611][ T9633] CPU: 0 PID: 9633 Comm: syz-executor.1 Not tainted 5.14.0-rc6-syzkaller #0
[  140.487285][ T9633] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  140.497332][ T9633] Call Trace:
[  140.500617][ T9633]  dump_stack_lvl+0xb7/0x103
[  140.505239][ T9633]  dump_stack+0x11/0x1a
[  140.509376][ T9633]  should_fail+0x23c/0x250
[  140.513780][ T9633]  ? skb_clone+0x12c/0x1f0
[  140.518268][ T9633]  __should_failslab+0x81/0x90
[  140.523026][ T9633]  should_failslab+0x5/0x20
[  140.527524][ T9633]  kmem_cache_alloc+0x46/0x2e0
[  140.532270][ T9633]  ? ip4_obj_hashfn+0xad/0x110
[  140.537103][ T9633]  skb_clone+0x12c/0x1f0
[  140.541378][ T9633]  inet_frag_reasm_prepare+0x3e/0x630
[  140.546734][ T9633]  ? ip4_obj_hashfn+0x110/0x110
[  140.551585][ T9633]  ? ip_expire+0x380/0x380
[  140.556085][ T9633]  ? ip4_key_hashfn+0x110/0x110
[  140.560979][ T9633]  ? ip4_obj_hashfn+0x110/0x110
[  140.565844][ T9633]  ip_defrag+0xd3f/0x1160
[  140.570388][ T9633]  ip_check_defrag+0x2ba/0x3c0
[  140.575205][ T9633]  packet_rcv_fanout+0xcb/0xa40
[  140.580053][ T9633]  ? __skb_clone+0x2db/0x300
[  140.584809][ T9633]  ? packet_direct_xmit+0x170/0x170
[  140.590001][ T9633]  dev_queue_xmit_nit+0x5a4/0x5f0
[  140.595069][ T9633]  xmit_one+0x71/0x270
[  140.599133][ T9633]  __dev_queue_xmit+0x693/0xa50
[  140.604015][ T9633]  dev_queue_xmit+0x13/0x20
[  140.608520][ T9633]  ip_finish_output2+0xa93/0xb10
[  140.613698][ T9633]  ip_do_fragment+0x7c6/0x11f0
[  140.618451][ T9633]  ? ip_fragment+0x130/0x130
[  140.623039][ T9633]  ip_fragment+0xd2/0x130
[  140.627429][ T9633]  ip_finish_output+0x415/0x490
[  140.632283][ T9633]  ? nf_hook_slow+0x13a/0x170
[  140.636941][ T9633]  ip_output+0xf3/0x1a0
[  140.641132][ T9633]  ? mr_table_dump+0x134/0x510
[  140.645887][ T9633]  ? ip_mc_finish_output+0xf0/0xf0
[  140.650984][ T9633]  ip_local_out+0x164/0x220
[  140.655473][ T9633]  ? __ip_local_out+0x1e0/0x1e0
[  140.660313][ T9633]  ip_send_skb+0x27/0x90
[  140.664623][ T9633]  udp_send_skb+0x62d/0x860
[  140.669113][ T9633]  udp_sendmsg+0xfe4/0x12f0
[  140.673639][ T9633]  ? ip_do_fragment+0x11f0/0x11f0
[  140.678759][ T9633]  ? _raw_spin_unlock_bh+0x33/0x40
[  140.683853][ T9633]  ? release_sock+0x104/0x110
[  140.688618][ T9633]  inet_sendmsg+0x5f/0x80
[  140.693142][ T9633]  __sys_sendto+0x2a8/0x370
[  140.697645][ T9633]  ? __cond_resched+0x11/0x40
[  140.702408][ T9633]  ? fput+0x2d/0x130
[  140.706337][ T9633]  __x64_sys_sendto+0x74/0x90
[  140.710997][ T9633]  do_syscall_64+0x3d/0x90
[  140.715410][ T9633]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  140.721295][ T9633] RIP: 0033:0x4665e9
[  140.725171][ T9633] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  140.744863][ T9633] RSP: 002b:00007f8b030f7188 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  140.753266][ T9633] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  140.761244][ T9633] RDX: 000000000000ffe4 RSI: 0000000020865000 RDI: 0000000000000003
[  140.769196][ T9633] RBP: 00007f8b030f71d0 R08: 0000000020fd9ff0 R09: 0000000000000010
[  140.777217][ T9633] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  140.785353][ T9633] R13: 00007ffdd4adc7ef R14: 00007f8b030f7300 R15: 0000000000022000
[  140.793398][    C0] IPv4: Oversized IP packet from 127.0.0.1
08:50:29 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:29 executing program 1 (fault-call:9 fault-nth:18):
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:29 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(0x0, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

[  140.821734][ T9648] loop5: detected capacity change from 0 to 16
08:50:29 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:50:29 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

[  140.878498][ T9655] loop2: detected capacity change from 0 to 16
[  140.887154][ T9658] FAULT_INJECTION: forcing a failure.
[  140.887154][ T9658] name failslab, interval 1, probability 0, space 0, times 0
[  140.899919][ T9658] CPU: 1 PID: 9658 Comm: syz-executor.1 Not tainted 5.14.0-rc6-syzkaller #0
[  140.908637][ T9658] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  140.918748][ T9658] Call Trace:
[  140.922025][ T9658]  dump_stack_lvl+0xb7/0x103
[  140.926994][ T9658]  dump_stack+0x11/0x1a
[  140.931160][ T9658]  should_fail+0x23c/0x250
[  140.935607][ T9658]  __should_failslab+0x81/0x90
[  140.940388][ T9658]  should_failslab+0x5/0x20
[  140.944864][ T9658]  kmem_cache_alloc_node_trace+0x58/0x2e0
[  140.950634][ T9658]  ? __kmalloc_node_track_caller+0x30/0x40
[  140.956501][ T9658]  ? ___cache_free+0x3c/0x300
[  140.961158][ T9658]  ? inet_frag_reasm_prepare+0x1fb/0x630
[  140.966837][ T9658]  __kmalloc_node_track_caller+0x30/0x40
[  140.972572][ T9658]  pskb_expand_head+0xc9/0x920
[  140.977314][ T9658]  inet_frag_reasm_prepare+0x1fb/0x630
[  140.982747][ T9658]  ? ip_expire+0x380/0x380
[  140.987154][ T9658]  ? ip4_key_hashfn+0x110/0x110
[  140.991982][ T9658]  ? ip4_obj_hashfn+0x110/0x110
[  140.996823][ T9658]  ip_defrag+0xd3f/0x1160
[  141.001178][ T9658]  ip_check_defrag+0x2ba/0x3c0
[  141.006080][ T9658]  packet_rcv_fanout+0xcb/0xa40
[  141.010912][ T9658]  ? __skb_clone+0x2db/0x300
[  141.015526][ T9658]  ? packet_direct_xmit+0x170/0x170
[  141.020872][ T9658]  dev_queue_xmit_nit+0x5a4/0x5f0
[  141.025966][ T9658]  xmit_one+0x71/0x270
[  141.030103][ T9658]  __dev_queue_xmit+0x693/0xa50
[  141.034955][ T9658]  dev_queue_xmit+0x13/0x20
[  141.039479][ T9658]  ip_finish_output2+0xa93/0xb10
[  141.044456][ T9658]  ip_do_fragment+0x7c6/0x11f0
[  141.049212][ T9658]  ? ip_fragment+0x130/0x130
[  141.053841][ T9658]  ip_fragment+0xd2/0x130
[  141.058250][ T9658]  ip_finish_output+0x415/0x490
[  141.063088][ T9658]  ? nf_hook_slow+0x13a/0x170
[  141.067769][ T9658]  ip_output+0xf3/0x1a0
[  141.072164][ T9658]  ? mr_table_dump+0x134/0x510
[  141.076995][ T9658]  ? ip_mc_finish_output+0xf0/0xf0
[  141.082111][ T9658]  ip_local_out+0x164/0x220
[  141.086663][ T9658]  ? __ip_local_out+0x1e0/0x1e0
[  141.091496][ T9658]  ip_send_skb+0x27/0x90
[  141.095754][ T9658]  udp_send_skb+0x62d/0x860
[  141.100250][ T9658]  udp_sendmsg+0xfe4/0x12f0
[  141.104734][ T9658]  ? ip_do_fragment+0x11f0/0x11f0
[  141.109811][ T9658]  ? _raw_spin_unlock_bh+0x33/0x40
[  141.114986][ T9658]  ? release_sock+0x104/0x110
[  141.119639][ T9658]  inet_sendmsg+0x5f/0x80
[  141.123950][ T9658]  __sys_sendto+0x2a8/0x370
[  141.128475][ T9658]  ? __cond_resched+0x11/0x40
[  141.133128][ T9658]  ? fput+0x2d/0x130
[  141.137098][ T9658]  __x64_sys_sendto+0x74/0x90
[  141.141869][ T9658]  do_syscall_64+0x3d/0x90
[  141.146288][ T9658]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  141.152162][ T9658] RIP: 0033:0x4665e9
[  141.156040][ T9658] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  141.175845][ T9658] RSP: 002b:00007f8b030f7188 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  141.184245][ T9658] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  141.192254][ T9658] RDX: 000000000000ffe4 RSI: 0000000020865000 RDI: 0000000000000003
[  141.200223][ T9658] RBP: 00007f8b030f71d0 R08: 0000000020fd9ff0 R09: 0000000000000010
[  141.208185][ T9658] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  141.216194][ T9658] R13: 00007ffdd4adc7ef R14: 00007f8b030f7300 R15: 0000000000022000
[  141.224311][    C1] IPv4: Oversized IP packet from 127.0.0.1
08:50:30 executing program 1 (fault-call:9 fault-nth:19):
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:30 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(r0, 0x0, r2, 0x0, 0x0, 0x0)

08:50:30 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, 0x0)
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:50:30 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r0, &(0x7f0000000200), 0xf000)

[  141.265488][ T9665] loop5: detected capacity change from 0 to 16
[  141.273516][ T9670] loop2: detected capacity change from 0 to 16
[  141.279481][ T9666] IPv4: Oversized IP packet from 127.0.0.1
[  141.285560][    C1] IPv4: Oversized IP packet from 127.0.0.1
[  141.298665][ T9669] loop4: detected capacity change from 0 to 16
08:50:30 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:30 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x2, 0xf000)

[  141.329667][ T9666] FAULT_INJECTION: forcing a failure.
[  141.329667][ T9666] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  141.332576][ T9682] loop3: detected capacity change from 0 to 16
[  141.343282][ T9666] CPU: 1 PID: 9666 Comm: syz-executor.1 Not tainted 5.14.0-rc6-syzkaller #0
[  141.358074][ T9666] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  141.369045][ T9666] Call Trace:
[  141.372322][ T9666]  dump_stack_lvl+0xb7/0x103
[  141.376923][ T9666]  dump_stack+0x11/0x1a
[  141.381075][ T9666]  should_fail+0x23c/0x250
[  141.385495][ T9666]  should_fail_usercopy+0x16/0x20
[  141.390588][ T9666]  _copy_to_user+0x1c/0x90
[  141.394984][ T9666]  simple_read_from_buffer+0xab/0x120
[  141.400430][ T9666]  proc_fail_nth_read+0xf6/0x140
[  141.405354][ T9666]  ? rw_verify_area+0x136/0x250
[  141.410215][ T9666]  ? proc_fault_inject_write+0x200/0x200
[  141.415987][ T9666]  vfs_read+0x154/0x5d0
[  141.420119][ T9666]  ? finish_task_switch+0xce/0x290
[  141.425212][ T9666]  ? __fget_light+0x21b/0x260
[  141.429867][ T9666]  ? __cond_resched+0x11/0x40
[  141.434544][ T9666]  ksys_read+0xce/0x180
[  141.438724][ T9666]  __x64_sys_read+0x3e/0x50
[  141.443214][ T9666]  do_syscall_64+0x3d/0x90
[  141.447620][ T9666]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  141.453561][ T9666] RIP: 0033:0x41936c
[  141.457510][ T9666] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48
08:50:30 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  141.477089][ T9666] RSP: 002b:00007f8b030f7170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  141.485509][ T9666] RAX: ffffffffffffffda RBX: 000000000000ffe4 RCX: 000000000041936c
[  141.493456][ T9666] RDX: 000000000000000f RSI: 00007f8b030f71e0 RDI: 0000000000000006
[  141.501750][ T9666] RBP: 00007f8b030f71d0 R08: 0000000000000000 R09: 0000000000000010
[  141.509697][ T9666] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  141.517694][ T9666] R13: 00007ffdd4adc7ef R14: 00007f8b030f7300 R15: 0000000000022000
08:50:30 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r0, &(0x7f0000000200), 0xf000)

08:50:30 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, 0x0)
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

[  141.544760][ T9690] loop2: detected capacity change from 0 to 16
[  141.548587][ T9691] IPv4: Oversized IP packet from 127.0.0.1
[  141.556872][    C0] IPv4: Oversized IP packet from 127.0.0.1
[  141.582657][ T9698] loop4: detected capacity change from 0 to 16
08:50:30 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0x74, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:30 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:30 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x3, 0xf000)

[  141.589993][ T9699] loop5: detected capacity change from 0 to 16
08:50:30 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0x8074, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  141.639607][ T9712] loop2: detected capacity change from 0 to 16
[  141.650474][ T9714] loop5: detected capacity change from 0 to 16
[  141.653926][ T9718] loop3: detected capacity change from 0 to 16
[  141.687923][ T9724] loop4: detected capacity change from 0 to 16
08:50:31 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:31 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(r0, 0x0, r2, 0x0, 0x0, 0x0)

08:50:31 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r0, &(0x7f0000000200), 0xf000)

08:50:31 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0x20874fe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:31 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x4, 0xf000)

08:50:31 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:50:31 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0x7ffff000, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:31 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r0, &(0x7f0000000200), 0xf000)

[  142.149112][ T9747] loop5: detected capacity change from 0 to 16
[  142.149406][ T9749] loop3: detected capacity change from 0 to 16
[  142.168243][ T9751] loop2: detected capacity change from 0 to 16
[  142.174680][ T9752] loop4: detected capacity change from 0 to 16
08:50:31 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, 0x0, 0x0)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:31 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xfffffdef, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:31 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:50:31 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x5, 0xf000)

[  142.253654][ T9771] loop5: detected capacity change from 0 to 16
08:50:31 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r0, &(0x7f0000000200), 0xf000)

[  142.300469][ T9783] loop2: detected capacity change from 0 to 16
[  142.341166][ T9792] loop4: detected capacity change from 0 to 16
[  142.341167][ T9790] loop3: detected capacity change from 0 to 16
[  142.392674][ T9804] loop5: detected capacity change from 0 to 16
08:50:31 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(r0, 0x0, r2, 0x0, 0x0, 0x0)

08:50:31 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x2, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:31 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, 0x0, 0x0)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:31 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:50:31 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x6, 0xf000)

08:50:31 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r0, &(0x7f0000000200), 0xf000)

[  143.013809][ T9823] loop5: detected capacity change from 0 to 16
[  143.018303][ T9826] loop4: detected capacity change from 0 to 16
[  143.025899][ T9827] loop2: detected capacity change from 0 to 16
[  143.026766][ T9825] loop3: detected capacity change from 0 to 16
[  143.042159][ T9828] IPv4: Oversized IP packet from 127.0.0.1
[  143.048077][    C1] IPv4: Oversized IP packet from 127.0.0.1
08:50:32 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x7, 0xf000)

08:50:32 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, 0x0, 0x0)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:32 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, 0x0, 0x0)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:32 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(0x0, 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:50:32 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x3, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  143.141720][ T9853] loop4: detected capacity change from 0 to 16
[  143.155242][ T9855] loop5: detected capacity change from 0 to 16
[  143.156452][ T9858] loop2: detected capacity change from 0 to 16
08:50:32 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x4, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  143.191288][ T9866] loop3: detected capacity change from 0 to 16
08:50:32 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x5, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:32 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, 0x0, 0x0)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:32 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x8, 0xf000)

08:50:32 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080), 0x0)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:32 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(0x0, 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:50:32 executing program 0 (fault-call:6 fault-nth:0):
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x0)

08:50:32 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x6, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  143.901345][ T9890] loop4: detected capacity change from 0 to 16
[  143.913747][ T9897] loop2: detected capacity change from 0 to 16
[  143.928305][ T9891] loop3: detected capacity change from 0 to 16
[  143.928494][ T9890] handle_bad_sector: 108 callbacks suppressed
[  143.928504][ T9890] attempt to access beyond end of device
[  143.928504][ T9890] loop4: rw=2049, want=124, limit=16
[  143.934876][ T9893] loop5: detected capacity change from 0 to 16
[  143.954991][ T9901] FAULT_INJECTION: forcing a failure.
[  143.954991][ T9901] name failslab, interval 1, probability 0, space 0, times 0
[  143.970389][ T9901] CPU: 1 PID: 9901 Comm: syz-executor.0 Not tainted 5.14.0-rc6-syzkaller #0
[  143.979060][ T9901] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  143.989117][ T9901] Call Trace:
[  143.992592][ T9901]  dump_stack_lvl+0xb7/0x103
[  143.997184][ T9901]  dump_stack+0x11/0x1a
[  144.001341][ T9901]  should_fail+0x23c/0x250
[  144.005866][ T9901]  __should_failslab+0x81/0x90
[  144.010716][ T9901]  should_failslab+0x5/0x20
[  144.012580][ T9897] attempt to access beyond end of device
[  144.012580][ T9897] loop2: rw=2049, want=122, limit=16
[  144.015212][ T9901]  kmem_cache_alloc_node_trace+0x58/0x2e0
[  144.026276][ T9897] buffer_io_error: 101 callbacks suppressed
[  144.026286][ T9897] Buffer I/O error on dev loop2, logical block 121, lost async page write
[  144.032013][ T9901]  ? __get_vm_area_node+0x11b/0x260
[  144.032047][ T9901]  ? local_bh_enable+0x1b/0x20
[  144.042896][ T9891] attempt to access beyond end of device
[  144.042896][ T9891] loop3: rw=2049, want=122, limit=16
[  144.046470][ T9901]  ? lock_sock_nested+0x128/0x160
[  144.051687][ T9891] Buffer I/O error on dev loop3, logical block 121, lost async page write
[  144.056490][ T9901]  __get_vm_area_node+0x11b/0x260
[  144.085732][ T9901]  __vmalloc_node_range+0xb7/0x5a0
[  144.090919][ T9901]  ? netlink_sendmsg+0x427/0x7c0
[  144.095923][ T9901]  ? rht_key_hashfn+0x60/0x60
[  144.100660][ T9901]  ? netlink_hash+0x90/0x90
[  144.105165][ T9901]  ? netlink_sendmsg+0x427/0x7c0
[  144.110099][ T9901]  vmalloc+0x5a/0x70
[  144.113994][ T9901]  ? netlink_sendmsg+0x427/0x7c0
[  144.119021][ T9901]  netlink_sendmsg+0x427/0x7c0
[  144.123782][ T9901]  ? netlink_getsockopt+0x720/0x720
[  144.128902][ T9891] attempt to access beyond end of device
[  144.128902][ T9891] loop3: rw=2049, want=123, limit=16
[  144.128995][ T9901]  kernel_sendmsg+0x97/0xd0
[  144.139787][ T9891] Buffer I/O error on dev loop3, logical block 122, lost async page write
[  144.144319][ T9901]  sock_no_sendpage+0x84/0xb0
[  144.155684][ T9897] attempt to access beyond end of device
[  144.155684][ T9897] loop2: rw=2049, want=123, limit=16
[  144.157529][ T9901]  ? remove_waiter+0x151/0x440
[  144.157551][ T9901]  ? __receive_sock+0x20/0x20
[  144.168538][ T9897] Buffer I/O error on dev loop2, logical block 122, lost async page write
[  144.173266][ T9901]  kernel_sendpage+0x187/0x200
[  144.179396][ T9897] attempt to access beyond end of device
[  144.179396][ T9897] loop2: rw=2049, want=124, limit=16
[  144.186391][ T9901]  ? __receive_sock+0x20/0x20
[  144.186413][ T9901]  sock_sendpage+0x5a/0x70
[  144.191285][ T9897] Buffer I/O error on dev loop2, logical block 123, lost async page write
[  144.201990][ T9901]  pipe_to_sendpage+0x128/0x160
[  144.208047][ T9891] attempt to access beyond end of device
[  144.208047][ T9891] loop3: rw=2049, want=124, limit=16
[  144.211113][ T9901]  ? sock_fasync+0xc0/0xc0
[  144.219793][ T9891] Buffer I/O error on dev loop3, logical block 123, lost async page write
[  144.224603][ T9901]  __splice_from_pipe+0x207/0x500
[  144.236231][ T9897] attempt to access beyond end of device
[  144.236231][ T9897] loop2: rw=2049, want=125, limit=16
[  144.239724][ T9901]  ? generic_splice_sendpage+0xb0/0xb0
[  144.239751][ T9901]  generic_splice_sendpage+0x80/0xb0
[  144.248248][ T9897] Buffer I/O error on dev loop2, logical block 124, lost async page write
[  144.253234][ T9901]  ? iter_file_splice_write+0x750/0x750
[  144.265374][ T9891] attempt to access beyond end of device
[  144.265374][ T9891] loop3: rw=2049, want=125, limit=16
[  144.269390][ T9901]  do_splice+0x9aa/0xd30
[  144.269416][ T9901]  ? vfs_write+0x50c/0x770
[  144.274795][ T9891] Buffer I/O error on dev loop3, logical block 124, lost async page write
[  144.283306][ T9901]  ? __fget_light+0x21b/0x260
[  144.283327][ T9901]  __se_sys_splice+0x2a6/0x390
[  144.290183][ T9897] attempt to access beyond end of device
[  144.290183][ T9897] loop2: rw=2049, want=126, limit=16
[  144.299583][ T9901]  __x64_sys_splice+0x74/0x80
[  144.299608][ T9901]  do_syscall_64+0x3d/0x90
[  144.299627][ T9901]  entry_SYSCALL_64_after_hwframe+0x44/0xae
08:50:33 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(0x0, 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:50:33 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x9, 0xf000)

08:50:33 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080), 0x0)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

[  144.303847][ T9897] Buffer I/O error on dev loop2, logical block 125, lost async page write
[  144.308235][ T9901] RIP: 0033:0x4665e9
[  144.308249][ T9901] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  144.318263][ T9891] Buffer I/O error on dev loop3, logical block 125, lost async page write
[  144.321370][ T9901] RSP: 002b:00007f7453ae6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000113
[  144.321389][ T9901] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665e9
[  144.409091][ T9901] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003
[  144.417049][ T9901] RBP: 00007f7453ae61d0 R08: 0000030000033fe0 R09: 0000000000000000
[  144.425013][ T9901] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  144.432967][ T9901] R13: 00007ffda37b726f R14: 00007f7453ae6300 R15: 0000000000022000
[  144.440978][ T9901] syz-executor.0: vmalloc error: size 4416, vm_struct allocation failed, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0
[  144.455016][ T9901] CPU: 1 PID: 9901 Comm: syz-executor.0 Not tainted 5.14.0-rc6-syzkaller #0
[  144.463678][ T9901] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  144.473711][ T9901] Call Trace:
[  144.476985][ T9901]  dump_stack_lvl+0xb7/0x103
[  144.481693][ T9901]  dump_stack+0x11/0x1a
[  144.485835][ T9901]  warn_alloc+0x105/0x160
[  144.490252][ T9901]  ? lock_sock_nested+0x128/0x160
[  144.495316][ T9901]  __vmalloc_node_range+0x20f/0x5a0
[  144.500502][ T9901]  ? rht_key_hashfn+0x60/0x60
[  144.505233][ T9901]  ? netlink_hash+0x90/0x90
[  144.509804][ T9901]  ? netlink_sendmsg+0x427/0x7c0
[  144.514788][ T9901]  vmalloc+0x5a/0x70
[  144.518665][ T9901]  ? netlink_sendmsg+0x427/0x7c0
[  144.523665][ T9901]  netlink_sendmsg+0x427/0x7c0
[  144.528569][ T9901]  ? netlink_getsockopt+0x720/0x720
[  144.533907][ T9901]  kernel_sendmsg+0x97/0xd0
[  144.538434][ T9901]  sock_no_sendpage+0x84/0xb0
[  144.543093][ T9901]  ? remove_waiter+0x151/0x440
[  144.547834][ T9901]  ? __receive_sock+0x20/0x20
[  144.552490][ T9901]  kernel_sendpage+0x187/0x200
[  144.557258][ T9901]  ? __receive_sock+0x20/0x20
[  144.561935][ T9901]  sock_sendpage+0x5a/0x70
[  144.566418][ T9901]  pipe_to_sendpage+0x128/0x160
[  144.571248][ T9901]  ? sock_fasync+0xc0/0xc0
[  144.575700][ T9901]  __splice_from_pipe+0x207/0x500
[  144.580763][ T9901]  ? generic_splice_sendpage+0xb0/0xb0
[  144.586379][ T9901]  generic_splice_sendpage+0x80/0xb0
[  144.591654][ T9901]  ? iter_file_splice_write+0x750/0x750
[  144.597512][ T9901]  do_splice+0x9aa/0xd30
[  144.601826][ T9901]  ? vfs_write+0x50c/0x770
[  144.606219][ T9901]  ? __fget_light+0x21b/0x260
[  144.611002][ T9901]  __se_sys_splice+0x2a6/0x390
[  144.615846][ T9901]  __x64_sys_splice+0x74/0x80
[  144.620537][ T9901]  do_syscall_64+0x3d/0x90
[  144.624949][ T9901]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  144.631475][ T9901] RIP: 0033:0x4665e9
[  144.635361][ T9901] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  144.655107][ T9901] RSP: 002b:00007f7453ae6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000113
[  144.663514][ T9901] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665e9
[  144.671471][ T9901] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003
[  144.679436][ T9901] RBP: 00007f7453ae61d0 R08: 0000030000033fe0 R09: 0000000000000000
[  144.687387][ T9901] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  144.695429][ T9901] R13: 00007ffda37b726f R14: 00007f7453ae6300 R15: 0000000000022000
[  144.703424][ T9901] Mem-Info:
[  144.706529][ T9901] active_anon:71 inactive_anon:81942 isolated_anon:0
[  144.706529][ T9901]  active_file:5225 inactive_file:38629 isolated_file:0
[  144.706529][ T9901]  unevictable:0 dirty:275 writeback:0
[  144.706529][ T9901]  slab_reclaimable:3756 slab_unreclaimable:5987
[  144.706529][ T9901]  mapped:60290 shmem:2618 pagetables:1140 bounce:0
[  144.706529][ T9901]  free:1826871 free_pcp:2913 free_cma:0
[  144.743513][ T9901] Node 0 active_anon:284kB inactive_anon:327768kB active_file:20900kB inactive_file:154516kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:241160kB dirty:1100kB writeback:0kB shmem:10472kB writeback_tmp:0kB kernel_stack:1776kB pagetables:4560kB all_unreclaimable? no
[  144.770464][ T9901] Node 0 DMA free:15360kB min:20kB low:32kB high:44kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  144.796378][ T9901] lowmem_reserve[]: 0 2942 7920 7920
[  144.801826][ T9901] Node 0 DMA32 free:3014332kB min:4224kB low:7236kB high:10248kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:3017344kB mlocked:0kB bounce:0kB free_pcp:3012kB local_pcp:2960kB free_cma:0kB
[  144.829995][ T9901] lowmem_reserve[]: 0 0 4978 4978
[  144.835022][ T9901] Node 0 Normal free:4277792kB min:7152kB low:12248kB high:17344kB reserved_highatomic:0KB active_anon:284kB inactive_anon:327768kB active_file:20900kB inactive_file:154516kB unevictable:0kB writepending:1100kB present:5242880kB managed:5098028kB mlocked:0kB bounce:0kB free_pcp:8684kB local_pcp:5892kB free_cma:0kB
[  144.864978][ T9901] lowmem_reserve[]: 0 0 0 0
[  144.869518][ T9901] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  144.882338][ T9901] Node 0 DMA32: 3*4kB (M) 2*8kB (M) 4*16kB (M) 3*32kB (M) 2*64kB (M) 3*128kB (M) 2*256kB (M) 3*512kB (M) 3*1024kB (M) 1*2048kB (M) 734*4096kB (M) = 3014332kB
[  144.898340][ T9901] Node 0 Normal: 10*4kB (UE) 73*8kB (U) 25*16kB (UME) 49*32kB (UM) 34*64kB (UME) 3*128kB (UM) 2*256kB (UM) 4*512kB (M) 4*1024kB (ME) 3*2048kB (M) 1040*4096kB (UM) = 4277792kB
[  144.916047][ T9901] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[  144.925343][ T9901] 17184 total pagecache pages
[  144.930019][ T9901] 0 pages in swap cache
[  144.934158][ T9901] Swap cache stats: add 0, delete 0, find 0/0
[  144.940264][ T9901] Free swap  = 0kB
[  144.944051][ T9901] Total swap = 0kB
[  144.947746][ T9901] 2097051 pages RAM
08:50:33 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x0)

08:50:33 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, 0x0, 0x0)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:33 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x7, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  144.951658][ T9901] 0 pages HighMem/MovableOnly
[  144.956499][ T9901] 64368 pages reserved
08:50:34 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x8, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  145.033587][ T9939] loop3: detected capacity change from 0 to 16
[  145.044266][ T9941] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  145.044915][ T9942] loop2: detected capacity change from 0 to 16
[  145.059198][ T9943] loop5: detected capacity change from 0 to 16
[  145.061136][ T9945] loop4: detected capacity change from 0 to 16
08:50:34 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080), 0x0)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:34 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:50:34 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x9, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:34 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0xa, 0xf000)

08:50:34 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080), 0x0)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:34 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xa, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:34 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xb, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:34 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x0, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

[  145.171045][ T9966] loop2: detected capacity change from 0 to 16
[  145.191887][ T9971] loop5: detected capacity change from 0 to 16
[  145.210580][ T9977] loop3: detected capacity change from 0 to 16
[  145.239100][ T9982] loop4: detected capacity change from 0 to 16
[  145.282622][ T9992] loop2: detected capacity change from 0 to 16
08:50:34 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(r0, 0x0, r2, 0x0, 0xffffffffffffffff, 0x0)

08:50:34 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:50:34 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080), 0x0)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:34 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0xb, 0xf000)

08:50:34 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xc, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:34 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x0, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

[  145.847302][T10007] net_ratelimit: 6 callbacks suppressed
[  145.847316][T10007] IPv4: Oversized IP packet from 127.0.0.1
[  145.858951][    C1] IPv4: Oversized IP packet from 127.0.0.1
[  145.865965][T10008] loop5: detected capacity change from 0 to 16
[  145.868406][T10011] loop4: detected capacity change from 0 to 16
[  145.872856][T10010] loop2: detected capacity change from 0 to 16
[  145.879908][T10012] loop3: detected capacity change from 0 to 16
08:50:34 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080), 0x0)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:34 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x0, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:34 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:50:34 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xd, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:34 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0xc, 0xf000)

[  145.975806][T10029] loop5: detected capacity change from 0 to 16
08:50:34 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xe, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  146.018160][T10041] loop2: detected capacity change from 0 to 16
[  146.028551][T10045] loop3: detected capacity change from 0 to 16
[  146.041331][T10047] loop4: detected capacity change from 0 to 16
[  146.050459][T10046] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  146.072117][T10051] IPv4: Oversized IP packet from 127.0.0.1
[  146.078015][    C1] IPv4: Oversized IP packet from 127.0.0.1
08:50:35 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x2)

08:50:35 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x0, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:35 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, 0x0, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:35 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000740)=ANY=[], 0x178)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:35 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xf, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:35 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0xd, 0xf000)

08:50:35 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x10, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:35 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, 0x0, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

[  146.736280][T10077] loop2: detected capacity change from 0 to 16
[  146.750163][T10081] loop4: detected capacity change from 0 to 16
[  146.752731][T10080] loop3: detected capacity change from 0 to 16
[  146.766401][T10086] loop5: detected capacity change from 0 to 16
08:50:35 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x0, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:35 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0xe, 0xf000)

08:50:35 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000740)=ANY=[], 0x178)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:35 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x11, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  146.828907][T10097] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  146.861723][T10104] loop2: detected capacity change from 0 to 16
[  146.868551][T10107] loop5: detected capacity change from 0 to 16
[  146.907180][T10117] loop4: detected capacity change from 0 to 16
[  146.924392][T10119] loop3: detected capacity change from 0 to 16
08:50:36 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x3)

08:50:36 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x0, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:36 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x12, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:36 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000740)=ANY=[], 0x178)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:36 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, 0x0, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:36 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0xf, 0xf000)

08:50:36 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, 0x0, 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:50:36 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x18, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  147.618304][T10142] loop3: detected capacity change from 0 to 16
[  147.621155][T10143] loop5: detected capacity change from 0 to 16
[  147.637674][T10144] loop4: detected capacity change from 0 to 16
[  147.644106][T10146] loop2: detected capacity change from 0 to 16
08:50:36 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, 0x0, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

[  147.682082][T10160] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  147.700314][T10162] loop3: detected capacity change from 0 to 16
08:50:36 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000), 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:36 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x10, 0xf000)

08:50:36 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x25, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  147.766889][T10173] loop5: detected capacity change from 0 to 16
[  147.800186][T10184] loop4: detected capacity change from 0 to 16
[  147.826262][T10187] loop2: detected capacity change from 0 to 16
08:50:37 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x4)

08:50:37 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, 0x0, 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:50:37 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x48, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:37 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, 0x0, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:37 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x22, 0xf000)

08:50:37 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000), 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

[  148.495200][T10209] loop4: detected capacity change from 0 to 16
[  148.501336][T10212] loop2: detected capacity change from 0 to 16
[  148.502161][T10211] loop5: detected capacity change from 0 to 16
[  148.508748][T10213] loop3: detected capacity change from 0 to 16
[  148.528476][T10214] IPv4: Oversized IP packet from 127.0.0.1
[  148.534459][    C1] IPv4: Oversized IP packet from 127.0.0.1
08:50:37 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000), 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:37 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, 0x0, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:37 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x6f, 0xf000)

08:50:37 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x4c, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:37 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, 0x0, 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

[  148.573875][T10227] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  148.628544][T10239] loop4: detected capacity change from 0 to 16
[  148.635708][T10241] loop2: detected capacity change from 0 to 16
[  148.647539][T10243] loop5: detected capacity change from 0 to 16
[  148.655998][T10245] IPv4: Oversized IP packet from 127.0.0.1
[  148.661912][    C0] IPv4: Oversized IP packet from 127.0.0.1
[  148.673523][T10242] loop3: detected capacity change from 0 to 16
08:50:37 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

[  148.758321][T10261] loop3: detected capacity change from 0 to 16
08:50:38 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x5)

08:50:38 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000), 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:38 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x75, 0xf000)

08:50:38 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x60, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:38 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:38 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

