t(0x7, r0, 0x0, 0x0) 05:22:27 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {0x0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:22:27 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000000001f002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:22:27 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000a00000000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2242.080643][ T25] kauditd_printk_skb: 166 callbacks suppressed [ 2242.080656][ T25] audit: type=1326 audit(1625635347.928:54442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=20517 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2242.099855][T20524] loop3: detected capacity change from 0 to 2216 [ 2242.120444][ T25] audit: type=1326 audit(1625635347.958:54443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=20517 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=56 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2242.145989][ T25] audit: type=1326 audit(1625635347.958:54444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=20517 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2242.147964][T20521] loop0: detected capacity change from 0 to 1 [ 2242.191472][ T25] audit: type=1326 audit(1625635347.958:54445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=20517 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=186 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2242.215975][ T25] audit: type=1326 audit(1625635347.958:54446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=20517 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2242.240609][ T25] audit: type=1326 audit(1625635347.958:54447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=20517 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=61 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2242.265764][ T25] audit: type=1326 audit(1625635347.958:54448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=20523 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2242.290160][ T25] audit: type=1326 audit(1625635347.968:54449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=20523 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=56 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2242.299657][T20521] loop0: p1 p2 p3 p4[EZD] 05:22:28 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x0, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2242.314853][ T25] audit: type=1326 audit(1625635347.968:54450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=20523 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2242.330840][T20521] loop0: p1 start 10 is beyond EOD, truncated [ 2242.346490][ T25] audit: type=1326 audit(1625635347.968:54451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=20523 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=186 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2242.348919][T20521] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2242.361711][T20521] loop0: p3 start 225 is beyond EOD, truncated 05:22:28 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:22:28 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000020002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2242.386523][T20521] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:22:28 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000b00000000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:22:28 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000001020002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2242.416813][T20547] loop3: detected capacity change from 0 to 2216 [ 2242.470791][T20558] loop0: detected capacity change from 0 to 1 [ 2242.508723][T20562] loop3: detected capacity change from 0 to 2216 [ 2242.521794][T20558] loop0: p1 p2 p3 p4[EZD] [ 2242.527096][T20558] loop0: p1 start 10 is beyond EOD, truncated [ 2242.533194][T20558] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2242.544289][T20558] loop0: p3 start 225 is beyond EOD, truncated [ 2242.550469][T20558] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:22:28 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000021002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2242.579880][T20566] loop0: detected capacity change from 0 to 1 [ 2242.618191][T20566] loop0: p1 p2 p3 p4[EZD] 05:22:28 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000022002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2242.627552][T20566] loop0: p1 start 10 is beyond EOD, truncated [ 2242.632905][T20579] loop3: detected capacity change from 0 to 2216 [ 2242.633850][T20566] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2242.651381][T20566] loop0: p3 start 225 is beyond EOD, truncated [ 2242.657548][T20566] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:22:28 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000c00000000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2242.733895][T20586] loop3: detected capacity change from 0 to 2216 [ 2242.768927][ T1037] loop0: p1 p2 p3 p4[EZD] [ 2242.773751][ T1037] loop0: p1 start 10 is beyond EOD, truncated [ 2242.779864][ T1037] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2242.787381][ T1037] loop0: p3 start 225 is beyond EOD, truncated [ 2242.793595][ T1037] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2242.828876][T20595] loop0: detected capacity change from 0 to 1 [ 2242.872474][ T1037] loop0: p1 p2 p3 p4[EZD] [ 2242.877026][ T1037] loop0: p1 start 10 is beyond EOD, truncated [ 2242.883228][ T1037] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2242.891838][ T1037] loop0: p3 start 225 is beyond EOD, truncated [ 2242.898008][ T1037] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2242.907575][T20595] loop0: p1 p2 p3 p4[EZD] [ 2242.912357][T20595] loop0: p1 start 10 is beyond EOD, truncated [ 2242.918446][T20595] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2242.926898][T20595] loop0: p3 start 225 is beyond EOD, truncated [ 2242.933093][T20595] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2243.003672][T20601] loop0: detected capacity change from 0 to 1 [ 2243.048138][T20601] loop0: p1 p2 p3 p4[EZD] [ 2243.052686][T20601] loop0: p1 start 10 is beyond EOD, truncated [ 2243.058789][T20601] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2243.066285][T20601] loop0: p3 start 225 is beyond EOD, truncated [ 2243.072476][T20601] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:22:30 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {&(0x7f0000000000)=""/3, 0x3}], 0x2, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:22:30 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000023002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:22:30 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000d00000000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:22:30 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {0x0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2245.101622][T20625] loop3: detected capacity change from 0 to 2216 [ 2245.115849][T20628] loop0: detected capacity change from 0 to 1 [ 2245.161623][T20628] loop0: p1 p2 p3 p4[EZD] [ 2245.168023][T20628] loop0: p1 start 10 is beyond EOD, truncated [ 2245.174139][T20628] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2245.182555][T20628] loop0: p3 start 225 is beyond EOD, truncated [ 2245.188751][T20628] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2245.238663][T20640] loop0: detected capacity change from 0 to 1 [ 2245.278556][T20640] loop0: p1 p2 p3 p4[EZD] [ 2245.283317][T20640] loop0: p1 start 10 is beyond EOD, truncated [ 2245.289421][T20640] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2245.297313][T20640] loop0: p3 start 225 is beyond EOD, truncated [ 2245.303518][T20640] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2245.313739][ T1037] loop0: p1 p2 p3 p4[EZD] [ 2245.318589][ T1037] loop0: p1 start 10 is beyond EOD, truncated [ 2245.324664][ T1037] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2245.332338][ T1037] loop0: p3 start 225 is beyond EOD, truncated 05:22:31 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x0, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2245.338514][ T1037] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:22:31 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$cont(0x7, r0, 0x0, 0x0) 05:22:31 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000024002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:22:31 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000e00000000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:22:31 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000025002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2245.419471][T20668] loop3: detected capacity change from 0 to 2216 [ 2245.426880][T20670] loop0: detected capacity change from 0 to 1 [ 2245.478656][T20670] loop0: p1 p2 p3 p4[EZD] [ 2245.483293][T20670] loop0: p1 start 10 is beyond EOD, truncated [ 2245.489420][T20670] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2245.503475][T20670] loop0: p3 start 225 is beyond EOD, truncated [ 2245.509680][T20670] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2245.515145][T20684] loop3: detected capacity change from 0 to 2216 05:22:31 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000026002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:22:31 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063001000000000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2245.535944][ T1037] loop0: p1 p2 p3 p4[EZD] [ 2245.540651][ T1037] loop0: p1 start 10 is beyond EOD, truncated [ 2245.546786][ T1037] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2245.555587][ T1037] loop0: p3 start 225 is beyond EOD, truncated [ 2245.561773][ T1037] loop0: p4 size 3657465856 extends beyond EOD, [ 2245.568160][ T1037] truncated 05:22:31 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000027002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2245.639248][T20700] loop3: detected capacity change from 0 to 2216 [ 2245.658477][T20703] loop0: detected capacity change from 0 to 1 [ 2245.688146][T20703] loop0: p1 p2 p3 p4[EZD] [ 2245.692729][T20703] loop0: p1 start 10 is beyond EOD, truncated [ 2245.698826][T20703] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2245.707066][T20703] loop0: p3 start 225 is beyond EOD, truncated [ 2245.713270][T20703] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2245.721272][T20707] loop3: detected capacity change from 0 to 2216 [ 2245.784050][T20719] loop0: detected capacity change from 0 to 16400 05:22:33 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {&(0x7f0000000000)=""/3, 0x3}], 0x2, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:22:33 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000028002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:22:33 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063001100000000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:22:33 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {0x0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2248.132321][ T25] kauditd_printk_skb: 130 callbacks suppressed [ 2248.132335][ T25] audit: type=1326 audit(1625635353.978:54582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=20727 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2248.164574][T20732] loop3: detected capacity change from 0 to 2216 [ 2248.185725][T20735] loop0: detected capacity change from 0 to 1 [ 2248.198864][ T25] audit: type=1326 audit(1625635353.978:54583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=20727 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=56 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2248.223923][ T25] audit: type=1326 audit(1625635353.978:54584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=20727 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2248.248562][ T25] audit: type=1326 audit(1625635353.978:54585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=20727 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=186 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2248.253171][T20735] loop0: p1 p2 p3 p4[EZD] [ 2248.273844][ T25] audit: type=1326 audit(1625635353.978:54586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=20727 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2248.282682][T20735] loop0: p1 start 10 is beyond EOD, truncated [ 2248.305328][ T25] audit: type=1326 audit(1625635353.978:54587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=20727 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=61 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2248.307324][T20735] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2248.326220][T20735] loop0: p3 start 225 is beyond EOD, [ 2248.332267][ T25] audit: type=1326 audit(1625635353.978:54588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=20729 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2248.338637][T20735] truncated [ 2248.338644][T20735] loop0: p4 size 3657465856 extends beyond EOD, 05:22:34 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x0, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2248.344291][ T25] audit: type=1326 audit(1625635353.978:54589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=20729 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=278 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2248.368183][T20735] truncated [ 2248.371610][ T25] audit: type=1326 audit(1625635353.978:54590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=20729 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 05:22:34 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$cont(0x7, r0, 0x0, 0x0) 05:22:34 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000029002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2248.438373][ T25] audit: type=1326 audit(1625635353.978:54591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=20729 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=101 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2248.464722][T20755] loop3: detected capacity change from 0 to 2216 05:22:34 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000000002a002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2248.483514][T20743] loop0: detected capacity change from 0 to 1 05:22:34 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000000002b002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2248.528176][T20743] loop0: p1 p2 p3 p4[EZD] [ 2248.532687][T20743] loop0: p1 start 10 is beyond EOD, truncated [ 2248.538792][T20743] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2248.547986][T20743] loop0: p3 start 225 is beyond EOD, truncated [ 2248.554241][T20743] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2248.555441][T20769] loop3: detected capacity change from 0 to 2216 05:22:34 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063001200000000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:22:34 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000000002c002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2248.604990][ T1037] loop0: p1 p2 p3 p4[EZD] [ 2248.614032][ T1037] loop0: p1 start 10 is beyond EOD, truncated [ 2248.617970][T20779] loop3: detected capacity change from 0 to 2216 [ 2248.620139][ T1037] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2248.635111][ T1037] loop0: p3 start 225 is beyond EOD, truncated [ 2248.641314][ T1037] loop0: p4 size 3657465856 extends beyond EOD, [ 2248.647711][ T1037] truncated 05:22:34 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000000022c002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2248.697963][T20785] loop3: detected capacity change from 0 to 2216 [ 2248.720032][T20790] loop0: detected capacity change from 0 to 1 [ 2248.759705][T20790] loop0: p1 p2 p3 p4[EZD] [ 2248.764614][T20790] loop0: p1 start 10 is beyond EOD, truncated [ 2248.770742][T20790] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2248.778387][T20790] loop0: p3 start 225 is beyond EOD, truncated [ 2248.784546][T20790] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2248.805557][T20801] loop3: detected capacity change from 0 to 2216 [ 2248.840817][T20796] loop0: detected capacity change from 0 to 1 [ 2248.878482][T20796] loop0: p1 p2 p3 p4[EZD] [ 2248.883111][T20796] loop0: p1 start 10 is beyond EOD, truncated [ 2248.889235][T20796] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2248.896933][T20796] loop0: p3 start 225 is beyond EOD, truncated [ 2248.903159][T20796] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:22:37 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000000002d002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:22:37 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063002900000000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:22:37 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(0x0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:22:37 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {&(0x7f0000000000)=""/3, 0x3}], 0x2, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2251.170405][T20833] loop3: detected capacity change from 0 to 2216 [ 2251.177749][T20832] loop0: detected capacity change from 0 to 1 [ 2251.221492][T20832] loop0: p1 p2 p3 p4[EZD] [ 2251.226472][T20832] loop0: p1 start 10 is beyond EOD, truncated [ 2251.232612][T20832] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2251.240397][T20832] loop0: p3 start 225 is beyond EOD, truncated [ 2251.246588][T20832] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2251.257666][ T1037] loop0: p1 p2 p3 p4[EZD] [ 2251.262347][ T1037] loop0: p1 start 10 is beyond EOD, truncated [ 2251.268607][ T1037] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2251.276071][ T1037] loop0: p3 start 225 is beyond EOD, truncated [ 2251.282267][ T1037] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2251.328964][T20854] loop0: detected capacity change from 0 to 16400 05:22:37 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:22:37 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$cont(0x7, r0, 0x0, 0x0) 05:22:37 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000000002e002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:22:37 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000007000000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:22:37 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000000002f002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2251.472342][T20866] loop3: detected capacity change from 0 to 2216 [ 2251.491713][T20867] loop0: detected capacity change from 0 to 1 05:22:37 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2251.528081][T20867] loop0: p1 p2 p3 p4[EZD] [ 2251.532782][T20867] loop0: p1 start 10 is beyond EOD, truncated [ 2251.538944][T20867] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2251.547425][T20867] loop0: p3 start 225 is beyond EOD, truncated [ 2251.553639][T20867] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:22:37 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000000003f002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2251.579693][T20883] loop3: detected capacity change from 0 to 2216 05:22:37 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063009307000000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:22:37 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2251.628801][T20885] loop0: detected capacity change from 0 to 16400 [ 2251.652441][T20894] loop3: detected capacity change from 0 to 2216 05:22:37 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000040002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2251.692332][T20898] loop0: detected capacity change from 0 to 1 [ 2251.759233][T20909] loop3: detected capacity change from 0 to 2216 [ 2251.760861][T20898] loop0: p1 p2 p3 p4[EZD] [ 2251.777702][T20898] loop0: p1 start 10 is beyond EOD, truncated [ 2251.783869][T20898] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2251.805495][T20898] loop0: p3 start 225 is beyond EOD, truncated [ 2251.811764][T20898] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2251.889418][T20921] loop0: detected capacity change from 0 to 16400 05:22:40 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(0x0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:22:40 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000ffffff85002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:22:40 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2254.190383][ T25] kauditd_printk_skb: 137 callbacks suppressed [ 2254.190437][ T25] audit: type=1326 audit(1625635360.028:54729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=20927 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2254.221522][T20935] loop3: detected capacity change from 0 to 2216 [ 2254.236592][ T25] audit: type=1326 audit(1625635360.038:54730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=20927 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=56 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2254.261186][ T25] audit: type=1326 audit(1625635360.038:54731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=20927 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2254.288639][ T25] audit: type=1326 audit(1625635360.038:54732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=20927 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=186 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2254.313045][ T25] audit: type=1326 audit(1625635360.038:54733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=20927 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2254.339041][ T25] audit: type=1326 audit(1625635360.038:54734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=20927 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=61 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2254.363260][ T25] audit: type=1326 audit(1625635360.038:54735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=20930 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2254.388603][ T25] audit: type=1326 audit(1625635360.038:54736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=20930 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=278 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2254.412916][ T25] audit: type=1326 audit(1625635360.038:54737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=20930 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 05:22:40 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:22:40 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063009607000000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:22:40 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {&(0x7f0000000000)=""/3, 0x3}], 0x2, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:22:40 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000ffffff8c002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:22:40 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2254.437185][ T25] audit: type=1326 audit(1625635360.038:54738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=20930 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=101 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2254.490218][T20948] loop0: detected capacity change from 0 to 1 [ 2254.518358][T20960] loop3: detected capacity change from 0 to 2216 05:22:40 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000000edc0002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:22:40 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2254.548050][T20948] loop0: p1 p2 p3 p4[EZD] [ 2254.552790][T20948] loop0: p1 start 10 is beyond EOD, truncated [ 2254.558900][T20948] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2254.576478][T20948] loop0: p3 start 225 is beyond EOD, truncated [ 2254.582669][T20948] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:22:40 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000000001d3002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:22:40 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2254.619815][T20970] loop0: detected capacity change from 0 to 16400 [ 2254.621762][T20980] loop3: detected capacity change from 0 to 2216 [ 2254.698458][T20989] loop3: detected capacity change from 0 to 2216 05:22:43 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(0x0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:22:43 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063009f07000000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:22:43 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2257.224292][T21006] loop0: detected capacity change from 0 to 1 [ 2257.268354][T21006] loop0: p1 p2 p3 p4[EZD] [ 2257.273292][T21006] loop0: p1 start 10 is beyond EOD, truncated [ 2257.279433][T21006] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2257.287009][T21006] loop0: p3 start 225 is beyond EOD, truncated [ 2257.293205][T21006] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:22:43 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:22:43 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000ffffffda002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:22:43 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:22:43 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac00000000006300a307000000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:22:43 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {&(0x7f0000000000)=""/3, 0x3}], 0x2, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2257.530844][T21028] loop0: detected capacity change from 0 to 1 [ 2257.532945][T21027] loop3: detected capacity change from 0 to 2216 [ 2257.568259][T21028] loop0: p1 p2 p3 p4[EZD] 05:22:43 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:22:43 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000000001e8002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2257.577511][T21028] loop0: p1 start 10 is beyond EOD, truncated [ 2257.583630][T21028] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2257.603501][T21028] loop0: p3 start 225 is beyond EOD, truncated [ 2257.609803][T21028] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:22:43 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000000001e9002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2257.669120][T21050] loop0: detected capacity change from 0 to 16400 [ 2257.675911][T21051] loop3: detected capacity change from 0 to 2216 05:22:43 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac00000000006300a607000000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2257.745201][T21063] loop3: detected capacity change from 0 to 2216 [ 2257.815479][T21069] loop0: detected capacity change from 0 to 1 [ 2257.858168][T21069] loop0: p1 p2 p3 p4[EZD] [ 2257.862758][T21069] loop0: p1 start 10 is beyond EOD, truncated [ 2257.868866][T21069] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2257.876438][T21069] loop0: p3 start 225 is beyond EOD, truncated [ 2257.882624][T21069] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2257.929069][T21073] loop0: detected capacity change from 0 to 1 [ 2257.968710][T21073] loop0: p1 p2 p3 p4[EZD] [ 2257.973750][T21073] loop0: p1 start 10 is beyond EOD, truncated [ 2257.979855][T21073] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2257.987371][T21073] loop0: p3 start 225 is beyond EOD, truncated [ 2257.993584][T21073] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:22:46 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000fffffff0002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:22:46 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x0) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:22:46 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac00000000006300ad07000000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2260.213507][T21087] loop3: detected capacity change from 0 to 2216 [ 2260.231123][T21090] loop0: detected capacity change from 0 to 1 [ 2260.242239][ T25] kauditd_printk_skb: 221 callbacks suppressed [ 2260.242251][ T25] audit: type=1326 audit(1625635366.088:54960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=21089 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2260.277409][ T25] audit: type=1326 audit(1625635366.088:54961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=21089 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2260.308206][T21090] loop0: p1 p2 p3 p4[EZD] [ 2260.310090][ T25] audit: type=1326 audit(1625635366.108:54962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=21089 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=56 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2260.312762][T21090] loop0: p1 start 10 is beyond EOD, truncated [ 2260.341131][ T25] audit: type=1326 audit(1625635366.108:54963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=21089 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2260.342792][T21090] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2260.369521][ T25] audit: type=1326 audit(1625635366.108:54964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=21089 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=186 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2260.387774][T21090] loop0: p3 start 225 is beyond EOD, truncated [ 2260.399932][ T25] audit: type=1326 audit(1625635366.108:54965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=21089 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2260.404656][T21090] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2260.435977][ T25] audit: type=1326 audit(1625635366.108:54966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=21089 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=61 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2260.460251][ T25] audit: type=1326 audit(1625635366.118:54967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=21097 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2260.484736][ T25] audit: type=1326 audit(1625635366.118:54968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=21097 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=278 compat=0 ip=0x4665d9 code=0x7ffc0000 05:22:46 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:22:46 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000fffffff6002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:22:46 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {&(0x7f0000000000)=""/3, 0x3}], 0x2, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2260.511806][ T25] audit: type=1326 audit(1625635366.118:54969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=21097 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2260.524359][T21090] loop0: detected capacity change from 0 to 1 05:22:46 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:22:46 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:22:46 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000fffffdf9002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2260.571976][T21122] loop3: detected capacity change from 0 to 2216 [ 2260.580568][T21090] loop0: p1 p2 p3 p4[EZD] [ 2260.590250][T21090] loop0: p1 start 10 is beyond EOD, truncated [ 2260.596415][T21090] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2260.605589][T21090] loop0: p3 start 225 is beyond EOD, truncated [ 2260.611857][T21090] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:22:46 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:22:46 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac00000000006300f207000000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:22:46 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000000007fc002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2260.665806][T21137] loop3: detected capacity change from 0 to 2216 05:22:46 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000fffffdfd002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2260.709870][ T1037] loop0: p1 p2 p3 p4[EZD] [ 2260.714473][ T1037] loop0: p1 start 10 is beyond EOD, truncated [ 2260.720584][ T1037] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2260.728109][ T1037] loop0: p3 start 225 is beyond EOD, truncated [ 2260.734258][ T1037] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2260.748172][T21154] loop3: detected capacity change from 0 to 2216 [ 2260.788938][T21151] loop0: detected capacity change from 0 to 1 [ 2260.808502][T21165] loop3: detected capacity change from 0 to 2216 [ 2260.838168][ T1037] loop0: p1 p2 p3 p4[EZD] [ 2260.842681][ T1037] loop0: p1 start 10 is beyond EOD, truncated [ 2260.848772][ T1037] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2260.856872][ T1037] loop0: p3 start 225 is beyond EOD, truncated [ 2260.863054][ T1037] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2260.872597][T21151] loop0: p1 p2 p3 p4[EZD] [ 2260.877295][T21151] loop0: p1 start 10 is beyond EOD, truncated [ 2260.883502][T21151] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2260.891237][T21151] loop0: p3 start 225 is beyond EOD, truncated [ 2260.897495][T21151] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2260.942956][T21181] loop0: detected capacity change from 0 to 16400 05:22:49 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000fffffffe002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:22:49 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x0) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:22:49 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac00000000006300f507000000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:22:49 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000fff002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2263.235385][T21188] loop3: detected capacity change from 0 to 2216 [ 2263.246166][T21193] loop0: detected capacity change from 0 to 1 [ 2263.290763][T21193] loop0: p1 p2 p3 p4[EZD] [ 2263.295252][T21193] loop0: p1 start 10 is beyond EOD, truncated [ 2263.301393][T21193] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2263.315610][T21193] loop0: p3 start 225 is beyond EOD, truncated [ 2263.321788][T21193] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2263.381644][T21214] loop0: detected capacity change from 0 to 16400 05:22:49 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {&(0x7f0000000000)=""/3, 0x3}], 0x2, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:22:49 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:22:49 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000fffff7ff002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:22:49 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac00000000006300000a000000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:22:49 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000fffffbff002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:22:49 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100), 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2263.627659][T21227] loop3: detected capacity change from 0 to 2216 [ 2263.640283][T21231] loop0: detected capacity change from 0 to 1 05:22:49 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100), 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2263.698114][T21231] loop0: p1 p2 p3 p4[EZD] [ 2263.706018][T21231] loop0: p1 start 10 is beyond EOD, truncated [ 2263.712267][T21231] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2263.730847][T21231] loop0: p3 start 225 is beyond EOD, truncated [ 2263.737028][T21231] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:22:49 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000001fffff002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2263.737320][T21249] loop3: detected capacity change from 0 to 2216 [ 2263.789352][T21251] loop0: detected capacity change from 0 to 16400 05:22:49 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000fff7ffff002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2263.830530][T21261] loop3: detected capacity change from 0 to 2216 [ 2263.906693][T21268] loop3: detected capacity change from 0 to 2216 05:22:52 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac00000000006300000d000000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:22:52 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x0) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:22:52 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000fffbffff002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2266.282471][T21278] loop3: detected capacity change from 0 to 2216 [ 2266.289310][ T25] kauditd_printk_skb: 222 callbacks suppressed [ 2266.289321][ T25] audit: type=1326 audit(1625635372.138:55192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=21276 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2266.294765][T21281] loop0: detected capacity change from 0 to 1 [ 2266.296355][ T25] audit: type=1326 audit(1625635372.138:55193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=21276 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=56 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2266.354245][ T25] audit: type=1326 audit(1625635372.138:55194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=21276 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2266.379529][ T25] audit: type=1326 audit(1625635372.138:55195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=21276 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=186 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2266.406102][ T25] audit: type=1326 audit(1625635372.138:55196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=21276 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2266.433706][ T25] audit: type=1326 audit(1625635372.168:55197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=21282 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=231 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2266.435492][T21281] loop0: p1 p2 p3 p4[EZD] [ 2266.461097][ T25] audit: type=1326 audit(1625635372.168:55198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=21276 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=61 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2266.486605][T21281] loop0: p1 start 10 is beyond EOD, truncated [ 2266.487732][ T25] audit: type=1326 audit(1625635372.168:55199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=21276 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2266.492748][T21281] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2266.517813][ T25] audit: type=1326 audit(1625635372.168:55200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=21276 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2266.537511][T21281] loop0: p3 start 225 is beyond EOD, truncated [ 2266.554422][T21281] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:22:52 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {&(0x7f0000000000)=""/3, 0x3}], 0x2, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2266.554605][ T25] audit: type=1326 audit(1625635372.168:55201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=21276 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=278 compat=0 ip=0x4665d9 code=0x7ffc0000 05:22:52 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:22:52 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000f9fdffff002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:22:52 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:22:52 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(0x0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2266.640000][T21287] loop0: detected capacity change from 0 to 1 [ 2266.665972][T21316] loop3: detected capacity change from 0 to 2216 05:22:52 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000fdfdffff002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:22:52 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100), 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2266.698416][T21287] loop0: p1 p2 p3 p4[EZD] [ 2266.703228][T21287] loop0: p1 start 10 is beyond EOD, truncated [ 2266.709343][T21287] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2266.725987][T21287] loop0: p3 start 225 is beyond EOD, truncated [ 2266.732233][T21287] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:22:52 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000110000000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:22:52 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000007fffffff002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2266.785197][T21335] loop3: detected capacity change from 0 to 2216 05:22:52 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000085ffffff002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2266.870161][T21343] loop3: detected capacity change from 0 to 2216 [ 2266.889509][T21346] loop0: detected capacity change from 0 to 1 [ 2266.908710][T21346] loop0: p1 p2 p3 p4[EZD] [ 2266.913489][T21346] loop0: p1 start 10 is beyond EOD, truncated [ 2266.919602][T21346] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2266.927950][T21346] loop0: p3 start 225 is beyond EOD, truncated [ 2266.934123][T21346] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:22:52 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000000030000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:22:52 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000008cffffff002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2266.964924][T21356] loop3: detected capacity change from 0 to 2216 [ 2267.030560][T21365] loop0: detected capacity change from 0 to 1 [ 2267.055284][T21365] loop0: p1 p2 p3 p4[EZD] [ 2267.060452][T21365] loop0: p1 start 10 is beyond EOD, truncated [ 2267.066545][T21365] loop0: p2 start 3 is beyond EOD, truncated [ 2267.069427][T21372] loop3: detected capacity change from 0 to 2216 05:22:52 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000daffffff002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2267.072578][T21365] loop0: p3 start 225 is beyond EOD, truncated [ 2267.085054][T21365] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2267.114930][T21375] loop0: detected capacity change from 0 to 1 [ 2267.158311][T21375] loop0: p1 p2 p3 p4[EZD] [ 2267.163197][T21375] loop0: p1 start 10 is beyond EOD, truncated [ 2267.169332][T21375] loop0: p2 start 3 is beyond EOD, truncated [ 2267.175343][T21375] loop0: p3 start 225 is beyond EOD, truncated [ 2267.181522][T21375] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2267.201059][T21387] loop3: detected capacity change from 0 to 2216 05:22:55 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:22:55 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063009c001f0000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:22:55 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000f0ffffff002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:22:55 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(0x0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:22:55 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:22:55 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{0x0}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:22:55 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000f6ffffff002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2269.698137][T21401] loop3: detected capacity change from 0 to 2216 [ 2269.699704][T21399] loop0: detected capacity change from 0 to 1 05:22:55 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000feffffff002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2269.768333][T21399] loop0: p1 p2 p3 p4[EZD] [ 2269.773118][T21399] loop0: p1 start 10 is beyond EOD, truncated [ 2269.779246][T21399] loop0: p2 start 31 is beyond EOD, truncated [ 2269.785329][T21399] loop0: p3 start 225 is beyond EOD, truncated [ 2269.791636][T21399] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2269.800262][T21417] loop3: detected capacity change from 0 to 2216 05:22:55 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000020000002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2269.848438][T21414] loop0: detected capacity change from 0 to 1 [ 2269.863326][T21431] loop3: detected capacity change from 0 to 2216 [ 2269.910026][T21414] loop0: p1 p2 p3 p4[EZD] [ 2269.914700][T21414] loop0: p1 start 10 is beyond EOD, truncated [ 2269.920878][T21414] loop0: p2 start 31 is beyond EOD, truncated [ 2269.926953][T21414] loop0: p3 start 225 is beyond EOD, truncated [ 2269.933122][T21414] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:22:55 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000030000002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2269.955790][T21440] loop3: detected capacity change from 0 to 2216 05:22:55 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800000000000001004000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:22:55 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000040000002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2270.024706][T21445] loop3: detected capacity change from 0 to 2216 [ 2270.087481][T21451] loop0: detected capacity change from 0 to 1 [ 2270.101969][T21455] loop3: detected capacity change from 0 to 2216 [ 2270.130111][T21451] loop0: p1 p2 p3 p4[EZD] [ 2270.134838][T21451] loop0: p1 start 10 is beyond EOD, truncated [ 2270.140936][T21451] loop0: p2 size 1073742080 extends beyond EOD, truncated [ 2270.149089][T21451] loop0: p3 start 225 is beyond EOD, truncated [ 2270.155304][T21451] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2270.198551][T21462] loop0: detected capacity change from 0 to 16400 05:22:58 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:22:58 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000050000002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:22:58 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800000000000003004000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:22:58 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(0x0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:22:58 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2272.723283][ T25] kauditd_printk_skb: 218 callbacks suppressed [ 2272.723298][ T25] audit: type=1326 audit(1625635378.568:55420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=21476 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2272.724205][T21479] loop3: detected capacity change from 0 to 2216 05:22:58 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{0x0}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2272.731310][ T25] audit: type=1326 audit(1625635378.568:55421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=21476 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=56 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2272.807256][T21477] loop0: detected capacity change from 0 to 1 05:22:58 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000060000002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2272.830131][ T25] audit: type=1326 audit(1625635378.568:55422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=21476 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2272.854894][ T25] audit: type=1326 audit(1625635378.568:55423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=21476 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=186 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2272.871562][T21477] loop0: p1 p2 p3 p4[EZD] [ 2272.881126][ T25] audit: type=1326 audit(1625635378.568:55424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=21476 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2272.886327][T21477] loop0: p1 start 10 is beyond EOD, truncated [ 2272.908277][ T25] audit: type=1326 audit(1625635378.608:55425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=21476 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=61 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2272.913763][T21477] loop0: p2 size 1073742592 extends beyond EOD, truncated [ 2272.941164][ T25] audit: type=1326 audit(1625635378.608:55426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=21482 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2272.946467][T21477] loop0: p3 start 225 is beyond EOD, truncated [ 2272.970389][ T25] audit: type=1326 audit(1625635378.608:55427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=21482 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=278 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2272.975370][T21477] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2273.001074][ T25] audit: type=1326 audit(1625635378.608:55428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=21482 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 05:22:58 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{0x0}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2273.033867][ T25] audit: type=1326 audit(1625635378.608:55429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=21482 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=101 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2273.033991][T21504] loop3: detected capacity change from 0 to 2216 05:22:58 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x0) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:22:58 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000070000002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2273.093439][T21477] loop0: detected capacity change from 0 to 1 05:22:59 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000080000002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2273.159644][T21477] loop0: p1 p2 p3 p4[EZD] [ 2273.164243][T21477] loop0: p1 start 10 is beyond EOD, truncated [ 2273.170387][T21477] loop0: p2 size 1073742592 extends beyond EOD, truncated [ 2273.178140][T21477] loop0: p3 start 225 is beyond EOD, truncated [ 2273.184307][T21477] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2273.195340][T21523] loop3: detected capacity change from 0 to 2216 05:22:59 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800000000000000014000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2273.273746][T21529] loop3: detected capacity change from 0 to 2216 [ 2273.305936][T21535] loop0: detected capacity change from 0 to 1 [ 2273.348026][T21535] loop0: p1 p2 p3 p4[EZD] [ 2273.353089][T21535] loop0: p1 start 10 is beyond EOD, truncated [ 2273.359325][T21535] loop0: p2 size 1073807360 extends beyond EOD, truncated [ 2273.366845][T21535] loop0: p3 start 225 is beyond EOD, truncated [ 2273.373037][T21535] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:23:01 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:01 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000090000002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:23:01 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000802000000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:23:01 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0), 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2275.741283][T21550] loop3: detected capacity change from 0 to 2216 [ 2275.760989][T21556] loop0: detected capacity change from 0 to 1 05:23:01 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0), 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:01 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000000a0000002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2275.810539][T21556] loop0: p1 p2 p3 p4[EZD] [ 2275.818482][T21556] loop0: p1 start 10 is beyond EOD, truncated [ 2275.824592][T21556] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2275.833950][T21556] loop0: p3 start 225 is beyond EOD, truncated [ 2275.840153][T21556] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:23:01 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000000b0000002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2275.865085][T21575] loop3: detected capacity change from 0 to 2216 [ 2275.911651][T21566] loop0: detected capacity change from 0 to 1 [ 2275.935519][T21588] loop3: detected capacity change from 0 to 2216 [ 2275.952247][T21566] loop0: p1 p2 p3 p4[EZD] [ 2275.956778][T21566] loop0: p1 start 10 is beyond EOD, truncated [ 2275.962859][T21566] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2275.965922][T21566] loop0: p3 start 225 is beyond EOD, truncated [ 2275.976207][T21566] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:23:01 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:01 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x0) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:01 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000000c0000002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:23:01 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000803000000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2276.147221][T21612] loop3: detected capacity change from 0 to 2216 [ 2276.162236][T21611] loop0: detected capacity change from 0 to 1 05:23:02 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000000d0000002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2276.188474][T21611] loop0: p1 p2 p3 p4[EZD] [ 2276.194084][T21611] loop0: p1 start 10 is beyond EOD, truncated [ 2276.200223][T21611] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2276.208029][T21611] loop0: p3 start 225 is beyond EOD, truncated [ 2276.214217][T21611] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2276.228223][T21618] loop3: detected capacity change from 0 to 2216 [ 2276.285559][T21624] loop0: detected capacity change from 0 to 16400 05:23:04 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:04 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000000e0000002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:23:04 