5 > [ 1072.733216][T13544] loop5: p1 start 14155776 is beyond EOD, truncated [ 1072.741714][T13544] loop5: p5 start 14155776 is beyond EOD, truncated 01:02:31 executing program 1 (fault-call:6 fault-nth:55): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) [ 1072.776730][T13547] loop2: p1 p3 < > p4 < p5 > [ 1072.781593][T13547] loop2: p1 start 4718592 is beyond EOD, truncated [ 1072.790166][T13547] loop2: p5 start 4718592 is beyond EOD, truncated [ 1072.857558][T13556] FAULT_INJECTION: forcing a failure. [ 1072.857558][T13556] name failslab, interval 1, probability 0, space 0, times 0 [ 1072.870249][T13556] CPU: 1 PID: 13556 Comm: syz-executor.1 Not tainted 5.4.125-syzkaller-00004-gfe8243e7f1d1 #0 [ 1072.880471][T13556] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1072.890688][T13556] Call Trace: [ 1072.893974][T13556] dump_stack+0x1d8/0x24e [ 1072.898468][T13556] ? devkmsg_release+0x11c/0x11c [ 1072.903395][T13556] ? show_regs_print_info+0x12/0x12 [ 1072.908587][T13556] should_fail+0x6f6/0x860 [ 1072.912993][T13556] ? setup_fault_attr+0x3d0/0x3d0 [ 1072.918007][T13556] ? skb_release_data+0x346/0x6b0 [ 1072.923013][T13556] ? debug_smp_processor_id+0x20/0x20 [ 1072.928370][T13556] ? bpf_clone_redirect+0x10e/0x350 [ 1072.933554][T13556] ? skb_clone+0x1b2/0x360 [ 1072.937959][T13556] should_failslab+0x5/0x20 [ 1072.942446][T13556] kmem_cache_alloc+0x36/0x290 [ 1072.947196][T13556] ? __bpf_redirect+0x736/0xd00 [ 1072.952039][T13556] skb_clone+0x1b2/0x360 [ 1072.956292][T13556] bpf_clone_redirect+0xa2/0x350 [ 1072.961315][T13556] bpf_prog_801cabf80fc815cd+0x4f5/0x1000 [ 1072.967034][T13556] ? __schedule+0x9b8/0x1170 [ 1072.971611][T13556] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 1072.977403][T13556] ? rcu_preempt_deferred_qs_irqrestore+0x701/0xae0 [ 1072.983980][T13556] ? __rcu_read_unlock+0x1cd/0x6a0 [ 1072.989083][T13556] ? __rcu_read_lock+0x50/0x50 [ 1072.993834][T13556] ? ktime_get+0xfd/0x130 [ 1072.998147][T13556] bpf_test_run+0x288/0x680 [ 1073.002634][T13556] ? kzalloc+0x20/0x20 [ 1073.006838][T13556] ? build_skb+0x24c/0x440 [ 1073.011228][T13556] bpf_prog_test_run_skb+0x84d/0x1130 [ 1073.016574][T13556] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1073.022346][T13556] ? fput_many+0x42/0x1a0 [ 1073.026663][T13556] ? __bpf_prog_get+0x29f/0x310 [ 1073.031499][T13556] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1073.037285][T13556] __do_sys_bpf+0x2d28/0xbe70 [ 1073.041949][T13556] ? _kstrtoull+0x390/0x490 [ 1073.046424][T13556] ? kstrtouint_from_user+0x20f/0x2a0 [ 1073.051856][T13556] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 1073.058002][T13556] ? __bpf_prog_put_rcu+0x300/0x300 [ 1073.063168][T13556] ? refcount_inc_checked+0x50/0x50 [ 1073.068335][T13556] ? memcg_check_events+0x5c/0x5b0 [ 1073.073418][T13556] ? proc_fail_nth_write+0x1d5/0x240 [ 1073.078672][T13556] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1073.083849][T13556] ? __lru_cache_add+0x1c4/0x210 [ 1073.088775][T13556] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1073.094037][T13556] ? memset+0x1f/0x40 [ 1073.097990][T13556] ? fsnotify+0x1332/0x13f0 [ 1073.102468][T13556] ? __kernel_write+0x340/0x340 [ 1073.107289][T13556] ? check_preemption_disabled+0x9e/0x330 [ 1073.112989][T13556] ? debug_smp_processor_id+0x20/0x20 [ 1073.118532][T13556] ? __fsnotify_parent+0x310/0x310 [ 1073.123614][T13556] ? __sb_end_write+0xb5/0x100 [ 1073.128357][T13556] ? vfs_write+0x422/0x4e0 [ 1073.132744][T13556] ? fput_many+0x42/0x1a0 [ 1073.137046][T13556] ? check_preemption_disabled+0x154/0x330 [ 1073.142827][T13556] do_syscall_64+0xcb/0x1e0 [ 1073.147407][T13556] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1073.153275][T13556] RIP: 0033:0x4665e9 [ 1073.157247][T13556] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1073.177258][T13556] RSP: 002b:00007fb6578f6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1073.186106][T13556] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665e9 [ 1073.194053][T13556] RDX: 0000000000000028 RSI: 0000000020000080 RDI: 000000000000000a 01:02:31 executing program 0: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x10000000013, &(0x7f0000000000)=0x2000000000000001, 0x4) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000180)='ip6gre0\x00', 0x10) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x2, &(0x7f0000000200)=0x7fff, 0x4) connect$inet(r3, &(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f0000000300)={0x0, 0xcbf, 0x80000001}, 0x14) write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x140006, 0x7405000000000000) [ 1073.203201][T13556] RBP: 00007fb6578f61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1073.211145][T13556] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1073.219089][T13556] R13: 00007ffcefb3e19f R14: 00007fb6578f6300 R15: 0000000000022000 [ 1073.227301][ T372] Bluetooth: hci0: command 0x1003 tx timeout [ 1073.233535][ T9371] Bluetooth: hci0: sending frame failed (-49) [ 1073.268121][T13549] loop3: p1 p3 < > p4 < p5 > [ 1073.273066][T13549] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1073.298878][T13549] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1073.337816][ T148] loop5: p1 p3 < > p4 < p5 > [ 1073.345398][ T148] loop5: p1 start 14155776 is beyond EOD, truncated [ 1073.357076][ T148] loop5: p5 start 14155776 is beyond EOD, truncated [ 1073.371969][T13544] loop5: p1 p3 < > p4 < p5 > [ 1073.377079][T13544] loop5: p1 start 14155776 is beyond EOD, truncated [ 1073.385040][T13544] loop5: p5 start 14155776 is beyond EOD, truncated [ 1073.406764][T13549] loop3: p1 p3 < > p4 < p5 > [ 1073.411803][T13549] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1073.422552][T13549] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1073.512977][ T148] loop3: p1 p3 < > p4 < p5 > [ 1073.518538][ T148] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1073.527398][ T148] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1075.285939][ T372] Bluetooth: hci0: command 0x1001 tx timeout [ 1075.292215][ T9371] Bluetooth: hci0: sending frame failed (-49) [ 1077.365796][ T372] Bluetooth: hci0: command 0x1009 tx timeout 01:02:39 executing program 4: clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x4020940d, &(0x7f0000000000)=0x30) 01:02:39 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a004c00ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:02:39 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a58f900ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:02:39 executing program 1 (fault-call:6 fault-nth:56): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) 01:02:39 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9c00bff0a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:02:39 executing program 0: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x10000000013, &(0x7f0000000000)=0x2000000000000001, 0x4) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000180)='ip6gre0\x00', 0x10) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x2, &(0x7f0000000200)=0x7fff, 0x4) connect$inet(r3, &(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f0000000300)={0x0, 0xcbf, 0x80000001}, 0x14) write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x140006, 0x80fa000000000000) [ 1081.076344][T13027] Bluetooth: hci0: Frame reassembly failed (-84) [ 1081.102336][T13572] loop5: p1 p3 < > p4 < p5 > [ 1081.108415][T13572] loop5: p1 start 16318464 is beyond EOD, truncated [ 1081.117681][T13572] loop5: p5 start 16318464 is beyond EOD, truncated [ 1081.138747][T13586] FAULT_INJECTION: forcing a failure. [ 1081.138747][T13586] name failslab, interval 1, probability 0, space 0, times 0 [ 1081.151589][T13586] CPU: 1 PID: 13586 Comm: syz-executor.1 Not tainted 5.4.125-syzkaller-00004-gfe8243e7f1d1 #0 [ 1081.161899][T13586] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1081.172035][T13586] Call Trace: [ 1081.175497][T13586] dump_stack+0x1d8/0x24e [ 1081.179825][T13586] ? devkmsg_release+0x11c/0x11c [ 1081.184766][T13586] ? show_regs_print_info+0x12/0x12 [ 1081.190777][T13586] should_fail+0x6f6/0x860 [ 1081.195216][T13586] ? setup_fault_attr+0x3d0/0x3d0 [ 1081.200350][T13586] ? __copy_skb_header+0x421/0x550 [ 1081.205455][T13586] ? bpf_clone_redirect+0x10e/0x350 [ 1081.210730][T13586] should_failslab+0x5/0x20 [ 1081.215234][T13586] __kmalloc_track_caller+0x5d/0x2e0 [ 1081.220509][T13586] ? bpf_clone_redirect+0x10e/0x350 [ 1081.226041][T13586] pskb_expand_head+0x10d/0xfa0 [ 1081.231066][T13586] ? skb_ensure_writable+0x2ab/0x420 [ 1081.236341][T13586] bpf_clone_redirect+0x10e/0x350 [ 1081.241374][T13586] bpf_prog_801cabf80fc815cd+0x98b/0x1000 [ 1081.248043][T13586] ? __schedule+0x9b8/0x1170 [ 1081.252623][T13586] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 1081.258420][T13586] ? rcu_preempt_deferred_qs_irqrestore+0x701/0xae0 [ 1081.265091][T13586] ? __rcu_read_unlock+0x1cd/0x6a0 [ 1081.270189][T13586] ? __rcu_read_lock+0x50/0x50 [ 1081.274947][T13586] ? ktime_get+0xfd/0x130 [ 1081.279264][T13586] bpf_test_run+0x288/0x680 [ 1081.283754][T13586] ? kzalloc+0x20/0x20 [ 1081.287820][T13586] ? build_skb+0x24c/0x440 [ 1081.292222][T13586] bpf_prog_test_run_skb+0x84d/0x1130 [ 1081.297590][T13586] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1081.303383][T13586] ? fput_many+0x42/0x1a0 [ 1081.307786][T13586] ? __bpf_prog_get+0x29f/0x310 [ 1081.312621][T13586] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1081.318414][T13586] __do_sys_bpf+0x2d28/0xbe70 [ 1081.323076][T13586] ? _kstrtoull+0x390/0x490 [ 1081.327567][T13586] ? kstrtouint_from_user+0x20f/0x2a0 [ 1081.332921][T13586] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 1081.339059][T13586] ? __bpf_prog_put_rcu+0x300/0x300 [ 1081.344241][T13586] ? refcount_inc_checked+0x50/0x50 [ 1081.349423][T13586] ? memcg_check_events+0x5c/0x5b0 [ 1081.354613][T13586] ? proc_fail_nth_write+0x1d5/0x240 [ 1081.359867][T13586] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1081.365035][T13586] ? __lru_cache_add+0x1c4/0x210 [ 1081.369961][T13586] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1081.375125][T13586] ? memset+0x1f/0x40 [ 1081.379074][T13586] ? fsnotify+0x1332/0x13f0 [ 1081.383555][T13586] ? __kernel_write+0x340/0x340 [ 1081.388389][T13586] ? check_preemption_disabled+0x9e/0x330 [ 1081.394084][T13586] ? debug_smp_processor_id+0x20/0x20 [ 1081.399436][T13586] ? __fsnotify_parent+0x310/0x310 [ 1081.404525][T13586] ? __sb_end_write+0xb5/0x100 [ 1081.409264][T13586] ? vfs_write+0x422/0x4e0 [ 1081.413738][T13586] ? fput_many+0x42/0x1a0 [ 1081.418038][T13586] ? check_preemption_disabled+0x154/0x330 [ 1081.423832][T13586] do_syscall_64+0xcb/0x1e0 [ 1081.428318][T13586] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1081.434178][T13586] RIP: 0033:0x4665e9 [ 1081.438042][T13586] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1081.457786][T13586] RSP: 002b:00007fb6578f6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1081.466273][T13586] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665e9 [ 1081.474474][T13586] RDX: 0000000000000028 RSI: 0000000020000080 RDI: 000000000000000a [ 1081.482416][T13586] RBP: 00007fb6578f61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1081.490358][T13586] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1081.498300][T13586] R13: 00007ffcefb3e19f R14: 00007fb6578f6300 R15: 0000000000022000 [ 1081.518478][T13580] loop3: p1 p3 < > p4 < p5 > [ 1081.533013][T13580] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1081.551831][T13580] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1081.567742][T13581] loop2: p1 p3 < > p4 < p5 > [ 1081.580697][T13581] loop2: p1 start 4980736 is beyond EOD, truncated 01:02:39 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9000cff0a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1081.614488][T13581] loop2: p5 start 4980736 is beyond EOD, truncated [ 1081.636154][T13572] loop5: p1 p3 < > p4 < p5 > [ 1081.645227][T13572] loop5: p1 start 16318464 is beyond EOD, truncated [ 1081.654370][T13572] loop5: p5 start 16318464 is beyond EOD, truncated 01:02:39 executing program 1 (fault-call:6 fault-nth:57): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) 01:02:39 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a05fa00ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1081.782646][T13581] loop2: p1 p3 < > p4 < p5 > [ 1081.787934][T13581] loop2: p1 start 4980736 is beyond EOD, truncated [ 1081.797126][T13581] loop2: p5 start 4980736 is beyond EOD, truncated [ 1081.797626][T13596] FAULT_INJECTION: forcing a failure. [ 1081.797626][T13596] name failslab, interval 1, probability 0, space 0, times 0 [ 1081.806465][ T148] loop3: p1 p3 < > p4 < p5 > [ 1081.816452][T13596] CPU: 0 PID: 13596 Comm: syz-executor.1 Not tainted 5.4.125-syzkaller-00004-gfe8243e7f1d1 #0 [ 1081.816457][T13596] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1081.816466][T13596] Call Trace: [ 1081.826863][ T148] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1081.831445][T13596] dump_stack+0x1d8/0x24e [ 1081.831455][T13596] ? devkmsg_release+0x11c/0x11c [ 1081.831485][T13596] ? show_regs_print_info+0x12/0x12 [ 1081.862163][ T148] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1081.866152][T13596] should_fail+0x6f6/0x860 [ 1081.866162][T13596] ? setup_fault_attr+0x3d0/0x3d0 [ 1081.866171][T13596] ? __rcu_read_lock+0x50/0x50 [ 1081.866182][T13596] ? ip_tunnel_xmit+0x1703/0x20e0 [ 1081.866191][T13596] should_failslab+0x5/0x20 [ 1081.866206][T13596] __kmalloc_track_caller+0x5d/0x2e0 [ 1081.902137][T13596] ? ip_route_output_flow+0x1f6/0x320 [ 1081.908112][T13596] ? ip_tunnel_xmit+0x1703/0x20e0 [ 1081.913158][T13596] pskb_expand_head+0x10d/0xfa0 [ 1081.918022][T13596] ? tnl_update_pmtu+0x3c7/0x980 [ 1081.922951][T13596] ip_tunnel_xmit+0x1703/0x20e0 [ 1081.927796][T13596] ? tnl_update_pmtu+0x980/0x980 [ 1081.932721][T13596] ? gre_build_header+0x238/0x780 [ 1081.937731][T13596] ipgre_xmit+0x6db/0x9e0 [ 1081.942051][T13596] xmit_one+0xfa/0x470 [ 1081.946104][T13596] __dev_queue_xmit+0x14ec/0x2e50 [ 1081.951118][T13596] ? dev_queue_xmit+0x20/0x20 [ 1081.955789][T13596] ? check_preemption_disabled+0x9e/0x330 [ 1081.961589][T13596] ? skb_release_data+0x346/0x6b0 [ 1081.966598][T13596] ? debug_smp_processor_id+0x20/0x20 [ 1081.971955][T13596] ? bpf_clone_redirect+0x10e/0x350 [ 1081.977140][T13596] __bpf_redirect+0x728/0xd00 [ 1081.981988][T13596] bpf_clone_redirect+0x243/0x350 [ 1081.987098][T13596] bpf_prog_801cabf80fc815cd+0x772/0x1000 [ 1081.992810][T13596] ? __kasan_kmalloc+0x1a3/0x1e0 [ 1081.997734][T13596] ? __kasan_kmalloc+0x137/0x1e0 [ 1082.002656][T13596] ? kmem_cache_alloc+0x115/0x290 [ 1082.007677][T13596] ? build_skb+0x27/0x440 [ 1082.011991][T13596] ? bpf_prog_test_run_skb+0x419/0x1130 [ 1082.017526][T13596] ? __do_sys_bpf+0x2d28/0xbe70 [ 1082.022366][T13596] ? do_syscall_64+0xcb/0x1e0 [ 1082.027031][T13596] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1082.033091][T13596] ? ktime_get+0xfd/0x130 [ 1082.037413][T13596] bpf_test_run+0x288/0x680 [ 1082.041907][T13596] ? kzalloc+0x20/0x20 [ 1082.045975][T13596] ? build_skb+0x24c/0x440 [ 1082.050799][T13596] bpf_prog_test_run_skb+0x84d/0x1130 [ 1082.056159][T13596] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1082.061947][T13596] ? fput_many+0x42/0x1a0 [ 1082.066263][T13596] ? __bpf_prog_get+0x29f/0x310 [ 1082.071203][T13596] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1082.076980][T13596] __do_sys_bpf+0x2d28/0xbe70 [ 1082.081644][T13596] ? _kstrtoull+0x390/0x490 [ 1082.086145][T13596] ? kstrtouint_from_user+0x20f/0x2a0 [ 1082.091496][T13596] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 1082.097645][T13596] ? __bpf_prog_put_rcu+0x300/0x300 [ 1082.102851][T13596] ? refcount_inc_checked+0x50/0x50 [ 1082.108022][T13596] ? memcg_check_events+0x5c/0x5b0 [ 1082.113103][T13596] ? proc_fail_nth_write+0x1d5/0x240 [ 1082.118362][T13596] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1082.123534][T13596] ? __lru_cache_add+0x1c4/0x210 [ 1082.128440][T13596] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1082.133728][T13596] ? memset+0x1f/0x40 [ 1082.137692][T13596] ? fsnotify+0x1332/0x13f0 [ 1082.142174][T13596] ? __kernel_write+0x340/0x340 [ 1082.147087][T13596] ? check_preemption_disabled+0x9e/0x330 [ 1082.152777][T13596] ? debug_smp_processor_id+0x20/0x20 [ 1082.158126][T13596] ? __fsnotify_parent+0x310/0x310 [ 1082.163208][T13596] ? __sb_end_write+0xb5/0x100 [ 1082.167942][T13596] ? vfs_write+0x422/0x4e0 [ 1082.172326][T13596] ? fput_many+0x42/0x1a0 [ 1082.176729][T13596] ? check_preemption_disabled+0x154/0x330 [ 1082.182595][T13596] do_syscall_64+0xcb/0x1e0 [ 1082.187070][T13596] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1082.192933][T13596] RIP: 0033:0x4665e9 [ 1082.196811][T13596] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1082.216388][T13596] RSP: 002b:00007fb6578f6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1082.224772][T13596] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665e9 [ 1082.232716][T13596] RDX: 0000000000000028 RSI: 0000000020000080 RDI: 000000000000000a [ 1082.241003][T13596] RBP: 00007fb6578f61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1082.248947][T13596] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1082.256887][T13596] R13: 00007ffcefb3e19f R14: 00007fb6578f6300 R15: 0000000000022000 01:02:40 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a005500ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:02:40 executing program 0: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x10000000013, &(0x7f0000000000)=0x2000000000000001, 0x4) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000180)='ip6gre0\x00', 0x10) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x2, &(0x7f0000000200)=0x7fff, 0x4) connect$inet(r3, &(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f0000000300)={0x0, 0xcbf, 0x80000001}, 0x14) write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x140006, 0x8102000000000000) 01:02:40 executing program 1 (fault-call:6 fault-nth:58): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) [ 1082.396652][ T148] loop5: p1 p3 < > p4 < p5 > [ 1082.401539][ T148] loop5: p1 start 16384000 is beyond EOD, truncated [ 1082.410051][ T148] loop5: p5 start 16384000 is beyond EOD, truncated [ 1082.419525][T13598] loop5: p1 p3 < > p4 < p5 > [ 1082.424384][T13598] loop5: p1 start 16384000 is beyond EOD, truncated [ 1082.438085][T13598] loop5: p5 start 16384000 is beyond EOD, truncated [ 1082.452566][T13595] loop3: p1 p3 < > p4 < p5 > [ 1082.457697][T13595] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1082.466810][T13595] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1082.509847][T13611] FAULT_INJECTION: forcing a failure. [ 1082.509847][T13611] name failslab, interval 1, probability 0, space 0, times 0 [ 1082.522519][T13611] CPU: 1 PID: 13611 Comm: syz-executor.1 Not tainted 5.4.125-syzkaller-00004-gfe8243e7f1d1 #0 [ 1082.532824][T13611] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1082.542956][T13611] Call Trace: [ 1082.546239][T13611] dump_stack+0x1d8/0x24e [ 1082.550557][T13611] ? devkmsg_release+0x11c/0x11c [ 1082.555482][T13611] ? show_regs_print_info+0x12/0x12 [ 1082.560666][T13611] ? memset+0x1f/0x40 [ 1082.564727][T13611] ? unwind_next_frame+0x1f0a/0x27b0 [ 1082.570002][T13611] should_fail+0x6f6/0x860 [ 1082.574404][T13611] ? setup_fault_attr+0x3d0/0x3d0 [ 1082.579413][T13611] ? dst_alloc+0x137/0x4e0 [ 1082.583852][T13611] should_failslab+0x5/0x20 [ 1082.588338][T13611] kmem_cache_alloc+0x36/0x290 [ 1082.593173][T13611] dst_alloc+0x137/0x4e0 [ 1082.597401][T13611] __mkroute_output+0x9e4/0x1430 [ 1082.602328][T13611] ? __siphash_aligned+0x1d1/0x320 [ 1082.607423][T13611] ? ip_route_output_key_hash_rcu+0xf90/0xf90 [ 1082.613475][T13611] ? ip_route_output_key_hash_rcu+0x41b/0xf90 [ 1082.619528][T13611] ip_route_output_flow+0x13d/0x320 [ 1082.624712][T13611] ? ipv4_sk_update_pmtu+0x1e00/0x1e00 [ 1082.630154][T13611] ? debug_smp_processor_id+0x20/0x20 [ 1082.635514][T13611] ip_tunnel_xmit+0xa00/0x20e0 [ 1082.640269][T13611] ? ip_tunnel_xmit+0x1b1/0x20e0 [ 1082.645231][T13611] ? tnl_update_pmtu+0x980/0x980 [ 1082.650153][T13611] ? gre_build_header+0x238/0x780 [ 1082.655162][T13611] ipgre_xmit+0x6db/0x9e0 [ 1082.659479][T13611] xmit_one+0xfa/0x470 [ 1082.663533][T13611] __dev_queue_xmit+0x14ec/0x2e50 [ 1082.668545][T13611] ? dev_queue_xmit+0x20/0x20 [ 1082.673214][T13611] ? check_preemption_disabled+0x9e/0x330 [ 1082.678928][T13611] ? skb_release_data+0x346/0x6b0 [ 1082.683932][T13611] ? debug_smp_processor_id+0x20/0x20 [ 1082.689288][T13611] ? bpf_clone_redirect+0x10e/0x350 [ 1082.694471][T13611] __bpf_redirect+0x728/0xd00 [ 1082.699123][T13611] bpf_clone_redirect+0x243/0x350 [ 1082.704150][T13611] bpf_prog_801cabf80fc815cd+0xa43/0x1000 [ 1082.709843][T13611] ? __schedule+0x9b8/0x1170 [ 1082.714414][T13611] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 1082.720193][T13611] ? rcu_preempt_deferred_qs_irqrestore+0x701/0xae0 [ 1082.726770][T13611] ? __rcu_read_unlock+0x1cd/0x6a0 [ 1082.731864][T13611] ? __rcu_read_lock+0x50/0x50 [ 1082.736598][T13611] ? ktime_get+0xfd/0x130 [ 1082.740909][T13611] bpf_test_run+0x288/0x680 [ 1082.745391][T13611] ? kzalloc+0x20/0x20 [ 1082.749439][T13611] ? build_skb+0x24c/0x440 [ 1082.753838][T13611] bpf_prog_test_run_skb+0x84d/0x1130 [ 