[  149.366611][T10279] loop3: detected capacity change from 0 to 16
[  149.371935][T10280] loop5: detected capacity change from 0 to 16
[  149.373056][T10281] loop2: detected capacity change from 0 to 16
[  149.382020][T10283] IPv4: Oversized IP packet from 127.0.0.1
[  149.386464][T10284] loop4: detected capacity change from 0 to 16
[  149.391036][    C1] IPv4: Oversized IP packet from 127.0.0.1
[  149.420046][T10281] handle_bad_sector: 216 callbacks suppressed
[  149.420058][T10281] attempt to access beyond end of device
[  149.420058][T10281] loop2: rw=2049, want=123, limit=16
[  149.437012][T10281] buffer_io_error: 206 callbacks suppressed
[  149.437023][T10281] Buffer I/O error on dev loop2, logical block 122, lost async page write
[  149.460252][T10280] attempt to access beyond end of device
[  149.460252][T10280] loop5: rw=2049, want=123, limit=16
[  149.467355][T10281] attempt to access beyond end of device
[  149.467355][T10281] loop2: rw=2049, want=124, limit=16
[  149.471087][T10280] Buffer I/O error on dev loop5, logical block 122, lost async page write
[  149.472406][T10280] attempt to access beyond end of device
[  149.472406][T10280] loop5: rw=2049, want=124, limit=16
[  149.481905][T10281] Buffer I/O error on dev loop2, logical block 123, lost async page write
[  149.493471][T10281] attempt to access beyond end of device
[  149.493471][T10281] loop2: rw=2049, want=125, limit=16
08:50:38 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

[  149.501186][T10280] Buffer I/O error on dev loop5, logical block 123, lost async page write
[  149.509779][T10281] Buffer I/O error on dev loop2, logical block 124, lost async page write
[  149.542262][T10301] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  149.548908][T10281] attempt to access beyond end of device
[  149.548908][T10281] loop2: rw=2049, want=126, limit=16
[  149.562253][T10281] Buffer I/O error on dev loop2, logical block 125, lost async page write
08:50:38 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x64, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:38 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0xca, 0xf000)

[  149.562406][T10280] attempt to access beyond end of device
[  149.562406][T10280] loop5: rw=2049, want=125, limit=16
[  149.577813][T10281] attempt to access beyond end of device
[  149.577813][T10281] loop2: rw=2049, want=127, limit=16
[  149.581692][T10280] Buffer I/O error on dev loop5, logical block 124, lost async page write
[  149.592525][T10281] Buffer I/O error on dev loop2, logical block 126, lost async page write
[  149.612533][T10281] attempt to access beyond end of device
08:50:38 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x68, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  149.612533][T10281] loop2: rw=2049, want=128, limit=16
[  149.623447][T10281] Buffer I/O error on dev loop2, logical block 127, lost async page write
[  149.638081][T10280] attempt to access beyond end of device
[  149.638081][T10280] loop5: rw=2049, want=126, limit=16
[  149.649077][T10280] Buffer I/O error on dev loop5, logical block 125, lost async page write
08:50:38 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x6c, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:38 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

[  149.677628][T10318] loop3: detected capacity change from 0 to 16
[  149.680237][T10319] loop4: detected capacity change from 0 to 16
[  149.760951][T10334] loop2: detected capacity change from 0 to 16
08:50:39 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x6)

08:50:39 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0xcc, 0xf000)

08:50:39 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000), 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:39 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:39 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x74, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:39 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:39 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000), 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:39 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x7a, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:39 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

[  150.283085][T10353] loop3: detected capacity change from 0 to 16
[  150.285177][T10351] loop5: detected capacity change from 0 to 16
[  150.303393][T10360] loop4: detected capacity change from 0 to 16
[  150.318218][T10361] loop2: detected capacity change from 0 to 16
08:50:39 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0xcd, 0xf000)

08:50:39 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:39 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

[  150.390472][T10373] loop5: detected capacity change from 0 to 16
[  150.409224][T10383] loop3: detected capacity change from 0 to 16
[  150.413372][T10382] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  150.474308][T10391] loop4: detected capacity change from 0 to 16
[  150.489019][T10396] loop2: detected capacity change from 0 to 16
[  150.507294][T10400] loop3: detected capacity change from 0 to 16
08:50:40 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x7)

08:50:40 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xe0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:40 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:40 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:40 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0xf0, 0xf000)

08:50:40 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, 0x0, 0x0)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:50:40 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x1f4, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  151.207080][T10422] net_ratelimit: 6 callbacks suppressed
[  151.207125][T10422] IPv4: Oversized IP packet from 127.0.0.1
[  151.208170][T10421] loop5: detected capacity change from 0 to 16
[  151.212766][    C0] IPv4: Oversized IP packet from 127.0.0.1
[  151.219770][T10423] loop2: detected capacity change from 0 to 16
[  151.226479][T10424] loop4: detected capacity change from 0 to 16
[  151.230939][T10425] loop3: detected capacity change from 0 to 16
08:50:40 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:40 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x204, 0xf000)

08:50:40 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:40 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x300, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:40 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000200), 0xf000)

[  151.290875][T10437] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  151.328055][T10443] loop2: detected capacity change from 0 to 16
[  151.366584][T10454] IPv4: Oversized IP packet from 127.0.0.1
[  151.372662][    C0] IPv4: Oversized IP packet from 127.0.0.1
[  151.380076][T10455] loop4: detected capacity change from 0 to 16
[  151.388045][T10457] loop5: detected capacity change from 0 to 16
[  151.439409][T10467] loop2: detected capacity change from 0 to 16
08:50:41 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, 0x0, 0x0)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:50:41 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:41 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x8)

08:50:41 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x3e8, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:41 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x300, 0xf000)

08:50:41 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000200), 0xf000)

08:50:41 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, 0x0, 0x0)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

[  152.092544][T10485] loop4: detected capacity change from 0 to 16
[  152.096766][T10484] loop3: detected capacity change from 0 to 16
[  152.099049][T10486] loop2: detected capacity change from 0 to 16
[  152.108203][T10487] IPv4: Oversized IP packet from 127.0.0.1
[  152.113921][T10489] loop5: detected capacity change from 0 to 16
[  152.116935][    C1] IPv4: Oversized IP packet from 127.0.0.1
08:50:41 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000200), 0xf000)

08:50:41 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:41 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x402, 0xf000)

08:50:41 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x500, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  152.206140][T10506] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  152.216407][T10510] loop3: detected capacity change from 0 to 16
[  152.237503][T10515] IPv4: Oversized IP packet from 127.0.0.1
[  152.243485][    C1] IPv4: Oversized IP packet from 127.0.0.1
[  152.249650][T10509] loop2: detected capacity change from 0 to 16
08:50:41 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080), 0x0)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:50:41 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, 0x0, 0x0)

08:50:41 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

[  152.297678][T10526] loop5: detected capacity change from 0 to 16
[  152.309044][T10527] loop4: detected capacity change from 0 to 16
[  152.366612][T10542] loop3: detected capacity change from 0 to 16
[  152.384302][T10539] loop5: detected capacity change from 0 to 16
[  152.405210][T10550] loop2: detected capacity change from 0 to 16
08:50:41 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x9)

08:50:41 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x600, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:41 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x406, 0xf000)

08:50:41 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080), 0x0)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:50:41 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:41 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, 0x0, 0x0)

08:50:42 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, 0x0, 0x0)

08:50:42 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x700, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  153.007715][T10564] loop2: detected capacity change from 0 to 16
[  153.008921][T10563] loop4: detected capacity change from 0 to 16
[  153.014221][T10566] loop3: detected capacity change from 0 to 16
[  153.028656][T10568] IPv4: Oversized IP packet from 127.0.0.1
[  153.034527][    C0] IPv4: Oversized IP packet from 127.0.0.1
[  153.046651][T10567] loop5: detected capacity change from 0 to 16
08:50:42 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x500, 0xf000)

08:50:42 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080), 0x0)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:50:42 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000200), 0xf000)

08:50:42 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x810, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  153.124627][T10583] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  153.136005][T10589] loop2: detected capacity change from 0 to 16
[  153.151191][T10590] loop4: detected capacity change from 0 to 16
[  153.155750][T10597] loop3: detected capacity change from 0 to 16
[  153.225828][T10608] loop5: detected capacity change from 0 to 16
08:50:42 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0xa)

08:50:42 executing program 2 (fault-call:7 fault-nth:0):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:42 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x0, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:50:42 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x600, 0xf000)

08:50:42 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x900, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:42 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000200), 0xf000)

08:50:42 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000200), 0xf000)

[  153.904992][T10628] loop5: detected capacity change from 0 to 16
[  153.914895][T10630] loop2: detected capacity change from 0 to 16
[  153.923811][T10633] loop4: detected capacity change from 0 to 16
[  153.938118][T10634] loop3: detected capacity change from 0 to 16
[  153.959437][T10630] FAULT_INJECTION: forcing a failure.
[  153.959437][T10630] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  153.972922][T10630] CPU: 0 PID: 10630 Comm: syz-executor.2 Not tainted 5.14.0-rc6-syzkaller #0
[  153.982475][T10630] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  153.986965][T10647] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  153.992640][T10630] Call Trace:
08:50:42 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x604, 0xf000)

08:50:42 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xa00, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  153.992650][T10630]  dump_stack_lvl+0xb7/0x103
[  153.992674][T10630]  dump_stack+0x11/0x1a
[  153.992687][T10630]  should_fail+0x23c/0x250
[  154.019158][T10630]  __alloc_pages+0x102/0x320
[  154.023798][T10630]  alloc_pages+0x2e8/0x340
[  154.028226][T10630]  __page_cache_alloc+0x4d/0xf0
[  154.033174][T10630]  pagecache_get_page+0x5f4/0x900
[  154.038343][T10630]  grab_cache_page_write_begin+0x3f/0x70
[  154.043988][T10630]  cont_write_begin+0x501/0x850
[  154.048850][T10630]  fat_write_begin+0x61/0xf0
[  154.053617][T10630]  ? fat_block_truncate_page+0x30/0x30
[  154.059879][T10630]  generic_perform_write+0x196/0x3c0
[  154.065292][T10630]  __generic_file_write_iter+0x202/0x300
[  154.071079][T10630]  ? generic_write_checks+0x250/0x290
[  154.076475][T10630]  generic_file_write_iter+0x75/0x130
[  154.081842][T10630]  vfs_write+0x69d/0x770
[  154.086170][T10630]  ksys_write+0xce/0x180
[  154.090417][T10630]  __x64_sys_write+0x3e/0x50
[  154.095021][T10630]  do_syscall_64+0x3d/0x90
[  154.099509][T10630]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  154.105490][T10630] RIP: 0033:0x4665e9
[  154.109382][T10630] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  154.129218][T10630] RSP: 002b:00007f6378f72188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  154.137647][T10630] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  154.145699][T10630] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000004
08:50:43 executing program 2 (fault-call:7 fault-nth:1):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:43 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x0, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:50:43 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xb00, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  154.153680][T10630] RBP: 00007f6378f721d0 R08: 0000000000000000 R09: 0000000000000000
[  154.161708][T10630] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  154.169862][T10630] R13: 00007ffe6f0dae5f R14: 00007f6378f72300 R15: 0000000000022000
[  154.188345][T10646] loop5: detected capacity change from 0 to 16
[  154.253113][T10672] loop2: detected capacity change from 0 to 16
[  154.264779][T10672] FAULT_INJECTION: forcing a failure.
[  154.264779][T10672] name failslab, interval 1, probability 0, space 0, times 0
[  154.271651][T10674] loop4: detected capacity change from 0 to 16
[  154.278042][T10672] CPU: 1 PID: 10672 Comm: syz-executor.2 Not tainted 5.14.0-rc6-syzkaller #0
[  154.293092][T10672] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  154.303750][T10672] Call Trace:
[  154.307280][T10672]  dump_stack_lvl+0xb7/0x103
[  154.311861][T10672]  dump_stack+0x11/0x1a
[  154.316090][T10672]  should_fail+0x23c/0x250
[  154.320504][T10672]  ? fat_cache_add+0x219/0x570
[  154.325290][T10672]  __should_failslab+0x81/0x90
[  154.330099][T10672]  should_failslab+0x5/0x20
[  154.334590][T10672]  kmem_cache_alloc+0x46/0x2e0
[  154.339360][T10672]  fat_cache_add+0x219/0x570
[  154.344230][T10672]  fat_get_cluster+0x58e/0x870
[  154.349327][T10672]  ? __brelse+0x2c/0x50
[  154.353582][T10672]  fat_get_mapped_cluster+0xd0/0x250
[  154.359604][T10672]  fat_bmap+0x258/0x290
[  154.363836][T10672]  fat_get_block+0x36d/0x5a0
[  154.368798][T10672]  __block_write_begin_int+0x4a2/0x1060
[  154.374793][T10672]  ? fat_block_truncate_page+0x30/0x30
[  154.380473][T10672]  ? wait_for_stable_page+0x56/0x70
[  154.385746][T10672]  cont_write_begin+0x522/0x850
[  154.390752][T10672]  fat_write_begin+0x61/0xf0
[  154.395370][T10672]  ? fat_block_truncate_page+0x30/0x30
[  154.400915][T10672]  generic_perform_write+0x196/0x3c0
[  154.406248][T10672]  __generic_file_write_iter+0x202/0x300
[  154.411957][T10672]  ? generic_write_checks+0x250/0x290
[  154.417464][T10672]  generic_file_write_iter+0x75/0x130
[  154.423124][T10672]  vfs_write+0x69d/0x770
[  154.427359][T10672]  ksys_write+0xce/0x180
[  154.431588][T10672]  __x64_sys_write+0x3e/0x50
[  154.436176][T10672]  do_syscall_64+0x3d/0x90
[  154.440634][T10672]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  154.446763][T10672] RIP: 0033:0x4665e9
[  154.450689][T10672] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  154.470747][T10672] RSP: 002b:00007f6378f72188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  154.479165][T10672] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  154.487152][T10672] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000004
[  154.496362][T10672] RBP: 00007f6378f721d0 R08: 0000000000000000 R09: 0000000000000000
[  154.504930][T10672] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  154.513525][T10672] R13: 00007ffe6f0dae5f R14: 00007f6378f72300 R15: 0000000000022000
[  154.523072][T10676] loop3: detected capacity change from 0 to 16
[  154.544778][T10672] handle_bad_sector: 110 callbacks suppressed
[  154.544793][T10672] attempt to access beyond end of device
[  154.544793][T10672] loop2: rw=2049, want=123, limit=16
[  154.562025][T10672] buffer_io_error: 100 callbacks suppressed
[  154.562036][T10672] Buffer I/O error on dev loop2, logical block 122, lost async page write
[  154.581204][T10672] attempt to access beyond end of device
[  154.581204][T10672] loop2: rw=2049, want=124, limit=16
[  154.592296][T10672] Buffer I/O error on dev loop2, logical block 123, lost async page write
[  154.603028][T10672] attempt to access beyond end of device
[  154.603028][T10672] loop2: rw=2049, want=125, limit=16
[  154.613831][T10672] Buffer I/O error on dev loop2, logical block 124, lost async page write
[  154.639895][T10672] attempt to access beyond end of device
[  154.639895][T10672] loop2: rw=2049, want=126, limit=16
[  154.651259][T10672] Buffer I/O error on dev loop2, logical block 125, lost async page write
[  154.659909][T10672] attempt to access beyond end of device
[  154.659909][T10672] loop2: rw=2049, want=127, limit=16
[  154.670835][T10672] Buffer I/O error on dev loop2, logical block 126, lost async page write
[  154.679403][T10672] attempt to access beyond end of device
[  154.679403][T10672] loop2: rw=2049, want=128, limit=16
[  154.690209][T10672] Buffer I/O error on dev loop2, logical block 127, lost async page write
08:50:43 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0xb)

08:50:43 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, 0x0, 0x0)

08:50:43 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xc00, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:43 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x0, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:50:43 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x700, 0xf000)

08:50:43 executing program 2 (fault-call:7 fault-nth:2):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:43 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, 0x0, 0x0)

[  154.791692][T10707] loop5: detected capacity change from 0 to 16
[  154.793441][T10709] loop2: detected capacity change from 0 to 16
[  154.801821][T10712] loop4: detected capacity change from 0 to 16
[  154.804397][T10710] loop3: detected capacity change from 0 to 16
[  154.842688][T10709] FAULT_INJECTION: forcing a failure.
[  154.842688][T10709] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  154.850186][T10712] attempt to access beyond end of device
[  154.850186][T10712] loop4: rw=2049, want=124, limit=16
[  154.856005][T10709] CPU: 0 PID: 10709 Comm: syz-executor.2 Not tainted 5.14.0-rc6-syzkaller #0
[  154.875451][T10709] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  154.885673][T10709] Call Trace:
[  154.889379][T10709]  dump_stack_lvl+0xb7/0x103
[  154.894115][T10709]  dump_stack+0x11/0x1a
[  154.898288][T10709]  should_fail+0x23c/0x250
[  154.902714][T10709]  should_fail_usercopy+0x16/0x20
[  154.907761][T10709]  copy_page_from_iter_atomic+0x2c1/0xba0
[  154.913473][T10709]  ? fat_write_begin+0x61/0xf0
[  154.918329][T10709]  ? fat_block_truncate_page+0x30/0x30
[  154.923782][T10709]  ? fat_write_begin+0x79/0xf0
[  154.928539][T10709]  generic_perform_write+0x1df/0x3c0
[  154.934116][T10709]  __generic_file_write_iter+0x202/0x300
[  154.939866][T10709]  ? generic_write_checks+0x250/0x290
[  154.945228][T10709]  generic_file_write_iter+0x75/0x130
[  154.950733][T10709]  vfs_write+0x69d/0x770
[  154.954960][T10709]  ksys_write+0xce/0x180
[  154.959200][T10709]  __x64_sys_write+0x3e/0x50
[  154.963777][T10709]  do_syscall_64+0x3d/0x90
[  154.968274][T10709]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  154.974190][T10709] RIP: 0033:0x4665e9
[  154.978102][T10709] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  154.997957][T10709] RSP: 002b:00007f6378f72188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  155.006350][T10709] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  155.014328][T10709] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000004
[  155.022454][T10709] RBP: 00007f6378f721d0 R08: 0000000000000000 R09: 0000000000000000
[  155.030428][T10709] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
08:50:44 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xca5, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:44 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x900, 0xf000)

[  155.038657][T10709] R13: 00007ffe6f0dae5f R14: 00007f6378f72300 R15: 0000000000022000
[  155.053234][T10722] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  155.078948][T10709] attempt to access beyond end of device
[  155.078948][T10709] loop2: rw=2049, want=122, limit=16
08:50:44 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xd00, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  155.093008][T10709] attempt to access beyond end of device
[  155.093008][T10709] loop2: rw=2049, want=123, limit=16
[  155.104037][T10709] Buffer I/O error on dev loop2, logical block 122, lost async page write
[  155.112699][T10709] attempt to access beyond end of device
[  155.112699][T10709] loop2: rw=2049, want=124, limit=16
[  155.123630][T10709] Buffer I/O error on dev loop2, logical block 123, lost async page write
[  155.129762][T10732] loop5: detected capacity change from 0 to 16
08:50:44 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, 0x0, 0x0)

08:50:44 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, 0x0, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

[  155.164285][T10709] Buffer I/O error on dev loop2, logical block 124, lost async page write
[  155.178873][T10746] loop4: detected capacity change from 0 to 16
[  155.182786][T10709] Buffer I/O error on dev loop2, logical block 125, lost async page write
[  155.232617][T10756] loop5: detected capacity change from 0 to 16
[  155.233202][T10757] loop3: detected capacity change from 0 to 16
08:50:44 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0xc)

08:50:44 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xe00, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:44 executing program 2 (fault-call:7 fault-nth:3):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:44 executing program 5 (fault-call:7 fault-nth:0):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:44 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0xa00, 0xf000)

08:50:44 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, 0x0, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

[  155.642411][T10780] loop2: detected capacity change from 0 to 16
[  155.646328][T10781] loop5: detected capacity change from 0 to 16
[  155.651176][T10783] loop3: detected capacity change from 0 to 16
[  155.655092][T10782] loop4: detected capacity change from 0 to 16
[  155.670770][T10780] FAULT_INJECTION: forcing a failure.
[  155.670770][T10780] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  155.684043][T10780] CPU: 0 PID: 10780 Comm: syz-executor.2 Not tainted 5.14.0-rc6-syzkaller #0
[  155.692984][T10780] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  155.703045][T10780] Call Trace:
[  155.706347][T10780]  dump_stack_lvl+0xb7/0x103
[  155.710942][T10780]  dump_stack+0x11/0x1a
[  155.715166][T10780]  should_fail+0x23c/0x250
[  155.717772][T10781] FAULT_INJECTION: forcing a failure.
[  155.717772][T10781] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  155.719584][T10780]  __alloc_pages+0x102/0x320
[  155.719609][T10780]  alloc_pages+0x2e8/0x340
[  155.742059][T10780]  __page_cache_alloc+0x4d/0xf0
[  155.746907][T10780]  pagecache_get_page+0x5f4/0x900
[  155.752057][T10780]  grab_cache_page_write_begin+0x3f/0x70
[  155.757696][T10780]  cont_write_begin+0x501/0x850
[  155.762534][T10780]  fat_write_begin+0x61/0xf0
[  155.767197][T10780]  ? fat_block_truncate_page+0x30/0x30
[  155.772877][T10780]  generic_perform_write+0x196/0x3c0
[  155.778239][T10780]  ? fat_write_begin+0xf0/0xf0
[  155.783074][T10780]  __generic_file_write_iter+0x202/0x300
[  155.788790][T10780]  ? generic_write_checks+0x250/0x290
[  155.794255][T10780]  generic_file_write_iter+0x75/0x130
[  155.799689][T10780]  vfs_write+0x69d/0x770
[  155.803932][T10780]  ksys_write+0xce/0x180
[  155.808165][T10780]  __x64_sys_write+0x3e/0x50
[  155.812849][T10780]  do_syscall_64+0x3d/0x90
[  155.817256][T10780]  ? irqentry_exit+0xe/0x30
[  155.821748][T10780]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  155.827642][T10780] RIP: 0033:0x4665e9
[  155.831609][T10780] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  155.851287][T10780] RSP: 002b:00007f6378f72188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  155.859918][T10780] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  155.867970][T10780] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000004
[  155.875926][T10780] RBP: 00007f6378f721d0 R08: 0000000000000000 R09: 0000000000000000
[  155.883898][T10780] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
08:50:44 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0xb00, 0xf000)

[  155.891926][T10780] R13: 00007ffe6f0dae5f R14: 00007f6378f72300 R15: 0000000000022000
[  155.899994][T10781] CPU: 1 PID: 10781 Comm: syz-executor.5 Not tainted 5.14.0-rc6-syzkaller #0
[  155.908770][T10781] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  155.918942][T10781] Call Trace:
[  155.922221][T10781]  dump_stack_lvl+0xb7/0x103
[  155.926815][T10781]  dump_stack+0x11/0x1a
[  155.931018][T10781]  should_fail+0x23c/0x250
08:50:44 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, 0x0, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:50:44 executing program 2 (fault-call:7 fault-nth:4):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

[  155.934413][T10797] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  155.935430][T10781]  __alloc_pages+0x102/0x320
[  155.935453][T10781]  alloc_pages+0x2e8/0x340
[  155.953736][T10781]  __page_cache_alloc+0x4d/0xf0
[  155.958661][T10781]  pagecache_get_page+0x5f4/0x900
[  155.963781][T10781]  grab_cache_page_write_begin+0x3f/0x70
[  155.969564][T10781]  cont_write_begin+0x501/0x850
[  155.974434][T10781]  fat_write_begin+0x61/0xf0
[  155.979008][T10781]  ? fat_block_truncate_page+0x30/0x30
[  155.984454][T10781]  generic_perform_write+0x196/0x3c0
[  155.989724][T10781]  __generic_file_write_iter+0x202/0x300
[  155.995339][T10781]  ? generic_write_checks+0x250/0x290
[  156.000699][T10781]  generic_file_write_iter+0x75/0x130
[  156.006065][T10781]  vfs_write+0x69d/0x770
[  156.010321][T10781]  ksys_write+0xce/0x180
[  156.014600][T10781]  __x64_sys_write+0x3e/0x50
[  156.019243][T10781]  do_syscall_64+0x3d/0x90
[  156.023733][T10781]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  156.029743][T10781] RIP: 0033:0x4665e9
[  156.033622][T10781] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  156.053604][T10781] RSP: 002b:00007f6884076188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  156.062199][T10781] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  156.070326][T10781] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000004
[  156.078281][T10781] RBP: 00007f68840761d0 R08: 0000000000000000 R09: 0000000000000000
[  156.086249][T10781] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
08:50:45 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xf00, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:45 executing program 5 (fault-call:7 fault-nth:1):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:45 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x1008, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  156.094443][T10781] R13: 00007ffde1a7070f R14: 00007f6884076300 R15: 0000000000022000
[  156.173847][T10811] loop3: detected capacity change from 0 to 16
[  156.176638][T10821] loop4: detected capacity change from 0 to 16
[  156.191516][T10822] loop2: detected capacity change from 0 to 16
[  156.198109][T10823] loop5: detected capacity change from 0 to 16
[  156.216650][T10823] FAULT_INJECTION: forcing a failure.
[  156.216650][T10823] name failslab, interval 1, probability 0, space 0, times 0
[  156.229413][T10823] CPU: 0 PID: 10823 Comm: syz-executor.5 Not tainted 5.14.0-rc6-syzkaller #0
[  156.238209][T10823] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  156.248260][T10823] Call Trace:
[  156.251535][T10823]  dump_stack_lvl+0xb7/0x103
[  156.256128][T10823]  dump_stack+0x11/0x1a
[  156.260713][T10823]  should_fail+0x23c/0x250
[  156.265134][T10823]  ? fat_cache_add+0x219/0x570
[  156.269981][T10823]  __should_failslab+0x81/0x90
[  156.274746][T10823]  should_failslab+0x5/0x20
[  156.279244][T10823]  kmem_cache_alloc+0x46/0x2e0
[  156.279453][T10822] FAULT_INJECTION: forcing a failure.
[  156.279453][T10822] name failslab, interval 1, probability 0, space 0, times 0
[  156.284089][T10823]  fat_cache_add+0x219/0x570
[  156.301230][T10823]  fat_get_cluster+0x58e/0x870
[  156.305992][T10823]  ? __brelse+0x2c/0x50
[  156.310184][T10823]  fat_get_mapped_cluster+0xd0/0x250
[  156.315493][T10823]  fat_bmap+0x258/0x290
[  156.319637][T10823]  fat_get_block+0x36d/0x5a0
[  156.324451][T10823]  __block_write_begin_int+0x4a2/0x1060
[  156.330219][T10823]  ? fat_block_truncate_page+0x30/0x30
[  156.335670][T10823]  ? wait_for_stable_page+0x56/0x70
[  156.340863][T10823]  cont_write_begin+0x522/0x850
[  156.345697][T10823]  fat_write_begin+0x61/0xf0
[  156.350280][T10823]  ? fat_block_truncate_page+0x30/0x30
[  156.355904][T10823]  generic_perform_write+0x196/0x3c0
[  156.361179][T10823]  __generic_file_write_iter+0x202/0x300
[  156.367019][T10823]  ? generic_write_checks+0x250/0x290
[  156.372401][T10823]  generic_file_write_iter+0x75/0x130
[  156.377883][T10823]  vfs_write+0x69d/0x770
[  156.382110][T10823]  ksys_write+0xce/0x180
[  156.386343][T10823]  __x64_sys_write+0x3e/0x50
[  156.390916][T10823]  do_syscall_64+0x3d/0x90
[  156.395318][T10823]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  156.401256][T10823] RIP: 0033:0x4665e9
[  156.405145][T10823] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  156.424734][T10823] RSP: 002b:00007f6884076188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  156.433147][T10823] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  156.441112][T10823] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000004
[  156.449160][T10823] RBP: 00007f68840761d0 R08: 0000000000000000 R09: 0000000000000000
[  156.457551][T10823] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  156.465506][T10823] R13: 00007ffde1a7070f R14: 00007f6884076300 R15: 0000000000022000
[  156.473637][T10822] CPU: 1 PID: 10822 Comm: syz-executor.2 Not tainted 5.14.0-rc6-syzkaller #0
[  156.482392][T10822] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  156.492437][T10822] Call Trace:
[  156.495800][T10822]  dump_stack_lvl+0xb7/0x103
[  156.500380][T10822]  dump_stack+0x11/0x1a
[  156.504537][T10822]  should_fail+0x23c/0x250
[  156.508940][T10822]  ? xas_create+0x3fb/0xb30
[  156.513504][T10822]  __should_failslab+0x81/0x90
[  156.518242][T10822]  should_failslab+0x5/0x20
[  156.522725][T10822]  kmem_cache_alloc+0x46/0x2e0
[  156.527518][T10822]  xas_create+0x3fb/0xb30
[  156.531861][T10822]  xas_store+0x70/0xca0
[  156.535996][T10822]  ? memcg_check_events+0x23/0x3b0
[  156.541099][T10822]  ? cgroup_rstat_updated+0x60/0x1c0
[  156.546362][T10822]  ? get_page_from_freelist+0x54e/0x820
[  156.551884][T10822]  ? xas_find_conflict+0x422/0x4c0
[  156.556985][T10822]  __add_to_page_cache_locked+0x1eb/0x4b0
[  156.562696][T10822]  ? workingset_activation+0x270/0x270
[  156.568301][T10822]  add_to_page_cache_lru+0xa0/0x1b0
[  156.573484][T10822]  pagecache_get_page+0x6a3/0x900
[  156.578529][T10822]  grab_cache_page_write_begin+0x3f/0x70
[  156.584255][T10822]  cont_write_begin+0x501/0x850
[  156.589106][T10822]  fat_write_begin+0x61/0xf0
[  156.593687][T10822]  ? fat_block_truncate_page+0x30/0x30
[  156.599228][T10822]  generic_perform_write+0x196/0x3c0
[  156.604587][T10822]  ? fat_write_begin+0xf0/0xf0
[  156.609335][T10822]  __generic_file_write_iter+0x202/0x300
[  156.615388][T10822]  ? generic_write_checks+0x250/0x290
[  156.620745][T10822]  generic_file_write_iter+0x75/0x130
[  156.626112][T10822]  vfs_write+0x69d/0x770
[  156.630483][T10822]  ksys_write+0xce/0x180
[  156.634766][T10822]  __x64_sys_write+0x3e/0x50
[  156.639334][T10822]  do_syscall_64+0x3d/0x90
[  156.643739][T10822]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  156.649756][T10822] RIP: 0033:0x4665e9
[  156.653739][T10822] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
08:50:45 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0xd)

08:50:45 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x1100, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:45 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:50:45 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0xc00, 0xf000)

08:50:45 executing program 5 (fault-call:7 fault-nth:2):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

[  156.673558][T10822] RSP: 002b:00007f6378f72188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  156.682178][T10822] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  156.690215][T10822] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000004
[  156.698229][T10822] RBP: 00007f6378f721d0 R08: 0000000000000000 R09: 0000000000000000
[  156.706266][T10822] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  156.714212][T10822] R13: 00007ffe6f0dae5f R14: 00007f6378f72300 R15: 0000000000022000
08:50:45 executing program 2 (fault-call:7 fault-nth:5):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

[  156.750131][T10840] net_ratelimit: 18 callbacks suppressed
[  156.750145][T10840] IPv4: Oversized IP packet from 127.0.0.1
[  156.761897][    C1] IPv4: Oversized IP packet from 127.0.0.1
08:50:45 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x1200, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  156.791890][T10853] loop3: detected capacity change from 0 to 16
[  156.792837][T10852] loop4: detected capacity change from 0 to 16
[  156.798296][T10854] loop5: detected capacity change from 0 to 16
[  156.807262][T10855] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  156.821069][T10854] FAULT_INJECTION: forcing a failure.
[  156.821069][T10854] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  156.834142][T10854] CPU: 1 PID: 10854 Comm: syz-executor.5 Not tainted 5.14.0-rc6-syzkaller #0
[  156.842962][T10854] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  156.853179][T10854] Call Trace:
[  156.856530][T10854]  dump_stack_lvl+0xb7/0x103
[  156.861300][T10854]  dump_stack+0x11/0x1a
[  156.865442][T10854]  should_fail+0x23c/0x250
[  156.869934][T10854]  should_fail_usercopy+0x16/0x20
[  156.874989][T10854]  copy_page_from_iter_atomic+0x2c1/0xba0
[  156.880792][T10854]  ? fat_write_begin+0x61/0xf0
[  156.885552][T10854]  ? fat_block_truncate_page+0x30/0x30
[  156.891050][T10854]  ? fat_write_begin+0x79/0xf0
[  156.895886][T10854]  generic_perform_write+0x1df/0x3c0
[  156.901624][T10854]  __generic_file_write_iter+0x202/0x300
[  156.907278][T10854]  ? generic_write_checks+0x250/0x290
[  156.912642][T10854]  generic_file_write_iter+0x75/0x130
[  156.918075][T10854]  vfs_write+0x69d/0x770
[  156.922308][T10854]  ksys_write+0xce/0x180
[  156.926538][T10854]  __x64_sys_write+0x3e/0x50
[  156.931111][T10854]  do_syscall_64+0x3d/0x90
[  156.935515][T10854]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  156.941403][T10854] RIP: 0033:0x4665e9
[  156.945278][T10854] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  156.965062][T10854] RSP: 002b:00007f6884076188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  156.973562][T10854] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  156.981539][T10854] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000004
[  156.989494][T10854] RBP: 00007f68840761d0 R08: 0000000000000000 R09: 0000000000000000
[  156.997493][T10854] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  157.005552][T10854] R13: 00007ffde1a7070f R14: 00007f6884076300 R15: 0000000000022000
08:50:46 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

[  157.036941][T10868] IPv4: Oversized IP packet from 127.0.0.1
[  157.040624][T10869] loop2: detected capacity change from 0 to 16
[  157.042864][    C0] IPv4: Oversized IP packet from 127.0.0.1
[  157.059172][T10869] FAULT_INJECTION: forcing a failure.
[  157.059172][T10869] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  157.072262][T10869] CPU: 1 PID: 10869 Comm: syz-executor.2 Not tainted 5.14.0-rc6-syzkaller #0
08:50:46 executing program 5 (fault-call:7 fault-nth:3):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