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000804000000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2278.766239][T21637] loop3: detected capacity change from 0 to 2216 [ 2278.779311][ T25] kauditd_printk_skb: 219 callbacks suppressed [ 2278.779324][ T25] audit: type=1326 audit(1625635384.628:55649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=21641 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 05:23:04 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0), 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:04 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2278.811936][T21642] loop0: detected capacity change from 0 to 1 05:23:04 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000000f0000002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2278.849972][ T25] audit: type=1326 audit(1625635384.678:55650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=21641 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=56 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2278.874753][ T25] audit: type=1326 audit(1625635384.678:55651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=21641 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2278.900696][T21642] loop0: p1 p2 p3 p4[EZD] [ 2278.905381][T21642] loop0: p1 start 10 is beyond EOD, truncated [ 2278.909250][ T25] audit: type=1326 audit(1625635384.678:55652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=21641 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=186 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2278.911503][T21642] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2278.941973][ T25] audit: type=1326 audit(1625635384.678:55653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=21641 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2278.967472][T21642] loop0: p3 start 225 is beyond EOD, truncated [ 2278.973680][T21642] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:23:04 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2278.995102][ T25] audit: type=1326 audit(1625635384.678:55654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=21641 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=61 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2279.020393][T21667] loop3: detected capacity change from 0 to 2216 [ 2279.041108][ T25] audit: type=1326 audit(1625635384.678:55655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=21646 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2279.068732][ T25] audit: type=1326 audit(1625635384.678:55656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=21646 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=278 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2279.106115][ T25] audit: type=1326 audit(1625635384.678:55657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=21646 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 05:23:05 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:05 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x0, 0x0}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:05 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000100000002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:23:05 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:05 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000805000000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:23:05 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x0) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2279.139168][ T25] audit: type=1326 audit(1625635384.678:55658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=21646 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=311 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2279.172556][T21683] loop0: detected capacity change from 0 to 1 [ 2279.198797][T21695] loop3: detected capacity change from 0 to 2216 [ 2279.228080][T21683] loop0: p1 p2 p3 p4[EZD] [ 2279.232569][T21683] loop0: p1 start 10 is beyond EOD, truncated [ 2279.238667][T21683] loop0: p2 size 1073872896 extends beyond EOD, truncated 05:23:05 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000110000002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2279.249355][T21683] loop0: p3 start 225 is beyond EOD, truncated [ 2279.255522][T21683] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:23:05 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000120000002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2279.298430][T21705] loop0: detected capacity change from 0 to 16400 [ 2279.327036][T21713] loop3: detected capacity change from 0 to 2216 05:23:05 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000806000000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:23:05 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000130000002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2279.412018][T21722] loop3: detected capacity change from 0 to 2216 [ 2279.482510][T21729] loop0: detected capacity change from 0 to 1 [ 2279.489523][T21726] loop3: detected capacity change from 0 to 2216 05:23:05 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000140000002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2279.530571][T21729] loop0: p1 p2 p3 p4[EZD] [ 2279.535521][T21729] loop0: p1 start 10 is beyond EOD, truncated [ 2279.541721][T21729] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2279.550754][T21729] loop0: p3 start 225 is beyond EOD, truncated [ 2279.557030][T21729] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:23:05 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000807000000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2279.589429][T21741] loop3: detected capacity change from 0 to 2216 [ 2279.657884][T21750] loop0: detected capacity change from 0 to 1 [ 2279.678135][T21750] loop0: p1 p2 p3 p4[EZD] [ 2279.682701][T21750] loop0: p1 start 10 is beyond EOD, truncated [ 2279.688794][T21750] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2279.696876][T21750] loop0: p3 start 225 is beyond EOD, truncated [ 2279.703122][T21750] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2279.750404][T21758] loop0: detected capacity change from 0 to 1 [ 2279.808407][T21758] loop0: p1 p2 p3 p4[EZD] [ 2279.813194][T21758] loop0: p1 start 10 is beyond EOD, truncated [ 2279.819280][T21758] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2279.827449][T21758] loop0: p3 start 225 is beyond EOD, truncated [ 2279.833618][T21758] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:23:08 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:08 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000150000002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:23:08 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000808000000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:23:08 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x0, 0x0}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:08 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:08 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:08 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000160000002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2282.208243][T21777] loop3: detected capacity change from 0 to 2216 [ 2282.233502][T21783] loop0: detected capacity change from 0 to 1 05:23:08 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000170000002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2282.279922][T21783] loop0: p1 p2 p3 p4[EZD] [ 2282.284706][T21783] loop0: p1 start 10 is beyond EOD, truncated [ 2282.290819][T21783] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2282.298459][T21783] loop0: p3 start 225 is beyond EOD, truncated [ 2282.304662][T21783] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2282.316707][T21800] loop3: detected capacity change from 0 to 2216 05:23:08 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000809000000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2282.351839][T21804] loop0: detected capacity change from 0 to 16400 [ 2282.391884][T21809] loop3: detected capacity change from 0 to 2216 05:23:08 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000180000002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:23:08 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000190000002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2282.500487][T21819] loop3: detected capacity change from 0 to 2216 [ 2282.501580][T21820] loop0: detected capacity change from 0 to 1 05:23:08 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000001a0000002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2282.548763][T21820] loop0: p1 p2 p3 p4[EZD] [ 2282.553424][T21820] loop0: p1 start 10 is beyond EOD, truncated [ 2282.559614][T21820] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2282.568467][T21820] loop0: p3 start 225 is beyond EOD, truncated [ 2282.574631][T21820] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2282.584733][T21830] loop3: detected capacity change from 0 to 2216 [ 2282.628401][T21833] loop0: detected capacity change from 0 to 16400 [ 2282.655035][T21841] loop3: detected capacity change from 0 to 2216 05:23:11 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f", 0x1}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:11 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac00000000006300080a000000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:23:11 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000001b0000002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:23:11 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x0, 0x0}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:11 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:11 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2285.238636][T21856] loop3: detected capacity change from 0 to 2216 [ 2285.241645][T21854] loop0: detected capacity change from 0 to 1 [ 2285.258225][ T25] kauditd_printk_skb: 239 callbacks suppressed [ 2285.258236][ T25] audit: type=1326 audit(1625635391.108:55898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=21855 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2285.296517][ T25] audit: type=1326 audit(1625635391.108:55899): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=21861 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2285.303291][T21854] loop0: p1 p2 p3 p4[EZD] [ 2285.322660][ T25] audit: type=1326 audit(1625635391.108:55900): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=21861 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=56 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2285.350557][ T25] audit: type=1326 audit(1625635391.108:55901): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=21861 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2285.360943][T21854] loop0: p1 start 10 is beyond EOD, truncated 05:23:11 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000001c0000002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2285.377340][ T25] audit: type=1326 audit(1625635391.108:55902): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=21861 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2285.380879][T21854] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2285.405918][ T25] audit: type=1326 audit(1625635391.108:55903): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=21861 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=186 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2285.415000][T21854] loop0: p3 start 225 is beyond EOD, truncated [ 2285.442853][T21854] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2285.445741][ T25] audit: type=1326 audit(1625635391.108:55904): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=21861 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2285.474764][ T25] audit: type=1326 audit(1625635391.108:55905): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=21861 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2285.499586][ T25] audit: type=1326 audit(1625635391.108:55906): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=21861 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=61 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2285.507943][T21854] __loop_clr_fd: partition scan of loop0 failed (rc=-16) [ 2285.524958][T21879] loop3: detected capacity change from 0 to 2216 05:23:11 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000001d0000002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2285.558776][ T25] audit: type=1326 audit(1625635391.108:55907): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=21866 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2285.576606][T21873] loop0: detected capacity change from 0 to 1 05:23:11 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000001e0000002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2285.615249][T21893] loop3: detected capacity change from 0 to 2216 [ 2285.622992][T21873] loop0: p1 p2 p3 p4[EZD] [ 2285.628995][T21873] loop0: p1 start 10 is beyond EOD, truncated [ 2285.635121][T21873] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2285.643388][T21873] loop0: p3 start 225 is beyond EOD, truncated [ 2285.649575][T21873] loop0: p4 size 3657465856 extends beyond EOD, [ 2285.655909][T21873] truncated 05:23:11 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac00000000006300080b000000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:23:11 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000210000002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2285.706714][T21907] loop3: detected capacity change from 0 to 2216 05:23:11 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000220000002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2285.775081][T21912] loop3: detected capacity change from 0 to 2216 [ 2285.795967][T21919] loop0: detected capacity change from 0 to 1 [ 2285.845368][T21924] loop3: detected capacity change from 0 to 2216 [ 2285.851117][T21919] loop0: p1 p2 p3 p4[EZD] [ 2285.858804][T21919] loop0: p1 start 10 is beyond EOD, truncated [ 2285.864905][T21919] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2285.873611][T21919] loop0: p3 start 225 is beyond EOD, truncated [ 2285.879804][T21919] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2285.920191][T21919] __loop_clr_fd: partition scan of loop0 failed (rc=-16) [ 2285.944430][T21934] loop0: detected capacity change from 0 to 1 [ 2285.978186][T21934] loop_reread_partitions: partition scan of loop0 () failed (rc=-16) 05:23:14 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f", 0x1}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:14 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000230000002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:23:14 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac00000000006300080c000000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:23:14 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x0, &(0x7f0000000140)}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:14 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:14 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:14 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2288.255788][T21947] loop0: detected capacity change from 0 to 1 [ 2288.285633][T21957] loop3: detected capacity change from 0 to 2216 05:23:14 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000240000002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:23:14 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2288.324380][T21947] loop0: p1 p2 p3 p4[EZD] [ 2288.329177][T21947] loop0: p1 start 10 is beyond EOD, truncated [ 2288.335254][T21947] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2288.360026][T21947] loop0: p3 start 225 is beyond EOD, truncated [ 2288.366211][T21947] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:23:14 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(0x0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, 0x0, 0x0, 0x0) 05:23:14 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(0x0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, 0x0, 0x0, 0x0) [ 2288.376957][T21973] loop3: detected capacity change from 0 to 2216 05:23:14 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000250000002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2288.440415][T21966] loop0: detected capacity change from 0 to 1 [ 2288.475823][T21996] loop3: detected capacity change from 0 to 2216 [ 2288.486283][T21966] loop0: p1 p2 p3 p4[EZD] [ 2288.491684][T21966] loop0: p1 start 10 is beyond EOD, truncated [ 2288.497802][T21966] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2288.513886][T21966] loop0: p3 start 225 is beyond EOD, truncated [ 2288.520069][T21966] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:23:17 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f", 0x1}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:17 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(0x0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, 0x0, 0x0, 0x0) 05:23:17 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000260000002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2291.264593][ T25] kauditd_printk_skb: 221 callbacks suppressed [ 2291.264605][ T25] audit: type=1326 audit(1625635397.108:56129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=22011 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2291.270035][T22014] loop3: detected capacity change from 0 to 2216 [ 2291.271724][ T25] audit: type=1326 audit(1625635397.118:56130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=22011 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=56 compat=0 ip=0x4665d9 code=0x7ffc0000 05:23:17 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x0, &(0x7f0000000140)}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:17 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac00000000006300080d000000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:23:17 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0), 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:17 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000270000002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:23:17 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2291.350523][ T25] audit: type=1326 audit(1625635397.118:56131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=22011 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2291.389282][ T25] audit: type=1326 audit(1625635397.118:56132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=22011 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=186 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2291.415191][T22027] loop0: detected capacity change from 0 to 1 [ 2291.424557][T22036] loop3: detected capacity change from 0 to 2216 [ 2291.435014][ T25] audit: type=1326 audit(1625635397.118:56133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=22011 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2291.459428][ T25] audit: type=1326 audit(1625635397.158:56134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=22011 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=61 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2291.485205][ T25] audit: type=1326 audit(1625635397.158:56135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=22016 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2291.509968][T22027] loop0: p1 p2 p3 p4[EZD] 05:23:17 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000280000002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2291.514606][T22027] loop0: p1 start 10 is beyond EOD, truncated [ 2291.519606][ T25] audit: type=1326 audit(1625635397.158:56136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=22016 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2291.520710][T22027] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2291.529504][T22027] loop0: p3 start 225 is beyond EOD, 05:23:17 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0), 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2291.545682][ T25] audit: type=1326 audit(1625635397.178:56137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=22016 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=278 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2291.552149][T22027] truncated [ 2291.552156][T22027] loop0: p4 size 3657465856 extends beyond EOD, [ 2291.558698][ T25] audit: type=1326 audit(1625635397.178:56138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=22016 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2291.581651][T22027] truncated 05:23:17 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x0, &(0x7f0000000140)}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:17 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2291.641966][T22058] loop3: detected capacity change from 0 to 2216 05:23:20 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0xffffffffffffffff, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:20 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac00000000006300080e000000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:23:20 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000290000002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:23:20 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:20 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0xffffffffffffffff, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:20 executing program 4: clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:20 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000002a0000002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:23:20 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0xffffffffffffffff, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2294.285579][T22078] loop3: detected capacity change from 0 to 2216 [ 2294.285979][T22081] loop0: detected capacity change from 0 to 1 05:23:20 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2294.348598][T22081] loop0: p1 p2 p3 p4[EZD] [ 2294.353244][T22081] loop0: p1 start 10 is beyond EOD, truncated [ 2294.359352][T22081] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2294.368771][T22081] loop0: p3 start 225 is beyond EOD, truncated [ 2294.374983][T22081] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2294.388255][T22095] loop3: detected capacity change from 0 to 2216 05:23:20 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:20 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:20 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0), 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:20 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac00000000006300080f000000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:23:20 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000002b0000002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:23:20 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:20 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:20 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x0, 0x0}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2294.696484][T22131] loop0: detected capacity change from 0 to 1 [ 2294.705894][T22134] loop3: detected capacity change from 0 to 2216 [ 2294.757439][T22131] loop0: p1 p2 p3 p4[EZD] [ 2294.762731][T22131] loop0: p1 start 10 is beyond EOD, truncated [ 2294.768855][T22131] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2294.778670][T22131] loop0: p3 start 225 is beyond EOD, truncated [ 2294.784846][T22131] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:23:23 executing program 4: clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:23 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000002c0000002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:23:23 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000810000000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:23:23 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000002d0000002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2297.348962][T22173] loop3: detected capacity change from 0 to 2216 [ 2297.350496][T22174] loop0: detected capacity change from 0 to 1 05:23:23 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000002e0000002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2297.408120][T22174] loop0: p1 p2 p3 p4[EZD] [ 2297.412755][T22174] loop0: p1 start 10 is beyond EOD, truncated [ 2297.418876][T22174] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2297.427637][T22174] loop0: p3 start 225 is beyond EOD, truncated [ 2297.433846][T22174] loop0: p4 size 3657465856 extends beyond EOD, [ 2297.433853][T22184] loop3: detected capacity change from 0 to 2216 [ 2297.440187][T22174] truncated [ 2297.513287][T22196] loop0: detected capacity change from 0 to 16400 [ 2297.519993][T22192] loop3: detected capacity change from 0 to 2216 05:23:23 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:23 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000002f0000002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:23:23 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000811000000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2297.700101][T22206] loop3: detected capacity change from 0 to 2216 [ 2297.719362][T22210] loop0: detected capacity change from 0 to 1 [ 2297.739533][ T25] kauditd_printk_skb: 338 callbacks suppressed 05:23:23 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:23 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000fe0000002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2297.739545][ T25] audit: type=1326 audit(1625635403.588:56477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=22209 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2297.775060][ T25] audit: type=1326 audit(1625635403.588:56478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=22209 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 05:23:23 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x0, 0x0}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2297.800510][ T25] audit: type=1326 audit(1625635403.588:56479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=22209 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=56 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2297.825694][T22210] loop0: p1 p2 p3 p4[EZD] [ 2297.826281][ T25] audit: type=1326 audit(1625635403.588:56480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=22209 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2297.831575][T22210] loop0: p1 start 10 is beyond EOD, truncated [ 2297.855722][ T25] audit: type=1326 audit(1625635403.588:56481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=22209 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2297.860366][T22210] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2297.886063][ T25] audit: type=1326 audit(1625635403.588:56482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=22209 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=186 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2297.897650][T22210] loop0: p3 start 225 is beyond EOD, truncated [ 2297.922069][T22210] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2297.932840][ T25] audit: type=1326 audit(1625635403.588:56483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=22209 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2297.940305][T22229] loop3: detected capacity change from 0 to 2216 [ 2297.958374][ T25] audit: type=1326 audit(1625635403.588:56484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=22209 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 05:23:23 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000d30100002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2297.988688][ T25] audit: type=1326 audit(1625635403.588:56485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=22209 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=61 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2298.013339][ T25] audit: type=1326 audit(1625635403.618:56486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=22217 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2298.079303][T22219] loop0: detected capacity change from 0 to 1 [ 2298.105554][T22247] loop3: detected capacity change from 0 to 2216 [ 2298.114834][T22219] loop0: p1 p2 p3 p4[EZD] [ 2298.120364][T22219] loop0: p1 start 10 is beyond EOD, truncated [ 2298.126461][T22219] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2298.137133][T22219] loop0: p3 start 225 is beyond EOD, truncated [ 2298.143402][T22219] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2298.201320][ T1037] loop0: p1 p2 p3 p4[EZD] [ 2298.206154][ T1037] loop0: p1 start 10 is beyond EOD, truncated [ 2298.212363][ T1037] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2298.219996][ T1037] loop0: p3 start 225 is beyond EOD, truncated [ 2298.226368][ T1037] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:23:26 executing program 4: clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:26 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000e80100002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:23:26 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000812000000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:23:26 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000e90100002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2300.357285][T22265] loop3: detected capacity change from 0 to 2216 [ 2300.379793][T22266] loop0: detected capacity change from 0 to 1 05:23:26 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000040200002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2300.443402][T22266] loop0: p1 p2 p3 p4[EZD] [ 2300.447302][T22278] loop3: detected capacity change from 0 to 2216 [ 2300.449985][T22266] loop0: p1 start 10 is beyond EOD, truncated [ 2300.460289][T22266] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2300.469599][T22266] loop0: p3 start 225 is beyond EOD, truncated [ 2300.475790][T22266] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2300.518391][T22286] loop3: detected capacity change from 0 to 2216 [ 2300.524779][T22284] loop0: detected capacity change from 0 to 16400 05:23:26 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:26 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000160200002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:23:26 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000813000000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2300.727068][T22302] loop3: detected capacity change from 0 to 2216 [ 2300.742603][T22306] loop0: detected capacity change from 0 to 1 05:23:26 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:26 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:26 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x0, 0x0}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:26 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000170200002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2300.777963][T22306] loop0: p1 p2 p3 p4[EZD] [ 2300.784045][T22306] loop0: p1 start 10 is beyond EOD, truncated [ 2300.790191][T22306] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2300.804071][T22306] loop0: p3 start 225 is beyond EOD, truncated [ 2300.810298][T22306] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2300.842902][T22319] loop0: detected capacity change from 0 to 1 [ 2300.849362][T22331] loop3: detected capacity change from 0 to 2216 [ 2300.888260][T22319] loop0: p1 p2 p3 p4[EZD] [ 2300.892890][T22319] loop0: p1 start 10 is beyond EOD, truncated [ 2300.898977][T22319] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2300.911847][T22319] loop0: p3 start 225 is beyond EOD, truncated [ 2300.918066][T22319] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2300.929421][ T1037] loop0: p1 p2 p3 p4[EZD] [ 2300.933914][ T1037] loop0: p1 start 10 is beyond EOD, truncated [ 2300.940005][ T1037] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2300.947786][ T1037] loop0: p3 start 225 is beyond EOD, truncated [ 2300.953943][ T1037] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:23:29 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:29 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000002c0200002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:23:29 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000824000000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:23:29 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000300002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2303.385744][T22358] loop0: detected capacity change from 0 to 1 [ 2303.388023][T22359] loop3: detected capacity change from 0 to 2216 [ 2303.428044][T22358] loop0: p1 p2 p3 p4[EZD] [ 2303.432659][T22358] loop0: p1 start 10 is beyond EOD, truncated [ 2303.438767][T22358] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2303.446884][T22358] loop0: p3 start 225 is beyond EOD, truncated [ 2303.453069][T22358] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2303.475202][T22370] loop3: detected capacity change from 0 to 2216 05:23:29 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000020400002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2303.499476][T22368] loop0: detected capacity change from 0 to 16400 05:23:29 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000825000000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:23:29 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000060400002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2303.555294][T22379] loop3: detected capacity change from 0 to 2216 05:23:29 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000500002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2303.636318][T22388] loop3: detected capacity change from 0 to 2216 [ 2303.681500][T22393] loop0: detected capacity change from 0 to 1 [ 2303.695835][T22397] loop3: detected capacity change from 0 to 2216 05:23:29 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}], 0x2, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:29 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000600002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2303.731177][T22393] loop0: p1 p2 p3 p4[EZD] [ 2303.736375][T22393] loop0: p1 start 10 is beyond EOD, truncated [ 2303.742530][T22393] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2303.750904][T22393] loop0: p3 start 225 is beyond EOD, truncated [ 2303.757067][T22393] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2303.806074][ T25] kauditd_printk_skb: 158 callbacks suppressed [ 2303.806087][ T25] audit: type=1326 audit(1625635409.648:56645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=22407 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2303.807239][T22410] loop3: detected capacity change from 0 to 2216 05:23:29 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x0, &(0x7f0000000140)}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:29 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2303.814431][ T25] audit: type=1326 audit(1625635409.658:56646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=22407 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=56 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2303.894082][T22419] loop0: detected capacity change from 0 to 16400 [ 2303.912583][ T25] audit: type=1326 audit(1625635409.658:56647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=22407 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2303.939040][ T25] audit: type=1326 audit(1625635409.658:56648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=22407 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=186 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2303.981053][ T25] audit: type=1326 audit(1625635409.658:56649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=22407 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2304.009766][ T25] audit: type=1326 audit(1625635409.688:56650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=22411 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=231 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2304.036221][ T25] audit: type=1326 audit(1625635409.718:56651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=22407 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=61 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2304.061114][ T25] audit: type=1326 audit(1625635409.718:56652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=22407 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2304.085567][ T25] audit: type=1326 audit(1625635409.718:56653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=22407 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2304.114085][ T25] audit: type=1326 audit(1625635409.738:56654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=22407 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=278 compat=0 ip=0x4665d9 code=0x7ffc0000 05:23:32 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}], 0x2, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:32 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:32 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000826000000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:23:32 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:32 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000040600002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2306.403605][T22442] loop0: detected capacity change from 0 to 1 [ 2306.410565][T22445] loop3: detected capacity change from 0 to 2216 05:23:32 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000700002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2306.449531][T22442] loop0: p1 p2 p3 p4[EZD] [ 2306.454431][T22442] loop0: p1 start 10 is beyond EOD, truncated [ 2306.460541][T22442] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2306.468180][T22442] loop0: p3 start 225 is beyond EOD, truncated [ 2306.474349][T22442] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:23:32 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000fc0700002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:23:32 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac00000000006300082e000000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2306.495906][T22463] loop3: detected capacity change from 0 to 2216 [ 2306.518929][T22460] loop0: detected capacity change from 0 to 16400 [ 2306.587168][T22476] loop3: detected capacity change from 0 to 2216 05:23:32 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000900002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2306.634893][T22482] loop0: detected capacity change from 0 to 1 05:23:32 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000a00002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2306.680966][T22482] loop0: p1 p2 p3 p4[EZD] [ 2306.681972][T22486] loop3: detected capacity change from 0 to 2216 [ 2306.686355][T22482] loop0: p1 start 10 is beyond EOD, truncated [ 2306.697936][T22482] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2306.712192][T22482] loop0: p3 start 225 is beyond EOD, truncated [ 2306.718431][T22482] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2306.780395][T22482] loop0: detected capacity change from 0 to 1 [ 2306.781292][T22502] loop3: detected capacity change from 0 to 2216 [ 2306.818575][T22482] loop0: p1 p2 p3 p4[EZD] 05:23:32 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x0, &(0x7f0000000140)}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:32 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000b00002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2306.825049][T22482] loop0: p1 start 10 is beyond EOD, truncated [ 2306.831214][T22482] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2306.839295][T22482] loop0: p3 start 225 is beyond EOD, truncated [ 2306.845465][T22482] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2306.906392][T22518] loop3: detected capacity change from 0 to 2216 [ 2306.970853][ T1037] loop0: p1 p2 p3 p4[EZD] [ 2306.975504][ T1037] loop0: p1 start 10 is beyond EOD, truncated [ 2306.981653][ T1037] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2306.989478][ T1037] loop0: p3 start 225 is beyond EOD, truncated [ 2306.995636][ T1037] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:23:35 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}], 0x2, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:35 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000848000000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:23:35 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xffffffffffffffff, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:35 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:35 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000c00002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2309.428127][ T25] kauditd_printk_skb: 113 callbacks suppressed [ 2309.428142][ T25] audit: type=1326 audit(1625635415.278:56768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=22533 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2309.459929][T22540] loop0: detected capacity change from 0 to 1 [ 2309.461213][T22541] loop3: detected capacity change from 0 to 2216 [ 2309.476345][ T25] audit: type=1326 audit(1625635415.308:56769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=22533 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=56 compat=0 ip=0x4665d9 code=0x7ffc0000 05:23:35 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000d00002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2309.504239][ T25] audit: type=1326 audit(1625635415.308:56770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=22533 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2309.529555][ T25] audit: type=1326 audit(1625635415.308:56771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=22533 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=186 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2309.543326][T22540] loop0: p1 p2 p3 p4[EZD] [ 2309.554702][ T25] audit: type=1326 audit(1625635415.308:56772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=22533 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2309.558825][T22540] loop0: p1 start 10 is beyond EOD, truncated [ 2309.583879][ T25] audit: type=1326 audit(1625635415.308:56773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=22533 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=61 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2309.588543][T22540] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2309.591040][T22540] loop0: p3 start 225 is beyond EOD, [ 2309.612709][ T25] audit: type=1326 audit(1625635415.308:56774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=22544 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2309.619805][T22540] truncated [ 2309.619811][T22540] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2309.660799][ T25] audit: type=1326 audit(1625635415.308:56775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=22544 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2309.663434][T22563] loop3: detected capacity change from 0 to 2216 [ 2309.686688][ T25] audit: type=1326 audit(1625635415.318:56776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=22535 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 05:23:35 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000e00002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2309.716280][ T25] audit: type=1326 audit(1625635415.318:56777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=22535 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=56 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2309.754879][T22552] loop0: detected capacity change from 0 to 1 [ 2309.795274][T22575] loop3: detected capacity change from 0 to 2216 [ 2309.809190][T22552] loop0: p1 p2 p3 p4[EZD] [ 2309.813947][T22552] loop0: p1 start 10 is beyond EOD, truncated [ 2309.820047][T22552] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2309.838311][T22552] loop0: p3 start 225 is beyond EOD, truncated 05:23:35 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000f00002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2309.844495][T22552] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:23:35 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x0, &(0x7f0000000140)}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:35 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac00000000006300084c000000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2309.887937][T22587] loop3: detected capacity change from 0 to 2216 05:23:35 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:35 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000201000002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2309.985409][T22603] loop0: detected capacity change from 0 to 1 [ 2310.007067][T22608] loop3: detected capacity change from 0 to 2216 [ 2310.018367][T22603] loop0: p1 p2 p3 p4[EZD] [ 2310.022894][T22603] loop0: p1 start 10 is beyond EOD, truncated [ 2310.028985][T22603] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2310.037967][T22603] loop0: p3 start 225 is beyond EOD, truncated [ 2310.044195][T22603] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2310.073645][T22619] loop0: detected capacity change from 0 to 16400 05:23:38 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {0x0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:38 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:38 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:38 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000001100002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:23:38 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000860000000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:23:38 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xffffffffffffffff, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2312.475617][T22639] loop0: detected capacity change from 0 to 1 [ 2312.477097][T22640] loop3: detected capacity change from 0 to 2216 [ 2312.503328][T22639] loop0: p1 p2 p3 p4[EZD] [ 2312.510300][T22639] loop0: p1 start 10 is beyond EOD, truncated [ 2312.516392][T22639] loop0: p2 size 1073872896 extends beyond EOD, truncated 05:23:38 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000001200002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2312.524708][T22639] loop0: p3 start 225 is beyond EOD, truncated [ 2312.530904][T22639] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2312.560494][T22656] loop3: detected capacity change from 0 to 2216 05:23:38 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000001300002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:23:38 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000868000000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2312.578711][T22651] loop0: detected capacity change from 0 to 16400 05:23:38 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000001400002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2312.655492][T22666] loop3: detected capacity change from 0 to 2216 [ 2312.717307][T22672] loop0: detected capacity change from 0 to 1 [ 2312.732149][T22676] loop3: detected capacity change from 0 to 2216 [ 2312.748863][T22672] loop0: p1 p2 p3 p4[EZD] [ 2312.753599][T22672] loop0: p1 start 10 is beyond EOD, truncated [ 2312.759769][T22672] loop0: p2 size 1073872896 extends beyond EOD, truncated 05:23:38 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000001500002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2312.769001][T22672] loop0: p3 start 225 is beyond EOD, truncated [ 2312.775187][T22672] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2312.798007][ T1037] loop0: p1 p2 p3 p4[EZD] [ 2312.802776][ T1037] loop0: p1 start 10 is beyond EOD, truncated [ 2312.808901][ T1037] loop0: p2 size 1073872896 extends beyond EOD, truncated 05:23:38 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000001600002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2312.816839][ T1037] loop0: p3 start 225 is beyond EOD, truncated [ 2312.823024][ T1037] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2312.838245][T22684] loop3: detected capacity change from 0 to 2216 [ 2312.916863][T22700] loop3: detected capacity change from 0 to 2216 05:23:41 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {0x0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:41 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:41 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac00000000006300086c000000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:23:41 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000021600002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:23:41 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:41 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xffffffffffffffff, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2315.450640][ T25] kauditd_printk_skb: 147 callbacks suppressed [ 2315.450654][ T25] audit: type=1326 audit(1625635421.298:56925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=22706 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2315.513425][T22722] loop3: detected capacity change from 0 to 2216 [ 2315.520362][T22720] loop0: detected capacity change from 0 to 1 [ 2315.530889][ T25] audit: type=1326 audit(1625635421.298:56926): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=22706 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 05:23:41 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000001700002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2315.560190][ T25] audit: type=1326 audit(1625635421.298:56927): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=22706 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=56 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2315.588760][ T25] audit: type=1326 audit(1625635421.298:56928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=22706 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2315.616352][T22720] loop0: p1 p2 p3 p4[EZD] [ 2315.621212][T22720] loop0: p1 start 10 is beyond EOD, truncated [ 2315.627295][T22720] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2315.634892][ T25] audit: type=1326 audit(1625635421.298:56929): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=22706 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2315.644293][T22720] loop0: p3 start 225 is beyond EOD, truncated [ 2315.665411][T22720] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2315.665995][T22736] loop3: detected capacity change from 0 to 2216 [ 2315.686098][ T25] audit: type=1326 audit(1625635421.298:56930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=22706 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=186 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2315.711022][ T25] audit: type=1326 audit(1625635421.298:56931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=22706 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 05:23:41 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000021700002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2315.746799][ T25] audit: type=1326 audit(1625635421.298:56932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=22706 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2315.771309][ T25] audit: type=1326 audit(1625635421.298:56933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=22706 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=61 compat=0 ip=0x4665d9 code=0x7ffc0000 05:23:41 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000001800002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2315.798650][ T25] audit: type=1326 audit(1625635421.298:56934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=22708 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2315.812264][T22748] loop3: detected capacity change from 0 to 2216 [ 2315.836521][T22752] loop0: detected capacity change from 0 to 1 05:23:41 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000874000000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:23:41 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000001900002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2315.913046][T22752] loop0: p1 p2 p3 p4[EZD] [ 2315.913175][T22757] loop3: detected capacity change from 0 to 2216 [ 2315.917629][T22752] loop0: p1 start 10 is beyond EOD, truncated [ 2315.930005][T22752] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2315.941108][T22752] loop0: p3 start 225 is beyond EOD, truncated [ 2315.947309][T22752] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:23:41 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000001a00002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2316.027309][T22768] loop3: detected capacity change from 0 to 2216 [ 2316.066239][T22775] loop0: detected capacity change from 0 to 1 [ 2316.112441][T22775] loop0: p1 p2 p3 p4[EZD] [ 2316.119430][T22775] loop0: p1 start 10 is beyond EOD, truncated [ 2316.125537][T22775] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2316.128032][T22780] loop3: detected capacity change from 0 to 2216 [ 2316.133838][T22775] loop0: p3 start 225 is beyond EOD, truncated [ 2316.145225][T22775] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2316.207428][T22779] loop0: detected capacity change from 0 to 1 [ 2316.258262][T22779] loop0: p1 p2 p3 p4[EZD] [ 2316.263261][T22779] loop0: p1 start 10 is beyond EOD, truncated [ 