1082.759180][T13611] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1082.764956][T13611] ? fput_many+0x42/0x1a0 [ 1082.769317][T13611] ? __bpf_prog_get+0x29f/0x310 [ 1082.774139][T13611] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1082.779915][T13611] __do_sys_bpf+0x2d28/0xbe70 [ 1082.784575][T13611] ? _kstrtoull+0x390/0x490 [ 1082.789090][T13611] ? kstrtouint_from_user+0x20f/0x2a0 [ 1082.794450][T13611] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 1082.800621][T13611] ? __bpf_prog_put_rcu+0x300/0x300 [ 1082.805793][T13611] ? refcount_inc_checked+0x50/0x50 [ 1082.810963][T13611] ? memcg_check_events+0x5c/0x5b0 [ 1082.816046][T13611] ? proc_fail_nth_write+0x1d5/0x240 [ 1082.821302][T13611] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1082.826470][T13611] ? __lru_cache_add+0x1c4/0x210 [ 1082.831375][T13611] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1082.836554][T13611] ? memset+0x1f/0x40 [ 1082.840507][T13611] ? fsnotify+0x1332/0x13f0 [ 1082.844989][T13611] ? __kernel_write+0x340/0x340 [ 1082.849811][T13611] ? check_preemption_disabled+0x9e/0x330 [ 1082.855597][T13611] ? debug_smp_processor_id+0x20/0x20 [ 1082.860948][T13611] ? __fsnotify_parent+0x310/0x310 [ 1082.866031][T13611] ? __sb_end_write+0xb5/0x100 [ 1082.870766][T13611] ? vfs_write+0x422/0x4e0 [ 1082.875318][T13611] ? fput_many+0x42/0x1a0 [ 1082.879617][T13611] ? check_preemption_disabled+0x154/0x330 [ 1082.885413][T13611] do_syscall_64+0xcb/0x1e0 [ 1082.889896][T13611] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1082.895764][T13611] RIP: 0033:0x4665e9 [ 1082.899630][T13611] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1082.919480][T13611] RSP: 002b:00007fb6578f6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1082.927863][T13611] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665e9 [ 1082.935808][T13611] RDX: 0000000000000028 RSI: 0000000020000080 RDI: 000000000000000a [ 1082.943754][T13611] RBP: 00007fb6578f61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1082.951696][T13611] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1082.959822][T13611] R13: 00007ffcefb3e19f R14: 00007fb6578f6300 R15: 0000000000022000 [ 1082.976420][T13606] loop2: p1 p3 < > p4 < p5 > [ 1082.983464][T13606] loop2: p1 start 5570560 is beyond EOD, truncated [ 1083.000748][T13606] loop2: p5 start 5570560 is beyond EOD, truncated [ 1083.032840][ T148] loop3: p1 p3 < > p4 < p5 > [ 1083.045953][ T148] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1083.059001][ T148] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1083.125321][ T372] Bluetooth: hci0: command 0x1003 tx timeout [ 1083.131592][ T9371] Bluetooth: hci0: sending frame failed (-49) [ 1085.205162][ T101] Bluetooth: hci0: command 0x1001 tx timeout [ 1085.211186][ T9371] Bluetooth: hci0: sending frame failed (-49) [ 1087.284995][ T101] Bluetooth: hci0: command 0x1009 tx timeout 01:02:49 executing program 4: clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x80045432, &(0x7f0000000000)=0x30) 01:02:49 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9400cff0a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:02:49 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a05fb00ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:02:49 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a005900ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:02:49 executing program 1 (fault-call:6 fault-nth:59): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) 01:02:49 executing program 0: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x10000000013, &(0x7f0000000000)=0x2000000000000001, 0x4) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000180)='ip6gre0\x00', 0x10) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x2, &(0x7f0000000200)=0x7fff, 0x4) connect$inet(r3, &(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f0000000300)={0x0, 0xcbf, 0x80000001}, 0x14) write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x140006, 0xbf0c000000000000) [ 1091.309063][T13027] Bluetooth: hci0: Frame reassembly failed (-84) [ 1091.345962][T13618] loop2: p1 p3 < > p4 < p5 > [ 1091.350922][T13618] loop2: p1 start 5832704 is beyond EOD, truncated [ 1091.360574][T13618] loop2: p5 start 5832704 is beyond EOD, truncated [ 1091.369057][T13632] FAULT_INJECTION: forcing a failure. [ 1091.369057][T13632] name failslab, interval 1, probability 0, space 0, times 0 [ 1091.381716][T13632] CPU: 1 PID: 13632 Comm: syz-executor.1 Not tainted 5.4.125-syzkaller-00004-gfe8243e7f1d1 #0 [ 1091.391936][T13632] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1091.401980][T13632] Call Trace: [ 1091.405265][T13632] dump_stack+0x1d8/0x24e [ 1091.409583][T13632] ? devkmsg_release+0x11c/0x11c [ 1091.414510][T13632] ? show_regs_print_info+0x12/0x12 [ 1091.419699][T13632] should_fail+0x6f6/0x860 [ 1091.424101][T13632] ? setup_fault_attr+0x3d0/0x3d0 [ 1091.429109][T13632] ? skb_release_data+0x346/0x6b0 [ 1091.434115][T13632] ? debug_smp_processor_id+0x20/0x20 [ 1091.439495][T13632] ? bpf_clone_redirect+0x10e/0x350 [ 1091.444678][T13632] ? skb_clone+0x1b2/0x360 [ 1091.449079][T13632] should_failslab+0x5/0x20 [ 1091.453575][T13632] kmem_cache_alloc+0x36/0x290 [ 1091.458321][T13632] ? __bpf_redirect+0x736/0xd00 [ 1091.463156][T13632] skb_clone+0x1b2/0x360 [ 1091.467390][T13632] bpf_clone_redirect+0xa2/0x350 [ 1091.472486][T13632] bpf_prog_801cabf80fc815cd+0xf6/0x1000 [ 1091.478189][T13632] ? __kasan_kmalloc+0x1a3/0x1e0 [ 1091.483195][T13632] ? __kasan_kmalloc+0x137/0x1e0 [ 1091.488158][T13632] ? kmem_cache_alloc+0x115/0x290 [ 1091.493254][T13632] ? build_skb+0x27/0x440 [ 1091.497567][T13632] ? bpf_prog_test_run_skb+0x419/0x1130 [ 1091.503097][T13632] ? __do_sys_bpf+0x2d28/0xbe70 [ 1091.507932][T13632] ? do_syscall_64+0xcb/0x1e0 [ 1091.512606][T13632] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1091.518774][T13632] ? ktime_get+0xfd/0x130 [ 1091.523089][T13632] bpf_test_run+0x288/0x680 [ 1091.527676][T13632] ? kzalloc+0x20/0x20 [ 1091.531733][T13632] ? build_skb+0x24c/0x440 [ 1091.536170][T13632] bpf_prog_test_run_skb+0x84d/0x1130 [ 1091.541524][T13632] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1091.547301][T13632] ? fput_many+0x42/0x1a0 [ 1091.551614][T13632] ? __bpf_prog_get+0x29f/0x310 [ 1091.556524][T13632] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1091.562484][T13632] __do_sys_bpf+0x2d28/0xbe70 [ 1091.567132][T13632] ? _kstrtoull+0x390/0x490 [ 1091.571608][T13632] ? kstrtouint_from_user+0x20f/0x2a0 [ 1091.576953][T13632] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 1091.583077][T13632] ? __bpf_prog_put_rcu+0x300/0x300 [ 1091.588242][T13632] ? refcount_inc_checked+0x50/0x50 [ 1091.593409][T13632] ? memcg_check_events+0x5c/0x5b0 [ 1091.598491][T13632] ? proc_fail_nth_write+0x1d5/0x240 [ 1091.603745][T13632] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1091.608913][T13632] ? __lru_cache_add+0x1c4/0x210 [ 1091.613818][T13632] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1091.619002][T13632] ? memset+0x1f/0x40 [ 1091.623065][T13632] ? fsnotify+0x1332/0x13f0 [ 1091.627550][T13632] ? __kernel_write+0x340/0x340 [ 1091.632378][T13632] ? check_preemption_disabled+0x9e/0x330 [ 1091.638079][T13632] ? debug_smp_processor_id+0x20/0x20 [ 1091.643422][T13632] ? __fsnotify_parent+0x310/0x310 [ 1091.648505][T13632] ? __sb_end_write+0xb5/0x100 [ 1091.653277][T13632] ? vfs_write+0x422/0x4e0 [ 1091.657663][T13632] ? fput_many+0x42/0x1a0 [ 1091.661961][T13632] ? check_preemption_disabled+0x154/0x330 [ 1091.667748][T13632] do_syscall_64+0xcb/0x1e0 [ 1091.672224][T13632] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1091.678085][T13632] RIP: 0033:0x4665e9 [ 1091.681954][T13632] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1091.702486][T13632] RSP: 002b:00007fb6578f6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1091.711822][T13632] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665e9 [ 1091.719767][T13632] RDX: 0000000000000028 RSI: 0000000020000080 RDI: 000000000000000a [ 1091.727710][T13632] RBP: 00007fb6578f61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1091.735653][T13632] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1091.743685][T13632] R13: 00007ffcefb3e19f R14: 00007fb6578f6300 R15: 0000000000022000 [ 1091.775378][T13622] loop3: p1 p3 < > p4 < p5 > [ 1091.780408][T13622] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1091.803805][T13622] loop3: p5 size 11290111 extends beyond EOD, truncated 01:02:50 executing program 1 (fault-call:6 fault-nth:60): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) [ 1091.904402][T13626] loop5: p1 p3 < > p4 < p5 > [ 1091.909524][T13626] loop5: p1 start 16449536 is beyond EOD, truncated [ 1091.932850][T13626] loop5: p5 start 16449536 is beyond EOD, truncated [ 1091.967474][T13618] loop2: p1 p3 < > p4 < p5 > [ 1091.972765][T13618] loop2: p1 start 5832704 is beyond EOD, truncated [ 1091.984743][T13618] loop2: p5 start 5832704 is beyond EOD, truncated [ 1092.006121][T13642] FAULT_INJECTION: forcing a failure. [ 1092.006121][T13642] name failslab, interval 1, probability 0, space 0, times 0 [ 1092.019044][T13642] CPU: 0 PID: 13642 Comm: syz-executor.1 Not tainted 5.4.125-syzkaller-00004-gfe8243e7f1d1 #0 [ 1092.029443][T13642] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1092.039493][T13642] Call Trace: [ 1092.042872][T13642] dump_stack+0x1d8/0x24e [ 1092.047454][T13642] ? devkmsg_release+0x11c/0x11c [ 1092.052385][T13642] ? show_regs_print_info+0x12/0x12 [ 1092.057578][T13642] should_fail+0x6f6/0x860 [ 1092.061984][T13642] ? setup_fault_attr+0x3d0/0x3d0 [ 1092.067006][T13642] ? skb_release_data+0x346/0x6b0 [ 1092.072024][T13642] ? debug_smp_processor_id+0x20/0x20 [ 1092.077410][T13642] ? bpf_clone_redirect+0x10e/0x350 [ 1092.082684][T13642] ? skb_clone+0x1b2/0x360 [ 1092.087104][T13642] should_failslab+0x5/0x20 [ 1092.091697][T13642] kmem_cache_alloc+0x36/0x290 [ 1092.096450][T13642] ? __bpf_redirect+0x736/0xd00 [ 1092.101287][T13642] skb_clone+0x1b2/0x360 [ 1092.105533][T13642] bpf_clone_redirect+0xa2/0x350 [ 1092.110459][T13642] bpf_prog_801cabf80fc815cd+0x7bb/0x1000 [ 1092.116431][T13642] ? __schedule+0x9b8/0x1170 [ 1092.121016][T13642] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 1092.126931][T13642] ? rcu_preempt_deferred_qs_irqrestore+0x701/0xae0 [ 1092.133713][T13642] ? __rcu_read_unlock+0x1cd/0x6a0 [ 1092.138817][T13642] ? __rcu_read_lock+0x50/0x50 [ 1092.143601][T13642] ? ktime_get+0xfd/0x130 [ 1092.147923][T13642] bpf_test_run+0x288/0x680 [ 1092.152507][T13642] ? kzalloc+0x20/0x20 [ 1092.156568][T13642] ? build_skb+0x24c/0x440 [ 1092.160973][T13642] bpf_prog_test_run_skb+0x84d/0x1130 [ 1092.166336][T13642] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1092.172128][T13642] ? fput_many+0x42/0x1a0 [ 1092.176456][T13642] ? __bpf_prog_get+0x29f/0x310 [ 1092.181382][T13642] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1092.187177][T13642] __do_sys_bpf+0x2d28/0xbe70 [ 1092.191887][T13642] ? _kstrtoull+0x390/0x490 [ 1092.196376][T13642] ? kstrtouint_from_user+0x20f/0x2a0 [ 1092.201735][T13642] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 1092.207858][T13642] ? __bpf_prog_put_rcu+0x300/0x300 [ 1092.213028][T13642] ? refcount_inc_checked+0x50/0x50 [ 1092.218208][T13642] ? memcg_check_events+0x5c/0x5b0 [ 1092.223293][T13642] ? proc_fail_nth_write+0x1d5/0x240 [ 1092.228572][T13642] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1092.233740][T13642] ? __lru_cache_add+0x1c4/0x210 [ 1092.238647][T13642] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1092.243815][T13642] ? memset+0x1f/0x40 [ 1092.247765][T13642] ? fsnotify+0x1332/0x13f0 [ 1092.252237][T13642] ? __kernel_write+0x340/0x340 [ 1092.257061][T13642] ? check_preemption_disabled+0x9e/0x330 [ 1092.262747][T13642] ? debug_smp_processor_id+0x20/0x20 [ 1092.268087][T13642] ? __fsnotify_parent+0x310/0x310 [ 1092.273190][T13642] ? __sb_end_write+0xb5/0x100 [ 1092.277921][T13642] ? vfs_write+0x422/0x4e0 [ 1092.282306][T13642] ? fput_many+0x42/0x1a0 [ 1092.286605][T13642] ? check_preemption_disabled+0x154/0x330 [ 1092.292383][T13642] do_syscall_64+0xcb/0x1e0 [ 1092.296870][T13642] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1092.302733][T13642] RIP: 0033:0x4665e9 [ 1092.306685][T13642] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1092.326256][T13642] RSP: 002b:00007fb6578f6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1092.334636][T13642] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665e9 [ 1092.342576][T13642] RDX: 0000000000000028 RSI: 0000000020000080 RDI: 000000000000000a [ 1092.350517][T13642] RBP: 00007fb6578f61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1092.358458][T13642] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 01:02:50 executing program 0: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x10000000013, &(0x7f0000000000)=0x2000000000000001, 0x4) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000180)='ip6gre0\x00', 0x10) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x2, &(0x7f0000000200)=0x7fff, 0x4) connect$inet(r3, &(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f0000000300)={0x0, 0xcbf, 0x80000001}, 0x14) write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x140006, 0xbf0f000000000000) [ 1092.366414][T13642] R13: 00007ffcefb3e19f R14: 00007fb6578f6300 R15: 0000000000022000 01:02:50 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a006000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1092.441514][T13637] print_req_error: 10 callbacks suppressed [ 1092.441526][T13637] blk_update_request: I/O error, dev loop5, sector 9 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 1092.449198][T13638] blk_update_request: I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 1092.471564][T13626] __loop_clr_fd: partition scan of loop5 failed (rc=-16) 01:02:50 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a006800ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1092.496995][ T119] blk_update_request: I/O error, dev loop5, sector 9 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1092.507907][ T119] buffer_io_error: 8 callbacks suppressed [ 1092.507915][ T119] Buffer I/O error on dev loop5p3, logical block 0, async page read [ 1092.525710][ T119] blk_update_request: I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1092.536606][ T119] Buffer I/O error on dev loop5p4, logical block 0, async page read [ 1092.544967][ T95] blk_update_request: I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1092.556287][ T95] Buffer I/O error on dev loop5p4, logical block 0, async page read [ 1092.564299][ T95] blk_update_request: I/O error, dev loop5, sector 9 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1092.575515][ T95] Buffer I/O error on dev loop5p3, logical block 0, async page read [ 1092.583599][ T95] blk_update_request: I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 01:02:50 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9800cff0a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:02:50 executing program 1 (fault-call:6 fault-nth:61): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) [ 1092.594703][ T95] Buffer I/O error on dev loop5p4, logical block 0, async page read [ 1092.602740][ T95] blk_update_request: I/O error, dev loop5, sector 9 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1092.614600][ T95] Buffer I/O error on dev loop5p3, logical block 0, async page read [ 1092.622619][ T95] blk_update_request: I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1092.634417][ T95] Buffer I/O error on dev loop5p4, logical block 0, async page read [ 1092.642577][ T95] blk_update_request: I/O error, dev loop5, sector 9 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1092.653446][ T95] Buffer I/O error on dev loop5p3, logical block 0, async page read [ 1092.661496][ T95] Buffer I/O error on dev loop5p4, logical block 0, async page read [ 1092.669639][ T95] Buffer I/O error on dev loop5p3, logical block 0, async page read [ 1092.725108][T13655] loop3: p1 p3 < > p4 < p5 > [ 1092.729992][T13655] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1092.737939][ T148] loop2: p1 p3 < > p4 < p5 > [ 1092.743018][ T148] loop2: p1 start 6815744 is beyond EOD, truncated [ 1092.752161][T13659] FAULT_INJECTION: forcing a failure. [ 1092.752161][T13659] name failslab, interval 1, probability 0, space 0, times 0 [ 1092.764789][T13659] CPU: 0 PID: 13659 Comm: syz-executor.1 Not tainted 5.4.125-syzkaller-00004-gfe8243e7f1d1 #0 [ 1092.775132][T13659] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1092.785180][T13659] Call Trace: [ 1092.788368][T13655] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1092.788466][T13659] dump_stack+0x1d8/0x24e [ 1092.799693][T13659] ? devkmsg_release+0x11c/0x11c [ 1092.801633][ T148] loop2: p5 start 6815744 is beyond EOD, truncated [ 1092.804617][T13659] ? show_regs_print_info+0x12/0x12 [ 1092.804629][T13659] should_fail+0x6f6/0x860 [ 1092.804638][T13659] ? setup_fault_attr+0x3d0/0x3d0 [ 1092.804647][T13659] ? skb_release_data+0x346/0x6b0 [ 1092.804655][T13659] ? debug_smp_processor_id+0x20/0x20 [ 1092.804663][T13659] ? bpf_clone_redirect+0x10e/0x350 [ 1092.804671][T13659] ? skb_clone+0x1b2/0x360 [ 1092.804680][T13659] should_failslab+0x5/0x20 [ 1092.804690][T13659] kmem_cache_alloc+0x36/0x290 [ 1092.804697][T13659] ? __bpf_redirect+0x736/0xd00 [ 1092.804706][T13659] skb_clone+0x1b2/0x360 [ 1092.804714][T13659] bpf_clone_redirect+0xa2/0x350 [ 1092.804726][T13659] bpf_prog_801cabf80fc815cd+0x2f2/0x1000 [ 1092.804737][T13659] ? __schedule+0x9b8/0x1170 [ 1092.804751][T13659] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 1092.885256][T13659] ? rcu_preempt_deferred_qs_irqrestore+0x701/0xae0 [ 1092.891845][T13659] ? __rcu_read_unlock+0x1cd/0x6a0 [ 1092.896948][T13659] ? __rcu_read_lock+0x50/0x50 [ 1092.902155][T13659] ? ktime_get+0xfd/0x130 [ 1092.906478][T13659] bpf_test_run+0x288/0x680 [ 1092.911189][T13659] ? kzalloc+0x20/0x20 [ 1092.915435][T13659] ? build_skb+0x24c/0x440 [ 1092.919930][T13659] bpf_prog_test_run_skb+0x84d/0x1130 [ 1092.925310][T13659] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1092.931200][T13659] ? fput_many+0x42/0x1a0 [ 1092.935528][T13659] ? __bpf_prog_get+0x29f/0x310 [ 1092.940376][T13659] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1092.946192][T13659] __do_sys_bpf+0x2d28/0xbe70 [ 1092.950845][T13659] ? _kstrtoull+0x390/0x490 [ 1092.955320][T13659] ? kstrtouint_from_user+0x20f/0x2a0 [ 1092.960692][T13659] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 1092.966902][T13659] ? __bpf_prog_put_rcu+0x300/0x300 [ 1092.972068][T13659] ? refcount_inc_checked+0x50/0x50 [ 1092.977236][T13659] ? memcg_check_events+0x5c/0x5b0 [ 1092.982326][T13659] ? proc_fail_nth_write+0x1d5/0x240 [ 1092.987579][T13659] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1092.992758][T13659] ? __lru_cache_add+0x1c4/0x210 [ 1092.997678][T13659] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1093.002865][T13659] ? memset+0x1f/0x40 [ 1093.006831][T13659] ? fsnotify+0x1332/0x13f0 [ 1093.011307][T13659] ? __kernel_write+0x340/0x340 [ 1093.016144][T13659] ? check_preemption_disabled+0x9e/0x330 [ 1093.021840][T13659] ? debug_smp_processor_id+0x20/0x20 [ 1093.027183][T13659] ? __fsnotify_parent+0x310/0x310 [ 1093.032267][T13659] ? __sb_end_write+0xb5/0x100 [ 1093.037011][T13659] ? vfs_write+0x422/0x4e0 [ 1093.041417][T13659] ? fput_many+0x42/0x1a0 [ 1093.045804][T13659] ? check_preemption_disabled+0x154/0x330 [ 1093.051606][T13659] do_syscall_64+0xcb/0x1e0 [ 1093.056085][T13659] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1093.061947][T13659] RIP: 0033:0x4665e9 [ 1093.065821][T13659] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1093.085501][T13659] RSP: 002b:00007fb6578f6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1093.094140][T13659] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665e9 [ 1093.102177][T13659] RDX: 0000000000000028 RSI: 0000000020000080 RDI: 000000000000000a [ 1093.110150][T13659] RBP: 00007fb6578f61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1093.118093][T13659] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1093.126036][T13659] R13: 00007ffcefb3e19f R14: 00007fb6578f6300 R15: 0000000000022000 [ 1093.145506][T13654] loop2: p1 p3 < > p4 < p5 > [ 1093.150821][T13654] loop2: p1 start 6815744 is beyond EOD, truncated [ 1093.167213][T13654] loop2: p5 start 6815744 is beyond EOD, truncated [ 1093.266762][ T148] loop3: p1 p3 < > p4 < p5 > [ 1093.278332][ T148] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1093.288503][ T148] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1093.320803][T13655] loop3: p1 p3 < > p4 < p5 > [ 1093.325710][T13655] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1093.333707][T13655] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1093.364474][ T101] Bluetooth: hci0: command 0x1003 tx timeout [ 1093.370511][ T9371] Bluetooth: hci0: sending frame failed (-49) [ 1095.444407][ T1216] Bluetooth: hci0: command 0x1001 tx timeout [ 1095.450433][ T9371] Bluetooth: hci0: sending frame failed (-49) [ 1097.524233][ T1216] Bluetooth: hci0: command 0x1009 tx timeout 01:02:59 executing program 4: clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x80045440, &(0x7f0000000000)=0x30) 01:02:59 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a05fc00ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:02:59 