[  157.081041][T10869] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  157.091264][T10869] Call Trace:
[  157.094584][T10869]  dump_stack_lvl+0xb7/0x103
[  157.099351][T10869]  dump_stack+0x11/0x1a
[  157.103554][T10869]  should_fail+0x23c/0x250
[  157.108062][T10869]  should_fail_usercopy+0x16/0x20
[  157.113265][T10869]  copy_page_from_iter_atomic+0x2c1/0xba0
[  157.118982][T10869]  ? fat_write_begin+0x61/0xf0
[  157.123854][T10869]  ? fat_block_truncate_page+0x30/0x30
[  157.129401][T10869]  ? fat_write_begin+0x79/0xf0
[  157.134223][T10869]  generic_perform_write+0x1df/0x3c0
[  157.139541][T10869]  ? fat_write_begin+0xf0/0xf0
[  157.144289][T10869]  __generic_file_write_iter+0x202/0x300
[  157.149972][T10869]  ? generic_write_checks+0x250/0x290
[  157.155446][T10869]  generic_file_write_iter+0x75/0x130
[  157.161030][T10869]  vfs_write+0x69d/0x770
[  157.165313][T10869]  ksys_write+0xce/0x180
[  157.169594][T10869]  __x64_sys_write+0x3e/0x50
[  157.174257][T10869]  do_syscall_64+0x3d/0x90
[  157.178669][T10869]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  157.184563][T10869] RIP: 0033:0x4665e9
[  157.188469][T10869] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  157.208118][T10869] RSP: 002b:00007f6378f72188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  157.216536][T10869] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  157.224588][T10869] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000004
[  157.232540][T10869] RBP: 00007f6378f721d0 R08: 0000000000000000 R09: 0000000000000000
[  157.240494][T10869] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  157.248641][T10869] R13: 00007ffe6f0dae5f R14: 00007f6378f72300 R15: 0000000000022000
08:50:46 executing program 2 (fault-call:7 fault-nth:6):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:46 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0xd00, 0xf000)

08:50:46 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x1800, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  157.281352][T10881] loop3: detected capacity change from 0 to 16
[  157.315622][T10888] loop5: detected capacity change from 0 to 16
[  157.324020][T10890] IPv4: Oversized IP packet from 127.0.0.1
[  157.329922][    C1] IPv4: Oversized IP packet from 127.0.0.1
[  157.354699][T10888] FAULT_INJECTION: forcing a failure.
[  157.354699][T10888] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  157.362678][T10902] loop4: detected capacity change from 0 to 16
[  157.368229][T10888] CPU: 1 PID: 10888 Comm: syz-executor.5 Not tainted 5.14.0-rc6-syzkaller #0
[  157.383238][T10888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  157.393918][T10888] Call Trace:
[  157.397189][T10888]  dump_stack_lvl+0xb7/0x103
[  157.401776][T10888]  dump_stack+0x11/0x1a
[  157.406023][T10888]  should_fail+0x23c/0x250
[  157.410442][T10888]  __alloc_pages+0x102/0x320
[  157.415059][T10888]  alloc_pages+0x2e8/0x340
[  157.419523][T10888]  __page_cache_alloc+0x4d/0xf0
[  157.424537][T10888]  pagecache_get_page+0x5f4/0x900
[  157.429711][T10888]  grab_cache_page_write_begin+0x3f/0x70
[  157.435335][T10888]  cont_write_begin+0x501/0x850
[  157.440174][T10888]  fat_write_begin+0x61/0xf0
[  157.444749][T10888]  ? fat_block_truncate_page+0x30/0x30
[  157.450380][T10888]  generic_perform_write+0x196/0x3c0
[  157.455715][T10888]  ? fat_write_begin+0xf0/0xf0
[  157.460461][T10888]  __generic_file_write_iter+0x202/0x300
[  157.466168][T10888]  ? generic_write_checks+0x250/0x290
[  157.471528][T10888]  generic_file_write_iter+0x75/0x130
[  157.477184][T10888]  vfs_write+0x69d/0x770
[  157.481414][T10888]  ksys_write+0xce/0x180
[  157.485642][T10888]  __x64_sys_write+0x3e/0x50
[  157.490309][T10888]  do_syscall_64+0x3d/0x90
[  157.494727][T10888]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  157.500646][T10888] RIP: 0033:0x4665e9
[  157.504709][T10888] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  157.524390][T10888] RSP: 002b:00007f6884076188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  157.532790][T10888] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  157.540771][T10888] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000004
08:50:46 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0xe)

08:50:46 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:50:46 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x2000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:46 executing program 5 (fault-call:7 fault-nth:4):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

[  157.548728][T10888] RBP: 00007f68840761d0 R08: 0000000000000000 R09: 0000000000000000
[  157.556686][T10888] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  157.564728][T10888] R13: 00007ffde1a7070f R14: 00007f6884076300 R15: 0000000000022000
[  157.592318][T10901] loop2: detected capacity change from 0 to 16
[  157.619663][T10901] FAULT_INJECTION: forcing a failure.
[  157.619663][T10901] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  157.633279][T10901] CPU: 0 PID: 10901 Comm: syz-executor.2 Not tainted 5.14.0-rc6-syzkaller #0
[  157.641539][T10917] IPv4: Oversized IP packet from 127.0.0.1
[  157.642038][T10901] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  157.647916][    C1] IPv4: Oversized IP packet from 127.0.0.1
[  157.658299][T10901] Call Trace:
[  157.658308][T10901]  dump_stack_lvl+0xb7/0x103
[  157.658329][T10901]  dump_stack+0x11/0x1a
[  157.676262][T10901]  should_fail+0x23c/0x250
[  157.680703][T10901]  __alloc_pages+0x102/0x320
[  157.685280][T10901]  alloc_pages+0x2e8/0x340
[  157.689821][T10901]  __page_cache_alloc+0x4d/0xf0
[  157.694921][T10901]  pagecache_get_page+0x5f4/0x900
[  157.699950][T10901]  grab_cache_page_write_begin+0x3f/0x70
[  157.705693][T10901]  cont_write_begin+0x501/0x850
[  157.710569][T10901]  fat_write_begin+0x61/0xf0
[  157.715241][T10901]  ? fat_block_truncate_page+0x30/0x30
[  157.720740][T10901]  generic_perform_write+0x196/0x3c0
[  157.726015][T10901]  ? fat_write_begin+0xf0/0xf0
[  157.730761][T10901]  __generic_file_write_iter+0x202/0x300
[  157.736463][T10901]  ? generic_write_checks+0x250/0x290
[  157.741951][T10901]  generic_file_write_iter+0x75/0x130
[  157.747364][T10901]  vfs_write+0x69d/0x770
[  157.751597][T10901]  ksys_write+0xce/0x180
[  157.755843][T10901]  __x64_sys_write+0x3e/0x50
[  157.760546][T10901]  do_syscall_64+0x3d/0x90
[  157.764951][T10901]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  157.770860][T10901] RIP: 0033:0x4665e9
[  157.774736][T10901] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  157.794530][T10901] RSP: 002b:00007f6378f72188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  157.802927][T10901] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  157.810884][T10901] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000004
08:50:46 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0xe00, 0xf000)

08:50:46 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x2500, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:46 executing program 2 (fault-call:7 fault-nth:7):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

[  157.818939][T10901] RBP: 00007f6378f721d0 R08: 0000000000000000 R09: 0000000000000000
[  157.826892][T10901] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  157.834844][T10901] R13: 00007ffe6f0dae5f R14: 00007f6378f72300 R15: 0000000000022000
[  157.851098][T10918] loop3: detected capacity change from 0 to 16
[  157.858014][T10921] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
08:50:46 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x4000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  157.893008][T10927] IPv4: Oversized IP packet from 127.0.0.1
[  157.898906][    C0] IPv4: Oversized IP packet from 127.0.0.1
[  157.916437][T10932] loop5: detected capacity change from 0 to 16
[  157.934072][T10932] FAULT_INJECTION: forcing a failure.
[  157.934072][T10932] name failslab, interval 1, probability 0, space 0, times 0
[  157.947256][T10932] CPU: 0 PID: 10932 Comm: syz-executor.5 Not tainted 5.14.0-rc6-syzkaller #0
[  157.947447][T10940] loop4: detected capacity change from 0 to 16
[  157.956014][T10932] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  157.956028][T10932] Call Trace:
[  157.956035][T10932]  dump_stack_lvl+0xb7/0x103
[  157.965060][T10945] loop2: detected capacity change from 0 to 16
[  157.972812][T10932]  dump_stack+0x11/0x1a
[  157.972851][T10932]  should_fail+0x23c/0x250
[  157.995661][T10932]  ? xas_create+0x3fb/0xb30
[  157.998972][T10945] FAULT_INJECTION: forcing a failure.
[  157.998972][T10945] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  158.000236][T10932]  __should_failslab+0x81/0x90
[  158.018114][T10932]  should_failslab+0x5/0x20
[  158.022630][T10932]  kmem_cache_alloc+0x46/0x2e0
[  158.027483][T10932]  xas_create+0x3fb/0xb30
[  158.031910][T10932]  xas_store+0x70/0xca0
[  158.036099][T10932]  ? memcg_check_events+0x23/0x3b0
[  158.041277][T10932]  ? cgroup_rstat_updated+0x60/0x1c0
[  158.046560][T10932]  ? get_page_from_freelist+0x54e/0x820
[  158.052203][T10932]  ? xas_find_conflict+0x422/0x4c0
[  158.057311][T10932]  __add_to_page_cache_locked+0x1eb/0x4b0
[  158.063019][T10932]  ? workingset_activation+0x270/0x270
[  158.068717][T10932]  add_to_page_cache_lru+0xa0/0x1b0
[  158.073917][T10932]  pagecache_get_page+0x6a3/0x900
[  158.078970][T10932]  grab_cache_page_write_begin+0x3f/0x70
[  158.084602][T10932]  cont_write_begin+0x501/0x850
[  158.089492][T10932]  fat_write_begin+0x61/0xf0
[  158.094175][T10932]  ? fat_block_truncate_page+0x30/0x30
[  158.099626][T10932]  generic_perform_write+0x196/0x3c0
[  158.104915][T10932]  ? fat_write_begin+0xf0/0xf0
[  158.109714][T10932]  __generic_file_write_iter+0x202/0x300
[  158.115355][T10932]  ? generic_write_checks+0x250/0x290
[  158.120753][T10932]  generic_file_write_iter+0x75/0x130
[  158.126113][T10932]  vfs_write+0x69d/0x770
[  158.130449][T10932]  ksys_write+0xce/0x180
[  158.134678][T10932]  __x64_sys_write+0x3e/0x50
[  158.139251][T10932]  do_syscall_64+0x3d/0x90
[  158.143651][T10932]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  158.149751][T10932] RIP: 0033:0x4665e9
[  158.153712][T10932] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  158.173361][T10932] RSP: 002b:00007f6884076188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  158.181929][T10932] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
08:50:47 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

[  158.189889][T10932] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000004
[  158.197839][T10932] RBP: 00007f68840761d0 R08: 0000000000000000 R09: 0000000000000000
[  158.205808][T10932] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  158.213879][T10932] R13: 00007ffde1a7070f R14: 00007f6884076300 R15: 0000000000022000
[  158.221925][T10945] CPU: 1 PID: 10945 Comm: syz-executor.2 Not tainted 5.14.0-rc6-syzkaller #0
[  158.230721][T10945] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  158.240770][T10945] Call Trace:
[  158.244055][T10945]  dump_stack_lvl+0xb7/0x103
[  158.248755][T10945]  dump_stack+0x11/0x1a
[  158.252912][T10945]  should_fail+0x23c/0x250
[  158.257374][T10945]  should_fail_usercopy+0x16/0x20
[  158.262680][T10945]  copy_page_from_iter_atomic+0x2c1/0xba0
[  158.268400][T10945]  ? fat_write_begin+0x61/0xf0
[  158.273148][T10945]  ? fat_block_truncate_page+0x30/0x30
[  158.278665][T10945]  ? fat_write_begin+0x79/0xf0
[  158.283487][T10945]  generic_perform_write+0x1df/0x3c0
[  158.289004][T10945]  ? fat_write_begin+0xf0/0xf0
[  158.294011][T10945]  __generic_file_write_iter+0x202/0x300
[  158.299717][T10945]  ? generic_write_checks+0x250/0x290
[  158.305074][T10945]  generic_file_write_iter+0x75/0x130
[  158.310518][T10945]  vfs_write+0x69d/0x770
[  158.314746][T10945]  ksys_write+0xce/0x180
[  158.318986][T10945]  __x64_sys_write+0x3e/0x50
[  158.323615][T10945]  do_syscall_64+0x3d/0x90
[  158.328016][T10945]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  158.333945][T10945] RIP: 0033:0x4665e9
[  158.337999][T10945] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  158.357585][T10945] RSP: 002b:00007f6378f72188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  158.365980][T10945] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  158.374071][T10945] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000004
[  158.382032][T10945] RBP: 00007f6378f721d0 R08: 0000000000000000 R09: 0000000000000000
08:50:47 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x4800, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  158.389985][T10945] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  158.397939][T10945] R13: 00007ffe6f0dae5f R14: 00007f6378f72300 R15: 0000000000022000
[  158.412992][T10957] loop3: detected capacity change from 0 to 16
08:50:47 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:50:47 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0xf)

08:50:47 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0xf00, 0xf000)

08:50:47 executing program 5 (fault-call:7 fault-nth:5):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:47 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x4c00, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:47 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:50:47 executing program 2 (fault-call:7 fault-nth:8):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

[  158.502013][T10976] loop3: detected capacity change from 0 to 16
08:50:47 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x6000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  158.561216][T10992] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  158.575411][T10997] loop5: detected capacity change from 0 to 16
[  158.582996][T10998] loop4: detected capacity change from 0 to 16
[  158.591388][T11003] loop3: detected capacity change from 0 to 16
[  158.594302][T11002] loop2: detected capacity change from 0 to 16
[  158.609478][T10997] FAULT_INJECTION: forcing a failure.
[  158.609478][T10997] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  158.620795][T11002] FAULT_INJECTION: forcing a failure.
[  158.620795][T11002] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  158.622633][T10997] CPU: 1 PID: 10997 Comm: syz-executor.5 Not tainted 5.14.0-rc6-syzkaller #0
[  158.644623][T10997] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  158.654668][T10997] Call Trace:
[  158.657931][T10997]  dump_stack_lvl+0xb7/0x103
[  158.662572][T10997]  dump_stack+0x11/0x1a
[  158.666724][T10997]  should_fail+0x23c/0x250
[  158.671143][T10997]  should_fail_usercopy+0x16/0x20
[  158.676198][T10997]  copy_page_from_iter_atomic+0x2c1/0xba0
[  158.681987][T10997]  ? fat_write_begin+0x61/0xf0
[  158.686914][T10997]  ? fat_block_truncate_page+0x30/0x30
[  158.692407][T10997]  ? fat_write_begin+0x79/0xf0
[  158.697160][T10997]  generic_perform_write+0x1df/0x3c0
[  158.702441][T10997]  ? fat_write_begin+0xf0/0xf0
[  158.707195][T10997]  __generic_file_write_iter+0x202/0x300
[  158.712815][T10997]  ? generic_write_checks+0x250/0x290
[  158.718177][T10997]  generic_file_write_iter+0x75/0x130
[  158.723537][T10997]  vfs_write+0x69d/0x770
[  158.727907][T10997]  ksys_write+0xce/0x180
[  158.732232][T10997]  __x64_sys_write+0x3e/0x50
[  158.737011][T10997]  do_syscall_64+0x3d/0x90
[  158.741426][T10997]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  158.747307][T10997] RIP: 0033:0x4665e9
[  158.751185][T10997] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  158.771196][T10997] RSP: 002b:00007f6884076188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  158.779692][T10997] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  158.787911][T10997] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000004
[  158.796068][T10997] RBP: 00007f68840761d0 R08: 0000000000000000 R09: 0000000000000000
[  158.804027][T10997] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  158.811987][T10997] R13: 00007ffde1a7070f R14: 00007f6884076300 R15: 0000000000022000
[  158.819949][T11002] CPU: 0 PID: 11002 Comm: syz-executor.2 Not tainted 5.14.0-rc6-syzkaller #0
[  158.829052][T11002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  158.839399][T11002] Call Trace:
[  158.842755][T11002]  dump_stack_lvl+0xb7/0x103
[  158.847509][T11002]  dump_stack+0x11/0x1a
[  158.851657][T11002]  should_fail+0x23c/0x250
[  158.856238][T11002]  __alloc_pages+0x102/0x320
[  158.861078][T11002]  alloc_pages+0x2e8/0x340
[  158.866193][T11002]  __page_cache_alloc+0x4d/0xf0
[  158.871207][T11002]  pagecache_get_page+0x5f4/0x900
[  158.876379][T11002]  grab_cache_page_write_begin+0x3f/0x70
[  158.882096][T11002]  cont_write_begin+0x501/0x850
[  158.886950][T11002]  fat_write_begin+0x61/0xf0
[  158.891610][T11002]  ? fat_block_truncate_page+0x30/0x30
[  158.897061][T11002]  generic_perform_write+0x196/0x3c0
[  158.902616][T11002]  ? fat_write_begin+0xf0/0xf0
[  158.907390][T11002]  __generic_file_write_iter+0x202/0x300
[  158.913636][T11002]  ? generic_write_checks+0x250/0x290
[  158.919295][T11002]  generic_file_write_iter+0x75/0x130
[  158.924661][T11002]  vfs_write+0x69d/0x770
[  158.928978][T11002]  ksys_write+0xce/0x180
[  158.933228][T11002]  __x64_sys_write+0x3e/0x50
[  158.938005][T11002]  do_syscall_64+0x3d/0x90
[  158.942475][T11002]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  158.948705][T11002] RIP: 0033:0x4665e9
[  158.952763][T11002] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  158.973103][T11002] RSP: 002b:00007f6378f72188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  158.982018][T11002] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  158.990061][T11002] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000004
[  158.998200][T11002] RBP: 00007f6378f721d0 R08: 0000000000000000 R09: 0000000000000000
08:50:48 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x6400, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:48 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0xff6, 0xf000)

[  159.006174][T11002] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  159.014129][T11002] R13: 00007ffe6f0dae5f R14: 00007f6378f72300 R15: 0000000000022000
08:50:48 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:50:48 executing program 2 (fault-call:7 fault-nth:9):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:48 executing program 5 (fault-call:7 fault-nth:6):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

[  159.103970][T11021] loop4: detected capacity change from 0 to 16
[  159.118486][T11025] loop3: detected capacity change from 0 to 16
[  159.136449][T11032] loop2: detected capacity change from 0 to 16
[  159.142348][T11033] loop5: detected capacity change from 0 to 16
[  159.170972][T11033] FAULT_INJECTION: forcing a failure.
[  159.170972][T11033] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  159.171607][T11032] FAULT_INJECTION: forcing a failure.
[  159.171607][T11032] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  159.184251][T11033] CPU: 1 PID: 11033 Comm: syz-executor.5 Not tainted 5.14.0-rc6-syzkaller #0
[  159.205992][T11033] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  159.216091][T11033] Call Trace:
[  159.219358][T11033]  dump_stack_lvl+0xb7/0x103
[  159.223972][T11033]  dump_stack+0x11/0x1a
[  159.228113][T11033]  should_fail+0x23c/0x250
[  159.232596][T11033]  __alloc_pages+0x102/0x320
[  159.237183][T11033]  alloc_pages+0x2e8/0x340
[  159.241634][T11033]  __page_cache_alloc+0x4d/0xf0
[  159.246491][T11033]  pagecache_get_page+0x5f4/0x900
[  159.251538][T11033]  grab_cache_page_write_begin+0x3f/0x70
[  159.257212][T11033]  cont_write_begin+0x501/0x850
[  159.262086][T11033]  fat_write_begin+0x61/0xf0
[  159.266660][T11033]  ? fat_block_truncate_page+0x30/0x30
[  159.272127][T11033]  generic_perform_write+0x196/0x3c0
[  159.277456][T11033]  ? fat_write_begin+0xf0/0xf0
[  159.282217][T11033]  __generic_file_write_iter+0x202/0x300
[  159.287844][T11033]  ? generic_write_checks+0x250/0x290
[  159.293296][T11033]  generic_file_write_iter+0x75/0x130
[  159.298739][T11033]  vfs_write+0x69d/0x770
[  159.303091][T11033]  ksys_write+0xce/0x180
[  159.307319][T11033]  __x64_sys_write+0x3e/0x50
[  159.312091][T11033]  do_syscall_64+0x3d/0x90
[  159.316496][T11033]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  159.322500][T11033] RIP: 0033:0x4665e9
[  159.326493][T11033] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  159.347474][T11033] RSP: 002b:00007f6884076188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  159.356097][T11033] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  159.364077][T11033] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000004
[  159.372130][T11033] RBP: 00007f68840761d0 R08: 0000000000000000 R09: 0000000000000000
[  159.380098][T11033] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  159.389158][T11033] R13: 00007ffde1a7070f R14: 00007f6884076300 R15: 0000000000022000
[  159.397204][T11032] CPU: 0 PID: 11032 Comm: syz-executor.2 Not tainted 5.14.0-rc6-syzkaller #0
[  159.406223][T11032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  159.416275][T11032] Call Trace:
08:50:48 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x10)

08:50:48 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x6800, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:48 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:50:48 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x2000, 0xf000)

08:50:48 executing program 5 (fault-call:7 fault-nth:7):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

[  159.419553][T11032]  dump_stack_lvl+0xb7/0x103
[  159.424134][T11032]  dump_stack+0x11/0x1a
[  159.428283][T11032]  should_fail+0x23c/0x250
[  159.432697][T11032]  should_fail_usercopy+0x16/0x20
[  159.437909][T11032]  copy_page_from_iter_atomic+0x2c1/0xba0
[  159.443999][T11032]  ? fat_write_begin+0x61/0xf0
[  159.448807][T11032]  ? fat_block_truncate_page+0x30/0x30
[  159.454580][T11032]  ? fat_write_begin+0x79/0xf0
[  159.459867][T11032]  generic_perform_write+0x1df/0x3c0
[  159.465271][T11032]  ? fat_write_begin+0xf0/0xf0
[  159.470026][T11032]  __generic_file_write_iter+0x202/0x300
[  159.475639][T11032]  ? generic_write_checks+0x250/0x290
[  159.480995][T11032]  generic_file_write_iter+0x75/0x130
[  159.486463][T11032]  vfs_write+0x69d/0x770
[  159.490879][T11032]  ksys_write+0xce/0x180
[  159.495319][T11032]  __x64_sys_write+0x3e/0x50
[  159.499987][T11032]  do_syscall_64+0x3d/0x90
[  159.504389][T11032]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  159.510271][T11032] RIP: 0033:0x4665e9
[  159.514216][T11032] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  159.533968][T11032] RSP: 002b:00007f6378f72188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  159.542656][T11032] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  159.550989][T11032] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000004
[  159.558947][T11032] RBP: 00007f6378f721d0 R08: 0000000000000000 R09: 0000000000000000
[  159.566998][T11032] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  159.574988][T11032] R13: 00007ffe6f0dae5f R14: 00007f6378f72300 R15: 0000000000022000
[  159.585388][T11032] handle_bad_sector: 99 callbacks suppressed
[  159.585403][T11032] attempt to access beyond end of device
[  159.585403][T11032] loop2: rw=2049, want=122, limit=16
[  159.612338][T11032] attempt to access beyond end of device
08:50:48 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:50:48 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x6c00, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  159.612338][T11032] loop2: rw=2049, want=123, limit=16
[  159.613332][T11048] loop3: detected capacity change from 0 to 16
[  159.624137][T11032] buffer_io_error: 86 callbacks suppressed
[  159.624150][T11032] Buffer I/O error on dev loop2, logical block 122, lost async page write
[  159.645651][T11032] attempt to access beyond end of device
[  159.645651][T11032] loop2: rw=2049, want=124, limit=16
[  159.656725][T11032] Buffer I/O error on dev loop2, logical block 123, lost async page write
[  159.665982][T11032] attempt to access beyond end of device
[  159.665982][T11032] loop2: rw=2049, want=125, limit=16
[  159.676851][T11054] loop5: detected capacity change from 0 to 16
[  159.680744][T11054] FAULT_INJECTION: forcing a failure.
[  159.680744][T11054] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  159.683137][T11032] Buffer I/O error on dev loop2, logical block 124, lost async page write
[  159.696430][T11054] CPU: 1 PID: 11054 Comm: syz-executor.5 Not tainted 5.14.0-rc6-syzkaller #0
[  159.714621][T11054] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  159.724531][T11060] loop4: detected capacity change from 0 to 16
[  159.725159][T11054] Call Trace:
[  159.725167][T11054]  dump_stack_lvl+0xb7/0x103
[  159.725189][T11054]  dump_stack+0x11/0x1a
[  159.739635][T11032] attempt to access beyond end of device
[  159.739635][T11032] loop2: rw=2049, want=126, limit=16
[  159.739821][T11054]  should_fail+0x23c/0x250
[  159.743983][T11032] Buffer I/O error on dev loop2, logical block 125, lost async page write
[  159.755380][T11054]  should_fail_usercopy+0x16/0x20
[  159.760394][T11060] attempt to access beyond end of device
[  159.760394][T11060] loop4: rw=2049, want=124, limit=16
[  159.768315][T11054]  copy_page_from_iter_atomic+0x2c1/0xba0
[  159.783178][T11032] attempt to access beyond end of device
[  159.783178][T11032] loop2: rw=2049, want=127, limit=16
[  159.784267][T11054]  ? fat_write_begin+0x61/0xf0
[  159.790353][T11032] Buffer I/O error on dev loop2, logical block 126, lost async page write
[  159.791772][T11032] attempt to access beyond end of device
08:50:48 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x2200, 0xf000)

08:50:48 executing program 2 (fault-call:7 fault-nth:10):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

[  159.791772][T11032] loop2: rw=2049, want=128, limit=16
[  159.801444][T11054]  ? fat_block_truncate_page+0x30/0x30
[  159.801481][T11054]  ? fat_write_begin+0x79/0xf0
[  159.806312][T11032] Buffer I/O error on dev loop2, logical block 127, lost async page write
[  159.814865][T11054]  generic_perform_write+0x1df/0x3c0
[  159.825724][T11032] attempt to access beyond end of device
[  159.825724][T11032] loop2: rw=2049, want=42, limit=16
[  159.831041][T11054]  ? fat_write_begin+0xf0/0xf0
[  159.831059][T11054]  __generic_file_write_iter+0x202/0x300
[  159.870717][T11054]  ? generic_write_checks+0x250/0x290
[  159.876114][T11054]  generic_file_write_iter+0x75/0x130
[  159.881495][T11054]  vfs_write+0x69d/0x770
[  159.885829][T11054]  ksys_write+0xce/0x180
[  159.890069][T11054]  __x64_sys_write+0x3e/0x50
[  159.894703][T11054]  do_syscall_64+0x3d/0x90
[  159.899104][T11054]  ? irqentry_exit+0xe/0x30
[  159.903654][T11054]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  159.909639][T11054] RIP: 0033:0x4665e9
[  159.913624][T11054] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  159.933269][T11054] RSP: 002b:00007f6884076188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  159.942028][T11054] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  159.949994][T11054] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000004
[  159.958218][T11054] RBP: 00007f68840761d0 R08: 0000000000000000 R09: 0000000000000000
[  159.966177][T11054] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  159.974129][T11054] R13: 00007ffde1a7070f R14: 00007f6884076300 R15: 0000000000022000
[  159.990340][T11054] attempt to access beyond end of device
[  159.990340][T11054] loop5: rw=2049, want=122, limit=16
[  160.001640][T11054] Buffer I/O error on dev loop5, logical block 122, lost async page write
[  160.002658][T11069] loop3: detected capacity change from 0 to 16
08:50:48 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x7400, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:49 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000200), 0xf000)

[  160.010901][T11054] Buffer I/O error on dev loop5, logical block 123, lost async page write
[  160.035073][T11054] Buffer I/O error on dev loop5, logical block 124, lost async page write
[  160.046936][T11054] Buffer I/O error on dev loop5, logical block 125, lost async page write
[  160.056318][T11076] loop2: detected capacity change from 0 to 16
[  160.072941][T11076] FAULT_INJECTION: forcing a failure.
[  160.072941][T11076] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  160.076444][T11081] loop4: detected capacity change from 0 to 16
[  160.086370][T11076] CPU: 1 PID: 11076 Comm: syz-executor.2 Not tainted 5.14.0-rc6-syzkaller #0
[  160.102578][T11076] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  160.112971][T11076] Call Trace:
[  160.116307][T11076]  dump_stack_lvl+0xb7/0x103
[  160.120989][T11076]  dump_stack+0x11/0x1a
[  160.125217][T11076]  should_fail+0x23c/0x250
[  160.129633][T11076]  __alloc_pages+0x102/0x320
[  160.134649][T11076]  alloc_pages+0x2e8/0x340
[  160.139053][T11076]  __page_cache_alloc+0x4d/0xf0
[  160.143897][T11076]  pagecache_get_page+0x5f4/0x900
[  160.149069][T11076]  grab_cache_page_write_begin+0x3f/0x70
[  160.154687][T11076]  cont_write_begin+0x501/0x850
[  160.159578][T11076]  fat_write_begin+0x61/0xf0
[  160.164218][T11076]  ? fat_block_truncate_page+0x30/0x30
[  160.169667][T11076]  generic_perform_write+0x196/0x3c0
[  160.174936][T11076]  ? fat_write_begin+0xf0/0xf0
[  160.182938][T11076]  __generic_file_write_iter+0x202/0x300
[  160.188559][T11076]  ? generic_write_checks+0x250/0x290
[  160.194004][T11076]  generic_file_write_iter+0x75/0x130
[  160.199368][T11076]  vfs_write+0x69d/0x770
[  160.203594][T11076]  ksys_write+0xce/0x180
[  160.208951][T11076]  __x64_sys_write+0x3e/0x50
[  160.213530][T11076]  do_syscall_64+0x3d/0x90
[  160.217942][T11076]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  160.223828][T11076] RIP: 0033:0x4665e9
[  160.227719][T11076] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  160.247332][T11076] RSP: 002b:00007f6378f72188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  160.255955][T11076] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  160.263922][T11076] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000004
08:50:49 executing program 5 (fault-call:7 fault-nth:8):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:49 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x11)

[  160.271874][T11076] RBP: 00007f6378f721d0 R08: 0000000000000000 R09: 0000000000000000
[  160.279828][T11076] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  160.287780][T11076] R13: 00007ffe6f0dae5f R14: 00007f6378f72300 R15: 0000000000022000
08:50:49 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x7a00, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:49 executing program 2 (fault-call:7 fault-nth:11):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:49 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000200), 0xf000)

08:50:49 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x3f00, 0xf000)

[  160.342696][T11090] loop3: detected capacity change from 0 to 16
[  160.377518][T11099] loop5: detected capacity change from 0 to 16
[  160.394825][T11099] FAULT_INJECTION: forcing a failure.
[  160.394825][T11099] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  160.405576][T11106] loop2: detected capacity change from 0 to 16
[  160.408476][T11099] CPU: 1 PID: 11099 Comm: syz-executor.5 Not tainted 5.14.0-rc6-syzkaller #0
[  160.423523][T11099] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  160.433592][T11099] Call Trace:
[  160.436867][T11099]  dump_stack_lvl+0xb7/0x103
[  160.441464][T11099]  dump_stack+0x11/0x1a
[  160.445601][T11099]  should_fail+0x23c/0x250
[  160.450124][T11099]  __alloc_pages+0x102/0x320
[  160.454706][T11099]  alloc_pages+0x2e8/0x340
[  160.459105][T11099]  __page_cache_alloc+0x4d/0xf0
[  160.463939][T11099]  pagecache_get_page+0x5f4/0x900
[  160.468960][T11099]  grab_cache_page_write_begin+0x3f/0x70
[  160.474589][T11099]  cont_write_begin+0x501/0x850
[  160.479433][T11099]  fat_write_begin+0x61/0xf0
[  160.484091][T11099]  ? fat_block_truncate_page+0x30/0x30
[  160.489543][T11099]  generic_perform_write+0x196/0x3c0
[  160.494816][T11099]  ? fat_write_begin+0xf0/0xf0
[  160.499570][T11099]  __generic_file_write_iter+0x202/0x300
[  160.505187][T11099]  ? generic_write_checks+0x250/0x290
[  160.510543][T11099]  generic_file_write_iter+0x75/0x130
[  160.515901][T11099]  vfs_write+0x69d/0x770
[  160.520212][T11099]  ksys_write+0xce/0x180
[  160.524450][T11099]  __x64_sys_write+0x3e/0x50
[  160.529031][T11099]  do_syscall_64+0x3d/0x90
[  160.533431][T11099]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  160.539428][T11099] RIP: 0033:0x4665e9
[  160.543299][T11099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  160.563058][T11099] RSP: 002b:00007f6884076188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  160.571452][T11099] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  160.579503][T11099] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000004
[  160.587455][T11099] RBP: 00007f68840761d0 R08: 0000000000000000 R09: 0000000000000000
08:50:49 executing program 5 (fault-call:7 fault-nth:9):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

[  160.595409][T11099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  160.603377][T11099] R13: 00007ffde1a7070f R14: 00007f6884076300 R15: 0000000000022000
[  160.635822][T11112] loop3: detected capacity change from 0 to 16
08:50:49 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000200), 0xf000)

[  160.644408][T11109] FAULT_INJECTION: forcing a failure.
[  160.644408][T11109] name failslab, interval 1, probability 0, space 0, times 0
[  160.657070][T11109] CPU: 1 PID: 11109 Comm: syz-executor.2 Not tainted 5.14.0-rc6-syzkaller #0
[  160.660773][T11117] loop4: detected capacity change from 0 to 16
[  160.665824][T11109] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  160.665836][T11109] Call Trace:
[  160.665843][T11109]  dump_stack_lvl+0xb7/0x103
[  160.689866][T11109]  dump_stack+0x11/0x1a
08:50:49 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xa50c, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  160.694021][T11109]  should_fail+0x23c/0x250
[  160.698439][T11109]  ? mempool_alloc_slab+0x16/0x20
[  160.703498][T11109]  __should_failslab+0x81/0x90
[  160.708254][T11109]  should_failslab+0x5/0x20
[  160.712747][T11109]  kmem_cache_alloc+0x46/0x2e0
[  160.717514][T11109]  ? bit_wait+0x50/0x50
[  160.721753][T11109]  mempool_alloc_slab+0x16/0x20
[  160.726598][T11109]  ? mempool_free+0x130/0x130
[  160.731282][T11109]  mempool_alloc+0x8c/0x300
[  160.735782][T11109]  ? __sync_dirty_buffer+0x1c2/0x1e0
[  160.741059][T11109]  ? __brelse+0x2c/0x50
[  160.745219][T11109]  bio_alloc_bioset+0xcc/0x480
[  160.749999][T11109]  ? do_writepages+0x110/0x150
[  160.754752][T11109]  submit_bh_wbc+0x130/0x330
[  160.759340][T11109]  ? __writeback_single_inode+0x2ad/0x440
[  160.765093][T11109]  ? __list_del_entry_valid+0x54/0xc0
[  160.770467][T11109]  write_dirty_buffer+0xde/0xf0
[  160.775389][T11109]  sync_mapping_buffers+0x2bf/0x8b0
[  160.780595][T11109]  ext4_sync_file+0x4d5/0x670
[  160.785274][T11109]  ? tsan.module_ctor+0x10/0x10
[  160.790113][T11109]  vfs_fsync_range+0x107/0x120
08:50:49 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x4000, 0xf000)