2316.269376][T22779] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2316.276953][T22779] loop0: p3 start 225 is beyond EOD, truncated [ 2316.283137][T22779] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:23:44 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {0x0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:44 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac00000000006300087a000000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:23:44 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:44 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000001b00002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:23:44 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {&(0x7f0000000000)=""/3, 0x3}], 0x2, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:44 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:44 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x6, &(0x7f0000000140)="f47970da2fd5"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2318.518658][T22804] loop0: detected capacity change from 0 to 1 [ 2318.525028][T22808] loop3: detected capacity change from 0 to 2216 05:23:44 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000001c00002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2318.583572][T22804] loop0: p1 p2 p3 p4[EZD] [ 2318.588330][T22804] loop0: p1 start 10 is beyond EOD, truncated [ 2318.594419][T22804] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2318.602875][T22804] loop0: p3 start 225 is beyond EOD, truncated [ 2318.609122][T22804] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:23:44 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000001d00002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:23:44 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000890000000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2318.652304][T22834] loop3: detected capacity change from 0 to 2216 [ 2318.670783][T22836] loop0: detected capacity change from 0 to 16400 05:23:44 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000001e00002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2318.738442][T22842] loop3: detected capacity change from 0 to 2216 [ 2318.770833][T22849] loop0: detected capacity change from 0 to 1 05:23:44 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000001f00002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2318.808012][T22849] loop0: p1 p2 p3 p4[EZD] [ 2318.814081][T22849] loop0: p1 start 10 is beyond EOD, truncated [ 2318.820221][T22849] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2318.828945][T22849] loop0: p3 start 225 is beyond EOD, truncated [ 2318.834744][T22857] loop3: detected capacity change from 0 to 2216 [ 2318.835132][T22849] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2318.886052][T22865] loop0: detected capacity change from 0 to 1 05:23:44 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac0000000000630008c0000000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:23:44 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000002000002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2318.934364][T22865] loop0: p1 p2 p3 p4[EZD] [ 2318.939271][T22865] loop0: p1 start 10 is beyond EOD, truncated [ 2318.942934][T22870] loop3: detected capacity change from 0 to 2216 [ 2318.945383][T22865] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2318.960607][T22865] loop0: p3 start 225 is beyond EOD, truncated [ 2318.966788][T22865] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2319.011324][ T1037] loop0: p1 p2 p3 p4[EZD] [ 2319.016217][ T1037] loop0: p1 start 10 is beyond EOD, truncated [ 2319.022340][ T1037] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2319.034122][ T1037] loop0: p3 start 225 is beyond EOD, truncated [ 2319.036983][T22883] loop3: detected capacity change from 0 to 2216 [ 2319.040344][ T1037] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2319.101121][T22879] loop0: detected capacity change from 0 to 1 [ 2319.160211][T22879] loop0: p1 p2 p3 p4[EZD] [ 2319.164840][T22879] loop0: p1 start 10 is beyond EOD, truncated [ 2319.170933][T22879] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2319.179376][T22879] loop0: p3 start 225 is beyond EOD, truncated [ 2319.185534][T22879] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2319.252978][T22887] loop0: detected capacity change from 0 to 1 [ 2319.302191][T22887] loop0: p1 p2 p3 p4[EZD] [ 2319.308030][T22887] loop0: p1 start 10 is beyond EOD, truncated [ 2319.314307][T22887] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2319.322049][T22887] loop0: p3 start 225 is beyond EOD, truncated [ 2319.328256][T22887] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2319.408646][ T1037] loop0: p1 p2 p3 p4[EZD] [ 2319.413139][ T1037] loop0: p1 start 10 is beyond EOD, truncated [ 2319.419345][ T1037] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2319.426743][ T1037] loop0: p3 start 225 is beyond EOD, truncated [ 2319.432944][ T1037] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:23:47 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:47 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000102000002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:23:47 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac0000000000630008f4000000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:23:47 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:47 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {&(0x7f0000000000)=""/3, 0x3}], 0x2, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:47 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x6, &(0x7f0000000140)="f47970da2fd5"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:47 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000002100002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2321.547131][T22919] loop0: detected capacity change from 0 to 1 [ 2321.553745][T22920] loop3: detected capacity change from 0 to 2216 [ 2321.598507][ T25] kauditd_printk_skb: 156 callbacks suppressed [ 2321.598521][ T25] audit: type=1326 audit(1625635427.448:57091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=22929 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2321.603933][T22919] loop0: p1 p2 p3 p4[EZD] [ 2321.610668][ T25] audit: type=1326 audit(1625635427.448:57092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=22929 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=56 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2321.661927][T22919] loop0: p1 start 10 is beyond EOD, truncated [ 2321.668183][T22919] loop0: p2 size 1073872896 extends beyond EOD, truncated [ 2321.676282][T22919] loop0: p3 start 225 is beyond EOD, truncated [ 2321.682499][T22919] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:23:47 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2321.685334][ T25] audit: type=1326 audit(1625635427.448:57093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=22929 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2321.689731][T22942] loop3: detected capacity change from 0 to 2216 [ 2321.714707][ T25] audit: type=1326 audit(1625635427.478:57094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=22928 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2321.747689][ T25] audit: type=1326 audit(1625635427.478:57095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=22928 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2321.773663][ T25] audit: type=1326 audit(1625635427.508:57096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=22928 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=56 compat=0 ip=0x4665d9 code=0x7ffc0000 05:23:47 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000002200002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2321.798678][ T25] audit: type=1326 audit(1625635427.508:57097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=22928 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2321.834431][T22957] loop0: detected capacity change from 0 to 16400 [ 2321.839149][ T25] audit: type=1326 audit(1625635427.508:57098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=22929 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=186 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2321.865327][ T25] audit: type=1326 audit(1625635427.508:57099): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=22928 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 05:23:47 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, 0x0) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:47 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000002300002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:23:47 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac0000000000630008d6010000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2321.890489][ T25] audit: type=1326 audit(1625635427.508:57101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=22929 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2321.923730][T22963] loop3: detected capacity change from 0 to 2216 [ 2321.997895][T22972] loop3: detected capacity change from 0 to 2216 [ 2322.019962][T22977] loop0: detected capacity change from 0 to 1 [ 2322.048225][T22977] loop0: p1 p2 p3 p4[EZD] [ 2322.052869][T22977] loop0: p1 start 10 is beyond EOD, truncated [ 2322.058957][T22977] loop0: p2 start 1 is beyond EOD, truncated [ 2322.065001][T22977] loop0: p3 start 225 is beyond EOD, truncated [ 2322.071231][T22977] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2322.131672][T22981] loop0: detected capacity change from 0 to 1 [ 2322.181603][T22981] loop0: p1 p2 p3 p4[EZD] [ 2322.186234][T22981] loop0: p1 start 10 is beyond EOD, truncated [ 2322.192381][T22981] loop0: p2 start 1 is beyond EOD, truncated [ 2322.198445][T22981] loop0: p3 start 225 is beyond EOD, truncated [ 2322.204665][T22981] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:23:50 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:50 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000002400002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:23:50 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac0000000000630008fc010000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:23:50 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {&(0x7f0000000000)=""/3, 0x3}], 0x2, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2324.546823][T22994] loop3: detected capacity change from 0 to 2216 [ 2324.557195][T22995] loop0: detected capacity change from 0 to 1 05:23:50 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x6, &(0x7f0000000140)="f47970da2fd5"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:50 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000002500002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2324.588231][T22995] loop0: p1 p2 p3 p4[EZD] [ 2324.592727][T22995] loop0: p1 start 10 is beyond EOD, truncated [ 2324.598839][T22995] loop0: p2 start 1 is beyond EOD, truncated [ 2324.604821][T22995] loop0: p3 start 225 is beyond EOD, truncated [ 2324.610990][T22995] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:23:50 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000002600002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2324.683790][T23009] loop0: detected capacity change from 0 to 1 [ 2324.694687][T23021] loop3: detected capacity change from 0 to 2216 05:23:50 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000804020000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:23:50 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000002700002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2324.752663][T23025] loop3: detected capacity change from 0 to 2216 [ 2324.808148][T23028] loop0: detected capacity change from 0 to 1 [ 2324.856715][T23028] loop0: p1 p2 p3 p4[EZD] [ 2324.861435][T23028] loop0: p1 start 10 is beyond EOD, truncated [ 2324.867574][T23028] loop0: p2 start 2 is beyond EOD, truncated [ 2324.873578][T23028] loop0: p3 start 225 is beyond EOD, truncated [ 2324.879836][T23028] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:23:50 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, 0x0) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:50 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000002800002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:23:50 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, 0x0) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2324.968887][T23044] loop0: detected capacity change from 0 to 16400 [ 2324.980002][T23047] loop3: detected capacity change from 0 to 2216 05:23:53 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:53 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0xffffffffffffffff, r0, 0x0, 0x0) 05:23:53 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000002900002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:23:53 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {&(0x7f0000000000)=""/3, 0x3}], 0x2, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2327.568217][ T25] kauditd_printk_skb: 161 callbacks suppressed [ 2327.568230][ T25] audit: type=1326 audit(1625635433.418:57262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=23061 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2327.611304][T23063] loop3: detected capacity change from 0 to 2216 [ 2327.627615][ T25] audit: type=1326 audit(1625635433.438:57263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=23061 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 05:23:53 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xffffffffffffffff, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:53 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800030000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:23:53 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0xffffffffffffffff, r0, 0x0, 0x0) 05:23:53 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000002a00002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2327.664897][ T25] audit: type=1326 audit(1625635433.448:57264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=23061 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=56 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2327.703124][ T25] audit: type=1326 audit(1625635433.448:57265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=23061 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2327.736696][T23081] loop0: detected capacity change from 0 to 1 [ 2327.738297][ T25] audit: type=1326 audit(1625635433.448:57266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=23061 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2327.773066][ T25] audit: type=1326 audit(1625635433.448:57267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=23067 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=231 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2327.778458][T23092] loop3: detected capacity change from 0 to 2216 [ 2327.799591][ T25] audit: type=1326 audit(1625635433.448:57268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=23061 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=186 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2327.813904][T23081] loop0: p1 p2 p3 p4[EZD] [ 2327.830655][ T25] audit: type=1326 audit(1625635433.448:57269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=23061 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2327.857153][T23081] loop0: p1 start 10 is beyond EOD, truncated 05:23:53 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000002b00002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:23:53 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000002c00002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2327.857619][ T25] audit: type=1326 audit(1625635433.448:57270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=23061 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2327.863265][T23081] loop0: p2 start 3 is beyond EOD, truncated [ 2327.863282][T23081] loop0: p3 start 225 is beyond EOD, truncated [ 2327.863294][T23081] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2327.913635][ T25] audit: type=1326 audit(1625635433.448:57271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=23061 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=61 compat=0 ip=0x4665d9 code=0x7ffc0000 05:23:53 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xffffffffffffffff, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2327.957148][T23093] loop0: detected capacity change from 0 to 1 [ 2327.972169][T23106] loop3: detected capacity change from 0 to 2216 05:23:53 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000022c00002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2328.003200][T23093] loop0: p1 p2 p3 p4[EZD] [ 2328.016819][T23093] loop0: p1 start 10 is beyond EOD, truncated [ 2328.022943][T23093] loop0: p2 start 3 is beyond EOD, truncated [ 2328.028939][T23093] loop0: p3 start 225 is beyond EOD, truncated [ 2328.035114][T23093] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2328.098578][ T1037] loop0: p1 p2 p3 p4[EZD] [ 2328.103629][ T1037] loop0: p1 start 10 is beyond EOD, truncated [ 2328.109734][ T1037] loop0: p2 start 3 is beyond EOD, truncated [ 2328.115708][ T1037] loop0: p3 start 225 is beyond EOD, truncated [ 2328.121925][ T1037] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:23:56 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, &(0x7f0000000180)}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:56 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000002d00002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:23:56 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000884030000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:23:56 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {&(0x7f0000000000)=""/3, 0x3}], 0x2, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:56 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000002e00002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2330.595050][T23129] loop3: detected capacity change from 0 to 2216 [ 2330.596889][T23130] loop0: detected capacity change from 0 to 1 05:23:56 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0xffffffffffffffff, r0, 0x0, 0x0) 05:23:56 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000002f00002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2330.659319][T23130] loop0: p1 p2 p3 p4[EZD] [ 2330.664052][T23130] loop0: p1 start 10 is beyond EOD, truncated [ 2330.670246][T23130] loop0: p2 start 3 is beyond EOD, truncated [ 2330.674826][T23142] loop3: detected capacity change from 0 to 2216 [ 2330.676245][T23130] loop0: p3 start 225 is beyond EOD, truncated [ 2330.688791][T23130] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:23:56 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000003f00002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:23:56 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000802040000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2330.748280][T23147] loop0: detected capacity change from 0 to 16400 [ 2330.768750][T23157] loop3: detected capacity change from 0 to 2216 05:23:56 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000004000002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2330.834401][T23164] loop3: detected capacity change from 0 to 2216 [ 2330.900114][T23170] loop0: detected capacity change from 0 to 1 [ 2330.921769][T23174] loop3: detected capacity change from 0 to 2216 [ 2330.928401][T23170] loop0: p1 p2 p3 p4[EZD] [ 2330.933357][T23170] loop0: p1 start 10 is beyond EOD, truncated [ 2330.939461][T23170] loop0: p2 start 4 is beyond EOD, truncated 05:23:56 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xffffffffffffffff, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:56 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000001d300002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2330.945441][T23170] loop0: p3 start 225 is beyond EOD, truncated [ 2330.945459][T23170] loop0: p4 size 3657465856 extends beyond EOD, [ 2330.957982][T23170] truncated [ 2330.998389][T23179] loop0: detected capacity change from 0 to 1 [ 2331.012919][T23189] loop3: detected capacity change from 0 to 2216 [ 2331.050739][T23179] loop0: p1 p2 p3 p4[EZD] [ 2331.055210][T23179] loop0: p1 start 10 is beyond EOD, truncated [ 2331.061315][T23179] loop0: p2 start 4 is beyond EOD, truncated [ 2331.067300][T23179] loop0: p3 start 225 is beyond EOD, truncated [ 2331.073591][T23179] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:23:59 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, &(0x7f0000000180)}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:59 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000001e800002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:23:59 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000806040000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:23:59 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {&(0x7f0000000000)=""/3, 0x3}], 0x2, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:23:59 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000001e900002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2333.604260][T23203] loop3: detected capacity change from 0 to 2216 [ 2333.620459][T23206] loop0: detected capacity change from 0 to 1 [ 2333.656474][ T25] kauditd_printk_skb: 155 callbacks suppressed [ 2333.656486][ T25] audit: type=1326 audit(1625635439.498:57427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=23212 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 05:23:59 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, 0x0, 0x0, 0x0) 05:23:59 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(0x0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2333.687372][ T25] audit: type=1326 audit(1625635439.508:57428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=23212 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2333.715599][T23206] loop0: p1 p2 p3 p4[EZD] [ 2333.716511][T23220] loop3: detected capacity change from 0 to 2216 [ 2333.746768][T23206] loop0: p1 start 10 is beyond EOD, truncated 05:23:59 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000c0ed00002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2333.752988][T23206] loop0: p2 start 4 is beyond EOD, truncated [ 2333.758985][T23206] loop0: p3 start 225 is beyond EOD, truncated [ 2333.765176][T23206] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2333.787227][ T25] audit: type=1326 audit(1625635439.528:57429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=23212 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=56 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2333.823099][ T25] audit: type=1326 audit(1625635439.528:57430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=23212 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 05:23:59 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000880040000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2333.847935][ T25] audit: type=1326 audit(1625635439.528:57431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=23212 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2333.872763][ T25] audit: type=1326 audit(1625635439.558:57432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=23212 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=186 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2333.902755][T23235] loop3: detected capacity change from 0 to 2216 [ 2333.914556][ T25] audit: type=1326 audit(1625635439.558:57433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=23212 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2333.924362][T23246] loop0: detected capacity change from 0 to 1 [ 2333.946012][ T25] audit: type=1326 audit(1625635439.558:57434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=23212 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2333.974201][ T25] audit: type=1326 audit(1625635439.558:57435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=23215 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=231 compat=0 ip=0x4665d9 code=0x7ffc0000 05:23:59 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2334.008518][ T25] audit: type=1326 audit(1625635439.568:57436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=23212 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=61 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2334.038052][T23246] loop0: p1 p2 p3 p4[EZD] [ 2334.042836][T23246] loop0: p1 start 10 is beyond EOD, truncated [ 2334.049012][T23246] loop0: p2 start 4 is beyond EOD, truncated 05:23:59 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000007fc00002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2334.055010][T23246] loop0: p3 start 225 is beyond EOD, truncated [ 2334.061185][T23246] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:24:00 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac0000000000630008f5040000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2334.121190][T23261] loop3: detected capacity change from 0 to 2216 [ 2334.180828][T23271] loop0: detected capacity change from 0 to 1 [ 2334.220919][T23271] loop0: p1 p2 p3 p4[EZD] [ 2334.225498][T23271] loop0: p1 start 10 is beyond EOD, truncated [ 2334.231726][T23271] loop0: p2 start 4 is beyond EOD, truncated [ 2334.237768][T23271] loop0: p3 start 225 is beyond EOD, truncated [ 2334.244003][T23271] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2334.298502][T23277] loop0: detected capacity change from 0 to 16400 05:24:02 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, &(0x7f0000000180)}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:24:02 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000fffe00002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:24:02 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800050000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:24:02 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000000fff00002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2336.629858][T23285] loop0: detected capacity change from 0 to 1 [ 2336.638029][T23286] loop3: detected capacity change from 0 to 2216 [ 2336.679148][T23285] loop0: p1 p2 p3 p4[EZD] [ 2336.683726][T23285] loop0: p1 start 10 is beyond EOD, truncated [ 2336.689825][T23285] loop0: p2 start 5 is beyond EOD, truncated [ 2336.695803][T23285] loop0: p3 start 225 is beyond EOD, truncated [ 2336.701983][T23285] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2336.720358][T23300] loop3: detected capacity change from 0 to 2216 05:24:02 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000feff00002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:24:02 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, 0x0, 0x0, 0x0) 05:24:02 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(0x0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:24:02 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, 0x0, 0x0, 0x0) [ 2336.778526][T23295] loop0: detected capacity change from 0 to 1 05:24:02 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000004002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2336.830560][T23295] loop0: p1 p2 p3 p4[EZD] [ 2336.835357][T23295] loop0: p1 start 10 is beyond EOD, truncated [ 2336.841516][T23295] loop0: p2 start 5 is beyond EOD, truncated [ 2336.847538][T23295] loop0: p3 start 225 is beyond EOD, truncated [ 2336.853710][T23295] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2336.855349][T23325] loop3: detected capacity change from 0 to 2216 [ 2336.918691][ T1037] loop0: p1 p2 p3 p4[EZD] [ 2336.923308][ T1037] loop0: p1 start 10 is beyond EOD, truncated [ 2336.929412][ T1037] loop0: p2 start 5 is beyond EOD, truncated [ 2336.935384][ T1037] loop0: p3 start 225 is beyond EOD, truncated [ 2336.938237][T23330] loop3: detected capacity change from 0 to 2216 [ 2336.941609][ T1037] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:24:02 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:24:02 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800060000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:24:02 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000008002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2337.052619][T23345] loop3: detected capacity change from 0 to 2216 [ 2337.063843][T23347] loop0: detected capacity change from 0 to 1 [ 2337.119011][T23347] loop0: p1 p2 p3 p4[EZD] [ 2337.123670][T23347] loop0: p1 start 10 is beyond EOD, truncated [ 2337.129809][T23347] loop0: p2 start 6 is beyond EOD, truncated [ 2337.135936][T23347] loop0: p3 start 225 is beyond EOD, truncated [ 2337.142145][T23347] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2337.201579][T23359] loop0: detected capacity change from 0 to 1 [ 2337.248308][T23359] loop0: p1 p2 p3 p4[EZD] [ 2337.253066][T23359] loop0: p1 start 10 is beyond EOD, truncated [ 2337.259167][T23359] loop0: p2 start 6 is beyond EOD, truncated [ 2337.265199][T23359] loop0: p3 start 225 is beyond EOD, truncated [ 2337.271477][T23359] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:24:05 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x0, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:24:05 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000000000c002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:24:05 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000804060000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:24:05 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000ffff1f002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2339.656188][T23373] loop3: detected capacity change from 0 to 2216 [ 2339.659980][T23374] loop0: detected capacity change from 0 to 1 [ 2339.708076][T23374] loop0: p1 p2 p3 p4[EZD] [ 2339.712808][T23374] loop0: p1 start 10 is beyond EOD, truncated [ 2339.718919][T23374] loop0: p2 start 6 is beyond EOD, truncated [ 2339.724894][T23374] loop0: p3 start 225 is beyond EOD, truncated [ 2339.731058][T23374] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2339.753672][T23387] loop3: detected capacity change from 0 to 2216 05:24:05 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000000012301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:24:05 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(0x0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:24:05 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000000022301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:24:05 executing program 5: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000027002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2339.806818][T23381] loop0: detected capacity change from 0 to 1 [ 2339.822929][ T25] kauditd_printk_skb: 191 callbacks suppressed [ 2339.822941][ T25] audit: type=1326 audit(1625635445.668:57628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=23394 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 05:24:05 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x0) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2339.872534][ T25] audit: type=1326 audit(1625635445.678:57629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=23394 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2339.875257][T23401] loop5: detected capacity change from 0 to 2216 [ 2339.910160][T23381] loop0: p1 p2 p3 p4[EZD] [ 2339.916744][T23381] loop0: p1 start 10 is beyond EOD, truncated [ 2339.920089][T23407] loop3: detected capacity change from 0 to 2216 [ 2339.922865][T23381] loop0: p2 start 6 is beyond EOD, truncated [ 2339.935157][T23381] loop0: p3 start 225 is beyond EOD, truncated [ 2339.941342][T23381] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2339.975863][ T25] audit: type=1326 audit(1625635445.698:57630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=23394 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=56 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2340.001376][ T25] audit: type=1326 audit(1625635445.698:57631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=23394 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2340.025892][ T25] audit: type=1326 audit(1625635445.698:57632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=23394 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 05:24:05 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:24:05 executing program 5: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000006000000002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:24:05 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000004022301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2340.057782][ T25] audit: type=1326 audit(1625635445.698:57633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=23397 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=231 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2340.084857][ T25] audit: type=1326 audit(1625635445.698:57634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=23394 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=186 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2340.094547][T23420] loop5: detected capacity change from 0 to 2216 [ 2340.110642][T23419] loop3: detected capacity change from 0 to 2216 [ 2340.120745][ T1037] loop0: p1 p2 p3 p4[EZD] [ 2340.126305][ T1037] loop0: p1 start 10 is beyond EOD, truncated [ 2340.128919][ T25] audit: type=1326 audit(1625635445.698:57635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=23394 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2340.132462][ T1037] loop0: p2 start 6 is beyond EOD, truncated [ 2340.157976][ T25] audit: type=1326 audit(1625635445.698:57636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=23394 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2340.162604][ T1037] loop0: p3 start 225 is beyond EOD, truncated [ 2340.192923][ T1037] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2340.204579][ T25] audit: type=1326 audit(1625635445.708:57637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=23394 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=61 compat=0 ip=0x4665d9 code=0x7ffc0000 05:24:08 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800070000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:24:08 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000000032301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:24:08 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x0, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:24:08 executing program 5 (fault-call:10 fault-nth:0): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2342.671308][T23439] loop3: detected capacity change from 0 to 2216 [ 2342.679340][T23441] loop0: detected capacity change from 0 to 1 [ 2342.699684][T23447] FAULT_INJECTION: forcing a failure. [ 2342.699684][T23447] name failslab, interval 1, probability 0, space 0, times 0 [ 2342.712370][T23447] CPU: 1 PID: 23447 Comm: syz-executor.5 Tainted: G W 5.13.0-syzkaller #0 [ 2342.722250][T23447] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2342.722263][T23447] Call Trace: [ 2342.722271][T23447] dump_stack_lvl+0xb7/0x103 [ 2342.735585][T23447] dump_stack+0x11/0x1a [ 2342.744364][T23447] should_fail+0x23c/0x250 [ 2342.748815][T23447] ? audit_log_start+0x320/0x670 [ 2342.753755][T23447] __should_failslab+0x81/0x90 [ 2342.758587][T23447] should_failslab+0x5/0x20 [ 2342.763090][T23447] kmem_cache_alloc+0x46/0x2e0 05:24:08 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000000042301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2342.767856][T23447] audit_log_start+0x320/0x670 [ 2342.772619][T23447] ? kstrtoull+0x321/0x360 [ 2342.777056][T23447] audit_seccomp+0x45/0xf0 [ 2342.781490][T23447] __seccomp_filter+0x54b/0xf20 [ 2342.786436][T23447] ? vfs_write+0x50c/0x770 [ 2342.790886][T23447] __secure_computing+0xfb/0x140 [ 2342.795800][T23447] syscall_trace_enter+0x120/0x290 [ 2342.800899][T23447] ? switch_fpu_return+0xa/0x10 [ 2342.805868][T23447] ? exit_to_user_mode_prepare+0x65/0x190 [ 2342.811747][T23447] syscall_enter_from_user_mode+0x1c/0x20 [ 2342.817477][T23447] do_syscall_64+0x1e/0x90 [ 2342.821948][T23447] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2342.827889][T23447] RIP: 0033:0x4665d9 [ 2342.831773][T23447] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2342.851493][T23447] RSP: 002b:00007f4cbb2b8188 EFLAGS: 00000246 ORIG_RAX: 0000000000000065 [ 2342.859928][T23447] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 05:24:08 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x0) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2342.867876][T23447] RDX: 0000000000000000 RSI: 0000000000002f27 RDI: 0000000000000007 [ 2342.875824][T23447] RBP: 00007f4cbb2b81d0 R08: 0000000000000000 R09: 0000000000000000 [ 2342.883787][T23447] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2342.891735][T23447] R13: 00007fff5702a47f R14: 00007f4cbb2b8300 R15: 0000000000022000 [ 2342.905082][T23441] loop0: p1 p2 p3 p4[EZD] [ 2342.909653][T23441] loop0: p1 start 10 is beyond EOD, truncated [ 2342.915737][T23441] loop0: p2 start 7 is beyond EOD, truncated [ 2342.921742][T23441] loop0: p3 start 225 is beyond EOD, truncated [ 2342.927936][T23441] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:24:08 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800090000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2342.975773][T23460] loop3: detected capacity change from 0 to 2216 [ 2342.979234][T23452] loop0: detected capacity change from 0 to 1 05:24:08 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000000052301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:24:08 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, 0x0) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2343.104059][T23473] loop3: detected capacity change from 0 to 2216 [ 2343.104249][T23472] loop0: detected capacity change from 0 to 1 05:24:09 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000000062301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2343.148982][T23472] loop0: p1 p2 p3 p4[EZD] [ 2343.153603][T23472] loop0: p1 start 10 is beyond EOD, truncated [ 2343.159728][T23472] loop0: p2 start 9 is beyond EOD, truncated [ 2343.165699][T23472] loop0: p3 start 225 is beyond EOD, truncated [ 2343.171878][T23472] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:24:09 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000004062301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2343.216153][T23486] loop3: detected capacity change from 0 to 2216 [ 2343.223406][T23472] loop0: detected capacity change from 0 to 1 05:24:09 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac0000000000630008000a0000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:24:09 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000000072301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2343.268097][T23472] loop0: p1 p2 p3 p4[EZD] [ 2343.272676][T23472] loop0: p1 start 10 is beyond EOD, truncated [ 2343.278814][T23472] loop0: p2 start 9 is beyond EOD, truncated [ 2343.284846][T23472] loop0: p3 start 225 is beyond EOD, truncated [ 2343.291042][T23472] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2343.309615][T23496] loop3: detected capacity change from 0 to 2216 [ 2343.376265][T23501] loop3: detected capacity change from 0 to 2216 [ 2343.400753][T23507] loop0: detected capacity change from 0 to 1 [ 2343.428290][T23507] loop0: p1 p2 p3 p4[EZD] [ 2343.433008][T23507] loop0: p1 start 10 is beyond EOD, truncated [ 2343.439089][T23507] loop0: p2 start 10 is beyond EOD, truncated [ 2343.445187][T23507] loop0: p3 start 225 is beyond EOD, truncated [ 2343.451344][T23507] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:24:11 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x0, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:24:11 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000000082301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:24:11 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac0000000000630008000b0000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:24:11 executing program 5 (fault-call:10 fault-nth:1): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2345.701446][ T25] kauditd_printk_skb: 153 callbacks suppressed [ 2345.701460][ T25] audit: type=1326 audit(1625635451.548:57789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=23523 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2345.709841][T23529] loop0: detected capacity change from 0 to 1 [ 2345.734438][T23530] loop3: detected capacity change from 0 to 2216 [ 2345.741958][ T25] audit: type=1326 audit(1625635451.578:57790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=23523 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=56 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2345.748966][T23532] FAULT_INJECTION: forcing a failure. [ 2345.748966][T23532] name failslab, interval 1, probability 0, space 0, times 0 [ 2345.781141][T23532] CPU: 0 PID: 23532 Comm: syz-executor.5 Tainted: G W 5.13.0-syzkaller #0 [ 2345.783426][ T25] audit: type=1326 audit(1625635451.578:57791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=23523 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2345.790943][T23532] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2345.790956][T23532] Call Trace: [ 2345.790963][T23532] dump_stack_lvl+0xb7/0x103 [ 2345.815753][ T25] audit: type=1326 audit(1625635451.578:57792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=23523 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=186 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2345.825181][T23532] dump_stack+0x11/0x1a [ 2345.825210][T23532] should_fail+0x23c/0x250 [ 2345.825231][T23532] __should_failslab+0x81/0x90 [ 2345.830582][ T25] audit: type=1326 audit(1625635451.578:57793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=23523 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2345.833063][T23532] should_failslab+0x5/0x20 [ 2345.833084][T23532] kmem_cache_alloc_node+0x58/0x2b0 [ 2345.858553][ T25] audit: type=1326 audit(1625635451.578:57794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=23523 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=61 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2345.861334][T23532] ? should_fail+0xd6/0x250 05:24:11 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x0) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2345.866243][ T25] audit: type=1326 audit(1625635451.588:57795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=23532 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2345.870491][T23532] ? __alloc_skb+0xed/0x420 [ 2345.870554][T23532] __alloc_skb+0xed/0x420 [ 2345.896303][ T25] audit: type=1326 audit(1625635451.588:57796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=23532 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2345.899136][T23532] audit_log_start+0x33c/0x670 [ 2345.899167][T23532] ? kstrtoull+0x321/0x360 [ 2345.905438][ T25] audit: type=1326 audit(1625635451.588:57797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=23532 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=278 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2345.928376][T23532] audit_seccomp+0x45/0xf0 [ 2345.928402][T23532] __seccomp_filter+0x54b/0xf20 [ 2345.928420][T23532] ? vfs_write+0x50c/0x770 [ 2345.928437][T23532] __secure_computing+0xfb/0x140 [ 2345.934980][ T25] audit: type=1326 audit(1625635451.588:57798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=23532 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2345.957029][T23532] syscall_trace_enter+0x120/0x290 [ 2345.957057][T23532] ? exit_to_user_mode_prepare+0x65/0x190 [ 2345.957078][T23532] syscall_enter_from_user_mode+0x1c/0x20 [ 2346.082481][T23532] do_syscall_64+0x1e/0x90 [ 2346.086930][T23532] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2346.092932][T23532] RIP: 0033:0x4665d9 [ 2346.096827][T23532] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2346.116471][T23532] RSP: 002b:00007f4cbb2b8188 EFLAGS: 00000246 ORIG_RAX: 0000000000000065 [ 2346.124881][T23532] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2346.132857][T23532] RDX: 0000000000000000 RSI: 0000000000002f2a RDI: 0000000000000007 [ 2346.140821][T23532] RBP: 00007f4cbb2b81d0 R08: 0000000000000000 R09: 0000000000000000 05:24:12 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, 0x0) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2346.148799][T23532] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2346.156811][T23532] R13: 00007fff5702a47f R14: 00007f4cbb2b8300 R15: 0000000000022000 [ 2346.187775][T23529] loop0: p1 p2 p3 p4[EZD] [ 2346.192494][T23529] loop0: p1 start 10 is beyond EOD, truncated 05:24:12 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000000092301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2346.198680][T23529] loop0: p2 start 11 is beyond EOD, truncated [ 2346.204760][T23529] loop0: p3 start 225 is beyond EOD, truncated [ 2346.210940][T23529] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2346.271627][T23539] loop0: detected capacity change from 0 to 1 [ 2346.296171][T23555] loop3: detected capacity change from 0 to 2216 05:24:12 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000000000000a2301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2346.319381][T23539] loop0: p1 p2 p3 p4[EZD] [ 2346.327293][T23539] loop0: p1 start 10 is beyond EOD, truncated [ 2346.333421][T23539] loop0: p2 start 11 is beyond EOD, truncated [ 2346.339509][T23539] loop0: p3 start 225 is beyond EOD, truncated [ 2346.345673][T23539] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:24:12 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac0000000000630008000c0000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:24:12 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000000000000b2301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2346.439773][T23567] loop3: detected capacity change from 0 to 2216 05:24:12 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000000000000c2301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2346.499053][T23573] loop0: detected capacity change from 0 to 1 [ 2346.511658][T23577] loop3: detected capacity change from 0 to 2216 [ 2346.548056][T23573] loop0: p1 p2 p3 p4[EZD] [ 2346.552687][T23573] loop0: p1 start 10 is beyond EOD, truncated [ 2346.558815][T23573] loop0: p2 start 12 is beyond EOD, truncated [ 2346.564891][T23573] loop0: p3 start 225 is beyond EOD, truncated [ 2346.571161][T23573] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2346.590832][T23586] loop3: detected capacity change from 0 to 2216 05:24:12 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000000000000d2301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2346.641413][T23581] loop0: detected capacity change from 0 to 1 [ 2346.656753][T23596] loop3: detected capacity change from 0 to 2216 [ 2346.671404][T23581] loop0: p1 p2 p3 p4[EZD] [ 2346.677052][T23581] loop0: p1 start 10 is beyond EOD, truncated [ 2346.683166][T23581] loop0: p2 start 12 is beyond EOD, truncated [ 2346.689259][T23581] loop0: p3 start 225 is beyond EOD, truncated [ 2346.695419][T23581] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:24:14 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:24:14 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000000000000e2301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:24:14 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac0000000000630008000d0000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:24:14 executing program 5 (fault-call:10 fault-nth:2): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2348.719229][T23614] loop3: detected capacity change from 0 to 2216 [ 2348.727498][T23615] loop0: detected capacity change from 0 to 1 [ 2348.765041][T23615] loop0: p1 p2 p3 p4[EZD] [ 2348.770472][T23615] loop0: p1 start 10 is beyond EOD, truncated [ 2348.776636][T23615] loop0: p2 start 13 is beyond EOD, truncated [ 2348.782739][T23615] loop0: p3 start 225 is beyond EOD, truncated [ 2348.789046][T23615] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2348.835193][T23626] loop0: detected capacity change from 0 to 1 [ 2348.878067][T23626] loop0: p1 p2 p3 p4[EZD] [ 2348.882672][T23626] loop0: p1 start 10 is beyond EOD, truncated [ 2348.888763][T23626] loop0: p2 start 13 is beyond EOD, truncated [ 2348.894807][T23626] loop0: p3 start 225 is beyond EOD, truncated [ 2348.900961][T23626] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:24:14 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:24:15 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, 0x0) ptrace$cont(0x7, r0, 0x0, 0x0) 05:24:15 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:24:15 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000000000000f2301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:24:15 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:24:15 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac0000000000630008000e0000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:24:15 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000000102301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2349.209302][T23649] loop3: detected capacity change from 0 to 2216 [ 2349.232057][T23655] loop0: detected capacity change from 0 to 1 05:24:15 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:24:15 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000000112301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2349.279539][T23655] loop0: p1 p2 p3 p4[EZD] [ 2349.288899][T23665] loop3: detected capacity change from 0 to 2216 [ 2349.292744][T23655] loop0: p1 start 10 is beyond EOD, truncated [ 2349.301326][T23655] loop0: p2 start 14 is beyond EOD, truncated [ 2349.307388][T23655] loop0: p3 start 225 is beyond EOD, truncated [ 2349.313607][T23655] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:24:15 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000000122301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2349.391046][T23676] loop0: detected capacity change from 0 to 16400 [ 2349.393811][T23679] loop3: detected capacity change from 0 to 2216 05:24:15 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac0000000000630008000f0000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:24:15 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2349.478262][T23685] loop3: detected capacity change from 0 to 2216 [ 2349.488288][T23689] loop0: detected capacity change from 0 to 1 [ 2349.528946][T23689] loop0: p1 p2 p3 p4[EZD] [ 2349.534581][T23689] loop0: p1 start 10 is beyond EOD, truncated [ 2349.540687][T23689] loop0: p2 start 15 is beyond EOD, truncated [ 2349.546871][T23689] loop0: p3 start 225 is beyond EOD, truncated [ 2349.553051][T23689] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2349.608399][T23703] loop0: detected capacity change from 0 to 16400 05:24:17 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2352.013037][ T25] kauditd_printk_skb: 173 callbacks suppressed [ 2352.013049][ T25] audit: type=1326 audit(1625635457.858:57970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=23709 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2352.043865][ T25] audit: type=1326 audit(1625635457.858:57971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=23709 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2352.068534][ T25] audit: type=1326 audit(1625635457.858:57972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=23709 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=56 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2352.092689][ T25] audit: type=1326 audit(1625635457.858:57973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=23709 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2352.116965][ T25] audit: type=1326 audit(1625635457.858:57974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=23709 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2352.141243][ T25] audit: type=1326 audit(1625635457.858:57975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=23709 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=186 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2352.165658][ T25] audit: type=1326 audit(1625635457.858:57976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=23709 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2352.189974][ T25] audit: type=1326 audit(1625635457.858:57977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=23709 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 05:24:18 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0xffffffffffffffff, r0, 0x0, 0x0) 05:24:18 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000000132301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:24:18 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800110000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:24:18 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:24:18 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x3, r0, 0x0, 0x0) [ 2352.221439][ T25] audit: type=1326 audit(1625635457.858:57978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=23709 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=61 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2352.270234][T23717] loop3: detected capacity change from 0 to 2216 [ 2352.270258][ T25] audit: type=1326 audit(1625635457.858:57979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=23711 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 05:24:18 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000000142301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2352.318930][T23723] loop0: detected capacity change from 0 to 1 05:24:18 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2352.387066][T23738] loop3: detected capacity change from 0 to 2216 [ 2352.388020][T23723] loop0: p1 p2 p3 p4[EZD] [ 2352.417106][T23723] loop0: p1 start 10 is beyond EOD, truncated [ 2352.423220][T23723] loop0: p2 start 17 is beyond EOD, truncated [ 2352.429296][T23723] loop0: p3 start 225 is beyond EOD, truncated 05:24:18 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000000152301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2352.435444][T23723] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:24:18 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000000162301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2352.478131][T23753] loop3: detected capacity change from 0 to 2216 [ 2352.488806][T23752] loop0: detected capacity change from 0 to 1 05:24:18 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:24:18 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2352.528191][T23752] loop0: p1 p2 p3 p4[EZD] [ 2352.532850][T23752] loop0: p1 start 10 is beyond EOD, truncated [ 2352.538971][T23752] loop0: p2 start 17 is beyond EOD, truncated [ 2352.545071][T23752] loop0: p3 start 225 is beyond EOD, truncated [ 2352.551270][T23752] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2352.577394][T23770] loop3: detected capacity change from 0 to 2216 [ 2352.618614][ T1037] loop0: p1 p2 p3 p4[EZD] [ 2352.623111][ T1037] loop0: p1 start 10 is beyond EOD, truncated [ 2352.629265][ T1037] loop0: p2 start 17 is beyond EOD, truncated [ 2352.635342][ T1037] loop0: p3 start 225 is beyond EOD, truncated [ 2352.641667][ T1037] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:24:20 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:24:21 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0xffffffffffffffff, r0, 0x0, 0x0) 05:24:21 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:24:21 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800120000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:24:21 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000002162301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:24:21 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x8, r0, 0x0, 0x0) 05:24:21 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:24:21 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0xffffffffffffffff, r0, 0x0, 0x0) [ 2355.309076][T23793] loop0: detected capacity change from 0 to 1 [ 2355.316100][T23792] loop3: detected capacity change from 0 to 2216 05:24:21 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000000172301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2355.379431][T23793] loop0: p1 p2 p3 p4[EZD] [ 2355.389002][T23793] loop0: p1 start 10 is beyond EOD, truncated [ 2355.395143][T23793] loop0: p2 start 18 is beyond EOD, truncated [ 2355.401349][T23793] loop0: p3 start 225 is beyond EOD, truncated [ 2355.407507][T23793] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:24:21 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800130000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:24:21 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000002172301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2355.426151][T23819] loop3: detected capacity change from 0 to 2216 05:24:21 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000000182301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2355.475380][T23826] loop0: detected capacity change from 0 to 1 [ 2355.489768][T23831] loop3: detected capacity change from 0 to 2216 [ 2355.548403][T23837] loop3: detected capacity change from 0 to 2216 [ 2355.551309][T23826] loop0: p1 p2 p3 p4[EZD] [ 2355.560952][T23826] loop0: p1 start 10 is beyond EOD, truncated [ 2355.567048][T23826] loop0: p2 start 19 is beyond EOD, truncated [ 2355.573145][T23826] loop0: p3 start 225 is beyond EOD, truncated [ 2355.579368][T23826] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2355.654493][T23846] loop0: detected capacity change from 0 to 16400 05:24:23 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0), 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:24:23 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000000192301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:24:23 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800200000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2358.036074][T23852] loop3: detected capacity change from 0 to 2216 [ 2358.052921][ T25] kauditd_printk_skb: 261 callbacks suppressed [ 2358.052934][ T25] audit: type=1326 audit(1625635463.898:58241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=23853 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2358.055023][T23856] loop0: detected capacity change from 0 to 1 [ 2358.060016][ T25] audit: type=1326 audit(1625635463.898:58242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=23853 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2358.115096][ T25] audit: type=1326 audit(1625635463.928:58243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=23853 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=56 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2358.140367][ T25] audit: type=1326 audit(1625635463.928:58244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=23853 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 05:24:24 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000000000001a2301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2358.177915][ T25] audit: type=1326 audit(1625635463.928:58245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=23853 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2358.196242][T23856] loop0: p1 p2 p3 p4[EZD] [ 2358.202475][ T25] audit: type=1326 audit(1625635463.938:58246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=23853 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=186 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2358.231067][T23856] loop0: p1 start 10 is beyond EOD, truncated [ 2358.232855][ T25] audit: type=1326 audit(1625635463.938:58247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=23853 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2358.237246][T23856] loop0: p2 start 32 is beyond EOD, truncated [ 2358.237264][T23856] loop0: p3 start 225 is beyond EOD, [ 2358.262713][ T25] audit: type=1326 audit(1625635463.938:58248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=23853 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2358.267453][T23856] truncated [ 2358.267460][T23856] loop0: p4 size 3657465856 extends beyond EOD, [ 2358.273875][ T25] audit: type=1326 audit(1625635463.938:58249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=23853 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=61 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2358.296961][T23856] truncated 05:24:24 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:24:24 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x2, 0x0) [ 2358.335296][ T25] audit: type=1326 audit(1625635463.958:58250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=23858 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 05:24:24 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, 0x0, 0x0, 0x0) [ 2358.381996][T23861] loop0: detected capacity change from 0 to 1 [ 2358.408207][T23881] loop3: detected capacity change from 0 to 2216 [ 2358.428032][ T1037] loop0: p1 p2 p3 p4[EZD] 05:24:24 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000000000001b2301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2358.432911][ T1037] loop0: p1 start 10 is beyond EOD, truncated [ 2358.439091][ T1037] loop0: p2 start 32 is beyond EOD, truncated [ 2358.445171][ T1037] loop0: p3 start 225 is beyond EOD, truncated [ 2358.451354][ T1037] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2358.459956][T23861] loop0: p1 p2 p3 p4[EZD] [ 2358.464754][T23861] loop0: p1 start 10 is beyond EOD, truncated [ 2358.470856][T23861] loop0: p2 start 32 is beyond EOD, truncated [ 2358.477051][T23861] loop0: p3 start 225 is beyond EOD, truncated [ 2358.483257][T23861] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2358.517520][T23900] loop3: detected capacity change from 0 to 2216 05:24:24 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800240000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:24:24 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000000000001c2301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2358.535870][ T1037] loop0: p1 p2 p3 p4[EZD] [ 2358.540711][ T1037] loop0: p1 start 10 is beyond EOD, truncated [ 2358.546786][ T1037] loop0: p2 start 32 is beyond EOD, truncated [ 2358.552899][ T1037] loop0: p3 start 225 is beyond EOD, truncated [ 2358.559071][ T1037] loop0: p4 size 3657465856 extends beyond EOD, [ 2358.565484][ T1037] truncated 05:24:24 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000000000001d2301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2358.651669][T23908] loop3: detected capacity change from 0 to 2216 [ 2358.657680][T23912] loop0: detected capacity change from 0 to 1 [ 2358.708157][T23912] loop0: p1 p2 p3 p4[EZD] [ 2358.712712][T23912] loop0: p1 start 10 is beyond EOD, truncated [ 2358.718805][T23912] loop0: p2 start 36 is beyond EOD, truncated [ 2358.724865][T23912] loop0: p3 start 225 is beyond EOD, truncated [ 2358.731122][T23912] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2358.745251][T23922] loop3: detected capacity change from 0 to 2216 05:24:24 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000000000001e2301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2358.788354][T23912] loop0: detected capacity change from 0 to 1 [ 2358.840644][T23912] loop0: p1 p2 p3 p4[EZD] [ 2358.846941][T23931] loop3: detected capacity change from 0 to 2216 [ 2358.848765][T23912] loop0: p1 start 10 is beyond EOD, truncated [ 2358.859444][T23912] loop0: p2 start 36 is beyond EOD, truncated [ 2358.865525][T23912] loop0: p3 start 225 is beyond EOD, truncated [ 2358.871737][T23912] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2358.892340][ T1037] loop0: p1 p2 p3 p4[EZD] [ 2358.896829][ T1037] loop0: p1 start 10 is beyond EOD, truncated [ 2358.902992][ T1037] loop0: p2 start 36 is beyond EOD, truncated [ 2358.909071][ T1037] loop0: p3 start 225 is beyond EOD, truncated [ 2358.915275][ T1037] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:24:26 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800250000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:24:26 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0), 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:24:26 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000000000001f2301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:24:26 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000000202301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2361.054418][T23945] loop3: detected capacity change from 0 to 2216 [ 2361.081750][T23949] loop0: detected capacity change from 0 to 1 [ 2361.127964][T23949] loop0: p1 p2 p3 p4[EZD] [ 2361.132696][T23949] loop0: p1 start 10 is beyond EOD, truncated [ 2361.138856][T23949] loop0: p2 start 37 is beyond EOD, truncated [ 2361.144904][T23949] loop0: p3 start 225 is beyond EOD, truncated [ 2361.151057][T23949] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2361.165207][T23956] loop3: detected capacity change from 0 to 2216 [ 2361.228237][T23957] loop0: detected capacity change from 0 to 1 [ 2361.268039][T23957] loop0: p1 p2 p3 p4[EZD] [ 2361.272717][T23957] loop0: p1 start 10 is beyond EOD, truncated [ 2361.278853][T23957] loop0: p2 start 37 is beyond EOD, truncated [ 2361.284956][T23957] loop0: p3 start 225 is beyond EOD, truncated [ 2361.291105][T23957] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:24:27 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:24:27 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x3, 0x0) 05:24:27 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, 0x0, 0x0, 0x0) 05:24:27 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000010202301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:24:27 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800260000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:24:27 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100), 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:24:27 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, 0x0, 0x0, 0x0) [ 2361.435379][T23991] loop3: detected capacity change from 0 to 2216 [ 2361.438070][T23989] loop0: detected capacity change from 0 to 1 05:24:27 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000000212301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2361.499524][T23989] loop0: p1 p2 p3 p4[EZD] [ 2361.504392][T23989] loop0: p1 start 10 is beyond EOD, truncated [ 2361.510600][T23989] loop0: p2 start 38 is beyond EOD, truncated [ 2361.516662][T23989] loop0: p3 start 225 is beyond EOD, truncated [ 2361.522859][T23989] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2361.538266][T24010] loop3: detected capacity change from 0 to 2216 05:24:27 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000000222301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2361.574018][T24015] loop0: detected capacity change from 0 to 16400 [ 2361.642425][T24020] loop3: detected capacity change from 0 to 2216 05:24:29 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0), 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:24:29 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac0000000000630008002e0000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:24:29 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000000232301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2364.070773][T24028] loop3: detected capacity change from 0 to 2216 [ 2364.080071][T24030] loop0: detected capacity change from 0 to 1 [ 2364.095335][ T25] kauditd_printk_skb: 239 callbacks suppressed 05:24:30 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000000242301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2364.095347][ T25] audit: type=1326 audit(1625635469.938:58490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=24029 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2364.134501][ T25] audit: type=1326 audit(1625635469.948:58491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=24029 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=56 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2364.159022][ T25] audit: type=1326 audit(1625635469.948:58492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=24029 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2364.164996][T24030] loop0: p1 p2 p3 p4[EZD] [ 2364.183574][ T25] audit: type=1326 audit(1625635469.948:58493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=24029 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=186 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2364.194761][T24030] loop0: p1 start 10 is beyond EOD, truncated [ 2364.212323][ T25] audit: type=1326 audit(1625635469.948:58494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=24029 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2364.217923][T24030] loop0: p2 start 46 is beyond EOD, truncated [ 2364.217940][T24030] loop0: p3 start 225 is beyond EOD, truncated [ 2364.217953][T24030] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2364.261662][ T25] audit: type=1326 audit(1625635469.948:58495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=24029 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=61 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2364.286542][ T25] audit: type=1326 audit(1625635469.948:58496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=24036 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2364.314017][T24045] loop3: detected capacity change from 0 to 2216 [ 2364.314969][ T25] audit: type=1326 audit(1625635469.948:58497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=24036 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=278 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2364.347006][T24037] loop0: detected capacity change from 0 to 1 05:24:30 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x4, 0x0) [ 2364.348093][ T25] audit: type=1326 audit(1625635469.948:58498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=24036 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2364.389375][ T25] audit: type=1326 audit(1625635469.948:58499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=24036 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=101 compat=0 ip=0x4665d9 code=0x7ffc0000 05:24:30 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000000252301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:24:30 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100), 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2364.430129][T24037] loop0: p1 p2 p3 p4[EZD] [ 2364.434760][T24037] loop0: p1 start 10 is beyond EOD, truncated [ 2364.440900][T24037] loop0: p2 start 46 is beyond EOD, truncated [ 2364.446969][T24037] loop0: p3 start 225 is beyond EOD, truncated [ 2364.453178][T24037] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:24:30 executing program 2 (fault-call:10 fault-nth:0): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2364.489040][T24065] loop3: detected capacity change from 0 to 2216 [ 2364.526245][T24074] FAULT_INJECTION: forcing a failure. [ 2364.526245][T24074] name failslab, interval 1, probability 0, space 0, times 0 [ 2364.538894][T24074] CPU: 1 PID: 24074 Comm: syz-executor.2 Tainted: G W 5.13.0-syzkaller #0 [ 2364.548717][T24074] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2364.558815][T24074] Call Trace: [ 2364.562083][T24074] dump_stack_lvl+0xb7/0x103 [ 2364.566736][T24074] dump_stack+0x11/0x1a [ 2364.571011][T24074] should_fail+0x23c/0x250 [ 2364.575510][T24074] ? audit_log_start+0x320/0x670 [ 2364.580449][T24074] __should_failslab+0x81/0x90 [ 2364.585211][T24074] should_failslab+0x5/0x20 [ 2364.589788][T24074] kmem_cache_alloc+0x46/0x2e0 [ 2364.594549][T24074] audit_log_start+0x320/0x670 [ 2364.599334][T24074] ? kstrtoull+0x321/0x360 [ 2364.603814][T24074] audit_seccomp+0x45/0xf0 [ 2364.608227][T24074] __seccomp_filter+0x54b/0xf20 [ 2364.613089][T24074] ? vfs_write+0x50c/0x770 [ 2364.617502][T24074] __secure_computing+0xfb/0x140 [ 2364.622465][T24074] syscall_trace_enter+0x120/0x290 [ 2364.627581][T24074] ? exit_to_user_mode_prepare+0x65/0x190 [ 2364.633334][T24074] syscall_enter_from_user_mode+0x1c/0x20 [ 2364.639096][T24074] do_syscall_64+0x1e/0x90 [ 2364.643515][T24074] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2364.649407][T24074] RIP: 0033:0x4665d9 [ 2364.653289][T24074] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2364.672920][T24074] RSP: 002b:00007f08cbeb2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000065 [ 2364.681344][T24074] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 05:24:30 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000000262301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:24:30 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac0000000000630008003f0000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2364.689321][T24074] RDX: 0000000000000000 RSI: 000000000000347a RDI: 0000000000000007 [ 2364.697297][T24074] RBP: 00007f08cbeb21d0 R08: 0000000000000000 R09: 0000000000000000 [ 2364.705261][T24074] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2364.713245][T24074] R13: 00007fffe2cb7eef R14: 00007f08cbeb2300 R15: 0000000000022000 05:24:30 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000000272301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2364.768672][ T1037] loop0: p1 p2 p3 p4[EZD] [ 2364.773159][ T1037] loop0: p1 start 10 is beyond EOD, truncated [ 2364.777010][T24079] loop3: detected capacity change from 0 to 2216 [ 2364.779246][ T1037] loop0: p2 start 46 is beyond EOD, truncated [ 2364.791658][ T1037] loop0: p3 start 225 is beyond EOD, truncated [ 2364.797833][ T1037] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:24:30 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000000282301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2364.838416][T24083] loop0: detected capacity change from 0 to 1 [ 2364.857348][T24091] loop3: detected capacity change from 0 to 2216 [ 2364.888167][T24083] loop0: p1 p2 p3 p4[EZD] [ 2364.892757][T24083] loop0: p1 start 10 is beyond EOD, truncated [ 2364.898872][T24083] loop0: p2 start 63 is beyond EOD, truncated [ 2364.904935][T24083] loop0: p3 start 225 is beyond EOD, truncated [ 2364.911092][T24083] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2364.926014][ T1037] loop0: p1 p2 p3 p4[EZD] [ 2364.930933][ T1037] loop0: p1 start 10 is beyond EOD, truncated [ 2364.937017][ T1037] loop0: p2 start 63 is beyond EOD, truncated [ 2364.943121][ T1037] loop0: p3 start 225 is beyond EOD, truncated [ 2364.949297][ T1037] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2364.950684][T24100] loop3: detected capacity change from 0 to 2216 05:24:32 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x0, 0x0}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:24:32 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000000292301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:24:32 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800400000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:24:32 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000000000002a2301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2367.093381][T24111] loop3: detected capacity change from 0 to 2216 [ 2367.116715][T24115] loop0: detected capacity change from 0 to 1 [ 2367.178035][T24115] loop0: p1 p2 p3 p4[EZD] [ 2367.183200][T24115] loop0: p1 start 10 is beyond EOD, truncated [ 2367.186052][T24125] loop3: detected capacity change from 0 to 2216 [ 2367.189297][T24115] loop0: p2 start 64 is beyond EOD, truncated [ 2367.189316][T24115] loop0: p3 start 225 is beyond EOD, truncated [ 2367.207850][T24115] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2367.252333][T24120] loop0: detected capacity change from 0 to 1 [ 2367.302561][T24120] loop0: p1 p2 p3 p4[EZD] [ 2367.307073][T24120] loop0: p1 start 10 is beyond EOD, truncated [ 2367.313211][T24120] loop0: p2 start 64 is beyond EOD, truncated [ 2367.319293][T24120] loop0: p3 start 225 is beyond EOD, truncated [ 2367.325434][T24120] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:24:33 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x5, 0x0) 05:24:33 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000000000002b2301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2367.368466][ T1037] loop0: p1 p2 p3 p4[EZD] [ 2367.373124][ T1037] loop0: p1 start 10 is beyond EOD, truncated [ 2367.379232][ T1037] loop0: p2 start 64 is beyond EOD, truncated [ 2367.385353][ T1037] loop0: p3 start 225 is beyond EOD, truncated [ 2367.391564][ T1037] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2367.414785][T24147] loop3: detected capacity change from 0 to 2216 05:24:33 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100), 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:24:33 executing program 2 (fault-call:10 fault-nth:1): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:24:33 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800480000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:24:33 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000000000002c2301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2367.535798][T24168] loop3: detected capacity change from 0 to 2216 [ 2367.568425][T24175] FAULT_INJECTION: forcing a failure. [ 2367.568425][T24175] name failslab, interval 1, probability 0, space 0, times 0 [ 2367.571696][T24172] loop0: detected capacity change from 0 to 1 [ 2367.581049][T24175] CPU: 0 PID: 24175 Comm: syz-executor.2 Tainted: G W 5.13.0-syzkaller #0 [ 2367.596886][T24175] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2367.596900][T24175] Call Trace: [ 2367.596908][T24175] dump_stack_lvl+0xb7/0x103 [ 2367.610261][T24175] dump_stack+0x11/0x1a [ 2367.618968][T24175] should_fail+0x23c/0x250 [ 2367.623397][T24175] __should_failslab+0x81/0x90 [ 2367.628168][T24175] should_failslab+0x5/0x20 05:24:33 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000000000022c2301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2367.632697][T24175] kmem_cache_alloc_node+0x58/0x2b0 [ 2367.637948][T24175] ? should_fail+0xd6/0x250 [ 2367.642447][T24175] ? __alloc_skb+0xed/0x420 [ 2367.646944][T24175] __alloc_skb+0xed/0x420 [ 2367.651266][T24175] audit_log_start+0x33c/0x670 [ 2367.656080][T24175] ? kstrtoull+0x321/0x360 [ 2367.660570][T24175] audit_seccomp+0x45/0xf0 [ 2367.664981][T24175] __seccomp_filter+0x54b/0xf20 [ 2367.669874][T24175] ? vfs_write+0x50c/0x770 [ 2367.674267][T24175] __secure_computing+0xfb/0x140 [ 2367.679225][T24175] syscall_trace_enter+0x120/0x290 [ 2367.684322][T24175] ? switch_fpu_return+0xa/0x10 [ 2367.689202][T24175] ? exit_to_user_mode_prepare+0x65/0x190 [ 2367.694901][T24175] syscall_enter_from_user_mode+0x1c/0x20 [ 2367.700611][T24175] do_syscall_64+0x1e/0x90 [ 2367.705009][T24175] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2367.710899][T24175] RIP: 0033:0x4665d9 [ 2367.714810][T24175] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2367.734431][T24175] RSP: 002b:00007f08cbeb2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000065 [ 2367.742826][T24175] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2367.750875][T24175] RDX: 0000000000000000 RSI: 000000000000347d RDI: 0000000000000007 [ 2367.758832][T24175] RBP: 00007f08cbeb21d0 R08: 0000000000000000 R09: 0000000000000000 [ 2367.766790][T24175] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2367.774737][T24175] R13: 00007fffe2cb7eef R14: 00007f08cbeb2300 R15: 0000000000022000 [ 2367.792632][T24172] loop0: p1 p2 p3 p4[EZD] [ 2367.797242][T24172] loop0: p1 start 10 is beyond EOD, truncated [ 2367.803352][T24172] loop0: p2 start 72 is beyond EOD, truncated [ 2367.809440][T24172] loop0: p3 start 225 is beyond EOD, truncated [ 2367.815622][T24172] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2367.825247][T24186] loop3: detected capacity change from 0 to 2216 05:24:33 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000000000002d2301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2367.861231][T24190] loop0: detected capacity change from 0 to 16400 [ 2367.899700][T24195] loop3: detected capacity change from 0 to 2216 05:24:35 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac0000000000630008004c0000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:24:35 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x0, 0x0}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:24:35 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000000000002e2301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2370.112488][T24205] loop3: detected capacity change from 0 to 2216 [ 2370.133895][T24210] loop0: detected capacity change from 0 to 1 [ 2370.141755][ T25] kauditd_printk_skb: 223 callbacks suppressed 05:24:36 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000000000002f2301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2370.141766][ T25] audit: type=1326 audit(1625635475.988:58719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=24206 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2370.172565][ T25] audit: type=1326 audit(1625635475.988:58720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=24206 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2370.196889][ T25] audit: type=1326 audit(1625635475.988:58721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=24206 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=56 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2370.221319][ T25] audit: type=1326 audit(1625635475.988:58722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=24206 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2370.245623][ T25] audit: type=1326 audit(1625635475.988:58723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=24206 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=186 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2370.265415][T24218] loop3: detected capacity change from 0 to 2216 [ 2370.270273][ T25] audit: type=1326 audit(1625635475.988:58724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=24206 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2370.300345][T24210] loop0: p1 p2 p3 p4[EZD] [ 2370.305017][T24210] loop0: p1 start 10 is beyond EOD, truncated [ 2370.311125][T24210] loop0: p2 start 76 is beyond EOD, truncated [ 2370.317190][T24210] loop0: p3 start 225 is beyond EOD, truncated [ 2370.323362][T24210] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2370.339352][ T25] audit: type=1326 audit(1625635475.988:58725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=24206 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=61 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2370.364185][ T25] audit: type=1326 audit(1625635475.988:58726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=24214 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2370.389418][ T25] audit: type=1326 audit(1625635475.988:58727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=24214 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=278 compat=0 ip=0x4665d9 code=0x7ffc0000 05:24:36 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x6, 0x0) 05:24:36 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000000000003f2301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2370.422640][ T25] audit: type=1326 audit(1625635475.988:58728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=24214 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 05:24:36 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{0x0}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:24:36 executing program 2 (fault-call:10 fault-nth:2): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:24:36 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800600000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:24:36 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000000402301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2370.493059][T24240] loop3: detected capacity change from 0 to 2216 [ 2370.560618][T24256] FAULT_INJECTION: forcing a failure. [ 2370.560618][T24256] name failslab, interval 1, probability 0, space 0, times 0 [ 2370.573287][T24256] CPU: 1 PID: 24256 Comm: syz-executor.2 Tainted: G W 5.13.0-syzkaller #0 [ 2370.583097][T24256] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2370.593148][T24256] Call Trace: [ 2370.595522][T24253] loop0: detected capacity change from 0 to 1 [ 2370.596531][T24256] dump_stack_lvl+0xb7/0x103 [ 2370.596561][T24256] dump_stack+0x11/0x1a [ 2370.605744][T24260] loop3: detected capacity change from 0 to 2216 [ 2370.607178][T24256] should_fail+0x23c/0x250 [ 2370.622033][T24256] __should_failslab+0x81/0x90 [ 2370.626846][T24256] should_failslab+0x5/0x20 [ 2370.631391][T24256] kmem_cache_alloc_node_trace+0x58/0x2e0 [ 2370.637174][T24256] ? __kmalloc_node_track_caller+0x30/0x40 [ 2370.643053][T24256] ? kmem_cache_alloc_node+0x1d4/0x2b0 [ 2370.648547][T24256] __kmalloc_node_track_caller+0x30/0x40 [ 2370.654176][T24256] ? audit_log_start+0x33c/0x670 [ 2370.659110][T24256] __alloc_skb+0x187/0x420 [ 2370.663516][T24256] audit_log_start+0x33c/0x670 [ 2370.668294][T24256] ? kstrtoull+0x321/0x360 [ 2370.672702][T24256] audit_seccomp+0x45/0xf0 [ 2370.677107][T24256] __seccomp_filter+0x54b/0xf20 [ 2370.681952][T24256] ? vfs_write+0x50c/0x770 [ 2370.686357][T24256] __secure_computing+0xfb/0x140 [ 2370.691337][T24256] syscall_trace_enter+0x120/0x290 [ 2370.696444][T24256] ? switch_fpu_return+0xa/0x10 [ 2370.701311][T24256] ? exit_to_user_mode_prepare+0x65/0x190 [ 2370.707024][T24256] syscall_enter_from_user_mode+0x1c/0x20 [ 2370.712763][T24256] do_syscall_64+0x1e/0x90 [ 2370.717176][T24256] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2370.723066][T24256] RIP: 0033:0x4665d9 [ 2370.726949][T24256] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2370.746546][T24256] RSP: 002b:00007f08cbeb2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000065 05:24:36 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000ffffff852301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2370.754949][T24256] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2370.763019][T24256] RDX: 0000000000000000 RSI: 0000000000003480 RDI: 0000000000000007 [ 2370.770979][T24256] RBP: 00007f08cbeb21d0 R08: 0000000000000000 R09: 0000000000000000 [ 2370.778939][T24256] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2370.786898][T24256] R13: 00007fffe2cb7eef R14: 00007f08cbeb2300 R15: 0000000000022000 [ 2370.830857][T24253] loop0: p1 p2 p3 p4[EZD] [ 2370.837673][T24253] loop0: p1 start 10 is beyond EOD, truncated [ 2370.843794][T24253] loop0: p2 start 96 is beyond EOD, truncated [ 2370.849900][T24253] loop0: p3 start 225 is beyond EOD, truncated [ 2370.856043][T24253] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:24:36 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000ffffff8c2301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2370.877021][T24276] loop3: detected capacity change from 0 to 2216 [ 2370.900829][T24279] loop0: detected capacity change from 0 to 16400 05:24:36 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000000000edc02301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2370.956278][T24284] loop3: detected capacity change from 0 to 2216 [ 2371.056233][T24293] loop3: detected capacity change from 0 to 2216 05:24:38 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x0, 0x0}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:24:38 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800680000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:24:38 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000001d32301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2373.139559][T24304] loop3: detected capacity change from 0 to 2216 [ 2373.147925][T24305] loop0: detected capacity change from 0 to 1 [ 2373.187982][T24305] loop0: p1 p2 p3 p4[EZD] [ 2373.192695][T24305] loop0: p1 start 10 is beyond EOD, truncated [ 2373.198858][T24305] loop0: p2 start 104 is beyond EOD, truncated [ 2373.205018][T24305] loop0: p3 start 225 is beyond EOD, truncated [ 2373.211173][T24305] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:24:39 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x7, 0x0) 05:24:39 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000ffffffda2301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:24:39 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{0x0}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2373.466210][T24324] loop3: detected capacity change from 0 to 2216 05:24:39 executing program 2 (fault-call:10 fault-nth:3): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:24:39 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac0000000000630008006c0000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:24:39 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000001e82301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:24:39 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{0x0}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2373.590238][T24347] loop3: detected capacity change from 0 to 2216 [ 2373.595328][T24349] loop0: detected capacity change from 0 to 1 [ 2373.615374][T24351] FAULT_INJECTION: forcing a failure. [ 2373.615374][T24351] name failslab, interval 1, probability 0, space 0, times 0 [ 2373.628025][T24351] CPU: 0 PID: 24351 Comm: syz-executor.2 Tainted: G W 5.13.0-syzkaller #0 05:24:39 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000001e92301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2373.637920][T24351] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2373.648042][T24351] Call Trace: [ 2373.651349][T24351] dump_stack_lvl+0xb7/0x103 [ 2373.655927][T24351] dump_stack+0x11/0x1a [ 2373.660168][T24351] should_fail+0x23c/0x250 [ 2373.664574][T24351] ? sidtab_sid2str_get+0x9c/0x130 [ 2373.669793][T24351] __should_failslab+0x81/0x90 [ 2373.674565][T24351] should_failslab+0x5/0x20 [ 2373.679128][T24351] __kmalloc_track_caller+0x64/0x340 [ 2373.684421][T24351] ? vsnprintf+0xe8f/0xed0 [ 2373.688822][T24351] kmemdup+0x21/0x50 [ 2373.692721][T24351] sidtab_sid2str_get+0x9c/0x130 [ 2373.697662][T24351] security_sid_to_context_core+0x1cb/0x2d0 [ 2373.703587][T24351] security_sid_to_context+0x2c/0x40 [ 2373.708884][T24351] selinux_secid_to_secctx+0x25/0x30 [ 2373.714158][T24351] security_secid_to_secctx+0x45/0xa0 [ 2373.719538][T24351] audit_log_task_context+0x70/0x1a0 [ 2373.724841][T24351] audit_log_task+0xec/0x170 [ 2373.729408][T24351] audit_seccomp+0x5e/0xf0 [ 2373.733959][T24351] __seccomp_filter+0x54b/0xf20 [ 2373.738803][T24351] ? vfs_write+0x50c/0x770 [ 2373.743196][T24351] __secure_computing+0xfb/0x140 [ 2373.748175][T24351] syscall_trace_enter+0x120/0x290 [ 2373.753410][T24351] ? switch_fpu_return+0xa/0x10 [ 2373.758298][T24351] ? exit_to_user_mode_prepare+0x65/0x190 [ 2373.764039][T24351] syscall_enter_from_user_mode+0x1c/0x20 [ 2373.769754][T24351] do_syscall_64+0x1e/0x90 [ 2373.774180][T24351] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2373.780056][T24351] RIP: 0033:0x4665d9 [ 2373.783934][T24351] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2373.803531][T24351] RSP: 002b:00007f08cbeb2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000065 [ 2373.812082][T24351] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 [ 2373.820031][T24351] RDX: 0000000000000000 RSI: 0000000000003483 RDI: 0000000000000007 [ 2373.827981][T24351] RBP: 00007f08cbeb21d0 R08: 0000000000000000 R09: 0000000000000000 [ 2373.835942][T24351] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2373.843890][T24351] R13: 00007fffe2cb7eef R14: 00007f08cbeb2300 R15: 0000000000022000 05:24:39 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000fffffff02301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2373.897632][T24360] loop3: detected capacity change from 0 to 2216 [ 2373.897867][T24349] loop0: p1 p2 p3 p4[EZD] [ 2373.918543][T24349] loop0: p1 start 10 is beyond EOD, truncated [ 2373.924652][T24349] loop0: p2 start 108 is beyond EOD, truncated [ 2373.930857][T24349] loop0: p3 start 225 is beyond EOD, truncated [ 2373.937013][T24349] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2373.988346][T24366] loop0: detected capacity change from 0 to 16400 [ 2374.014899][T24373] loop3: detected capacity change from 0 to 2216 05:24:41 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x0, &(0x7f0000000140)}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:24:41 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800740000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:24:41 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000fffffff62301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2376.148702][T24381] loop3: detected capacity change from 0 to 2216 [ 2376.163298][ T25] kauditd_printk_skb: 244 callbacks suppressed [ 2376.163362][ T25] audit: type=1326 audit(1625635482.008:58970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=24382 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2376.194761][T24383] loop0: detected capacity change from 0 to 1 [ 2376.206101][ T25] audit: type=1326 audit(1625635482.048:58971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=24382 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=56 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2376.237987][ T25] audit: type=1326 audit(1625635482.048:58972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=24382 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2376.263818][T24383] loop0: p1 p2 p3 p4[EZD] [ 2376.264541][ T25] audit: type=1326 audit(1625635482.048:58973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=24382 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=186 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2376.269783][T24383] loop0: p1 start 10 is beyond EOD, truncated [ 2376.292638][ T25] audit: type=1326 audit(1625635482.048:58974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=24382 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2376.298609][T24383] loop0: p2 start 116 is beyond EOD, truncated [ 2376.298625][T24383] loop0: p3 start 225 is beyond EOD, [ 2376.323083][ T25] audit: type=1326 audit(1625635482.048:58975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=24382 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=61 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2376.328996][T24383] truncated [ 2376.334400][ T25] audit: type=1326 audit(1625635482.048:58976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=24387 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2376.358401][T24383] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2376.393143][ T25] audit: type=1326 audit(1625635482.048:58977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=24387 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=278 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2376.399473][T24392] loop0: detected capacity change from 0 to 1 [ 2376.420510][ T25] audit: type=1326 audit(1625635482.048:58978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=24387 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 05:24:42 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x8, 0x0) 05:24:42 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000fffffdf92301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2376.450544][ T25] audit: type=1326 audit(1625635482.048:58979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=24387 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=101 compat=0 ip=0x4665d9 code=0x7ffc0000 05:24:42 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac0000000000630008007a0000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2376.491298][T24405] loop3: detected capacity change from 0 to 2216 05:24:42 executing program 2 (fault-call:10 fault-nth:4): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:24:42 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000007fc2301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:24:42 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2376.604316][T24418] loop0: detected capacity change from 0 to 1 [ 2376.619294][T24422] loop3: detected capacity change from 0 to 2216 [ 2376.638181][T24418] loop0: p1 p2 p3 p4[EZD] [ 2376.646894][T24418] loop0: p1 start 10 is beyond EOD, truncated [ 2376.648598][T24429] FAULT_INJECTION: forcing a failure. [ 2376.648598][T24429] name failslab, interval 1, probability 0, space 0, times 0 [ 2376.653052][T24418] loop0: p2 start 122 is beyond EOD, truncated [ 2376.665613][T24429] CPU: 1 PID: 24429 Comm: syz-executor.2 Tainted: G W 5.13.0-syzkaller #0 [ 2376.671761][T24418] loop0: p3 start 225 is beyond EOD, truncated [ 2376.681520][T24429] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2376.687661][T24418] loop0: p4 size 3657465856 extends beyond EOD, [ 2376.697691][T24429] Call Trace: [ 2376.697701][T24429] dump_stack_lvl+0xb7/0x103 [ 2376.704003][T24418] truncated [ 2376.714908][T24429] dump_stack+0x11/0x1a [ 2376.719113][T24429] should_fail+0x23c/0x250 [ 2376.723569][T24429] __should_failslab+0x81/0x90 [ 2376.728321][T24429] ? audit_log_d_path+0x97/0x200 [ 2376.733249][T24429] should_failslab+0x5/0x20 [ 2376.737739][T24429] kmem_cache_alloc_trace+0x49/0x310 [ 2376.743015][T24429] ? get_mm_exe_file+0x65/0xb0 [ 2376.747767][T24429] audit_log_d_path+0x97/0x200 [ 2376.752710][T24429] audit_log_d_path_exe+0x3e/0x70 [ 2376.757734][T24429] audit_log_task+0x148/0x170 [ 2376.762398][T24429] audit_seccomp+0x5e/0xf0 [ 2376.766799][T24429] __seccomp_filter+0x54b/0xf20 [ 2376.771641][T24429] ? vfs_write+0x50c/0x770 [ 2376.776046][T24429] __secure_computing+0xfb/0x140 [ 2376.780981][T24429] syscall_trace_enter+0x120/0x290 [ 2376.786160][T24429] ? switch_fpu_return+0xa/0x10 [ 2376.791045][T24429] ? exit_to_user_mode_prepare+0x65/0x190 [ 2376.796756][T24429] syscall_enter_from_user_mode+0x1c/0x20 [ 2376.802469][T24429] do_syscall_64+0x1e/0x90 [ 2376.806922][T24429] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2376.812814][T24429] RIP: 0033:0x4665d9 [ 2376.816697][T24429] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2376.836332][T24429] RSP: 002b:00007f08cbeb2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000065 [ 2376.844768][T24429] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 05:24:42 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000fffffdfd2301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2376.852747][T24429] RDX: 0000000000000000 RSI: 0000000000003486 RDI: 0000000000000007 [ 2376.860709][T24429] RBP: 00007f08cbeb21d0 R08: 0000000000000000 R09: 0000000000000000 [ 2376.868715][T24429] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2376.876678][T24429] R13: 00007fffe2cb7eef R14: 00007f08cbeb2300 R15: 0000000000022000 [ 2376.928328][T24430] loop0: detected capacity change from 0 to 1 [ 2376.955680][T24439] loop3: detected capacity change from 0 to 2216 [ 2376.964349][T24430] loop0: p1 p2 p3 p4[EZD] [ 2376.969656][T24430] loop0: p1 start 10 is beyond EOD, truncated 05:24:42 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000fffffffe2301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:24:42 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac00000000006300088c7e0000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2376.975749][T24430] loop0: p2 start 122 is beyond EOD, truncated [ 2376.981951][T24430] loop0: p3 start 225 is beyond EOD, truncated [ 2376.988143][T24430] loop0: p4 size 3657465856 extends beyond EOD, [ 2376.994467][T24430] truncated [ 2377.048320][T24446] loop3: detected capacity change from 0 to 2216 [ 2377.091595][T24455] loop0: detected capacity change from 0 to 1 [ 2377.138179][T24455] loop0: p1 p2 p3 p4[EZD] [ 2377.152426][T24455] loop0: p1 start 10 is beyond EOD, truncated [ 2377.158594][T24455] loop0: p2 start 126 is beyond EOD, truncated [ 2377.164725][T24455] loop0: p3 start 225 is beyond EOD, truncated [ 2377.171000][T24455] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:24:45 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x0, &(0x7f0000000140)}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:24:45 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000000000fff2301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:24:45 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000804800000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2379.164130][T24467] loop3: detected capacity change from 0 to 2216 [ 2379.175996][T24471] loop0: detected capacity change from 0 to 1 [ 2379.238153][T24471] loop0: p1 p2 p3 p4[EZD] [ 2379.242629][T24471] loop0: p1 start 10 is beyond EOD, truncated [ 2379.248717][T24471] loop0: p2 start 128 is beyond EOD, truncated [ 2379.254911][T24471] loop0: p3 start 225 is beyond EOD, truncated [ 2379.261077][T24471] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2379.310753][T24480] loop0: detected capacity change from 0 to 1 [ 2379.358450][T24480] loop0: p1 p2 p3 p4[EZD] [ 2379.363425][T24480] loop0: p1 start 10 is beyond EOD, truncated [ 2379.369527][T24480] loop0: p2 start 128 is beyond EOD, truncated [ 2379.375677][T24480] loop0: p3 start 225 is beyond EOD, truncated [ 2379.381832][T24480] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2379.391579][ T1037] loop0: p1 p2 p3 p4[EZD] [ 2379.396308][ T1037] loop0: p1 start 10 is beyond EOD, truncated [ 2379.402441][ T1037] loop0: p2 start 128 is beyond EOD, truncated [ 2379.408643][ T1037] loop0: p3 start 225 is beyond EOD, truncated [ 2379.414801][ T1037] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:24:45 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x9, 0x0) 05:24:45 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000fffff7ff2301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:24:45 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000803840000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2379.514464][T24501] loop3: detected capacity change from 0 to 2216 [ 2379.533103][T24502] loop0: detected capacity change from 0 to 1 05:24:45 executing program 2 (fault-call:10 fault-nth:5): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:24:45 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000fffffbff2301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:24:45 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2379.589469][T24502] loop0: p1 p2 p3 p4[EZD] [ 2379.594895][T24502] loop0: p1 start 10 is beyond EOD, truncated [ 2379.601015][T24502] loop0: p2 start 132 is beyond EOD, truncated [ 2379.607175][T24502] loop0: p3 start 225 is beyond EOD, truncated [ 2379.613349][T24502] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2379.652708][T24523] FAULT_INJECTION: forcing a failure. [ 2379.652708][T24523] name failslab, interval 1, probability 0, space 0, times 0 [ 2379.665407][T24523] CPU: 1 PID: 24523 Comm: syz-executor.2 Tainted: G W 5.13.0-syzkaller #0 [ 2379.665549][T24524] loop3: detected capacity change from 0 to 2216 [ 2379.675223][T24523] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2379.675235][T24523] Call Trace: [ 2379.675243][T24523] dump_stack_lvl+0xb7/0x103 [ 2379.699464][T24523] dump_stack+0x11/0x1a [ 2379.703696][T24523] should_fail+0x23c/0x250 [ 2379.708108][T24523] ? audit_log_start+0x320/0x670 [ 2379.713050][T24523] __should_failslab+0x81/0x90 [ 2379.717809][T24523] should_failslab+0x5/0x20 [ 2379.722330][T24523] kmem_cache_alloc+0x46/0x2e0 [ 2379.727113][T24523] audit_log_start+0x320/0x670 [ 2379.731876][T24523] audit_seccomp+0x45/0xf0 [ 2379.736281][T24523] __seccomp_filter+0x54b/0xf20 [ 2379.741147][T24523] ? copy_fpregs_to_fpstate+0xd8/0x110 [ 2379.746600][T24523] __secure_computing+0xfb/0x140 [ 2379.751527][T24523] syscall_trace_enter+0x120/0x290 [ 2379.756633][T24523] ? switch_fpu_return+0xa/0x10 [ 2379.761549][T24523] ? exit_to_user_mode_prepare+0x65/0x190 [ 2379.767259][T24523] syscall_enter_from_user_mode+0x1c/0x20 [ 2379.772998][T24523] do_syscall_64+0x1e/0x90 [ 2379.777467][T24523] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2379.783357][T24523] RIP: 0033:0x41935c [ 2379.787292][T24523] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48 [ 2379.806984][T24523] RSP: 002b:00007f08cbeb2170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 2379.815387][T24523] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000041935c [ 2379.823392][T24523] RDX: 000000000000000f RSI: 00007f08cbeb21e0 RDI: 0000000000000003 [ 2379.831349][T24523] RBP: 00007f08cbeb21d0 R08: 0000000000000000 R09: 0000000000000000 [ 2379.839310][T24523] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2379.847266][T24523] R13: 00007fffe2cb7eef R14: 00007f08cbeb2300 R15: 0000000000022000 05:24:45 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000001fffff2301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2379.881177][T24531] loop0: detected capacity change from 0 to 16400 05:24:45 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac00000000006300087e8c0000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2379.956738][T24537] loop3: detected capacity change from 0 to 2216 05:24:45 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000fff7ffff2301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2379.997004][T24542] loop0: detected capacity change from 0 to 1 [ 2380.032545][T24542] loop0: p1 p2 p3 p4[EZD] [ 2380.037582][T24542] loop0: p1 start 10 is beyond EOD, truncated [ 2380.043728][T24542] loop0: p2 start 140 is beyond EOD, truncated [ 2380.049921][T24542] loop0: p3 start 225 is beyond EOD, truncated [ 2380.056086][T24542] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2380.078283][T24549] loop0: detected capacity change from 0 to 1 [ 2380.085114][T24556] loop3: detected capacity change from 0 to 2216 [ 2380.118825][T24549] loop0: p1 p2 p3 p4[EZD] [ 2380.124690][T24549] loop0: p1 start 10 is beyond EOD, truncated [ 2380.130892][T24549] loop0: p2 start 140 is beyond EOD, truncated [ 2380.137042][T24549] loop0: p3 start 225 is beyond EOD, truncated [ 2380.143241][T24549] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2380.152406][ T1037] loop0: p1 p2 p3 p4[EZD] [ 2380.157424][ T1037] loop0: p1 start 10 is beyond EOD, truncated [ 2380.163584][ T1037] loop0: p2 start 140 is beyond EOD, truncated [ 2380.169814][ T1037] loop0: p3 start 225 is beyond EOD, truncated [ 2380.175957][ T1037] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:24:48 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x0, &(0x7f0000000140)}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:24:48 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000fffbffff2301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:24:48 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800900000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2382.189550][T24573] loop0: detected capacity change from 0 to 1 [ 2382.200196][T24577] loop3: detected capacity change from 0 to 2216 [ 2382.208732][ T25] kauditd_printk_skb: 235 callbacks suppressed [ 2382.208743][ T25] audit: type=1326 audit(1625635488.058:59213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=24574 