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a006c00ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:02:59 executing program 0: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x10000000013, &(0x7f0000000000)=0x2000000000000001, 0x4) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000180)='ip6gre0\x00', 0x10) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x2, &(0x7f0000000200)=0x7fff, 0x4) connect$inet(r3, &(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f0000000300)={0x0, 0xcbf, 0x80000001}, 0x14) write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x140006, 0xbffe000000000000) 01:02:59 executing program 1 (fault-call:6 fault-nth:62): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) 01:02:59 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9c00cff0a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1101.595135][T13677] loop5: p1 p3 < > p4 < p5 > [ 1101.602250][T13677] loop5: p1 start 16515072 is beyond EOD, truncated [ 1101.614116][T13685] FAULT_INJECTION: forcing a failure. [ 1101.614116][T13685] name failslab, interval 1, probability 0, space 0, times 0 [ 1101.615638][T13677] loop5: p5 start 16515072 is beyond EOD, truncated [ 1101.626752][T13685] CPU: 0 PID: 13685 Comm: syz-executor.1 Not tainted 5.4.125-syzkaller-00004-gfe8243e7f1d1 #0 [ 1101.626757][T13685] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1101.626766][T13685] Call Trace: [ 1101.656876][T13685] dump_stack+0x1d8/0x24e [ 1101.661191][T13685] ? devkmsg_release+0x11c/0x11c [ 1101.666116][T13685] ? show_regs_print_info+0x12/0x12 [ 1101.671302][T13685] should_fail+0x6f6/0x860 [ 1101.675709][T13685] ? setup_fault_attr+0x3d0/0x3d0 [ 1101.680720][T13685] ? __rcu_read_lock+0x50/0x50 [ 1101.685575][T13685] ? ip_tunnel_xmit+0x1703/0x20e0 [ 1101.690586][T13685] should_failslab+0x5/0x20 [ 1101.695073][T13685] __kmalloc_track_caller+0x5d/0x2e0 [ 1101.700344][T13685] ? ip_route_output_flow+0x1f6/0x320 [ 1101.705701][T13685] ? ip_tunnel_xmit+0x1703/0x20e0 [ 1101.710710][T13685] pskb_expand_head+0x10d/0xfa0 [ 1101.715549][T13685] ? tnl_update_pmtu+0x3c7/0x980 [ 1101.720482][T13685] ip_tunnel_xmit+0x1703/0x20e0 [ 1101.725903][T13685] ? tnl_update_pmtu+0x980/0x980 [ 1101.730914][T13685] ? gre_build_header+0x238/0x780 [ 1101.735923][T13685] ipgre_xmit+0x6db/0x9e0 [ 1101.740266][T13685] xmit_one+0xfa/0x470 [ 1101.744322][T13685] __dev_queue_xmit+0x14ec/0x2e50 [ 1101.749359][T13685] ? dev_queue_xmit+0x20/0x20 [ 1101.754025][T13685] ? check_preemption_disabled+0x9e/0x330 [ 1101.759732][T13685] ? skb_release_data+0x346/0x6b0 [ 1101.764738][T13685] ? debug_smp_processor_id+0x20/0x20 [ 1101.770091][T13685] ? bpf_clone_redirect+0x10e/0x350 [ 1101.775299][T13685] __bpf_redirect+0x728/0xd00 [ 1101.780055][T13685] bpf_clone_redirect+0x243/0x350 [ 1101.785066][T13685] bpf_prog_801cabf80fc815cd+0xa9a/0x1000 [ 1101.790772][T13685] ? __schedule+0x9b8/0x1170 [ 1101.795347][T13685] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 1101.801225][T13685] ? rcu_preempt_deferred_qs_irqrestore+0x701/0xae0 [ 1101.807800][T13685] ? __rcu_read_unlock+0x1cd/0x6a0 [ 1101.812880][T13685] ? __rcu_read_lock+0x50/0x50 [ 1101.817614][T13685] ? ktime_get+0xfd/0x130 [ 1101.821913][T13685] bpf_test_run+0x288/0x680 [ 1101.826408][T13685] ? kzalloc+0x20/0x20 [ 1101.830449][T13685] ? build_skb+0x24c/0x440 [ 1101.834838][T13685] bpf_prog_test_run_skb+0x84d/0x1130 [ 1101.840181][T13685] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1101.845955][T13685] ? fput_many+0x42/0x1a0 [ 1101.850369][T13685] ? __bpf_prog_get+0x29f/0x310 [ 1101.855188][T13685] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1101.861060][T13685] __do_sys_bpf+0x2d28/0xbe70 [ 1101.865811][T13685] ? _kstrtoull+0x390/0x490 [ 1101.870287][T13685] ? kstrtouint_from_user+0x20f/0x2a0 [ 1101.875628][T13685] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 1101.881839][T13685] ? __bpf_prog_put_rcu+0x300/0x300 [ 1101.887004][T13685] ? refcount_inc_checked+0x50/0x50 [ 1101.892172][T13685] ? memcg_check_events+0x5c/0x5b0 [ 1101.897271][T13685] ? proc_fail_nth_write+0x1d5/0x240 [ 1101.904434][T13685] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1101.909612][T13685] ? __lru_cache_add+0x1c4/0x210 [ 1101.914520][T13685] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1101.919689][T13685] ? memset+0x1f/0x40 [ 1101.923650][T13685] ? fsnotify+0x1332/0x13f0 [ 1101.928126][T13685] ? __kernel_write+0x340/0x340 [ 1101.932948][T13685] ? check_preemption_disabled+0x9e/0x330 [ 1101.938642][T13685] ? debug_smp_processor_id+0x20/0x20 [ 1101.943984][T13685] ? __fsnotify_parent+0x310/0x310 [ 1101.949170][T13685] ? __sb_end_write+0xb5/0x100 [ 1101.954018][T13685] ? vfs_write+0x422/0x4e0 [ 1101.958411][T13685] ? fput_many+0x42/0x1a0 [ 1101.962710][T13685] ? check_preemption_disabled+0x154/0x330 [ 1101.968490][T13685] do_syscall_64+0xcb/0x1e0 [ 1101.972969][T13685] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1101.978831][T13685] RIP: 0033:0x4665e9 [ 1101.982696][T13685] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1102.003167][T13685] RSP: 002b:00007fb6578f6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1102.011552][T13685] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665e9 [ 1102.019494][T13685] RDX: 0000000000000028 RSI: 0000000020000080 RDI: 000000000000000a [ 1102.027545][T13685] RBP: 00007fb6578f61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1102.035574][T13685] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1102.043529][T13685] R13: 00007ffcefb3e19f R14: 00007fb6578f6300 R15: 0000000000022000 01:03:00 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a05fd00ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1102.126747][T13675] loop2: p1 p3 < > p4 < p5 > [ 1102.131853][T13676] loop3: p1 p3 < > p4 < p5 > [ 1102.145390][T13675] loop2: p1 start 7077888 is beyond EOD, truncated [ 1102.152770][T13676] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1102.177787][T13675] loop2: p5 start 7077888 is beyond EOD, truncated [ 1102.185956][T13676] loop3: p5 size 11290111 extends beyond EOD, truncated 01:03:00 executing program 1 (fault-call:6 fault-nth:63): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) 01:03:00 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a007400ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1102.334449][T13695] FAULT_INJECTION: forcing a failure. [ 1102.334449][T13695] name failslab, interval 1, probability 0, space 0, times 0 [ 1102.347108][T13695] CPU: 0 PID: 13695 Comm: syz-executor.1 Not tainted 5.4.125-syzkaller-00004-gfe8243e7f1d1 #0 [ 1102.357413][T13695] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1102.367458][T13695] Call Trace: [ 1102.370836][T13695] dump_stack+0x1d8/0x24e [ 1102.375161][T13695] ? devkmsg_release+0x11c/0x11c [ 1102.380119][T13695] ? show_regs_print_info+0x12/0x12 [ 1102.385310][T13695] should_fail+0x6f6/0x860 [ 1102.389717][T13695] ? setup_fault_attr+0x3d0/0x3d0 [ 1102.394732][T13695] ? __rcu_read_lock+0x50/0x50 [ 1102.400791][T13695] ? ip_tunnel_xmit+0x1703/0x20e0 [ 1102.405806][T13695] should_failslab+0x5/0x20 [ 1102.410300][T13695] __kmalloc_track_caller+0x5d/0x2e0 [ 1102.415569][T13695] ? ip_route_output_flow+0x1f6/0x320 [ 1102.420930][T13695] ? ip_tunnel_xmit+0x1703/0x20e0 [ 1102.425947][T13695] pskb_expand_head+0x10d/0xfa0 [ 1102.430872][T13695] ? tnl_update_pmtu+0x3c7/0x980 [ 1102.435816][T13695] ip_tunnel_xmit+0x1703/0x20e0 [ 1102.440656][T13695] ? tnl_update_pmtu+0x980/0x980 [ 1102.446023][T13695] ? gre_build_header+0x238/0x780 [ 1102.451075][T13695] ipgre_xmit+0x6db/0x9e0 [ 1102.455481][T13695] xmit_one+0xfa/0x470 [ 1102.459656][T13695] __dev_queue_xmit+0x14ec/0x2e50 [ 1102.464680][T13695] ? dev_queue_xmit+0x20/0x20 [ 1102.469349][T13695] ? check_preemption_disabled+0x9e/0x330 [ 1102.475067][T13695] ? skb_release_data+0x346/0x6b0 [ 1102.480084][T13695] ? debug_smp_processor_id+0x20/0x20 [ 1102.485450][T13695] ? bpf_clone_redirect+0x10e/0x350 [ 1102.490642][T13695] __bpf_redirect+0x728/0xd00 [ 1102.495381][T13695] bpf_clone_redirect+0x243/0x350 [ 1102.500495][T13695] bpf_prog_801cabf80fc815cd+0xd9f/0x1000 [ 1102.506186][T13695] ? __schedule+0x9b8/0x1170 [ 1102.511024][T13695] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 1102.516885][T13695] ? rcu_preempt_deferred_qs_irqrestore+0x701/0xae0 [ 1102.523445][T13695] ? __rcu_read_unlock+0x1cd/0x6a0 [ 1102.528526][T13695] ? __rcu_read_lock+0x50/0x50 [ 1102.533277][T13695] ? ktime_get+0xfd/0x130 [ 1102.537576][T13695] bpf_test_run+0x288/0x680 [ 1102.542053][T13695] ? kzalloc+0x20/0x20 [ 1102.546093][T13695] ? build_skb+0x24c/0x440 [ 1102.550478][T13695] bpf_prog_test_run_skb+0x84d/0x1130 [ 1102.555824][T13695] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1102.561698][T13695] ? fput_many+0x42/0x1a0 [ 1102.566265][T13695] ? __bpf_prog_get+0x29f/0x310 [ 1102.571098][T13695] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1102.576874][T13695] __do_sys_bpf+0x2d28/0xbe70 [ 1102.581550][T13695] ? _kstrtoull+0x390/0x490 [ 1102.586039][T13695] ? kstrtouint_from_user+0x20f/0x2a0 [ 1102.591382][T13695] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 1102.597505][T13695] ? __bpf_prog_put_rcu+0x300/0x300 [ 1102.602672][T13695] ? refcount_inc_checked+0x50/0x50 [ 1102.607841][T13695] ? memcg_check_events+0x5c/0x5b0 [ 1102.612956][T13695] ? proc_fail_nth_write+0x1d5/0x240 [ 1102.618230][T13695] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1102.623399][T13695] ? __lru_cache_add+0x1c4/0x210 [ 1102.628307][T13695] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1102.633490][T13695] ? memset+0x1f/0x40 [ 1102.637447][T13695] ? fsnotify+0x1332/0x13f0 [ 1102.641933][T13695] ? __kernel_write+0x340/0x340 [ 1102.646774][T13695] ? check_preemption_disabled+0x9e/0x330 [ 1102.652482][T13695] ? debug_smp_processor_id+0x20/0x20 [ 1102.657844][T13695] ? __fsnotify_parent+0x310/0x310 [ 1102.662925][T13695] ? __sb_end_write+0xb5/0x100 [ 1102.667659][T13695] ? vfs_write+0x422/0x4e0 [ 1102.672044][T13695] ? fput_many+0x42/0x1a0 [ 1102.676343][T13695] ? check_preemption_disabled+0x154/0x330 [ 1102.682209][T13695] do_syscall_64+0xcb/0x1e0 [ 1102.686770][T13695] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1102.692632][T13695] RIP: 0033:0x4665e9 [ 1102.696514][T13695] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1102.716095][T13695] RSP: 002b:00007fb6578f6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1102.724474][T13695] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665e9 01:03:01 executing program 0: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x10000000013, &(0x7f0000000000)=0x2000000000000001, 0x4) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000180)='ip6gre0\x00', 0x10) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x2, &(0x7f0000000200)=0x7fff, 0x4) connect$inet(r3, &(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f0000000300)={0x0, 0xcbf, 0x80000001}, 0x14) write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x140006, 0xc3ffffff00000000) [ 1102.732679][T13695] RDX: 0000000000000028 RSI: 0000000020000080 RDI: 000000000000000a [ 1102.740620][T13695] RBP: 00007fb6578f61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1102.748650][T13695] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1102.756593][T13695] R13: 00007ffcefb3e19f R14: 00007fb6578f6300 R15: 0000000000022000 [ 1102.779725][T13688] loop5: p1 p3 < > p4 < p5 > 01:03:01 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9000dff0a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1102.786970][T13688] loop5: p1 start 16580608 is beyond EOD, truncated [ 1102.806421][T13688] loop5: p5 start 16580608 is beyond EOD, truncated 01:03:01 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a0fff00ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1102.840970][T13696] loop2: p1 p3 < > p4 < p5 > [ 1102.863568][T13696] loop2: p1 start 7602176 is beyond EOD, truncated [ 1102.878235][T13696] loop2: p5 start 7602176 is beyond EOD, truncated [ 1102.886961][T13706] loop3: p1 p3 < > p4 < p5 > [ 1102.900037][T13706] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1102.909819][T13706] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1103.075209][T13707] loop5: p1 p3 < > p4 < p5 > [ 1103.080224][T13707] loop5: p1 start 16711680 is beyond EOD, truncated [ 1103.093137][T13707] loop5: p5 start 16711680 is beyond EOD, truncated [ 1103.168150][T13706] loop3: p1 p3 < > p4 < p5 > [ 1103.175030][T13706] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1103.184734][T13706] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1103.223946][T13707] loop5: p1 p3 < > p4 < p5 > [ 1103.230207][T13707] loop5: p1 start 16711680 is beyond EOD, truncated [ 1103.238173][T13707] loop5: p5 start 16711680 is beyond EOD, truncated [ 1103.603785][ T1216] Bluetooth: hci0: command 0x1003 tx timeout [ 1103.610007][ T9371] Bluetooth: hci0: sending frame failed (-49) [ 1105.683603][ T101] Bluetooth: hci0: command 0x1001 tx timeout [ 1105.689854][ T9371] Bluetooth: hci0: sending frame failed (-49) [ 1107.763455][ T101] Bluetooth: hci0: command 0x1009 tx timeout 01:03:10 executing program 4: clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x80086601, &(0x7f0000000000)=0x30) 01:03:10 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a007a00ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:03:10 executing program 1 (fault-call:6 fault-nth:64): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) 01:03:10 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9400dff0a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:03:10 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000200ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:03:10 executing program 0: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x10000000013, &(0x7f0000000000)=0x2000000000000001, 0x4) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000180)='ip6gre0\x00', 0x10) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x2, &(0x7f0000000200)=0x7fff, 0x4) connect$inet(r3, &(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f0000000300)={0x0, 0xcbf, 0x80000001}, 0x14) write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x140006, 0xc59517759e000000) [ 1111.804257][T13027] Bluetooth: hci0: Frame reassembly failed (-84) [ 1111.829757][T13725] loop2: p1 p3 < > p4 < p5 > [ 1111.839477][T13725] loop2: p1 start 7995392 is beyond EOD, truncated [ 1111.847956][T13739] FAULT_INJECTION: forcing a failure. [ 1111.847956][T13739] name failslab, interval 1, probability 0, space 0, times 0 [ 1111.861344][T13739] CPU: 0 PID: 13739 Comm: syz-executor.1 Not tainted 5.4.125-syzkaller-00004-gfe8243e7f1d1 #0 [ 1111.871666][T13739] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1111.881731][T13739] Call Trace: [ 1111.885018][T13739] dump_stack+0x1d8/0x24e [ 1111.889343][T13739] ? devkmsg_release+0x11c/0x11c [ 1111.894280][T13739] ? show_regs_print_info+0x12/0x12 [ 1111.899588][T13739] should_fail+0x6f6/0x860 [ 1111.904222][T13739] ? setup_fault_attr+0x3d0/0x3d0 [ 1111.909241][T13739] ? __copy_skb_header+0x421/0x550 [ 1111.914953][T13739] ? bpf_clone_redirect+0x10e/0x350 [ 1111.920229][T13739] should_failslab+0x5/0x20 [ 1111.924719][T13739] __kmalloc_track_caller+0x5d/0x2e0 [ 1111.929990][T13739] ? bpf_clone_redirect+0x10e/0x350 [ 1111.935172][T13739] pskb_expand_head+0x10d/0xfa0 [ 1111.940033][T13739] ? skb_ensure_writable+0x2ab/0x420 [ 1111.945328][T13739] bpf_clone_redirect+0x10e/0x350 [ 1111.950340][T13739] bpf_prog_801cabf80fc815cd+0x547/0x1000 [ 1111.956046][T13739] ? __schedule+0x9b8/0x1170 [ 1111.960623][T13739] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 1111.966416][T13739] ? rcu_preempt_deferred_qs_irqrestore+0x701/0xae0 [ 1111.973022][T13739] ? __rcu_read_unlock+0x1cd/0x6a0 [ 1111.978204][T13739] ? __rcu_read_lock+0x50/0x50 [ 1111.982956][T13739] ? ktime_get+0xfd/0x130 [ 1111.987356][T13739] bpf_test_run+0x288/0x680 [ 1111.991894][T13739] ? kzalloc+0x20/0x20 [ 1111.995971][T13739] ? build_skb+0x24c/0x440 [ 1112.000371][T13739] bpf_prog_test_run_skb+0x84d/0x1130 [ 1112.005728][T13739] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1112.011516][T13739] ? fput_many+0x42/0x1a0 [ 1112.015830][T13739] ? __bpf_prog_get+0x29f/0x310 [ 1112.020666][T13739] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1112.026457][T13739] __do_sys_bpf+0x2d28/0xbe70 [ 1112.031298][T13739] ? _kstrtoull+0x390/0x490 [ 1112.035785][T13739] ? kstrtouint_from_user+0x20f/0x2a0 [ 1112.041178][T13739] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 1112.047304][T13739] ? __bpf_prog_put_rcu+0x300/0x300 [ 1112.052475][T13739] ? refcount_inc_checked+0x50/0x50 [ 1112.057643][T13739] ? memcg_check_events+0x5c/0x5b0 [ 1112.062726][T13739] ? proc_fail_nth_write+0x1d5/0x240 [ 1112.067993][T13739] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1112.073161][T13739] ? __lru_cache_add+0x1c4/0x210 [ 1112.078069][T13739] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1112.083235][T13739] ? memset+0x1f/0x40 [ 1112.087192][T13739] ? fsnotify+0x1332/0x13f0 [ 1112.091665][T13739] ? __kernel_write+0x340/0x340 [ 1112.096486][T13739] ? check_preemption_disabled+0x9e/0x330 [ 1112.102262][T13739] ? debug_smp_processor_id+0x20/0x20 [ 1112.107604][T13739] ? __fsnotify_parent+0x310/0x310 [ 1112.113049][T13739] ? __sb_end_write+0xb5/0x100 [ 1112.117782][T13739] ? vfs_write+0x422/0x4e0 [ 1112.122267][T13739] ? fput_many+0x42/0x1a0 [ 1112.126569][T13739] ? check_preemption_disabled+0x154/0x330 [ 1112.132367][T13739] do_syscall_64+0xcb/0x1e0 [ 1112.136886][T13739] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1112.142749][T13739] RIP: 0033:0x4665e9 [ 1112.146615][T13739] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1112.166281][T13739] RSP: 002b:00007fb6578f6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1112.174663][T13739] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665e9 [ 1112.182620][T13739] RDX: 0000000000000028 RSI: 0000000020000080 RDI: 000000000000000a [ 1112.190562][T13739] RBP: 00007fb6578f61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1112.198591][T13739] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1112.206535][T13739] R13: 00007ffcefb3e19f R14: 00007fb6578f6300 R15: 0000000000022000 [ 1112.223921][T13725] loop2: p5 start 7995392 is beyond EOD, truncated [ 1112.235216][T13730] loop5: p1 p3 < > p4 < p5 > [ 1112.240751][T13730] loop5: p1 start 131072 is beyond EOD, truncated [ 1112.258931][T13730] loop5: p5 start 131072 is beyond EOD, truncated [ 1112.271176][T13732] loop3: p1 p3 < > p4 < p5 > [ 1112.282034][T13732] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1112.298202][T13732] loop3: p5 size 11290111 extends beyond EOD, truncated 01:03:10 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000300ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:03:10 executing program 1 (fault-call:6 fault-nth:65): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) [ 1112.474620][T13747] FAULT_INJECTION: forcing a failure. [ 1112.474620][T13747] name failslab, interval 1, probability 0, space 0, times 0 [ 1112.487435][T13747] CPU: 1 PID: 13747 Comm: syz-executor.1 Not tainted 5.4.125-syzkaller-00004-gfe8243e7f1d1 #0 [ 1112.497660][T13747] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1112.507791][T13747] Call Trace: [ 1112.511080][T13747] dump_stack+0x1d8/0x24e [ 1112.515402][T13747] ? devkmsg_release+0x11c/0x11c [ 1112.520328][T13747] ? show_regs_print_info+0x12/0x12 [ 1112.525518][T13747] should_fail+0x6f6/0x860 [ 1112.529923][T13747] ? setup_fault_attr+0x3d0/0x3d0 [ 1112.534939][T13747] ? __copy_skb_header+0x421/0x550 [ 1112.540159][T13747] ? bpf_clone_redirect+0x10e/0x350 [ 1112.545343][T13747] should_failslab+0x5/0x20 [ 1112.550294][T13747] __kmalloc_track_caller+0x5d/0x2e0 [ 1112.555655][T13747] ? bpf_clone_redirect+0x10e/0x350 [ 1112.560872][T13747] pskb_expand_head+0x10d/0xfa0 [ 1112.565713][T13747] ? skb_ensure_writable+0x2ab/0x420 [ 1112.570998][T13747] bpf_clone_redirect+0x10e/0x350 [ 1112.576010][T13747] bpf_prog_801cabf80fc815cd+0x564/0x1000 [ 1112.581816][T13747] ? __schedule+0x9b8/0x1170 [ 1112.586512][T13747] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 1112.592305][T13747] ? rcu_preempt_deferred_qs_irqrestore+0x701/0xae0 [ 1112.599060][T13747] ? __rcu_read_unlock+0x1cd/0x6a0 [ 1112.604256][T13747] ? __rcu_read_lock+0x50/0x50 [ 1112.609094][T13747] ? ktime_get+0xfd/0x130 [ 1112.613416][T13747] bpf_test_run+0x288/0x680 [ 1112.617911][T13747] ? kzalloc+0x20/0x20 [ 1112.622067][T13747] ? build_skb+0x24c/0x440 [ 1112.626475][T13747] bpf_prog_test_run_skb+0x84d/0x1130 [ 1112.631928][T13747] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1112.637897][T13747] ? fput_many+0x42/0x1a0 [ 1112.642217][T13747] ? __bpf_prog_get+0x29f/0x310 [ 1112.647055][T13747] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1112.653338][T13747] __do_sys_bpf+0x2d28/0xbe70 [ 1112.657990][T13747] ? _kstrtoull+0x390/0x490 [ 1112.662465][T13747] ? kstrtouint_from_user+0x20f/0x2a0 [ 1112.668273][T13747] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 1112.674402][T13747] ? __bpf_prog_put_rcu+0x300/0x300 [ 1112.679571][T13747] ? refcount_inc_checked+0x50/0x50 [ 1112.684746][T13747] ? memcg_check_events+0x5c/0x5b0 [ 1112.689923][T13747] ? proc_fail_nth_write+0x1d5/0x240 [ 1112.695181][T13747] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1112.700440][T13747] ? __lru_cache_add+0x1c4/0x210 [ 1112.705348][T13747] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1112.710517][T13747] ? memset+0x1f/0x40 [ 1112.714482][T13747] ? fsnotify+0x1332/0x13f0 [ 1112.718967][T13747] ? __kernel_write+0x340/0x340 [ 1112.723813][T13747] ? check_preemption_disabled+0x9e/0x330 [ 1112.729519][T13747] ? debug_smp_processor_id+0x20/0x20 [ 1112.735125][T13747] ? __fsnotify_parent+0x310/0x310 [ 1112.740210][T13747] ? __sb_end_write+0xb5/0x100 [ 1112.745034][T13747] ? vfs_write+0x422/0x4e0 [ 1112.749420][T13747] ? fput_many+0x42/0x1a0 [ 1112.754071][T13747] ? check_preemption_disabled+0x154/0x330 [ 1112.759851][T13747] do_syscall_64+0xcb/0x1e0 [ 1112.764328][T13747] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1112.770366][T13747] RIP: 0033:0x4665e9 [ 1112.774239][T13747] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1112.793922][T13747] RSP: 002b:00007fb6578f6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1112.802578][T13747] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665e9 [ 1112.810529][T13747] RDX: 0000000000000028 RSI: 0000000020000080 RDI: 000000000000000a [ 1112.818475][T13747] RBP: 00007fb6578f61d0 R08: 0000000000000000 R09: 0000000000000000 01:03:11 executing program 0: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x10000000013, &(0x7f0000000000)=0x2000000000000001, 0x4) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000180)='ip6gre0\x00', 0x10) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x2, &(0x7f0000000200)=0x7fff, 0x4) connect$inet(r3, &(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f0000000300)={0x0, 0xcbf, 0x80000001}, 0x14) write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x140006, 0xffffffff00000000) [ 1112.826421][T13747] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1112.834366][T13747] R13: 00007ffcefb3e19f R14: 00007fb6578f6300 R15: 0000000000022000 01:03:11 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9800dff0a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1112.871850][T13725] loop2: p1 p3 < > p4 < p5 > [ 1112.877214][T13725] loop2: p1 start 7995392 is beyond EOD, truncated [ 1112.893883][T13725] loop2: p5 start 7995392 is beyond EOD, truncated [ 1112.908130][T13746] loop5: p1 p3 < > p4 < p5 > 01:03:11 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a009000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1112.923564][T13746] loop5: p1 start 196608 is beyond EOD, truncated [ 1112.953483][T13746] loop5: p5 start 196608 is beyond EOD, truncated 01:03:11 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000400ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1113.053598][T13754] loop3: p1 p3 < > p4 < p5 > [ 1113.069350][T13754] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1113.081327][T13754] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1113.138949][T13757] loop2: p1 p3 < > p4 < p5 > [ 1113.150296][T13757] loop2: p1 start 9437184 is beyond EOD, truncated [ 1113.158453][T13757] loop2: p5 start 9437184 is beyond EOD, truncated [ 1113.200373][T13760] loop5: p1 p3 < > p4 < p5 > [ 1113.205335][T13760] loop5: p1 start 262144 is beyond EOD, truncated [ 1113.213775][T13760] loop5: p5 start 262144 is beyond EOD, truncated [ 1113.398150][T13760] loop5: p1 p3 < > p4 < p5 > [ 1113.403310][T13760] loop5: p1 start 262144 is beyond EOD, truncated [ 1113.410663][T13760] loop5: p5 start 262144 is beyond EOD, truncated [ 1113.418704][ T148] loop5: p1 p3 < > p4 < p5 > [ 1113.424009][ T148] loop5: p1 start 262144 is beyond EOD, truncated [ 1113.431229][ T148] loop5: p5 start 262144 is beyond EOD, truncated [ 1113.842954][ T1216] Bluetooth: hci0: command 0x1003 tx timeout [ 1113.849161][ T9371] Bluetooth: hci0: sending frame failed (-49) [ 1115.922911][ T1216] Bluetooth: hci0: command 0x1001 tx timeout [ 1115.928945][ T9371] Bluetooth: hci0: sending frame failed (-49) [ 1118.002713][ T1216] Bluetooth: hci0: command 0x1009 tx timeout 01:03:20 executing program 4: clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x80087601, &(0x7f0000000000)=0x30) 01:03:20 executing program 1 (fault-call:6 fault-nth:66): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) 01:03:20 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a005901ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:03:20 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9c00dff0a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:03:20 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000500ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:03:20 executing program 0: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x10000000013, &(0x7f0000000000)=0x2000000000000001, 0x4) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000180)='ip6gre0\x00', 0x10) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x2, &(0x7f0000000200)=0x7fff, 0x4) connect$inet(r3, &(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f0000000300)={0x0, 0xcbf, 0x80000001}, 0x14) write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x140006, 0xffffffffffffffff) [ 1122.046511][T13772] loop2: p1 p3 < > p4 < p5 > [ 1122.051359][T13772] loop2: p1 start 22609920 is beyond EOD, truncated [ 1122.061413][T13772] loop2: p5 start 22609920 is beyond EOD, truncated [ 1122.087973][T13788] FAULT_INJECTION: forcing a failure. [ 1122.087973][T13788] name failslab, interval 1, probability 0, space 0, times 0 [ 1122.100634][T13788] CPU: 0 PID: 13788 Comm: syz-executor.1 Not tainted 5.4.125-syzkaller-00004-gfe8243e7f1d1 #0 [ 1122.110855][T13788] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1122.120899][T13788] Call Trace: [ 1122.124267][T13788] dump_stack+0x1d8/0x24e [ 1122.128586][T13788] ? devkmsg_release+0x11c/0x11c [ 1122.133517][T13788] ? show_regs_print_info+0x12/0x12 [ 1122.138714][T13788] should_fail+0x6f6/0x860 [ 1122.144008][T13788] ? setup_fault_attr+0x3d0/0x3d0 [ 1122.149028][T13788] ? __copy_skb_header+0x421/0x550 [ 1122.154134][T13788] ? bpf_clone_redirect+0x10e/0x350 [ 1122.159320][T13788] should_failslab+0x5/0x20 [ 1122.163811][T13788] __kmalloc_track_caller+0x5d/0x2e0 [ 1122.169089][T13788] ? bpf_clone_redirect+0x10e/0x350 [ 1122.174304][T13788] pskb_expand_head+0x10d/0xfa0 [ 1122.179149][T13788] ? skb_ensure_writable+0x2ab/0x420 [ 1122.184420][T13788] bpf_clone_redirect+0x10e/0x350 [ 1122.189437][T13788] bpf_prog_801cabf80fc815cd+0x3a8/0x1000 [ 1122.195151][T13788] ? __schedule+0x9b8/0x1170 [ 1122.199731][T13788] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 1122.205526][T13788] ? rcu_preempt_deferred_qs_irqrestore+0x701/0xae0 [ 1122.212106][T13788] ? __rcu_read_unlock+0x1cd/0x6a0 [ 1122.217202][T13788] ? __rcu_read_lock+0x50/0x50 [ 1122.221955][T13788] ? ktime_get+0xfd/0x130 [ 1122.226269][T13788] bpf_test_run+0x288/0x680 [ 1122.230760][T13788] ? kzalloc+0x20/0x20 [ 1122.234914][T13788] ? build_skb+0x24c/0x440 [ 1122.239319][T13788] bpf_prog_test_run_skb+0x84d/0x1130 [ 1122.244679][T13788] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1122.250487][T13788] ? fput_many+0x42/0x1a0 [ 1122.254804][T13788] ? __bpf_prog_get+0x29f/0x310 [ 1122.259654][T13788] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1122.265449][T13788] __do_sys_bpf+0x2d28/0xbe70 [ 1122.270128][T13788] ? _kstrtoull+0x390/0x490 [ 1122.274622][T13788] ? kstrtouint_from_user+0x20f/0x2a0 [ 1122.279976][T13788] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 1122.286102][T13788] ? __bpf_prog_put_rcu+0x300/0x300 [ 1122.291364][T13788] ? refcount_inc_checked+0x50/0x50 [ 1122.296651][T13788] ? memcg_check_events+0x5c/0x5b0 [ 1122.301732][T13788] ? proc_fail_nth_write+0x1d5/0x240 [ 1122.306984][T13788] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1122.312151][T13788] ? __lru_cache_add+0x1c4/0x210 [ 1122.317059][T13788] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1122.322226][T13788] ? memset+0x1f/0x40 [ 1122.326179][T13788] ? fsnotify+0x1332/0x13f0 [ 1122.330659][T13788] ? __kernel_write+0x340/0x340 [ 1122.335566][T13788] ? check_preemption_disabled+0x9e/0x330 [ 1122.341339][T13788] ? debug_smp_processor_id+0x20/0x20 [ 1122.346684][T13788] ? __fsnotify_parent+0x310/0x310 [ 1122.351764][T13788] ? __sb_end_write+0xb5/0x100 [ 1122.356500][T13788] ? vfs_write+0x422/0x4e0 [ 1122.360885][T13788] ? fput_many+0x42/0x1a0 [ 1122.365364][T13788] ? check_preemption_disabled+0x154/0x330 [ 1122.371145][T13788] do_syscall_64+0xcb/0x1e0 [ 1122.375636][T13788] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1122.381498][T13788] RIP: 0033:0x4665e9 [ 1122.385363][T13788] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1122.405024][T13788] RSP: 002b:00007fb6578f6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1122.413416][T13788] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665e9 [ 1122.421366][T13788] RDX: 0000000000000028 RSI: 0000000020000080 RDI: 000000000000000a [ 1122.429319][T13788] RBP: 00007fb6578f61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1122.437261][T13788] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1122.445210][T13788] R13: 00007ffcefb3e19f R14: 00007fb6578f6300 R15: 0000000000022000 01:03:20 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000402ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1122.487566][T13776] loop3: p1 p3 < > p4 < p5 > [ 1122.493708][T13777] loop5: p1 p3 < > p4 < p5 > [ 1122.519405][T13776] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1122.527684][T13777] loop5: p1 start 327680 is beyond EOD, truncated [ 1122.545801][T13777] loop5: p5 start 327680 is beyond EOD, truncated [ 1122.577054][T13776] loop3: p5 size 11290111 extends beyond EOD, truncated 01:03:20 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000600ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:03:20 executing program 1 (fault-call:6 fault-nth:67): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) 01:03:20 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9000eff0a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1122.668559][T13790] loop2: p1 p3 < > p4 < p5 > [ 1122.675156][T13790] loop2: p1 start 33816576 is beyond EOD, truncated [ 1122.691298][T13790] loop2: p5 start 33816576 is beyond EOD, truncated [ 1122.768895][T13801] FAULT_INJECTION: forcing a failure. [ 1122.768895][T13801] name failslab, interval 1, probability 0, space 0, times 0 [ 1122.781968][T13801] CPU: 0 PID: 13801 Comm: syz-executor.1 Not tainted 5.4.125-syzkaller-00004-gfe8243e7f1d1 #0 [ 1122.792192][T13801] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1122.802238][T13801] Call Trace: [ 1122.805610][T13801] dump_stack+0x1d8/0x24e [ 1122.809936][T13801] ? devkmsg_release+0x11c/0x11c [ 1122.814865][T13801] ? show_regs_print_info+0x12/0x12 [ 1122.820063][T13801] should_fail+0x6f6/0x860 [ 1122.824469][T13801] ? setup_fault_attr+0x3d0/0x3d0 [ 1122.829484][T13801] ? skb_release_data+0x346/0x6b0 [ 1122.834493][T13801] ? debug_smp_processor_id+0x20/0x20 [ 1122.839848][T13801] ? bpf_clone_redirect+0x10e/0x350 [ 1122.845040][T13801] ? skb_clone+0x1b2/0x360 [ 1122.849443][T13801] should_failslab+0x5/0x20 [ 1122.853931][T13801] kmem_cache_alloc+0x36/0x290 [ 1122.858680][T13801] ? __bpf_redirect+0x736/0xd00 [ 1122.863513][T13801] skb_clone+0x1b2/0x360 01:03:21 executing program 0: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x10000000013, &(0x7f0000000000)=0x2000000000000001, 0x4) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000180)='ip6gre0\x00', 0x10) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r4, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r5, 0x0) preadv(r5, &(0x7f0000000280), 0x18, 0xd9f, 0x0) getsockopt$inet_udp_int(r5, 0x11, 0x66, &(0x7f0000000040), &(0x7f0000000080)=0x4) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x2, &(0x7f0000000200)=0x7fff, 0x4) connect$inet(r3, &(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f0000000300)={0x0, 0xcbf, 0x80000001}, 0x14) write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x140006, 0x0) [ 1122.867745][T13801] bpf_clone_redirect+0xa2/0x350 [ 1122.872669][T13801] bpf_prog_801cabf80fc815cd+0x90d/0x1000 [ 1122.878469][T13801] ? __schedule+0x9b8/0x1170 [ 1122.883050][T13801] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 1122.888864][T13801] ? rcu_preempt_deferred_qs_irqrestore+0x701/0xae0 [ 1122.895447][T13801] ? __rcu_read_unlock+0x1cd/0x6a0 [ 1122.900552][T13801] ? __rcu_read_lock+0x50/0x50 [ 1122.905307][T13801] ? ktime_get+0xfd/0x130 [ 1122.909631][T13801] bpf_test_run+0x288/0x680 [ 1122.914125][T13801] ? kzalloc+0x20/0x20 [ 1122.918201][T13801] ? build_skb+0x24c/0x440 [ 1122.922605][T13801] bpf_prog_test_run_skb+0x84d/0x1130 [ 1122.927967][T13801] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1122.933759][T13801] ? fput_many+0x42/0x1a0 [ 1122.938074][T13801] ? __bpf_prog_get+0x29f/0x310 [ 1122.942908][T13801] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1122.948785][T13801] __do_sys_bpf+0x2d28/0xbe70 [ 1122.953448][T13801] ? _kstrtoull+0x390/0x490 [ 1122.957943][T13801] ? kstrtouint_from_user+0x20f/0x2a0 [ 1122.963310][T13801] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 1122.969452][T13801] ? __bpf_prog_put_rcu+0x300/0x300 [ 1122.974640][T13801] ? refcount_inc_checked+0x50/0x50 [ 1122.979822][T13801] ? memcg_check_events+0x5c/0x5b0 [ 1122.984947][T13801] ? proc_fail_nth_write+0x1d5/0x240 [ 1122.990307][T13801] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1122.995565][T13801] ? __lru_cache_add+0x1c4/0x210 [ 1123.000481][T13801] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1123.005667][T13801] ? memset+0x1f/0x40 [ 1123.009620][T13801] ? fsnotify+0x1332/0x13f0 [ 1123.014093][T13801] ? __kernel_write+0x340/0x340 [ 1123.018918][T13801] ? check_preemption_disabled+0x9e/0x330 [ 1123.024609][T13801] ? debug_smp_processor_id+0x20/0x20 [ 1123.029947][T13801] ? __fsnotify_parent+0x310/0x310 [ 1123.035034][T13801] ? __sb_end_write+0xb5/0x100 [ 1123.039766][T13801] ? vfs_write+0x422/0x4e0 [ 1123.044150][T13801] ? fput_many+0x42/0x1a0 [ 1123.048447][T13801] ? check_preemption_disabled+0x154/0x330 [ 1123.054235][T13801] do_syscall_64+0xcb/0x1e0 [ 1123.058719][T13801] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1123.064583][T13801] RIP: 0033:0x4665e9 [ 1123.068459][T13801] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1123.088120][T13801] RSP: 002b:00007fb6578f6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1123.096593][T13801] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665e9 [ 1123.104539][T13801] RDX: 0000000000000028 RSI: 0000000020000080 RDI: 000000000000000a [ 1123.112488][T13801] RBP: 00007fb6578f61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1123.120428][T13801] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1123.128549][T13801] R13: 00007ffcefb3e19f R14: 00007fb6578f6300 R15: 0000000000022000 [ 1123.193806][T13800] loop5: p1 p3 < > p4 < p5 > [ 1123.201126][T13800] loop5: p1 start 393216 is beyond EOD, truncated [ 1123.210724][T13800] loop5: p5 start 393216 is beyond EOD, truncated [ 1123.243915][T13799] loop3: p1 p3 < > p4 < p5 > [ 1123.248901][T13799] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1123.259583][T13799] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1123.269384][ T148] loop3: p1 p3 < > p4 < p5 > [ 1123.275679][ T148] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1123.283672][T13790] loop2: p1 p3 < > p4 < p5 > 01:03:21 executing program 1 (fault-call:6 fault-nth:68): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) [ 1123.288705][T13790] loop2: p1 start 33816576 is beyond EOD, truncated [ 1123.298402][ T148] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1123.307900][T13790] loop2: p5 start 33816576 is beyond EOD, truncated [ 1123.376860][T13810] FAULT_INJECTION: forcing a failure. [ 1123.376860][T13810] name failslab, interval 1, probability 0, space 0, times 0 [ 1123.389515][T13810] CPU: 1 PID: 13810 Comm: syz-executor.1 Not tainted 5.4.125-syzkaller-00004-gfe8243e7f1d1 #0 [ 1123.399733][T13810] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1123.410037][T13810] Call Trace: [ 1123.413319][T13810] dump_stack+0x1d8/0x24e [ 1123.417634][T13810] ? devkmsg_release+0x11c/0x11c [ 1123.422558][T13810] ? show_regs_print_info+0x12/0x12 [ 1123.427830][T13810] should_fail+0x6f6/0x860 [ 1123.432231][T13810] ? setup_fault_attr+0x3d0/0x3d0 [ 1123.437245][T13810] ? skb_release_data+0x346/0x6b0 [ 1123.442257][T13810] ? debug_smp_processor_id+0x20/0x20 [ 1123.447613][T13810] ? bpf_clone_redirect+0x10e/0x350 [ 1123.452795][T13810] ? skb_clone+0x1b2/0x360 [ 1123.457200][T13810] should_failslab+0x5/0x20 [ 1123.461690][T13810] kmem_cache_alloc+0x36/0x290 [ 1123.466439][T13810] ? __bpf_redirect+0x736/0xd00 [ 1123.471274][T13810] skb_clone+0x1b2/0x360 [ 1123.475502][T13810] bpf_clone_redirect+0xa2/0x350 [ 1123.480424][T13810] bpf_prog_801cabf80fc815cd+0xc83/0x1000 [ 1123.486229][T13810] ? __schedule+0x9b8/0x1170 [ 1123.490803][T13810] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 1123.496594][T13810] ? rcu_preempt_deferred_qs_irqrestore+0x701/0xae0 [ 1123.503258][T13810] ? __rcu_read_unlock+0x1cd/0x6a0 [ 1123.508349][T13810] ? __rcu_read_lock+0x50/0x50 [ 1123.513101][T13810] ? ktime_get+0xfd/0x130 [ 1123.517444][T13810] bpf_test_run+0x288/0x680 [ 1123.521930][T13810] ? kzalloc+0x20/0x20 [ 1123.525983][T13810] ? build_skb+0x24c/0x440 [ 1123.530411][T13810] bpf_prog_test_run_skb+0x84d/0x1130 [ 1123.535770][T13810] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1123.541642][T13810] ? fput_many+0x42/0x1a0 [ 1123.545959][T13810] ? __bpf_prog_get+0x29f/0x310 [ 1123.550810][T13810] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1123.557208][T13810] __do_sys_bpf+0x2d28/0xbe70 [ 1123.561857][T13810] ? _kstrtoull+0x390/0x490 [ 1123.566329][T13810] ? kstrtouint_from_user+0x20f/0x2a0 [ 1123.571674][T13810] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 1123.577800][T13810] ? __bpf_prog_put_rcu+0x300/0x300 [ 1123.583052][T13810] ? refcount_inc_checked+0x50/0x50 [ 1123.588222][T13810] ? memcg_check_events+0x5c/0x5b0 [ 1123.593303][T13810] ? proc_fail_nth_write+0x1d5/0x240 [ 1123.598556][T13810] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1123.603720][T13810] ? __lru_cache_add+0x1c4/0x210 [ 1123.608624][T13810] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1123.613803][T13810] ? memset+0x1f/0x40 [ 1123.617778][T13810] ? fsnotify+0x1332/0x13f0 [ 1123.622259][T13810] ? __kernel_write+0x340/0x340 [ 1123.627097][T13810] ? check_preemption_disabled+0x9e/0x330 [ 1123.632795][T13810] ? debug_smp_processor_id+0x20/0x20 [ 1123.638137][T13810] ? __fsnotify_parent+0x310/0x310 [ 1123.643220][T13810] ? __sb_end_write+0xb5/0x100 [ 1123.647958][T13810] ? vfs_write+0x422/0x4e0 [ 1123.652342][T13810] ? fput_many+0x42/0x1a0 [ 1123.656650][T13810] ? check_preemption_disabled+0x154/0x330 [ 1123.662441][T13810] do_syscall_64+0xcb/0x1e0 [ 1123.666926][T13810] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1123.672796][T13810] RIP: 0033:0x4665e9 [ 1123.676665][T13810] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1123.696238][T13810] RSP: 002b:00007fb6578f6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1123.704617][T13810] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665e9 [ 1123.712731][T13810] RDX: 0000000000000028 RSI: 0000000020000080 RDI: 000000000000000a [ 1123.720672][T13810] RBP: 00007fb6578f61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1123.728619][T13810] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1123.736592][T13810] R13: 00007ffcefb3e19f R14: 00007fb6578f6300 R15: 0000000000022000 [ 1123.765861][ T148] loop2: p1 p3 < > p4 < p5 > [ 1123.776448][ T148] loop2: p1 start 33816576 is beyond EOD, truncated [ 1123.787656][ T148] loop2: p5 start 33816576 is beyond EOD, truncated [ 1124.082570][ T372] Bluetooth: hci0: command 0x1003 tx timeout [ 1124.088785][ T9371] Bluetooth: hci0: sending frame failed (-49) [ 1126.162174][ T372] Bluetooth: hci0: command 0x1001 tx timeout [ 1126.168330][ T9371] Bluetooth: hci0: sending frame failed (-49) [ 1128.241944][ T372] Bluetooth: hci0: command 0x1009 tx timeout 01:03:30 executing program 4: clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0xc0045878, &(0x7f0000000000)=0x30) 01:03:30 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000700ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:03:30 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9400eff0a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:03:30 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a009e02ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:03:30 executing program 0: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) write$binfmt_misc(r2, &(0x7f0000000240)={'syz0', "2202b61eb2dae69630d6a637aa922c1e28b14891ec829553733d8470bd60b87401f3b2eac6af120f5c4bbdc5972edaa5b0ce4852f1b28c6ba243791748e98552230272c946cd93c3e806cb8f70067035f69cc94f767699f6b2963f49f367bc362a79d0fdd5e53ad668d58c9401b70ea0de2dd5caff566092f97d9521be84bd03b14d6e86003400995bd1659b31e82081359563e92442a831bb623da77199918cbd5dcb73da7b296c92136861ee1ab0a90d11f00240f99dd941"}, 0xbd) close(r2) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x10000000013, &(0x7f0000000000)=0x2000000000000001, 0x4) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000180)='ip6gre0\x00', 0x10) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x2, &(0x7f0000000200)=0x7fff, 0x4) connect$inet(r3, &(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f0000000300)={0x0, 