[  160.794976][T11109]  iomap_dio_complete+0x2d5/0x3c0
[  160.800011][T11109]  iomap_dio_rw+0x4e/0x70
[  160.804398][T11109]  ? ext4_file_write_iter+0x4d1/0x11d0
[  160.809981][T11109]  ext4_file_write_iter+0xa04/0x11d0
[  160.815287][T11109]  ? ext4_file_write_iter+0x4d1/0x11d0
[  160.820746][T11109]  ? iov_iter_init+0xb1/0xf0
[  160.825624][T11109]  vfs_write+0x69d/0x770
[  160.829845][T11109]  ksys_write+0xce/0x180
[  160.834153][T11109]  __x64_sys_write+0x3e/0x50
[  160.838738][T11109]  do_syscall_64+0x3d/0x90
[  160.843141][T11109]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  160.849037][T11109] RIP: 0033:0x4665e9
[  160.852909][T11109] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  160.872821][T11109] RSP: 002b:00007f6378f51188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  160.881216][T11109] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665e9
[  160.889189][T11109] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006
08:50:49 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xe000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  160.897163][T11109] RBP: 00007f6378f511d0 R08: 0000000000000000 R09: 0000000000000000
[  160.905120][T11109] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  160.913222][T11109] R13: 00007ffe6f0dae5f R14: 00007f6378f51300 R15: 0000000000022000
08:50:49 executing program 2 (fault-call:7 fault-nth:12):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:49 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xe803, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  160.956312][T11135] loop5: detected capacity change from 0 to 16
[  160.980754][T11145] loop4: detected capacity change from 0 to 16
[  160.983940][T11135] FAULT_INJECTION: forcing a failure.
[  160.983940][T11135] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  161.001974][T11135] CPU: 1 PID: 11135 Comm: syz-executor.5 Not tainted 5.14.0-rc6-syzkaller #0
[  161.007896][T11146] loop3: detected capacity change from 0 to 16
[  161.010824][T11135] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  161.027303][T11135] Call Trace:
[  161.031019][T11135]  dump_stack_lvl+0xb7/0x103
[  161.035685][T11135]  dump_stack+0x11/0x1a
[  161.039916][T11135]  should_fail+0x23c/0x250
[  161.044323][T11135]  should_fail_usercopy+0x16/0x20
[  161.049378][T11135]  copy_page_from_iter_atomic+0x2c1/0xba0
[  161.055125][T11135]  ? fat_write_begin+0x61/0xf0
[  161.059886][T11135]  ? fat_block_truncate_page+0x30/0x30
[  161.065422][T11135]  ? fat_write_begin+0x79/0xf0
[  161.070228][T11135]  generic_perform_write+0x1df/0x3c0
[  161.075530][T11135]  ? fat_write_begin+0xf0/0xf0
[  161.080294][T11135]  __generic_file_write_iter+0x202/0x300
[  161.086085][T11135]  ? generic_write_checks+0x250/0x290
[  161.091748][T11135]  generic_file_write_iter+0x75/0x130
[  161.097381][T11135]  vfs_write+0x69d/0x770
[  161.101838][T11135]  ksys_write+0xce/0x180
[  161.106492][T11135]  __x64_sys_write+0x3e/0x50
[  161.111068][T11135]  do_syscall_64+0x3d/0x90
[  161.115684][T11135]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  161.121790][T11135] RIP: 0033:0x4665e9
[  161.125669][T11135] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  161.146474][T11135] RSP: 002b:00007f6884076188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  161.155139][T11135] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  161.163117][T11135] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000004
[  161.171435][T11135] RBP: 00007f68840761d0 R08: 0000000000000000 R09: 0000000000000000
[  161.179479][T11135] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  161.187705][T11135] R13: 00007ffde1a7070f R14: 00007f6884076300 R15: 0000000000022000
08:50:50 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x12)

08:50:50 executing program 5 (fault-call:7 fault-nth:10):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

[  161.223860][T11159] loop2: detected capacity change from 0 to 16
[  161.260865][T11159] FAULT_INJECTION: forcing a failure.
[  161.260865][T11159] name fail_page_alloc, interval 1, probability 0, space 0, times 0
08:50:50 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, 0x0, 0x0)

08:50:50 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xe8ff, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:50 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x6f00, 0xf000)

[  161.274309][T11159] CPU: 0 PID: 11159 Comm: syz-executor.2 Not tainted 5.14.0-rc6-syzkaller #0
[  161.283157][T11159] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  161.293266][T11159] Call Trace:
[  161.296540][T11159]  dump_stack_lvl+0xb7/0x103
[  161.301142][T11159]  dump_stack+0x11/0x1a
[  161.305302][T11159]  should_fail+0x23c/0x250
[  161.309728][T11159]  __alloc_pages+0x102/0x320
[  161.314429][T11159]  alloc_pages+0x2e8/0x340
[  161.318982][T11159]  __page_cache_alloc+0x4d/0xf0
[  161.323868][T11159]  pagecache_get_page+0x5f4/0x900
[  161.328879][T11159]  grab_cache_page_write_begin+0x3f/0x70
[  161.334665][T11159]  cont_write_begin+0x501/0x850
[  161.339703][T11159]  fat_write_begin+0x61/0xf0
[  161.344320][T11159]  ? fat_block_truncate_page+0x30/0x30
[  161.349859][T11159]  generic_perform_write+0x196/0x3c0
[  161.355354][T11159]  ? fat_write_begin+0xf0/0xf0
[  161.360096][T11159]  __generic_file_write_iter+0x202/0x300
[  161.365747][T11159]  ? generic_write_checks+0x250/0x290
[  161.371202][T11159]  generic_file_write_iter+0x75/0x130
[  161.376576][T11159]  vfs_write+0x69d/0x770
[  161.380810][T11159]  ksys_write+0xce/0x180
[  161.385032][T11159]  __x64_sys_write+0x3e/0x50
[  161.389605][T11159]  do_syscall_64+0x3d/0x90
[  161.394033][T11159]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  161.399929][T11159] RIP: 0033:0x4665e9
[  161.403888][T11159] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
08:50:50 executing program 2 (fault-call:7 fault-nth:13):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

[  161.423679][T11159] RSP: 002b:00007f6378f72188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  161.432283][T11159] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  161.440237][T11159] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000004
[  161.449538][T11159] RBP: 00007f6378f721d0 R08: 0000000000000000 R09: 0000000000000000
[  161.457490][T11159] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  161.465572][T11159] R13: 00007ffe6f0dae5f R14: 00007f6378f72300 R15: 0000000000022000
[  161.495841][T11176] loop5: detected capacity change from 0 to 16
[  161.508908][T11176] FAULT_INJECTION: forcing a failure.
[  161.508908][T11176] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  161.522610][T11176] CPU: 1 PID: 11176 Comm: syz-executor.5 Not tainted 5.14.0-rc6-syzkaller #0
[  161.531541][T11176] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  161.541645][T11176] Call Trace:
08:50:50 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xf401, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  161.542576][T11183] loop2: detected capacity change from 0 to 16
[  161.544919][T11176]  dump_stack_lvl+0xb7/0x103
[  161.555665][T11176]  dump_stack+0x11/0x1a
[  161.559816][T11176]  should_fail+0x23c/0x250
[  161.561630][T11183] FAULT_INJECTION: forcing a failure.
[  161.561630][T11183] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  161.564238][T11176]  __alloc_pages+0x102/0x320
[  161.564263][T11176]  alloc_pages+0x2e8/0x340
[  161.586421][T11176]  __page_cache_alloc+0x4d/0xf0
[  161.591262][T11176]  pagecache_get_page+0x5f4/0x900
[  161.596272][T11176]  grab_cache_page_write_begin+0x3f/0x70
[  161.601890][T11176]  cont_write_begin+0x501/0x850
[  161.606821][T11176]  fat_write_begin+0x61/0xf0
[  161.611396][T11176]  ? fat_block_truncate_page+0x30/0x30
[  161.616879][T11176]  generic_perform_write+0x196/0x3c0
[  161.622157][T11176]  ? fat_write_begin+0xf0/0xf0
[  161.626920][T11176]  __generic_file_write_iter+0x202/0x300
[  161.632544][T11176]  ? generic_write_checks+0x250/0x290
[  161.637975][T11176]  generic_file_write_iter+0x75/0x130
[  161.643333][T11176]  vfs_write+0x69d/0x770
[  161.647556][T11176]  ksys_write+0xce/0x180
[  161.651783][T11176]  __x64_sys_write+0x3e/0x50
[  161.656378][T11176]  do_syscall_64+0x3d/0x90
[  161.660813][T11176]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  161.666769][T11176] RIP: 0033:0x4665e9
[  161.670748][T11176] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  161.690388][T11176] RSP: 002b:00007f6884076188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  161.698780][T11176] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  161.706732][T11176] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000004
[  161.714709][T11176] RBP: 00007f68840761d0 R08: 0000000000000000 R09: 0000000000000000
[  161.722719][T11176] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  161.730680][T11176] R13: 00007ffde1a7070f R14: 00007f6884076300 R15: 0000000000022000
08:50:50 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, 0x0, 0x0)

[  161.738892][T11183] CPU: 0 PID: 11183 Comm: syz-executor.2 Not tainted 5.14.0-rc6-syzkaller #0
[  161.747648][T11183] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  161.757695][T11183] Call Trace:
[  161.760971][T11183]  dump_stack_lvl+0xb7/0x103
[  161.765562][T11183]  dump_stack+0x11/0x1a
[  161.767499][T11194] loop3: detected capacity change from 0 to 16
[  161.769713][T11183]  should_fail+0x23c/0x250
[  161.780333][T11183]  should_fail_usercopy+0x16/0x20
[  161.785360][T11183]  copy_page_from_iter_atomic+0x2c1/0xba0
[  161.791089][T11183]  ? fat_write_begin+0x61/0xf0
08:50:50 executing program 5 (fault-call:7 fault-nth:11):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

[  161.795866][T11183]  ? fat_block_truncate_page+0x30/0x30
[  161.801384][T11183]  ? fat_write_begin+0x79/0xf0
[  161.806136][T11183]  generic_perform_write+0x1df/0x3c0
[  161.811680][T11183]  ? fat_write_begin+0xf0/0xf0
[  161.816491][T11183]  __generic_file_write_iter+0x202/0x300
[  161.822127][T11183]  ? generic_write_checks+0x250/0x290
[  161.827498][T11183]  generic_file_write_iter+0x75/0x130
[  161.832887][T11183]  vfs_write+0x69d/0x770
[  161.837129][T11183]  ksys_write+0xce/0x180
[  161.841233][T11193] loop4: detected capacity change from 0 to 16
[  161.841368][T11183]  __x64_sys_write+0x3e/0x50
[  161.852156][T11183]  do_syscall_64+0x3d/0x90
[  161.856668][T11183]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  161.862650][T11183] RIP: 0033:0x4665e9
[  161.866532][T11183] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  161.886291][T11183] RSP: 002b:00007f6378f72188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
08:50:50 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x7500, 0xf000)

08:50:50 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xfcff, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:50 executing program 2 (fault-call:7 fault-nth:14):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

[  161.894703][T11183] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  161.902697][T11183] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000004
[  161.910752][T11183] RBP: 00007f6378f721d0 R08: 0000000000000000 R09: 0000000000000000
[  161.918819][T11183] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  161.926819][T11183] R13: 00007ffe6f0dae5f R14: 00007f6378f72300 R15: 0000000000022000
[  161.973155][T11218] loop4: detected capacity change from 0 to 16
[  161.984921][T11222] loop5: detected capacity change from 0 to 16
[  162.001146][T11225] loop3: detected capacity change from 0 to 16
[  162.014312][T11222] FAULT_INJECTION: forcing a failure.
[  162.014312][T11222] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  162.027531][T11222] CPU: 1 PID: 11222 Comm: syz-executor.5 Not tainted 5.14.0-rc6-syzkaller #0
[  162.036457][T11222] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  162.046709][T11222] Call Trace:
[  162.049986][T11222]  dump_stack_lvl+0xb7/0x103
[  162.054592][T11222]  dump_stack+0x11/0x1a
[  162.058752][T11222]  should_fail+0x23c/0x250
[  162.063173][T11222]  should_fail_usercopy+0x16/0x20
[  162.068307][T11222]  copy_page_from_iter_atomic+0x2c1/0xba0
[  162.074026][T11222]  ? fat_write_begin+0x61/0xf0
[  162.078773][T11222]  ? fat_block_truncate_page+0x30/0x30
[  162.084233][T11222]  ? fat_write_begin+0x79/0xf0
[  162.089069][T11222]  generic_perform_write+0x1df/0x3c0
[  162.094346][T11222]  ? fat_write_begin+0xf0/0xf0
[  162.099091][T11222]  __generic_file_write_iter+0x202/0x300
[  162.104726][T11222]  ? generic_write_checks+0x250/0x290
[  162.110083][T11222]  generic_file_write_iter+0x75/0x130
[  162.115520][T11222]  vfs_write+0x69d/0x770
[  162.119745][T11222]  ksys_write+0xce/0x180
[  162.123970][T11222]  __x64_sys_write+0x3e/0x50
[  162.128548][T11222]  do_syscall_64+0x3d/0x90
[  162.132952][T11222]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  162.138833][T11222] RIP: 0033:0x4665e9
[  162.142765][T11222] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  162.162368][T11222] RSP: 002b:00007f6884076188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  162.170770][T11222] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  162.178786][T11222] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000004
[  162.186830][T11222] RBP: 00007f68840761d0 R08: 0000000000000000 R09: 0000000000000000
[  162.194923][T11222] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  162.203060][T11222] R13: 00007ffde1a7070f R14: 00007f6884076300 R15: 0000000000022000
[  162.216423][T11231] loop2: detected capacity change from 0 to 16
[  162.237522][T11240] FAULT_INJECTION: forcing a failure.
[  162.237522][T11240] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  162.250595][T11240] CPU: 0 PID: 11240 Comm: syz-executor.2 Not tainted 5.14.0-rc6-syzkaller #0
[  162.259433][T11240] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  162.269579][T11240] Call Trace:
[  162.272927][T11240]  dump_stack_lvl+0xb7/0x103
[  162.277520][T11240]  dump_stack+0x11/0x1a
[  162.281675][T11240]  should_fail+0x23c/0x250
08:50:51 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x25)

08:50:51 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xffe8, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:51 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, 0x0, 0x0)

08:50:51 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x8008, 0xf000)

08:50:51 executing program 5 (fault-call:7 fault-nth:12):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

[  162.286133][T11240]  should_fail_usercopy+0x16/0x20
[  162.291270][T11240]  _copy_from_user+0x1c/0xd0
[  162.295904][T11240]  kstrtouint_from_user+0x6f/0x130
[  162.301019][T11240]  ? _copy_to_user+0x77/0x90
[  162.305613][T11240]  ? fsnotify_perm+0x59/0x2e0
[  162.310285][T11240]  proc_fail_nth_write+0x38/0x140
[  162.315547][T11240]  ? proc_fail_nth_read+0x140/0x140
[  162.320731][T11240]  vfs_write+0x1f3/0x770
[  162.324969][T11240]  ? __fget_light+0x21b/0x260
[  162.329619][T11240]  ? __cond_resched+0x11/0x40
[  162.334324][T11240]  ksys_write+0xce/0x180
[  162.338552][T11240]  __x64_sys_write+0x3e/0x50
[  162.343173][T11240]  do_syscall_64+0x3d/0x90
[  162.347580][T11240]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  162.353625][T11240] RIP: 0033:0x4192cf
[  162.357497][T11240] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 fd ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 cc fd ff ff 48
[  162.377130][T11240] RSP: 002b:00007f6378f51170 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
08:50:51 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:51 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xfffc, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:51 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x34000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  162.385611][T11240] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000004192cf
[  162.393565][T11240] RDX: 0000000000000001 RSI: 00007f6378f511e0 RDI: 0000000000000007
[  162.401608][T11240] RBP: 00007f6378f511d0 R08: 0000000000000000 R09: 0000000000000000
[  162.409661][T11240] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002
[  162.417627][T11240] R13: 00007ffe6f0dae5f R14: 00007f6378f51300 R15: 0000000000022000
[  162.465843][T11259] net_ratelimit: 18 callbacks suppressed
[  162.465855][T11259] IPv4: Oversized IP packet from 127.0.0.1
[  162.477379][    C1] IPv4: Oversized IP packet from 127.0.0.1
[  162.489850][T11265] loop3: detected capacity change from 0 to 16
[  162.506852][T11272] loop2: detected capacity change from 0 to 16
08:50:51 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0xa00, 0xf000)

08:50:51 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x400300, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:51 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x2, 0xf000)

[  162.522067][T11277] loop4: detected capacity change from 0 to 16
[  162.529519][T11278] loop5: detected capacity change from 0 to 16
08:50:51 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0xca00, 0xf000)

[  162.569716][T11286] IPv4: Oversized IP packet from 127.0.0.1
[  162.575861][    C1] IPv4: Oversized IP packet from 127.0.0.1
[  162.583328][T11278] FAULT_INJECTION: forcing a failure.
[  162.583328][T11278] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  162.596583][T11278] CPU: 1 PID: 11278 Comm: syz-executor.5 Not tainted 5.14.0-rc6-syzkaller #0
[  162.605359][T11278] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  162.615477][T11278] Call Trace:
[  162.618752][T11278]  dump_stack_lvl+0xb7/0x103
[  162.623322][T11278]  dump_stack+0x11/0x1a
[  162.627501][T11278]  should_fail+0x23c/0x250
[  162.631901][T11278]  __alloc_pages+0x102/0x320
[  162.636538][T11278]  alloc_pages+0x2e8/0x340
[  162.640939][T11278]  __page_cache_alloc+0x4d/0xf0
[  162.645900][T11278]  pagecache_get_page+0x5f4/0x900
[  162.650906][T11278]  grab_cache_page_write_begin+0x3f/0x70
[  162.656643][T11278]  cont_write_begin+0x501/0x850
[  162.661559][T11278]  fat_write_begin+0x61/0xf0
[  162.666125][T11278]  ? fat_block_truncate_page+0x30/0x30
[  162.671600][T11278]  generic_perform_write+0x196/0x3c0
[  162.677091][T11278]  ? fat_write_begin+0xf0/0xf0
[  162.681830][T11278]  __generic_file_write_iter+0x202/0x300
[  162.687500][T11278]  ? generic_write_checks+0x250/0x290
[  162.693149][T11278]  generic_file_write_iter+0x75/0x130
[  162.698580][T11278]  vfs_write+0x69d/0x770
[  162.702813][T11278]  ksys_write+0xce/0x180
[  162.707052][T11278]  __x64_sys_write+0x3e/0x50
[  162.711688][T11278]  do_syscall_64+0x3d/0x90
[  162.716207][T11278]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  162.722096][T11278] RIP: 0033:0x4665e9
[  162.725985][T11278] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  162.745593][T11278] RSP: 002b:00007f6884076188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  162.754006][T11278] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  162.754727][T11299] loop3: detected capacity change from 0 to 16
[  162.761974][T11278] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000004
[  162.762000][T11278] RBP: 00007f68840761d0 R08: 0000000000000000 R09: 0000000000000000
[  162.762010][T11278] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  162.792019][T11278] R13: 00007ffde1a7070f R14: 00007f6884076300 R15: 0000000000022000
[  162.807957][T11290] loop2: detected capacity change from 0 to 16
[  162.844612][T11309] loop4: detected capacity change from 0 to 16
08:50:52 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x30)

08:50:52 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xe0ffff, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:52 executing program 3 (fault-call:8 fault-nth:0):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:50:52 executing program 5 (fault-call:7 fault-nth:13):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:52 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x3, 0xf000)

08:50:52 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0xcc00, 0xf000)

08:50:52 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x1000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  163.166506][T11329] loop4: detected capacity change from 0 to 16
[  163.176882][T11332] loop2: detected capacity change from 0 to 16
[  163.210565][T11339] loop3: detected capacity change from 0 to 16
[  163.217033][T11340] loop5: detected capacity change from 0 to 16
[  163.240723][T11339] FAULT_INJECTION: forcing a failure.
[  163.240723][T11339] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  163.243659][T11340] FAULT_INJECTION: forcing a failure.
[  163.243659][T11340] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  163.254247][T11339] CPU: 1 PID: 11339 Comm: syz-executor.3 Not tainted 5.14.0-rc6-syzkaller #0
[  163.276070][T11339] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  163.286288][T11339] Call Trace:
[  163.289551][T11339]  dump_stack_lvl+0xb7/0x103
[  163.294139][T11339]  dump_stack+0x11/0x1a
[  163.298330][T11339]  should_fail+0x23c/0x250
[  163.302831][T11339]  __alloc_pages+0x102/0x320
[  163.307412][T11339]  alloc_pages+0x2e8/0x340
[  163.311898][T11339]  __page_cache_alloc+0x4d/0xf0
[  163.316754][T11339]  pagecache_get_page+0x5f4/0x900
[  163.321765][T11339]  grab_cache_page_write_begin+0x3f/0x70
[  163.327409][T11339]  cont_write_begin+0x501/0x850
[  163.332260][T11339]  fat_write_begin+0x61/0xf0
[  163.336840][T11339]  ? fat_block_truncate_page+0x30/0x30
[  163.342307][T11339]  generic_perform_write+0x196/0x3c0
[  163.347885][T11339]  __generic_file_write_iter+0x202/0x300
[  163.353500][T11339]  ? generic_write_checks+0x250/0x290
[  163.359038][T11339]  generic_file_write_iter+0x75/0x130
[  163.364413][T11339]  vfs_write+0x69d/0x770
[  163.368647][T11339]  ksys_write+0xce/0x180
[  163.373160][T11339]  __x64_sys_write+0x3e/0x50
[  163.377828][T11339]  do_syscall_64+0x3d/0x90
[  163.382314][T11339]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  163.388202][T11339] RIP: 0033:0x4665e9
[  163.392265][T11339] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  163.412845][T11339] RSP: 002b:00007f654f380188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  163.421442][T11339] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  163.430495][T11339] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006
[  163.438688][T11339] RBP: 00007f654f3801d0 R08: 0000000000000000 R09: 0000000000000000
[  163.446848][T11339] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  163.455075][T11339] R13: 00007fff92e1b66f R14: 00007f654f380300 R15: 0000000000022000
[  163.463099][T11340] CPU: 0 PID: 11340 Comm: syz-executor.5 Not tainted 5.14.0-rc6-syzkaller #0
[  163.469043][T11350] IPv4: Oversized IP packet from 127.0.0.1
[  163.472333][T11340] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  163.472346][T11340] Call Trace:
[  163.472352][T11340]  dump_stack_lvl+0xb7/0x103
[  163.478583][    C1] IPv4: Oversized IP packet from 127.0.0.1
[  163.488585][T11340]  dump_stack+0x11/0x1a
[  163.488603][T11340]  should_fail+0x23c/0x250
08:50:52 executing program 3 (fault-call:8 fault-nth:1):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:50:52 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0xcd00, 0xf000)

08:50:52 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x4, 0xf000)

[  163.511446][T11340]  should_fail_usercopy+0x16/0x20
[  163.516482][T11340]  copy_page_from_iter_atomic+0x2c1/0xba0
[  163.522205][T11340]  ? fat_write_begin+0x61/0xf0
[  163.526993][T11340]  ? fat_block_truncate_page+0x30/0x30
[  163.532589][T11340]  ? fat_write_begin+0x79/0xf0
[  163.537347][T11340]  generic_perform_write+0x1df/0x3c0
[  163.542683][T11340]  ? fat_write_begin+0xf0/0xf0
[  163.547456][T11340]  __generic_file_write_iter+0x202/0x300
[  163.553168][T11340]  ? generic_write_checks+0x250/0x290
[  163.558658][T11340]  generic_file_write_iter+0x75/0x130
[  163.564210][T11340]  vfs_write+0x69d/0x770
[  163.568611][T11340]  ksys_write+0xce/0x180
[  163.573077][T11340]  __x64_sys_write+0x3e/0x50
[  163.577649][T11340]  do_syscall_64+0x3d/0x90
[  163.582063][T11340]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  163.588048][T11340] RIP: 0033:0x4665e9
[  163.591928][T11340] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
08:50:52 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x2000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:52 executing program 5 (fault-call:7 fault-nth:14):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

[  163.611872][T11340] RSP: 002b:00007f6884076188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  163.620258][T11340] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  163.628212][T11340] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000004
[  163.636215][T11340] RBP: 00007f68840761d0 R08: 0000000000000000 R09: 0000000000000000
[  163.644315][T11340] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  163.652285][T11340] R13: 00007ffde1a7070f R14: 00007f6884076300 R15: 0000000000022000
[  163.685979][T11360] IPv4: Oversized IP packet from 127.0.0.1
[  163.691868][    C1] IPv4: Oversized IP packet from 127.0.0.1
[  163.726795][T11374] loop3: detected capacity change from 0 to 16
[  163.741690][T11376] loop2: detected capacity change from 0 to 16
[  163.742347][T11378] loop4: detected capacity change from 0 to 16
[  163.764644][T11379] loop5: detected capacity change from 0 to 16
[  163.770098][T11374] FAULT_INJECTION: forcing a failure.
[  163.770098][T11374] name failslab, interval 1, probability 0, space 0, times 0
[  163.783718][T11374] CPU: 0 PID: 11374 Comm: syz-executor.3 Not tainted 5.14.0-rc6-syzkaller #0
[  163.791498][T11379] FAULT_INJECTION: forcing a failure.
[  163.791498][T11379] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  163.792657][T11374] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  163.792670][T11374] Call Trace:
[  163.792677][T11374]  dump_stack_lvl+0xb7/0x103
[  163.824344][T11374]  dump_stack+0x11/0x1a
[  163.828507][T11374]  should_fail+0x23c/0x250
[  163.833043][T11374]  ? fat_cache_add+0x219/0x570
[  163.837882][T11374]  __should_failslab+0x81/0x90
[  163.842675][T11374]  should_failslab+0x5/0x20
[  163.847404][T11374]  kmem_cache_alloc+0x46/0x2e0
[  163.852152][T11374]  fat_cache_add+0x219/0x570
[  163.856817][T11374]  fat_get_cluster+0x58e/0x870
[  163.861911][T11374]  ? __brelse+0x2c/0x50
[  163.866639][T11374]  fat_get_mapped_cluster+0xd0/0x250
[  163.872314][T11374]  fat_bmap+0x258/0x290
[  163.876547][T11374]  fat_get_block+0x36d/0x5a0
[  163.881444][T11374]  __block_write_begin_int+0x4a2/0x1060
[  163.887078][T11374]  ? fat_block_truncate_page+0x30/0x30
[  163.892803][T11374]  ? wait_for_stable_page+0x56/0x70
[  163.897992][T11374]  cont_write_begin+0x522/0x850
[  163.902851][T11374]  fat_write_begin+0x61/0xf0
[  163.907437][T11374]  ? fat_block_truncate_page+0x30/0x30
[  163.913013][T11374]  generic_perform_write+0x196/0x3c0
[  163.918379][T11374]  __generic_file_write_iter+0x202/0x300
[  163.924083][T11374]  ? generic_write_checks+0x250/0x290
[  163.929620][T11374]  generic_file_write_iter+0x75/0x130
[  163.935007][T11374]  vfs_write+0x69d/0x770
[  163.939243][T11374]  ksys_write+0xce/0x180
[  163.943556][T11374]  __x64_sys_write+0x3e/0x50
[  163.948141][T11374]  do_syscall_64+0x3d/0x90
[  163.952543][T11374]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  163.958424][T11374] RIP: 0033:0x4665e9
[  163.962321][T11374] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  163.981911][T11374] RSP: 002b:00007f654f380188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  163.990317][T11374] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  163.998881][T11374] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006
[  164.006961][T11374] RBP: 00007f654f3801d0 R08: 0000000000000000 R09: 0000000000000000
[  164.015024][T11374] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  164.023265][T11374] R13: 00007fff92e1b66f R14: 00007f654f380300 R15: 0000000000022000
[  164.031246][T11379] CPU: 1 PID: 11379 Comm: syz-executor.5 Not tainted 5.14.0-rc6-syzkaller #0
[  164.040241][T11379] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  164.050304][T11379] Call Trace:
[  164.053579][T11379]  dump_stack_lvl+0xb7/0x103
[  164.058376][T11379]  dump_stack+0x11/0x1a
[  164.062712][T11379]  should_fail+0x23c/0x250
[  164.067157][T11379]  __alloc_pages+0x102/0x320
[  164.071742][T11379]  alloc_pages+0x2e8/0x340
08:50:53 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x48)

08:50:53 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x3000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:53 executing program 3 (fault-call:8 fault-nth:2):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

[  164.076158][T11379]  __page_cache_alloc+0x4d/0xf0
[  164.081134][T11379]  pagecache_get_page+0x5f4/0x900
[  164.086646][T11379]  grab_cache_page_write_begin+0x3f/0x70
[  164.092311][T11379]  cont_write_begin+0x501/0x850
[  164.097296][T11379]  fat_write_begin+0x61/0xf0
[  164.101984][T11379]  ? fat_block_truncate_page+0x30/0x30
[  164.107472][T11379]  generic_perform_write+0x196/0x3c0
[  164.112829][T11379]  ? fat_write_begin+0xf0/0xf0
[  164.122491][T11379]  __generic_file_write_iter+0x202/0x300
08:50:53 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x5, 0xf000)

[  164.128145][T11379]  ? generic_write_checks+0x250/0x290
[  164.133522][T11379]  generic_file_write_iter+0x75/0x130
[  164.139027][T11379]  vfs_write+0x69d/0x770
[  164.143300][T11379]  ksys_write+0xce/0x180
[  164.147739][T11379]  __x64_sys_write+0x3e/0x50
[  164.152333][T11379]  do_syscall_64+0x3d/0x90
[  164.156764][T11379]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  164.158064][T11395] IPv4: Oversized IP packet from 127.0.0.1
[  164.162697][T11379] RIP: 0033:0x4665e9
[  164.162716][T11379] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  164.162735][T11379] RSP: 002b:00007f6884076188 EFLAGS: 00000246
[  164.168672][    C0] IPv4: Oversized IP packet from 127.0.0.1
[  164.172513][T11379]  ORIG_RAX: 0000000000000001
[  164.172521][T11379] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  164.218689][T11379] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000004
08:50:53 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x4000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:53 executing program 5 (fault-call:7 fault-nth:15):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

[  164.226649][T11379] RBP: 00007f68840761d0 R08: 0000000000000000 R09: 0000000000000000
[  164.234806][T11379] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  164.243411][T11379] R13: 00007ffde1a7070f R14: 00007f6884076300 R15: 0000000000022000
08:50:53 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0xdfff, 0xf000)

[  164.292937][T11405] loop3: detected capacity change from 0 to 16
[  164.304763][T11409] loop2: detected capacity change from 0 to 16
[  164.340619][T11419] loop5: detected capacity change from 0 to 16
[  164.343111][T11405] FAULT_INJECTION: forcing a failure.
[  164.343111][T11405] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  164.360746][T11405] CPU: 0 PID: 11405 Comm: syz-executor.3 Not tainted 5.14.0-rc6-syzkaller #0
[  164.369640][T11405] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  164.372517][T11419] FAULT_INJECTION: forcing a failure.
[  164.372517][T11419] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  164.379693][T11405] Call Trace:
[  164.379703][T11405]  dump_stack_lvl+0xb7/0x103
[  164.379728][T11405]  dump_stack+0x11/0x1a
[  164.379743][T11405]  should_fail+0x23c/0x250
[  164.409269][T11405]  should_fail_usercopy+0x16/0x20
[  164.414332][T11405]  copy_page_from_iter_atomic+0x2c1/0xba0
[  164.420312][T11405]  ? fat_write_begin+0x61/0xf0
[  164.425111][T11405]  ? fat_block_truncate_page+0x30/0x30
[  164.430908][T11405]  ? fat_write_begin+0x79/0xf0
[  164.435655][T11405]  generic_perform_write+0x1df/0x3c0
[  164.440929][T11405]  __generic_file_write_iter+0x202/0x300
[  164.446781][T11405]  ? generic_write_checks+0x250/0x290
[  164.452142][T11405]  generic_file_write_iter+0x75/0x130
[  164.457854][T11405]  vfs_write+0x69d/0x770
[  164.462086][T11405]  ksys_write+0xce/0x180
[  164.466321][T11405]  __x64_sys_write+0x3e/0x50
[  164.470924][T11405]  do_syscall_64+0x3d/0x90
[  164.475448][T11405]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  164.481851][T11405] RIP: 0033:0x4665e9
[  164.485903][T11405] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  164.505825][T11405] RSP: 002b:00007f654f380188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  164.514484][T11405] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  164.522452][T11405] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006
[  164.530594][T11405] RBP: 00007f654f3801d0 R08: 0000000000000000 R09: 0000000000000000
08:50:53 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x6, 0xf000)

[  164.538550][T11405] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  164.546702][T11405] R13: 00007fff92e1b66f R14: 00007f654f380300 R15: 0000000000022000
[  164.555345][T11419] CPU: 1 PID: 11419 Comm: syz-executor.5 Not tainted 5.14.0-rc6-syzkaller #0
[  164.564319][T11419] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  164.574588][T11419] Call Trace:
[  164.577862][T11419]  dump_stack_lvl+0xb7/0x103
[  164.582491][T11419]  dump_stack+0x11/0x1a
[  164.586896][T11419]  should_fail+0x23c/0x250
08:50:53 executing program 3 (fault-call:8 fault-nth:3):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:50:53 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x5000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  164.591543][T11419]  should_fail_usercopy+0x16/0x20
[  164.596627][T11419]  copy_page_from_iter_atomic+0x2c1/0xba0
[  164.602448][T11419]  ? fat_write_begin+0x61/0xf0
[  164.607223][T11419]  ? fat_block_truncate_page+0x30/0x30
[  164.612730][T11419]  ? fat_write_begin+0x79/0xf0
[  164.617492][T11419]  generic_perform_write+0x1df/0x3c0
[  164.622798][T11419]  ? fat_write_begin+0xf0/0xf0
[  164.627588][T11419]  __generic_file_write_iter+0x202/0x300
[  164.633967][T11419]  ? generic_write_checks+0x250/0x290
08:50:53 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0xeffd, 0xf000)