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2382.246343][ T25] audit: type=1326 audit(1625635488.088:59214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=24574 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=56 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2382.273783][ T25] audit: type=1326 audit(1625635488.088:59215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=24574 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2382.298650][ T25] audit: type=1326 audit(1625635488.088:59216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=24574 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=186 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2382.323767][T24573] loop0: p1 p2 p3 p4[EZD] [ 2382.328854][T24573] loop0: p1 start 10 is beyond EOD, truncated [ 2382.334958][T24573] loop0: p2 start 144 is beyond EOD, truncated [ 2382.335328][ T25] audit: type=1326 audit(1625635488.088:59217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=24574 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2382.341125][T24573] loop0: p3 start 225 is beyond EOD, truncated [ 2382.370784][ T25] audit: type=1326 audit(1625635488.088:59218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=24574 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=61 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2382.371445][T24573] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2382.395995][ T25] audit: type=1326 audit(1625635488.088:59219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=24583 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2382.427531][ T25] audit: type=1326 audit(1625635488.088:59220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=24583 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2382.451958][ T25] audit: type=1326 audit(1625635488.118:59221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=24583 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=278 compat=0 ip=0x4665d9 code=0x7ffc0000 05:24:48 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0xa, 0x0) 05:24:48 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000f9fdffff2301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2382.476498][ T25] audit: type=1326 audit(1625635488.118:59222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=24583 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2382.501491][T24582] loop0: detected capacity change from 0 to 1 [ 2382.535269][T24599] loop3: detected capacity change from 0 to 2216 [ 2382.541929][T24582] loop0: p1 p2 p3 p4[EZD] 05:24:48 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800c00000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2382.546577][T24582] loop0: p1 start 10 is beyond EOD, truncated [ 2382.552694][T24582] loop0: p2 start 144 is beyond EOD, truncated [ 2382.558880][T24582] loop0: p3 start 225 is beyond EOD, truncated [ 2382.565030][T24582] loop0: p4 size 3657465856 extends beyond EOD, [ 2382.565056][T24582] truncated 05:24:48 executing program 2 (fault-call:10 fault-nth:6): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:24:48 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000fdfdffff2301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:24:48 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2382.673162][T24615] loop0: detected capacity change from 0 to 1 [ 2382.681365][T24618] loop3: detected capacity change from 0 to 2216 [ 2382.690412][T24620] FAULT_INJECTION: forcing a failure. [ 2382.690412][T24620] name failslab, interval 1, probability 0, space 0, times 0 [ 2382.703108][T24620] CPU: 1 PID: 24620 Comm: syz-executor.2 Tainted: G W 5.13.0-syzkaller #0 [ 2382.712924][T24620] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2382.723033][T24620] Call Trace: [ 2382.726301][T24620] dump_stack_lvl+0xb7/0x103 [ 2382.730890][T24620] dump_stack+0x11/0x1a [ 2382.735037][T24620] should_fail+0x23c/0x250 [ 2382.739470][T24620] __should_failslab+0x81/0x90 [ 2382.744249][T24620] should_failslab+0x5/0x20 [ 2382.748740][T24620] kmem_cache_alloc_node+0x58/0x2b0 [ 2382.753992][T24620] ? should_fail+0xd6/0x250 [ 2382.758487][T24620] ? __alloc_skb+0xed/0x420 [ 2382.763012][T24620] __alloc_skb+0xed/0x420 [ 2382.767338][T24620] audit_log_start+0x33c/0x670 [ 2382.772096][T24620] audit_seccomp+0x45/0xf0 [ 2382.776502][T24620] __seccomp_filter+0x54b/0xf20 [ 2382.781412][T24620] ? copy_fpregs_to_fpstate+0xd8/0x110 [ 2382.786970][T24620] __secure_computing+0xfb/0x140 [ 2382.791909][T24620] syscall_trace_enter+0x120/0x290 [ 2382.797009][T24620] ? switch_fpu_return+0xa/0x10 [ 2382.801874][T24620] ? exit_to_user_mode_prepare+0x65/0x190 [ 2382.807633][T24620] syscall_enter_from_user_mode+0x1c/0x20 [ 2382.813353][T24620] do_syscall_64+0x1e/0x90 [ 2382.817772][T24620] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2382.823668][T24620] RIP: 0033:0x41935c [ 2382.827560][T24620] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48 [ 2382.847283][T24620] RSP: 002b:00007f08cbeb2170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 2382.855686][T24620] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000041935c [ 2382.863742][T24620] RDX: 000000000000000f RSI: 00007f08cbeb21e0 RDI: 0000000000000003 05:24:48 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000007fffffff2301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2382.871704][T24620] RBP: 00007f08cbeb21d0 R08: 0000000000000000 R09: 0000000000000000 [ 2382.879662][T24620] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2382.887632][T24620] R13: 00007fffe2cb7eef R14: 00007f08cbeb2300 R15: 0000000000022000 [ 2382.908096][ T1037] loop0: p1 p2 p3 p4[EZD] [ 2382.912678][ T1037] loop0: p1 start 10 is beyond EOD, truncated [ 2382.918763][ T1037] loop0: p2 start 192 is beyond EOD, truncated [ 2382.924956][ T1037] loop0: p3 start 225 is beyond EOD, truncated [ 2382.931167][ T1037] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2382.939731][T24615] loop0: p1 p2 p3 p4[EZD] [ 2382.944313][T24615] loop0: p1 start 10 is beyond EOD, truncated [ 2382.950408][T24615] loop0: p2 start 192 is beyond EOD, truncated [ 2382.956561][T24615] loop0: p3 start 225 is beyond EOD, truncated [ 2382.962823][T24615] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:24:48 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000085ffffff2301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2382.994601][T24637] loop3: detected capacity change from 0 to 2216 [ 2383.021691][T24643] loop0: detected capacity change from 0 to 16400 05:24:48 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000801d60000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2383.088128][T24648] loop3: detected capacity change from 0 to 2216 [ 2383.187347][T24658] loop0: detected capacity change from 0 to 1 [ 2383.218038][T24658] loop0: p1 p2 p3 p4[EZD] [ 2383.222675][T24658] loop0: p1 start 10 is beyond EOD, truncated [ 2383.228806][T24658] loop0: p2 start 214 is beyond EOD, truncated [ 2383.234954][T24658] loop0: p3 start 225 is beyond EOD, truncated [ 2383.241167][T24658] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2383.288784][T24661] loop0: detected capacity change from 0 to 1 [ 2383.328390][T24661] loop0: p1 p2 p3 p4[EZD] [ 2383.333035][T24661] loop0: p1 start 10 is beyond EOD, truncated [ 2383.339152][T24661] loop0: p2 start 214 is beyond EOD, truncated [ 2383.345315][T24661] loop0: p3 start 225 is beyond EOD, truncated [ 2383.351471][T24661] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:24:51 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x2, &(0x7f0000000140)="f479"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:24:51 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000008cffffff2301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:24:51 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800f40000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2385.206130][T24674] loop3: detected capacity change from 0 to 2216 [ 2385.215495][T24676] loop0: detected capacity change from 0 to 1 [ 2385.268096][T24676] loop0: p1 p2 p3 p4[EZD] [ 2385.272896][T24676] loop0: p1 start 10 is beyond EOD, truncated [ 2385.279138][T24676] loop0: p2 start 244 is beyond EOD, truncated [ 2385.285294][T24676] loop0: p3 start 225 is beyond EOD, truncated [ 2385.291470][T24676] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2385.350450][T24688] loop0: detected capacity change from 0 to 16400 05:24:51 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0xb, 0x0) 05:24:51 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000daffffff2301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:24:51 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x2, &(0x7f0000000140)="f479"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2385.551940][T24705] loop3: detected capacity change from 0 to 2216 05:24:51 executing program 2 (fault-call:10 fault-nth:7): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:24:51 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000804f50000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2385.682926][T24718] loop0: detected capacity change from 0 to 1 [ 2385.685037][T24720] FAULT_INJECTION: forcing a failure. [ 2385.685037][T24720] name failslab, interval 1, probability 0, space 0, times 0 [ 2385.701740][T24720] CPU: 1 PID: 24720 Comm: syz-executor.2 Tainted: G W 5.13.0-syzkaller #0 [ 2385.711590][T24720] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2385.721631][T24720] Call Trace: [ 2385.724910][T24720] dump_stack_lvl+0xb7/0x103 [ 2385.729499][T24720] dump_stack+0x11/0x1a [ 2385.733721][T24720] should_fail+0x23c/0x250 [ 2385.738169][T24720] __should_failslab+0x81/0x90 [ 2385.743012][T24720] should_failslab+0x5/0x20 [ 2385.747517][T24720] kmem_cache_alloc_node_trace+0x58/0x2e0 [ 2385.753242][T24720] ? __kmalloc_node_track_caller+0x30/0x40 [ 2385.759131][T24720] ? kmem_cache_alloc_node+0x1d4/0x2b0 [ 2385.764600][T24720] __kmalloc_node_track_caller+0x30/0x40 [ 2385.770227][T24720] ? audit_log_start+0x33c/0x670 [ 2385.775166][T24720] __alloc_skb+0x187/0x420 [ 2385.779669][T24720] audit_log_start+0x33c/0x670 [ 2385.784426][T24720] ? default_send_IPI_single+0x42/0x50 [ 2385.789879][T24720] audit_seccomp+0x45/0xf0 [ 2385.794331][T24720] __seccomp_filter+0x54b/0xf20 [ 2385.799271][T24720] ? copy_fpregs_to_fpstate+0xd8/0x110 [ 2385.804731][T24720] __secure_computing+0xfb/0x140 [ 2385.809681][T24720] syscall_trace_enter+0x120/0x290 [ 2385.814791][T24720] ? switch_fpu_return+0xa/0x10 [ 2385.819683][T24720] ? exit_to_user_mode_prepare+0x65/0x190 [ 2385.825525][T24720] syscall_enter_from_user_mode+0x1c/0x20 [ 2385.831250][T24720] do_syscall_64+0x1e/0x90 [ 2385.835679][T24720] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2385.841570][T24720] RIP: 0033:0x41935c [ 2385.845451][T24720] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48 [ 2385.865161][T24720] RSP: 002b:00007f08cbeb2170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 2385.873653][T24720] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000041935c 05:24:51 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f", 0x1}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:24:51 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000f0ffffff2301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2385.881701][T24720] RDX: 000000000000000f RSI: 00007f08cbeb21e0 RDI: 0000000000000003 [ 2385.889665][T24720] RBP: 00007f08cbeb21d0 R08: 0000000000000000 R09: 0000000000000000 [ 2385.897623][T24720] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2385.905584][T24720] R13: 00007fffe2cb7eef R14: 00007f08cbeb2300 R15: 0000000000022000 [ 2385.922122][T24727] loop3: detected capacity change from 0 to 2216 [ 2385.929268][T24718] loop0: p1 p2 p3 p4[EZD] 05:24:51 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000f6ffffff2301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2385.933903][T24718] loop0: p1 start 10 is beyond EOD, truncated [ 2385.940030][T24718] loop0: p2 start 245 is beyond EOD, truncated [ 2385.946209][T24718] loop0: p3 start 225 is beyond EOD, truncated [ 2385.952388][T24718] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2386.010262][T24725] loop0: detected capacity change from 0 to 1 [ 2386.034977][T24739] loop3: detected capacity change from 0 to 2216 [ 2386.041705][T24725] loop0: p1 p2 p3 p4[EZD] [ 2386.047677][T24725] loop0: p1 start 10 is beyond EOD, truncated [ 2386.053826][T24725] loop0: p2 start 245 is beyond EOD, truncated [ 2386.059978][T24725] loop0: p3 start 225 is beyond EOD, truncated [ 2386.066134][T24725] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2386.088234][ T1037] loop0: p1 p2 p3 p4[EZD] [ 2386.092882][ T1037] loop0: p1 start 10 is beyond EOD, truncated [ 2386.098978][ T1037] loop0: p2 start 245 is beyond EOD, truncated 05:24:51 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000801fc0000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:24:51 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000feffffff2301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2386.105253][ T1037] loop0: p3 start 225 is beyond EOD, truncated [ 2386.111448][ T1037] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:24:52 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000000000101000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2386.170027][T24748] loop3: detected capacity change from 0 to 2216 [ 2386.201837][T24754] loop0: detected capacity change from 0 to 1 05:24:52 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000000002101000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2386.243882][T24754] loop0: p1 p2 p3 p4[EZD] [ 2386.248722][T24754] loop0: p1 start 10 is beyond EOD, truncated [ 2386.254809][T24754] loop0: p2 start 252 is beyond EOD, truncated [ 2386.256994][T24761] loop3: detected capacity change from 0 to 2216 [ 2386.260999][T24754] loop0: p3 start 225 is beyond EOD, truncated [ 2386.273627][T24754] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2386.358157][T24768] loop3: detected capacity change from 0 to 2216 05:24:54 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac00000000006300080fff0000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:24:54 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0xc, 0x0) 05:24:54 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x2, &(0x7f0000000140)="f479"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2388.554767][T24777] loop0: detected capacity change from 0 to 1 [ 2388.573907][ T25] kauditd_printk_skb: 240 callbacks suppressed [ 2388.573919][ T25] audit: type=1326 audit(1625635494.418:59459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=24783 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2388.606144][ T25] audit: type=1326 audit(1625635494.428:59460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=24782 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2388.630765][ T25] audit: type=1326 audit(1625635494.428:59461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=24782 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2388.636425][T24777] loop0: p1 p2 p3 p4[EZD] [ 2388.656424][ T25] audit: type=1326 audit(1625635494.428:59462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=24783 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=56 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2388.664716][T24777] loop0: p1 start 10 is beyond EOD, truncated [ 2388.686139][ T25] audit: type=1326 audit(1625635494.428:59463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=24783 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2388.689664][T24777] loop0: p2 start 255 is beyond EOD, truncated [ 2388.714852][ T25] audit: type=1326 audit(1625635494.428:59464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=24783 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=186 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2388.720019][T24777] loop0: p3 start 225 is beyond EOD, truncated 05:24:54 executing program 2 (fault-call:10 fault-nth:8): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:24:54 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000000002201000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:24:54 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f", 0x1}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2388.750400][T24777] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2388.755851][ T25] audit: type=1326 audit(1625635494.428:59465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=24783 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2388.794311][T24801] loop3: detected capacity change from 0 to 2216 [ 2388.807439][ T25] audit: type=1326 audit(1625635494.428:59466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=24783 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=61 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2388.832895][ T25] audit: type=1326 audit(1625635494.428:59467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=24782 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=56 compat=0 ip=0x4665d9 code=0x7ffc0000 05:24:54 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:24:54 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000200002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2388.859302][ T25] audit: type=1326 audit(1625635494.428:59468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=24782 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2388.886039][T24777] loop0: detected capacity change from 0 to 1 05:24:54 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000300002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2388.935574][T24820] loop3: detected capacity change from 0 to 2216 [ 2388.942424][T24777] loop0: p1 p2 p3 p4[EZD] [ 2388.947618][T24777] loop0: p1 start 10 is beyond EOD, truncated [ 2388.953743][T24777] loop0: p2 start 255 is beyond EOD, truncated [ 2388.959907][T24777] loop0: p3 start 225 is beyond EOD, truncated [ 2388.966175][T24777] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:24:54 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800000200000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2389.018505][ T1037] loop0: p1 p2 p3 p4[EZD] [ 2389.023254][ T1037] loop0: p1 start 10 is beyond EOD, truncated [ 2389.029368][ T1037] loop0: p2 start 255 is beyond EOD, truncated [ 2389.035523][ T1037] loop0: p3 start 225 is beyond EOD, truncated [ 2389.041677][ T1037] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:24:54 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000400002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2389.064958][T24832] loop3: detected capacity change from 0 to 2216 [ 2389.088565][T24829] loop0: detected capacity change from 0 to 1 [ 2389.108095][ T1037] loop0: p1 p2 p3 p4[EZD] [ 2389.112660][ T1037] loop0: p1 start 10 is beyond EOD, truncated [ 2389.118835][ T1037] loop0: p2 start 512 is beyond EOD, truncated [ 2389.125029][ T1037] loop0: p3 start 225 is beyond EOD, truncated [ 2389.131203][ T1037] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2389.138467][T24842] loop3: detected capacity change from 0 to 2216 [ 2389.145509][T24829] loop0: p1 p2 p3 p4[EZD] [ 2389.150227][T24829] loop0: p1 start 10 is beyond EOD, truncated [ 2389.156310][T24829] loop0: p2 start 512 is beyond EOD, truncated [ 2389.162492][T24829] loop0: p3 start 225 is beyond EOD, truncated 05:24:55 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000500002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2389.168679][T24829] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:24:55 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000600002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2389.228575][T24853] loop0: detected capacity change from 0 to 16400 [ 2389.235425][T24854] loop3: detected capacity change from 0 to 2216 [ 2389.346095][T24861] loop3: detected capacity change from 0 to 2216 05:24:57 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0xd, 0x0) 05:24:57 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800000400000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:24:57 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000700002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:24:57 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xffffffffffffffff, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2391.601393][T24878] loop0: detected capacity change from 0 to 1 [ 2391.610641][T24880] loop3: detected capacity change from 0 to 2216 [ 2391.650262][T24878] loop0: p1 p2 p3 p4[EZD] [ 2391.654936][T24878] loop0: p1 start 10 is beyond EOD, truncated [ 2391.661033][T24878] loop0: p2 start 1024 is beyond EOD, truncated [ 2391.667312][T24878] loop0: p3 start 225 is beyond EOD, truncated [ 2391.673473][T24878] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2391.721018][T24888] loop0: detected capacity change from 0 to 1 05:24:57 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f", 0x1}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2391.761306][T24888] loop0: p1 p2 p3 p4[EZD] [ 2391.765831][T24888] loop0: p1 start 10 is beyond EOD, truncated [ 2391.771915][T24888] loop0: p2 start 1024 is beyond EOD, truncated [ 2391.778151][T24888] loop0: p3 start 225 is beyond EOD, truncated [ 2391.784305][T24888] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:24:57 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x3, r0, 0x0, 0x0) 05:24:57 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000800002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:24:57 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0xffffffffffffffff, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:24:57 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800000800000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:24:57 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0xffffffffffffffff, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:24:57 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0xffffffffffffffff, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2391.878532][ T1037] loop0: p1 p2 p3 p4[EZD] [ 2391.883142][ T1037] loop0: p1 start 10 is beyond EOD, truncated [ 2391.889240][ T1037] loop0: p2 start 1024 is beyond EOD, truncated [ 2391.895485][ T1037] loop0: p3 start 225 is beyond EOD, truncated [ 2391.901716][ T1037] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2391.919091][T24908] loop3: detected capacity change from 0 to 2216 05:24:57 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000900002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2391.969131][T24913] loop0: detected capacity change from 0 to 1 [ 2391.998695][T24913] loop0: p1 p2 p3 p4[EZD] [ 2392.003209][T24913] loop0: p1 start 10 is beyond EOD, truncated [ 2392.007876][T24934] loop3: detected capacity change from 0 to 2216 [ 2392.009383][T24913] loop0: p2 start 2048 is beyond EOD, truncated [ 2392.021969][T24913] loop0: p3 start 225 is beyond EOD, truncated [ 2392.028143][T24913] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2392.088337][T24943] loop0: detected capacity change from 0 to 16400 05:25:00 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0xe, 0x0) 05:25:00 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:25:00 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000a00002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:25:00 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000840000800000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:25:00 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xffffffffffffffff, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2394.600378][T24953] loop3: detected capacity change from 0 to 2216 [ 2394.647662][ T25] kauditd_printk_skb: 279 callbacks suppressed [ 2394.653867][ T25] audit: type=1326 audit(1625635500.488:59748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=24951 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2394.680051][ T25] audit: type=1326 audit(1625635500.498:59749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=24951 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=56 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2394.706202][T24962] loop0: detected capacity change from 0 to 1 [ 2394.712789][ T25] audit: type=1326 audit(1625635500.498:59750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=24951 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2394.737744][ T25] audit: type=1326 audit(1625635500.498:59751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=24951 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=186 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2394.762655][T24962] loop0: p1 p2 p3 p4[EZD] [ 2394.763524][ T25] audit: type=1326 audit(1625635500.498:59752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=24951 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2394.767220][T24962] loop0: p1 start 10 is beyond EOD, truncated [ 2394.792210][ T25] audit: type=1326 audit(1625635500.498:59753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=24951 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=61 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2394.797402][T24962] loop0: p2 start 2048 is beyond EOD, truncated [ 2394.827722][T24962] loop0: p3 start 225 is beyond EOD, truncated [ 2394.833113][ T25] audit: type=1326 audit(1625635500.498:59754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=24959 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2394.833956][T24962] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2394.861470][ T25] audit: type=1326 audit(1625635500.498:59755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=24959 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=56 compat=0 ip=0x4665d9 code=0x7ffc0000 05:25:00 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x8, r0, 0x0, 0x0) 05:25:00 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:25:00 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000b00002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:25:00 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x10, 0x0) [ 2394.889911][ T25] audit: type=1326 audit(1625635500.498:59756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=24959 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2394.914319][ T25] audit: type=1326 audit(1625635500.498:59757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=24959 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=186 compat=0 ip=0x4665d9 code=0x7ffc0000 05:25:00 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800001000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:25:00 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2394.989004][T24985] loop3: detected capacity change from 0 to 2216 05:25:00 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:25:00 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000c00002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2395.031004][T25001] loop0: detected capacity change from 0 to 1 05:25:01 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000d00002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2395.097991][T25001] loop0: p1 p2 p3 p4[EZD] [ 2395.098276][T25016] loop3: detected capacity change from 0 to 2216 [ 2395.102668][T25001] loop0: p1 start 10 is beyond EOD, truncated [ 2395.114822][T25001] loop0: p2 start 4096 is beyond EOD, truncated [ 2395.121102][T25001] loop0: p3 start 225 is beyond EOD, truncated [ 2395.127249][T25001] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:25:01 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800002000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:25:01 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000e00002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2395.207034][T25028] loop3: detected capacity change from 0 to 2216 [ 2395.260760][T25034] loop0: detected capacity change from 0 to 1 [ 2395.291586][T25040] loop3: detected capacity change from 0 to 2216 [ 2395.298665][T25034] loop0: p1 p2 p3 p4[EZD] [ 2395.303378][T25034] loop0: p1 start 10 is beyond EOD, truncated [ 2395.309552][T25034] loop0: p2 start 8192 is beyond EOD, truncated [ 2395.315807][T25034] loop0: p3 start 225 is beyond EOD, truncated [ 2395.321990][T25034] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2395.348420][T25046] loop0: detected capacity change from 0 to 16400 05:25:03 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xffffffffffffffff, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:25:03 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0xa, r0, 0x0, 0x0) 05:25:03 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000f00002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:25:03 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800009000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:25:03 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x11, 0x0) [ 2397.990843][T25062] loop3: detected capacity change from 0 to 2216 [ 2398.005821][T25063] loop0: detected capacity change from 0 to 1 05:25:03 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000001000002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:25:03 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2398.048064][T25063] loop0: p1 p2 p3 p4[EZD] [ 2398.052721][T25063] loop0: p1 start 10 is beyond EOD, truncated [ 2398.058843][T25063] loop0: p2 start 36864 is beyond EOD, truncated [ 2398.065218][T25063] loop0: p3 start 225 is beyond EOD, truncated [ 2398.071461][T25063] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:25:03 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac00000000006300080000c000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:25:03 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000001100002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2398.098487][T25084] loop3: detected capacity change from 0 to 2216 [ 2398.160366][T25095] loop0: detected capacity change from 0 to 1 [ 2398.176953][T25100] loop3: detected capacity change from 0 to 2216 [ 2398.198905][T25095] loop0: p1 p2 p3 p4[EZD] [ 2398.204230][T25095] loop0: p1 start 10 is beyond EOD, truncated 05:25:04 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000001200002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2398.210358][T25095] loop0: p2 start 49152 is beyond EOD, truncated [ 2398.216694][T25095] loop0: p3 start 225 is beyond EOD, truncated [ 2398.222958][T25095] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:25:04 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000001300002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:25:04 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800000001000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2398.256661][T25108] loop3: detected capacity change from 0 to 2216 [ 2398.263770][T25104] loop0: detected capacity change from 0 to 1 [ 2398.356587][T25116] loop3: detected capacity change from 0 to 2216 [ 2398.409894][T25121] loop0: detected capacity change from 0 to 1 [ 2398.458354][T25121] loop0: p1 p2 p3 p4[EZD] [ 2398.463117][T25121] loop0: p1 start 10 is beyond EOD, truncated [ 2398.469378][T25121] loop0: p2 start 65536 is beyond EOD, truncated [ 2398.475719][T25121] loop0: p3 start 225 is beyond EOD, truncated [ 2398.481889][T25121] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:25:06 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2400.660360][ T25] kauditd_printk_skb: 295 callbacks suppressed [ 2400.660372][ T25] audit: type=1326 audit(1625635506.508:60053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=25134 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2400.690897][ T25] audit: type=1326 audit(1625635506.508:60054): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=25134 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=56 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2400.715129][ T25] audit: type=1326 audit(1625635506.508:60055): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=25134 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2400.739543][ T25] audit: type=1326 audit(1625635506.508:60056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=25134 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2400.763744][ T25] audit: type=1326 audit(1625635506.508:60057): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=25134 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=186 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2400.788362][ T25] audit: type=1326 audit(1625635506.508:60058): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=25134 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2400.812862][ T25] audit: type=1326 audit(1625635506.508:60059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=25134 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2400.837038][ T25] audit: type=1326 audit(1625635506.508:60060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=25134 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=61 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2400.861139][ T25] audit: type=1326 audit(1625635506.508:60061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=25136 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2400.885474][ T25] audit: type=1326 audit(1625635506.508:60062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=25136 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=278 compat=0 ip=0x4665d9 code=0x7ffc0000 05:25:06 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x64, r0, 0x0, 0x0) 05:25:06 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000001400002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:25:06 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800000002000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:25:06 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x12, 0x0) [ 2400.994471][T25139] loop0: detected capacity change from 0 to 1 [ 2401.017638][T25145] loop3: detected capacity change from 0 to 2216 05:25:06 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000001500002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:25:06 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2401.051314][T25139] loop0: p1 p2 p3 p4[EZD] [ 2401.055910][T25139] loop0: p1 start 10 is beyond EOD, truncated [ 2401.062057][T25139] loop0: p2 start 131072 is beyond EOD, truncated [ 2401.068504][T25139] loop0: p3 start 225 is beyond EOD, truncated [ 2401.074672][T25139] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:25:07 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000001600002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2401.119115][T25164] loop0: detected capacity change from 0 to 16400 [ 2401.128596][T25166] loop3: detected capacity change from 0 to 2216 05:25:07 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800000402000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:25:07 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000001700002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2401.205312][T25179] loop3: detected capacity change from 0 to 2216 05:25:07 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000001800002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2401.250915][T25184] loop3: detected capacity change from 0 to 2216 [ 2401.288219][T25189] loop0: detected capacity change from 0 to 1 [ 2401.318300][T25189] loop0: p1 p2 p3 p4[EZD] [ 2401.322969][T25189] loop0: p1 start 10 is beyond EOD, truncated [ 2401.329077][T25189] loop0: p2 start 132096 is beyond EOD, truncated [ 2401.333030][T25194] loop3: detected capacity change from 0 to 2216 [ 2401.335579][T25189] loop0: p3 start 225 is beyond EOD, truncated [ 2401.335638][T25189] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:25:07 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000001900002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2401.383572][T25197] loop0: detected capacity change from 0 to 1 [ 2401.408284][T25197] loop0: p1 p2 p3 p4[EZD] [ 2401.412843][T25197] loop0: p1 start 10 is beyond EOD, truncated [ 2401.418957][T25197] loop0: p2 start 132096 is beyond EOD, truncated [ 2401.425422][T25197] loop0: p3 start 225 is beyond EOD, truncated [ 2401.431690][T25197] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2401.445870][ T1037] loop0: p1 p2 p3 p4[EZD] [ 2401.450435][ T1037] loop0: p1 start 10 is beyond EOD, truncated [ 2401.456509][ T1037] loop0: p2 start 132096 is beyond EOD, truncated [ 2401.457590][T25209] loop3: detected capacity change from 0 to 2216 [ 2401.462945][ T1037] loop0: p3 start 225 is beyond EOD, truncated [ 2401.475401][ T1037] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:25:09 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:25:09 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x1bf, r0, 0x0, 0x0) 05:25:09 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800000003000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:25:09 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000001a00002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:25:09 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x18, 0x0) [ 2404.028558][T25225] loop3: detected capacity change from 0 to 2216 [ 2404.033434][T25226] loop0: detected capacity change from 0 to 1 05:25:09 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000001b00002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:25:09 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}], 0x2, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2404.083643][T25226] loop0: p1 p2 p3 p4[EZD] [ 2404.093742][T25226] loop0: p1 start 10 is beyond EOD, truncated [ 2404.099875][T25226] loop0: p2 start 196608 is beyond EOD, truncated [ 2404.106322][T25226] loop0: p3 start 225 is beyond EOD, truncated [ 2404.112508][T25226] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:25:10 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}], 0x2, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2404.157643][T25258] loop3: detected capacity change from 0 to 2216 [ 2404.164525][T25246] loop0: detected capacity change from 0 to 1 [ 2404.188312][T25246] loop0: p1 p2 p3 p4[EZD] [ 2404.200362][T25246] loop0: p1 start 10 is beyond EOD, truncated 05:25:10 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000001c00002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:25:10 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800000004000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2404.206497][T25246] loop0: p2 start 196608 is beyond EOD, truncated [ 2404.212938][T25246] loop0: p3 start 225 is beyond EOD, truncated [ 2404.219219][T25246] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:25:10 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000001d00002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2404.266474][T25277] loop3: detected capacity change from 0 to 2216 [ 2404.321765][T25283] loop0: detected capacity change from 0 to 1 [ 2404.356967][T25288] loop3: detected capacity change from 0 to 2216 05:25:10 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000001e00002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2404.383245][T25283] loop0: p1 p2 p3 p4[EZD] [ 2404.387949][T25283] loop0: p1 start 10 is beyond EOD, truncated [ 2404.394061][T25283] loop0: p2 start 262144 is beyond EOD, truncated [ 2404.400563][T25283] loop0: p3 start 225 is beyond EOD, truncated [ 2404.406718][T25283] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2404.461767][T25291] loop0: detected capacity change from 0 to 1 [ 2404.468554][T25302] loop3: detected capacity change from 0 to 2216 [ 2404.509298][T25291] loop0: p1 p2 p3 p4[EZD] [ 2404.515424][T25291] loop0: p1 start 10 is beyond EOD, truncated [ 2404.521585][T25291] loop0: p2 start 262144 is beyond EOD, truncated [ 2404.528014][T25291] loop0: p3 start 225 is beyond EOD, truncated [ 2404.534163][T25291] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2404.628549][ T1037] loop0: p1 p2 p3 p4[EZD] [ 2404.633070][ T1037] loop0: p1 start 10 is beyond EOD, truncated [ 2404.639169][ T1037] loop0: p2 start 262144 is beyond EOD, truncated [ 2404.645578][ T1037] loop0: p3 start 225 is beyond EOD, truncated [ 2404.651851][ T1037] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:25:12 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2406.684921][ T25] kauditd_printk_skb: 246 callbacks suppressed [ 2406.684934][ T25] audit: type=1326 audit(1625635512.528:60309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=25318 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2406.715267][ T25] audit: type=1326 audit(1625635512.528:60310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=25318 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=56 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2406.739348][ T25] audit: type=1326 audit(1625635512.528:60311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=25318 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2406.763576][ T25] audit: type=1326 audit(1625635512.528:60312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=25318 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2406.788063][ T25] audit: type=1326 audit(1625635512.528:60313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=25318 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=186 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2406.812236][ T25] audit: type=1326 audit(1625635512.528:60314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=25318 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2406.836467][ T25] audit: type=1326 audit(1625635512.528:60315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=25318 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2406.860682][ T25] audit: type=1326 audit(1625635512.528:60316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=25318 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=61 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2406.884889][ T25] audit: type=1326 audit(1625635512.528:60317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=25320 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2406.909070][ T25] audit: type=1326 audit(1625635512.528:60318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=25320 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=278 compat=0 ip=0x4665d9 code=0x7ffc0000 05:25:12 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x2, 0x0) 05:25:12 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000002100002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:25:12 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800000005000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:25:12 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x25, 0x0) 05:25:12 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000002200002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2407.043891][T25326] loop3: detected capacity change from 0 to 2216 [ 2407.053993][T25328] loop0: detected capacity change from 0 to 1 [ 2407.100729][T25328] loop0: p1 p2 p3 p4[EZD] [ 2407.105384][T25328] loop0: p1 start 10 is beyond EOD, truncated [ 2407.111479][T25328] loop0: p2 start 327680 is beyond EOD, truncated [ 2407.117967][T25328] loop0: p3 start 225 is beyond EOD, truncated [ 2407.124131][T25328] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:25:13 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}], 0x2, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2407.167383][T25352] loop3: detected capacity change from 0 to 2216 05:25:13 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000002300002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2407.235459][T25362] loop0: detected capacity change from 0 to 16400 05:25:13 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800000006000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:25:13 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000002400002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2407.280075][T25368] loop3: detected capacity change from 0 to 2216 05:25:13 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000002500002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2407.388501][T25375] loop3: detected capacity change from 0 to 2216 [ 2407.427403][T25382] loop0: detected capacity change from 0 to 1 05:25:13 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000002600002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2407.470857][T25388] loop3: detected capacity change from 0 to 2216 [ 2407.471854][T25382] loop0: p1 p2 p3 p4[EZD] [ 2407.485800][T25382] loop0: p1 start 10 is beyond EOD, truncated [ 2407.491909][T25382] loop0: p2 start 393216 is beyond EOD, truncated [ 2407.498383][T25382] loop0: p3 start 225 is beyond EOD, truncated [ 2407.504565][T25382] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2407.548165][T25394] loop0: detected capacity change from 0 to 1 [ 2407.578296][T25401] loop3: detected capacity change from 0 to 2216 [ 2407.590653][T25394] loop0: p1 p2 p3 p4[EZD] [ 2407.595565][T25394] loop0: p1 start 10 is beyond EOD, truncated [ 2407.601686][T25394] loop0: p2 start 393216 is beyond EOD, truncated [ 2407.608149][T25394] loop0: p3 start 225 is beyond EOD, truncated [ 2407.614426][T25394] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2407.649970][ T1037] loop0: p1 p2 p3 p4[EZD] [ 2407.654521][ T1037] loop0: p1 start 10 is beyond EOD, truncated [ 2407.660673][ T1037] loop0: p2 start 393216 is beyond EOD, truncated [ 2407.667165][ T1037] loop0: p3 start 225 is beyond EOD, truncated [ 2407.673447][ T1037] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:25:15 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, 0x0) ptrace$cont(0x7, r0, 0x0, 0x0) 05:25:15 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x3, 0x0) 05:25:15 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000002700002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:25:15 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800000406000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:25:15 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x48, 0x0) 05:25:15 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, 0x0) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2410.059252][T25423] loop3: detected capacity change from 0 to 2216 [ 2410.060257][T25425] loop0: detected capacity change from 0 to 1 [ 2410.123562][T25425] loop0: p1 p2 p3 p4[EZD] [ 2410.128270][T25425] loop0: p1 start 10 is beyond EOD, truncated [ 2410.134424][T25425] loop0: p2 start 394240 is beyond EOD, truncated [ 2410.140902][T25425] loop0: p3 start 225 is beyond EOD, truncated [ 2410.147049][T25425] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:25:16 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {0x0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:25:16 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000002800002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:25:16 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800000007000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:25:16 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000002900002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2410.219645][T25448] loop0: detected capacity change from 0 to 16400 [ 2410.236215][T25459] loop3: detected capacity change from 0 to 2216 [ 2410.278547][T25466] loop0: detected capacity change from 0 to 1 [ 2410.314420][T25466] loop0: p1 p2 p3 p4[EZD] [ 2410.320201][T25466] loop0: p1 start 10 is beyond EOD, truncated 05:25:16 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000002a00002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2410.320370][T25472] loop3: detected capacity change from 0 to 2216 [ 2410.326287][T25466] loop0: p2 start 458752 is beyond EOD, truncated [ 2410.339095][T25466] loop0: p3 start 225 is beyond EOD, truncated [ 2410.345278][T25466] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2410.408715][T25478] loop0: detected capacity change from 0 to 16400 [ 2410.426856][T25485] loop3: detected capacity change from 0 to 2216 05:25:16 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000002b00002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:25:16 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800000008000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2410.523175][T25489] loop0: detected capacity change from 0 to 1 [ 2410.527664][T25493] loop3: detected capacity change from 0 to 2216 [ 2410.578018][T25489] loop0: p1 p2 p3 p4[EZD] [ 2410.582525][T25489] loop0: p1 start 10 is beyond EOD, truncated [ 2410.588674][T25489] loop0: p2 start 524288 is beyond EOD, truncated [ 2410.595091][T25489] loop0: p3 start 225 is beyond EOD, truncated [ 2410.601395][T25489] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2410.651267][T25500] loop0: detected capacity change from 0 to 16400 05:25:18 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x4, 0x0) 05:25:18 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000002c00002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:25:18 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800000009000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2413.075692][T25510] loop0: detected capacity change from 0 to 1 [ 2413.091821][T25516] loop3: detected capacity change from 0 to 2216 [ 2413.098833][ T25] kauditd_printk_skb: 266 callbacks suppressed [ 2413.098844][ T25] audit: type=1326 audit(1625635518.948:60585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=25513 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2413.138138][T25510] loop0: p1 p2 p3 p4[EZD] [ 2413.142717][T25510] loop0: p1 start 10 is beyond EOD, truncated [ 2413.148847][T25510] loop0: p2 start 589824 is beyond EOD, truncated 05:25:19 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x4c, 0x0) 05:25:19 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, 0x0) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2413.149795][ T25] audit: type=1326 audit(1625635518.988:60586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=25513 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=56 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2413.155269][T25510] loop0: p3 start 225 is beyond EOD, truncated [ 2413.185472][T25510] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:25:19 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {0x0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:25:19 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x5, 0x0) 05:25:19 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000002d00002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2413.212490][ T25] audit: type=1326 audit(1625635518.988:60587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=25513 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2413.247401][ T25] audit: type=1326 audit(1625635518.988:60588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=25513 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2413.287563][ T25] audit: type=1326 audit(1625635518.988:60589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=25513 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=186 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2413.290279][T25535] loop3: detected capacity change from 0 to 2216 [ 2413.314643][ T25] audit: type=1326 audit(1625635518.988:60590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=25513 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2413.343915][ T25] audit: type=1326 audit(1625635518.988:60591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=25513 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 05:25:19 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac00000000006300080000000a000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:25:19 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000002e00002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2413.369833][ T25] audit: type=1326 audit(1625635518.988:60592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=25520 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=231 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2413.406516][ T25] audit: type=1326 audit(1625635519.038:60593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=25513 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=61 compat=0 ip=0x4665d9 code=0x7ffc0000 05:25:19 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x6, 0x0) 05:25:19 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {0x0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2413.437633][ T25] audit: type=1326 audit(1625635519.038:60594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=25513 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2413.441814][T25553] loop0: detected capacity change from 0 to 1 05:25:19 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000002f00002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2413.513111][T25564] loop3: detected capacity change from 0 to 2216 [ 2413.519807][T25553] loop0: p1 p2 p3 p4[EZD] [ 2413.524382][T25553] loop0: p1 start 10 is beyond EOD, truncated [ 2413.530506][T25553] loop0: p2 start 655360 is beyond EOD, truncated [ 2413.536937][T25553] loop0: p3 start 225 is beyond EOD, truncated [ 2413.543119][T25553] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:25:19 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000000fe00002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2413.613535][T25576] loop0: detected capacity change from 0 to 16400 [ 2413.619955][T25582] loop3: detected capacity change from 0 to 2216 05:25:19 