0xcbf, 0x80000001}, 0x14) write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x140006, 0x0) 01:03:30 executing program 1 (fault-call:6 fault-nth:69): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) [ 1132.271331][ T163] Bluetooth: hci0: Frame reassembly failed (-84) [ 1132.294230][T13826] loop5: p1 p3 < > p4 < p5 > [ 1132.299160][T13826] loop5: p1 start 458752 is beyond EOD, truncated [ 1132.307472][T13826] loop5: p5 start 458752 is beyond EOD, truncated [ 1132.333558][T13840] FAULT_INJECTION: forcing a failure. [ 1132.333558][T13840] name failslab, interval 1, probability 0, space 0, times 0 [ 1132.333852][T13827] loop3: p1 p3 < > p4 < p5 > [ 1132.346210][T13840] CPU: 0 PID: 13840 Comm: syz-executor.1 Not tainted 5.4.125-syzkaller-00004-gfe8243e7f1d1 #0 [ 1132.361059][T13840] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1132.370745][T13827] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1132.371274][T13840] Call Trace: [ 1132.371290][T13840] dump_stack+0x1d8/0x24e [ 1132.371305][T13840] ? devkmsg_release+0x11c/0x11c [ 1132.390734][T13840] ? show_regs_print_info+0x12/0x12 [ 1132.395918][T13840] ? memset+0x1f/0x40 [ 1132.399987][T13840] ? unwind_next_frame+0x1f0a/0x27b0 [ 1132.405257][T13840] should_fail+0x6f6/0x860 [ 1132.409661][T13840] ? setup_fault_attr+0x3d0/0x3d0 [ 1132.414671][T13840] ? dst_alloc+0x137/0x4e0 [ 1132.419075][T13840] should_failslab+0x5/0x20 [ 1132.423651][T13840] kmem_cache_alloc+0x36/0x290 [ 1132.428397][T13840] dst_alloc+0x137/0x4e0 [ 1132.432623][T13840] __mkroute_output+0x9e4/0x1430 [ 1132.437546][T13840] ? __siphash_aligned+0x1d1/0x320 [ 1132.442644][T13840] ? ip_route_output_key_hash_rcu+0xf90/0xf90 [ 1132.448784][T13840] ? ip_route_output_key_hash_rcu+0x41b/0xf90 [ 1132.454837][T13840] ip_route_output_flow+0x13d/0x320 [ 1132.460023][T13840] ? ipv4_sk_update_pmtu+0x1e00/0x1e00 [ 1132.465471][T13840] ? debug_smp_processor_id+0x20/0x20 [ 1132.470839][T13840] ip_tunnel_xmit+0xa00/0x20e0 [ 1132.475599][T13840] ? ip_tunnel_xmit+0x1b1/0x20e0 [ 1132.480554][T13840] ? tnl_update_pmtu+0x980/0x980 [ 1132.485565][T13840] ? gre_build_header+0x238/0x780 [ 1132.490576][T13840] ipgre_xmit+0x6db/0x9e0 [ 1132.494895][T13840] xmit_one+0xfa/0x470 [ 1132.498954][T13840] __dev_queue_xmit+0x14ec/0x2e50 [ 1132.503966][T13840] ? dev_queue_xmit+0x20/0x20 [ 1132.508670][T13840] ? check_preemption_disabled+0x9e/0x330 [ 1132.514462][T13840] ? skb_release_data+0x346/0x6b0 [ 1132.519472][T13840] ? debug_smp_processor_id+0x20/0x20 [ 1132.524826][T13840] ? bpf_clone_redirect+0x10e/0x350 [ 1132.530011][T13840] __bpf_redirect+0x728/0xd00 [ 1132.534678][T13840] bpf_clone_redirect+0x243/0x350 [ 1132.539676][T13840] bpf_prog_801cabf80fc815cd+0x1af/0x1000 [ 1132.545398][T13840] ? __schedule+0x9b8/0x1170 [ 1132.550084][T13840] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 1132.557870][T13840] ? rcu_preempt_deferred_qs_irqrestore+0x701/0xae0 [ 1132.564431][T13840] ? __rcu_read_unlock+0x1cd/0x6a0 [ 1132.569512][T13840] ? __rcu_read_lock+0x50/0x50 [ 1132.574265][T13840] ? ktime_get+0xfd/0x130 [ 1132.578675][T13840] bpf_test_run+0x288/0x680 [ 1132.583162][T13840] ? kzalloc+0x20/0x20 [ 1132.587291][T13840] ? build_skb+0x24c/0x440 [ 1132.591680][T13840] bpf_prog_test_run_skb+0x84d/0x1130 [ 1132.597027][T13840] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1132.602830][T13840] ? fput_many+0x42/0x1a0 [ 1132.607145][T13840] ? __bpf_prog_get+0x29f/0x310 [ 1132.611970][T13840] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1132.617745][T13840] __do_sys_bpf+0x2d28/0xbe70 [ 1132.622397][T13840] ? _kstrtoull+0x390/0x490 [ 1132.626914][T13840] ? kstrtouint_from_user+0x20f/0x2a0 [ 1132.632258][T13840] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 1132.638506][T13840] ? __bpf_prog_put_rcu+0x300/0x300 [ 1132.643774][T13840] ? refcount_inc_checked+0x50/0x50 [ 1132.649129][T13840] ? memcg_check_events+0x1a2/0x5b0 [ 1132.654310][T13840] ? proc_fail_nth_write+0x1d5/0x240 [ 1132.659569][T13840] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1132.664753][T13840] ? __lru_cache_add+0x1c4/0x210 [ 1132.669662][T13840] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1132.674831][T13840] ? memset+0x1f/0x40 [ 1132.678870][T13840] ? fsnotify+0x1332/0x13f0 [ 1132.683348][T13840] ? __kernel_write+0x340/0x340 [ 1132.688171][T13840] ? check_preemption_disabled+0x9e/0x330 [ 1132.693886][T13840] ? debug_smp_processor_id+0x20/0x20 [ 1132.699314][T13840] ? __fsnotify_parent+0x310/0x310 [ 1132.704397][T13840] ? __sb_end_write+0xb5/0x100 [ 1132.709129][T13840] ? vfs_write+0x422/0x4e0 [ 1132.713526][T13840] ? fput_many+0x42/0x1a0 [ 1132.717826][T13840] ? check_preemption_disabled+0x154/0x330 [ 1132.723613][T13840] do_syscall_64+0xcb/0x1e0 [ 1132.728612][T13840] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1132.734475][T13840] RIP: 0033:0x4665e9 [ 1132.738777][T13840] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1132.759068][T13840] RSP: 002b:00007fb6578f6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1132.767456][T13840] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665e9 [ 1132.775401][T13840] RDX: 0000000000000028 RSI: 0000000020000080 RDI: 000000000000000a [ 1132.783345][T13840] RBP: 00007fb6578f61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1132.791287][T13840] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1132.799229][T13840] R13: 00007ffcefb3e19f R14: 00007fb6578f6300 R15: 0000000000022000 [ 1132.815083][T13827] loop3: p5 size 11290111 extends beyond EOD, truncated 01:03:31 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000800ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1132.858047][T13832] loop2: p1 p3 < > p4 < p5 > [ 1132.863987][T13832] loop2: p1 start 43909120 is beyond EOD, truncated [ 1132.893618][T13832] loop2: p5 start 43909120 is beyond EOD, truncated 01:03:31 executing program 1 (fault-call:6 fault-nth:70): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) [ 1132.984651][ T148] loop3: p1 p3 < > p4 < p5 > [ 1132.990143][ T148] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1133.003289][ T148] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1133.055509][T13846] loop5: p1 p3 < > p4 < p5 > [ 1133.060354][T13846] loop5: p1 start 524288 is beyond EOD, truncated [ 1133.069252][T13846] loop5: p5 start 524288 is beyond EOD, truncated [ 1133.077306][T13850] FAULT_INJECTION: forcing a failure. [ 1133.077306][T13850] name failslab, interval 1, probability 0, space 0, times 0 [ 1133.090043][T13850] CPU: 1 PID: 13850 Comm: syz-executor.1 Not tainted 5.4.125-syzkaller-00004-gfe8243e7f1d1 #0 [ 1133.100278][T13850] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1133.110345][T13850] Call Trace: [ 1133.113636][T13850] dump_stack+0x1d8/0x24e [ 1133.117961][T13850] ? devkmsg_release+0x11c/0x11c [ 1133.122902][T13850] ? show_regs_print_info+0x12/0x12 [ 1133.128100][T13850] should_fail+0x6f6/0x860 [ 1133.132511][T13850] ? setup_fault_attr+0x3d0/0x3d0 [ 1133.137527][T13850] ? __copy_skb_header+0x421/0x550 [ 1133.142628][T13850] ? bpf_clone_redirect+0x10e/0x350 [ 1133.147816][T13850] should_failslab+0x5/0x20 [ 1133.152307][T13850] __kmalloc_track_caller+0x5d/0x2e0 [ 1133.157580][T13850] ? bpf_clone_redirect+0x10e/0x350 [ 1133.162767][T13850] pskb_expand_head+0x10d/0xfa0 [ 1133.167613][T13850] ? skb_ensure_writable+0x2ab/0x420 [ 1133.172891][T13850] bpf_clone_redirect+0x10e/0x350 [ 1133.177919][T13850] bpf_prog_801cabf80fc815cd+0xebe/0x1000 [ 1133.183629][T13850] ? __schedule+0x9b8/0x1170 [ 1133.188207][T13850] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 1133.194000][T13850] ? rcu_preempt_deferred_qs_irqrestore+0x701/0xae0 [ 1133.200687][T13850] ? __rcu_read_unlock+0x1cd/0x6a0 [ 1133.205788][T13850] ? __rcu_read_lock+0x50/0x50 [ 1133.210542][T13850] ? ktime_get+0xfd/0x130 [ 1133.214862][T13850] bpf_test_run+0x288/0x680 [ 1133.219354][T13850] ? kzalloc+0x20/0x20 [ 1133.223414][T13850] ? build_skb+0x24c/0x440 [ 1133.227821][T13850] bpf_prog_test_run_skb+0x84d/0x1130 [ 1133.233186][T13850] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1133.238980][T13850] ? fput_many+0x42/0x1a0 [ 1133.243299][T13850] ? __bpf_prog_get+0x29f/0x310 [ 1133.248133][T13850] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1133.253929][T13850] __do_sys_bpf+0x2d28/0xbe70 [ 1133.258667][T13850] ? _kstrtoull+0x390/0x490 [ 1133.263140][T13850] ? kstrtouint_from_user+0x20f/0x2a0 [ 1133.269012][T13850] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 1133.275137][T13850] ? __bpf_prog_put_rcu+0x300/0x300 [ 1133.280308][T13850] ? refcount_inc_checked+0x50/0x50 [ 1133.290558][T13850] ? memcg_check_events+0x5c/0x5b0 [ 1133.295646][T13850] ? proc_fail_nth_write+0x1d5/0x240 [ 1133.300905][T13850] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1133.306081][T13850] ? __lru_cache_add+0x1c4/0x210 [ 1133.310991][T13850] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1133.316205][T13850] ? memset+0x1f/0x40 [ 1133.320157][T13850] ? fsnotify+0x1332/0x13f0 [ 1133.324654][T13850] ? __kernel_write+0x340/0x340 [ 1133.329482][T13850] ? check_preemption_disabled+0x9e/0x330 [ 1133.335176][T13850] ? debug_smp_processor_id+0x20/0x20 [ 1133.340607][T13850] ? __fsnotify_parent+0x310/0x310 [ 1133.345691][T13850] ? __sb_end_write+0xb5/0x100 [ 1133.350513][T13850] ? vfs_write+0x422/0x4e0 [ 1133.355093][T13850] ? fput_many+0x42/0x1a0 [ 1133.359395][T13850] ? check_preemption_disabled+0x154/0x330 [ 1133.365179][T13850] do_syscall_64+0xcb/0x1e0 [ 1133.369657][T13850] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1133.375535][T13850] RIP: 0033:0x4665e9 [ 1133.379402][T13850] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1133.398976][T13850] RSP: 002b:00007fb6578f6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 01:03:31 executing program 0: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x10000000013, &(0x7f0000000000)=0x2000000000000001, 0x4) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000180)='ip6gre0\x00', 0x10) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r5, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r6 = accept4$unix(0xffffffffffffffff, &(0x7f0000000040), &(0x7f0000000140)=0x6e, 0x80000) preadv(r5, &(0x7f0000000280), 0x18, 0xd9f, 0x0) mmap(&(0x7f0000529000/0x4000)=nil, 0x4000, 0x0, 0x1010, r6, 0x564d8000) setsockopt$inet_tcp_int(r3, 0x6, 0x2, &(0x7f0000000200)=0x7fff, 0x4) connect$inet(r3, &(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f0000000300)={0x0, 0xcbf, 0x80000001}, 0x14) write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x140006, 0x0) [ 1133.407357][T13850] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665e9 [ 1133.415302][T13850] RDX: 0000000000000028 RSI: 0000000020000080 RDI: 000000000000000a [ 1133.423246][T13850] RBP: 00007fb6578f61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1133.431202][T13850] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1133.439146][T13850] R13: 00007ffcefb3e19f R14: 00007fb6578f6300 R15: 0000000000022000 01:03:31 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a00a002ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1133.504108][T13827] loop_reread_partitions: partition scan of loop3 () failed (rc=-16) 01:03:31 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9800eff0a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:03:31 executing program 1 (fault-call:6 fault-nth:71): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) [ 1133.634308][T13846] loop5: p1 p3 < > p4 < p5 > [ 1133.639142][T13846] loop5: p1 start 524288 is beyond EOD, truncated [ 1133.648367][T13846] loop5: p5 start 524288 is beyond EOD, truncated [ 1133.693132][T13861] loop2: p1 p3 < > p4 < p5 > [ 1133.698019][T13861] loop2: p1 start 44040192 is beyond EOD, truncated [ 1133.706282][T13861] loop2: p5 start 44040192 is beyond EOD, truncated [ 1133.715985][T13866] FAULT_INJECTION: forcing a failure. [ 1133.715985][T13866] name failslab, interval 1, probability 0, space 0, times 0 [ 1133.728833][T13866] CPU: 1 PID: 13866 Comm: syz-executor.1 Not tainted 5.4.125-syzkaller-00004-gfe8243e7f1d1 #0 [ 1133.739061][T13866] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1133.749279][T13866] Call Trace: [ 1133.752583][T13866] dump_stack+0x1d8/0x24e [ 1133.756919][T13866] ? devkmsg_release+0x11c/0x11c [ 1133.761933][T13866] ? show_regs_print_info+0x12/0x12 [ 1133.767124][T13866] should_fail+0x6f6/0x860 [ 1133.771536][T13866] ? setup_fault_attr+0x3d0/0x3d0 [ 1133.776567][T13866] ? skb_release_data+0x346/0x6b0 [ 1133.781665][T13866] ? debug_smp_processor_id+0x20/0x20 [ 1133.787058][T13866] ? bpf_clone_redirect+0x10e/0x350 [ 1133.792245][T13866] ? skb_clone+0x1b2/0x360 [ 1133.796650][T13866] should_failslab+0x5/0x20 [ 1133.801140][T13866] kmem_cache_alloc+0x36/0x290 [ 1133.805891][T13866] ? __bpf_redirect+0x736/0xd00 [ 1133.810728][T13866] skb_clone+0x1b2/0x360 [ 1133.814958][T13866] bpf_clone_redirect+0xa2/0x350 [ 1133.820069][T13866] bpf_prog_801cabf80fc815cd+0xb3a/0x1000 [ 1133.825778][T13866] ? __schedule+0x9b8/0x1170 [ 1133.830355][T13866] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 1133.836156][T13866] ? rcu_preempt_deferred_qs_irqrestore+0x701/0xae0 [ 1133.842816][T13866] ? __rcu_read_unlock+0x1cd/0x6a0 [ 1133.847909][T13866] ? __rcu_read_lock+0x50/0x50 [ 1133.852657][T13866] ? ktime_get+0xfd/0x130 [ 1133.856968][T13866] bpf_test_run+0x288/0x680 [ 1133.861461][T13866] ? kzalloc+0x20/0x20 [ 1133.865512][T13866] ? build_skb+0x24c/0x440 [ 1133.870002][T13866] bpf_prog_test_run_skb+0x84d/0x1130 [ 1133.875365][T13866] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1133.881142][T13866] ? fput_many+0x42/0x1a0 [ 1133.885444][T13866] ? __bpf_prog_get+0x29f/0x310 [ 1133.890263][T13866] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1133.896040][T13866] __do_sys_bpf+0x2d28/0xbe70 [ 1133.900689][T13866] ? _kstrtoull+0x390/0x490 [ 1133.905250][T13866] ? kstrtouint_from_user+0x20f/0x2a0 [ 1133.910592][T13866] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 1133.916715][T13866] ? __bpf_prog_put_rcu+0x300/0x300 [ 1133.921895][T13866] ? refcount_inc_checked+0x50/0x50 [ 1133.927074][T13866] ? memcg_check_events+0x5c/0x5b0 [ 1133.932167][T13866] ? proc_fail_nth_write+0x1d5/0x240 [ 1133.937449][T13866] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1133.942618][T13866] ? __lru_cache_add+0x1c4/0x210 [ 1133.947525][T13866] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1133.952693][T13866] ? memset+0x1f/0x40 [ 1133.956648][T13866] ? fsnotify+0x1332/0x13f0 [ 1133.961134][T13866] ? __kernel_write+0x340/0x340 [ 1133.965958][T13866] ? check_preemption_disabled+0x9e/0x330 [ 1133.971649][T13866] ? debug_smp_processor_id+0x20/0x20 [ 1133.976993][T13866] ? __fsnotify_parent+0x310/0x310 [ 1133.982094][T13866] ? __sb_end_write+0xb5/0x100 [ 1133.986830][T13866] ? vfs_write+0x422/0x4e0 [ 1133.991227][T13866] ? fput_many+0x42/0x1a0 [ 1133.995533][T13866] ? check_preemption_disabled+0x154/0x330 [ 1134.001315][T13866] do_syscall_64+0xcb/0x1e0 [ 1134.005791][T13866] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1134.011848][T13866] RIP: 0033:0x4665e9 [ 1134.015800][T13866] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1134.035371][T13866] RSP: 002b:00007fb6578f6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1134.043752][T13866] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665e9 [ 1134.051701][T13866] RDX: 0000000000000028 RSI: 0000000020000080 RDI: 000000000000000a [ 1134.059650][T13866] RBP: 00007fb6578f61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1134.067597][T13866] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1134.075542][T13866] R13: 00007ffcefb3e19f R14: 00007fb6578f6300 R15: 0000000000022000 [ 1134.101891][T13860] loop3: p1 p3 < > p4 < p5 > [ 1134.106974][T13860] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1134.116015][T13860] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1134.133164][ T148] loop3: p1 p3 < > p4 < p5 > [ 1134.138682][ T148] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1134.148683][ T148] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1134.283422][T13820] print_req_error: 50 callbacks suppressed [ 1134.283435][T13820] blk_update_request: I/O error, dev loop5, sector 9 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 1134.301359][ T119] blk_update_request: I/O error, dev loop5, sector 9 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1134.312346][ T119] buffer_io_error: 44 callbacks suppressed [ 1134.312352][ T119] Buffer I/O error on dev loop5p3, logical block 0, async page read [ 1134.326815][ T101] Bluetooth: hci0: command 0x1003 tx timeout [ 1134.326889][ T95] blk_update_request: I/O error, dev loop5, sector 9 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1134.333326][ T9371] Bluetooth: hci0: sending frame failed (-49) [ 1134.343895][ T95] Buffer I/O error on dev loop5p3, logical block 0, async page read [ 1134.353822][T13842] blk_update_request: I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 1134.357839][ T347] __loop_clr_fd: partition scan of loop5 failed (rc=-16) [ 1134.369720][ T148] loop3: p1 p3 < > p4 < p5 > [ 1134.378832][ T95] blk_update_request: I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1134.391616][ T95] Buffer I/O error on dev loop5p4, logical block 0, async page read [ 1134.399612][ T95] blk_update_request: I/O error, dev loop5, sector 9 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1134.402248][ T148] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1134.410494][ T95] Buffer I/O error on dev loop5p3, logical block 0, async page read [ 1134.419963][ T148] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1134.425400][ T95] blk_update_request: I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1134.443161][ T95] Buffer I/O error on dev loop5p4, logical block 0, async page read [ 1134.444926][T13860] loop3: p1 p3 < > p4 < p5 > [ 1134.451157][ T95] blk_update_request: I/O error, dev loop5, sector 9 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1134.456793][T13860] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1134.466734][ T95] Buffer I/O error on dev loop5p3, logical block 0, async page read [ 1134.466776][ T95] blk_update_request: I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1134.476318][T13860] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1134.481660][ T95] Buffer I/O error on dev loop5p4, logical block 0, async page read [ 1134.481701][ T95] blk_update_request: I/O error, dev loop5, sector 9 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1134.481707][ T95] Buffer I/O error on dev loop5p3, logical block 0, async page read [ 1134.483078][ T95] Buffer I/O error on dev loop5p4, logical block 0, async page read [ 1134.534604][ T95] Buffer I/O error on dev loop5p3, logical block 0, async page read [ 1136.401282][ T372] Bluetooth: hci0: command 0x1001 tx timeout [ 1136.407337][ T9371] Bluetooth: hci0: sending frame failed (-49) [ 1138.481252][ T101] Bluetooth: hci0: command 0x1009 tx timeout 01:03:40 executing program 4: clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0xc0045878, &(0x7f0000000000)=0x30) 01:03:40 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000900ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:03:40 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a00a202ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:03:40 executing program 1 (fault-call:6 fault-nth:72): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) 01:03:40 executing program 0: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x10000000013, &(0x7f0000000000)=0x2000000000000001, 0x4) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000180)='ip6gre0\x00', 0x10) r4 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x163300, 0xa6) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x2, &(0x7f0000000200)=0x7fff, 0x4) r5 = syz_open_dev$vcsn(&(0x7f0000000140), 0xffffffffffffff92, 0xc401) connect$inet(r5, &(0x7f00000001c0)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) connect$inet(r3, &(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f0000000300)={0x0, 0xcbf, 0x80000001}, 0x14) write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0xfffffecc) pipe2(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84000) setsockopt$inet_tcp_TCP_CONGESTION(r6, 0x6, 0xd, &(0x7f0000000080)='bic\x00', 0x4) preadv(0xffffffffffffffff, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x6, &(0x7f0000000240)=0x8, 0x4) splice(r0, 0x0, r2, 0x0, 0x140006, 0x0) 01:03:40 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9c00eff0a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1142.513339][ T163] Bluetooth: hci0: Frame reassembly failed (-84) [ 1142.549379][T13877] loop5: p1 p3 < > p4 < p5 > [ 1142.559356][T13877] loop5: p1 start 589824 is beyond EOD, truncated [ 1142.568200][T13877] loop5: p5 start 589824 is beyond EOD, truncated [ 1142.578849][T13893] FAULT_INJECTION: forcing a failure. [ 1142.578849][T13893] name failslab, interval 1, probability 0, space 0, times 0 [ 1142.591521][T13893] CPU: 0 PID: 13893 Comm: syz-executor.1 Not tainted 5.4.125-syzkaller-00004-gfe8243e7f1d1 #0 [ 1142.601737][T13893] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1142.611818][T13893] Call Trace: [ 1142.615103][T13893] dump_stack+0x1d8/0x24e [ 1142.619426][T13893] ? devkmsg_release+0x11c/0x11c [ 