[  164.634839][T11425] loop4: detected capacity change from 0 to 16
[  164.639430][T11419]  generic_file_write_iter+0x75/0x130
[  164.639458][T11419]  vfs_write+0x69d/0x770
[  164.655283][T11419]  ksys_write+0xce/0x180
[  164.659562][T11419]  __x64_sys_write+0x3e/0x50
[  164.664280][T11419]  do_syscall_64+0x3d/0x90
[  164.668790][T11419]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  164.674986][T11419] RIP: 0033:0x4665e9
[  164.678878][T11419] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  164.698731][T11419] RSP: 002b:00007f6884076188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  164.707144][T11419] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  164.715112][T11419] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000004
[  164.723311][T11419] RBP: 00007f68840761d0 R08: 0000000000000000 R09: 0000000000000000
[  164.731317][T11419] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  164.739374][T11419] R13: 00007ffde1a7070f R14: 00007f6884076300 R15: 0000000000022000
[  164.751001][T11419] handle_bad_sector: 88 callbacks suppressed
[  164.751010][T11419] attempt to access beyond end of device
[  164.751010][T11419] loop5: rw=2049, want=122, limit=16
[  164.768586][T11419] attempt to access beyond end of device
[  164.768586][T11419] loop5: rw=2049, want=123, limit=16
[  164.779409][T11419] buffer_io_error: 68 callbacks suppressed
[  164.779419][T11419] Buffer I/O error on dev loop5, logical block 122, lost async page write
[  164.793896][T11419] attempt to access beyond end of device
[  164.793896][T11419] loop5: rw=2049, want=124, limit=16
[  164.804968][T11419] Buffer I/O error on dev loop5, logical block 123, lost async page write
08:50:53 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x6000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  164.833034][T11447] loop2: detected capacity change from 0 to 16
[  164.839809][T11419] attempt to access beyond end of device
[  164.839809][T11419] loop5: rw=2049, want=125, limit=16
[  164.847504][T11448] loop3: detected capacity change from 0 to 16
[  164.850727][T11419] Buffer I/O error on dev loop5, logical block 124, lost async page write
[  164.865902][T11448] FAULT_INJECTION: forcing a failure.
[  164.865902][T11448] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  164.870386][T11454] loop4: detected capacity change from 0 to 16
[  164.880112][T11448] CPU: 0 PID: 11448 Comm: syz-executor.3 Not tainted 5.14.0-rc6-syzkaller #0
[  164.889955][T11419] attempt to access beyond end of device
[  164.889955][T11419] loop5: rw=2049, want=126, limit=16
[  164.895160][T11448] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  164.895173][T11448] Call Trace:
[  164.895181][T11448]  dump_stack_lvl+0xb7/0x103
[  164.905927][T11419] Buffer I/O error on dev loop5, logical block 125, lost async page write
[  164.916111][T11448]  dump_stack+0x11/0x1a
[  164.920457][T11419] attempt to access beyond end of device
[  164.920457][T11419] loop5: rw=2049, want=127, limit=16
[  164.924000][T11448]  should_fail+0x23c/0x250
[  164.932631][T11419] Buffer I/O error on dev loop5, logical block 126, lost async page write
[  164.936708][T11448]  __alloc_pages+0x102/0x320
[  164.965221][T11448]  alloc_pages+0x2e8/0x340
[  164.969847][T11448]  __page_cache_alloc+0x4d/0xf0
[  164.971293][T11447] attempt to access beyond end of device
[  164.971293][T11447] loop2: rw=2049, want=123, limit=16
[  164.974730][T11448]  pagecache_get_page+0x5f4/0x900
[  164.985778][T11447] Buffer I/O error on dev loop2, logical block 122, lost async page write
[  164.990757][T11448]  grab_cache_page_write_begin+0x3f/0x70
[  165.002325][T11454] attempt to access beyond end of device
[  165.002325][T11454] loop4: rw=2049, want=124, limit=16
[  165.005094][T11448]  cont_write_begin+0x501/0x850
[  165.020940][T11448]  fat_write_begin+0x61/0xf0
[  165.025621][T11448]  ? fat_block_truncate_page+0x30/0x30
[  165.031121][T11448]  generic_perform_write+0x196/0x3c0
[  165.036423][T11448]  ? fat_write_begin+0xf0/0xf0
[  165.041302][T11448]  __generic_file_write_iter+0x202/0x300
[  165.047050][T11448]  ? generic_write_checks+0x250/0x290
[  165.052512][T11448]  generic_file_write_iter+0x75/0x130
[  165.057894][T11448]  vfs_write+0x69d/0x770
[  165.062200][T11448]  ksys_write+0xce/0x180
[  165.066501][T11448]  __x64_sys_write+0x3e/0x50
[  165.067062][T11419] attempt to access beyond end of device
[  165.067062][T11419] loop5: rw=2049, want=128, limit=16
[  165.071093][T11448]  do_syscall_64+0x3d/0x90
[  165.071126][T11448]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  165.082107][T11419] Buffer I/O error on dev loop5, logical block 127, lost async page write
[  165.086465][T11448] RIP: 0033:0x4665e9
[  165.101922][T11447] attempt to access beyond end of device
[  165.101922][T11447] loop2: rw=2049, want=124, limit=16
08:50:54 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x4c)

08:50:54 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0xf000, 0xf000)

[  165.104901][T11448] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  165.104920][T11448] RSP: 002b:00007f654f380188 EFLAGS: 00000246
[  165.115860][T11447] Buffer I/O error on dev loop2, logical block 123, lost async page write
[  165.135725][T11448]  ORIG_RAX: 0000000000000001
[  165.135734][T11448] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  165.135744][T11448] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006
[  165.143585][T11447] Buffer I/O error on dev loop2, logical block 124, lost async page write
08:50:54 executing program 5 (fault-call:7 fault-nth:16):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:54 executing program 3 (fault-call:8 fault-nth:4):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:50:54 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x7000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  165.150570][T11448] RBP: 00007f654f3801d0 R08: 0000000000000000 R09: 0000000000000000
[  165.150585][T11448] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  165.150596][T11448] R13: 00007fff92e1b66f R14: 00007f654f380300 R15: 0000000000022000
[  165.206253][T11447] Buffer I/O error on dev loop2, logical block 125, lost async page write
[  165.257314][T11482] loop5: detected capacity change from 0 to 16
[  165.269933][T11482] FAULT_INJECTION: forcing a failure.
[  165.269933][T11482] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  165.275442][T11485] loop3: detected capacity change from 0 to 16
[  165.283279][T11482] CPU: 0 PID: 11482 Comm: syz-executor.5 Not tainted 5.14.0-rc6-syzkaller #0
[  165.291690][T11486] loop4: detected capacity change from 0 to 16
[  165.298476][T11482] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  165.298491][T11482] Call Trace:
[  165.298498][T11482]  dump_stack_lvl+0xb7/0x103
[  165.298520][T11482]  dump_stack+0x11/0x1a
[  165.298534][T11482]  should_fail+0x23c/0x250
[  165.332092][T11482]  __alloc_pages+0x102/0x320
[  165.336842][T11482]  alloc_pages+0x2e8/0x340
[  165.341252][T11482]  __page_cache_alloc+0x4d/0xf0
[  165.346212][T11482]  pagecache_get_page+0x5f4/0x900
[  165.351482][T11482]  grab_cache_page_write_begin+0x3f/0x70
[  165.357102][T11482]  cont_write_begin+0x501/0x850
[  165.361984][T11482]  fat_write_begin+0x61/0xf0
[  165.366592][T11482]  ? fat_block_truncate_page+0x30/0x30
[  165.372299][T11482]  generic_perform_write+0x196/0x3c0
[  165.377807][T11482]  ? fat_write_begin+0xf0/0xf0
[  165.382602][T11482]  __generic_file_write_iter+0x202/0x300
[  165.388230][T11482]  ? generic_write_checks+0x250/0x290
[  165.393784][T11482]  generic_file_write_iter+0x75/0x130
[  165.399218][T11482]  vfs_write+0x69d/0x770
[  165.403448][T11482]  ksys_write+0xce/0x180
[  165.407758][T11482]  __x64_sys_write+0x3e/0x50
[  165.412373][T11482]  do_syscall_64+0x3d/0x90
[  165.416773][T11482]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  165.422662][T11482] RIP: 0033:0x4665e9
[  165.426650][T11482] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  165.446341][T11482] RSP: 002b:00007f6884076188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
08:50:54 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x7, 0xf000)

08:50:54 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x8000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  165.454969][T11482] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  165.463011][T11482] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000004
[  165.471055][T11482] RBP: 00007f68840761d0 R08: 0000000000000000 R09: 0000000000000000
[  165.479019][T11482] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  165.487123][T11482] R13: 00007ffde1a7070f R14: 00007f6884076300 R15: 0000000000022000
08:50:54 executing program 5 (fault-call:7 fault-nth:17):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

[  165.518367][T11493] FAULT_INJECTION: forcing a failure.
[  165.518367][T11493] name failslab, interval 1, probability 0, space 0, times 0
[  165.531682][T11493] CPU: 1 PID: 11493 Comm: syz-executor.3 Not tainted 5.14.0-rc6-syzkaller #0
[  165.540450][T11493] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  165.550728][T11493] Call Trace:
[  165.554089][T11493]  dump_stack_lvl+0xb7/0x103
[  165.559580][T11493]  dump_stack+0x11/0x1a
[  165.560947][T11497] loop2: detected capacity change from 0 to 16
[  165.563746][T11493]  should_fail+0x23c/0x250
[  165.563825][T11493]  ? ext4_mb_new_blocks+0x2e7/0x1f90
[  165.563848][T11493]  __should_failslab+0x81/0x90
[  165.584843][T11493]  should_failslab+0x5/0x20
[  165.589690][T11493]  kmem_cache_alloc+0x46/0x2e0
[  165.594556][T11493]  ext4_mb_new_blocks+0x2e7/0x1f90
[  165.599751][T11493]  ? ext4_find_extent+0x6cf/0x7f0
[  165.604800][T11493]  ? ext4_ext_search_right+0x300/0x540
[  165.610342][T11493]  ? ext4_inode_to_goal_block+0x1bd/0x1d0
[  165.616221][T11493]  ext4_ext_map_blocks+0x1569/0x1f00
[  165.621520][T11493]  ? __down_write_common+0x42/0x810
[  165.626703][T11493]  ? __down_read_common+0x16d/0x530
[  165.631907][T11493]  ? percpu_counter_add_batch+0x69/0xd0
[  165.637463][T11493]  ? ext4_es_lookup_extent+0x206/0x490
[  165.642939][T11493]  ext4_map_blocks+0x70d/0xef0
[  165.647703][T11493]  ? ext4_iomap_begin+0x3f7/0x620
[  165.652710][T11493]  ? __cond_resched+0x11/0x40
[  165.657386][T11493]  ext4_iomap_begin+0x4a0/0x620
[  165.662232][T11493]  iomap_apply+0x8d/0x400
[  165.666602][T11493]  ? rmqueue+0x4a/0xcc0
[  165.670743][T11493]  __iomap_dio_rw+0x62e/0xa60
[  165.675476][T11493]  ? __iomap_dio_rw+0xa60/0xa60
[  165.680367][T11493]  iomap_dio_rw+0x30/0x70
[  165.684709][T11493]  ? ext4_file_write_iter+0x4d1/0x11d0
[  165.690324][T11493]  ext4_file_write_iter+0xa04/0x11d0
[  165.695609][T11493]  ? ext4_file_write_iter+0x4d1/0x11d0
[  165.701050][T11493]  ? iov_iter_init+0xb1/0xf0
[  165.705642][T11493]  vfs_write+0x69d/0x770
[  165.710030][T11493]  ksys_write+0xce/0x180
[  165.714351][T11493]  __x64_sys_write+0x3e/0x50
[  165.719291][T11493]  do_syscall_64+0x3d/0x90
[  165.723700][T11493]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  165.730187][T11493] RIP: 0033:0x4665e9
[  165.734063][T11493] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  165.753674][T11493] RSP: 002b:00007f654f35f188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  165.762341][T11493] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665e9
[  165.770375][T11493] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000007
[  165.778413][T11493] RBP: 00007f654f35f1d0 R08: 0000000000000000 R09: 0000000000000000
[  165.786374][T11493] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  165.794392][T11493] R13: 00007fff92e1b66f R14: 00007f654f35f300 R15: 0000000000022000
08:50:54 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x9000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:54 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0xf60f, 0xf000)

[  165.868221][T11511] loop5: detected capacity change from 0 to 16
08:50:54 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xa000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:54 executing program 3 (fault-call:8 fault-nth:5):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

[  165.910054][T11511] FAULT_INJECTION: forcing a failure.
[  165.910054][T11511] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  165.923424][T11511] CPU: 1 PID: 11511 Comm: syz-executor.5 Not tainted 5.14.0-rc6-syzkaller #0
[  165.932439][T11511] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  165.942610][T11511] Call Trace:
[  165.946020][T11511]  dump_stack_lvl+0xb7/0x103
[  165.948964][T11527] loop4: detected capacity change from 0 to 16
[  165.950619][T11511]  dump_stack+0x11/0x1a
[  165.950639][T11511]  should_fail+0x23c/0x250
[  165.965543][T11511]  should_fail_usercopy+0x16/0x20
[  165.970700][T11511]  copy_page_from_iter_atomic+0x2c1/0xba0
[  165.976529][T11511]  ? fat_write_begin+0x61/0xf0
[  165.981289][T11511]  ? fat_block_truncate_page+0x30/0x30
[  165.986991][T11511]  ? fat_write_begin+0x79/0xf0
[  165.991835][T11511]  generic_perform_write+0x1df/0x3c0
[  165.997114][T11511]  ? fat_write_begin+0xf0/0xf0
[  166.001884][T11511]  __generic_file_write_iter+0x202/0x300
[  166.007603][T11511]  ? generic_write_checks+0x250/0x290
[  166.013130][T11511]  generic_file_write_iter+0x75/0x130
[  166.018588][T11511]  vfs_write+0x69d/0x770
[  166.022903][T11511]  ksys_write+0xce/0x180
[  166.027171][T11511]  __x64_sys_write+0x3e/0x50
[  166.032114][T11511]  do_syscall_64+0x3d/0x90
[  166.036528][T11511]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  166.042585][T11511] RIP: 0033:0x4665e9
[  166.046495][T11511] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  166.066637][T11511] RSP: 002b:00007f6884076188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  166.075138][T11511] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  166.083429][T11511] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000004
[  166.091400][T11511] RBP: 00007f68840761d0 R08: 0000000000000000 R09: 0000000000000000
[  166.099406][T11511] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  166.107545][T11511] R13: 00007ffde1a7070f R14: 00007f6884076300 R15: 0000000000022000
08:50:55 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x60)

08:50:55 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x8, 0xf000)

[  166.131318][T11533] loop3: detected capacity change from 0 to 16
[  166.168853][T11544] loop2: detected capacity change from 0 to 16
[  166.174278][T11533] FAULT_INJECTION: forcing a failure.
08:50:55 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xb000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:55 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x9, 0xf000)

[  166.174278][T11533] name failslab, interval 1, probability 0, space 0, times 0
[  166.188700][T11533] CPU: 1 PID: 11533 Comm: syz-executor.3 Not tainted 5.14.0-rc6-syzkaller #0
[  166.197722][T11533] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  166.207776][T11533] Call Trace:
[  166.211444][T11533]  dump_stack_lvl+0xb7/0x103
[  166.216314][T11533]  dump_stack+0x11/0x1a
[  166.220657][T11533]  should_fail+0x23c/0x250
[  166.225339][T11533]  ? __es_insert_extent+0x51f/0xe70
08:50:55 executing program 5 (fault-call:7 fault-nth:18):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

[  166.230791][T11533]  __should_failslab+0x81/0x90
[  166.236191][T11533]  should_failslab+0x5/0x20
[  166.240874][T11533]  kmem_cache_alloc+0x46/0x2e0
[  166.245702][T11533]  __es_insert_extent+0x51f/0xe70
[  166.250984][T11533]  ? ext4_ext_map_blocks+0x10a8/0x1f00
[  166.256521][T11533]  ext4_es_insert_extent+0x1bb/0x19d0
[  166.261899][T11533]  ? percpu_counter_add_batch+0x69/0xd0
[  166.267779][T11533]  ? ext4_es_lookup_extent+0x206/0x490
[  166.273288][T11533]  ext4_map_blocks+0xa4c/0xef0
[  166.278201][T11533]  ? ext4_iomap_begin+0x3f7/0x620
[  166.283535][T11533]  ? __cond_resched+0x11/0x40
[  166.288272][T11533]  ext4_iomap_begin+0x4a0/0x620
[  166.293235][T11533]  iomap_apply+0x8d/0x400
[  166.297856][T11533]  __iomap_dio_rw+0x62e/0xa60
[  166.302542][T11533]  ? __iomap_dio_rw+0xa60/0xa60
[  166.307384][T11533]  iomap_dio_rw+0x30/0x70
[  166.311792][T11533]  ? ext4_file_write_iter+0x4d1/0x11d0
[  166.317258][T11533]  ext4_file_write_iter+0xa04/0x11d0
[  166.322546][T11533]  ? ext4_file_write_iter+0x4d1/0x11d0
[  166.328510][T11533]  ? iov_iter_init+0xb1/0xf0
[  166.333086][T11533]  vfs_write+0x69d/0x770
[  166.337841][T11533]  ksys_write+0xce/0x180
[  166.342103][T11533]  __x64_sys_write+0x3e/0x50
[  166.346800][T11533]  do_syscall_64+0x3d/0x90
[  166.351476][T11533]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  166.357354][T11533] RIP: 0033:0x4665e9
[  166.361409][T11533] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
08:50:55 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0xfdef, 0xf000)

08:50:55 executing program 3 (fault-call:8 fault-nth:6):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:50:55 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xc000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  166.381474][T11533] RSP: 002b:00007f654f380188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  166.389868][T11533] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  166.397948][T11533] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006
[  166.405926][T11533] RBP: 00007f654f3801d0 R08: 0000000000000000 R09: 0000000000000000
[  166.413934][T11533] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  166.421974][T11533] R13: 00007fff92e1b66f R14: 00007f654f380300 R15: 0000000000022000
08:50:55 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xd000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  166.504087][T11579] loop3: detected capacity change from 0 to 16
[  166.513987][T11580] loop5: detected capacity change from 0 to 16
[  166.526224][T11579] FAULT_INJECTION: forcing a failure.
[  166.526224][T11579] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  166.531413][T11582] loop2: detected capacity change from 0 to 16
[  166.539494][T11579] CPU: 0 PID: 11579 Comm: syz-executor.3 Not tainted 5.14.0-rc6-syzkaller #0
08:50:55 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xe000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  166.554516][T11579] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  166.564773][T11579] Call Trace:
[  166.568404][T11579]  dump_stack_lvl+0xb7/0x103
[  166.573289][T11579]  dump_stack+0x11/0x1a
[  166.577445][T11579]  should_fail+0x23c/0x250
[  166.581877][T11579]  __alloc_pages+0x102/0x320
[  166.586513][T11579]  alloc_pages+0x2e8/0x340
[  166.590952][T11579]  __page_cache_alloc+0x4d/0xf0
[  166.591511][T11583] loop4: detected capacity change from 0 to 16
[  166.595879][T11579]  pagecache_get_page+0x5f4/0x900
[  166.607170][T11579]  grab_cache_page_write_begin+0x3f/0x70
[  166.612891][T11579]  cont_write_begin+0x501/0x850
[  166.617780][T11579]  fat_write_begin+0x61/0xf0
[  166.622424][T11579]  ? fat_block_truncate_page+0x30/0x30
[  166.627876][T11579]  generic_perform_write+0x196/0x3c0
[  166.633206][T11579]  ? fat_write_begin+0xf0/0xf0
[  166.638011][T11579]  __generic_file_write_iter+0x202/0x300
[  166.643674][T11579]  ? generic_write_checks+0x250/0x290
[  166.649046][T11579]  generic_file_write_iter+0x75/0x130
[  166.654510][T11579]  vfs_write+0x69d/0x770
[  166.658739][T11579]  ksys_write+0xce/0x180
[  166.662964][T11579]  __x64_sys_write+0x3e/0x50
[  166.667820][T11579]  do_syscall_64+0x3d/0x90
[  166.672225][T11579]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  166.678102][T11579] RIP: 0033:0x4665e9
[  166.682024][T11579] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  166.702126][T11579] RSP: 002b:00007f654f380188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  166.710523][T11579] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  166.718520][T11579] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006
[  166.726476][T11579] RBP: 00007f654f3801d0 R08: 0000000000000000 R09: 0000000000000000
[  166.734517][T11579] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  166.742470][T11579] R13: 00007fff92e1b66f R14: 00007f654f380300 R15: 0000000000022000
08:50:55 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xf000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:55 executing program 3 (fault-call:8 fault-nth:7):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

[  166.846531][T11614] loop3: detected capacity change from 0 to 16
[  166.856490][T11614] FAULT_INJECTION: forcing a failure.
[  166.856490][T11614] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  166.869851][T11614] CPU: 0 PID: 11614 Comm: syz-executor.3 Not tainted 5.14.0-rc6-syzkaller #0
[  166.878671][T11614] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  166.888813][T11614] Call Trace:
[  166.892089][T11614]  dump_stack_lvl+0xb7/0x103
[  166.896683][T11614]  dump_stack+0x11/0x1a
[  166.900895][T11614]  should_fail+0x23c/0x250
[  166.905397][T11614]  should_fail_usercopy+0x16/0x20
[  166.910629][T11614]  copy_page_from_iter_atomic+0x2c1/0xba0
[  166.916863][T11614]  ? fat_write_begin+0x61/0xf0
[  166.921611][T11614]  ? fat_block_truncate_page+0x30/0x30
[  166.927051][T11614]  ? fat_write_begin+0x79/0xf0
[  166.931803][T11614]  generic_perform_write+0x1df/0x3c0
[  166.937107][T11614]  ? fat_write_begin+0xf0/0xf0
[  166.941889][T11614]  __generic_file_write_iter+0x202/0x300
[  166.948661][T11614]  ? generic_write_checks+0x250/0x290
[  166.954023][T11614]  generic_file_write_iter+0x75/0x130
[  166.959411][T11614]  vfs_write+0x69d/0x770
[  166.963933][T11614]  ksys_write+0xce/0x180
[  166.968161][T11614]  __x64_sys_write+0x3e/0x50
[  166.972726][T11614]  do_syscall_64+0x3d/0x90
[  166.977209][T11614]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  166.983121][T11614] RIP: 0033:0x4665e9
08:50:55 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x68)

08:50:55 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0xa, 0xf000)

08:50:55 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

08:50:55 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0xff0f, 0xf000)

08:50:55 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x10000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  166.986989][T11614] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  167.006836][T11614] RSP: 002b:00007f654f380188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  167.015251][T11614] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  167.023226][T11614] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006
[  167.031258][T11614] RBP: 00007f654f3801d0 R08: 0000000000000000 R09: 0000000000000000
[  167.039235][T11614] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
08:50:56 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x10080000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  167.047211][T11614] R13: 00007fff92e1b66f R14: 00007f654f380300 R15: 0000000000022000
[  167.053108][T11627] loop4: detected capacity change from 0 to 16
[  167.065846][T11624] loop2: detected capacity change from 0 to 16
[  167.080509][T11632] loop5: detected capacity change from 0 to 16
08:50:56 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0xffdf, 0xf000)

08:50:56 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0xb, 0xf000)

08:50:56 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x2, 0xf000)

08:50:56 executing program 3 (fault-call:8 fault-nth:8):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:50:56 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x11000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:56 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x12000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  167.192121][T11656] loop4: detected capacity change from 0 to 16
[  167.216954][T11663] loop2: detected capacity change from 0 to 16
[  167.224393][T11666] loop5: detected capacity change from 0 to 16
[  167.247622][T11671] loop3: detected capacity change from 0 to 16
[  167.299003][T11671] FAULT_INJECTION: forcing a failure.
[  167.299003][T11671] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  167.312378][T11671] CPU: 1 PID: 11671 Comm: syz-executor.3 Not tainted 5.14.0-rc6-syzkaller #0
[  167.321137][T11671] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  167.331539][T11671] Call Trace:
[  167.334828][T11671]  dump_stack_lvl+0xb7/0x103
[  167.339598][T11671]  dump_stack+0x11/0x1a
[  167.343902][T11671]  should_fail+0x23c/0x250
[  167.349332][T11671]  __alloc_pages+0x102/0x320
[  167.354184][T11671]  alloc_pages+0x2e8/0x340
[  167.358587][T11671]  __page_cache_alloc+0x4d/0xf0
[  167.363501][T11671]  pagecache_get_page+0x5f4/0x900
[  167.368530][T11671]  grab_cache_page_write_begin+0x3f/0x70
[  167.374155][T11671]  cont_write_begin+0x501/0x850
[  167.379102][T11671]  fat_write_begin+0x61/0xf0
[  167.383679][T11671]  ? fat_block_truncate_page+0x30/0x30
[  167.389135][T11671]  generic_perform_write+0x196/0x3c0
[  167.394583][T11671]  ? fat_write_begin+0xf0/0xf0
[  167.399326][T11671]  __generic_file_write_iter+0x202/0x300
[  167.404943][T11671]  ? generic_write_checks+0x250/0x290
[  167.410313][T11671]  generic_file_write_iter+0x75/0x130
[  167.415739][T11671]  vfs_write+0x69d/0x770
[  167.422059][T11671]  ksys_write+0xce/0x180
[  167.426375][T11671]  __x64_sys_write+0x3e/0x50
[  167.430953][T11671]  do_syscall_64+0x3d/0x90
[  167.435364][T11671]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  167.441286][T11671] RIP: 0033:0x4665e9
[  167.445204][T11671] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  167.464795][T11671] RSP: 002b:00007f654f380188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  167.473192][T11671] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  167.481229][T11671] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006
[  167.489199][T11671] RBP: 00007f654f3801d0 R08: 0000000000000000 R09: 0000000000000000
[  167.497241][T11671] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  167.505194][T11671] R13: 00007fff92e1b66f R14: 00007f654f380300 R15: 0000000000022000
08:50:56 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x6c)

08:50:56 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x18000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:56 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x1517f, 0xf000)

08:50:56 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0xc, 0xf000)

08:50:56 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x3, 0xf000)

08:50:56 executing program 3 (fault-call:8 fault-nth:9):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

[  167.901082][T11706] loop5: detected capacity change from 0 to 16
[  167.906478][T11705] loop3: detected capacity change from 0 to 16
[  167.909171][T11708] loop2: detected capacity change from 0 to 16
[  167.923462][T11710] loop4: detected capacity change from 0 to 16
[  167.928737][T11709] net_ratelimit: 30 callbacks suppressed
[  167.928749][T11709] IPv4: Oversized IP packet from 127.0.0.1
[  167.941266][    C1] IPv4: Oversized IP packet from 127.0.0.1
[  167.950131][T11705] FAULT_INJECTION: forcing a failure.
[  167.950131][T11705] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  167.964043][T11705] CPU: 1 PID: 11705 Comm: syz-executor.3 Not tainted 5.14.0-rc6-syzkaller #0
[  167.972807][T11705] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  167.983038][T11705] Call Trace:
[  167.986337][T11705]  dump_stack_lvl+0xb7/0x103
[  167.991021][T11705]  dump_stack+0x11/0x1a
[  167.995212][T11705]  should_fail+0x23c/0x250
08:50:56 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x20000, 0xf000)

[  167.999739][T11705]  should_fail_usercopy+0x16/0x20
[  168.004778][T11705]  copy_page_from_iter_atomic+0x2c1/0xba0
[  168.010593][T11705]  ? fat_write_begin+0x61/0xf0
[  168.015360][T11705]  ? fat_block_truncate_page+0x30/0x30
[  168.020869][T11705]  ? fat_write_begin+0x79/0xf0
[  168.025647][T11705]  generic_perform_write+0x1df/0x3c0
[  168.030947][T11705]  ? fat_write_begin+0xf0/0xf0
[  168.035754][T11705]  __generic_file_write_iter+0x202/0x300
[  168.041407][T11705]  ? generic_write_checks+0x250/0x290
08:50:57 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0xd, 0xf000)

08:50:57 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x4, 0xf000)

[  168.046906][T11705]  generic_file_write_iter+0x75/0x130
[  168.052411][T11705]  vfs_write+0x69d/0x770
[  168.056743][T11705]  ksys_write+0xce/0x180
[  168.061182][T11705]  __x64_sys_write+0x3e/0x50
[  168.066653][T11705]  do_syscall_64+0x3d/0x90
[  168.071170][T11705]  ? irqentry_exit+0xe/0x30
[  168.075744][T11705]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  168.081657][T11705] RIP: 0033:0x4665e9
[  168.085609][T11705] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  168.105423][T11705] RSP: 002b:00007f654f380188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  168.113832][T11705] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  168.121791][T11705] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006
[  168.130043][T11705] RBP: 00007f654f3801d0 R08: 0000000000000000 R09: 0000000000000000
[  168.138278][T11705] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
08:50:57 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x20000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:57 executing program 3 (fault-call:8 fault-nth:10):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

[  168.146337][T11705] R13: 00007fff92e1b66f R14: 00007f654f380300 R15: 0000000000022000
08:50:57 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x25000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  168.181959][T11736] IPv4: Oversized IP packet from 127.0.0.1
[  168.187847][    C0] IPv4: Oversized IP packet from 127.0.0.1
[  168.221781][T11748] loop4: detected capacity change from 0 to 16
[  168.236895][T11751] loop5: detected capacity change from 0 to 16
[  168.246487][T11753] loop2: detected capacity change from 0 to 16
[  168.265767][T11760] IPv4: Oversized IP packet from 127.0.0.1
[  168.266745][T11761] loop3: detected capacity change from 0 to 16
[  168.271765][    C0] IPv4: Oversized IP packet from 127.0.0.1
[  168.328366][T11761] FAULT_INJECTION: forcing a failure.
[  168.328366][T11761] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  168.341910][T11761] CPU: 0 PID: 11761 Comm: syz-executor.3 Not tainted 5.14.0-rc6-syzkaller #0
[  168.350767][T11761] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  168.360818][T11761] Call Trace:
[  168.364111][T11761]  dump_stack_lvl+0xb7/0x103
[  168.368689][T11761]  dump_stack+0x11/0x1a
[  168.372891][T11761]  should_fail+0x23c/0x250
[  168.377480][T11761]  __alloc_pages+0x102/0x320
[  168.382050][T11761]  alloc_pages+0x2e8/0x340
[  168.386478][T11761]  __page_cache_alloc+0x4d/0xf0
[  168.391412][T11761]  pagecache_get_page+0x5f4/0x900
[  168.396603][T11761]  grab_cache_page_write_begin+0x3f/0x70
[  168.402301][T11761]  cont_write_begin+0x501/0x850
[  168.407178][T11761]  fat_write_begin+0x61/0xf0
[  168.411832][T11761]  ? fat_block_truncate_page+0x30/0x30
[  168.417368][T11761]  generic_perform_write+0x196/0x3c0
[  168.422717][T11761]  ? fat_write_begin+0xf0/0xf0
[  168.427478][T11761]  __generic_file_write_iter+0x202/0x300
[  168.433100][T11761]  ? generic_write_checks+0x250/0x290
[  168.438495][T11761]  generic_file_write_iter+0x75/0x130
[  168.443922][T11761]  vfs_write+0x69d/0x770
[  168.448177][T11761]  ksys_write+0xce/0x180
[  168.452424][T11761]  __x64_sys_write+0x3e/0x50
[  168.456997][T11761]  do_syscall_64+0x3d/0x90
[  168.461532][T11761]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  168.467405][T11761] RIP: 0033:0x4665e9
[  168.471304][T11761] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  168.490977][T11761] RSP: 002b:00007f654f380188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  168.499369][T11761] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  168.507372][T11761] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006
[  168.515503][T11761] RBP: 00007f654f3801d0 R08: 0000000000000000 R09: 0000000000000000
[  168.523554][T11761] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  168.531563][T11761] R13: 00007fff92e1b66f R14: 00007f654f380300 R15: 0000000000022000
08:50:57 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x74)

08:50:57 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x40000, 0xf000)

08:50:57 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x40000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:57 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x5, 0xf000)

08:50:57 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0xe, 0xf000)

08:50:57 executing program 3 (fault-call:8 fault-nth:11):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

[  168.779408][T11783] loop4: detected capacity change from 0 to 16
[  168.811149][T11791] loop2: detected capacity change from 0 to 16
[  168.822793][T11792] IPv4: Oversized IP packet from 127.0.0.1
08:50:57 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x60000, 0xf000)

08:50:57 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x6, 0xf000)

[  168.825476][T11795] loop3: detected capacity change from 0 to 16
[  168.828792][    C1] IPv4: Oversized IP packet from 127.0.0.1
[  168.841418][T11796] loop5: detected capacity change from 0 to 16
08:50:57 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0xf, 0xf000)

[  168.884072][T11795] FAULT_INJECTION: forcing a failure.
[  168.884072][T11795] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  168.897319][T11795] CPU: 0 PID: 11795 Comm: syz-executor.3 Not tainted 5.14.0-rc6-syzkaller #0
[  168.906265][T11795] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  168.916523][T11795] Call Trace:
[  168.919888][T11795]  dump_stack_lvl+0xb7/0x103
[  168.924565][T11795]  dump_stack+0x11/0x1a
[  168.928805][T11795]  should_fail+0x23c/0x250
[  168.933212][T11795]  should_fail_usercopy+0x16/0x20
[  168.938631][T11795]  copy_page_from_iter_atomic+0x2c1/0xba0
[  168.944495][T11795]  ? fat_write_begin+0x61/0xf0
[  168.949279][T11795]  ? fat_block_truncate_page+0x30/0x30
[  168.954818][T11795]  ? fat_write_begin+0x79/0xf0
[  168.959718][T11795]  generic_perform_write+0x1df/0x3c0
[  168.965102][T11795]  ? fat_write_begin+0xf0/0xf0
[  168.969858][T11795]  __generic_file_write_iter+0x202/0x300
[  168.975557][T11795]  ? generic_write_checks+0x250/0x290
[  168.980935][T11795]  generic_file_write_iter+0x75/0x130
[  168.986406][T11795]  vfs_write+0x69d/0x770
[  168.990651][T11795]  ksys_write+0xce/0x180
[  168.994897][T11795]  __x64_sys_write+0x3e/0x50
[  168.999595][T11795]  do_syscall_64+0x3d/0x90
[  169.004147][T11795]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  169.010026][T11795] RIP: 0033:0x4665e9
[  169.014011][T11795] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
08:50:58 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x48000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  169.034032][T11795] RSP: 002b:00007f654f380188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  169.042456][T11795] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  169.050479][T11795] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006
[  169.058544][T11795] RBP: 00007f654f3801d0 R08: 0000000000000000 R09: 0000000000000000
[  169.066505][T11795] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  169.074481][T11795] R13: 00007fff92e1b66f R14: 00007f654f380300 R15: 0000000000022000
08:50:58 executing program 3 (fault-call:8 fault-nth:12):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