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac00000000006300080000000b000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2413.724766][T25589] loop3: detected capacity change from 0 to 2216 [ 2413.778603][T25596] loop0: detected capacity change from 0 to 1 [ 2413.819336][T25596] loop0: p1 p2 p3 p4[EZD] [ 2413.823984][T25596] loop0: p1 start 10 is beyond EOD, truncated [ 2413.830095][T25596] loop0: p2 start 720896 is beyond EOD, truncated [ 2413.836502][T25596] loop0: p3 start 225 is beyond EOD, truncated [ 2413.842693][T25596] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2413.880556][T25601] loop0: detected capacity change from 0 to 1 [ 2413.918389][T25601] loop0: p1 p2 p3 p4[EZD] [ 2413.923026][T25601] loop0: p1 start 10 is beyond EOD, truncated [ 2413.929135][T25601] loop0: p2 start 720896 is beyond EOD, truncated [ 2413.935569][T25601] loop0: p3 start 225 is beyond EOD, truncated [ 2413.941719][T25601] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2414.028484][ T1037] loop0: p1 p2 p3 p4[EZD] [ 2414.033025][ T1037] loop0: p1 start 10 is beyond EOD, truncated [ 2414.039241][ T1037] loop0: p2 start 720896 is beyond EOD, truncated [ 2414.045645][ T1037] loop0: p3 start 225 is beyond EOD, truncated [ 2414.051800][ T1037] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:25:22 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000000d301002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:25:22 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x68, 0x0) 05:25:22 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac00000000006300080000000c000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:25:22 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0xffffffffffffffff, r0, 0x0, 0x0) [ 2416.218897][T25617] loop0: detected capacity change from 0 to 1 [ 2416.235044][T25622] loop3: detected capacity change from 0 to 2216 05:25:22 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000000e801002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2416.271352][T25617] loop0: p1 p2 p3 p4[EZD] [ 2416.280334][T25617] loop0: p1 start 10 is beyond EOD, truncated [ 2416.286467][T25617] loop0: p2 start 786432 is beyond EOD, truncated [ 2416.292936][T25617] loop0: p3 start 225 is beyond EOD, truncated [ 2416.299223][T25617] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:25:22 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000000e901002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2416.344514][T25641] loop3: detected capacity change from 0 to 2216 [ 2416.351534][T25638] loop0: detected capacity change from 0 to 16400 05:25:22 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac00000000006300080000000d000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2416.423520][T25649] loop3: detected capacity change from 0 to 2216 05:25:22 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x7, 0x0) 05:25:22 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {&(0x7f0000000000)=""/3, 0x3}], 0x2, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:25:22 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000402002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2416.479156][T25655] loop0: detected capacity change from 0 to 1 05:25:22 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000001602002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2416.537390][T25671] loop3: detected capacity change from 0 to 2216 [ 2416.544506][T25655] loop0: p1 p2 p3 p4[EZD] [ 2416.550548][T25655] loop0: p1 start 10 is beyond EOD, truncated [ 2416.556637][T25655] loop0: p2 start 851968 is beyond EOD, truncated [ 2416.563105][T25655] loop0: p3 start 225 is beyond EOD, truncated [ 2416.569333][T25655] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2416.610041][T25667] loop0: detected capacity change from 0 to 1 [ 2416.625120][T25681] loop3: detected capacity change from 0 to 2216 [ 2416.649544][T25667] loop0: p1 p2 p3 p4[EZD] [ 2416.654174][T25667] loop0: p1 start 10 is beyond EOD, truncated 05:25:22 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000001702002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:25:22 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac00000000006300080000000e000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2416.660302][T25667] loop0: p2 start 851968 is beyond EOD, truncated [ 2416.666719][T25667] loop0: p3 start 225 is beyond EOD, truncated [ 2416.673049][T25667] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2416.724917][T25689] loop3: detected capacity change from 0 to 2216 [ 2416.749387][T25695] loop0: detected capacity change from 0 to 1 [ 2416.788033][T25695] loop0: p1 p2 p3 p4[EZD] [ 2416.792563][T25695] loop0: p1 start 10 is beyond EOD, truncated [ 2416.798665][T25695] loop0: p2 start 917504 is beyond EOD, truncated [ 2416.805098][T25695] loop0: p3 start 225 is beyond EOD, truncated [ 2416.811256][T25695] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:25:25 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x6c, 0x0) 05:25:25 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000002c02002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:25:25 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac00000000006300080000000f000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:25:25 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0xffffffffffffffff, r0, 0x0, 0x0) [ 2419.247632][ T25] kauditd_printk_skb: 254 callbacks suppressed [ 2419.247650][ T25] audit: type=1326 audit(1625635525.088:60849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=25705 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2419.252245][T25710] loop0: detected capacity change from 0 to 1 [ 2419.255403][ T25] audit: type=1326 audit(1625635525.088:60850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=25705 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=56 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2419.311094][T25717] loop3: detected capacity change from 0 to 2216 [ 2419.312440][ T25] audit: type=1326 audit(1625635525.088:60851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=25705 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2419.349420][T25710] loop0: p1 p2 p3 p4[EZD] [ 2419.361123][T25710] loop0: p1 start 10 is beyond EOD, truncated [ 2419.367261][T25710] loop0: p2 start 983040 is beyond EOD, truncated [ 2419.370370][ T25] audit: type=1326 audit(1625635525.088:60852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=25705 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=186 compat=0 ip=0x4665d9 code=0x7ffc0000 05:25:25 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000003002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2419.373697][T25710] loop0: p3 start 225 is beyond EOD, truncated [ 2419.398901][ T25] audit: type=1326 audit(1625635525.088:60853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=25705 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2419.404061][T25710] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2419.441742][ T25] audit: type=1326 audit(1625635525.088:60854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=25705 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=61 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2419.466152][ T25] audit: type=1326 audit(1625635525.088:60855): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=25708 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2419.491292][ T25] audit: type=1326 audit(1625635525.088:60856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=25708 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=278 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2419.517981][T25727] loop3: detected capacity change from 0 to 2216 [ 2419.519065][ T25] audit: type=1326 audit(1625635525.088:60857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=25708 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 05:25:25 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x8, 0x0) 05:25:25 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {&(0x7f0000000000)=""/3, 0x3}], 0x2, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:25:25 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800000010000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:25:25 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000204002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2419.528352][T25716] loop0: detected capacity change from 0 to 1 [ 2419.548848][ T25] audit: type=1326 audit(1625635525.088:60858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=25708 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=101 compat=0 ip=0x4665d9 code=0x7ffc0000 05:25:25 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000604002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2419.665876][T25750] loop3: detected capacity change from 0 to 2216 [ 2419.669354][T25751] loop0: detected capacity change from 0 to 1 [ 2419.720123][T25751] loop0: p1 p2 p3 p4[EZD] [ 2419.724626][T25751] loop0: p1 start 10 is beyond EOD, truncated [ 2419.730760][T25751] loop0: p2 start 1048576 is beyond EOD, truncated [ 2419.737266][T25751] loop0: p3 start 225 is beyond EOD, truncated [ 2419.743498][T25751] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2419.760480][T25761] loop3: detected capacity change from 0 to 2216 05:25:25 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000005002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2419.788492][T25757] loop0: detected capacity change from 0 to 1 [ 2419.820892][T25757] loop0: p1 p2 p3 p4[EZD] [ 2419.826810][T25757] loop0: p1 start 10 is beyond EOD, truncated [ 2419.832879][T25770] loop3: detected capacity change from 0 to 2216 [ 2419.839255][T25757] loop0: p2 start 1048576 is beyond EOD, truncated [ 2419.845754][T25757] loop0: p3 start 225 is beyond EOD, truncated [ 2419.851911][T25757] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2419.870011][ T1037] loop0: p1 p2 p3 p4[EZD] [ 2419.874477][ T1037] loop0: p1 start 10 is beyond EOD, truncated [ 2419.880559][ T1037] loop0: p2 start 1048576 is beyond EOD, truncated 05:25:25 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800000011000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2419.887071][ T1037] loop0: p3 start 225 is beyond EOD, truncated [ 2419.893227][ T1037] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2419.991093][T25782] loop0: detected capacity change from 0 to 1 [ 2420.018049][T25782] loop0: p1 p2 p3 p4[EZD] [ 2420.022565][T25782] loop0: p1 start 10 is beyond EOD, truncated [ 2420.028845][T25782] loop0: p2 start 1114112 is beyond EOD, truncated [ 2420.035338][T25782] loop0: p3 start 225 is beyond EOD, truncated [ 2420.041501][T25782] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2420.088453][T25788] loop0: detected capacity change from 0 to 16400 05:25:28 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x74, 0x0) 05:25:28 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000006002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:25:28 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800000012000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:25:28 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0xffffffffffffffff, r0, 0x0, 0x0) [ 2422.317036][T25796] loop0: detected capacity change from 0 to 1 [ 2422.326483][T25798] loop3: detected capacity change from 0 to 2216 05:25:28 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000406002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2422.373457][T25796] loop0: p1 p2 p3 p4[EZD] [ 2422.379791][T25796] loop0: p1 start 10 is beyond EOD, truncated [ 2422.385898][T25796] loop0: p2 start 1179648 is beyond EOD, truncated [ 2422.392551][T25796] loop0: p3 start 225 is beyond EOD, truncated [ 2422.398762][T25796] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2422.441527][T25812] loop0: detected capacity change from 0 to 1 [ 2422.446621][T25822] loop3: detected capacity change from 0 to 2216 [ 2422.479042][T25812] loop0: p1 p2 p3 p4[EZD] [ 2422.484771][T25812] loop0: p1 start 10 is beyond EOD, truncated [ 2422.490903][T25812] loop0: p2 start 1179648 is beyond EOD, truncated [ 2422.497445][T25812] loop0: p3 start 225 is beyond EOD, truncated [ 2422.503599][T25812] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:25:28 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x9, 0x0) 05:25:28 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {&(0x7f0000000000)=""/3, 0x3}], 0x2, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:25:28 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000007002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:25:28 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800000013000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2422.580036][ T1037] loop0: p1 p2 p3 p4[EZD] [ 2422.584607][ T1037] loop0: p1 start 10 is beyond EOD, truncated [ 2422.590699][ T1037] loop0: p2 start 1179648 is beyond EOD, truncated [ 2422.597219][ T1037] loop0: p3 start 225 is beyond EOD, truncated [ 2422.603398][ T1037] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:25:28 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000000fc07002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2422.637788][T25843] loop3: detected capacity change from 0 to 2216 [ 2422.664577][T25844] loop0: detected capacity change from 0 to 1 [ 2422.709965][T25844] loop0: p1 p2 p3 p4[EZD] [ 2422.714464][T25844] loop0: p1 start 10 is beyond EOD, truncated [ 2422.720554][T25844] loop0: p2 start 1245184 is beyond EOD, truncated [ 2422.727144][T25844] loop0: p3 start 225 is beyond EOD, truncated [ 2422.733298][T25844] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2422.748178][T25857] loop3: detected capacity change from 0 to 2216 05:25:28 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000009002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2422.768342][T25856] loop0: detected capacity change from 0 to 1 05:25:28 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800000020000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2422.818031][T25856] loop0: p1 p2 p3 p4[EZD] [ 2422.822607][T25856] loop0: p1 start 10 is beyond EOD, truncated [ 2422.828708][T25856] loop0: p2 start 1245184 is beyond EOD, truncated [ 2422.835234][T25856] loop0: p3 start 225 is beyond EOD, truncated [ 2422.841486][T25856] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2422.852002][T25871] loop3: detected capacity change from 0 to 2216 [ 2422.937648][T25878] loop0: detected capacity change from 0 to 1 [ 2422.988575][T25878] loop0: p1 p2 p3 p4[EZD] [ 2422.993202][T25878] loop0: p1 start 10 is beyond EOD, truncated [ 2422.999304][T25878] loop0: p2 start 2097152 is beyond EOD, truncated [ 2423.005803][T25878] loop0: p3 start 225 is beyond EOD, truncated [ 2423.011968][T25878] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2423.063294][T25881] loop0: detected capacity change from 0 to 1 [ 2423.099763][T25881] loop0: p1 p2 p3 p4[EZD] [ 2423.104364][T25881] loop0: p1 start 10 is beyond EOD, truncated [ 2423.110451][T25881] loop0: p2 start 2097152 is beyond EOD, truncated [ 2423.116941][T25881] loop0: p3 start 225 is beyond EOD, truncated [ 2423.123102][T25881] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2423.176107][ T1037] loop0: p1 p2 p3 p4[EZD] [ 2423.181478][ T1037] loop0: p1 start 10 is beyond EOD, truncated [ 2423.187599][ T1037] loop0: p2 start 2097152 is beyond EOD, truncated [ 2423.194252][ T1037] loop0: p3 start 225 is beyond EOD, truncated [ 2423.200469][ T1037] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:25:31 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x7a, 0x0) 05:25:31 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, 0x0, 0x0, 0x0) 05:25:31 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000000000a002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:25:31 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800000024000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2425.352369][ T25] kauditd_printk_skb: 243 callbacks suppressed [ 2425.352383][ T25] audit: type=1326 audit(1625635531.198:61102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=25897 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2425.390684][ T25] audit: type=1326 audit(1625635531.198:61103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=25897 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=56 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2425.422194][T25906] loop3: detected capacity change from 0 to 2216 [ 2425.436192][T25909] loop0: detected capacity change from 0 to 1 05:25:31 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000000000b002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2425.474719][ T25] audit: type=1326 audit(1625635531.198:61104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=25897 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2425.525298][ T25] audit: type=1326 audit(1625635531.198:61105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=25897 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=186 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2425.550128][T25909] loop0: p1 p2 p3 p4[EZD] [ 2425.554702][T25909] loop0: p1 start 10 is beyond EOD, truncated [ 2425.560798][T25909] loop0: p2 start 2359296 is beyond EOD, truncated [ 2425.567288][T25909] loop0: p3 start 225 is beyond EOD, truncated [ 2425.573463][T25909] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2425.589483][T25920] loop3: detected capacity change from 0 to 2216 05:25:31 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0xa, 0x0) [ 2425.608311][ T25] audit: type=1326 audit(1625635531.198:61106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=25897 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2425.646429][ T25] audit: type=1326 audit(1625635531.198:61107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=25897 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=61 compat=0 ip=0x4665d9 code=0x7ffc0000 05:25:31 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {&(0x7f0000000000)=""/3, 0x3}], 0x2, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:25:31 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000000000c002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:25:31 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800000025000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2425.672766][ T25] audit: type=1326 audit(1625635531.198:61108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=25899 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2425.741015][ T25] audit: type=1326 audit(1625635531.198:61109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=25899 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=278 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2425.771955][T25936] loop3: detected capacity change from 0 to 2216 [ 2425.797720][T25939] loop0: detected capacity change from 0 to 1 05:25:31 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000000000d002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2425.834350][ T25] audit: type=1326 audit(1625635531.198:61110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=25899 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2425.874012][T25939] loop0: p1 p2 p3 p4[EZD] [ 2425.878695][T25939] loop0: p1 start 10 is beyond EOD, truncated [ 2425.884864][T25939] loop0: p2 start 2424832 is beyond EOD, truncated [ 2425.891503][T25939] loop0: p3 start 225 is beyond EOD, truncated [ 2425.897747][T25939] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2425.915565][ T25] audit: type=1326 audit(1625635531.198:61111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=25899 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=101 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2425.928159][T25955] loop3: detected capacity change from 0 to 2216 05:25:31 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0xb, 0x0) 05:25:31 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {&(0x7f0000000000)=""/3, 0x3}], 0x2, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2426.008407][T25965] loop0: detected capacity change from 0 to 16400 05:25:34 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x300, 0x0) 05:25:34 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, 0x0, 0x0, 0x0) 05:25:34 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000000000e002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:25:34 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800000026000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:25:34 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, 0x0, 0x0, 0x0) [ 2428.397049][T25992] loop0: detected capacity change from 0 to 1 [ 2428.398169][T25993] loop3: detected capacity change from 0 to 2216 [ 2428.419310][T25992] loop0: p1 p2 p3 p4[EZD] [ 2428.433341][T25992] loop0: p1 start 10 is beyond EOD, truncated [ 2428.439469][T25992] loop0: p2 start 2490368 is beyond EOD, truncated 05:25:34 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000000000f002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2428.445992][T25992] loop0: p3 start 225 is beyond EOD, truncated [ 2428.452162][T25992] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:25:34 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac00000000006300080000002e000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:25:34 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000002010002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2428.512807][T26012] loop3: detected capacity change from 0 to 2216 [ 2428.520083][T26006] loop0: detected capacity change from 0 to 16400 05:25:34 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000011002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2428.608617][T26024] loop3: detected capacity change from 0 to 2216 [ 2428.619091][T26023] loop0: detected capacity change from 0 to 1 [ 2428.657991][T26023] loop0: p1 p2 p3 p4[EZD] [ 2428.662562][T26023] loop0: p1 start 10 is beyond EOD, truncated [ 2428.668748][T26023] loop0: p2 start 3014656 is beyond EOD, truncated [ 2428.675338][T26023] loop0: p3 start 225 is beyond EOD, truncated [ 2428.681569][T26023] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2428.704764][T26036] loop3: detected capacity change from 0 to 2216 05:25:34 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000012002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2428.738253][T26035] loop0: detected capacity change from 0 to 16400 [ 2428.775748][T26044] loop3: detected capacity change from 0 to 2216 05:25:34 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0xc, 0x0) 05:25:34 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac00000000006300080000003f000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2429.015593][T26053] loop0: detected capacity change from 0 to 1 [ 2429.058369][T26053] loop0: p1 p2 p3 p4[EZD] [ 2429.062954][T26053] loop0: p1 start 10 is beyond EOD, truncated [ 2429.069058][T26053] loop0: p2 start 4128768 is beyond EOD, truncated [ 2429.075537][T26053] loop0: p3 start 225 is beyond EOD, truncated [ 2429.081697][T26053] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2429.135867][T26065] loop0: detected capacity change from 0 to 16400 05:25:37 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x500, 0x0) 05:25:37 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000013002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:25:37 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {&(0x7f0000000000)=""/3, 0x3}], 0x2, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:25:37 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0xd, 0x0) [ 2431.386149][ T25] kauditd_printk_skb: 231 callbacks suppressed [ 2431.386162][ T25] audit: type=1326 audit(1625635537.228:61343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=26073 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2431.393331][T26078] loop3: detected capacity change from 0 to 2216 05:25:37 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000014002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:25:37 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800000040000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:25:37 executing program 1 (fault-call:10 fault-nth:0): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2431.444168][ T25] audit: type=1326 audit(1625635537.228:61344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=26073 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=56 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2431.471158][ T25] audit: type=1326 audit(1625635537.228:61345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=26073 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2431.477672][T26090] loop0: detected capacity change from 0 to 1 [ 2431.504298][ T25] audit: type=1326 audit(1625635537.228:61346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=26073 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=186 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2431.520444][T26098] loop3: detected capacity change from 0 to 2216 05:25:37 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000015002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2431.531405][ T25] audit: type=1326 audit(1625635537.228:61347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=26073 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2431.559786][ T25] audit: type=1326 audit(1625635537.228:61348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=26073 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=61 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2431.592596][ T25] audit: type=1326 audit(1625635537.228:61349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=26079 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2431.595515][T26090] loop0: p1 p2 p3 p4[EZD] [ 2431.621260][ T25] audit: type=1326 audit(1625635537.228:61350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=26079 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=278 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2431.625925][T26090] loop0: p1 start 10 is beyond EOD, truncated [ 2431.649099][ T25] audit: type=1326 audit(1625635537.228:61351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=26079 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2431.651755][T26090] loop0: p2 start 4194304 is beyond EOD, truncated 05:25:37 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x600, 0x0) 05:25:37 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2431.677133][ T25] audit: type=1326 audit(1625635537.228:61352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=26079 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=101 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2431.682342][T26090] loop0: p3 start 225 is beyond EOD, truncated [ 2431.682361][T26090] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2431.756521][T26118] loop0: detected capacity change from 0 to 16400 [ 2431.767589][T26119] loop3: detected capacity change from 0 to 2216 05:25:37 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000016002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:25:37 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800080040000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:25:37 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000216002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2431.846521][T26133] loop3: detected capacity change from 0 to 2216 [ 2431.886912][T26139] loop0: detected capacity change from 0 to 1 [ 2431.915492][T26143] loop3: detected capacity change from 0 to 2216 [ 2431.928268][T26139] loop0: p1 p2 p3 p4[EZD] [ 2431.935065][T26139] loop0: p1 start 10 is beyond EOD, truncated [ 2431.941182][T26139] loop0: p2 start 4194312 is beyond EOD, truncated [ 2431.947700][T26139] loop0: p3 start 225 is beyond EOD, truncated [ 2431.953843][T26139] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:25:37 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000017002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2431.984823][T26146] loop0: detected capacity change from 0 to 1 [ 2432.040980][T26146] loop0: p1 p2 p3 p4[EZD] [ 2432.045624][T26154] loop3: detected capacity change from 0 to 2216 [ 2432.045662][T26146] loop0: p1 start 10 is beyond EOD, truncated [ 2432.058089][T26146] loop0: p2 start 4194312 is beyond EOD, truncated [ 2432.064590][T26146] loop0: p3 start 225 is beyond EOD, truncated [ 2432.070758][T26146] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2432.081423][ T1037] loop0: p1 p2 p3 p4[EZD] [ 2432.086018][ T1037] loop0: p1 start 10 is beyond EOD, truncated [ 2432.092121][ T1037] loop0: p2 start 4194312 is beyond EOD, truncated [ 2432.098640][ T1037] loop0: p3 start 225 is beyond EOD, truncated [ 2432.104783][ T1037] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:25:40 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(0x0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:25:40 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0xe, 0x0) 05:25:40 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000217002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:25:40 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800000048000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:25:40 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000018002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2434.416299][T26177] loop3: detected capacity change from 0 to 2216 [ 2434.419964][T26178] loop0: detected capacity change from 0 to 1 [ 2434.469087][T26178] loop0: p1 p2 p3 p4[EZD] [ 2434.473846][T26178] loop0: p1 start 10 is beyond EOD, truncated [ 2434.479973][T26178] loop0: p2 start 4718592 is beyond EOD, truncated [ 2434.486615][T26178] loop0: p3 start 225 is beyond EOD, truncated [ 2434.492822][T26178] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2434.511894][T26191] loop3: detected capacity change from 0 to 2216 05:25:40 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000019002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2434.585707][T26203] loop3: detected capacity change from 0 to 2216 05:25:40 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x700, 0x0) 05:25:40 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x3, r0, 0x0, 0x0) 05:25:40 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac00000000006300080000004c000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:25:40 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000000001a002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2434.788183][T26221] loop0: detected capacity change from 0 to 1 [ 2434.794648][T26225] loop3: detected capacity change from 0 to 2216 05:25:40 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000000001b002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2434.828549][T26221] loop0: p1 p2 p3 p4[EZD] [ 2434.835263][T26221] loop0: p1 start 10 is beyond EOD, truncated [ 2434.841379][T26221] loop0: p2 start 4980736 is beyond EOD, truncated [ 2434.847902][T26221] loop0: p3 start 225 is beyond EOD, truncated [ 2434.854073][T26221] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:25:40 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800000060000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2434.908451][T26234] loop0: detected capacity change from 0 to 1 [ 2434.915251][T26238] loop3: detected capacity change from 0 to 2216 [ 2435.060193][T26251] loop0: detected capacity change from 0 to 1 [ 2435.097913][T26251] loop0: p1 p2 p3 p4[EZD] [ 2435.102559][T26251] loop0: p1 start 10 is beyond EOD, truncated [ 2435.108668][T26251] loop0: p2 start 6291456 is beyond EOD, truncated [ 2435.115176][T26251] loop0: p3 start 225 is beyond EOD, truncated [ 2435.121484][T26251] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2435.169165][T26256] loop0: detected capacity change from 0 to 1 [ 2435.208094][T26256] loop0: p1 p2 p3 p4[EZD] [ 2435.212817][T26256] loop0: p1 start 10 is beyond EOD, truncated [ 2435.218927][T26256] loop0: p2 start 6291456 is beyond EOD, truncated [ 2435.225415][T26256] loop0: p3 start 225 is beyond EOD, truncated [ 2435.231631][T26256] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:25:43 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(0x0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:25:43 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000000001c002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:25:43 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac0000000000630008f52fc665000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:25:43 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x10, 0x0) [ 2437.425045][T26270] loop0: detected capacity change from 0 to 1 [ 2437.436083][T26271] loop3: detected capacity change from 0 to 2216 [ 2437.444436][ T25] kauditd_printk_skb: 267 callbacks suppressed [ 2437.444448][ T25] audit: type=1326 audit(1625635543.288:61620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=26275 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2437.476287][ T25] audit: type=1326 audit(1625635543.288:61621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=26275 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=56 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2437.483790][T26270] loop0: p1 p2 p3 p4[EZD] [ 2437.508456][ T25] audit: type=1326 audit(1625635543.288:61622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=26275 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2437.514961][T26270] loop0: p1 start 10 is beyond EOD, truncated [ 2437.535192][ T25] audit: type=1326 audit(1625635543.288:61623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=26275 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=186 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2437.538742][T26270] loop0: p2 start 6669871 is beyond EOD, truncated [ 2437.563970][ T25] audit: type=1326 audit(1625635543.288:61624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=26275 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2437.569405][T26270] loop0: p3 start 225 is beyond EOD, truncated [ 2437.599816][T26270] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:25:43 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000000001d002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2437.602830][ T25] audit: type=1326 audit(1625635543.288:61625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=26275 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=61 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2437.633664][ T25] audit: type=1326 audit(1625635543.288:61626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=26277 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2437.658768][ T25] audit: type=1326 audit(1625635543.288:61627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=26277 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=278 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2437.683566][ T25] audit: type=1326 audit(1625635543.288:61628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=26277 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2437.713040][T26294] loop3: detected capacity change from 0 to 2216 05:25:43 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x8, r0, 0x0, 0x0) [ 2437.713909][ T25] audit: type=1326 audit(1625635543.288:61629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=26277 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=101 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2437.745117][T26281] loop0: detected capacity change from 0 to 1 05:25:43 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x900, 0x0) 05:25:43 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000000001e002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:25:43 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0xa00, 0x0) [ 2437.817951][T26281] loop0: p1 p2 p3 p4[EZD] [ 2437.823026][T26281] loop0: p1 start 10 is beyond EOD, truncated [ 2437.829164][T26281] loop0: p2 start 6669871 is beyond EOD, truncated [ 2437.835859][T26281] loop0: p3 start 225 is beyond EOD, truncated [ 2437.842038][T26281] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:25:43 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800000068000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2437.865895][T26319] loop3: detected capacity change from 0 to 2216 05:25:43 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000000001f002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:25:43 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000020002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2437.961005][T26332] loop3: detected capacity change from 0 to 2216 [ 2437.981293][T26336] loop0: detected capacity change from 0 to 1 [ 2438.008295][T26336] loop0: p1 p2 p3 p4[EZD] [ 2438.012911][T26336] loop0: p1 start 10 is beyond EOD, truncated [ 2438.019031][T26336] loop0: p2 start 6815744 is beyond EOD, truncated [ 2438.025565][T26336] loop0: p3 start 225 is beyond EOD, truncated [ 2438.031738][T26336] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2438.033437][T26344] loop3: detected capacity change from 0 to 2216 [ 2438.090856][T26347] loop0: detected capacity change from 0 to 16400 05:25:46 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(0x0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:25:46 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000001020002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:25:46 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac00000000006300080000006c000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:25:46 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x11, 0x0) 05:25:46 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000021002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2440.465964][T26359] loop3: detected capacity change from 0 to 2216 [ 2440.472941][T26362] loop0: detected capacity change from 0 to 1 [ 2440.529514][T26362] loop0: p1 p2 p3 p4[EZD] [ 2440.534019][T26362] loop0: p1 start 10 is beyond EOD, truncated [ 2440.540137][T26362] loop0: p2 start 7077888 is beyond EOD, truncated [ 2440.546666][T26362] loop0: p3 start 225 is beyond EOD, truncated [ 2440.552936][T26362] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2440.604148][T26379] loop0: detected capacity change from 0 to 16400 05:25:46 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000022002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:25:46 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x2, 0x0) 05:25:46 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800000074000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:25:46 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0xb00, 0x0) 05:25:46 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000023002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2440.805952][T26388] loop0: detected capacity change from 0 to 1 [ 2440.812577][T26390] loop3: detected capacity change from 0 to 2216 [ 2440.857906][T26388] loop0: p1 p2 p3 p4[EZD] [ 2440.865691][T26388] loop0: p1 start 10 is beyond EOD, truncated [ 2440.871907][T26388] loop0: p2 start 7602176 is beyond EOD, truncated [ 2440.878610][T26388] loop0: p3 start 225 is beyond EOD, truncated [ 2440.884836][T26388] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:25:46 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0xc00, 0x0) [ 2440.915138][T26410] loop3: detected capacity change from 0 to 2216 [ 2440.933794][T26388] loop0: detected capacity change from 0 to 1 05:25:46 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000024002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2440.970192][T26388] loop0: p1 p2 p3 p4[EZD] [ 2440.974953][T26388] loop0: p1 start 10 is beyond EOD, truncated [ 2440.981104][T26388] loop0: p2 start 7602176 is beyond EOD, truncated [ 2440.987613][T26388] loop0: p3 start 225 is beyond EOD, truncated [ 2440.993842][T26388] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2441.018724][T26429] loop3: detected capacity change from 0 to 2216 05:25:49 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x0) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:25:49 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac00000000006300080000007a000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:25:49 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000025002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:25:49 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x12, 0x0) [ 2443.491319][ T25] kauditd_printk_skb: 318 callbacks suppressed [ 2443.491333][ T25] audit: type=1326 audit(1625635549.338:61948): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=26437 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2443.494319][T26442] loop3: detected capacity change from 0 to 2216 [ 2443.499607][ T25] audit: type=1326 audit(1625635549.338:61949): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=26437 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=56 compat=0 ip=0x4665d9 code=0x7ffc0000 05:25:49 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000026002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:25:49 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x25, 0x0) [ 2443.569182][ T25] audit: type=1326 audit(1625635549.338:61950): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=26437 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2443.606173][T26447] loop0: detected capacity change from 0 to 1 [ 2443.618985][ T25] audit: type=1326 audit(1625635549.368:61951): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=26443 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=231 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2443.645052][ T25] audit: type=1326 audit(1625635549.408:61952): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=26437 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=186 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2443.659010][T26464] loop3: detected capacity change from 0 to 2216 [ 2443.670910][ T25] audit: type=1326 audit(1625635549.408:61953): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=26437 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2443.700796][T26447] loop0: p1 p2 p3 p4[EZD] [ 2443.705288][T26447] loop0: p1 start 10 is beyond EOD, truncated [ 2443.711448][T26447] loop0: p2 start 7995392 is beyond EOD, truncated [ 2443.717991][T26447] loop0: p3 start 225 is beyond EOD, truncated [ 2443.724158][T26447] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2443.734107][ T25] audit: type=1326 audit(1625635549.408:61954): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=26437 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2443.759296][ T25] audit: type=1326 audit(1625635549.408:61955): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=26437 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=278 compat=0 ip=0x4665d9 code=0x7ffc0000 05:25:49 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x3, 0x0) 05:25:49 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000027002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2443.783650][ T25] audit: type=1326 audit(1625635549.408:61956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=26437 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2443.815415][ T25] audit: type=1326 audit(1625635549.408:61957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=26437 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=101 compat=0 ip=0x4665d9 code=0x7ffc0000 05:25:49 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x48, 0x0) [ 2443.845570][T26475] loop3: detected capacity change from 0 to 2216 [ 2443.861620][T26479] loop0: detected capacity change from 0 to 16400 05:25:49 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000028002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:25:49 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0xd00, 0x0) 05:25:49 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800000480000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2443.979835][T26507] loop3: detected capacity change from 0 to 2216 [ 2443.997950][T26508] loop0: detected capacity change from 0 to 1 [ 2444.039520][T26508] loop0: p1 p2 p3 p4[EZD] [ 2444.044256][T26508] loop0: p1 start 10 is beyond EOD, truncated [ 2444.050559][T26508] loop0: p2 start 8389632 is beyond EOD, truncated [ 2444.057063][T26508] loop0: p3 start 225 is beyond EOD, truncated [ 2444.063347][T26508] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2444.123026][T26521] loop0: detected capacity change from 0 to 16400 05:25:52 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x0) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:25:52 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000029002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:25:52 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac0000000000630008ffffff80000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:25:52 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000000002a002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2446.496772][T26528] loop3: detected capacity change from 0 to 2216 [ 2446.512761][T26532] loop0: detected capacity change from 0 to 1 [ 2446.558005][T26532] loop0: p1 p2 p3 p4[EZD] [ 2446.562668][T26532] loop0: p1 start 10 is beyond EOD, truncated [ 2446.568773][T26532] loop0: p2 start 8454143 is beyond EOD, truncated [ 2446.575260][T26532] loop0: p3 start 225 is beyond EOD, truncated [ 2446.581442][T26532] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2446.601776][T26542] loop3: detected capacity change from 0 to 2216 05:25:52 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000000002b002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:25:52 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000000002c002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2446.648359][T26544] loop0: detected capacity change from 0 to 16400 [ 2446.666059][T26552] loop3: detected capacity change from 0 to 2216 [ 2446.745038][T26557] loop3: detected capacity change from 0 to 2216 05:25:52 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x4, 0x0) 05:25:52 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800000384000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2446.845881][T26567] loop0: detected capacity change from 0 to 1 [ 2446.877961][T26567] loop0: p1 p2 p3 p4[EZD] [ 2446.882565][T26567] loop0: p1 start 10 is beyond EOD, truncated [ 2446.888702][T26567] loop0: p2 start 8651520 is beyond EOD, truncated 05:25:52 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x4c, 0x0) 05:25:52 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000000022c002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:25:52 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0xe00, 0x0) 05:25:52 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800007e8c000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2446.895207][T26567] loop0: p3 start 225 is beyond EOD, truncated [ 2446.901386][T26567] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2446.925055][T26585] loop3: detected capacity change from 0 to 2216 [ 2446.988587][T26598] loop0: detected capacity change from 0 to 1 [ 2447.018012][T26598] loop0: p1 p2 p3 p4[EZD] [ 2447.022505][T26598] loop0: p1 start 10 is beyond EOD, truncated [ 2447.028691][T26598] loop0: p2 start 9207296 is beyond EOD, truncated [ 2447.035200][T26598] loop0: p3 start 225 is beyond EOD, truncated [ 2447.041393][T26598] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2447.091300][T26610] loop0: detected capacity change from 0 to 16400 05:25:55 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x0) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:25:55 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000000002d002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:25:55 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac0000000000630008ffffff8c000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2449.519653][ T25] kauditd_printk_skb: 320 callbacks suppressed [ 2449.519667][ T25] audit: type=1326 audit(1625635555.368:62278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=26617 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2449.530280][T26622] loop3: detected capacity change from 0 to 2216 05:25:55 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000000002e002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2449.551365][ T25] audit: type=1326 audit(1625635555.368:62279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=26617 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=56 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2449.582717][T26621] loop0: detected capacity change from 0 to 1 [ 2449.591721][ T25] audit: type=1326 audit(1625635555.368:62280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=26617 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 05:25:55 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000000002f002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2449.622746][ T25] audit: type=1326 audit(1625635555.368:62281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=26617 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=186 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2449.654488][T26621] loop0: p1 p2 p3 p4[EZD] [ 2449.663317][T26621] loop0: p1 start 10 is beyond EOD, truncated [ 2449.667880][ T25] audit: type=1326 audit(1625635555.368:62282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=26617 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2449.669457][T26621] loop0: p2 start 9240575 is beyond EOD, truncated [ 2449.695603][ T25] audit: type=1326 audit(1625635555.368:62283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=26617 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=61 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2449.700182][T26621] loop0: p3 start 225 is beyond EOD, truncated [ 2449.700199][T26621] loop0: p4 size 3657465856 extends beyond EOD, [ 2449.726207][ T25] audit: type=1326 audit(1625635555.368:62284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=26620 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2449.730385][T26621] truncated [ 2449.764186][ T25] audit: type=1326 audit(1625635555.368:62285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=26620 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=278 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2449.768348][T26633] loop3: detected capacity change from 0 to 2216 [ 2449.789700][ T25] audit: type=1326 audit(1625635555.368:62286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=26620 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 05:25:55 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x5, 0x0) [ 2449.820041][T26630] loop0: detected capacity change from 0 to 1 [ 2449.822136][ T25] audit: type=1326 audit(1625635555.368:62287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=26620 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=101 compat=0 ip=0x4665d9 code=0x7ffc0000 05:25:55 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000000003f002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2449.879118][T26630] loop0: p1 p2 p3 p4[EZD] [ 2449.883727][T26630] loop0: p1 start 10 is beyond EOD, truncated [ 2449.889836][T26630] loop0: p2 start 9240575 is beyond EOD, truncated [ 2449.896368][T26630] loop0: p3 start 225 is beyond EOD, truncated [ 2449.902633][T26630] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2449.911901][ T1037] loop0: p1 p2 p3 p4[EZD] [ 2449.916601][ T1037] loop0: p1 start 10 is beyond EOD, truncated [ 2449.922716][ T1037] loop0: p2 start 9240575 is beyond EOD, truncated 05:25:55 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x68, 0x0) 05:25:55 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac0000000000630008ffffff97000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:25:55 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000040002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:25:55 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x1100, 0x0) [ 2449.929337][ T1037] loop0: p3 start 225 is beyond EOD, truncated [ 2449.935492][ T1037] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2449.958158][T26659] loop3: detected capacity change from 0 to 2216 [ 2450.007885][T26662] loop0: detected capacity change from 0 to 1 [ 2450.037497][T26679] loop3: detected capacity change from 0 to 2216 [ 2450.052251][T26662] loop0: p1 p2 p3 p4[EZD] 05:25:55 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000000001d3002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2450.056805][T26662] loop0: p1 start 10 is beyond EOD, truncated [ 2450.062924][T26662] loop0: p2 start 9961471 is beyond EOD, truncated [ 2450.069458][T26662] loop0: p3 start 225 is beyond EOD, truncated [ 2450.075613][T26662] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2450.134954][T26674] loop0: detected capacity change from 0 to 1 [ 2450.152262][T26693] loop3: detected capacity change from 0 to 2216 [ 2450.190613][T26674] loop0: p1 p2 p3 p4[EZD] [ 2450.196156][T26674] loop0: p1 start 10 is beyond EOD, truncated [ 2450.202279][T26674] loop0: p2 start 9961471 is beyond EOD, truncated [ 2450.208935][T26674] loop0: p3 start 225 is beyond EOD, truncated [ 2450.215094][T26674] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2450.308745][ T1037] loop0: p1 p2 p3 p4[EZD] [ 2450.313354][ T1037] loop0: p1 start 10 is beyond EOD, truncated [ 2450.319518][ T1037] loop0: p2 start 9961471 is beyond EOD, truncated [ 