1142.624360][T13893] ? show_regs_print_info+0x12/0x12 [ 1142.629590][T13893] should_fail+0x6f6/0x860 [ 1142.634088][T13893] ? setup_fault_attr+0x3d0/0x3d0 [ 1142.639249][T13893] ? __copy_skb_header+0x421/0x550 [ 1142.644354][T13893] ? bpf_clone_redirect+0x10e/0x350 [ 1142.649553][T13893] should_failslab+0x5/0x20 [ 1142.654047][T13893] __kmalloc_track_caller+0x5d/0x2e0 [ 1142.659322][T13893] ? bpf_clone_redirect+0x10e/0x350 [ 1142.664511][T13893] pskb_expand_head+0x10d/0xfa0 [ 1142.669350][T13893] ? skb_ensure_writable+0x2ab/0x420 [ 1142.674622][T13893] bpf_clone_redirect+0x10e/0x350 [ 1142.679807][T13893] bpf_prog_801cabf80fc815cd+0x93c/0x1000 [ 1142.685519][T13893] ? __schedule+0x9b8/0x1170 [ 1142.690097][T13893] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 1142.695892][T13893] ? rcu_preempt_deferred_qs_irqrestore+0x701/0xae0 [ 1142.702479][T13893] ? __rcu_read_unlock+0x1cd/0x6a0 [ 1142.707595][T13893] ? __rcu_read_lock+0x50/0x50 [ 1142.712360][T13893] ? ktime_get+0xfd/0x130 [ 1142.716688][T13893] bpf_test_run+0x288/0x680 [ 1142.721184][T13893] ? kzalloc+0x20/0x20 [ 1142.725396][T13893] ? build_skb+0x24c/0x440 [ 1142.729810][T13893] bpf_prog_test_run_skb+0x84d/0x1130 [ 1142.735175][T13893] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1142.740971][T13893] ? fput_many+0x42/0x1a0 [ 1142.745297][T13893] ? __bpf_prog_get+0x29f/0x310 [ 1142.750145][T13893] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1142.755955][T13893] __do_sys_bpf+0x2d28/0xbe70 [ 1142.760620][T13893] ? _kstrtoull+0x390/0x490 [ 1142.765096][T13893] ? kstrtouint_from_user+0x20f/0x2a0 [ 1142.770450][T13893] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 1142.776674][T13893] ? __bpf_prog_put_rcu+0x300/0x300 [ 1142.781855][T13893] ? refcount_inc_checked+0x50/0x50 [ 1142.787033][T13893] ? memcg_check_events+0x5c/0x5b0 [ 1142.792121][T13893] ? proc_fail_nth_write+0x1d5/0x240 [ 1142.797383][T13893] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1142.802652][T13893] ? __lru_cache_add+0x1c4/0x210 [ 1142.807561][T13893] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1142.812743][T13893] ? memset+0x1f/0x40 [ 1142.816703][T13893] ? fsnotify+0x1332/0x13f0 [ 1142.821183][T13893] ? __kernel_write+0x340/0x340 [ 1142.826013][T13893] ? check_preemption_disabled+0x9e/0x330 [ 1142.831707][T13893] ? debug_smp_processor_id+0x20/0x20 [ 1142.837048][T13893] ? __fsnotify_parent+0x310/0x310 [ 1142.842131][T13893] ? __sb_end_write+0xb5/0x100 [ 1142.846864][T13893] ? vfs_write+0x422/0x4e0 [ 1142.851250][T13893] ? fput_many+0x42/0x1a0 [ 1142.855550][T13893] ? check_preemption_disabled+0x154/0x330 [ 1142.861329][T13893] do_syscall_64+0xcb/0x1e0 [ 1142.865806][T13893] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1142.871757][T13893] RIP: 0033:0x4665e9 [ 1142.875720][T13893] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1142.895478][T13893] RSP: 002b:00007fb6578f6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1142.903875][T13893] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665e9 [ 1142.911831][T13893] RDX: 0000000000000028 RSI: 0000000020000080 RDI: 000000000000000a [ 1142.919772][T13893] RBP: 00007fb6578f61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1142.927715][T13893] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1142.935657][T13893] R13: 00007ffcefb3e19f R14: 00007fb6578f6300 R15: 0000000000022000 [ 1142.952698][T13883] loop3: p1 p3 < > p4 < p5 > [ 1142.958251][T13883] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1142.976852][T13883] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1143.006451][T13887] loop2: p1 p3 < > p4 < p5 > [ 1143.015025][T13887] loop2: p1 start 44171264 is beyond EOD, truncated [ 1143.024066][T13887] loop2: p5 start 44171264 is beyond EOD, truncated 01:03:41 executing program 1 (fault-call:6 fault-nth:73): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) [ 1143.122813][T13882] print_req_error: 70 callbacks suppressed [ 1143.122825][T13882] blk_update_request: I/O error, dev loop2, sector 9 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 1143.129679][T13895] blk_update_request: I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 1143.149560][T13887] __loop_clr_fd: partition scan of loop2 failed (rc=-16) 01:03:41 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000a00ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1143.168093][ T119] blk_update_request: I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1143.179105][ T119] buffer_io_error: 62 callbacks suppressed [ 1143.179114][ T119] Buffer I/O error on dev loop2p4, logical block 0, async page read [ 1143.194127][ T119] blk_update_request: I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1143.205032][ T119] Buffer I/O error on dev loop2p4, logical block 0, async page read [ 1143.214191][ T119] blk_update_request: I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1143.224485][T13901] FAULT_INJECTION: forcing a failure. [ 1143.224485][T13901] name failslab, interval 1, probability 0, space 0, times 0 [ 1143.225234][ T119] Buffer I/O error on dev loop2p4, logical block 0, async page read [ 1143.237658][T13901] CPU: 0 PID: 13901 Comm: syz-executor.1 Not tainted 5.4.125-syzkaller-00004-gfe8243e7f1d1 #0 [ 1143.237669][T13901] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1143.247188][ T119] blk_update_request: I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1143.255865][T13901] Call Trace: [ 1143.255885][T13901] dump_stack+0x1d8/0x24e [ 1143.255894][T13901] ? devkmsg_release+0x11c/0x11c [ 1143.255903][T13901] ? show_regs_print_info+0x12/0x12 [ 1143.255915][T13901] should_fail+0x6f6/0x860 [ 1143.255929][T13901] ? setup_fault_attr+0x3d0/0x3d0 [ 1143.266159][ T119] Buffer I/O error on dev loop2p4, logical block 0, async page read [ 1143.276778][T13901] ? __rcu_read_lock+0x50/0x50 [ 1143.276791][T13901] ? ip_tunnel_xmit+0x1703/0x20e0 [ 1143.276800][T13901] should_failslab+0x5/0x20 [ 1143.276810][T13901] __kmalloc_track_caller+0x5d/0x2e0 [ 1143.276824][T13901] ? ip_route_output_flow+0x1f6/0x320 [ 1143.282968][ T119] blk_update_request: I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1143.284385][T13901] ? ip_tunnel_xmit+0x1703/0x20e0 [ 1143.284393][T13901] pskb_expand_head+0x10d/0xfa0 [ 1143.284406][T13901] ? tnl_update_pmtu+0x3c7/0x980 [ 1143.289321][ T119] Buffer I/O error on dev loop2p4, logical block 0, async page read [ 1143.294487][T13901] ip_tunnel_xmit+0x1703/0x20e0 [ 1143.294501][T13901] ? tnl_update_pmtu+0x980/0x980 [ 1143.294510][T13901] ? gre_build_header+0x238/0x780 [ 1143.294518][T13901] ipgre_xmit+0x6db/0x9e0 [ 1143.294531][T13901] xmit_one+0xfa/0x470 [ 1143.300842][ T119] blk_update_request: I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1143.303922][T13901] __dev_queue_xmit+0x14ec/0x2e50 [ 1143.303938][T13901] ? dev_queue_xmit+0x20/0x20 [ 1143.311904][ T119] Buffer I/O error on dev loop2p4, logical block 0, async page read 01:03:41 executing program 0: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x10000000013, &(0x7f0000000000)=0x2000000000000001, 0x4) openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040), 0x4800, 0x0) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000180)='ip6gre0\x00', 0x10) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x2, &(0x7f0000000200)=0x7fff, 0x4) connect$inet(r3, &(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f0000000300)={0x0, 0xcbf, 0x80000001}, 0x14) write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x140006, 0x0) bind(0xffffffffffffffff, &(0x7f0000000940)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0}, &(0x7f0000000140)=0x14) setsockopt$XDP_UMEM_COMPLETION_RING(0xffffffffffffffff, 0x11b, 0x6, &(0x7f00000001c0)=0x400, 0x4) bind$xdp(0xffffffffffffffff, &(0x7f0000000900)={0x2c, 0x0, r5}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x2, &(0x7f0000000080)=@raw=[@ldst={0x1, 0xbed22c3308b199d5, 0x3, 0x4, 0x0, 0x80, 0x10}, @exit], &(0x7f0000000140)='syzkaller\x00', 0x9, 0x6c, &(0x7f0000000240)=""/108, 0x40e00, 0x12, '\x00', r5, 0x14, 0xffffffffffffffff, 0x8, &(0x7f00000001c0)={0x4, 0x1}, 0x8, 0x10, &(0x7f00000002c0)={0x1, 0x5, 0x7dd6, 0x80}, 0x10, 0xffffffffffffffff}, 0x78) [ 1143.316626][T13901] ? check_preemption_disabled+0x9e/0x330 [ 1143.321894][ T119] blk_update_request: I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1143.326098][T13901] ? skb_release_data+0x346/0x6b0 [ 1143.326107][T13901] ? debug_smp_processor_id+0x20/0x20 [ 1143.326120][T13901] ? bpf_clone_redirect+0x10e/0x350 [ 1143.331409][ T119] Buffer I/O error on dev loop2p4, logical block 0, async page read [ 1143.336717][T13901] __bpf_redirect+0x728/0xd00 [ 1143.351065][ T119] blk_update_request: I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1143.352559][T13901] bpf_clone_redirect+0x243/0x350 [ 1143.352572][T13901] bpf_prog_801cabf80fc815cd+0x6c6/0x1000 [ 1143.357403][ T119] Buffer I/O error on dev loop2p4, logical block 0, async page read [ 1143.362309][T13901] ? __schedule+0x9b8/0x1170 [ 1143.362319][T13901] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 1143.362329][T13901] ? rcu_preempt_deferred_qs_irqrestore+0x701/0xae0 [ 1143.362343][T13901] ? __rcu_read_unlock+0x1cd/0x6a0 [ 1143.370871][ T119] Buffer I/O error on dev loop2p4, logical block 0, async page read [ 1143.375198][T13901] ? __rcu_read_lock+0x50/0x50 [ 1143.375209][T13901] ? ktime_get+0xfd/0x130 [ 1143.375221][T13901] bpf_test_run+0x288/0x680 [ 1143.382421][ T119] Buffer I/O error on dev loop2p3, logical block 0, async page read [ 1143.385130][T13901] ? kzalloc+0x20/0x20 [ 1143.385144][T13901] ? build_skb+0x24c/0x440 [ 1143.556344][T13901] bpf_prog_test_run_skb+0x84d/0x1130 [ 1143.561712][T13901] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1143.567518][T13901] ? fput_many+0x42/0x1a0 [ 1143.571835][T13901] ? __bpf_prog_get+0x29f/0x310 [ 1143.576671][T13901] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1143.582467][T13901] __do_sys_bpf+0x2d28/0xbe70 [ 1143.587240][T13901] ? _kstrtoull+0x390/0x490 [ 1143.591755][T13901] ? kstrtouint_from_user+0x20f/0x2a0 [ 1143.597118][T13901] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 1143.603267][T13901] ? __bpf_prog_put_rcu+0x300/0x300 [ 1143.608452][T13901] ? refcount_inc_checked+0x50/0x50 [ 1143.613623][T13901] ? memcg_check_events+0x5c/0x5b0 [ 1143.618733][T13901] ? proc_fail_nth_write+0x1d5/0x240 [ 1143.624001][T13901] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1143.629168][T13901] ? __lru_cache_add+0x1c4/0x210 [ 1143.634264][T13901] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1143.639432][T13901] ? memset+0x1f/0x40 [ 1143.643492][T13901] ? fsnotify+0x1332/0x13f0 [ 1143.647989][T13901] ? __kernel_write+0x340/0x340 [ 1143.652989][T13901] ? check_preemption_disabled+0x9e/0x330 [ 1143.658685][T13901] ? debug_smp_processor_id+0x20/0x20 [ 1143.664030][T13901] ? __fsnotify_parent+0x310/0x310 [ 1143.669115][T13901] ? __sb_end_write+0xb5/0x100 [ 1143.673852][T13901] ? vfs_write+0x422/0x4e0 [ 1143.678261][T13901] ? fput_many+0x42/0x1a0 [ 1143.682578][T13901] ? check_preemption_disabled+0x154/0x330 [ 1143.688361][T13901] do_syscall_64+0xcb/0x1e0 [ 1143.692840][T13901] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1143.698703][T13901] RIP: 0033:0x4665e9 [ 1143.702586][T13901] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1143.722768][T13901] RSP: 002b:00007fb6578f6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1143.731149][T13901] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665e9 [ 1143.739094][T13901] RDX: 0000000000000028 RSI: 0000000020000080 RDI: 000000000000000a [ 1143.747065][T13901] RBP: 00007fb6578f61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1143.755007][T13901] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1143.763906][T13901] R13: 00007ffcefb3e19f R14: 00007fb6578f6300 R15: 0000000000022000 [ 1143.790570][ T148] loop3: p1 p3 < > p4 < p5 > [ 1143.799886][ T148] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1143.817430][ T148] loop3: p5 size 11290111 extends beyond EOD, truncated 01:03:42 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a00b002ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1143.864070][T13883] loop_reread_partitions: partition scan of loop3 () failed (rc=-16) [ 1143.872524][T13911] loop5: p1 p3 < > p4 < p5 > [ 1143.879056][T13911] loop5: p1 start 655360 is beyond EOD, truncated [ 1143.888109][T13911] loop5: p5 start 655360 is beyond EOD, truncated 01:03:42 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9000fff0a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1143.911684][T13914] loop2: p1 p3 < > p4 < p5 > [ 1143.916592][T13914] loop2: p1 start 45088768 is beyond EOD, truncated [ 1143.925798][T13914] loop2: p5 start 45088768 is beyond EOD, truncated 01:03:42 executing program 1 (fault-call:6 fault-nth:74): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) [ 1143.965657][ T148] loop2: p1 p3 < > p4 < p5 > [ 1143.972562][ T148] loop2: p1 start 45088768 is beyond EOD, truncated [ 1143.979957][ T148] loop2: p5 start 45088768 is beyond EOD, truncated [ 1144.040457][T13921] FAULT_INJECTION: forcing a failure. [ 1144.040457][T13921] name failslab, interval 1, probability 0, space 0, times 0 [ 1144.053319][T13921] CPU: 0 PID: 13921 Comm: syz-executor.1 Not tainted 5.4.125-syzkaller-00004-gfe8243e7f1d1 #0 [ 1144.063713][T13921] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1144.073753][T13921] Call Trace: [ 1144.077034][T13921] dump_stack+0x1d8/0x24e [ 1144.081352][T13921] ? devkmsg_release+0x11c/0x11c [ 1144.086275][T13921] ? show_regs_print_info+0x12/0x12 [ 1144.091464][T13921] ? memset+0x1f/0x40 [ 1144.095432][T13921] ? unwind_next_frame+0x1f0a/0x27b0 [ 1144.100699][T13921] should_fail+0x6f6/0x860 [ 1144.105103][T13921] ? setup_fault_attr+0x3d0/0x3d0 [ 1144.110112][T13921] ? dst_alloc+0x137/0x4e0 [ 1144.114601][T13921] should_failslab+0x5/0x20 [ 1144.119085][T13921] kmem_cache_alloc+0x36/0x290 [ 1144.123834][T13921] dst_alloc+0x137/0x4e0 [ 1144.128096][T13921] __mkroute_output+0x9e4/0x1430 [ 1144.133051][T13921] ? __siphash_aligned+0x1d1/0x320 [ 1144.138257][T13921] ? ip_route_output_key_hash_rcu+0xf90/0xf90 [ 1144.144310][T13921] ? ip_route_output_key_hash_rcu+0x41b/0xf90 [ 1144.150547][T13921] ip_route_output_flow+0x13d/0x320 [ 1144.155749][T13921] ? ipv4_sk_update_pmtu+0x1e00/0x1e00 [ 1144.161194][T13921] ? debug_smp_processor_id+0x20/0x20 [ 1144.166558][T13921] ip_tunnel_xmit+0xa00/0x20e0 [ 1144.171314][T13921] ? ip_tunnel_xmit+0x1b1/0x20e0 [ 1144.176245][T13921] ? tnl_update_pmtu+0x980/0x980 [ 1144.181180][T13921] ? gre_build_header+0x238/0x780 [ 1144.186191][T13921] ipgre_xmit+0x6db/0x9e0 [ 1144.190507][T13921] xmit_one+0xfa/0x470 [ 1144.194565][T13921] __dev_queue_xmit+0x14ec/0x2e50 [ 1144.199577][T13921] ? dev_queue_xmit+0x20/0x20 [ 1144.204249][T13921] ? check_preemption_disabled+0x9e/0x330 [ 1144.209951][T13921] ? skb_release_data+0x346/0x6b0 [ 1144.214946][T13921] ? debug_smp_processor_id+0x20/0x20 [ 1144.220286][T13921] ? bpf_clone_redirect+0x10e/0x350 [ 1144.225452][T13921] __bpf_redirect+0x728/0xd00 [ 1144.230102][T13921] bpf_clone_redirect+0x243/0x350 [ 1144.235106][T13921] bpf_prog_801cabf80fc815cd+0xc0/0x1000 [ 1144.240890][T13921] ? __schedule+0x9b8/0x1170 [ 1144.245451][T13921] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 1144.251487][T13921] ? rcu_preempt_deferred_qs_irqrestore+0x701/0xae0 [ 1144.258044][T13921] ? __rcu_read_unlock+0x1cd/0x6a0 [ 1144.263125][T13921] ? __rcu_read_lock+0x50/0x50 [ 1144.267869][T13921] ? ktime_get+0xfd/0x130 [ 1144.272169][T13921] bpf_test_run+0x288/0x680 [ 1144.276643][T13921] ? kzalloc+0x20/0x20 [ 1144.280697][T13921] ? build_skb+0x24c/0x440 [ 1144.285083][T13921] bpf_prog_test_run_skb+0x84d/0x1130 [ 1144.290517][T13921] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1144.296290][T13921] ? fput_many+0x42/0x1a0 [ 1144.300598][T13921] ? __bpf_prog_get+0x29f/0x310 [ 1144.305513][T13921] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1144.311291][T13921] __do_sys_bpf+0x2d28/0xbe70 [ 1144.315938][T13921] ? _kstrtoull+0x390/0x490 [ 1144.320425][T13921] ? kstrtouint_from_user+0x20f/0x2a0 [ 1144.325766][T13921] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 1144.331887][T13921] ? __bpf_prog_put_rcu+0x300/0x300 [ 1144.337062][T13921] ? refcount_inc_checked+0x50/0x50 [ 1144.342235][T13921] ? memcg_check_events+0x5c/0x5b0 [ 1144.347318][T13921] ? proc_fail_nth_write+0x1d5/0x240 [ 1144.352572][T13921] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1144.357912][T13921] ? __lru_cache_add+0x1c4/0x210 [ 1144.362818][T13921] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1144.367983][T13921] ? memset+0x1f/0x40 [ 1144.371936][T13921] ? fsnotify+0x1332/0x13f0 [ 1144.376410][T13921] ? __kernel_write+0x340/0x340 [ 1144.381318][T13921] ? check_preemption_disabled+0x9e/0x330 [ 1144.387021][T13921] ? debug_smp_processor_id+0x20/0x20 [ 1144.392362][T13921] ? __fsnotify_parent+0x310/0x310 [ 1144.397444][T13921] ? __sb_end_write+0xb5/0x100 [ 1144.402176][T13921] ? vfs_write+0x422/0x4e0 [ 1144.406573][T13921] ? fput_many+0x42/0x1a0 [ 1144.410894][T13921] ? check_preemption_disabled+0x154/0x330 [ 1144.416684][T13921] do_syscall_64+0xcb/0x1e0 [ 1144.421160][T13921] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1144.427021][T13921] RIP: 0033:0x4665e9 [ 1144.430884][T13921] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1144.450467][T13921] RSP: 002b:00007fb6578f6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1144.458865][T13921] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665e9 [ 1144.466830][T13921] RDX: 0000000000000028 RSI: 0000000020000080 RDI: 000000000000000a [ 1144.474870][T13921] RBP: 00007fb6578f61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1144.482816][T13921] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1144.490820][T13921] R13: 00007ffcefb3e19f R14: 00007fb6578f6300 R15: 0000000000022000 [ 1144.502430][T13911] loop5: p1 p3 < > p4 < p5 > [ 1144.507309][T13911] loop5: p1 start 655360 is beyond EOD, truncated [ 1144.521176][T13911] loop5: p5 start 655360 is beyond EOD, truncated [ 1144.544486][T13920] loop3: p1 p3 < > p4 < p5 > [ 1144.549379][T13920] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1144.559356][T13920] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1144.566765][ T1216] Bluetooth: hci0: command 0x1003 tx timeout [ 1144.573964][ T9371] Bluetooth: hci0: sending frame failed (-49) [ 1144.688402][ T148] loop5: p1 p3 < > p4 < p5 > [ 1144.693891][ T148] loop5: p1 start 655360 is beyond EOD, truncated [ 1144.702035][ T148] loop5: p5 start 655360 is beyond EOD, truncated [ 1144.702932][T13920] loop3: p1 p3 < > p4 < p5 > [ 1144.713435][T13920] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1144.721801][T13920] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1146.640652][ T1216] Bluetooth: hci0: command 0x1001 tx timeout [ 1146.646764][ T9371] Bluetooth: hci0: sending frame failed (-49) [ 1148.720482][ T1216] Bluetooth: hci0: command 0x1009 tx timeout 01:03:50 executing program 4: clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0xc0189436, &(0x7f0000000000)=0x30) 01:03:50 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000b00ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:03:50 executing program 0: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x10000000013, &(0x7f0000000000)=0x2000000000000001, 0x4) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000180)='ip6gre0\x00', 0x10) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x2, &(0x7f0000000200)=0x7fff, 0x4) connect$inet(r3, &(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) open(&(0x7f0000000040)='./file0\x00', 0x1, 0x148) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f0000000300)={0x0, 0xcbf, 0x80000001}, 0x14) write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x140006, 0x0) 01:03:50 executing program 1 (fault-call:6 fault-nth:75): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) 01:03:50 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a00d002ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:03:50 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9400fff0a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1152.755456][T13027] Bluetooth: hci0: Frame reassembly failed (-84) [ 1152.775362][T13934] loop2: p1 p3 < > p4 < p5 > [ 1152.780564][T13934] loop2: p1 start 47185920 is beyond EOD, truncated [ 1152.788643][T13934] loop2: p5 start 47185920 is beyond EOD, truncated [ 1152.802917][T13947] FAULT_INJECTION: forcing a failure. [ 1152.802917][T13947] name failslab, interval 1, probability 0, space 0, times 0 [ 1152.815676][T13947] CPU: 0 PID: 13947 Comm: syz-executor.1 Not tainted 5.4.125-syzkaller-00004-gfe8243e7f1d1 #0 [ 1152.826075][T13947] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1152.836124][T13947] Call Trace: [ 1152.839422][T13947] dump_stack+0x1d8/0x24e [ 1152.843745][T13947] ? devkmsg_release+0x11c/0x11c [ 1152.848944][T13947] ? show_regs_print_info+0x12/0x12 [ 1152.854139][T13947] should_fail+0x6f6/0x860 [ 1152.858649][T13947] ? setup_fault_attr+0x3d0/0x3d0 [ 1152.863751][T13947] ? skb_release_data+0x346/0x6b0 [ 1152.868871][T13947] ? debug_smp_processor_id+0x20/0x20 [ 1152.874231][T13947] ? bpf_clone_redirect+0x10e/0x350 [ 1152.879415][T13947] ? skb_clone+0x1b2/0x360 [ 1152.883822][T13947] should_failslab+0x5/0x20 [ 1152.888371][T13947] kmem_cache_alloc+0x36/0x290 [ 