[  169.106658][T11811] loop5: detected capacity change from 0 to 16
[  169.122922][T11820] IPv4: Oversized IP packet from 127.0.0.1
[  169.128828][    C1] IPv4: Oversized IP packet from 127.0.0.1
[  169.135485][T11823] loop4: detected capacity change from 0 to 16
08:50:58 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x4c000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  169.165349][T11829] loop2: detected capacity change from 0 to 16
[  169.192347][T11811] loop5: detected capacity change from 0 to 16
[  169.233561][T11847] loop3: detected capacity change from 0 to 16
[  169.250803][T11847] FAULT_INJECTION: forcing a failure.
[  169.250803][T11847] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  169.264155][T11847] CPU: 0 PID: 11847 Comm: syz-executor.3 Not tainted 5.14.0-rc6-syzkaller #0
[  169.273097][T11847] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  169.283495][T11847] Call Trace:
[  169.286758][T11847]  dump_stack_lvl+0xb7/0x103
[  169.291335][T11847]  dump_stack+0x11/0x1a
[  169.295546][T11847]  should_fail+0x23c/0x250
[  169.299955][T11847]  __alloc_pages+0x102/0x320
[  169.304645][T11847]  alloc_pages+0x2e8/0x340
[  169.309186][T11847]  __page_cache_alloc+0x4d/0xf0
[  169.314126][T11847]  pagecache_get_page+0x5f4/0x900
[  169.319143][T11847]  grab_cache_page_write_begin+0x3f/0x70
[  169.324821][T11847]  cont_write_begin+0x501/0x850
[  169.329720][T11847]  fat_write_begin+0x61/0xf0
[  169.334378][T11847]  ? fat_block_truncate_page+0x30/0x30
[  169.340111][T11847]  generic_perform_write+0x196/0x3c0
[  169.345663][T11847]  ? fat_write_begin+0xf0/0xf0
[  169.350472][T11847]  __generic_file_write_iter+0x202/0x300
[  169.356171][T11847]  ? generic_write_checks+0x250/0x290
[  169.361649][T11847]  generic_file_write_iter+0x75/0x130
[  169.367073][T11847]  vfs_write+0x69d/0x770
[  169.371335][T11847]  ksys_write+0xce/0x180
[  169.375654][T11847]  __x64_sys_write+0x3e/0x50
[  169.380234][T11847]  do_syscall_64+0x3d/0x90
[  169.384739][T11847]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  169.390711][T11847] RIP: 0033:0x4665e9
[  169.394583][T11847] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  169.414293][T11847] RSP: 002b:00007f654f380188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  169.422777][T11847] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  169.430971][T11847] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006
[  169.438921][T11847] RBP: 00007f654f3801d0 R08: 0000000000000000 R09: 0000000000000000
[  169.446887][T11847] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  169.454928][T11847] R13: 00007fff92e1b66f R14: 00007f654f380300 R15: 0000000000022000
08:50:58 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x7a)

08:50:58 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x80000, 0xf000)

08:50:58 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x7, 0xf000)

08:50:58 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x10, 0xf000)

08:50:58 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x60000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:58 executing program 3 (fault-call:8 fault-nth:13):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

[  169.673228][T11862] loop2: detected capacity change from 0 to 16
[  169.679998][T11864] loop4: detected capacity change from 0 to 16
[  169.702940][T11870] loop3: detected capacity change from 0 to 16
[  169.719249][T11871] loop5: detected capacity change from 0 to 16
[  169.723740][T11870] FAULT_INJECTION: forcing a failure.
[  169.723740][T11870] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  169.738514][T11870] CPU: 1 PID: 11870 Comm: syz-executor.3 Not tainted 5.14.0-rc6-syzkaller #0
[  169.747368][T11870] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  169.757419][T11870] Call Trace:
[  169.760788][T11870]  dump_stack_lvl+0xb7/0x103
[  169.765377][T11870]  dump_stack+0x11/0x1a
08:50:58 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x16, 0xf000)

08:50:58 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x64000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  169.769608][T11870]  should_fail+0x23c/0x250
[  169.774032][T11870]  should_fail_usercopy+0x16/0x20
[  169.779150][T11870]  copy_page_from_iter_atomic+0x2c1/0xba0
[  169.785065][T11870]  ? fat_write_begin+0x61/0xf0
[  169.789854][T11870]  ? fat_block_truncate_page+0x30/0x30
[  169.795541][T11870]  ? fat_write_begin+0x79/0xf0
[  169.800425][T11870]  generic_perform_write+0x1df/0x3c0
[  169.805902][T11870]  ? fat_write_begin+0xf0/0xf0
[  169.810768][T11870]  __generic_file_write_iter+0x202/0x300
[  169.816521][T11870]  ? generic_write_checks+0x250/0x290
08:50:58 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0xa0000, 0xf000)

08:50:58 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x8, 0xf000)

[  169.822184][T11870]  generic_file_write_iter+0x75/0x130
[  169.827921][T11870]  vfs_write+0x69d/0x770
[  169.832178][T11870]  ksys_write+0xce/0x180
[  169.836464][T11870]  __x64_sys_write+0x3e/0x50
[  169.841230][T11870]  do_syscall_64+0x3d/0x90
[  169.845835][T11870]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  169.851739][T11870] RIP: 0033:0x4665e9
[  169.855758][T11870] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  169.875801][T11870] RSP: 002b:00007f654f380188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  169.884202][T11870] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  169.892154][T11870] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006
[  169.900194][T11870] RBP: 00007f654f3801d0 R08: 0000000000000000 R09: 0000000000000000
[  169.908187][T11870] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  169.916221][T11870] R13: 00007fff92e1b66f R14: 00007f654f380300 R15: 0000000000022000
[  169.926301][T11870] handle_bad_sector: 127 callbacks suppressed
[  169.926320][T11870] attempt to access beyond end of device
[  169.926320][T11870] loop3: rw=2049, want=122, limit=16
[  169.943540][T11870] attempt to access beyond end of device
[  169.943540][T11870] loop3: rw=2049, want=123, limit=16
[  169.954347][T11870] buffer_io_error: 110 callbacks suppressed
[  169.954359][T11870] Buffer I/O error on dev loop3, logical block 122, lost async page write
[  169.969047][T11870] attempt to access beyond end of device
08:50:58 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x68000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  169.969047][T11870] loop3: rw=2049, want=124, limit=16
[  169.980965][T11870] Buffer I/O error on dev loop3, logical block 123, lost async page write
[  169.990594][T11870] attempt to access beyond end of device
[  169.990594][T11870] loop3: rw=2049, want=125, limit=16
[  170.001445][T11870] Buffer I/O error on dev loop3, logical block 124, lost async page write
[  170.012515][T11899] loop2: detected capacity change from 0 to 16
[  170.015322][T11870] attempt to access beyond end of device
[  170.015322][T11870] loop3: rw=2049, want=126, limit=16
[  170.029672][T11870] Buffer I/O error on dev loop3, logical block 125, lost async page write
[  170.058018][T11910] loop4: detected capacity change from 0 to 16
[  170.061202][T11899] attempt to access beyond end of device
[  170.061202][T11899] loop2: rw=2049, want=123, limit=16
08:50:59 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x6c000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  170.066604][T11911] loop5: detected capacity change from 0 to 16
[  170.075158][T11899] Buffer I/O error on dev loop2, logical block 122, lost async page write
[  170.079736][T11899] attempt to access beyond end of device
[  170.079736][T11899] loop2: rw=2049, want=124, limit=16
[  170.090841][T11870] attempt to access beyond end of device
[  170.090841][T11870] loop3: rw=2049, want=127, limit=16
[  170.100706][T11899] Buffer I/O error on dev loop2, logical block 123, lost async page write
[  170.115264][T11899] attempt to access beyond end of device
[  170.115264][T11899] loop2: rw=2049, want=125, limit=16
[  170.120006][T11870] Buffer I/O error on dev loop3, logical block 126, lost async page write
[  170.130865][T11899] Buffer I/O error on dev loop2, logical block 124, lost async page write
[  170.153593][T11899] attempt to access beyond end of device
[  170.153593][T11899] loop2: rw=2049, want=126, limit=16
[  170.164424][T11899] Buffer I/O error on dev loop2, logical block 125, lost async page write
[  170.174536][T11899] Buffer I/O error on dev loop2, logical block 126, lost async page write
08:50:59 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x127)

08:50:59 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0xc0000, 0xf000)

08:50:59 executing program 3 (fault-call:8 fault-nth:14):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:50:59 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x17, 0xf000)

08:50:59 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x9, 0xf000)

08:50:59 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x74000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  170.560881][T11944] loop5: detected capacity change from 0 to 16
[  170.567511][T11946] loop3: detected capacity change from 0 to 16
[  170.575221][T11947] loop2: detected capacity change from 0 to 16
[  170.582451][T11948] loop4: detected capacity change from 0 to 16
[  170.606666][T11946] FAULT_INJECTION: forcing a failure.
[  170.606666][T11946] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  170.620169][T11946] CPU: 1 PID: 11946 Comm: syz-executor.3 Not tainted 5.14.0-rc6-syzkaller #0
[  170.628994][T11946] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  170.639097][T11946] Call Trace:
[  170.642369][T11946]  dump_stack_lvl+0xb7/0x103
[  170.647017][T11946]  dump_stack+0x11/0x1a
[  170.651236][T11946]  should_fail+0x23c/0x250
[  170.655674][T11946]  __alloc_pages+0x102/0x320
08:50:59 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x7a000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:50:59 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x18, 0xf000)

08:50:59 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0xe0000, 0xf000)

[  170.660347][T11946]  alloc_pages+0x2e8/0x340
[  170.664800][T11946]  __page_cache_alloc+0x4d/0xf0
[  170.669723][T11946]  pagecache_get_page+0x5f4/0x900
[  170.674827][T11946]  grab_cache_page_write_begin+0x3f/0x70
[  170.680538][T11946]  cont_write_begin+0x501/0x850
[  170.685406][T11946]  fat_write_begin+0x61/0xf0
[  170.690081][T11946]  ? fat_block_truncate_page+0x30/0x30
[  170.695560][T11946]  generic_perform_write+0x196/0x3c0
[  170.700914][T11946]  ? fat_write_begin+0xf0/0xf0
[  170.705676][T11946]  __generic_file_write_iter+0x202/0x300
08:50:59 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0xa, 0xf000)

[  170.711556][T11946]  ? generic_write_checks+0x250/0x290
[  170.717018][T11946]  generic_file_write_iter+0x75/0x130
[  170.722398][T11946]  vfs_write+0x69d/0x770
[  170.726715][T11946]  ksys_write+0xce/0x180
[  170.730984][T11946]  __x64_sys_write+0x3e/0x50
[  170.735603][T11946]  do_syscall_64+0x3d/0x90
[  170.740003][T11946]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  170.745915][T11946] RIP: 0033:0x4665e9
[  170.749785][T11946] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  170.769374][T11946] RSP: 002b:00007f654f380188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  170.777780][T11946] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  170.785733][T11946] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006
[  170.793794][T11946] RBP: 00007f654f3801d0 R08: 0000000000000000 R09: 0000000000000000
[  170.801743][T11946] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
08:50:59 executing program 3 (fault-call:8 fault-nth:15):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:50:59 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x97ffffff, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  170.809699][T11946] R13: 00007fff92e1b66f R14: 00007f654f380300 R15: 0000000000022000
[  170.862370][T11982] loop4: detected capacity change from 0 to 16
[  170.885547][T11990] loop3: detected capacity change from 0 to 16
[  170.892595][T11992] loop2: detected capacity change from 0 to 16
[  170.895845][T11993] loop5: detected capacity change from 0 to 16
[  170.915539][T11990] FAULT_INJECTION: forcing a failure.
[  170.915539][T11990] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  170.928687][T11990] CPU: 1 PID: 11990 Comm: syz-executor.3 Not tainted 5.14.0-rc6-syzkaller #0
[  170.937578][T11990] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  170.947828][T11990] Call Trace:
[  170.951106][T11990]  dump_stack_lvl+0xb7/0x103
[  170.955932][T11990]  dump_stack+0x11/0x1a
[  170.960085][T11990]  should_fail+0x23c/0x250
[  170.964538][T11990]  should_fail_usercopy+0x16/0x20
[  170.969661][T11990]  copy_page_from_iter_atomic+0x2c1/0xba0
[  170.975398][T11990]  ? fat_write_begin+0x61/0xf0
[  170.980163][T11990]  ? fat_block_truncate_page+0x30/0x30
[  170.985672][T11990]  ? fat_write_begin+0x79/0xf0
[  170.990526][T11990]  generic_perform_write+0x1df/0x3c0
[  170.995851][T11990]  ? fat_write_begin+0xf0/0xf0
[  171.000809][T11990]  __generic_file_write_iter+0x202/0x300
[  171.006456][T11990]  ? generic_write_checks+0x250/0x290
[  171.011935][T11990]  generic_file_write_iter+0x75/0x130
[  171.017449][T11990]  vfs_write+0x69d/0x770
[  171.021874][T11990]  ksys_write+0xce/0x180
[  171.026122][T11990]  __x64_sys_write+0x3e/0x50
[  171.030850][T11990]  do_syscall_64+0x3d/0x90
[  171.035486][T11990]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  171.041818][T11990] RIP: 0033:0x4665e9
[  171.045691][T11990] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  171.065552][T11990] RSP: 002b:00007f654f380188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  171.074028][T11990] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  171.081985][T11990] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006
[  171.090395][T11990] RBP: 00007f654f3801d0 R08: 0000000000000000 R09: 0000000000000000
[  171.098928][T11990] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  171.107527][T11990] R13: 00007fff92e1b66f R14: 00007f654f380300 R15: 0000000000022000
08:51:00 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x300)

08:51:00 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xa50c0000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:51:00 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0xb, 0xf000)

08:51:00 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x100000, 0xf000)

08:51:00 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x22, 0xf000)

08:51:00 executing program 3 (fault-call:8 fault-nth:16):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:51:00 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xe0000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  171.439159][T12028] loop4: detected capacity change from 0 to 16
[  171.446658][T12031] loop2: detected capacity change from 0 to 16
[  171.455334][T12032] loop5: detected capacity change from 0 to 16
08:51:00 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0xc, 0xf000)

[  171.482662][T12034] loop3: detected capacity change from 0 to 16
[  171.515261][T12034] FAULT_INJECTION: forcing a failure.
[  171.515261][T12034] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  171.528660][T12034] CPU: 1 PID: 12034 Comm: syz-executor.3 Not tainted 5.14.0-rc6-syzkaller #0
[  171.537421][T12034] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  171.547483][T12034] Call Trace:
[  171.550785][T12034]  dump_stack_lvl+0xb7/0x103
[  171.555431][T12034]  dump_stack+0x11/0x1a
[  171.559606][T12034]  should_fail+0x23c/0x250
[  171.564047][T12034]  __alloc_pages+0x102/0x320
[  171.568831][T12034]  alloc_pages+0x2e8/0x340
[  171.573264][T12034]  __page_cache_alloc+0x4d/0xf0
[  171.578143][T12034]  pagecache_get_page+0x5f4/0x900
08:51:00 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x7fffff, 0xf000)

08:51:00 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xe8030000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  171.583262][T12034]  grab_cache_page_write_begin+0x3f/0x70
[  171.588976][T12034]  cont_write_begin+0x501/0x850
[  171.593885][T12034]  fat_write_begin+0x61/0xf0
[  171.598630][T12034]  ? fat_block_truncate_page+0x30/0x30
[  171.604090][T12034]  generic_perform_write+0x196/0x3c0
[  171.609425][T12034]  ? fat_write_begin+0xf0/0xf0
[  171.614192][T12034]  __generic_file_write_iter+0x202/0x300
[  171.616757][T12059] loop5: detected capacity change from 0 to 16
[  171.619831][T12034]  ? generic_write_checks+0x250/0x290
08:51:00 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x76, 0xf000)

[  171.619857][T12034]  generic_file_write_iter+0x75/0x130
[  171.619880][T12034]  vfs_write+0x69d/0x770
[  171.640959][T12034]  ksys_write+0xce/0x180
[  171.645203][T12034]  __x64_sys_write+0x3e/0x50
[  171.649943][T12034]  do_syscall_64+0x3d/0x90
[  171.654438][T12034]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  171.660328][T12034] RIP: 0033:0x4665e9
[  171.664283][T12034] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
08:51:00 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0xd, 0xf000)

[  171.683977][T12034] RSP: 002b:00007f654f380188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  171.692390][T12034] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  171.700357][T12034] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006
[  171.708574][T12034] RBP: 00007f654f3801d0 R08: 0000000000000000 R09: 0000000000000000
[  171.716531][T12034] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  171.724558][T12034] R13: 00007fff92e1b66f R14: 00007f654f380300 R15: 0000000000022000
[  171.801364][T12085] loop5: detected capacity change from 0 to 16
[  171.808202][T12087] loop4: detected capacity change from 0 to 16
[  171.810410][T12086] loop2: detected capacity change from 0 to 16
08:51:01 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x500)

08:51:01 executing program 3 (fault-call:8 fault-nth:17):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:51:01 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xe8ff0000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:51:01 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0xf00000, 0xf000)

08:51:01 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0xe, 0xf000)

08:51:01 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0xf0, 0xf000)

[  172.329399][T12112] loop3: detected capacity change from 0 to 16
[  172.329399][T12117] loop5: detected capacity change from 0 to 16
[  172.340764][T12116] loop2: detected capacity change from 0 to 16
[  172.348991][T12119] loop4: detected capacity change from 0 to 16
[  172.360787][T12112] FAULT_INJECTION: forcing a failure.
[  172.360787][T12112] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  172.373981][T12112] CPU: 1 PID: 12112 Comm: syz-executor.3 Not tainted 5.14.0-rc6-syzkaller #0
[  172.382740][T12112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  172.392803][T12112] Call Trace:
[  172.396078][T12112]  dump_stack_lvl+0xb7/0x103
[  172.400684][T12112]  dump_stack+0x11/0x1a
[  172.404841][T12112]  should_fail+0x23c/0x250
[  172.409255][T12112]  should_fail_usercopy+0x16/0x20
[  172.414692][T12112]  copy_page_from_iter_atomic+0x2c1/0xba0
[  172.420412][T12112]  ? fat_write_begin+0x61/0xf0
08:51:01 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x1000000, 0xf000)

08:51:01 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x204, 0xf000)

08:51:01 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0xf, 0xf000)

[  172.425260][T12112]  ? fat_block_truncate_page+0x30/0x30
[  172.430813][T12112]  ? fat_write_begin+0x79/0xf0
[  172.435566][T12112]  generic_perform_write+0x1df/0x3c0
[  172.440856][T12112]  ? fat_write_begin+0xf0/0xf0
[  172.445636][T12112]  __generic_file_write_iter+0x202/0x300
[  172.451474][T12112]  ? generic_write_checks+0x250/0x290
[  172.456980][T12112]  generic_file_write_iter+0x75/0x130
[  172.462410][T12112]  vfs_write+0x69d/0x770
[  172.466668][T12112]  ksys_write+0xce/0x180
[  172.470918][T12112]  __x64_sys_write+0x3e/0x50
[  172.475488][T12112]  do_syscall_64+0x3d/0x90
[  172.479909][T12112]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  172.485849][T12112] RIP: 0033:0x4665e9
[  172.489829][T12112] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  172.509540][T12112] RSP: 002b:00007f654f380188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  172.518069][T12112] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
08:51:01 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xf4010000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:51:01 executing program 3 (fault-call:8 fault-nth:18):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:51:01 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xfcff0000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  172.526552][T12112] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006
[  172.534512][T12112] RBP: 00007f654f3801d0 R08: 0000000000000000 R09: 0000000000000000
[  172.542458][T12112] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  172.550513][T12112] R13: 00007fff92e1b66f R14: 00007f654f380300 R15: 0000000000022000
[  172.630805][T12152] loop5: detected capacity change from 0 to 16
[  172.651636][T12156] loop4: detected capacity change from 0 to 16
[  172.653728][T12157] loop3: detected capacity change from 0 to 16
[  172.662548][T12158] loop2: detected capacity change from 0 to 16
[  172.679316][T12157] FAULT_INJECTION: forcing a failure.
[  172.679316][T12157] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  172.692840][T12157] CPU: 0 PID: 12157 Comm: syz-executor.3 Not tainted 5.14.0-rc6-syzkaller #0
[  172.701889][T12157] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  172.712426][T12157] Call Trace:
[  172.715707][T12157]  dump_stack_lvl+0xb7/0x103
[  172.720310][T12157]  dump_stack+0x11/0x1a
[  172.724599][T12157]  should_fail+0x23c/0x250
[  172.729032][T12157]  __alloc_pages+0x102/0x320
[  172.733684][T12157]  alloc_pages+0x2e8/0x340
[  172.738110][T12157]  __page_cache_alloc+0x4d/0xf0
[  172.742972][T12157]  pagecache_get_page+0x5f4/0x900
[  172.748243][T12157]  grab_cache_page_write_begin+0x3f/0x70
[  172.753919][T12157]  cont_write_begin+0x501/0x850
[  172.758800][T12157]  fat_write_begin+0x61/0xf0
[  172.763938][T12157]  ? fat_block_truncate_page+0x30/0x30
[  172.769638][T12157]  generic_perform_write+0x196/0x3c0
[  172.775018][T12157]  ? fat_write_begin+0xf0/0xf0
[  172.779935][T12157]  __generic_file_write_iter+0x202/0x300
[  172.785564][T12157]  ? generic_write_checks+0x250/0x290
[  172.791030][T12157]  generic_file_write_iter+0x75/0x130
[  172.796386][T12157]  vfs_write+0x69d/0x770
[  172.800624][T12157]  ksys_write+0xce/0x180
[  172.804860][T12157]  __x64_sys_write+0x3e/0x50
[  172.809438][T12157]  do_syscall_64+0x3d/0x90
[  172.814712][T12157]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  172.821243][T12157] RIP: 0033:0x4665e9
[  172.825487][T12157] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  172.845408][T12157] RSP: 002b:00007f654f380188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  172.854042][T12157] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  172.862817][T12157] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006
[  172.870986][T12157] RBP: 00007f654f3801d0 R08: 0000000000000000 R09: 0000000000000000
[  172.879079][T12157] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  172.887263][T12157] R13: 00007fff92e1b66f R14: 00007f654f380300 R15: 0000000000022000
08:51:02 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x600)

08:51:02 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x300, 0xf000)

08:51:02 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x10, 0xf000)

08:51:02 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x2000000, 0xf000)

08:51:02 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xffff0000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:51:02 executing program 3 (fault-call:8 fault-nth:19):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:51:02 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x22, 0xf000)

[  173.199860][T12193] loop3: detected capacity change from 0 to 16
[  173.201047][T12192] loop5: detected capacity change from 0 to 16
[  173.206377][T12194] loop4: detected capacity change from 0 to 16
[  173.220938][T12195] net_ratelimit: 26 callbacks suppressed
[  173.221025][T12195] IPv4: Oversized IP packet from 127.0.0.1
[  173.232832][    C0] IPv4: Oversized IP packet from 127.0.0.1
[  173.240222][T12197] loop2: detected capacity change from 0 to 16
08:51:02 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xffffe000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  173.262805][T12193] FAULT_INJECTION: forcing a failure.
[  173.262805][T12193] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  173.275895][T12193] CPU: 1 PID: 12193 Comm: syz-executor.3 Not tainted 5.14.0-rc6-syzkaller #0
[  173.284689][T12193] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  173.294813][T12193] Call Trace:
[  173.298091][T12193]  dump_stack_lvl+0xb7/0x103
[  173.303017][T12193]  dump_stack+0x11/0x1a
[  173.307205][T12193]  should_fail+0x23c/0x250
08:51:02 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x402, 0xf000)

[  173.311745][T12193]  should_fail_usercopy+0x16/0x20
[  173.316781][T12193]  copy_page_from_iter_atomic+0x2c1/0xba0
[  173.322532][T12193]  ? fat_write_begin+0x61/0xf0
[  173.327554][T12193]  ? fat_block_truncate_page+0x30/0x30
[  173.333015][T12193]  ? fat_write_begin+0x79/0xf0
[  173.337777][T12193]  generic_perform_write+0x1df/0x3c0
[  173.343067][T12193]  ? fat_write_begin+0xf0/0xf0
[  173.347879][T12193]  __generic_file_write_iter+0x202/0x300
[  173.353592][T12193]  ? generic_write_checks+0x250/0x290
08:51:02 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x2040000, 0xf000)

[  173.359075][T12193]  generic_file_write_iter+0x75/0x130
[  173.364553][T12193]  vfs_write+0x69d/0x770
[  173.368971][T12193]  ksys_write+0xce/0x180
[  173.373212][T12193]  __x64_sys_write+0x3e/0x50
[  173.377806][T12193]  do_syscall_64+0x3d/0x90
[  173.382242][T12193]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  173.388133][T12193] RIP: 0033:0x4665e9
[  173.392172][T12193] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  173.412454][T12193] RSP: 002b:00007f654f380188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  173.420935][T12193] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  173.428903][T12193] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006
[  173.436959][T12193] RBP: 00007f654f3801d0 R08: 0000000000000000 R09: 0000000000000000
[  173.445165][T12193] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  173.453414][T12193] R13: 00007fff92e1b66f R14: 00007f654f380300 R15: 0000000000022000
08:51:02 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xffffff97, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:51:02 executing program 3 (fault-call:8 fault-nth:20):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

[  173.481624][T12225] loop5: detected capacity change from 0 to 16
[  173.546794][T12240] loop2: detected capacity change from 0 to 16
[  173.551124][T12244] loop4: detected capacity change from 0 to 16
[  173.576960][T12248] loop3: detected capacity change from 0 to 16
[  173.602535][T12248] FAULT_INJECTION: forcing a failure.
[  173.602535][T12248] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  173.616117][T12248] CPU: 1 PID: 12248 Comm: syz-executor.3 Not tainted 5.14.0-rc6-syzkaller #0
[  173.625196][T12248] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  173.635806][T12248] Call Trace:
[  173.639076][T12248]  dump_stack_lvl+0xb7/0x103
[  173.643767][T12248]  dump_stack+0x11/0x1a
[  173.647915][T12248]  should_fail+0x23c/0x250
[  173.652334][T12248]  __alloc_pages+0x102/0x320
[  173.657051][T12248]  alloc_pages+0x2e8/0x340
[  173.661445][T12248]  __page_cache_alloc+0x4d/0xf0
[  173.666278][T12248]  pagecache_get_page+0x5f4/0x900
[  173.671286][T12248]  grab_cache_page_write_begin+0x3f/0x70
[  173.676936][T12248]  cont_write_begin+0x501/0x850
[  173.681824][T12248]  fat_write_begin+0x61/0xf0
[  173.686635][T12248]  ? fat_block_truncate_page+0x30/0x30
[  173.692075][T12248]  generic_perform_write+0x196/0x3c0
[  173.697952][T12248]  ? fat_write_begin+0xf0/0xf0
[  173.702746][T12248]  __generic_file_write_iter+0x202/0x300
[  173.708373][T12248]  ? generic_write_checks+0x250/0x290
[  173.714136][T12248]  generic_file_write_iter+0x75/0x130
[  173.719719][T12248]  vfs_write+0x69d/0x770
[  173.724030][T12248]  ksys_write+0xce/0x180
[  173.728252][T12248]  __x64_sys_write+0x3e/0x50
[  173.732906][T12248]  do_syscall_64+0x3d/0x90
[  173.737302][T12248]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  173.743262][T12248] RIP: 0033:0x4665e9
[  173.747230][T12248] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  173.766945][T12248] RSP: 002b:00007f654f380188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  173.775504][T12248] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  173.783810][T12248] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006
[  173.791889][T12248] RBP: 00007f654f3801d0 R08: 0000000000000000 R09: 0000000000000000
[  173.800128][T12248] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  173.808170][T12248] R13: 00007fff92e1b66f R14: 00007f654f380300 R15: 0000000000022000
08:51:02 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x4c, 0xf000)

08:51:02 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x700)

08:51:02 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x1000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:51:02 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x406, 0xf000)

08:51:02 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x3000000, 0xf000)

08:51:02 executing program 3 (fault-call:8 fault-nth:21):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:51:03 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x40030000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  174.066191][T12271] IPv4: Oversized IP packet from 127.0.0.1
[  174.072262][    C1] IPv4: Oversized IP packet from 127.0.0.1
[  174.094573][T12274] loop4: detected capacity change from 0 to 16
[  174.094718][T12275] loop2: detected capacity change from 0 to 16
[  174.107763][T12277] loop5: detected capacity change from 0 to 16
[  174.113367][T12276] loop3: detected capacity change from 0 to 16
[  174.132431][T12284] IPv4: Oversized IP packet from 127.0.0.1
[  174.138418][    C1] IPv4: Oversized IP packet from 127.0.0.1
[  174.150966][T12276] FAULT_INJECTION: forcing a failure.
[  174.150966][T12276] name fail_usercopy, interval 1, probability 0, space 0, times 0
08:51:03 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x4000000, 0xf000)

08:51:03 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x4d, 0xf000)

[  174.164501][T12276] CPU: 1 PID: 12276 Comm: syz-executor.3 Not tainted 5.14.0-rc6-syzkaller #0
[  174.173588][T12276] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  174.183909][T12276] Call Trace:
[  174.187301][T12276]  dump_stack_lvl+0xb7/0x103
[  174.191936][T12276]  dump_stack+0x11/0x1a
[  174.196208][T12276]  should_fail+0x23c/0x250
[  174.200700][T12276]  should_fail_usercopy+0x16/0x20
[  174.205717][T12276]  copy_page_from_iter_atomic+0x2c1/0xba0
[  174.211544][T12276]  ? fat_write_begin+0x61/0xf0
[  174.216404][T12276]  ? fat_block_truncate_page+0x30/0x30
[  174.222318][T12276]  ? fat_write_begin+0x79/0xf0
[  174.227567][T12276]  generic_perform_write+0x1df/0x3c0
[  174.233214][T12276]  ? fat_write_begin+0xf0/0xf0
[  174.237975][T12276]  __generic_file_write_iter+0x202/0x300
[  174.243991][T12276]  ? generic_write_checks+0x250/0x290
[  174.249442][T12276]  generic_file_write_iter+0x75/0x130
[  174.255306][T12276]  vfs_write+0x69d/0x770
[  174.259812][T12276]  ksys_write+0xce/0x180
[  174.265189][T12276]  __x64_sys_write+0x3e/0x50
[  174.269804][T12276]  do_syscall_64+0x3d/0x90
[  174.274285][T12276]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  174.280219][T12276] RIP: 0033:0x4665e9
[  174.284408][T12276] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  174.304401][T12276] RSP: 002b:00007f654f380188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
08:51:03 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xe0ffff00000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  174.312883][T12276] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  174.320957][T12276] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006
[  174.329009][T12276] RBP: 00007f654f3801d0 R08: 0000000000000000 R09: 0000000000000000
[  174.336983][T12276] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  174.344944][T12276] R13: 00007fff92e1b66f R14: 00007f654f380300 R15: 0000000000022000
08:51:03 executing program 3 (fault-call:8 fault-nth:22):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:51:03 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x500, 0xf000)

[  174.378655][T12275] loop2: detected capacity change from 0 to 16
08:51:03 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x100000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  174.434747][T12314] loop5: detected capacity change from 0 to 16
[  174.440215][T12315] loop4: detected capacity change from 0 to 16
[  174.441880][T12305] IPv4: Oversized IP packet from 127.0.0.1
[  174.453119][    C0] IPv4: Oversized IP packet from 127.0.0.1
[  174.458154][T12316] loop3: detected capacity change from 0 to 16
[  174.469604][T12318] loop2: detected capacity change from 0 to 16
[  174.503204][T12316] FAULT_INJECTION: forcing a failure.
[  174.503204][T12316] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  174.516740][T12316] CPU: 0 PID: 12316 Comm: syz-executor.3 Not tainted 5.14.0-rc6-syzkaller #0
[  174.525499][T12316] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  174.535712][T12316] Call Trace:
[  174.539105][T12316]  dump_stack_lvl+0xb7/0x103
[  174.543891][T12316]  dump_stack+0x11/0x1a
[  174.548221][T12316]  should_fail+0x23c/0x250
[  174.552691][T12316]  __alloc_pages+0x102/0x320
[  174.557459][T12316]  alloc_pages+0x2e8/0x340
[  174.561943][T12316]  __page_cache_alloc+0x4d/0xf0
[  174.566976][T12316]  pagecache_get_page+0x5f4/0x900
[  174.572221][T12316]  grab_cache_page_write_begin+0x3f/0x70
[  174.578176][T12316]  cont_write_begin+0x501/0x850
[  174.583557][T12316]  fat_write_begin+0x61/0xf0
[  174.588217][T12316]  ? fat_block_truncate_page+0x30/0x30
[  174.592212][T12337] IPv4: Oversized IP packet from 127.0.0.1
[  174.593781][T12316]  generic_perform_write+0x196/0x3c0
[  174.599643][    C1] IPv4: Oversized IP packet from 127.0.0.1
[  174.604956][T12316]  ? fat_write_begin+0xf0/0xf0
[  174.615761][T12316]  __generic_file_write_iter+0x202/0x300
[  174.621603][T12316]  ? generic_write_checks+0x250/0x290
[  174.627068][T12316]  generic_file_write_iter+0x75/0x130
[  174.632469][T12316]  vfs_write+0x69d/0x770
[  174.636976][T12316]  ksys_write+0xce/0x180
[  174.641203][T12316]  __x64_sys_write+0x3e/0x50
[  174.645839][T12316]  do_syscall_64+0x3d/0x90
[  174.650341][T12316]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  174.656438][T12316] RIP: 0033:0x4665e9
[  174.660330][T12316] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  174.680356][T12316] RSP: 002b:00007f654f380188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  174.689203][T12316] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  174.697449][T12316] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006
[  174.705689][T12316] RBP: 00007f654f3801d0 R08: 0000000000000000 R09: 0000000000000000
[  174.713698][T12316] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  174.721865][T12316] R13: 00007fff92e1b66f R14: 00007f654f380300 R15: 0000000000022000
08:51:03 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x900)

08:51:03 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x600, 0xf000)

08:51:03 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x4e, 0xf000)

08:51:03 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x5000000, 0xf000)

08:51:03 executing program 3 (fault-call:8 fault-nth:23):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:51:03 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x200000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  174.956583][T12357] loop3: detected capacity change from 0 to 16
[  174.956658][T12356] loop5: detected capacity change from 0 to 16
[  174.963155][T12359] loop4: detected capacity change from 0 to 16
[  174.972536][T12358] loop2: detected capacity change from 0 to 16
[  174.983539][T12357] FAULT_INJECTION: forcing a failure.
[  174.983539][T12357] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  174.997095][T12357] CPU: 1 PID: 12357 Comm: syz-executor.3 Not tainted 5.14.0-rc6-syzkaller #0
[  175.005872][T12357] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  175.016013][T12357] Call Trace:
[  175.019398][T12357]  dump_stack_lvl+0xb7/0x103
[  175.023184][T12356] handle_bad_sector: 167 callbacks suppressed
[  175.023196][T12356] attempt to access beyond end of device
[  175.023196][T12356] loop5: rw=2049, want=123, limit=16
[  175.023988][T12357]  dump_stack+0x11/0x1a
[  175.030249][T12356] buffer_io_error: 146 callbacks suppressed
[  175.030260][T12356] Buffer I/O error on dev loop5, logical block 122, lost async page write
[  175.041185][T12357]  should_fail+0x23c/0x250
[  175.052757][T12359] attempt to access beyond end of device
[  175.052757][T12359] loop4: rw=2049, want=124, limit=16
[  175.059891][T12357]  should_fail_usercopy+0x16/0x20
[  175.073518][T12358] attempt to access beyond end of device
[  175.073518][T12358] loop2: rw=2049, want=123, limit=16
[  175.075341][T12357]  copy_page_from_iter_atomic+0x2c1/0xba0
[  175.080384][T12358] Buffer I/O error on dev loop2, logical block 122, lost async page write
[  175.091168][T12357]  ? fat_write_begin+0x61/0xf0
[  175.091191][T12357]  ? fat_block_truncate_page+0x30/0x30
[  175.091213][T12357]  ? fat_write_begin+0x79/0xf0
[  175.121036][T12357]  generic_perform_write+0x1df/0x3c0
[  175.126354][T12357]  ? fat_write_begin+0xf0/0xf0
[  175.128128][T12356] attempt to access beyond end of device
[  175.128128][T12356] loop5: rw=2049, want=124, limit=16
[  175.131128][T12357]  __generic_file_write_iter+0x202/0x300
[  175.131156][T12357]  ? generic_write_checks+0x250/0x290
08:51:04 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x6000000, 0xf000)