2450.326287][ T1037] loop0: p3 start 225 is beyond EOD, truncated [ 2450.332452][ T1037] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:25:58 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:25:58 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000000001e8002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:25:58 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac0000000000630008ffffffa1000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:25:58 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000000001e9002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2452.539747][T26711] loop3: detected capacity change from 0 to 2216 [ 2452.540158][T26710] loop0: detected capacity change from 0 to 1 [ 2452.598156][T26710] loop0: p1 p2 p3 p4[EZD] [ 2452.602941][T26710] loop0: p1 start 10 is beyond EOD, truncated [ 2452.609053][T26710] loop0: p2 start 10616831 is beyond EOD, truncated [ 2452.615651][T26710] loop0: p3 start 225 is beyond EOD, truncated [ 2452.621970][T26710] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:25:58 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac0000000000630008ffffffc9000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2452.646551][T26722] loop3: detected capacity change from 0 to 2216 [ 2452.698936][T26728] loop0: detected capacity change from 0 to 1 [ 2452.725920][T26728] loop0: p1 p2 p3 p4[EZD] [ 2452.730525][T26728] loop0: p1 start 10 is beyond EOD, truncated [ 2452.736759][T26728] loop0: p2 start 13238271 is beyond EOD, truncated [ 2452.743366][T26728] loop0: p3 start 225 is beyond EOD, truncated [ 2452.749564][T26728] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2452.791008][T26739] loop0: detected capacity change from 0 to 16400 05:25:58 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x6, 0x0) 05:25:58 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000000007fc002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2452.892178][T26744] loop3: detected capacity change from 0 to 2216 05:25:58 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x6c, 0x0) 05:25:58 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac0000000000630008000001d6000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:25:58 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000000fffe002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:25:58 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x1200, 0x0) [ 2452.974494][T26758] loop3: detected capacity change from 0 to 2216 [ 2452.980428][T26757] loop0: detected capacity change from 0 to 1 05:25:58 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000fff002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2453.030689][T26757] loop0: p1 p2 p3 p4[EZD] [ 2453.035338][T26757] loop0: p1 start 10 is beyond EOD, truncated [ 2453.041471][T26757] loop0: p2 start 14024960 is beyond EOD, truncated [ 2453.048086][T26757] loop0: p3 start 225 is beyond EOD, truncated [ 2453.054259][T26757] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2453.098028][T26780] loop3: detected capacity change from 0 to 2216 [ 2453.118317][T26781] loop0: detected capacity change from 0 to 16400 05:26:01 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:26:01 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x1800, 0x0) 05:26:01 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000000feff002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:26:01 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac0000000000630008ffffffe4000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2455.547043][ T25] kauditd_printk_skb: 259 callbacks suppressed [ 2455.547055][ T25] audit: type=1326 audit(1625635561.388:62547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=26794 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2455.558647][T26798] loop3: detected capacity change from 0 to 2216 [ 2455.585905][T26801] loop0: detected capacity change from 0 to 1 [ 2455.602090][ T25] audit: type=1326 audit(1625635561.428:62548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=26794 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=56 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2455.626747][ T25] audit: type=1326 audit(1625635561.428:62549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=26794 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 05:26:01 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000000002401000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2455.651779][ T25] audit: type=1326 audit(1625635561.428:62550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=26794 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=186 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2455.677990][ T25] audit: type=1326 audit(1625635561.428:62551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=26794 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2455.704603][T26801] loop0: p1 p2 p3 p4[EZD] [ 2455.704788][ T25] audit: type=1326 audit(1625635561.428:62552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=26794 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=61 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2455.709194][T26801] loop0: p1 start 10 is beyond EOD, truncated [ 2455.733535][ T25] audit: type=1326 audit(1625635561.428:62553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=26793 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2455.739191][T26801] loop0: p2 start 15007743 is beyond EOD, truncated [ 2455.763539][ T25] audit: type=1326 audit(1625635561.428:62554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=26793 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=56 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2455.769971][T26801] loop0: p3 start 225 is beyond EOD, truncated [ 2455.769989][T26801] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2455.807702][ T25] audit: type=1326 audit(1625635561.428:62555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=26793 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2455.828783][T26816] loop3: detected capacity change from 0 to 2216 05:26:01 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x7, 0x0) 05:26:01 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000000003f01000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2455.838456][ T25] audit: type=1326 audit(1625635561.428:62556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=26793 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=186 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2455.868966][T26809] loop0: detected capacity change from 0 to 1 05:26:01 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x74, 0x0) 05:26:01 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x8, 0x0) 05:26:01 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000000004001000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2455.936582][T26828] loop3: detected capacity change from 0 to 2216 [ 2455.939836][T26809] loop0: p1 p2 p3 p4[EZD] [ 2455.950559][T26809] loop0: p1 start 10 is beyond EOD, truncated [ 2455.956723][T26809] loop0: p2 start 15007743 is beyond EOD, truncated [ 2455.963350][T26809] loop0: p3 start 225 is beyond EOD, [ 2455.968835][T26809] truncated [ 2455.971974][T26809] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:26:01 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac0000000000630008000000f4000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:26:01 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000000045401000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2456.034814][T26844] loop3: detected capacity change from 0 to 2216 [ 2456.088504][T26855] loop0: detected capacity change from 0 to 1 [ 2456.118662][T26864] loop3: detected capacity change from 0 to 2216 [ 2456.131216][T26855] loop0: p1 p2 p3 p4[EZD] [ 2456.135842][T26855] loop0: p1 start 10 is beyond EOD, truncated [ 2456.141946][T26855] loop0: p2 start 15990784 is beyond EOD, truncated [ 2456.148570][T26855] loop0: p3 start 225 is beyond EOD, truncated [ 2456.154733][T26855] loop0: p4 size 3657465856 extends beyond EOD, [ 2456.161097][T26855] truncated [ 2456.220275][T26874] loop0: detected capacity change from 0 to 16400 05:26:04 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:26:04 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x2000, 0x0) 05:26:04 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000000fffffffe01000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:26:04 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac0000000000630008000004f5000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:26:04 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000002002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2458.574422][T26886] loop3: detected capacity change from 0 to 2216 [ 2458.582114][T26887] loop0: detected capacity change from 0 to 1 [ 2458.628454][T26887] loop0: p1 p2 p3 p4[EZD] [ 2458.633101][T26887] loop0: p1 start 10 is beyond EOD, truncated [ 2458.639407][T26887] loop0: p2 start 16057344 is beyond EOD, truncated [ 2458.645987][T26887] loop0: p3 start 225 is beyond EOD, truncated [ 2458.652134][T26887] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2458.673707][T26904] loop3: detected capacity change from 0 to 2216 05:26:04 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000003002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2458.718519][T26907] loop0: detected capacity change from 0 to 1 05:26:04 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000865c62ff5000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2458.767307][T26916] loop3: detected capacity change from 0 to 2216 [ 2458.889109][T26923] loop0: detected capacity change from 0 to 1 [ 2458.948110][T26923] loop0: p1 p2 p3 p4[EZD] [ 2458.952763][T26923] loop0: p1 start 10 is beyond EOD, truncated [ 2458.959179][T26923] loop0: p2 start 16068550 is beyond EOD, truncated [ 2458.965884][T26923] loop0: p3 start 225 is beyond EOD, truncated [ 2458.972049][T26923] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:26:04 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x7a, 0x0) 05:26:04 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000004002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:26:04 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x9, 0x0) [ 2459.018447][T26925] loop0: detected capacity change from 0 to 1 05:26:04 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0xa, 0x0) 05:26:04 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac0000000000630008fffffff6000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2459.059517][T26941] loop3: detected capacity change from 0 to 2216 [ 2459.068532][T26925] loop0: p1 p2 p3 p4[EZD] [ 2459.081810][T26925] loop0: p1 start 10 is beyond EOD, truncated [ 2459.087953][T26925] loop0: p2 start 16068550 is beyond EOD, truncated [ 2459.094554][T26925] loop0: p3 start 225 is beyond EOD, truncated [ 2459.100734][T26925] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2459.220770][T26961] loop0: detected capacity change from 0 to 1 [ 2459.258334][T26961] loop0: p1 p2 p3 p4[EZD] [ 2459.262947][T26961] loop0: p1 start 10 is beyond EOD, truncated [ 2459.269061][T26961] loop0: p2 start 16187391 is beyond EOD, truncated [ 2459.275727][T26961] loop0: p3 start 225 is beyond EOD, truncated [ 2459.281896][T26961] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:26:07 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0), 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:26:07 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000005002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:26:07 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac0000000000630008fffffffb000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:26:07 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x2500, 0x0) [ 2461.599475][ T25] kauditd_printk_skb: 332 callbacks suppressed [ 2461.599489][ T25] audit: type=1326 audit(1625635567.448:62889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=26974 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2461.601748][T26978] loop3: detected capacity change from 0 to 2216 05:26:07 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x3f00, 0x0) 05:26:07 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000006002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2461.606595][ T25] audit: type=1326 audit(1625635567.448:62890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=26974 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=56 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2461.661041][T26976] loop0: detected capacity change from 0 to 1 [ 2461.709601][T26976] loop0: p1 p2 p3 p4[EZD] [ 2461.712675][ T25] audit: type=1326 audit(1625635567.448:62891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=26974 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2461.714529][T26976] loop0: p1 start 10 is beyond EOD, truncated [ 2461.739925][ T25] audit: type=1326 audit(1625635567.478:62892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=26974 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=186 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2461.744321][T26976] loop0: p2 start 16515071 is beyond EOD, truncated [ 2461.770717][ T25] audit: type=1326 audit(1625635567.478:62893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=26974 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2461.775029][T26976] loop0: p3 start 225 is beyond EOD, truncated [ 2461.775047][T26976] loop0: p4 size 3657465856 extends beyond EOD, [ 2461.800493][ T25] audit: type=1326 audit(1625635567.478:62894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=26974 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2461.805518][T26976] truncated [ 2461.841187][ T25] audit: type=1326 audit(1625635567.478:62895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=26979 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=231 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2461.866963][T26996] loop3: detected capacity change from 0 to 2216 [ 2461.868234][ T25] audit: type=1326 audit(1625635567.508:62896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=26974 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=61 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2461.898736][ T25] audit: type=1326 audit(1625635567.508:62897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=26974 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2461.926371][ T25] audit: type=1326 audit(1625635567.508:62898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=26974 comm="syz-executor.5" exe="/root/syz-executor.5" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 05:26:07 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x4800, 0x0) [ 2461.958076][T26992] loop0: detected capacity change from 0 to 1 05:26:07 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x300, 0x0) 05:26:07 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000007002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:26:07 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac0000000000630008000001fc000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2461.988471][T26992] loop0: p1 p2 p3 p4[EZD] [ 2461.993073][T26992] loop0: p1 start 10 is beyond EOD, truncated [ 2461.999183][T26992] loop0: p2 start 16515071 is beyond EOD, truncated [ 2462.005776][T26992] loop0: p3 start 225 is beyond EOD, truncated [ 2462.011939][T26992] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:26:07 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0xb, 0x0) [ 2462.071423][T27028] loop3: detected capacity change from 0 to 2216 05:26:07 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x500, 0x0) [ 2462.122039][T27036] loop0: detected capacity change from 0 to 1 [ 2462.159713][T27036] loop0: p1 p2 p3 p4[EZD] [ 2462.164940][T27036] loop0: p1 start 10 is beyond EOD, truncated [ 2462.171092][T27036] loop0: p2 start 16515328 is beyond EOD, truncated [ 2462.177731][T27036] loop0: p3 start 225 is beyond EOD, truncated [ 2462.183891][T27036] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2462.240436][T27049] loop0: detected capacity change from 0 to 1 [ 2462.297532][T27049] loop0: p1 p2 p3 p4[EZD] [ 2462.302800][T27049] loop0: p1 start 10 is beyond EOD, truncated [ 2462.308979][T27049] loop0: p2 start 16515328 is beyond EOD, truncated [ 2462.315769][T27049] loop0: p3 start 225 is beyond EOD, truncated [ 2462.321968][T27049] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:26:10 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0), 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:26:10 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000008002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:26:10 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0xc, 0x0) 05:26:10 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac0000000000630008fffffdfd000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2464.622492][T27069] loop0: detected capacity change from 0 to 1 [ 2464.622703][T27067] loop3: detected capacity change from 0 to 2216 [ 2464.659677][T27069] loop0: p1 p2 p3 p4[EZD] [ 2464.664489][T27069] loop0: p1 start 10 is beyond EOD, truncated 05:26:10 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000009002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:26:10 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac0000000000630008fffffffd000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2464.670603][T27069] loop0: p2 start 16645631 is beyond EOD, truncated [ 2464.677207][T27069] loop0: p3 start 225 is beyond EOD, truncated [ 2464.683417][T27069] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2464.761792][T27091] loop0: detected capacity change from 0 to 1 [ 2464.762301][T27089] loop3: detected capacity change from 0 to 2216 [ 2464.798151][T27091] loop0: p1 p2 p3 p4[EZD] [ 2464.802705][T27091] loop0: p1 start 10 is beyond EOD, truncated [ 2464.808839][T27091] loop0: p2 start 16646143 is beyond EOD, truncated [ 2464.815453][T27091] loop0: p3 start 225 is beyond EOD, truncated [ 2464.821626][T27091] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2464.855009][T27097] loop0: detected capacity change from 0 to 1 05:26:10 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x4c00, 0x0) 05:26:10 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000000000a002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2464.918725][T27097] loop0: p1 p2 p3 p4[EZD] [ 2464.923305][T27097] loop0: p1 start 10 is beyond EOD, truncated [ 2464.929414][T27097] loop0: p2 start 16646143 is beyond EOD, truncated [ 2464.935997][T27097] loop0: p3 start 225 is beyond EOD, truncated [ 2464.942208][T27097] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:26:10 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac0000000000630008fffffffe000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2464.999499][T27108] loop3: detected capacity change from 0 to 2216 [ 2465.028546][ T1037] loop0: p1 p2 p3 p4[EZD] [ 2465.034359][ T1037] loop0: p1 start 10 is beyond EOD, truncated [ 2465.040512][ T1037] loop0: p2 start 16646143 is beyond EOD, truncated 05:26:10 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000000000b002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2465.047109][ T1037] loop0: p3 start 225 is beyond EOD, truncated [ 2465.053393][ T1037] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:26:10 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x600, 0x0) 05:26:11 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000000000c002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2465.108684][T27119] loop0: detected capacity change from 0 to 1 [ 2465.113133][T27125] loop3: detected capacity change from 0 to 2216 [ 2465.167969][T27119] loop0: p1 p2 p3 p4[EZD] [ 2465.172464][T27119] loop0: p1 start 10 is beyond EOD, truncated [ 2465.178648][T27119] loop0: p2 start 16711679 is beyond EOD, truncated [ 2465.185311][T27119] loop0: p3 start 225 is beyond EOD, truncated [ 2465.191498][T27119] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2465.207258][ T1037] loop0: p1 p2 p3 p4[EZD] [ 2465.212138][ T1037] loop0: p1 start 10 is beyond EOD, truncated [ 2465.213649][T27139] loop3: detected capacity change from 0 to 2216 [ 2465.218265][ T1037] loop0: p2 start 16711679 is beyond EOD, truncated [ 2465.218282][ T1037] loop0: p3 start 225 is beyond EOD, truncated [ 2465.237405][ T1037] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:26:13 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0), 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:26:13 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x700, 0x0) 05:26:13 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000000000d002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:26:13 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800000fff000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:26:13 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0xd, 0x0) [ 2467.634717][T27155] loop3: detected capacity change from 0 to 2216 [ 2467.643354][T27157] loop0: detected capacity change from 0 to 1 [ 2467.662392][ T25] kauditd_printk_skb: 310 callbacks suppressed 05:26:13 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000000000e002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2467.662403][ T25] audit: type=1326 audit(1625635573.508:63209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=27152 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2467.697989][T27157] loop0: p1 p2 p3 p4[EZD] [ 2467.702555][T27157] loop0: p1 start 10 is beyond EOD, truncated [ 2467.708656][T27157] loop0: p2 start 16715520 is beyond EOD, truncated [ 2467.709999][ T25] audit: type=1326 audit(1625635573.518:63210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=27156 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2467.715343][T27157] loop0: p3 start 225 is beyond EOD, truncated [ 2467.715361][T27157] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2467.752907][ T25] audit: type=1326 audit(1625635573.518:63211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=27156 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2467.794728][T27181] loop0: detected capacity change from 0 to 16400 [ 2467.797722][T27182] loop3: detected capacity change from 0 to 2216 [ 2467.818735][ T25] audit: type=1326 audit(1625635573.538:63213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=27152 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=56 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2467.843204][ T25] audit: type=1326 audit(1625635573.538:63212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=27156 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=56 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2467.869305][ T25] audit: type=1326 audit(1625635573.538:63214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=27156 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2467.899281][ T25] audit: type=1326 audit(1625635573.538:63215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=27156 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2467.923602][ T25] audit: type=1326 audit(1625635573.538:63216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=27152 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2467.949679][ T25] audit: type=1326 audit(1625635573.538:63217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=27152 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=186 compat=0 ip=0x4665d9 code=0x7ffc0000 05:26:13 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x6800, 0x0) 05:26:13 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac0000000000630008ffffefff000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:26:13 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000000000f002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2467.984473][ T25] audit: type=1326 audit(1625635573.538:63218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=27152 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2468.040022][T27193] loop0: detected capacity change from 0 to 1 05:26:13 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000010002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2468.058146][T27193] loop0: p1 p2 p3 p4[EZD] [ 2468.062760][T27193] loop0: p1 start 10 is beyond EOD, truncated [ 2468.068860][T27193] loop0: p2 start 16773119 is beyond EOD, truncated [ 2468.072166][T27204] loop3: detected capacity change from 0 to 2216 [ 2468.075556][T27193] loop0: p3 start 225 is beyond EOD, truncated [ 2468.088051][T27193] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2468.143003][T27209] loop0: detected capacity change from 0 to 1 [ 2468.167606][T27217] loop3: detected capacity change from 0 to 2216 05:26:14 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000011002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2468.202434][T27209] loop0: p1 p2 p3 p4[EZD] [ 2468.206951][T27209] loop0: p1 start 10 is beyond EOD, truncated [ 2468.213140][T27209] loop0: p2 start 16773119 is beyond EOD, truncated [ 2468.219782][T27209] loop0: p3 start 225 is beyond EOD, truncated [ 2468.225965][T27209] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2468.248017][ T1037] loop0: p1 p2 p3 p4[EZD] [ 2468.252493][ T1037] loop0: p1 start 10 is beyond EOD, truncated [ 2468.258575][ T1037] loop0: p2 start 16773119 is beyond EOD, truncated [ 2468.265166][ T1037] loop0: p3 start 225 is beyond EOD, truncated [ 2468.271349][ T1037] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:26:14 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac0000000000630008ffefffff000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2468.299579][T27229] loop3: detected capacity change from 0 to 2216 [ 2468.420342][T27236] loop0: detected capacity change from 0 to 1 [ 2468.447946][T27236] loop0: p1 p2 p3 p4[EZD] [ 2468.452690][T27236] loop0: p1 start 10 is beyond EOD, truncated [ 2468.458785][T27236] loop0: p2 start 16777199 is beyond EOD, truncated [ 2468.465389][T27236] loop0: p3 start 225 is beyond EOD, truncated [ 2468.471555][T27236] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:26:16 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x0, 0x0}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:26:16 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000012002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:26:16 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac0000000000630008fdfdffff000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:26:16 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x900, 0x0) 05:26:16 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0xe, 0x0) 05:26:16 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000013002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2470.684810][T27256] loop3: detected capacity change from 0 to 2216 [ 2470.687135][T27258] loop0: detected capacity change from 0 to 1 [ 2470.747889][T27258] loop0: p1 p2 p3 p4[EZD] [ 2470.752480][T27258] loop0: p1 start 10 is beyond EOD, truncated [ 2470.758706][T27258] loop0: p2 start 16777213 is beyond EOD, truncated [ 2470.765288][T27258] loop0: p3 start 225 is beyond EOD, truncated [ 2470.771438][T27258] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2470.791775][T27277] loop3: detected capacity change from 0 to 2216 [ 2470.838459][T27279] loop0: detected capacity change from 0 to 16400 05:26:16 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x6c00, 0x0) 05:26:16 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000014002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:26:16 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac00000000006300087fffffff000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2471.066608][T27293] loop3: detected capacity change from 0 to 2216 [ 2471.071566][T27294] loop0: detected capacity change from 0 to 1 05:26:16 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000015002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2471.108097][T27294] loop0: p1 p2 p3 p4[EZD] [ 2471.112681][T27294] loop0: p1 start 10 is beyond EOD, truncated [ 2471.118780][T27294] loop0: p2 start 16777215 is beyond EOD, truncated [ 2471.125405][T27294] loop0: p3 start 225 is beyond EOD, truncated [ 2471.131602][T27294] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:26:17 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000016002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2471.167582][T27310] loop3: detected capacity change from 0 to 2216 [ 2471.178563][T27305] loop0: detected capacity change from 0 to 1 05:26:17 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000880ffffff000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2471.217983][T27305] loop0: p1 p2 p3 p4[EZD] [ 2471.222600][T27305] loop0: p1 start 10 is beyond EOD, truncated [ 2471.228714][T27305] loop0: p2 start 16777215 is beyond EOD, truncated [ 2471.235359][T27305] loop0: p3 start 225 is beyond EOD, truncated [ 2471.241527][T27305] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2471.274638][T27321] loop3: detected capacity change from 0 to 2216 [ 2471.339047][T27327] loop0: detected capacity change from 0 to 1 [ 2471.381781][T27327] loop0: p1 p2 p3 p4[EZD] [ 2471.386506][T27327] loop0: p1 start 10 is beyond EOD, truncated [ 2471.392608][T27327] loop0: p2 start 16777215 is beyond EOD, truncated [ 2471.399283][T27327] loop0: p3 start 225 is beyond EOD, truncated [ 2471.405500][T27327] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2471.458610][T27332] loop0: detected capacity change from 0 to 1 [ 2471.498836][T27332] loop0: p1 p2 p3 p4[EZD] [ 2471.503530][T27332] loop0: p1 start 10 is beyond EOD, truncated [ 2471.509693][T27332] loop0: p2 start 16777215 is beyond EOD, truncated [ 2471.516368][T27332] loop0: p3 start 225 is beyond EOD, truncated [ 2471.522621][T27332] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:26:19 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x0, 0x0}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:26:19 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000017002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:26:19 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac00000000006300088cffffff000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:26:19 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0xa00, 0x0) 05:26:19 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x10, 0x0) [ 2473.687830][T27345] loop3: detected capacity change from 0 to 2216 [ 2473.704951][T27346] loop0: detected capacity change from 0 to 1 [ 2473.711642][ T25] kauditd_printk_skb: 271 callbacks suppressed [ 2473.711653][ T25] audit: type=1326 audit(1625635579.558:63490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=27344 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2473.759404][ T25] audit: type=1326 audit(1625635579.588:63491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=27344 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=56 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2473.785409][ T25] audit: type=1326 audit(1625635579.588:63492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=27344 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 05:26:19 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000018002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2473.814811][ T25] audit: type=1326 audit(1625635579.588:63493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=27344 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=186 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2473.839708][ T25] audit: type=1326 audit(1625635579.588:63494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=27344 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2473.857175][T27346] loop0: p1 p2 p3 p4[EZD] [ 2473.865970][ T25] audit: type=1326 audit(1625635579.588:63495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=27344 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=61 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2473.871842][T27346] loop0: p1 start 10 is beyond EOD, truncated [ 2473.893281][ T25] audit: type=1326 audit(1625635579.588:63496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=27354 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2473.898613][T27346] loop0: p2 start 16777215 is beyond EOD, truncated [ 2473.923156][ T25] audit: type=1326 audit(1625635579.598:63497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=27354 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=278 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2473.929415][T27346] loop0: p3 start 225 is beyond EOD, truncated [ 2473.953736][ T25] audit: type=1326 audit(1625635579.598:63498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=27354 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2473.959684][T27346] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2473.991460][ T25] audit: type=1326 audit(1625635579.598:63499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=27354 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=101 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2474.020979][T27373] loop0: detected capacity change from 0 to 16400 [ 2474.025620][T27383] loop3: detected capacity change from 0 to 2216 05:26:19 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x7400, 0x0) 05:26:19 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000019002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:26:19 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000897ffffff000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:26:19 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x11, 0x0) [ 2474.117549][T27399] loop3: detected capacity change from 0 to 2216 05:26:20 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000000001a002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2474.172727][T27407] loop0: detected capacity change from 0 to 1 05:26:20 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac0000000000630008a1ffffff000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2474.222818][T27407] loop0: p1 p2 p3 p4[EZD] [ 2474.229972][T27407] loop0: p1 start 10 is beyond EOD, truncated [ 2474.236037][T27407] loop0: p2 start 16777215 is beyond EOD, truncated [ 2474.242640][T27407] loop0: p3 start 225 is beyond EOD, truncated [ 2474.248813][T27407] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2474.256630][T27419] loop3: detected capacity change from 0 to 2216 [ 2474.313971][T27432] loop0: detected capacity change from 0 to 1 [ 2474.347910][T27432] loop0: p1 p2 p3 p4[EZD] [ 2474.352588][T27432] loop0: p1 start 10 is beyond EOD, truncated [ 2474.358697][T27432] loop0: p2 start 16777215 is beyond EOD, truncated [ 2474.365313][T27432] loop0: p3 start 225 is beyond EOD, truncated [ 2474.371921][T27432] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2474.408566][T27436] loop0: detected capacity change from 0 to 1 [ 2474.458514][T27436] loop0: p1 p2 p3 p4[EZD] [ 2474.463207][T27436] loop0: p1 start 10 is beyond EOD, truncated [ 2474.469720][T27436] loop0: p2 start 16777215 is beyond EOD, truncated [ 2474.476303][T27436] loop0: p3 start 225 is beyond EOD, truncated [ 2474.482464][T27436] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2474.528540][ T1037] loop0: p1 p2 p3 p4[EZD] [ 2474.533071][ T1037] loop0: p1 start 10 is beyond EOD, truncated [ 2474.539160][ T1037] loop0: p2 start 16777215 is beyond EOD, truncated [ 2474.545745][ T1037] loop0: p3 start 225 is beyond EOD, truncated [ 2474.551902][ T1037] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:26:22 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x0, 0x0}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:26:22 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000000001b002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:26:22 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac0000000000630008c9ffffff000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:26:22 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0xb00, 0x0) 05:26:22 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0xc00, 0x0) [ 2476.707810][T27455] loop0: detected capacity change from 0 to 1 [ 2476.718846][T27456] loop3: detected capacity change from 0 to 2216 05:26:22 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000000001c002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2476.771298][T27455] loop0: p1 p2 p3 p4[EZD] [ 2476.775915][T27455] loop0: p1 start 10 is beyond EOD, truncated [ 2476.782115][T27455] loop0: p2 start 16777215 is beyond EOD, truncated [ 2476.788885][T27455] loop0: p3 start 225 is beyond EOD, truncated [ 2476.795048][T27455] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2476.841730][T27470] loop0: detected capacity change from 0 to 1 [ 2476.848458][T27485] loop3: detected capacity change from 0 to 2216 [ 2476.878718][T27470] loop0: p1 p2 p3 p4[EZD] [ 2476.883585][T27470] loop0: p1 start 10 is beyond EOD, truncated [ 2476.889730][T27470] loop0: p2 start 16777215 is beyond EOD, truncated [ 2476.896361][T27470] loop0: p3 start 225 is beyond EOD, truncated [ 2476.902576][T27470] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2476.911901][ T1037] loop0: p1 p2 p3 p4[EZD] [ 2476.916528][ T1037] loop0: p1 start 10 is beyond EOD, truncated [ 2476.922669][ T1037] loop0: p2 start 16777215 is beyond EOD, truncated [ 2476.929302][ T1037] loop0: p3 start 225 is beyond EOD, truncated [ 2476.935509][ T1037] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:26:22 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x7a00, 0x0) 05:26:22 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000000001d002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:26:22 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac0000000000630008e4ffffff000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:26:23 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x12, 0x0) 05:26:23 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000000001e002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:26:23 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x7f00, 0x0) [ 2477.104481][T27502] loop3: detected capacity change from 0 to 2216 [ 2477.135557][T27508] loop0: detected capacity change from 0 to 1 [ 2477.178320][T27508] loop0: p1 p2 p3 p4[EZD] [ 2477.183018][T27508] loop0: p1 start 10 is beyond EOD, truncated [ 2477.186807][T27516] loop3: detected capacity change from 0 to 2216 [ 2477.189237][T27508] loop0: p2 start 16777215 is beyond EOD, truncated [ 2477.202171][T27508] loop0: p3 start 225 is beyond EOD, truncated [ 2477.208352][T27508] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2477.290970][T27517] loop0: detected capacity change from 0 to 1 05:26:25 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x0, &(0x7f0000000140)}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:26:25 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000021002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:26:25 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac0000000000630008f6ffffff000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2479.719079][ T25] kauditd_printk_skb: 350 callbacks suppressed [ 2479.719091][ T25] audit: type=1326 audit(1625635585.568:63850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=27542 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2479.722551][T27544] loop0: detected capacity change from 0 to 1 05:26:25 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0xd00, 0x0) 05:26:25 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x0, &(0x7f0000000140)}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2479.726387][ T25] audit: type=1326 audit(1625635585.568:63851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=27542 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=56 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2479.753358][T27546] loop3: detected capacity change from 0 to 2216 [ 2479.791020][ T25] audit: type=1326 audit(1625635585.568:63852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=27542 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2479.818141][T27544] loop0: p1 p2 p3 p4[EZD] [ 2479.826079][T27544] loop0: p1 start 10 is beyond EOD, truncated [ 2479.832223][T27544] loop0: p2 start 16777215 is beyond EOD, truncated [ 2479.838852][T27544] loop0: p3 start 225 is beyond EOD, truncated [ 2479.845018][T27544] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:26:25 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000022002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2479.863975][ T25] audit: type=1326 audit(1625635585.568:63853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=27542 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=186 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2479.889961][ T25] audit: type=1326 audit(1625635585.568:63854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=27542 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2479.914938][ T25] audit: type=1326 audit(1625635585.598:63855): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=27547 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=231 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2479.948160][ T25] audit: type=1326 audit(1625635585.598:63856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=27542 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=61 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2479.975632][T27550] loop0: detected capacity change from 0 to 1 [ 2479.976030][T27573] loop3: detected capacity change from 0 to 2216 [ 2479.993619][ T25] audit: type=1326 audit(1625635585.598:63857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=27542 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2480.021177][ T25] audit: type=1326 audit(1625635585.598:63858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=27542 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2480.046722][ T25] audit: type=1326 audit(1625635585.598:63859): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=27542 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=278 compat=0 ip=0x4665d9 code=0x7ffc0000 05:26:25 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000023002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:26:25 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac0000000000630008fbffffff000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2480.057487][T27550] loop0: p1 p2 p3 p4[EZD] [ 2480.083283][T27550] loop0: p1 start 10 is beyond EOD, truncated [ 2480.089397][T27550] loop0: p2 start 16777215 is beyond EOD, truncated [ 2480.096008][T27550] loop0: p3 start 225 is beyond EOD, truncated [ 2480.102190][T27550] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:26:26 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000024002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2480.136507][T27584] loop3: detected capacity change from 0 to 2216 05:26:26 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x25, 0x0) 05:26:26 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x200000, 0x0) [ 2480.189786][T27590] loop0: detected capacity change from 0 to 1 [ 2480.200555][T27594] loop3: detected capacity change from 0 to 2216 05:26:26 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000025002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2480.238954][T27590] loop0: p1 p2 p3 p4[EZD] [ 2480.243673][T27590] loop0: p1 start 10 is beyond EOD, truncated [ 2480.249783][T27590] loop0: p2 start 16777215 is beyond EOD, truncated [ 2480.256378][T27590] loop0: p3 start 225 is beyond EOD, truncated [ 2480.262549][T27590] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:26:26 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac0000000000630008fdffffff000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:26:26 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000026002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2480.308698][T27613] loop3: detected capacity change from 0 to 2216 [ 2480.368058][T27626] loop0: detected capacity change from 0 to 1 [ 2480.403721][T27626] loop0: p1 p2 p3 p4[EZD] [ 2480.406611][T27628] loop3: detected capacity change from 0 to 2216 05:26:26 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000027002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2480.408545][T27626] loop0: p1 start 10 is beyond EOD, truncated [ 2480.420584][T27626] loop0: p2 start 16777215 is beyond EOD, truncated [ 2480.427179][T27626] loop0: p3 start 225 is beyond EOD, [ 2480.432573][T27626] truncated [ 2480.435675][T27626] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2480.488799][T27636] loop0: detected capacity change from 0 to 16400 [ 2480.495682][T27638] loop3: detected capacity change from 0 to 2216 05:26:28 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0xe00, 0x0) 05:26:28 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x0, &(0x7f0000000140)}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:26:28 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000028002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:26:28 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac0000000000630008feffffff000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:26:28 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000029002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2482.869983][T27659] loop3: detected capacity change from 0 to 2216 [ 2482.870230][T27660] loop0: detected capacity change from 0 to 1 [ 2482.938058][T27660] loop0: p1 p2 p3 p4[EZD] [ 2482.942813][T27660] loop0: p1 start 10 is beyond EOD, truncated [ 2482.948939][T27660] loop0: p2 start 16777215 is beyond EOD, truncated [ 2482.955567][T27660] loop0: p3 start 225 is beyond EOD, truncated [ 2482.961942][T27660] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2482.979380][T27673] loop3: detected capacity change from 0 to 2216 05:26:28 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000000002a002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2483.028245][T27677] loop0: detected capacity change from 0 to 16400 [ 2483.049455][T27684] loop3: detected capacity change from 0 to 2216 05:26:29 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x48, 0x0) 05:26:29 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x800000, 0x0) 05:26:29 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800000000000000034000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:26:29 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000000002b002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2483.259918][T27698] loop3: detected capacity change from 0 to 2216 [ 2483.266826][T27697] loop0: detected capacity change from 0 to 1 [ 2483.298091][T27697] loop0: p1 p2 p3 p4[EZD] [ 2483.302764][T27697] loop0: p1 start 10 is beyond EOD, truncated 05:26:29 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000000002c002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2483.308883][T27697] loop0: p2 size 1073938432 extends beyond EOD, truncated [ 2483.317861][T27697] loop0: p3 start 225 is beyond EOD, truncated [ 2483.324222][T27697] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2483.370184][T27718] loop0: detected capacity change from 0 to 16400 [ 2483.389080][T27728] loop3: detected capacity change from 0 to 2216 05:26:29 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000000002d002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2483.485361][T27733] loop3: detected capacity change from 0 to 2216 05:26:31 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x1100, 0x0) 05:26:31 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x2, &(0x7f0000000140)="f479"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:26:31 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800000000000000044000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:26:31 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000000002e002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2485.844571][ T25] kauditd_printk_skb: 289 callbacks suppressed [ 2485.844617][ T25] audit: type=1326 audit(1625635591.688:64149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=27740 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2485.875395][ T25] audit: type=1326 audit(1625635591.688:64150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=27740 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=56 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2485.885831][T27748] loop0: detected capacity change from 0 to 1 [ 2485.918439][T27757] loop3: detected capacity change from 0 to 2216 [ 2485.929291][ T25] audit: type=1326 audit(1625635591.688:64151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=27740 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2485.953922][ T25] audit: type=1326 audit(1625635591.688:64152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=27740 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=186 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2485.979889][ T25] audit: type=1326 audit(1625635591.688:64153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=27740 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2485.990840][T27748] loop0: p1 p2 p3 p4[EZD] [ 2486.007371][ T25] audit: type=1326 audit(1625635591.688:64154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=27740 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=61 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2486.009095][T27748] loop0: p1 start 10 is beyond EOD, truncated 05:26:31 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000000002f002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2486.034873][ T25] audit: type=1326 audit(1625635591.688:64155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=27744 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2486.038716][T27748] loop0: p2 size 1074003968 extends beyond EOD, truncated [ 2486.055550][T27748] loop0: p3 start 225 is beyond EOD, [ 2486.063479][ T25] audit: type=1326 audit(1625635591.688:64156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=27744 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=278 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2486.070016][T27748] truncated [ 2486.076166][ T25] audit: type=1326 audit(1625635591.688:64157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=27744 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2486.099497][T27748] loop0: p4 size 3657465856 extends beyond EOD, [ 2486.103514][ T25] audit: type=1326 audit(1625635591.688:64158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=27744 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=101 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2486.126714][T27748] truncated 05:26:32 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800000000000000054000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2486.202337][T27772] loop0: detected capacity change from 0 to 16400 [ 2486.210879][T27775] loop3: detected capacity change from 0 to 2216 05:26:32 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x4c, 0x0) 05:26:32 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x1000000, 0x0) 05:26:32 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000000000fe002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2486.311245][T27793] loop0: detected capacity change from 0 to 1 [ 2486.335396][T27798] loop3: detected capacity change from 0 to 2216 05:26:32 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000000000d3012301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2486.368680][T27793] loop0: p1 p2 p3 p4[EZD] [ 2486.373780][T27793] loop0: p1 start 10 is beyond EOD, truncated [ 2486.379942][T27793] loop0: p2 size 1074069504 extends beyond EOD, truncated [ 2486.388379][T27793] loop0: p3 start 225 is beyond EOD, truncated [ 2486.394661][T27793] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:26:32 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000000000e8012301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2486.418133][T27810] loop3: detected capacity change from 0 to 2216 [ 2486.428818][T27808] loop0: detected capacity change from 0 to 1 [ 2486.468100][T27808] loop0: p1 p2 p3 p4[EZD] [ 2486.473030][T27808] loop0: p1 start 10 is beyond EOD, truncated [ 2486.479268][T27808] loop0: p2 size 1074069504 extends beyond EOD, truncated [ 2486.496942][T27821] loop3: detected capacity change from 0 to 2216 [ 2486.500567][T27808] loop0: p3 start 225 is beyond EOD, truncated [ 2486.509481][T27808] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:26:32 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000000000e9012301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2486.524606][ T1037] loop0: p1 p2 p3 p4[EZD] [ 2486.529682][ T1037] loop0: p1 start 10 is beyond EOD, truncated [ 2486.535760][ T1037] loop0: p2 size 1074069504 extends beyond EOD, [ 2486.542122][ T1037] truncated [ 2486.545665][ T1037] loop0: p3 start 225 is beyond EOD, truncated [ 2486.551937][ T1037] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2486.614045][T27834] loop3: detected capacity change from 0 to 2216 05:26:34 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x1200, 0x0) 05:26:34 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x2, &(0x7f0000000140)="f479"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:26:34 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800000000000000074000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:26:34 