1152.893213][T13947] ? __bpf_redirect+0x736/0xd00 [ 1152.898057][T13947] skb_clone+0x1b2/0x360 [ 1152.902293][T13947] bpf_clone_redirect+0xa2/0x350 [ 1152.907224][T13947] bpf_prog_801cabf80fc815cd+0x9b6/0x1000 [ 1152.913028][T13947] ? __schedule+0x9b8/0x1170 [ 1152.917606][T13947] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 1152.923495][T13947] ? rcu_preempt_deferred_qs_irqrestore+0x701/0xae0 [ 1152.930081][T13947] ? __rcu_read_unlock+0x1cd/0x6a0 [ 1152.935360][T13947] ? __rcu_read_lock+0x50/0x50 [ 1152.940125][T13947] ? ktime_get+0xfd/0x130 [ 1152.944445][T13947] bpf_test_run+0x288/0x680 [ 1152.948945][T13947] ? kzalloc+0x20/0x20 [ 1152.953006][T13947] ? build_skb+0x24c/0x440 [ 1152.957412][T13947] bpf_prog_test_run_skb+0x84d/0x1130 [ 1152.962784][T13947] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1152.968614][T13947] ? fput_many+0x42/0x1a0 [ 1152.972969][T13947] ? __bpf_prog_get+0x29f/0x310 [ 1152.977889][T13947] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1152.983675][T13947] __do_sys_bpf+0x2d28/0xbe70 [ 1152.988602][T13947] ? _kstrtoull+0x390/0x490 [ 1152.993083][T13947] ? kstrtouint_from_user+0x20f/0x2a0 [ 1152.998444][T13947] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 1153.004571][T13947] ? __bpf_prog_put_rcu+0x300/0x300 [ 1153.009742][T13947] ? refcount_inc_checked+0x50/0x50 [ 1153.014917][T13947] ? memcg_check_events+0x5c/0x5b0 [ 1153.020003][T13947] ? proc_fail_nth_write+0x1d5/0x240 [ 1153.025298][T13947] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1153.030469][T13947] ? __lru_cache_add+0x1c4/0x210 [ 1153.035383][T13947] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1153.040563][T13947] ? memset+0x1f/0x40 [ 1153.044609][T13947] ? fsnotify+0x1332/0x13f0 [ 1153.049173][T13947] ? __kernel_write+0x340/0x340 [ 1153.054020][T13947] ? check_preemption_disabled+0x9e/0x330 [ 1153.059816][T13947] ? debug_smp_processor_id+0x20/0x20 [ 1153.065170][T13947] ? __fsnotify_parent+0x310/0x310 [ 1153.070262][T13947] ? __sb_end_write+0xb5/0x100 [ 1153.075004][T13947] ? vfs_write+0x422/0x4e0 [ 1153.079400][T13947] ? fput_many+0x42/0x1a0 [ 1153.083702][T13947] ? check_preemption_disabled+0x154/0x330 [ 1153.089485][T13947] do_syscall_64+0xcb/0x1e0 [ 1153.093979][T13947] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1153.099842][T13947] RIP: 0033:0x4665e9 [ 1153.103712][T13947] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1153.123292][T13947] RSP: 002b:00007fb6578f6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1153.131681][T13947] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665e9 [ 1153.139627][T13947] RDX: 0000000000000028 RSI: 0000000020000080 RDI: 000000000000000a [ 1153.147577][T13947] RBP: 00007fb6578f61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1153.155521][T13947] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1153.163468][T13947] R13: 00007ffcefb3e19f R14: 00007fb6578f6300 R15: 0000000000022000 [ 1153.196166][T13936] loop3: p1 p3 < > p4 < p5 > 01:03:51 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a00f002ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1153.201345][T13936] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1153.212553][T13936] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1153.225372][T13940] loop5: p1 p3 < > p4 < p5 > [ 1153.244325][T13940] loop5: p1 start 720896 is beyond EOD, truncated [ 1153.265318][T13940] loop5: p5 start 720896 is beyond EOD, truncated 01:03:51 executing program 1 (fault-call:6 fault-nth:76): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) [ 1153.445011][T13955] print_req_error: 10 callbacks suppressed [ 1153.445023][T13955] blk_update_request: I/O error, dev loop5, sector 9 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 1153.466407][T13956] blk_update_request: I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 1153.478626][T13950] loop2: p1 p3 < > p4 < p5 > [ 1153.478827][T13940] __loop_clr_fd: partition scan of loop5 failed (rc=-16) [ 1153.485320][T13950] loop2: p1 start 49283072 is beyond EOD, truncated [ 1153.491815][ T95] blk_update_request: I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1153.497274][T13936] loop3: p1 p3 < > p4 < p5 > [ 1153.508421][ T95] buffer_io_error: 8 callbacks suppressed [ 1153.508428][ T95] Buffer I/O error on dev loop5p4, logical block 0, async page read [ 1153.528067][T13950] loop2: p5 start 49283072 is beyond EOD, truncated [ 1153.529531][ T119] blk_update_request: I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1153.540964][T13960] FAULT_INJECTION: forcing a failure. [ 1153.540964][T13960] name failslab, interval 1, probability 0, space 0, times 0 [ 1153.546175][ T119] Buffer I/O error on dev loop5p4, logical block 0, async page read [ 1153.558632][T13960] CPU: 0 PID: 13960 Comm: syz-executor.1 Not tainted 5.4.125-syzkaller-00004-gfe8243e7f1d1 #0 [ 1153.558638][T13960] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1153.558641][T13960] Call Trace: [ 1153.558657][T13960] dump_stack+0x1d8/0x24e [ 1153.558668][T13960] ? devkmsg_release+0x11c/0x11c [ 1153.558678][T13960] ? show_regs_print_info+0x12/0x12 [ 1153.558689][T13960] should_fail+0x6f6/0x860 [ 1153.558703][T13960] ? setup_fault_attr+0x3d0/0x3d0 [ 1153.577949][T13936] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1153.587225][T13960] ? __copy_skb_header+0x421/0x550 [ 1153.587235][T13960] ? bpf_clone_redirect+0x10e/0x350 [ 1153.587244][T13960] should_failslab+0x5/0x20 [ 1153.587253][T13960] __kmalloc_track_caller+0x5d/0x2e0 [ 1153.587262][T13960] ? bpf_clone_redirect+0x10e/0x350 [ 1153.587268][T13960] pskb_expand_head+0x10d/0xfa0 [ 1153.587282][T13960] ? skb_ensure_writable+0x2ab/0x420 [ 1153.647986][T13936] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1153.648451][T13960] bpf_clone_redirect+0x10e/0x350 [ 1153.648465][T13960] bpf_prog_801cabf80fc815cd+0xd6/0x1000 [ 1153.676487][T13960] ? __schedule+0x9b8/0x1170 [ 1153.681069][T13960] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 1153.686955][T13960] ? rcu_preempt_deferred_qs_irqrestore+0x701/0xae0 [ 1153.693998][T13960] ? __rcu_read_unlock+0x1cd/0x6a0 [ 1153.699274][T13960] ? __rcu_read_lock+0x50/0x50 [ 1153.704028][T13960] ? ktime_get+0xfd/0x130 [ 1153.708439][T13960] bpf_test_run+0x288/0x680 [ 1153.712937][T13960] ? kzalloc+0x20/0x20 [ 1153.717001][T13960] ? build_skb+0x24c/0x440 [ 1153.721489][T13960] bpf_prog_test_run_skb+0x84d/0x1130 [ 1153.726866][T13960] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1153.732662][T13960] ? fput_many+0x42/0x1a0 [ 1153.737024][T13960] ? __bpf_prog_get+0x29f/0x310 [ 1153.741869][T13960] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1153.747676][T13960] __do_sys_bpf+0x2d28/0xbe70 [ 1153.752339][T13960] ? _kstrtoull+0x390/0x490 [ 1153.756838][T13960] ? kstrtouint_from_user+0x20f/0x2a0 [ 1153.762212][T13960] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 1153.768360][T13960] ? __bpf_prog_put_rcu+0x300/0x300 [ 1153.773548][T13960] ? refcount_inc_checked+0x50/0x50 [ 1153.778738][T13960] ? memcg_check_events+0x5c/0x5b0 [ 1153.783837][T13960] ? proc_fail_nth_write+0x1d5/0x240 [ 1153.789116][T13960] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1153.794292][T13960] ? __lru_cache_add+0x1c4/0x210 [ 1153.799205][T13960] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1153.804374][T13960] ? memset+0x1f/0x40 [ 1153.808325][T13960] ? fsnotify+0x1332/0x13f0 [ 1153.812806][T13960] ? __kernel_write+0x340/0x340 [ 1153.817629][T13960] ? check_preemption_disabled+0x9e/0x330 [ 1153.823317][T13960] ? debug_smp_processor_id+0x20/0x20 [ 1153.828668][T13960] ? __fsnotify_parent+0x310/0x310 [ 1153.833749][T13960] ? __sb_end_write+0xb5/0x100 [ 1153.838573][T13960] ? vfs_write+0x422/0x4e0 [ 1153.842962][T13960] ? fput_many+0x42/0x1a0 [ 1153.847262][T13960] ? check_preemption_disabled+0x154/0x330 [ 1153.853041][T13960] do_syscall_64+0xcb/0x1e0 [ 1153.857515][T13960] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1153.863383][T13960] RIP: 0033:0x4665e9 [ 1153.867249][T13960] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1153.886933][T13960] RSP: 002b:00007fb6578f6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 01:03:52 executing program 0: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket$inet_udp(0x2, 0x2, 0x0) close(r1) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r2, 0x6, 0x10000000013, &(0x7f0000000000)=0x2000000000000001, 0x4) setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000180)='ip6gre0\x00', 0x10) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r3, 0x0) preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet_tcp_int(r2, 0x6, 0x2, &(0x7f0000000200)=0x7fff, 0x4) connect$inet(r2, &(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r2, 0x6, 0x1d, &(0x7f0000000300)={0x0, 0xcbf, 0x80000001}, 0x14) write$binfmt_misc(r0, &(0x7f0000000040)=ANY=[], 0xfffffecc) [ 1153.895324][T13960] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665e9 [ 1153.903288][T13960] RDX: 0000000000000028 RSI: 0000000020000080 RDI: 000000000000000a [ 1153.911268][T13960] RBP: 00007fb6578f61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1153.919224][T13960] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1153.927519][T13960] R13: 00007ffcefb3e19f R14: 00007fb6578f6300 R15: 0000000000022000 01:03:52 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000c00ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:03:52 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9800fff0a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1153.970122][T13940] loop_reread_partitions: partition scan of loop5 () failed (rc=-16) 01:03:52 executing program 1 (fault-call:6 fault-nth:77): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) [ 1154.031243][ T148] loop3: p1 p3 < > p4 < p5 > [ 1154.038742][ T148] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1154.053537][ T148] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1154.105628][T13969] loop5: p1 p3 < > p4 < p5 > [ 1154.110548][T13969] loop5: p1 start 786432 is beyond EOD, truncated [ 1154.118409][T13969] loop5: p5 start 786432 is beyond EOD, truncated [ 1154.172860][T13976] FAULT_INJECTION: forcing a failure. [ 1154.172860][T13976] name failslab, interval 1, probability 0, space 0, times 0 [ 1154.185582][T13976] CPU: 1 PID: 13976 Comm: syz-executor.1 Not tainted 5.4.125-syzkaller-00004-gfe8243e7f1d1 #0 [ 1154.195801][T13976] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1154.205842][T13976] Call Trace: [ 1154.209131][T13976] dump_stack+0x1d8/0x24e [ 1154.213451][T13976] ? devkmsg_release+0x11c/0x11c [ 1154.218378][T13976] ? show_regs_print_info+0x12/0x12 [ 1154.223564][T13976] ? memset+0x1f/0x40 [ 1154.227531][T13976] ? unwind_next_frame+0x1f0a/0x27b0 [ 1154.232807][T13976] should_fail+0x6f6/0x860 [ 1154.237212][T13976] ? setup_fault_attr+0x3d0/0x3d0 [ 1154.242222][T13976] ? dst_alloc+0x137/0x4e0 [ 1154.246623][T13976] should_failslab+0x5/0x20 [ 1154.251114][T13976] kmem_cache_alloc+0x36/0x290 [ 1154.255872][T13976] dst_alloc+0x137/0x4e0 [ 1154.260101][T13976] __mkroute_output+0x9e4/0x1430 [ 1154.265050][T13976] ? __siphash_aligned+0x1d1/0x320 [ 1154.270182][T13976] ? ip_route_output_key_hash_rcu+0xf90/0xf90 [ 1154.276235][T13976] ? ip_route_output_key_hash_rcu+0x41b/0xf90 [ 1154.282297][T13976] ip_route_output_flow+0x13d/0x320 [ 1154.287597][T13976] ? ipv4_sk_update_pmtu+0x1e00/0x1e00 [ 1154.293047][T13976] ? debug_smp_processor_id+0x20/0x20 [ 1154.298411][T13976] ip_tunnel_xmit+0xa00/0x20e0 [ 1154.303164][T13976] ? ip_tunnel_xmit+0x1b1/0x20e0 [ 1154.308093][T13976] ? tnl_update_pmtu+0x980/0x980 [ 1154.313023][T13976] ? gre_build_header+0x238/0x780 [ 1154.318031][T13976] ipgre_xmit+0x6db/0x9e0 [ 1154.322345][T13976] xmit_one+0xfa/0x470 [ 1154.326397][T13976] __dev_queue_xmit+0x14ec/0x2e50 [ 1154.331410][T13976] ? dev_queue_xmit+0x20/0x20 [ 1154.336099][T13976] ? check_preemption_disabled+0x9e/0x330 [ 1154.341804][T13976] ? skb_release_data+0x346/0x6b0 [ 1154.346814][T13976] ? debug_smp_processor_id+0x20/0x20 [ 1154.352157][T13976] ? bpf_clone_redirect+0x10e/0x350 [ 1154.357324][T13976] __bpf_redirect+0x728/0xd00 [ 1154.361972][T13976] bpf_clone_redirect+0x243/0x350 [ 1154.366980][T13976] bpf_prog_801cabf80fc815cd+0xfd5/0x1000 [ 1154.372850][T13976] ? __schedule+0x9b8/0x1170 [ 1154.377420][T13976] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 1154.383285][T13976] ? rcu_preempt_deferred_qs_irqrestore+0x701/0xae0 [ 1154.389857][T13976] ? __rcu_read_unlock+0x1cd/0x6a0 [ 1154.394948][T13976] ? __rcu_read_lock+0x50/0x50 [ 1154.399687][T13976] ? ktime_get+0xfd/0x130 [ 1154.403987][T13976] bpf_test_run+0x288/0x680 [ 1154.408461][T13976] ? kzalloc+0x20/0x20 [ 1154.412499][T13976] ? build_skb+0x24c/0x440 [ 1154.416888][T13976] bpf_prog_test_run_skb+0x84d/0x1130 [ 1154.422262][T13976] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1154.428036][T13976] ? fput_many+0x42/0x1a0 [ 1154.432425][T13976] ? __bpf_prog_get+0x29f/0x310 [ 1154.437329][T13976] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1154.443100][T13976] __do_sys_bpf+0x2d28/0xbe70 [ 1154.447746][T13976] ? _kstrtoull+0x390/0x490 [ 1154.452219][T13976] ? kstrtouint_from_user+0x20f/0x2a0 [ 1154.457648][T13976] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 1154.463770][T13976] ? __bpf_prog_put_rcu+0x300/0x300 [ 1154.468937][T13976] ? refcount_inc_checked+0x50/0x50 [ 1154.474126][T13976] ? memcg_check_events+0x5c/0x5b0 [ 1154.479215][T13976] ? proc_fail_nth_write+0x1d5/0x240 [ 1154.484479][T13976] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1154.489648][T13976] ? __lru_cache_add+0x1c4/0x210 [ 1154.494555][T13976] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1154.499721][T13976] ? memset+0x1f/0x40 [ 1154.503672][T13976] ? fsnotify+0x1332/0x13f0 [ 1154.508146][T13976] ? __kernel_write+0x340/0x340 [ 1154.512966][T13976] ? check_preemption_disabled+0x9e/0x330 [ 1154.518653][T13976] ? debug_smp_processor_id+0x20/0x20 [ 1154.524079][T13976] ? __fsnotify_parent+0x310/0x310 [ 1154.529159][T13976] ? __sb_end_write+0xb5/0x100 [ 1154.533893][T13976] ? vfs_write+0x422/0x4e0 [ 1154.538279][T13976] ? fput_many+0x42/0x1a0 [ 1154.542576][T13976] ? check_preemption_disabled+0x154/0x330 [ 1154.548358][T13976] do_syscall_64+0xcb/0x1e0 [ 1154.552831][T13976] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1154.558690][T13976] RIP: 0033:0x4665e9 [ 1154.562555][T13976] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1154.582140][T13976] RSP: 002b:00007fb6578f6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1154.590540][T13976] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665e9 [ 1154.598492][T13976] RDX: 0000000000000028 RSI: 0000000020000080 RDI: 000000000000000a [ 1154.606453][T13976] RBP: 00007fb6578f61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1154.614484][T13976] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1154.622513][T13976] R13: 00007ffcefb3e19f R14: 00007fb6578f6300 R15: 0000000000022000 [ 1154.681032][T13972] loop3: p1 p3 < > p4 < p5 > [ 1154.686167][T13972] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1154.695914][T13972] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1154.721533][T13969] loop5: p1 p3 < > p4 < p5 > [ 1154.726976][T13969] loop5: p1 start 786432 is beyond EOD, truncated [ 1154.735528][ T148] loop3: p1 p3 < > p4 < p5 > [ 1154.740476][ T148] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1154.749563][T13969] loop5: p5 start 786432 is beyond EOD, truncated [ 1154.758162][ T148] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1154.800059][ T372] Bluetooth: hci0: command 0x1003 tx timeout [ 1154.806368][ T9371] Bluetooth: hci0: sending frame failed (-49) [ 1154.945220][T13972] loop3: p1 p3 < > p4 < p5 > [ 1154.950389][T13972] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1154.958515][T13972] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1156.879900][ T1216] Bluetooth: hci0: command 0x1001 tx timeout [ 1156.886066][ T9371] Bluetooth: hci0: sending frame failed (-49) [ 1158.959748][ T1216] Bluetooth: hci0: command 0x1009 tx timeout 01:04:01 executing program 4: clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0xc020660b, &(0x7f0000000000)=0x30) 01:04:01 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000003ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:04:01 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0) prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r0, 0x0) dup2(r0, r0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$BTRFS_IOC_START_SYNC(r0, 0x80089418, &(0x7f0000000040)) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = socket$inet_udp(0x2, 0x2, 0x0) close(r3) r4 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r4, 0x6, 0x10000000013, &(0x7f0000000000)=0x2000000000000001, 0x4) setsockopt$SO_BINDTODEVICE(r4, 0x1, 0x19, &(0x7f0000000180)='ip6gre0\x00', 0x10) r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f00001b5000/0x4000)=nil, 0x4000, 0x1800007, 0x12, r5, 0xffffd000) preadv(r4, &(0x7f0000001400)=[{&(0x7f0000000080)=""/10, 0xa}, {&(0x7f0000000140)=""/40, 0x28}, {&(0x7f0000000240)=""/73, 0x49}, {&(0x7f0000000340)=""/4096, 0x1000}, {&(0x7f0000001340)=""/178, 0xb2}], 0x5, 0xd9f, 0x0) setsockopt$inet_tcp_int(r4, 0x6, 0x2, &(0x7f0000000200)=0x7fff, 0x4) connect$inet(r4, &(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r4, 0x6, 0x1d, &(0x7f0000000300)={0x0, 0xcbf, 0x80000001}, 0x14) write$binfmt_misc(r2, &(0x7f0000000040)=ANY=[], 0xfffffecc) splice(r1, 0x0, r3, 0x0, 0x140006, 0x0) 01:04:01 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000d00ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:04:01 executing program 1 (fault-call:6 fault-nth:78): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) 01:04:01 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9c00fff0a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1162.996840][ T163] Bluetooth: hci0: Frame reassembly failed (-84) [ 1163.025202][T13987] loop3: p1 p3 < > p4 < p5 > [ 1163.032065][T13987] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1163.043945][T13987] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1163.050234][T14000] FAULT_INJECTION: forcing a failure. [ 1163.050234][T14000] name failslab, interval 1, probability 0, space 0, times 0 [ 1163.063698][T14000] CPU: 0 PID: 14000 Comm: syz-executor.1 Not tainted 5.4.125-syzkaller-00004-gfe8243e7f1d1 #0 [ 1163.074017][T14000] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1163.084063][T14000] Call Trace: [ 1163.087351][T14000] dump_stack+0x1d8/0x24e [ 1163.091669][T14000] ? devkmsg_release+0x11c/0x11c [ 1163.096598][T14000] ? show_regs_print_info+0x12/0x12 [ 1163.101791][T14000] should_fail+0x6f6/0x860 [ 1163.106201][T14000] ? setup_fault_attr+0x3d0/0x3d0 [ 1163.111223][T14000] ? __copy_skb_header+0x421/0x550 [ 1163.116347][T14000] ? bpf_clone_redirect+0x10e/0x350 [ 1163.121533][T14000] should_failslab+0x5/0x20 [ 1163.126380][T14000] __kmalloc_track_caller+0x5d/0x2e0 [ 1163.131657][T14000] ? bpf_clone_redirect+0x10e/0x350 [ 1163.136837][T14000] pskb_expand_head+0x10d/0xfa0 [ 1163.141762][T14000] ? skb_ensure_writable+0x2ab/0x420 [ 1163.147120][T14000] bpf_clone_redirect+0x10e/0x350 [ 1163.152135][T14000] bpf_prog_801cabf80fc815cd+0x87f/0x1000 [ 1163.157843][T14000] ? __schedule+0x9b8/0x1170 [ 1163.162421][T14000] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 1163.168435][T14000] ? rcu_preempt_deferred_qs_irqrestore+0x701/0xae0 [ 1163.175020][T14000] ? __rcu_read_unlock+0x1cd/0x6a0 [ 1163.180126][T14000] ? __rcu_read_lock+0x50/0x50 [ 1163.184904][T14000] ? ktime_get+0xfd/0x130 [ 1163.189224][T14000] bpf_test_run+0x288/0x680 [ 1163.193801][T14000] ? kzalloc+0x20/0x20 [ 1163.197955][T14000] ? build_skb+0x24c/0x440 [ 1163.202536][T14000] bpf_prog_test_run_skb+0x84d/0x1130 [ 1163.207918][T14000] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1163.213731][T14000] ? fput_many+0x42/0x1a0 [ 1163.218049][T14000] ? __bpf_prog_get+0x29f/0x310 [ 1163.222882][T14000] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1163.228673][T14000] __do_sys_bpf+0x2d28/0xbe70 [ 1163.233342][T14000] ? _kstrtoull+0x390/0x490 [ 1163.237840][T14000] ? kstrtouint_from_user+0x20f/0x2a0 [ 1163.243197][T14000] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 1163.249345][T14000] ? __bpf_prog_put_rcu+0x300/0x300 [ 1163.254533][T14000] ? refcount_inc_checked+0x50/0x50 [ 1163.259800][T14000] ? memcg_check_events+0x5c/0x5b0 [ 1163.264973][T14000] ? proc_fail_nth_write+0x1d5/0x240 [ 1163.270315][T14000] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1163.275483][T14000] ? __lru_cache_add+0x1c4/0x210 [ 1163.280406][T14000] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1163.285572][T14000] ? memset+0x1f/0x40 [ 1163.289547][T14000] ? fsnotify+0x1332/0x13f0 [ 1163.294029][T14000] ? __kernel_write+0x340/0x340 [ 1163.298947][T14000] ? check_preemption_disabled+0x9e/0x330 [ 1163.304635][T14000] ? debug_smp_processor_id+0x20/0x20 [ 1163.309986][T14000] ? __fsnotify_parent+0x310/0x310 [ 1163.315073][T14000] ? __sb_end_write+0xb5/0x100 [ 1163.319808][T14000] ? vfs_write+0x422/0x4e0 [ 1163.324281][T14000] ? fput_many+0x42/0x1a0 [ 1163.328601][T14000] ? check_preemption_disabled+0x154/0x330 [ 1163.334381][T14000] do_syscall_64+0xcb/0x1e0 [ 1163.338858][T14000] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1163.344718][T14000] RIP: 0033:0x4665e9 [ 