[  175.142150][T12356] Buffer I/O error on dev loop5, logical block 123, lost async page write
[  175.147912][T12357]  generic_file_write_iter+0x75/0x130
[  175.147948][T12357]  vfs_write+0x69d/0x770
[  175.156144][T12358] attempt to access beyond end of device
[  175.156144][T12358] loop2: rw=2049, want=124, limit=16
[  175.162141][T12357]  ksys_write+0xce/0x180
[  175.162168][T12357]  __x64_sys_write+0x3e/0x50
[  175.162184][T12357]  do_syscall_64+0x3d/0x90
[  175.162202][T12357]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  175.167751][T12358] Buffer I/O error on dev loop2, logical block 123, lost async page write
[  175.171938][T12357] RIP: 0033:0x4665e9
[  175.186067][T12356] attempt to access beyond end of device
[  175.186067][T12356] loop5: rw=2049, want=125, limit=16
[  175.186889][T12357] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  175.186905][T12357] RSP: 002b:00007f654f380188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  175.186923][T12357] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  175.191518][T12356] Buffer I/O error on dev loop5, logical block 124, lost async page write
[  175.195901][T12357] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006
[  175.195915][T12357] RBP: 00007f654f3801d0 R08: 0000000000000000 R09: 0000000000000000
[  175.203258][T12358] attempt to access beyond end of device
[  175.203258][T12358] loop2: rw=2049, want=125, limit=16
[  175.210245][T12357] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
08:51:04 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x300000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  175.210259][T12357] R13: 00007fff92e1b66f R14: 00007f654f380300 R15: 0000000000022000
[  175.214177][T12358] Buffer I/O error on dev loop2, logical block 124, lost async page write
[  175.230512][T12357] attempt to access beyond end of device
[  175.230512][T12357] loop3: rw=2049, want=122, limit=16
[  175.246419][T12356] attempt to access beyond end of device
[  175.246419][T12356] loop5: rw=2049, want=126, limit=16
[  175.263599][T12357] attempt to access beyond end of device
[  175.263599][T12357] loop3: rw=2049, want=123, limit=16
08:51:04 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x76, 0xf000)

08:51:04 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x604, 0xf000)

08:51:04 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x400000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:51:04 executing program 3 (fault-call:8 fault-nth:24):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

[  175.269684][T12356] Buffer I/O error on dev loop5, logical block 125, lost async page write
[  175.277943][T12357] Buffer I/O error on dev loop3, logical block 122, lost async page write
[  175.286199][T12356] Buffer I/O error on dev loop5, logical block 126, lost async page write
[  175.299580][T12357] Buffer I/O error on dev loop3, logical block 123, lost async page write
[  175.438445][T12396] loop4: detected capacity change from 0 to 16
[  175.451104][T12389] loop5: detected capacity change from 0 to 16
[  175.484581][T12407] loop2: detected capacity change from 0 to 16
[  175.498145][T12410] loop3: detected capacity change from 0 to 16
[  175.518003][T12410] FAULT_INJECTION: forcing a failure.
[  175.518003][T12410] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  175.531268][T12410] CPU: 1 PID: 12410 Comm: syz-executor.3 Not tainted 5.14.0-rc6-syzkaller #0
[  175.540226][T12410] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  175.550347][T12410] Call Trace:
[  175.553607][T12410]  dump_stack_lvl+0xb7/0x103
[  175.558214][T12410]  dump_stack+0x11/0x1a
[  175.562346][T12410]  should_fail+0x23c/0x250
[  175.566775][T12410]  __alloc_pages+0x102/0x320
[  175.571357][T12410]  alloc_pages+0x2e8/0x340
[  175.575803][T12410]  __page_cache_alloc+0x4d/0xf0
[  175.580712][T12410]  pagecache_get_page+0x5f4/0x900
[  175.585744][T12410]  grab_cache_page_write_begin+0x3f/0x70
[  175.591704][T12410]  cont_write_begin+0x501/0x850
[  175.596535][T12410]  fat_write_begin+0x61/0xf0
[  175.601117][T12410]  ? fat_block_truncate_page+0x30/0x30
[  175.606569][T12410]  generic_perform_write+0x196/0x3c0
[  175.611966][T12410]  ? fat_write_begin+0xf0/0xf0
[  175.616704][T12410]  __generic_file_write_iter+0x202/0x300
[  175.622324][T12410]  ? generic_write_checks+0x250/0x290
[  175.627719][T12410]  generic_file_write_iter+0x75/0x130
[  175.633117][T12410]  vfs_write+0x69d/0x770
[  175.637412][T12410]  ksys_write+0xce/0x180
[  175.641656][T12410]  __x64_sys_write+0x3e/0x50
[  175.646495][T12410]  do_syscall_64+0x3d/0x90
[  175.650957][T12410]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  175.656832][T12410] RIP: 0033:0x4665e9
[  175.660712][T12410] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  175.680444][T12410] RSP: 002b:00007f654f380188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  175.689580][T12410] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  175.697534][T12410] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006
[  175.705656][T12410] RBP: 00007f654f3801d0 R08: 0000000000000000 R09: 0000000000000000
[  175.713676][T12410] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  175.721654][T12410] R13: 00007fff92e1b66f R14: 00007f654f380300 R15: 0000000000022000
08:51:04 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0xa00)

08:51:04 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x500000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:51:04 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0xf0, 0xf000)

08:51:04 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x6040000, 0xf000)

08:51:04 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x700, 0xf000)

08:51:04 executing program 3 (fault-call:8 fault-nth:25):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:51:04 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x600000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  175.809767][T12430] loop5: detected capacity change from 0 to 16
[  175.828669][T12435] loop3: detected capacity change from 0 to 16
[  175.831107][T12433] loop2: detected capacity change from 0 to 16
[  175.841664][T12436] loop4: detected capacity change from 0 to 16
08:51:04 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x204, 0xf000)

[  175.862254][T12435] FAULT_INJECTION: forcing a failure.
[  175.862254][T12435] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  175.875435][T12435] CPU: 1 PID: 12435 Comm: syz-executor.3 Not tainted 5.14.0-rc6-syzkaller #0
[  175.884332][T12435] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  175.894468][T12435] Call Trace:
[  175.897745][T12435]  dump_stack_lvl+0xb7/0x103
[  175.902341][T12435]  dump_stack+0x11/0x1a
[  175.906497][T12435]  should_fail+0x23c/0x250
[  175.910919][T12435]  should_fail_usercopy+0x16/0x20
[  175.915953][T12435]  copy_page_from_iter_atomic+0x2c1/0xba0
[  175.921682][T12435]  ? fat_write_begin+0x61/0xf0
[  175.926443][T12435]  ? fat_block_truncate_page+0x30/0x30
[  175.931997][T12435]  ? fat_write_begin+0x79/0xf0
[  175.936759][T12435]  generic_perform_write+0x1df/0x3c0
[  175.942051][T12435]  ? fat_write_begin+0xf0/0xf0
[  175.946810][T12435]  __generic_file_write_iter+0x202/0x300
[  175.952447][T12435]  ? generic_write_checks+0x250/0x290
08:51:04 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x7000000, 0xf000)

08:51:04 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x900, 0xf000)

[  175.957834][T12435]  generic_file_write_iter+0x75/0x130
[  175.963203][T12435]  vfs_write+0x69d/0x770
[  175.967446][T12435]  ksys_write+0xce/0x180
[  175.971764][T12435]  __x64_sys_write+0x3e/0x50
[  175.976366][T12435]  do_syscall_64+0x3d/0x90
[  175.980789][T12435]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  175.986769][T12435] RIP: 0033:0x4665e9
[  175.990811][T12435] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
08:51:05 executing program 3 (fault-call:8 fault-nth:26):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:51:05 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x700000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  176.010835][T12435] RSP: 002b:00007f654f380188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  176.019435][T12435] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  176.027384][T12435] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006
[  176.035354][T12435] RBP: 00007f654f3801d0 R08: 0000000000000000 R09: 0000000000000000
[  176.043305][T12435] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  176.051254][T12435] R13: 00007fff92e1b66f R14: 00007f654f380300 R15: 0000000000022000
[  176.127626][T12473] loop3: detected capacity change from 0 to 16
[  176.140349][T12474] loop4: detected capacity change from 0 to 16
[  176.141363][T12473] FAULT_INJECTION: forcing a failure.
[  176.141363][T12473] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  176.147495][T12477] loop5: detected capacity change from 0 to 16
[  176.159768][T12473] CPU: 1 PID: 12473 Comm: syz-executor.3 Not tainted 5.14.0-rc6-syzkaller #0
[  176.167691][T12478] loop2: detected capacity change from 0 to 16
[  176.174682][T12473] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  176.191157][T12473] Call Trace:
[  176.194432][T12473]  dump_stack_lvl+0xb7/0x103
[  176.199019][T12473]  dump_stack+0x11/0x1a
[  176.203203][T12473]  should_fail+0x23c/0x250
[  176.207656][T12473]  __alloc_pages+0x102/0x320
[  176.212262][T12473]  alloc_pages+0x2e8/0x340
[  176.216675][T12473]  __page_cache_alloc+0x4d/0xf0
[  176.221518][T12473]  pagecache_get_page+0x5f4/0x900
[  176.226542][T12473]  grab_cache_page_write_begin+0x3f/0x70
[  176.232217][T12473]  cont_write_begin+0x501/0x850
[  176.237090][T12473]  fat_write_begin+0x61/0xf0
[  176.241705][T12473]  ? fat_block_truncate_page+0x30/0x30
[  176.247155][T12473]  generic_perform_write+0x196/0x3c0
[  176.252432][T12473]  ? fat_write_begin+0xf0/0xf0
[  176.257199][T12473]  __generic_file_write_iter+0x202/0x300
[  176.262991][T12473]  ? generic_write_checks+0x250/0x290
[  176.268416][T12473]  generic_file_write_iter+0x75/0x130
[  176.273948][T12473]  vfs_write+0x69d/0x770
[  176.278176][T12473]  ksys_write+0xce/0x180
[  176.282504][T12473]  __x64_sys_write+0x3e/0x50
[  176.287162][T12473]  do_syscall_64+0x3d/0x90
[  176.291574][T12473]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  176.297543][T12473] RIP: 0033:0x4665e9
[  176.301456][T12473] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  176.321345][T12473] RSP: 002b:00007f654f380188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  176.329817][T12473] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  176.337806][T12473] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006
[  176.345773][T12473] RBP: 00007f654f3801d0 R08: 0000000000000000 R09: 0000000000000000
[  176.354060][T12473] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  176.362103][T12473] R13: 00007fff92e1b66f R14: 00007f654f380300 R15: 0000000000022000
08:51:05 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0xb00)

08:51:05 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x800000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:51:05 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x8000000, 0xf000)

08:51:05 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x300, 0xf000)

08:51:05 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0xa00, 0xf000)

08:51:05 executing program 3 (fault-call:8 fault-nth:27):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:51:05 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x900000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  176.698294][T12509] loop3: detected capacity change from 0 to 16
[  176.705803][T12510] loop2: detected capacity change from 0 to 16
[  176.708988][T12513] loop5: detected capacity change from 0 to 16
[  176.713608][T12514] loop4: detected capacity change from 0 to 16
[  176.754740][T12509] FAULT_INJECTION: forcing a failure.
[  176.754740][T12509] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  176.768630][T12509] CPU: 1 PID: 12509 Comm: syz-executor.3 Not tainted 5.14.0-rc6-syzkaller #0
[  176.777681][T12509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  176.787733][T12509] Call Trace:
[  176.791005][T12509]  dump_stack_lvl+0xb7/0x103
[  176.795833][T12509]  dump_stack+0x11/0x1a
[  176.800095][T12509]  should_fail+0x23c/0x250
[  176.804516][T12509]  __alloc_pages+0x102/0x320
[  176.809212][T12509]  kmem_getpages+0x1a/0xd0
[  176.813729][T12509]  cache_grow_begin+0x4c/0x1a0
[  176.818505][T12509]  cache_alloc_refill+0x326/0x3d0
[  176.823615][T12509]  kmem_cache_alloc+0x266/0x2e0
[  176.828551][T12509]  ? alloc_buffer_head+0x2f/0x190
[  176.833927][T12509]  alloc_buffer_head+0x2f/0x190
[  176.838990][T12509]  alloc_page_buffers+0x139/0x290
[  176.844120][T12509]  create_empty_buffers+0x2c/0x360
[  176.849242][T12509]  __block_write_begin_int+0x195/0x1060
08:51:05 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0xb00, 0xf000)

[  176.854815][T12509]  ? add_to_page_cache_lru+0x150/0x1b0
[  176.860341][T12509]  ? fat_block_truncate_page+0x30/0x30
[  176.866127][T12509]  ? wait_for_stable_page+0x56/0x70
[  176.871460][T12509]  cont_write_begin+0x522/0x850
[  176.876488][T12509]  fat_write_begin+0x61/0xf0
[  176.881062][T12509]  ? fat_block_truncate_page+0x30/0x30
[  176.886575][T12509]  generic_perform_write+0x196/0x3c0
[  176.891972][T12509]  ? fat_write_begin+0xf0/0xf0
[  176.896724][T12509]  __generic_file_write_iter+0x202/0x300
[  176.902473][T12509]  ? generic_write_checks+0x250/0x290
[  176.907845][T12509]  generic_file_write_iter+0x75/0x130
[  176.913303][T12509]  vfs_write+0x69d/0x770
[  176.917631][T12509]  ksys_write+0xce/0x180
[  176.921911][T12509]  __x64_sys_write+0x3e/0x50
[  176.927179][T12509]  do_syscall_64+0x3d/0x90
[  176.931678][T12509]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  176.937639][T12509] RIP: 0033:0x4665e9
[  176.941527][T12509] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  176.961749][T12509] RSP: 002b:00007f654f380188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  176.970401][T12509] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  176.978474][T12509] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006
[  176.986425][T12509] RBP: 00007f654f3801d0 R08: 0000000000000000 R09: 0000000000000000
[  176.994376][T12509] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
08:51:05 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x8800000, 0xf000)

08:51:05 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x402, 0xf000)

08:51:05 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xa00000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:51:05 executing program 3 (fault-call:8 fault-nth:28):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

[  177.002323][T12509] R13: 00007fff92e1b66f R14: 00007f654f380300 R15: 0000000000022000
[  177.085251][T12554] loop5: detected capacity change from 0 to 16
[  177.085403][T12555] loop4: detected capacity change from 0 to 16
[  177.098735][T12558] loop3: detected capacity change from 0 to 16
[  177.105469][T12559] loop2: detected capacity change from 0 to 16
[  177.133003][T12558] FAULT_INJECTION: forcing a failure.
[  177.133003][T12558] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  177.146304][T12558] CPU: 0 PID: 12558 Comm: syz-executor.3 Not tainted 5.14.0-rc6-syzkaller #0
[  177.155161][T12558] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  177.165220][T12558] Call Trace:
[  177.168598][T12558]  dump_stack_lvl+0xb7/0x103
[  177.173190][T12558]  dump_stack+0x11/0x1a
[  177.177440][T12558]  should_fail+0x23c/0x250
[  177.181854][T12558]  __alloc_pages+0x102/0x320
[  177.186531][T12558]  alloc_pages+0x2e8/0x340
[  177.191296][T12558]  __page_cache_alloc+0x4d/0xf0
[  177.196160][T12558]  pagecache_get_page+0x5f4/0x900
[  177.201193][T12558]  grab_cache_page_write_begin+0x3f/0x70
[  177.206979][T12558]  cont_write_begin+0x501/0x850
[  177.211856][T12558]  fat_write_begin+0x61/0xf0
[  177.216446][T12558]  ? fat_block_truncate_page+0x30/0x30
[  177.222066][T12558]  generic_perform_write+0x196/0x3c0
[  177.227418][T12558]  ? fat_write_begin+0xf0/0xf0
[  177.232191][T12558]  __generic_file_write_iter+0x202/0x300
[  177.237836][T12558]  ? generic_write_checks+0x250/0x290
[  177.243311][T12558]  generic_file_write_iter+0x75/0x130
[  177.248885][T12558]  vfs_write+0x69d/0x770
[  177.253112][T12558]  ksys_write+0xce/0x180
[  177.257330][T12558]  __x64_sys_write+0x3e/0x50
[  177.261896][T12558]  do_syscall_64+0x3d/0x90
[  177.266344][T12558]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  177.272244][T12558] RIP: 0033:0x4665e9
[  177.276255][T12558] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  177.295860][T12558] RSP: 002b:00007f654f380188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  177.304308][T12558] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  177.312309][T12558] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006
[  177.320622][T12558] RBP: 00007f654f3801d0 R08: 0000000000000000 R09: 0000000000000000
[  177.328616][T12558] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  177.336689][T12558] R13: 00007fff92e1b66f R14: 00007f654f380300 R15: 0000000000022000
08:51:06 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0xc00)

08:51:06 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xb00000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:51:06 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0xc00, 0xf000)

08:51:06 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x406, 0xf000)

08:51:06 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x9000000, 0xf000)

08:51:06 executing program 3 (fault-call:8 fault-nth:29):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

[  177.569659][T12596] loop2: detected capacity change from 0 to 16
[  177.576393][T12597] loop5: detected capacity change from 0 to 16
[  177.589528][T12598] loop3: detected capacity change from 0 to 16
[  177.591240][T12601] loop4: detected capacity change from 0 to 16
08:51:06 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x500, 0xf000)

08:51:06 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xc00000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:51:06 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0xd00, 0xf000)

[  177.627987][T12598] FAULT_INJECTION: forcing a failure.
[  177.627987][T12598] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  177.641081][T12598] CPU: 1 PID: 12598 Comm: syz-executor.3 Not tainted 5.14.0-rc6-syzkaller #0
[  177.649851][T12598] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  177.660010][T12598] Call Trace:
[  177.663288][T12598]  dump_stack_lvl+0xb7/0x103
[  177.667885][T12598]  dump_stack+0x11/0x1a
[  177.672043][T12598]  should_fail+0x23c/0x250
[  177.676498][T12598]  should_fail_usercopy+0x16/0x20
[  177.681533][T12598]  copy_page_from_iter_atomic+0x2c1/0xba0
[  177.687299][T12598]  ? fat_write_begin+0x61/0xf0
[  177.692082][T12598]  ? fat_block_truncate_page+0x30/0x30
[  177.697647][T12598]  ? fat_write_begin+0x79/0xf0
[  177.702407][T12598]  generic_perform_write+0x1df/0x3c0
[  177.707721][T12598]  ? fat_write_begin+0xf0/0xf0
[  177.712525][T12598]  __generic_file_write_iter+0x202/0x300
[  177.718177][T12598]  ? generic_write_checks+0x250/0x290
08:51:06 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0xa000000, 0xf000)

[  177.723641][T12598]  generic_file_write_iter+0x75/0x130
[  177.729082][T12598]  vfs_write+0x69d/0x770
[  177.733391][T12598]  ksys_write+0xce/0x180
[  177.737682][T12598]  __x64_sys_write+0x3e/0x50
[  177.742266][T12598]  do_syscall_64+0x3d/0x90
[  177.746665][T12598]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  177.752544][T12598] RIP: 0033:0x4665e9
[  177.756415][T12598] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
08:51:06 executing program 3 (fault-call:8 fault-nth:30):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:51:06 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xd00000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  177.776258][T12598] RSP: 002b:00007f654f380188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  177.784875][T12598] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  177.792914][T12598] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006
[  177.800864][T12598] RBP: 00007f654f3801d0 R08: 0000000000000000 R09: 0000000000000000
[  177.808815][T12598] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  177.816865][T12598] R13: 00007fff92e1b66f R14: 00007f654f380300 R15: 0000000000022000
[  177.886870][T12634] loop3: detected capacity change from 0 to 16
[  177.894389][T12639] loop5: detected capacity change from 0 to 16
[  177.910969][T12634] FAULT_INJECTION: forcing a failure.
[  177.910969][T12634] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  177.915564][T12642] loop2: detected capacity change from 0 to 16
[  177.924244][T12634] CPU: 1 PID: 12634 Comm: syz-executor.3 Not tainted 5.14.0-rc6-syzkaller #0
[  177.930619][T12643] loop4: detected capacity change from 0 to 16
[  177.939108][T12634] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  177.939123][T12634] Call Trace:
[  177.939129][T12634]  dump_stack_lvl+0xb7/0x103
[  177.939151][T12634]  dump_stack+0x11/0x1a
[  177.967453][T12634]  should_fail+0x23c/0x250
[  177.971876][T12634]  __alloc_pages+0x102/0x320
[  177.976553][T12634]  alloc_pages+0x2e8/0x340
[  177.980970][T12634]  __page_cache_alloc+0x4d/0xf0
[  177.985818][T12634]  pagecache_get_page+0x5f4/0x900
[  177.991621][T12634]  grab_cache_page_write_begin+0x3f/0x70
[  177.997319][T12634]  cont_write_begin+0x501/0x850
[  178.002162][T12634]  fat_write_begin+0x61/0xf0
[  178.006821][T12634]  ? fat_block_truncate_page+0x30/0x30
[  178.012270][T12634]  generic_perform_write+0x196/0x3c0
[  178.017601][T12634]  ? fat_write_begin+0xf0/0xf0
[  178.022359][T12634]  __generic_file_write_iter+0x202/0x300
[  178.028008][T12634]  ? generic_write_checks+0x250/0x290
[  178.033478][T12634]  generic_file_write_iter+0x75/0x130
[  178.038971][T12634]  vfs_write+0x69d/0x770
[  178.043317][T12634]  ksys_write+0xce/0x180
[  178.047641][T12634]  __x64_sys_write+0x3e/0x50
[  178.052248][T12634]  do_syscall_64+0x3d/0x90
[  178.056659][T12634]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  178.062570][T12634] RIP: 0033:0x4665e9
[  178.066455][T12634] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  178.086063][T12634] RSP: 002b:00007f654f380188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  178.094458][T12634] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  178.102438][T12634] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006
[  178.110393][T12634] RBP: 00007f654f3801d0 R08: 0000000000000000 R09: 0000000000000000
[  178.118358][T12634] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  178.126311][T12634] R13: 00007fff92e1b66f R14: 00007f654f380300 R15: 0000000000022000
08:51:07 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0xd00)

08:51:07 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xe00000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:51:07 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0xb000000, 0xf000)

08:51:07 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x600, 0xf000)

08:51:07 executing program 3 (fault-call:8 fault-nth:31):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:51:07 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0xe00, 0xf000)

[  178.422097][T12679] loop4: detected capacity change from 0 to 16
[  178.428520][T12680] loop5: detected capacity change from 0 to 16
[  178.432301][T12681] loop2: detected capacity change from 0 to 16
[  178.440016][T12684] loop3: detected capacity change from 0 to 16
[  178.444691][T12683] net_ratelimit: 24 callbacks suppressed
[  178.444766][T12683] IPv4: Oversized IP packet from 127.0.0.1
[  178.458709][    C0] IPv4: Oversized IP packet from 127.0.0.1
[  178.497900][T12684] FAULT_INJECTION: forcing a failure.
[  178.497900][T12684] name failslab, interval 1, probability 0, space 0, times 0
[  178.510875][T12684] CPU: 1 PID: 12684 Comm: syz-executor.3 Not tainted 5.14.0-rc6-syzkaller #0
[  178.519638][T12684] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  178.529768][T12684] Call Trace:
[  178.533049][T12684]  dump_stack_lvl+0xb7/0x103
[  178.537648][T12684]  dump_stack+0x11/0x1a
[  178.541930][T12684]  should_fail+0x23c/0x250
08:51:07 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0xc000000, 0xf000)

08:51:07 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0xf00, 0xf000)

08:51:07 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x604, 0xf000)

[  178.546552][T12684]  ? fat_cache_add+0x219/0x570
[  178.551576][T12684]  __should_failslab+0x81/0x90
[  178.556412][T12684]  should_failslab+0x5/0x20
[  178.561121][T12684]  kmem_cache_alloc+0x46/0x2e0
[  178.565868][T12684]  fat_cache_add+0x219/0x570
[  178.570790][T12684]  fat_get_cluster+0x58e/0x870
[  178.575858][T12684]  fat_get_mapped_cluster+0xd0/0x250
[  178.581202][T12684]  fat_bmap+0x258/0x290
[  178.585438][T12684]  fat_get_block+0x36d/0x5a0
[  178.590031][T12684]  __block_write_begin_int+0x4a2/0x1060
[  178.595607][T12684]  ? fat_block_truncate_page+0x30/0x30
[  178.601045][T12684]  ? wait_for_stable_page+0x56/0x70
[  178.606745][T12684]  cont_write_begin+0x522/0x850
[  178.611781][T12684]  fat_write_begin+0x61/0xf0
[  178.616363][T12684]  ? fat_block_truncate_page+0x30/0x30
[  178.621927][T12684]  generic_perform_write+0x196/0x3c0
[  178.627196][T12684]  ? fat_write_begin+0xf0/0xf0
[  178.631953][T12684]  __generic_file_write_iter+0x202/0x300
[  178.637626][T12684]  ? generic_write_checks+0x250/0x290
[  178.643001][T12684]  generic_file_write_iter+0x75/0x130
[  178.648357][T12684]  vfs_write+0x69d/0x770
[  178.652578][T12684]  ksys_write+0xce/0x180
[  178.656853][T12684]  __x64_sys_write+0x3e/0x50
[  178.661524][T12684]  do_syscall_64+0x3d/0x90
[  178.666030][T12684]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  178.671913][T12684] RIP: 0033:0x4665e9
[  178.675800][T12684] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
08:51:07 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xf00000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:51:07 executing program 3 (fault-call:8 fault-nth:32):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

[  178.696257][T12684] RSP: 002b:00007f654f380188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  178.704649][T12684] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  178.712709][T12684] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006
[  178.721007][T12684] RBP: 00007f654f3801d0 R08: 0000000000000000 R09: 0000000000000000
[  178.728961][T12684] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  178.736917][T12684] R13: 00007fff92e1b66f R14: 00007f654f380300 R15: 0000000000022000
08:51:07 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x1000000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  178.776146][T12705] IPv4: Oversized IP packet from 127.0.0.1
[  178.782255][    C1] IPv4: Oversized IP packet from 127.0.0.1
[  178.837021][T12719] loop5: detected capacity change from 0 to 16
[  178.838753][T12720] loop2: detected capacity change from 0 to 16
[  178.848034][T12722] IPv4: Oversized IP packet from 127.0.0.1
[  178.851203][T12721] loop3: detected capacity change from 0 to 16
[  178.855941][    C0] IPv4: Oversized IP packet from 127.0.0.1
[  178.863840][T12726] loop4: detected capacity change from 0 to 16
[  178.890909][T12721] FAULT_INJECTION: forcing a failure.
[  178.890909][T12721] name failslab, interval 1, probability 0, space 0, times 0
[  178.903710][T12721] CPU: 1 PID: 12721 Comm: syz-executor.3 Not tainted 5.14.0-rc6-syzkaller #0
[  178.912597][T12721] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  178.923175][T12721] Call Trace:
[  178.926464][T12721]  dump_stack_lvl+0xb7/0x103
[  178.931053][T12721]  dump_stack+0x11/0x1a
[  178.935217][T12721]  should_fail+0x23c/0x250
[  178.939906][T12721]  ? fat_cache_add+0x219/0x570
[  178.944679][T12721]  __should_failslab+0x81/0x90
[  178.949446][T12721]  should_failslab+0x5/0x20
[  178.953960][T12721]  kmem_cache_alloc+0x46/0x2e0
[  178.958739][T12721]  fat_cache_add+0x219/0x570
[  178.963332][T12721]  fat_get_cluster+0x58e/0x870
[  178.968115][T12721]  fat_get_mapped_cluster+0xd0/0x250
[  178.973435][T12721]  fat_bmap+0x258/0x290
[  178.977598][T12721]  fat_get_block+0x36d/0x5a0
[  178.982202][T12721]  __block_write_begin_int+0x4a2/0x1060
[  178.987761][T12721]  ? fat_block_truncate_page+0x30/0x30
[  178.993337][T12721]  ? wait_for_stable_page+0x56/0x70
[  178.998561][T12721]  cont_write_begin+0x522/0x850
[  179.003424][T12721]  fat_write_begin+0x61/0xf0
[  179.008129][T12721]  ? fat_block_truncate_page+0x30/0x30
[  179.013641][T12721]  generic_perform_write+0x196/0x3c0
[  179.018944][T12721]  ? fat_write_begin+0xf0/0xf0
[  179.023708][T12721]  __generic_file_write_iter+0x202/0x300
[  179.029409][T12721]  ? generic_write_checks+0x250/0x290
[  179.034841][T12721]  generic_file_write_iter+0x75/0x130
[  179.040226][T12721]  vfs_write+0x69d/0x770
[  179.044503][T12721]  ksys_write+0xce/0x180
[  179.048736][T12721]  __x64_sys_write+0x3e/0x50
[  179.053364][T12721]  do_syscall_64+0x3d/0x90
[  179.057897][T12721]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  179.063781][T12721] RIP: 0033:0x4665e9
[  179.067833][T12721] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  179.087749][T12721] RSP: 002b:00007f654f380188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  179.096320][T12721] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  179.104378][T12721] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006
[  179.112337][T12721] RBP: 00007f654f3801d0 R08: 0000000000000000 R09: 0000000000000000
[  179.120289][T12721] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  179.128294][T12721] R13: 00007fff92e1b66f R14: 00007f654f380300 R15: 0000000000022000
08:51:08 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0xe00)

08:51:08 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x1008000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:51:08 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x700, 0xf000)

08:51:08 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0xff6, 0xf000)

08:51:08 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0xd000000, 0xf000)

08:51:08 executing program 3 (fault-call:8 fault-nth:33):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

[  179.297976][T12764] loop2: detected capacity change from 0 to 16
[  179.308491][T12765] IPv4: Oversized IP packet from 127.0.0.1
[  179.310418][T12766] loop3: detected capacity change from 0 to 16
[  179.314364][    C0] IPv4: Oversized IP packet from 127.0.0.1
[  179.324139][T12768] loop4: detected capacity change from 0 to 16
[  179.332809][T12767] loop5: detected capacity change from 0 to 16
08:51:08 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x1600, 0xf000)

08:51:08 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x900, 0xf000)

[  179.347728][T12766] FAULT_INJECTION: forcing a failure.
[  179.347728][T12766] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  179.360801][T12766] CPU: 0 PID: 12766 Comm: syz-executor.3 Not tainted 5.14.0-rc6-syzkaller #0
[  179.369564][T12766] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  179.379614][T12766] Call Trace:
[  179.382892][T12766]  dump_stack_lvl+0xb7/0x103
[  179.387512][T12766]  dump_stack+0x11/0x1a
[  179.391761][T12766]  should_fail+0x23c/0x250
[  179.396186][T12766]  should_fail_usercopy+0x16/0x20
[  179.401355][T12766]  copy_page_from_iter_atomic+0x2c1/0xba0
[  179.407082][T12766]  ? fat_write_begin+0x61/0xf0
[  179.411888][T12766]  ? fat_block_truncate_page+0x30/0x30
[  179.417355][T12766]  ? fat_write_begin+0x79/0xf0
[  179.422138][T12766]  generic_perform_write+0x1df/0x3c0
[  179.427427][T12766]  ? fat_write_begin+0xf0/0xf0
[  179.432210][T12766]  __generic_file_write_iter+0x202/0x300
[  179.437852][T12766]  ? generic_write_checks+0x250/0x290
[  179.443232][T12766]  generic_file_write_iter+0x75/0x130
08:51:08 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0xe000000, 0xf000)

[  179.448803][T12766]  vfs_write+0x69d/0x770
[  179.453053][T12766]  ksys_write+0xce/0x180
[  179.457390][T12766]  __x64_sys_write+0x3e/0x50
[  179.462075][T12766]  do_syscall_64+0x3d/0x90
[  179.466585][T12766]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  179.472482][T12766] RIP: 0033:0x4665e9
[  179.476419][T12766] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
08:51:08 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x1100000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:51:08 executing program 3 (fault-call:8 fault-nth:34):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