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000004022301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2488.933482][T27858] loop0: detected capacity change from 0 to 1 [ 2488.938083][T27860] loop3: detected capacity change from 0 to 2216 [ 2488.972728][T27858] loop0: p1 p2 p3 p4[EZD] 05:26:34 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000016022301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:26:34 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000017022301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2488.979008][T27858] loop0: p1 start 10 is beyond EOD, truncated [ 2488.985158][T27858] loop0: p2 size 1074200576 extends beyond EOD, truncated [ 2488.993450][T27858] loop0: p3 start 225 is beyond EOD, truncated [ 2488.999714][T27858] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2489.022298][T27874] loop3: detected capacity change from 0 to 2216 [ 2489.086200][T27882] loop0: detected capacity change from 0 to 16400 [ 2489.096974][T27887] loop3: detected capacity change from 0 to 2216 05:26:35 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x68, 0x0) 05:26:35 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x2000000, 0x0) 05:26:35 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000000002c022301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:26:35 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800000000000000084000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2489.303170][T27897] loop0: detected capacity change from 0 to 1 [ 2489.317991][T27899] loop3: detected capacity change from 0 to 2216 05:26:35 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000000032301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2489.358005][T27897] loop0: p1 p2 p3 p4[EZD] [ 2489.362902][T27897] loop0: p1 start 10 is beyond EOD, truncated [ 2489.369023][T27897] loop0: p2 size 1074266112 extends beyond EOD, truncated [ 2489.376612][T27897] loop0: p3 start 225 is beyond EOD, truncated [ 2489.382822][T27897] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:26:35 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000002042301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2489.407702][T27925] loop3: detected capacity change from 0 to 2216 [ 2489.424573][T27922] loop0: detected capacity change from 0 to 1 [ 2489.478168][T27922] loop0: p1 p2 p3 p4[EZD] [ 2489.482658][T27922] loop0: p1 start 10 is beyond EOD, truncated [ 2489.488772][T27922] loop0: p2 size 1074266112 extends beyond EOD, truncated [ 2489.496436][T27933] loop3: detected capacity change from 0 to 2216 [ 2489.502490][T27922] loop0: p3 start 225 is beyond EOD, truncated [ 2489.508970][T27922] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2489.520271][ T1037] loop0: p1 p2 p3 p4[EZD] [ 2489.533113][ T1037] loop0: p1 start 10 is beyond EOD, truncated [ 2489.539270][ T1037] loop0: p2 size 1074266112 extends beyond EOD, truncated [ 2489.546860][ T1037] loop0: p3 start 225 is beyond EOD, truncated [ 2489.553147][ T1037] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:26:37 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x2000, 0x0) [ 2491.870190][ T25] kauditd_printk_skb: 267 callbacks suppressed [ 2491.870203][ T25] audit: type=1326 audit(1625635597.718:64426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=27949 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 05:26:37 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x2, &(0x7f0000000140)="f479"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:26:37 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800000000000000094000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:26:37 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000006042301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2491.901422][ T25] audit: type=1326 audit(1625635597.728:64427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=27949 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=56 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2491.925706][ T25] audit: type=1326 audit(1625635597.728:64428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=27949 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2491.969867][ T25] audit: type=1326 audit(1625635597.728:64429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=27949 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=186 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2491.972992][T27963] loop3: detected capacity change from 0 to 2216 [ 2491.994761][ T25] audit: type=1326 audit(1625635597.728:64430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=27949 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2492.025989][ T25] audit: type=1326 audit(1625635597.728:64431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=27949 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2492.038852][T27964] loop0: detected capacity change from 0 to 1 05:26:37 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000000052301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2492.059138][ T25] audit: type=1326 audit(1625635597.728:64432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=27949 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=61 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2492.089622][ T25] audit: type=1326 audit(1625635597.728:64433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=27953 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2492.118636][T27964] loop0: p1 p2 p3 p4[EZD] [ 2492.123538][T27964] loop0: p1 start 10 is beyond EOD, truncated [ 2492.129633][T27964] loop0: p2 size 1074331648 extends beyond EOD, truncated [ 2492.136911][T27973] loop3: detected capacity change from 0 to 2216 [ 2492.137914][ T25] audit: type=1326 audit(1625635597.728:64434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=27953 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=278 compat=0 ip=0x4665d9 code=0x7ffc0000 05:26:38 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000000062301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2492.168237][ T25] audit: type=1326 audit(1625635597.728:64435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=27953 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2492.172921][T27964] loop0: p3 start 225 is beyond EOD, truncated [ 2492.198652][T27964] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:26:38 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x6c, 0x0) [ 2492.248416][T27971] loop0: detected capacity change from 0 to 1 [ 2492.267764][T27985] loop3: detected capacity change from 0 to 2216 [ 2492.293527][T27971] loop0: p1 p2 p3 p4[EZD] 05:26:38 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x3000000, 0x0) 05:26:38 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000004062301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2492.311218][T27971] loop0: p1 start 10 is beyond EOD, truncated [ 2492.317337][T27971] loop0: p2 size 1074331648 extends beyond EOD, truncated [ 2492.336094][T27971] loop0: p3 start 225 is beyond EOD, truncated [ 2492.342287][T27971] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:26:38 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x74, 0x0) [ 2492.362397][T27997] loop3: detected capacity change from 0 to 2216 05:26:38 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000000072301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:26:38 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x4000000, 0x0) [ 2492.475902][T28018] loop3: detected capacity change from 0 to 2216 [ 2492.500840][ T1772] loop0: p1 p2 p3 p4[EZD] [ 2492.505670][ T1772] loop0: p1 start 10 is beyond EOD, truncated [ 2492.511778][ T1772] loop0: p2 size 1074331648 extends beyond EOD, truncated [ 2492.520926][ T1772] loop0: p3 start 225 is beyond EOD, truncated [ 2492.527087][ T1772] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:26:40 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac0000000000630008000000000000000a4000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:26:40 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:26:40 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x2500, 0x0) 05:26:40 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000000000fc072301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2494.886138][T28034] loop0: detected capacity change from 0 to 1 [ 2494.951875][T28034] loop0: p1 p2 p3 p4[EZD] [ 2494.956411][T28034] loop0: p1 start 10 is beyond EOD, truncated [ 2494.962507][T28034] loop0: p2 size 1074397184 extends beyond EOD, truncated [ 2494.986569][T28049] loop3: detected capacity change from 0 to 2216 05:26:40 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:26:40 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000000092301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2495.000535][T28034] loop0: p3 start 225 is beyond EOD, truncated [ 2495.006715][T28034] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:26:40 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:26:40 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xffffffffffffffff, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2495.068712][T28054] loop0: detected capacity change from 0 to 16400 05:26:40 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800000000000000104000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2495.109092][T28071] loop3: detected capacity change from 0 to 2216 [ 2495.193667][T28081] loop0: detected capacity change from 0 to 1 [ 2495.218241][T28081] loop0: p1 p2 p3 p4[EZD] [ 2495.222972][T28081] loop0: p1 start 10 is beyond EOD, truncated [ 2495.229105][T28081] loop0: p2 size 1074790400 extends beyond EOD, truncated [ 2495.237071][T28081] loop0: p3 start 225 is beyond EOD, truncated [ 2495.243415][T28081] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2495.298678][T28088] loop0: detected capacity change from 0 to 16400 05:26:41 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000000000000a2301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:26:41 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x7a, 0x0) 05:26:41 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x5000000, 0x0) 05:26:41 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac0000000000630008000000000000001c4000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2495.416314][T28095] loop3: detected capacity change from 0 to 2216 05:26:41 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000000000000b2301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2495.497827][T28108] loop0: detected capacity change from 0 to 1 [ 2495.537453][T28119] loop3: detected capacity change from 0 to 2216 [ 2495.544273][T28108] loop0: p1 p2 p3 p4[EZD] [ 2495.550574][T28108] loop0: p1 start 10 is beyond EOD, truncated [ 2495.556662][T28108] loop0: p2 size 1075576832 extends beyond EOD, truncated [ 2495.568833][T28108] loop0: p3 start 225 is beyond EOD, truncated [ 2495.575114][T28108] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2495.643669][T28128] loop0: detected capacity change from 0 to 16400 05:26:43 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x4000, 0x0) 05:26:43 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000000000000c2301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:26:43 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800000000000000254000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2497.979542][T28142] loop3: detected capacity change from 0 to 2216 [ 2497.986372][ T25] kauditd_printk_skb: 380 callbacks suppressed [ 2497.986383][ T25] audit: type=1326 audit(1625635603.828:64816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=28141 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2498.019639][T28143] loop0: detected capacity change from 0 to 1 [ 2498.026650][ T25] audit: type=1326 audit(1625635603.868:64817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=28141 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=56 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2498.052364][ T25] audit: type=1326 audit(1625635603.868:64818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=28141 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2498.077296][ T25] audit: type=1326 audit(1625635603.868:64819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=28141 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=186 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2498.085412][T28143] loop0: p1 p2 p3 p4[EZD] [ 2498.101988][ T25] audit: type=1326 audit(1625635603.868:64820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=28141 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 05:26:43 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000000000000d2301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:26:44 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xffffffffffffffff, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 2498.117064][T28143] loop0: p1 start 10 is beyond EOD, truncated [ 2498.131063][ T25] audit: type=1326 audit(1625635603.868:64821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=28141 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=61 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2498.136325][T28143] loop0: p2 size 1076166656 extends beyond EOD, truncated [ 2498.168384][T28143] loop0: p3 start 225 is beyond EOD, truncated [ 2498.174570][T28143] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2498.177454][ T25] audit: type=1326 audit(1625635603.868:64822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=28147 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 05:26:44 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800000000000000264000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2498.208229][ T25] audit: type=1326 audit(1625635603.868:64823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=28147 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=278 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2498.238359][ T25] audit: type=1326 audit(1625635603.868:64824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=28147 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2498.262657][T28154] loop0: detected capacity change from 0 to 1 [ 2498.269134][T28171] loop3: detected capacity change from 0 to 2216 05:26:44 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000000000000e2301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2498.291979][ T25] audit: type=1326 audit(1625635603.868:64825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=28147 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=101 compat=0 ip=0x4665d9 code=0x7ffc0000 05:26:44 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x300, 0x0) 05:26:44 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000000000000f2301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2498.376802][T28179] loop3: detected capacity change from 0 to 2216 05:26:44 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x6000000, 0x0) 05:26:44 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x500, 0x0) [ 2498.440542][T28184] loop0: detected capacity change from 0 to 1 [ 2498.487514][T28193] loop3: detected capacity change from 0 to 2216 [ 2498.494448][T28184] loop0: p1 p2 p3 p4[EZD] [ 2498.501551][T28184] loop0: p1 start 10 is beyond EOD, truncated [ 2498.507677][T28184] loop0: p2 size 1076232192 extends beyond EOD, truncated 05:26:44 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000020102301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2498.541491][T28184] loop0: p3 start 225 is beyond EOD, truncated [ 2498.547712][T28184] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2498.598768][T28195] loop0: detected capacity change from 0 to 1 [ 2498.631059][T28221] loop3: detected capacity change from 0 to 2216 05:26:46 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x4800, 0x0) 05:26:46 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800000000000000284000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:26:46 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000000112301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:26:46 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x4c00, 0x0) [ 2501.003549][T28234] loop3: detected capacity change from 0 to 2216 [ 2501.016278][T28233] loop0: detected capacity change from 0 to 1 [ 2501.076834][T28233] loop0: p1 p2 p3 p4[EZD] [ 2501.082765][T28233] loop0: p1 start 10 is beyond EOD, truncated [ 2501.088891][T28233] loop0: p2 size 1076363264 extends beyond EOD, truncated [ 2501.096643][T28233] loop0: p3 start 225 is beyond EOD, truncated [ 2501.102839][T28233] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:26:47 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xffffffffffffffff, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:26:47 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000000122301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:26:47 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x6800, 0x0) 05:26:47 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x6c00, 0x0) [ 2501.188546][T28262] loop0: detected capacity change from 0 to 16400 [ 2501.202036][T28266] loop3: detected capacity change from 0 to 2216 05:26:47 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000000132301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2501.311262][T28286] loop3: detected capacity change from 0 to 2216 05:26:47 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x7000000, 0x0) 05:26:47 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800000000000000314000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:26:47 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000000142301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:26:47 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x600, 0x0) 05:26:47 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000000152301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:26:47 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x700, 0x0) [ 2501.531696][T28296] loop3: detected capacity change from 0 to 2216 [ 2501.558402][T28301] loop0: detected capacity change from 0 to 1 05:26:47 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000000162301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2501.642641][T28301] loop0: p1 p2 p3 p4[EZD] [ 2501.647313][T28301] loop0: p1 start 10 is beyond EOD, truncated [ 2501.653486][T28301] loop0: p2 size 1076953088 extends beyond EOD, truncated [ 2501.663515][T28328] loop3: detected capacity change from 0 to 2216 [ 2501.665693][T28301] loop0: p3 start 225 is beyond EOD, truncated [ 2501.676118][T28301] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2501.748609][T28333] loop0: detected capacity change from 0 to 16400 [ 2501.768557][T28343] loop3: detected capacity change from 0 to 2216 05:26:50 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:26:50 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000002162301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:26:50 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac0000000000630008000000000000003f4000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2504.210631][ T25] kauditd_printk_skb: 373 callbacks suppressed [ 2504.210643][ T25] audit: type=1326 audit(1625635610.058:65199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=28351 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2504.218128][T28356] loop3: detected capacity change from 0 to 2216 05:26:50 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x7400, 0x0) 05:26:50 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000000172301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2504.241684][ T25] audit: type=1326 audit(1625635610.058:65200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=28351 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=56 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2504.276954][T28355] loop0: detected capacity change from 0 to 1 [ 2504.312135][ T25] audit: type=1326 audit(1625635610.058:65201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=28351 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2504.345196][ T25] audit: type=1326 audit(1625635610.058:65202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=28351 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=186 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2504.372927][ T25] audit: type=1326 audit(1625635610.058:65203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=28351 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2504.403067][ T25] audit: type=1326 audit(1625635610.058:65204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=28351 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=61 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2504.423676][T28375] loop3: detected capacity change from 0 to 2216 [ 2504.427506][ T25] audit: type=1326 audit(1625635610.058:65205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=28354 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2504.458140][T28355] loop0: p1 p2 p3 p4[EZD] [ 2504.463131][T28355] loop0: p1 start 10 is beyond EOD, truncated [ 2504.469258][T28355] loop0: p2 size 1077870592 extends beyond EOD, truncated [ 2504.478941][T28355] loop0: p3 start 225 is beyond EOD, truncated [ 2504.485208][T28355] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2504.491650][ T25] audit: type=1326 audit(1625635610.058:65206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=28354 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=278 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2504.526217][ T25] audit: type=1326 audit(1625635610.058:65207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=28354 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 05:26:50 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x8000000, 0x0) 05:26:50 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x7a00, 0x0) 05:26:50 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000002172301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:26:50 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x900, 0x0) [ 2504.551825][ T25] audit: type=1326 audit(1625635610.058:65208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=28354 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=101 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2504.581988][T28365] loop0: detected capacity change from 0 to 1 [ 2504.618227][T28365] loop0: p1 p2 p3 p4[EZD] [ 2504.623070][T28365] loop0: p1 start 10 is beyond EOD, truncated [ 2504.629193][T28365] loop0: p2 size 1077870592 extends beyond EOD, truncated [ 2504.638389][T28404] loop3: detected capacity change from 0 to 2216 [ 2504.657333][T28365] loop0: p3 start 225 is beyond EOD, truncated 05:26:50 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800000000000000404000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:26:50 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000000182301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2504.663600][T28365] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2504.734694][T28418] loop3: detected capacity change from 0 to 2216 [ 2504.756280][T28425] loop0: detected capacity change from 0 to 1 05:26:50 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000000192301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2504.783460][T28425] loop0: p1 p2 p3 p4[EZD] [ 2504.789197][T28425] loop0: p1 start 10 is beyond EOD, truncated [ 2504.795336][T28425] loop0: p2 size 1077936128 extends beyond EOD, truncated [ 2504.802940][T28425] loop0: p3 start 225 is beyond EOD, truncated [ 2504.809121][T28425] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2504.844639][T28434] loop3: detected capacity change from 0 to 2216 05:26:53 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:26:53 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800000000000000644000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:26:53 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000000000001a2301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:26:53 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000000000001b2301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2507.219030][T28445] loop0: detected capacity change from 0 to 1 [ 2507.229756][T28449] loop3: detected capacity change from 0 to 2216 [ 2507.268394][T28445] loop0: p1 p2 p3 p4[EZD] [ 2507.273093][T28445] loop0: p1 start 10 is beyond EOD, truncated [ 2507.279174][T28445] loop0: p2 size 1080295424 extends beyond EOD, truncated [ 2507.287996][T28445] loop0: p3 start 225 is beyond EOD, truncated [ 2507.294159][T28445] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:26:53 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000000000001c2301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2507.314693][T28461] loop3: detected capacity change from 0 to 2216 [ 2507.358869][T28464] loop0: detected capacity change from 0 to 16400 [ 2507.380577][T28473] loop3: detected capacity change from 0 to 2216 05:26:53 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x9000000, 0x0) 05:26:53 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000000000001d2301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:26:53 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800000000ffffffff4000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:26:53 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0xa00, 0x0) 05:26:53 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x7f00, 0x0) [ 2507.595300][T28484] loop0: detected capacity change from 0 to 1 [ 2507.607034][T28491] loop3: detected capacity change from 0 to 2216 05:26:53 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000000000001e2301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2507.649550][T28484] loop0: p1 p2 p3 p4[EZD] [ 2507.660276][T28484] loop0: p1 start 10 is beyond EOD, truncated [ 2507.666454][T28484] loop0: p2 start 4278190080 is beyond EOD, truncated [ 2507.673362][T28484] loop0: p3 start 225 is beyond EOD, truncated [ 2507.679571][T28484] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:26:53 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000000000001f2301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2507.719959][T28518] loop3: detected capacity change from 0 to 2216 [ 2507.739289][T28498] loop0: detected capacity change from 0 to 1 [ 2507.780144][T28498] loop0: p1 p2 p3 p4[EZD] [ 2507.785353][T28498] loop0: p1 start 10 is beyond EOD, truncated [ 2507.791465][T28498] loop0: p2 start 4278190080 is beyond EOD, truncated [ 2507.797675][T28526] loop3: detected capacity change from 0 to 2216 [ 2507.798250][T28498] loop0: p3 start 225 is beyond EOD, truncated [ 2507.810722][T28498] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:26:56 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:26:56 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000000202301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:26:56 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac0000000000630008ffffffffffffffff4000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2510.236043][T28539] loop3: detected capacity change from 0 to 2216 [ 2510.251404][T28543] loop0: detected capacity change from 0 to 1 [ 2510.264786][ T25] kauditd_printk_skb: 307 callbacks suppressed 05:26:56 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000010202301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2510.264808][ T25] audit: type=1326 audit(1625635616.108:65516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=28540 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2510.295361][ T25] audit: type=1326 audit(1625635616.128:65517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=28540 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=56 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2510.298168][T28543] loop0: p1 p2 p3 p4[EZD] [ 2510.320038][ T25] audit: type=1326 audit(1625635616.128:65518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=28540 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2510.328214][T28543] loop0: p1 start 10 is beyond EOD, truncated [ 2510.348322][ T25] audit: type=1326 audit(1625635616.128:65519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=28540 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2510.354271][T28543] loop0: p2 start 4294967295 is beyond EOD, truncated [ 2510.380338][ T25] audit: type=1326 audit(1625635616.128:65520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=28540 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=186 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2510.385147][T28543] loop0: p3 start 225 is beyond EOD, truncated [ 2510.410368][ T25] audit: type=1326 audit(1625635616.128:65521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=28540 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2510.415457][T28543] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2510.441145][ T25] audit: type=1326 audit(1625635616.128:65522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=28540 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2510.468345][T28554] loop3: detected capacity change from 0 to 2216 [ 2510.471351][ T25] audit: type=1326 audit(1625635616.128:65523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=28540 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=61 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2510.502806][ T25] audit: type=1326 audit(1625635616.128:65524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=28547 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 05:26:56 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000000212301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:26:56 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0xa000000, 0x0) [ 2510.538393][ T25] audit: type=1326 audit(1625635616.128:65525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=28547 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=278 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2510.565697][T28549] loop0: detected capacity change from 0 to 1 [ 2510.609779][ T1037] loop0: p1 p2 p3 p4[EZD] [ 2510.615071][ T1037] loop0: p1 start 10 is beyond EOD, truncated [ 2510.616881][T28567] loop3: detected capacity change from 0 to 2216 [ 2510.621188][ T1037] loop0: p2 start 4294967295 is beyond EOD, truncated [ 2510.634270][ T1037] loop0: p3 start 225 is beyond EOD, truncated [ 2510.640458][ T1037] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:26:56 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x200000, 0x0) 05:26:56 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0xb00, 0x0) 05:26:56 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000000222301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:26:56 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800000000000000040000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2510.658696][T28549] loop0: p1 p2 p3 p4[EZD] [ 2510.663702][T28549] loop0: p1 start 10 is beyond EOD, truncated [ 2510.669861][T28549] loop0: p2 start 4294967295 is beyond EOD, truncated [ 2510.676647][T28549] loop0: p3 start 225 is beyond EOD, truncated [ 2510.682948][T28549] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2510.775787][T28594] loop3: detected capacity change from 0 to 2216 [ 2510.788993][T28596] loop0: detected capacity change from 0 to 1 05:26:56 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000000232301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2510.830704][T28596] loop0: p1 p2 p3 p4[EZD] [ 2510.837870][T28596] loop0: p1 start 10 is beyond EOD, truncated [ 2510.844110][T28596] loop0: p2 size 262144 extends beyond EOD, truncated [ 2510.851385][T28596] loop0: p3 start 225 is beyond EOD, truncated [ 2510.857763][T28596] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:26:56 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000000242301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2510.888833][T28608] loop0: detected capacity change from 0 to 16400 [ 2510.892650][T28616] loop3: detected capacity change from 0 to 2216 [ 2510.996362][T28623] loop3: detected capacity change from 0 to 2216 05:26:59 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, 0x0) ptrace$cont(0x7, r0, 0x0, 0x0) 05:26:59 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800000000000000200000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:26:59 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000000252301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2513.256720][T28633] loop0: detected capacity change from 0 to 1 [ 2513.265992][T28636] loop3: detected capacity change from 0 to 2216 05:26:59 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000000262301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2513.298479][T28633] loop0: p1 p2 p3 p4[EZD] [ 2513.303196][T28633] loop0: p1 start 10 is beyond EOD, truncated [ 2513.309323][T28633] loop0: p2 size 2097152 extends beyond EOD, truncated [ 2513.316834][T28633] loop0: p3 start 225 is beyond EOD, truncated [ 2513.323028][T28633] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:26:59 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000000272301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2513.346169][T28650] loop3: detected capacity change from 0 to 2216 [ 2513.358850][T28647] loop0: detected capacity change from 0 to 16400 [ 2513.417773][T28635] ================================================================== [ 2513.425862][T28635] BUG: KCSAN: data-race in blk_mq_unfreeze_queue / blk_queue_enter [ 2513.433741][T28635] [ 2513.436077][T28635] write to 0xffff8881012e1d6c of 4 bytes by task 28647 on cpu 1: [ 2513.443762][T28635] blk_mq_unfreeze_queue+0x3c/0xc0 [ 2513.448849][T28635] loop_set_status+0x438/0x5a0 [ 2513.453616][T28635] lo_ioctl+0x764/0x1210 [ 2513.457841][T28635] blkdev_ioctl+0x1d0/0x3c0 [ 2513.462401][T28635] block_ioctl+0x6d/0x80 [ 2513.466624][T28635] __se_sys_ioctl+0xcb/0x140 [ 2513.471222][T28635] __x64_sys_ioctl+0x3f/0x50 [ 2513.475786][T28635] do_syscall_64+0x3d/0x90 [ 2513.480179][T28635] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2513.486067][T28635] [ 2513.488369][T28635] read to 0xffff8881012e1d6c of 4 bytes by task 28635 on cpu 0: [ 2513.495969][T28635] blk_queue_enter+0x2b8/0x560 [ 2513.500708][T28635] submit_bio_noacct+0x6d4/0x7e0 [ 2513.505620][T28635] submit_bio+0x10c/0x190 [ 2513.509924][T28635] mpage_readahead+0x23e/0x280 [ 2513.514671][T28635] blkdev_readahead+0x18/0x20 [ 2513.519340][T28635] read_pages+0x9f/0x530 [ 2513.523613][T28635] page_cache_ra_unbounded+0x3c8/0x410 [ 2513.529048][T28635] force_page_cache_ra+0x246/0x280 [ 2513.534166][T28635] page_cache_sync_ra+0xcc/0xe0 [ 2513.538994][T28635] filemap_read+0x388/0x1230 [ 2513.543582][T28635] generic_file_read_iter+0x75/0x2c0 [ 2513.548849][T28635] blkdev_read_iter+0xb9/0xf0 [ 2513.553535][T28635] vfs_read+0x565/0x5d0 [ 2513.557668][T28635] ksys_read+0xce/0x180 [ 2513.561812][T28635] __x64_sys_read+0x3e/0x50 [ 2513.566308][T28635] do_syscall_64+0x3d/0x90 [ 2513.570707][T28635] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2513.576609][T28635] [ 2513.578920][T28635] value changed: 0x00000001 -> 0x00000000 [ 2513.584609][T28635] [ 2513.586906][T28635] Reported by Kernel Concurrency Sanitizer on: [ 2513.593138][T28635] CPU: 0 PID: 28635 Comm: systemd-udevd Tainted: G W 5.13.0-syzkaller #0 [ 2513.602857][T28635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 05:26:59 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0xb000000, 0x0) [ 2513.612897][T28635] ================================================================== 05:26:59 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x800000, 0x0) [ 2513.639034][T28664] loop3: detected capacity change from 0 to 2216 05:26:59 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0xc00, 0x0) 05:26:59 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800020000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:26:59 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000000282301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:26:59 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x1000000, 0x0) 05:26:59 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000000292301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2513.747231][T28679] loop0: detected capacity change from 0 to 1 [ 2513.770579][T28686] loop3: detected capacity change from 0 to 2216 [ 2513.818163][T28679] loop0: p1 p2 p3 p4[EZD] [ 2513.823623][T28679] loop0: p1 start 10 is beyond EOD, truncated [ 2513.829759][T28679] loop0: p2 start 2 is beyond EOD, truncated [ 2513.835759][T28679] loop0: p3 start 225 is beyond EOD, truncated [ 2513.842102][T28679] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2513.862484][T28702] loop3: detected capacity change from 0 to 2216 [ 2513.912510][T28693] loop0: detected capacity change from 0 to 1 [ 2513.958118][T28693] loop0: p1 p2 p3 p4[EZD] [ 2513.962701][T28693] loop0: p1 start 10 is beyond EOD, truncated [ 2513.968805][T28693] loop0: p2 start 2 is beyond EOD, truncated [ 2513.974771][T28693] loop0: p3 start 225 is beyond EOD, truncated [ 2513.981030][T28693] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2514.078677][ T1037] loop0: p1 p2 p3 p4[EZD] [ 2514.083380][ T1037] loop0: p1 start 10 is beyond EOD, truncated [ 2514.089476][ T1037] loop0: p2 start 2 is beyond EOD, truncated [ 2514.095887][ T1037] loop0: p3 start 225 is beyond EOD, truncated [ 2514.102084][ T1037] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:27:02 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000000000002a2301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:27:02 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, 0x0) ptrace$cont(0x7, r0, 0x0, 0x0) 05:27:02 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800030000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2516.285789][ T25] kauditd_printk_skb: 302 callbacks suppressed [ 2516.285801][ T25] audit: type=1326 audit(1625635622.128:65828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=28720 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2516.290406][T28724] loop3: detected capacity change from 0 to 2216 [ 2516.294260][ T25] audit: type=1326 audit(1625635622.138:65829): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=28720 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=56 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2516.348865][ T25] audit: type=1326 audit(1625635622.138:65830): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=28720 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 05:27:02 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, 0x0) ptrace$cont(0x7, r0, 0x0, 0x0) 05:27:02 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000000000002b2301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2516.375128][ T25] audit: type=1326 audit(1625635622.138:65831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=28720 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=186 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2516.404855][T28723] loop0: detected capacity change from 0 to 1 [ 2516.415797][ T25] audit: type=1326 audit(1625635622.138:65832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=28720 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2516.441111][ T25] audit: type=1326 audit(1625635622.168:65833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=28725 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=231 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2516.465617][ T25] audit: type=1326 audit(1625635622.198:65834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=28720 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=61 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2516.490031][ T25] audit: type=1326 audit(1625635622.198:65835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=28720 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2516.515004][T28723] loop0: p1 p2 p3 p4[EZD] [ 2516.522328][ T25] audit: type=1326 audit(1625635622.198:65836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=28720 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2516.526477][T28723] loop0: p1 start 10 is beyond EOD, truncated [ 2516.548165][ T25] audit: type=1326 audit(1625635622.218:65837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=28720 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=101 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2516.552724][T28723] loop0: p2 start 3 is beyond EOD, truncated 05:27:02 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0xc000000, 0x0) 05:27:02 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800040000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2516.582959][T28723] loop0: p3 start 225 is beyond EOD, truncated [ 2516.589243][T28723] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2516.595048][T28741] loop3: detected capacity change from 0 to 2216 [ 2516.663951][T28755] loop0: detected capacity change from 0 to 1 05:27:02 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0xd00, 0x0) 05:27:02 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000000000002c2301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:27:02 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x2000000, 0x0) [ 2516.708017][ T1037] loop0: p1 p2 p3 p4[EZD] [ 2516.712554][ T1037] loop0: p1 start 10 is beyond EOD, truncated [ 2516.718689][ T1037] loop0: p2 start 4 is beyond EOD, truncated [ 2516.724657][ T1037] loop0: p3 start 225 is beyond EOD, truncated [ 2516.730835][ T1037] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2516.753198][T28755] loop0: p1 p2 p3 p4[EZD] 05:27:02 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000000000022c2301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2516.761315][T28755] loop0: p1 start 10 is beyond EOD, truncated [ 2516.762125][T28766] loop3: detected capacity change from 0 to 2216 [ 2516.767441][T28755] loop0: p2 start 4 is beyond EOD, truncated [ 2516.779778][T28755] loop0: p3 start 225 is beyond EOD, truncated [ 2516.785949][T28755] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2516.846269][T28761] loop0: detected capacity change from 0 to 1 [ 2516.864487][T28789] loop3: detected capacity change from 0 to 2216 [ 2516.878215][ T1037] loop0: p1 p2 p3 p4[EZD] [ 2516.884253][ T1037] loop0: p1 start 10 is beyond EOD, truncated [ 2516.890360][ T1037] loop0: p2 start 4 is beyond EOD, truncated 05:27:02 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000000000002d2301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:27:02 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800050000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2516.896433][ T1037] loop0: p3 start 225 is beyond EOD, truncated [ 2516.902650][ T1037] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2516.910872][T28761] loop0: p1 p2 p3 p4[EZD] [ 2516.915483][T28761] loop0: p1 start 10 is beyond EOD, truncated [ 2516.921691][T28761] loop0: p2 start 4 is beyond EOD, truncated [ 2516.927787][T28761] loop0: p3 start 225 is beyond EOD, truncated [ 2516.933947][T28761] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:27:02 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000000000002e2301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2516.974476][T28798] loop3: detected capacity change from 0 to 2216 [ 2517.028731][T28801] loop0: detected capacity change from 0 to 1 [ 2517.045646][T28811] loop3: detected capacity change from 0 to 2216 [ 2517.052569][T28801] loop0: p1 p2 p3 p4[EZD] [ 2517.057194][T28801] loop0: p1 start 10 is beyond EOD, truncated [ 2517.063368][T28801] loop0: p2 start 5 is beyond EOD, truncated [ 2517.069378][T28801] loop0: p3 start 225 is beyond EOD, truncated 05:27:02 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000000000002f2301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2517.075560][T28801] loop0: p4 size 3657465856 extends beyond EOD, [ 2517.082008][T28801] truncated [ 2517.134728][T28817] loop0: detected capacity change from 0 to 16400 [ 2517.147725][T28823] loop3: detected capacity change from 0 to 2216 05:27:05 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0xffffffffffffffff, r0, 0x0, 0x0) 05:27:05 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800060000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2519.433491][T28831] loop0: detected capacity change from 0 to 1 [ 2519.487899][T28831] loop0: p1 p2 p3 p4[EZD] [ 2519.492441][T28831] loop0: p1 start 10 is beyond EOD, truncated [ 2519.498508][T28831] loop0: p2 start 6 is beyond EOD, truncated [ 2519.504493][T28831] loop0: p3 start 225 is beyond EOD, truncated [ 2519.510665][T28831] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:27:05 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0xd000000, 0x0) 05:27:05 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000000000003f2301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2519.666657][T28847] loop3: detected capacity change from 0 to 2216 05:27:05 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0xe00, 0x0) 05:27:05 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800070000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:27:05 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x3000000, 0x0) 05:27:05 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000000402301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2519.767436][T28858] loop0: detected capacity change from 0 to 1 [ 2519.802469][T28871] loop3: detected capacity change from 0 to 2216 05:27:05 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000001d32301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2519.814045][T28858] loop0: p1 p2 p3 p4[EZD] [ 2519.819518][T28858] loop0: p1 start 10 is beyond EOD, truncated [ 2519.825608][T28858] loop0: p2 start 7 is beyond EOD, truncated [ 2519.831609][T28858] loop0: p3 start 225 is beyond EOD, truncated [ 2519.837783][T28858] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:27:05 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800080000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:27:05 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000001e82301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2519.904937][T28884] loop3: detected capacity change from 0 to 2216 [ 2519.911375][T28881] loop0: detected capacity change from 0 to 16400 05:27:05 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000001e92301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2520.015709][T28896] loop0: detected capacity change from 0 to 1 [ 2520.021450][T28897] loop3: detected capacity change from 0 to 2216 [ 2520.051217][T28896] loop0: p1 p2 p3 p4[EZD] [ 2520.056455][T28896] loop0: p1 start 10 is beyond EOD, truncated [ 2520.062650][T28896] loop0: p2 start 8 is beyond EOD, truncated [ 2520.068658][T28896] loop0: p3 start 225 is beyond EOD, truncated [ 2520.074818][T28896] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2520.120602][T28903] loop0: detected capacity change from 0 to 1 [ 2520.120719][T28911] loop3: detected capacity change from 0 to 2216 [ 2520.180116][T28903] loop0: p1 p2 p3 p4[EZD] [ 2520.185280][T28903] loop0: p1 start 10 is beyond EOD, truncated [ 2520.191485][T28903] loop0: p2 start 8 is beyond EOD, truncated [ 2520.197558][T28903] loop0: p3 start 225 is beyond EOD, truncated [ 2520.203711][T28903] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:27:08 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x4, &(0x7f0000000140)="f47970da"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0xffffffffffffffff, r0, 0x0, 0x0) 05:27:08 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000007fc2301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2522.442981][T28926] loop3: detected capacity change from 0 to 2216 [ 2522.450994][ T25] kauditd_printk_skb: 293 callbacks suppressed [ 2522.451006][ T25] audit: type=1326 audit(1625635628.298:66131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=28925 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2522.506135][ T25] audit: type=1326 audit(1625635628.298:66132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=28925 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=56 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2522.530872][ T25] audit: type=1326 audit(1625635628.298:66133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=28925 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2522.555368][ T25] audit: type=1326 audit(1625635628.298:66134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=28925 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=186 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2522.579640][ T25] audit: type=1326 audit(1625635628.298:66135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=28925 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2522.603926][ T25] audit: type=1326 audit(1625635628.298:66136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=28925 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=61 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2522.628275][ T25] audit: type=1326 audit(1625635628.298:66137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=28929 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 05:27:08 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x5, &(0x7f0000000140)="f47970da2f"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0xe000000, 0x0) 05:27:08 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac000000000063000800090000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2522.652449][ T25] audit: type=1326 audit(1625635628.298:66138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=28929 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=278 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2522.682572][ T25] audit: type=1326 audit(1625635628.298:66139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=28929 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4665d9 code=0x7ffc0000 [ 2522.710499][T28935] loop0: detected capacity change from 0 to 1 [ 2522.721900][ T25] audit: type=1326 audit(1625635628.298:66140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:kernel_t:s0 pid=28929 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=101 compat=0 ip=0x4665d9 code=0x7ffc0000 05:27:08 executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x3, &(0x7f0000000140)="f47970"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x1100, 0x0) 05:27:08 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000000000fffe2301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) 05:27:08 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x4000000a, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/3, 0xfffffffffffffff0}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x3c) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x7, &(0x7f0000000140)="f47970da2fd541"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x4000000, 0x0) 05:27:08 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000000000fff2301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2522.758970][T28935] loop0: p1 p2 p3 p4[EZD] [ 2522.763509][T28935] loop0: p1 start 10 is beyond EOD, truncated [ 2522.769617][T28935] loop0: p2 start 9 is beyond EOD, truncated [ 2522.775604][T28935] loop0: p3 start 225 is beyond EOD, truncated [ 2522.781784][T28935] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2522.797721][T28954] loop3: detected capacity change from 0 to 2216 05:27:08 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac0000000000630008000a0000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 2522.881805][T28970] loop3: detected capacity change from 0 to 2216 [ 2522.908352][T28972] loop0: detected capacity change from 0 to 1 05:27:08 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d202020202020202020202020202020202020202020202020202020000000000000feff2301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2522.928245][T28972] loop0: p1 p2 p3 p4[EZD] [ 2522.933833][T28972] loop0: p1 start 10 is beyond EOD, truncated [ 2522.939980][T28972] loop0: p2 start 10 is beyond EOD, truncated [ 2522.946054][T28972] loop0: p3 start 225 is beyond EOD, truncated [ 2522.952228][T28972] loop0: p4 size 3657465856 extends beyond EOD, truncated 05:27:08 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800006, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x4) syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000040)="0201630000000a000000ff45ac0000000000630008000b0000000000024000ffffffa6000000e100000088770072003007005500000000000000008000da55aa", 0x40, 0x1c0}]) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 05:27:08 executing program 3: syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000000002101000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {&(0x7f0000000040)="8800150100000000111500080000000008007809140b2a3a", 0x18, 0x8a804}], 0x0, &(0x7f0000015200)) [ 2523.028111][T28985] loop3: detected capacity change from 0 to 2216 [ 2523.040466][T28987] loop0: detected capacity change from 0 to 1 [ 2523.078205][T28987] loop0: p1 p2 p3 p4[EZD] [ 2523.082952][T28987] loop0: p1 start 10 is beyond EOD, truncated [ 2523.089071][T28987] loop0: p2 start 11 is beyond EOD, truncated [ 2523.095184][T28987] loop0: p3 start 225 is beyond EOD, truncated [ 2523.101370][T28987] loop0: p4 size 3657465856 extends beyond EOD, truncated [ 2523.118209][T28993] loop3: detected capacity change from 0 to 2216 [ 2523.158502][T28995] loop0: detected capacity change from 0 to 1