[  179.496132][T12766] RSP: 002b:00007f654f380188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  179.504663][T12766] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  179.512612][T12766] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006
[  179.520615][T12766] RBP: 00007f654f3801d0 R08: 0000000000000000 R09: 0000000000000000
[  179.528602][T12766] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  179.536554][T12766] R13: 00007fff92e1b66f R14: 00007f654f380300 R15: 0000000000022000
08:51:08 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x1200000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  179.574252][T12792] IPv4: Oversized IP packet from 127.0.0.1
[  179.580242][    C0] IPv4: Oversized IP packet from 127.0.0.1
[  179.642763][T12808] loop4: detected capacity change from 0 to 16
[  179.643467][T12810] loop2: detected capacity change from 0 to 16
[  179.651685][T12813] loop5: detected capacity change from 0 to 16
[  179.659424][T12811] loop3: detected capacity change from 0 to 16
[  179.684753][T12811] FAULT_INJECTION: forcing a failure.
[  179.684753][T12811] name failslab, interval 1, probability 0, space 0, times 0
[  179.697505][T12811] CPU: 0 PID: 12811 Comm: syz-executor.3 Not tainted 5.14.0-rc6-syzkaller #0
[  179.706264][T12811] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  179.716352][T12811] Call Trace:
[  179.719696][T12811]  dump_stack_lvl+0xb7/0x103
[  179.724290][T12811]  dump_stack+0x11/0x1a
[  179.728486][T12811]  should_fail+0x23c/0x250
[  179.732926][T12811]  ? mempool_alloc_slab+0x16/0x20
[  179.737949][T12811]  __should_failslab+0x81/0x90
[  179.742831][T12811]  should_failslab+0x5/0x20
[  179.747358][T12811]  kmem_cache_alloc+0x46/0x2e0
[  179.752121][T12811]  ? __brelse+0x2c/0x50
[  179.756398][T12811]  mempool_alloc_slab+0x16/0x20
[  179.761244][T12811]  ? mempool_free+0x130/0x130
[  179.765945][T12811]  mempool_alloc+0x8c/0x300
[  179.770473][T12811]  ? xas_find+0x1b0/0x3c0
[  179.774812][T12811]  bio_alloc_bioset+0xcc/0x480
[  179.779585][T12811]  ? bdev_write_page+0x82/0x130
[  179.784448][T12811]  __mpage_writepage+0xa40/0x1080
[  179.789478][T12811]  ? __mod_memcg_lruvec_state+0xa7/0x190
[  179.795154][T12811]  ? percpu_counter_add_batch+0x69/0xd0
[  179.800747][T12811]  write_cache_pages+0x4d7/0x810
[  179.805748][T12811]  ? mpage_writepages+0x120/0x120
[  179.810903][T12811]  ? fat_readpage+0x20/0x20
[  179.815437][T12811]  ? fat_block_truncate_page+0x30/0x30
[  179.820921][T12811]  mpage_writepages+0x6d/0x120
[  179.825679][T12811]  ? fat_block_truncate_page+0x30/0x30
[  179.831160][T12811]  fat_writepages+0x20/0x30
[  179.835654][T12811]  do_writepages+0x7b/0x150
[  179.840269][T12811]  ? generic_perform_write+0x34d/0x3c0
[  179.845775][T12811]  filemap_write_and_wait_range+0x20a/0x390
[  179.851655][T12811]  __generic_file_write_iter+0x231/0x300
[  179.857598][T12811]  ? generic_write_checks+0x250/0x290
[  179.863036][T12811]  generic_file_write_iter+0x75/0x130
[  179.868478][T12811]  vfs_write+0x69d/0x770
[  179.872761][T12811]  ksys_write+0xce/0x180
[  179.876989][T12811]  __x64_sys_write+0x3e/0x50
[  179.881639][T12811]  do_syscall_64+0x3d/0x90
[  179.886115][T12811]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  179.892033][T12811] RIP: 0033:0x4665e9
[  179.895970][T12811] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  179.916031][T12811] RSP: 002b:00007f654f380188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  179.924662][T12811] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665e9
[  179.932806][T12811] RDX: 000000000000f000 RSI: 0000000020000200 RDI: 0000000000000006
[  179.940846][T12811] RBP: 00007f654f3801d0 R08: 0000000000000000 R09: 0000000000000000
[  179.948905][T12811] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  179.957006][T12811] R13: 00007fff92e1b66f R14: 00007f654f380300 R15: 0000000000022000
08:51:09 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0xf000000, 0xf000)

08:51:09 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0xf00)

08:51:09 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x1800000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:51:09 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0xa00, 0xf000)

08:51:09 executing program 3 (fault-call:8 fault-nth:35):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:51:09 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x1700, 0xf000)

[  180.182872][T12853] loop2: detected capacity change from 0 to 16
[  180.189253][T12854] loop4: detected capacity change from 0 to 16
[  180.189843][T12855] loop3: detected capacity change from 0 to 16
[  180.195698][T12856] loop5: detected capacity change from 0 to 16
[  180.218372][T12853] handle_bad_sector: 180 callbacks suppressed
[  180.218385][T12853] attempt to access beyond end of device
08:51:09 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x2000000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  180.218385][T12853] loop2: rw=2049, want=123, limit=16
[  180.235328][T12853] buffer_io_error: 164 callbacks suppressed
[  180.235340][T12853] Buffer I/O error on dev loop2, logical block 122, lost async page write
[  180.241564][T12854] attempt to access beyond end of device
[  180.241564][T12854] loop4: rw=2049, want=124, limit=16
[  180.271023][T12856] attempt to access beyond end of device
[  180.271023][T12856] loop5: rw=2049, want=123, limit=16
[  180.281858][T12856] Buffer I/O error on dev loop5, logical block 122, lost async page write
[  180.282197][T12853] attempt to access beyond end of device
[  180.282197][T12853] loop2: rw=2049, want=124, limit=16
[  180.301252][T12853] Buffer I/O error on dev loop2, logical block 123, lost async page write
[  180.304663][T12856] attempt to access beyond end of device
[  180.304663][T12856] loop5: rw=2049, want=124, limit=16
[  180.320560][T12856] Buffer I/O error on dev loop5, logical block 123, lost async page write
[  180.327812][T12853] attempt to access beyond end of device
[  180.327812][T12853] loop2: rw=2049, want=125, limit=16
[  180.332189][T12856] attempt to access beyond end of device
[  180.332189][T12856] loop5: rw=2049, want=125, limit=16
[  180.339837][T12853] Buffer I/O error on dev loop2, logical block 124, lost async page write
[  180.350684][T12856] Buffer I/O error on dev loop5, logical block 124, lost async page write
[  180.366244][T12853] attempt to access beyond end of device
[  180.366244][T12853] loop2: rw=2049, want=126, limit=16
08:51:09 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0xfffffff, 0xf000)

[  180.370315][T12856] attempt to access beyond end of device
[  180.370315][T12856] loop5: rw=2049, want=126, limit=16
[  180.378579][T12853] Buffer I/O error on dev loop2, logical block 125, lost async page write
[  180.389454][T12856] Buffer I/O error on dev loop5, logical block 125, lost async page write
[  180.389686][T12856] attempt to access beyond end of device
[  180.389686][T12856] loop5: rw=2049, want=127, limit=16
[  180.417328][T12856] Buffer I/O error on dev loop5, logical block 126, lost async page write
08:51:09 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)

08:51:09 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0xb00, 0xf000)

08:51:09 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x2500000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  180.417701][T12853] Buffer I/O error on dev loop2, logical block 126, lost async page write
08:51:09 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x1800, 0xf000)

08:51:09 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x4000000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  180.510869][T12898] loop4: detected capacity change from 0 to 16
[  180.535999][T12903] loop5: detected capacity change from 0 to 16
[  180.545588][T12906] loop2: detected capacity change from 0 to 16
[  180.547368][T12904] loop3: detected capacity change from 0 to 16
08:51:09 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0xfe4)

08:51:09 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x4800000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:51:09 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0xc00, 0xf000)

08:51:09 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x10000000, 0xf000)

08:51:09 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x2, 0xf000)

08:51:09 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x2000, 0xf000)

08:51:10 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x3, 0xf000)

08:51:10 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x4c00000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  181.024619][T12935] loop4: detected capacity change from 0 to 16
[  181.035743][T12939] loop2: detected capacity change from 0 to 16
[  181.036987][T12944] loop3: detected capacity change from 0 to 16
[  181.058375][T12943] loop5: detected capacity change from 0 to 16
08:51:10 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x10e6af32, 0xf000)

08:51:10 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0xd00, 0xf000)

08:51:10 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x2200, 0xf000)

08:51:10 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x4, 0xf000)

[  181.107091][T12958] loop3: detected capacity change from 0 to 16
[  181.160576][T12975] loop4: detected capacity change from 0 to 16
[  181.180108][T12982] loop2: detected capacity change from 0 to 16
[  181.187390][T12974] loop3: detected capacity change from 0 to 16
[  181.199040][T12984] loop5: detected capacity change from 0 to 16
08:51:10 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x1100)

08:51:10 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x6000000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:51:10 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x3f00, 0xf000)

08:51:10 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x20000000, 0xf000)

08:51:10 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x5, 0xf000)

08:51:10 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0xe00, 0xf000)

08:51:10 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x6400000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:51:10 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x6, 0xf000)

[  181.897366][T13010] loop3: detected capacity change from 0 to 16
[  181.904941][T13011] loop2: detected capacity change from 0 to 16
[  181.912474][T13012] loop4: detected capacity change from 0 to 16
[  181.913574][T13016] loop5: detected capacity change from 0 to 16
08:51:10 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x6800000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:51:10 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0xf00, 0xf000)

08:51:10 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x4000, 0xf000)

08:51:10 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x22000000, 0xf000)

[  182.013918][T13044] loop3: detected capacity change from 0 to 16
[  182.031938][T13050] loop2: detected capacity change from 0 to 16
[  182.039097][T13040] loop5: detected capacity change from 0 to 16
[  182.046133][T13053] loop4: detected capacity change from 0 to 16
08:51:11 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x6c00000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:51:11 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x7600, 0xf000)

08:51:11 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0xff6, 0xf000)

08:51:11 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x32afe610, 0xf000)

08:51:11 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x7, 0xf000)

08:51:11 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x1200)

08:51:11 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x7400000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  182.774587][T13082] loop2: detected capacity change from 0 to 16
[  182.776085][T13081] loop4: detected capacity change from 0 to 16
[  182.781037][T13084] loop5: detected capacity change from 0 to 16
[  182.788584][T13083] loop3: detected capacity change from 0 to 16
08:51:11 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x2000, 0xf000)

08:51:11 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x8008, 0xf000)

08:51:11 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x7a00000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:51:11 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x3f000000, 0xf000)

08:51:11 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x8, 0xf000)

[  182.886969][T13105] loop5: detected capacity change from 0 to 16
[  182.904805][T13118] loop2: detected capacity change from 0 to 16
[  182.925427][T13124] loop3: detected capacity change from 0 to 16
08:51:11 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x97ffffff00000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  182.935959][T13123] loop4: detected capacity change from 0 to 16
08:51:12 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x2000)

08:51:12 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x2200, 0xf000)

08:51:12 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x9, 0xf000)

08:51:12 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0xeffd, 0xf000)

08:51:12 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xa50c000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:51:12 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x40000000, 0xf000)

08:51:12 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0xa, 0xf000)

[  183.626043][T13153] net_ratelimit: 28 callbacks suppressed
[  183.626056][T13153] IPv4: Oversized IP packet from 127.0.0.1
[  183.633527][T13154] loop2: detected capacity change from 0 to 16
[  183.637646][    C0] IPv4: Oversized IP packet from 127.0.0.1
[  183.644168][T13157] loop5: detected capacity change from 0 to 16
[  183.649829][T13155] loop4: detected capacity change from 0 to 16
[  183.662355][T13158] loop3: detected capacity change from 0 to 16
08:51:12 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x6f000000, 0xf000)

08:51:12 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0xefff, 0xf000)

08:51:12 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xe000000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:51:12 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x3f00, 0xf000)

08:51:12 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0xb, 0xf000)

[  183.747925][T13181] loop3: detected capacity change from 0 to 16
[  183.755544][T13182] IPv4: Oversized IP packet from 127.0.0.1
[  183.761428][    C0] IPv4: Oversized IP packet from 127.0.0.1
[  183.775789][T13188] loop4: detected capacity change from 0 to 16
[  183.779884][T13191] loop2: detected capacity change from 0 to 16
[  183.830083][T13199] loop5: detected capacity change from 0 to 16
[  183.867824][T13211] loop3: detected capacity change from 0 to 16
08:51:13 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x2500)

08:51:13 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xe803000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:51:13 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0xf000, 0xf000)

08:51:13 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x75000000, 0xf000)

08:51:13 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x4000, 0xf000)

08:51:13 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0xc, 0xf000)

08:51:13 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x4c00, 0xf000)

[  184.521707][T13232] loop2: detected capacity change from 0 to 16
[  184.529331][T13233] IPv4: Oversized IP packet from 127.0.0.1
[  184.535192][    C1] IPv4: Oversized IP packet from 127.0.0.1
[  184.542498][T13236] loop5: detected capacity change from 0 to 16
[  184.545401][T13235] loop3: detected capacity change from 0 to 16
[  184.561818][T13237] loop4: detected capacity change from 0 to 16
08:51:13 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0xf60f, 0xf000)

08:51:13 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xe8ff000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:51:13 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0xd, 0xf000)

08:51:13 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x7f510100, 0xf000)

08:51:13 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0xfdef, 0xf000)

[  184.653555][T13259] IPv4: Oversized IP packet from 127.0.0.1
[  184.659509][    C0] IPv4: Oversized IP packet from 127.0.0.1
[  184.661309][T13265] loop2: detected capacity change from 0 to 16
[  184.669710][T13264] loop5: detected capacity change from 0 to 16
[  184.691816][T13266] loop3: detected capacity change from 0 to 16
[  184.762953][T13283] loop4: detected capacity change from 0 to 16
[  184.778417][T13291] loop2: detected capacity change from 0 to 16
08:51:14 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x2701)

08:51:14 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xf401000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:51:14 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0xe, 0xf000)

08:51:14 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x4d00, 0xf000)

08:51:14 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0xff0f, 0xf000)

08:51:14 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0xca000000, 0xf000)

[  185.412343][T13316] loop2: detected capacity change from 0 to 16
[  185.418862][T13317] loop4: detected capacity change from 0 to 16
[  185.444285][T13316] handle_bad_sector: 224 callbacks suppressed
[  185.444298][T13316] attempt to access beyond end of device
[  185.444298][T13316] loop2: rw=2049, want=123, limit=16
[  185.444845][T13323] loop5: detected capacity change from 0 to 16
[  185.450453][T13316] buffer_io_error: 212 callbacks suppressed
[  185.450463][T13316] Buffer I/O error on dev loop2, logical block 122, lost async page write
[  185.466110][T13324] loop3: detected capacity change from 0 to 16
[  185.473568][T13325] IPv4: Oversized IP packet from 127.0.0.1
[  185.493900][    C0] IPv4: Oversized IP packet from 127.0.0.1
[  185.503711][T13317] attempt to access beyond end of device
[  185.503711][T13317] loop4: rw=2049, want=124, limit=16
[  185.533263][T13324] attempt to access beyond end of device
[  185.533263][T13324] loop3: rw=2049, want=123, limit=16
[  185.536633][T13316] attempt to access beyond end of device
[  185.536633][T13316] loop2: rw=2049, want=124, limit=16
[  185.544340][T13324] Buffer I/O error on dev loop3, logical block 122, lost async page write
[  185.555090][T13316] Buffer I/O error on dev loop2, logical block 123, lost async page write
[  185.569608][T13316] attempt to access beyond end of device
[  185.569608][T13316] loop2: rw=2049, want=125, limit=16
08:51:14 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0xcc000000, 0xf000)

[  185.573119][T13323] attempt to access beyond end of device
[  185.573119][T13323] loop5: rw=2049, want=123, limit=16
[  185.583037][T13316] Buffer I/O error on dev loop2, logical block 124, lost async page write
[  185.585568][T13316] attempt to access beyond end of device
[  185.585568][T13316] loop2: rw=2049, want=126, limit=16
[  185.593839][T13323] Buffer I/O error on dev loop5, logical block 122, lost async page write
[  185.594193][T13323] attempt to access beyond end of device
[  185.594193][T13323] loop5: rw=2049, want=124, limit=16
08:51:14 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xfcff000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

[  185.602397][T13316] Buffer I/O error on dev loop2, logical block 125, lost async page write
[  185.613181][T13323] Buffer I/O error on dev loop5, logical block 123, lost async page write
[  185.622444][T13324] attempt to access beyond end of device
[  185.622444][T13324] loop3: rw=2049, want=124, limit=16
[  185.633818][T13323] attempt to access beyond end of device
[  185.633818][T13323] loop5: rw=2049, want=125, limit=16
[  185.641244][T13324] Buffer I/O error on dev loop3, logical block 123, lost async page write
08:51:14 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0xffef, 0xf000)

08:51:14 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x4e00, 0xf000)

08:51:14 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xffff000000000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:51:14 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0xf, 0xf000)

[  185.651475][T13324] Buffer I/O error on dev loop3, logical block 124, lost async page write
[  185.660696][T13323] Buffer I/O error on dev loop5, logical block 124, lost async page write
[  185.755090][T13359] loop4: detected capacity change from 0 to 16
[  185.786241][T13368] ==================================================================
[  185.794476][T13368] BUG: KCSAN: data-race in mark_buffer_dirty_inode / mark_buffer_dirty_inode
[  185.803330][T13368] 
[  185.805674][T13368] write to 0xffff8881066aad58 of 8 bytes by task 13359 on cpu 0:
[  185.813578][T13368]  mark_buffer_dirty_inode+0x188/0x1d0
[  185.816916][T13370] loop2: detected capacity change from 0 to 16
[  185.819042][T13368]  fat_mirror_bhs+0x205/0x330
[  185.830032][T13368]  fat_alloc_clusters+0x95e/0xa50
[  185.835285][T13368]  fat_get_block+0x213/0x5a0
[  185.839882][T13368]  __block_write_begin_int+0x4a2/0x1060
[  185.845425][T13368]  cont_write_begin+0x522/0x850
[  185.850306][T13368]  fat_write_begin+0x61/0xf0
[  185.854883][T13368]  generic_perform_write+0x196/0x3c0
[  185.860160][T13368]  __generic_file_write_iter+0x161/0x300
[  185.865777][T13368]  generic_file_write_iter+0x75/0x130
[  185.871134][T13368]  vfs_write+0x69d/0x770
[  185.875359][T13368]  ksys_write+0xce/0x180
[  185.879584][T13368]  __x64_sys_write+0x3e/0x50
[  185.884158][T13368]  do_syscall_64+0x3d/0x90
[  185.888565][T13368]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  185.894442][T13368] 
[  185.896747][T13368] read to 0xffff8881066aad58 of 8 bytes by task 13368 on cpu 1:
[  185.904354][T13368]  mark_buffer_dirty_inode+0x92/0x1d0
[  185.909719][T13368]  fat_mirror_bhs+0x205/0x330
[  185.914392][T13368]  fat_alloc_clusters+0x95e/0xa50
[  185.919408][T13368]  fat_alloc_new_dir+0x63/0x4b0
[  185.924253][T13368]  vfat_mkdir+0x70/0x210
[  185.928483][T13368]  vfs_mkdir+0x2a4/0x370
[  185.932714][T13368]  do_mkdirat+0x11d/0x200
[  185.937042][T13368]  __x64_sys_mkdir+0x32/0x40
[  185.941630][T13368]  do_syscall_64+0x3d/0x90
[  185.946033][T13368]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  185.952281][T13368] 
[  185.954591][T13368] value changed: 0x0000000000000000 -> 0xffff888106681ad8
[  185.961676][T13368] 
[  185.963978][T13368] Reported by Kernel Concurrency Sanitizer on:
[  185.970111][T13368] CPU: 1 PID: 13368 Comm: syz-executor.4 Not tainted 5.14.0-rc6-syzkaller #0
[  185.978860][T13368] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  185.988899][T13368] ==================================================================
[  186.003267][T13372] loop3: detected capacity change from 0 to 16
[  186.011483][T13376] loop5: detected capacity change from 0 to 16
[  186.077712][T13376] loop5: detected capacity change from 0 to 16
[  186.099188][T13372] loop3: detected capacity change from 0 to 16
08:51:15 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x3000)

08:51:15 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0xffffffff00000000, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:51:15 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x20000, 0xf000)

08:51:15 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0xcd000000, 0xf000)

08:51:15 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x7600, 0xf000)

08:51:15 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x10, 0xf000)

08:51:15 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x3, 0x4e20}, 0x10)

08:51:15 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x40000, 0xf000)

[  186.360726][T13418] loop2: detected capacity change from 0 to 16
[  186.360787][T13419] loop4: detected capacity change from 0 to 16
[  186.373666][T13417] loop5: detected capacity change from 0 to 16
[  186.380886][T13420] loop3: detected capacity change from 0 to 16
08:51:15 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x22, 0xf000)

08:51:15 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0xeffdffff, 0xf000)

08:51:15 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x8008, 0xf000)

08:51:15 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x4, 0x4e20}, 0x10)

[  186.525958][T13462] loop2: detected capacity change from 0 to 16
[  186.527680][T13460] loop4: detected capacity change from 0 to 16
[  186.532670][T13464] loop5: detected capacity change from 0 to 16
[  186.539244][T13463] loop3: detected capacity change from 0 to 16
08:51:16 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x60000, 0xf000)

08:51:16 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x4800)

08:51:16 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0xeffd, 0xf000)

08:51:16 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x5, 0x4e20}, 0x10)

08:51:16 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0xf4ffffff, 0xf000)

08:51:16 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x29, 0xf000)

08:51:16 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x2a, 0xf000)

[  187.232320][T13491] loop3: detected capacity change from 0 to 16
[  187.234958][T13492] loop4: detected capacity change from 0 to 16
[  187.244064][T13494] loop5: detected capacity change from 0 to 16
[  187.245962][T13495] loop2: detected capacity change from 0 to 16
08:51:16 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0xefff, 0xf000)

08:51:16 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x11, 0x4e20}, 0x10)

08:51:16 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0xf5ffffff, 0xf000)

08:51:16 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x80000, 0xf000)

08:51:16 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0xf000, 0xf000)

[  187.366747][T13523] loop5: detected capacity change from 0 to 16
[  187.368707][T13525] loop4: detected capacity change from 0 to 16
[  187.382546][T13524] loop3: detected capacity change from 0 to 16
08:51:16 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x2b, 0xf000)

[  187.443490][T13541] loop2: detected capacity change from 0 to 16
[  187.485577][T13551] loop3: detected capacity change from 0 to 16
[  187.485591][T13552] loop5: detected capacity change from 0 to 16
08:51:17 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0xf60f0000, 0xf000)

08:51:17 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x4c00)

08:51:17 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0xa0000, 0xf000)

08:51:17 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x76, 0xf000)

08:51:17 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0xf60f, 0xf000)

08:51:17 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e05}, 0x10)

08:51:17 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e0a}, 0x10)

[  188.110194][T13574] loop2: detected capacity change from 0 to 16
[  188.117791][T13575] loop3: detected capacity change from 0 to 16
[  188.123075][T13578] loop4: detected capacity change from 0 to 16
[  188.124135][T13577] loop5: detected capacity change from 0 to 16
08:51:17 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0xc0000, 0xf000)

08:51:17 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0xfbffffff, 0xf000)

08:51:17 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0xf0, 0xf000)

08:51:17 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0xfdef, 0xf000)

08:51:17 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e25}, 0x10)

[  188.262871][T13612] loop2: detected capacity change from 0 to 16
[  188.276822][T13613] loop4: detected capacity change from 0 to 16
[  188.289721][T13619] loop3: detected capacity change from 0 to 16
[  188.296234][T13624] loop5: detected capacity change from 0 to 16
08:51:17 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0xe0000, 0xf000)

[  188.393462][T13647] loop2: detected capacity change from 0 to 16
08:51:17 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x6000)

08:51:17 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e29}, 0x10)

08:51:17 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x204, 0xf000)

08:51:17 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0xff0f, 0xf000)

08:51:17 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0xff0f0000, 0xf000)

08:51:17 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x100000, 0xf000)

08:51:18 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x300, 0xf000)

[  189.006428][T13662] loop4: detected capacity change from 0 to 16
[  189.010999][T13663] loop3: detected capacity change from 0 to 16
[  189.012902][T13664] loop2: detected capacity change from 0 to 16
[  189.020088][T13665] loop5: detected capacity change from 0 to 16
[  189.026329][T13666] net_ratelimit: 12 callbacks suppressed
[  189.026339][T13666] IPv4: Oversized IP packet from 127.0.0.1
[  189.043231][    C0] IPv4: Oversized IP packet from 127.0.0.1
08:51:18 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0xffef, 0xf000)

08:51:18 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x7fffff, 0xf000)

08:51:18 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0xffdf0000, 0xf000)

[  189.106904][T13681] loop3: detected capacity change from 0 to 16
[  189.142827][T13695] loop5: detected capacity change from 0 to 16
08:51:18 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20}, 0x10)

08:51:18 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x402, 0xf000)

[  189.168424][T13699] loop2: detected capacity change from 0 to 16
[  189.206176][T13703] IPv4: Oversized IP packet from 127.0.0.1
[  189.212086][    C1] IPv4: Oversized IP packet from 127.0.0.1
[  189.227948][T13709] loop4: detected capacity change from 0 to 16
[  189.242144][T13715] loop3: detected capacity change from 0 to 16
08:51:18 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x6800)

08:51:18 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x20000, 0xf000)

08:51:18 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0xf00000, 0xf000)

08:51:18 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20, @rand_addr=0x2}, 0x10)

08:51:18 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x406, 0xf000)

08:51:18 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0xffefffff, 0xf000)

08:51:18 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20, @rand_addr=0x3}, 0x10)

[  189.909778][T13737] loop3: detected capacity change from 0 to 16
[  189.910096][T13740] loop2: detected capacity change from 0 to 16
[  189.916280][T13739] loop5: detected capacity change from 0 to 16
[  189.922822][T13741] loop4: detected capacity change from 0 to 16
08:51:18 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x500, 0xf000)

08:51:18 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x40000, 0xf000)

08:51:18 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0xfffdffff, 0xf000)

08:51:18 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20, @rand_addr=0x4}, 0x10)

08:51:18 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x1000000, 0xf000)

[  190.056710][T13769] loop3: detected capacity change from 0 to 16
[  190.079318][T13779] loop4: detected capacity change from 0 to 16
[  190.085783][T13783] loop5: detected capacity change from 0 to 16
[  190.088989][T13782] loop2: detected capacity change from 0 to 16
08:51:19 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x6c00)

08:51:19 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20, @rand_addr=0x5}, 0x10)

08:51:19 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x600, 0xf000)

08:51:19 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0xffff7f00, 0xf000)

08:51:19 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x60000, 0xf000)

08:51:19 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x2000000, 0xf000)

[  190.774727][T13811] loop5: detected capacity change from 0 to 16
[  190.787899][T13814] loop2: detected capacity change from 0 to 16
[  190.789567][T13815] loop4: detected capacity change from 0 to 16
[  190.794328][T13816] loop3: detected capacity change from 0 to 16
[  190.815369][T13811] handle_bad_sector: 224 callbacks suppressed
[  190.815384][T13811] attempt to access beyond end of device
[  190.815384][T13811] loop5: rw=2049, want=123, limit=16
[  190.832534][T13811] buffer_io_error: 212 callbacks suppressed
[  190.832610][T13811] Buffer I/O error on dev loop5, logical block 122, lost async page write
[  190.837557][T13814] attempt to access beyond end of device
[  190.837557][T13814] loop2: rw=2049, want=123, limit=16
[  190.852802][T13811] attempt to access beyond end of device
[  190.852802][T13811] loop5: rw=2049, want=124, limit=16
08:51:19 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20, @rand_addr=0x6}, 0x10)

[  190.857891][T13814] Buffer I/O error on dev loop2, logical block 122, lost async page write
[  190.877198][T13811] Buffer I/O error on dev loop5, logical block 123, lost async page write
[  190.884718][T13814] attempt to access beyond end of device
[  190.884718][T13814] loop2: rw=2049, want=124, limit=16
[  190.891906][T13811] attempt to access beyond end of device
[  190.891906][T13811] loop5: rw=2049, want=125, limit=16
[  190.896682][T13814] Buffer I/O error on dev loop2, logical block 123, lost async page write
[  190.916044][T13811] Buffer I/O error on dev loop5, logical block 124, lost async page write
[  190.921008][T13816] attempt to access beyond end of device
[  190.921008][T13816] loop3: rw=2049, want=123, limit=16
[  190.925555][T13811] attempt to access beyond end of device
[  190.925555][T13811] loop5: rw=2049, want=126, limit=16
[  190.935992][T13816] Buffer I/O error on dev loop3, logical block 122, lost async page write
[  190.946999][T13811] Buffer I/O error on dev loop5, logical block 125, lost async page write
[  190.963995][T13814] attempt to access beyond end of device
[  190.963995][T13814] loop2: rw=2049, want=125, limit=16
08:51:19 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20, @rand_addr=0x7}, 0x10)

08:51:19 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0xffffefff, 0xf000)

08:51:20 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x604, 0xf000)

08:51:20 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x2040000, 0xf000)

[  190.971334][T13816] attempt to access beyond end of device
[  190.971334][T13816] loop3: rw=2049, want=124, limit=16
[  190.974775][T13814] Buffer I/O error on dev loop2, logical block 124, lost async page write
[  190.985519][T13816] Buffer I/O error on dev loop3, logical block 123, lost async page write
[  190.986276][T13816] attempt to access beyond end of device
[  190.986276][T13816] loop3: rw=2049, want=125, limit=16
[  190.998571][T13811] Buffer I/O error on dev loop5, logical block 126, lost async page write
08:51:20 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x80000, 0xf000)

[  191.100175][T13852] loop2: detected capacity change from 0 to 16
[  191.125787][T13866] loop5: detected capacity change from 0 to 16
[  191.127343][T13863] loop4: detected capacity change from 0 to 16
[  191.147789][T13870] loop3: detected capacity change from 0 to 16
08:51:20 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x7400)

08:51:20 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20, @rand_addr=0x8}, 0x10)

08:51:20 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0xa0000, 0xf000)

08:51:20 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x3000000, 0xf000)

08:51:20 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x700, 0xf000)

08:51:20 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0xfffffdef, 0xf000)

08:51:20 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x900, 0xf000)

[  191.654938][T13898] loop3: detected capacity change from 0 to 16
[  191.669792][T13899] loop5: detected capacity change from 0 to 16
[  191.678762][T13903] loop2: detected capacity change from 0 to 16
[  191.688754][T13906] loop4: detected capacity change from 0 to 16
08:51:20 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20, @rand_addr=0x9}, 0x10)

08:51:20 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0xc0000, 0xf000)

08:51:20 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x4000000, 0xf000)

08:51:20 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0xfffffdff, 0xf000)

08:51:20 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20, @rand_addr=0xa}, 0x10)

[  191.776838][T13928] loop3: detected capacity change from 0 to 16
[  191.835928][T13946] loop4: detected capacity change from 0 to 16
[  191.840207][T13944] loop5: detected capacity change from 0 to 16
[  191.846612][T13948] loop2: detected capacity change from 0 to 16
08:51:21 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x7a00)

08:51:21 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0xa00, 0xf000)

08:51:21 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20, @rand_addr=0xb}, 0x10)

08:51:21 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0xffffff0f, 0xf000)

08:51:21 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x5000000, 0xf000)

08:51:21 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0xe0000, 0xf000)

08:51:21 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20, @rand_addr=0xc}, 0x10)

08:51:21 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x100000, 0xf000)

[  192.529027][T13972] loop5: detected capacity change from 0 to 16
[  192.552038][T13978] loop4: detected capacity change from 0 to 16
[  192.556481][T13976] loop2: detected capacity change from 0 to 16
[  192.558836][T13980] loop3: detected capacity change from 0 to 16
08:51:21 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0xfffffff4, 0xf000)

08:51:21 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0xb00, 0xf000)

08:51:21 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x6000000, 0xf000)

08:51:21 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20, @rand_addr=0xd}, 0x10)

[  192.656938][T14001] loop5: detected capacity change from 0 to 16
[  192.682377][T14003] loop3: detected capacity change from 0 to 16
[  192.723130][T14016] loop2: detected capacity change from 0 to 16
[  192.735114][T14020] loop4: detected capacity change from 0 to 16
08:51:22 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x8100)

08:51:22 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x7fffff, 0xf000)

08:51:22 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0xc00, 0xf000)

08:51:22 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20, @rand_addr=0xe}, 0x10)

08:51:22 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x6040000, 0xf000)

08:51:22 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0xfffffff5, 0xf000)

[  193.488856][T14049] loop5: detected capacity change from 0 to 16
[  193.491841][T14050] loop2: detected capacity change from 0 to 16
[  193.495932][T14053] loop4: detected capacity change from 0 to 16
[  193.506237][T14052] loop3: detected capacity change from 0 to 16
08:51:22 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x7000000, 0xf000)

08:51:22 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0xd00, 0xf000)

08:51:22 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20, @rand_addr=0xf}, 0x10)

08:51:22 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0xf00000, 0xf000)

08:51:22 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0xfffffffb, 0xf000)

08:51:22 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20, @rand_addr=0x10}, 0x10)

[  193.623119][T14082] loop3: detected capacity change from 0 to 16
[  193.648740][T14084] loop2: detected capacity change from 0 to 16
[  193.672238][T14094] loop5: detected capacity change from 0 to 16
[  193.687933][T14098] loop4: detected capacity change from 0 to 16
08:51:23 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0xe40f)

08:51:23 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0xe00, 0xf000)

08:51:23 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20, @rand_addr=0x11}, 0x10)

08:51:23 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x8000000, 0xf000)

08:51:23 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x1000000, 0xf000)

08:51:23 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x10000000000, 0xf000)

[  194.361762][T14126] loop3: detected capacity change from 0 to 16
[  194.368318][T14127] loop2: detected capacity change from 0 to 16
[  194.370322][T14129] loop5: detected capacity change from 0 to 16
[  194.374942][T14130] loop4: detected capacity change from 0 to 16
08:51:23 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0xf00, 0xf000)

08:51:23 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20, @rand_addr=0x12}, 0x10)

08:51:23 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x2000000, 0xf000)

08:51:23 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x8800000, 0xf000)

08:51:23 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x80000000000, 0xf000)

08:51:23 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20, @rand_addr=0x18}, 0x10)

[  194.539184][T14170] loop2: detected capacity change from 0 to 16
[  194.542077][T14171] loop5: detected capacity change from 0 to 16
[  194.549957][T14173] loop4: detected capacity change from 0 to 16
[  194.552478][T14172] loop3: detected capacity change from 0 to 16
08:51:24 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0xff6, 0xf000)

08:51:24 executing program 0:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000680005"], 0x1c}], 0x1}, 0x0)
write$binfmt_misc(r1, &(0x7f00000001c0)=ANY=[], 0x1000000c8)
splice(r0, 0x0, r2, 0x0, 0x30000033fe0, 0x34000)

08:51:24 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20, @rand_addr=0x25}, 0x10)

08:51:24 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x9000000, 0xf000)

08:51:24 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x800800000000, 0xf000)

08:51:24 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x2040000, 0xf000)

08:51:24 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20, @rand_addr=0x48}, 0x10)

[  195.263288][T14201] loop4: detected capacity change from 0 to 16
[  195.263726][T14205] loop2: detected capacity change from 0 to 16
[  195.269754][T14202] loop3: detected capacity change from 0 to 16
[  195.282401][T14204] loop5: detected capacity change from 0 to 16
08:51:24 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x2a670bd, 0xf000)

08:51:24 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x1000000000000, 0xf000)

08:51:24 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000740)=ANY=[], 0x178)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200)=0x2000, 0xf000)

08:51:24 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0xa000000, 0xf000)

08:51:24 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8001}, 0x4)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x10a)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$packet_buf(r1, 0x107, 0x0, 0x0, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0x8000000000004, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20, @rand_addr=0x4c}, 0x10)

08:51:24 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f00000002c0)="eb3c906d6b66732e66617400020101000240008000f801", 0x17}, {0x0, 0x0, 0x1000}], 0x0, &(0x7f0000000180)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000080)={[{0x0, 'cpu'}]}, 0x5)
set_mempolicy(0x1, &(0x7f0000000000)=0x401, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200)=0x3000000, 0xf000)

[  195.387679][T14232] loop5: detected capacity change from 0 to 16
[  195.414410][T14233] loop3: detected capacity change from 0 to 16
[  195.456904][T14249] loop2: detected capacity change from 0 to 16
[  195.459526][T14247] loop4: detected capacity change from 0 to 16
[  195.530937][T14266] loop5: detected capacity change from 0 to 16