1163.348672][T14000] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1163.368766][T14000] RSP: 002b:00007fb6578f6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1163.377582][T14000] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665e9 [ 1163.385527][T14000] RDX: 0000000000000028 RSI: 0000000020000080 RDI: 000000000000000a [ 1163.393559][T14000] RBP: 00007fb6578f61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1163.401515][T14000] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1163.409471][T14000] R13: 00007ffcefb3e19f R14: 00007fb6578f6300 R15: 0000000000022000 [ 1163.474138][T13988] loop5: p1 p3 < > p4 < p5 > [ 1163.479037][T13988] loop5: p1 start 851968 is beyond EOD, truncated [ 1163.486091][T13993] loop2: p1 p3 < > p4 < p5 > [ 1163.487661][T13988] loop5: p5 start 851968 is beyond EOD, truncated [ 1163.492116][T13993] loop2: p1 start 50331648 is beyond EOD, truncated [ 1163.513048][T13993] loop2: p5 start 50331648 is beyond EOD, truncated 01:04:01 executing program 1 (fault-call:6 fault-nth:79): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) 01:04:01 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000204ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1163.637132][T13988] loop5: p1 p3 < > p4 < p5 > [ 1163.642780][T13988] loop5: p1 start 851968 is beyond EOD, truncated [ 1163.653980][T13988] loop5: p5 start 851968 is beyond EOD, truncated [ 1163.663182][T14008] FAULT_INJECTION: forcing a failure. [ 1163.663182][T14008] name failslab, interval 1, probability 0, space 0, times 0 [ 1163.675840][T14008] CPU: 1 PID: 14008 Comm: syz-executor.1 Not tainted 5.4.125-syzkaller-00004-gfe8243e7f1d1 #0 [ 1163.686062][T14008] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1163.696111][T14008] Call Trace: [ 1163.699397][T14008] dump_stack+0x1d8/0x24e [ 1163.703731][T14008] ? devkmsg_release+0x11c/0x11c [ 1163.708658][T14008] ? show_regs_print_info+0x12/0x12 [ 1163.713849][T14008] should_fail+0x6f6/0x860 [ 1163.718344][T14008] ? setup_fault_attr+0x3d0/0x3d0 [ 1163.723359][T14008] ? __copy_skb_header+0x421/0x550 [ 1163.728458][T14008] ? bpf_clone_redirect+0x10e/0x350 [ 1163.733642][T14008] should_failslab+0x5/0x20 [ 1163.738131][T14008] __kmalloc_track_caller+0x5d/0x2e0 [ 1163.743405][T14008] ? bpf_clone_redirect+0x10e/0x350 [ 1163.748592][T14008] pskb_expand_head+0x10d/0xfa0 [ 1163.753429][T14008] ? skb_ensure_writable+0x2ab/0x420 [ 1163.758698][T14008] bpf_clone_redirect+0x10e/0x350 [ 1163.763713][T14008] bpf_prog_801cabf80fc815cd+0x9df/0x1000 [ 1163.769420][T14008] ? __schedule+0x9b8/0x1170 [ 1163.773995][T14008] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 1163.779798][T14008] ? rcu_preempt_deferred_qs_irqrestore+0x701/0xae0 [ 1163.786373][T14008] ? __rcu_read_unlock+0x1cd/0x6a0 [ 1163.791474][T14008] ? __rcu_read_lock+0x50/0x50 [ 1163.796231][T14008] ? ktime_get+0xfd/0x130 [ 1163.800546][T14008] bpf_test_run+0x288/0x680 [ 1163.805132][T14008] ? kzalloc+0x20/0x20 [ 1163.809191][T14008] ? build_skb+0x24c/0x440 [ 1163.813599][T14008] bpf_prog_test_run_skb+0x84d/0x1130 [ 1163.818977][T14008] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1163.824774][T14008] ? fput_many+0x42/0x1a0 [ 1163.829092][T14008] ? __bpf_prog_get+0x29f/0x310 [ 1163.833926][T14008] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1163.839725][T14008] __do_sys_bpf+0x2d28/0xbe70 [ 1163.844391][T14008] ? _kstrtoull+0x390/0x490 [ 1163.848877][T14008] ? kstrtouint_from_user+0x20f/0x2a0 [ 1163.854220][T14008] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 1163.860347][T14008] ? __bpf_prog_put_rcu+0x300/0x300 [ 1163.865774][T14008] ? refcount_inc_checked+0x50/0x50 [ 1163.870966][T14008] ? memcg_check_events+0x5c/0x5b0 [ 1163.876056][T14008] ? proc_fail_nth_write+0x1d5/0x240 [ 1163.881312][T14008] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1163.886479][T14008] ? __lru_cache_add+0x1c4/0x210 [ 1163.891398][T14008] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1163.896565][T14008] ? memset+0x1f/0x40 [ 1163.900516][T14008] ? fsnotify+0x1332/0x13f0 [ 1163.904990][T14008] ? __kernel_write+0x340/0x340 [ 1163.909810][T14008] ? check_preemption_disabled+0x9e/0x330 [ 1163.915497][T14008] ? debug_smp_processor_id+0x20/0x20 [ 1163.920836][T14008] ? __fsnotify_parent+0x310/0x310 [ 1163.925919][T14008] ? __sb_end_write+0xb5/0x100 [ 1163.930655][T14008] ? vfs_write+0x422/0x4e0 [ 1163.935146][T14008] ? fput_many+0x42/0x1a0 [ 1163.939457][T14008] ? check_preemption_disabled+0x154/0x330 [ 1163.945246][T14008] do_syscall_64+0xcb/0x1e0 [ 1163.949721][T14008] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1163.955581][T14008] RIP: 0033:0x4665e9 [ 1163.959445][T14008] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1163.979026][T14008] RSP: 002b:00007fb6578f6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1163.987404][T14008] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665e9 [ 1163.995357][T14008] RDX: 0000000000000028 RSI: 0000000020000080 RDI: 000000000000000a [ 1164.003298][T14008] RBP: 00007fb6578f61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1164.011253][T14008] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1164.019196][T14008] R13: 00007ffcefb3e19f R14: 00007fb6578f6300 R15: 0000000000022000 01:04:02 executing program 0: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x10000000013, &(0x7f0000000000)=0x2000000000000001, 0x4) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000180)='ip6gre0\x00', 0x10) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x2, &(0x7f0000000200)=0x7fff, 0x4) r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r5, 0x0) preadv(r5, &(0x7f0000000280), 0x18, 0xd9f, 0x0) fsetxattr$security_evm(r5, &(0x7f0000000040), &(0x7f0000000240)=@v2={0x0, 0x3, 0xc, 0xffffffff, 0x64, "5d826edc21b0d4c8c00a7de0364cea704f4d0e878cdb0c60b72c198a98f98a7b38411c593674d6810030bdcc59549373c40c7e0fa1950ddf41a73c0e069972c361b94c3c04aeb822d39468c21e60a2ced9dea3aa4502a64cf17f15b7cfaef3393be4d571"}, 0x6d, 0x2) connect$inet(r3, &(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f0000000300)={0x0, 0xcbf, 0x80000001}, 0x14) write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x140006, 0x0) [ 1164.064018][T13987] loop3: p1 p3 < > p4 < p5 > [ 1164.069561][T13987] loop3: p1 size 11290111 extends beyond EOD, truncated 01:04:02 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000e00ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1164.128706][T13987] loop3: p5 size 11290111 extends beyond EOD, truncated 01:04:02 executing program 1 (fault-call:6 fault-nth:80): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) 01:04:02 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a90effff0a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1164.239674][T14015] loop2: p1 p3 < > p4 < p5 > [ 1164.248621][T14015] loop2: p1 start 67239936 is beyond EOD, truncated [ 1164.256719][T14015] loop2: p5 start 67239936 is beyond EOD, truncated [ 1164.297073][T14023] FAULT_INJECTION: forcing a failure. [ 1164.297073][T14023] name failslab, interval 1, probability 0, space 0, times 0 [ 1164.310026][T14023] CPU: 1 PID: 14023 Comm: syz-executor.1 Not tainted 5.4.125-syzkaller-00004-gfe8243e7f1d1 #0 [ 1164.320250][T14023] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1164.330293][T14023] Call Trace: [ 1164.333594][T14023] dump_stack+0x1d8/0x24e [ 1164.337912][T14023] ? devkmsg_release+0x11c/0x11c [ 1164.342866][T14023] ? show_regs_print_info+0x12/0x12 [ 1164.348058][T14023] should_fail+0x6f6/0x860 [ 1164.352463][T14023] ? setup_fault_attr+0x3d0/0x3d0 [ 1164.357475][T14023] ? __copy_skb_header+0x421/0x550 [ 1164.362573][T14023] ? bpf_clone_redirect+0x10e/0x350 [ 1164.367756][T14023] should_failslab+0x5/0x20 [ 1164.372261][T14023] __kmalloc_track_caller+0x5d/0x2e0 [ 1164.377540][T14023] ? bpf_clone_redirect+0x10e/0x350 [ 1164.382722][T14023] pskb_expand_head+0x10d/0xfa0 [ 1164.387556][T14023] ? skb_ensure_writable+0x2ab/0x420 [ 1164.392825][T14023] bpf_clone_redirect+0x10e/0x350 [ 1164.397838][T14023] bpf_prog_801cabf80fc815cd+0x13f/0x1000 [ 1164.403543][T14023] ? __schedule+0x9b8/0x1170 [ 1164.408120][T14023] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 1164.413910][T14023] ? rcu_preempt_deferred_qs_irqrestore+0x701/0xae0 [ 1164.420573][T14023] ? __rcu_read_unlock+0x1cd/0x6a0 [ 1164.425671][T14023] ? __rcu_read_lock+0x50/0x50 [ 1164.430631][T14023] ? ktime_get+0xfd/0x130 [ 1164.434952][T14023] bpf_test_run+0x288/0x680 [ 1164.439616][T14023] ? kzalloc+0x20/0x20 [ 1164.443669][T14023] ? build_skb+0x24c/0x440 [ 1164.448070][T14023] bpf_prog_test_run_skb+0x84d/0x1130 [ 1164.453432][T14023] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1164.459221][T14023] ? fput_many+0x42/0x1a0 [ 1164.463573][T14023] ? __bpf_prog_get+0x29f/0x310 [ 1164.468409][T14023] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1164.474200][T14023] __do_sys_bpf+0x2d28/0xbe70 [ 1164.478863][T14023] ? _kstrtoull+0x390/0x490 [ 1164.483354][T14023] ? kstrtouint_from_user+0x20f/0x2a0 [ 1164.488708][T14023] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 1164.494833][T14023] ? __bpf_prog_put_rcu+0x300/0x300 [ 1164.500000][T14023] ? refcount_inc_checked+0x50/0x50 [ 1164.505177][T14023] ? memcg_check_events+0x5c/0x5b0 [ 1164.510259][T14023] ? proc_fail_nth_write+0x1d5/0x240 [ 1164.515541][T14023] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1164.520720][T14023] ? __lru_cache_add+0x1c4/0x210 [ 1164.525626][T14023] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1164.530844][T14023] ? memset+0x1f/0x40 [ 1164.534804][T14023] ? fsnotify+0x1332/0x13f0 [ 1164.539279][T14023] ? __kernel_write+0x340/0x340 [ 1164.544098][T14023] ? check_preemption_disabled+0x9e/0x330 [ 1164.549787][T14023] ? debug_smp_processor_id+0x20/0x20 [ 1164.555152][T14023] ? __fsnotify_parent+0x310/0x310 [ 1164.560234][T14023] ? __sb_end_write+0xb5/0x100 [ 1164.564963][T14023] ? vfs_write+0x422/0x4e0 [ 1164.569361][T14023] ? fput_many+0x42/0x1a0 [ 1164.573675][T14023] ? check_preemption_disabled+0x154/0x330 [ 1164.579469][T14023] do_syscall_64+0xcb/0x1e0 [ 1164.583955][T14023] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1164.589823][T14023] RIP: 0033:0x4665e9 [ 1164.593691][T14023] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1164.613265][T14023] RSP: 002b:00007fb6578f6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1164.621647][T14023] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665e9 [ 1164.629589][T14023] RDX: 0000000000000028 RSI: 0000000020000080 RDI: 000000000000000a [ 1164.637648][T14023] RBP: 00007fb6578f61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1164.645690][T14023] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1164.653635][T14023] R13: 00007ffcefb3e19f R14: 00007fb6578f6300 R15: 0000000000022000 [ 1164.676713][T14021] loop5: p1 p3 < > p4 < p5 > [ 1164.682851][T14021] loop5: p1 start 917504 is beyond EOD, truncated [ 1164.699001][T14021] loop5: p5 start 917504 is beyond EOD, truncated [ 1164.780626][T13995] blk_update_request: I/O error, dev loop5, sector 22656 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 1164.793927][ T95] blk_update_request: I/O error, dev loop5, sector 22656 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1164.805859][ T95] Buffer I/O error on dev loop5, logical block 2832, async page read [ 1164.836438][T14015] loop2: p1 p3 < > p4 < p5 > [ 1164.841801][T14015] loop2: p1 start 67239936 is beyond EOD, truncated [ 1164.850200][T14015] loop2: p5 start 67239936 is beyond EOD, truncated [ 1165.039361][ T1216] Bluetooth: hci0: command 0x1003 tx timeout [ 1165.045422][ T9371] Bluetooth: hci0: sending frame failed (-49) [ 1165.055245][T14026] loop3: p1 p3 < > p4 < p5 > [ 1165.060207][T14026] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1165.068394][T14026] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1165.114329][T14021] loop5: p1 p3 < > p4 < p5 > [ 1165.133973][T14021] loop5: p1 start 917504 is beyond EOD, truncated [ 1165.144393][T14021] loop5: p5 start 917504 is beyond EOD, truncated [ 1167.119310][ T101] Bluetooth: hci0: command 0x1001 tx timeout [ 1167.125337][ T9371] Bluetooth: hci0: sending frame failed (-49) [ 1169.198997][ T101] Bluetooth: hci0: command 0x1009 tx timeout 01:04:11 executing program 4: clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x2) 01:04:11 executing program 1 (fault-call:6 fault-nth:81): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) 01:04:11 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000604ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:04:11 executing program 0: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x10000000013, &(0x7f0000000000)=0x2000000000000001, 0x4) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000180)='ip6gre0\x00', 0x10) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$EXT4_IOC_GROUP_ADD(r4, 0x40286608, &(0x7f0000000040)={0x80000000, 0x9, 0x0, 0xe0b4, 0x10000, 0x1d9}) setsockopt$inet_tcp_int(r3, 0x6, 0x2, &(0x7f0000000200)=0x7fff, 0x4) connect$inet(r3, &(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f0000000300)={0x0, 0xcbf, 0x80000001}, 0x14) write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x140006, 0x0) 01:04:11 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9c0ffff0a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:04:11 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a001000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1173.226187][T14043] EXT4-fs warning (device sda1): ext4_group_add:1683: No reserved GDT blocks, can't resize [ 1173.240959][T13027] Bluetooth: hci0: Frame reassembly failed (-84) [ 1173.280096][T14039] loop2: p1 p3 < > p4 < p5 > [ 1173.284971][T14039] loop2: p1 start 67502080 is beyond EOD, truncated [ 1173.298250][T14052] FAULT_INJECTION: forcing a failure. [ 1173.298250][T14052] name failslab, interval 1, probability 0, space 0, times 0 [ 1173.310886][T14052] CPU: 1 PID: 14052 Comm: syz-executor.1 Not tainted 5.4.125-syzkaller-00004-gfe8243e7f1d1 #0 [ 1173.321648][T14052] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1173.331691][T14052] Call Trace: [ 1173.334974][T14052] dump_stack+0x1d8/0x24e [ 1173.339295][T14052] ? devkmsg_release+0x11c/0x11c [ 1173.344225][T14052] ? show_regs_print_info+0x12/0x12 [ 1173.349411][T14052] ? memset+0x1f/0x40 [ 1173.353380][T14052] ? unwind_next_frame+0x1f0a/0x27b0 [ 1173.358652][T14052] should_fail+0x6f6/0x860 [ 1173.363063][T14052] ? setup_fault_attr+0x3d0/0x3d0 [ 1173.368121][T14052] ? dst_alloc+0x137/0x4e0 [ 1173.372523][T14052] should_failslab+0x5/0x20 [ 1173.377016][T14052] kmem_cache_alloc+0x36/0x290 [ 1173.381769][T14052] dst_alloc+0x137/0x4e0 [ 1173.386257][T14052] __mkroute_output+0x9e4/0x1430 [ 1173.391182][T14052] ? __siphash_aligned+0x1d1/0x320 [ 1173.396280][T14052] ? ip_route_output_key_hash_rcu+0xf90/0xf90 [ 1173.402332][T14052] ? ip_route_output_key_hash_rcu+0x41b/0xf90 [ 1173.408386][T14052] ip_route_output_flow+0x13d/0x320 [ 1173.413569][T14052] ? ipv4_sk_update_pmtu+0x1e00/0x1e00 [ 1173.419012][T14052] ? debug_smp_processor_id+0x20/0x20 [ 1173.424467][T14052] ip_tunnel_xmit+0xa00/0x20e0 [ 1173.429219][T14052] ? ip_tunnel_xmit+0x1b1/0x20e0 [ 1173.434147][T14052] ? tnl_update_pmtu+0x980/0x980 [ 1173.439072][T14052] ? gre_build_header+0x238/0x780 [ 1173.444080][T14052] ipgre_xmit+0x6db/0x9e0 [ 1173.448395][T14052] xmit_one+0xfa/0x470 [ 1173.452459][T14052] __dev_queue_xmit+0x14ec/0x2e50 [ 1173.457468][T14052] ? dev_queue_xmit+0x20/0x20 [ 1173.462133][T14052] ? check_preemption_disabled+0x9e/0x330 [ 1173.467838][T14052] ? skb_release_data+0x346/0x6b0 [ 1173.472846][T14052] ? debug_smp_processor_id+0x20/0x20 [ 1173.478288][T14052] ? bpf_clone_redirect+0x10e/0x350 [ 1173.483562][T14052] __bpf_redirect+0x728/0xd00 [ 1173.488212][T14052] bpf_clone_redirect+0x243/0x350 [ 1173.493211][T14052] bpf_prog_801cabf80fc815cd+0x54a/0x1000 [ 1173.498902][T14052] ? __schedule+0x9b8/0x1170 [ 1173.503463][T14052] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 1173.509324][T14052] ? rcu_preempt_deferred_qs_irqrestore+0x701/0xae0 [ 1173.515881][T14052] ? __rcu_read_unlock+0x1cd/0x6a0 [ 1173.520965][T14052] ? __rcu_read_lock+0x50/0x50 [ 1173.525701][T14052] ? ktime_get+0xfd/0x130 [ 1173.530004][T14052] bpf_test_run+0x288/0x680 [ 1173.534497][T14052] ? kzalloc+0x20/0x20 [ 1173.538550][T14052] ? build_skb+0x24c/0x440 [ 1173.542952][T14052] bpf_prog_test_run_skb+0x84d/0x1130 [ 1173.548311][T14052] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1173.554095][T14052] ? fput_many+0x42/0x1a0 [ 1173.558395][T14052] ? __bpf_prog_get+0x29f/0x310 [ 1173.563220][T14052] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1173.568995][T14052] __do_sys_bpf+0x2d28/0xbe70 [ 1173.573660][T14052] ? _kstrtoull+0x390/0x490 [ 1173.578131][T14052] ? kstrtouint_from_user+0x20f/0x2a0 [ 1173.583473][T14052] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 1173.589602][T14052] ? __bpf_prog_put_rcu+0x300/0x300 [ 1173.594785][T14052] ? refcount_inc_checked+0x50/0x50 [ 1173.599989][T14052] ? memcg_check_events+0x5c/0x5b0 [ 1173.605082][T14052] ? proc_fail_nth_write+0x1d5/0x240 [ 1173.610339][T14052] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1173.615511][T14052] ? __lru_cache_add+0x1c4/0x210 [ 1173.620420][T14052] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1173.625594][T14052] ? memset+0x1f/0x40 [ 1173.629549][T14052] ? fsnotify+0x1332/0x13f0 [ 1173.634031][T14052] ? __kernel_write+0x340/0x340 [ 1173.638849][T14052] ? check_preemption_disabled+0x9e/0x330 [ 1173.644570][T14052] ? debug_smp_processor_id+0x20/0x20 [ 1173.649922][T14052] ? __fsnotify_parent+0x310/0x310 [ 1173.655018][T14052] ? __sb_end_write+0xb5/0x100 [ 1173.659760][T14052] ? vfs_write+0x422/0x4e0 [ 1173.664162][T14052] ? fput_many+0x42/0x1a0 [ 1173.668478][T14052] ? check_preemption_disabled+0x154/0x330 [ 1173.674281][T14052] do_syscall_64+0xcb/0x1e0 [ 1173.678767][T14052] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1173.684633][T14052] RIP: 0033:0x4665e9 [ 1173.688500][T14052] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1173.708077][T14052] RSP: 002b:00007fb6578f6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1173.716462][T14052] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665e9 [ 1173.724406][T14052] RDX: 0000000000000028 RSI: 0000000020000080 RDI: 000000000000000a [ 1173.732374][T14052] RBP: 00007fb6578f61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1173.740318][T14052] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1173.748448][T14052] R13: 00007ffcefb3e19f R14: 00007fb6578f6300 R15: 0000000000022000 [ 1173.760982][T14039] loop2: p5 start 67502080 is beyond EOD, truncated 01:04:12 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000005ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1173.802921][T14041] loop5: p1 p3 < > p4 < p5 > [ 1173.807984][T14042] loop3: p1 p3 < > p4 < p5 > [ 1173.818386][T14041] loop5: p1 start 1048576 is beyond EOD, truncated [ 1173.819405][T14042] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1173.832098][T14041] loop5: p5 start 1048576 is beyond EOD, truncated [ 1173.851368][T14042] loop3: p5 size 11290111 extends beyond EOD, truncated 01:04:12 executing program 1 (fault-call:6 fault-nth:82): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) [ 1173.995175][T14055] loop2: p1 p3 < > p4 < p5 > [ 1174.008521][T14055] loop2: p1 start 83886080 is beyond EOD, truncated [ 1174.022222][T14042] loop3: p1 p3 < > p4 < p5 > [ 1174.027066][T14042] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1174.043141][T14062] FAULT_INJECTION: forcing a failure. [ 1174.043141][T14062] name failslab, interval 1, probability 0, space 0, times 0 [ 1174.055858][T14062] CPU: 0 PID: 14062 Comm: syz-executor.1 Not tainted 5.4.125-syzkaller-00004-gfe8243e7f1d1 #0 [ 1174.066122][T14064] EXT4-fs warning (device sda1): ext4_group_add:1683: No reserved GDT blocks, can't resize [ 1174.066344][T14062] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1174.086368][T14062] Call Trace: [ 1174.089657][T14062] dump_stack+0x1d8/0x24e [ 1174.093985][T14062] ? devkmsg_release+0x11c/0x11c [ 1174.098913][T14062] ? show_regs_print_info+0x12/0x12 [ 1174.104189][T14062] should_fail+0x6f6/0x860 [ 1174.108593][T14062] ? setup_fault_attr+0x3d0/0x3d0 [ 1174.113626][T14062] ? __rcu_read_lock+0x50/0x50 [ 1174.118386][T14062] ? ip_tunnel_xmit+0x1703/0x20e0 [ 1174.123404][T14062] should_failslab+0x5/0x20 [ 1174.127910][T14062] __kmalloc_track_caller+0x5d/0x2e0 [ 1174.133377][T14062] ? ip_route_output_flow+0x1f6/0x320 [ 1174.138804][T14062] ? ip_tunnel_xmit+0x1703/0x20e0 [ 1174.143813][T14062] pskb_expand_head+0x10d/0xfa0 [ 1174.148654][T14062] ? tnl_update_pmtu+0x3c7/0x980 [ 1174.153579][T14062] ip_tunnel_xmit+0x1703/0x20e0 [ 1174.158422][T14062] ? tnl_update_pmtu+0x980/0x980 [ 1174.163348][T14062] ? gre_build_header+0x238/0x780 [ 1174.168357][T14062] ipgre_xmit+0x6db/0x9e0 [ 1174.172691][T14062] xmit_one+0xfa/0x470 [ 1174.176747][T14062] __dev_queue_xmit+0x14ec/0x2e50 [ 1174.181762][T14062] ? dev_queue_xmit+0x20/0x20 [ 1174.186437][T14062] ? check_preemption_disabled+0x9e/0x330 [ 1174.192143][T14062] ? skb_release_data+0x346/0x6b0 [ 1174.197149][T14062] ? debug_smp_processor_id+0x20/0x20 [ 1174.202691][T14062] ? bpf_clone_redirect+0x10e/0x350 [ 1174.207871][T14062] __bpf_redirect+0x728/0xd00 [ 1174.212537][T14062] bpf_clone_redirect+0x243/0x350 [ 1174.217548][T14062] bpf_prog_801cabf80fc815cd+0x421/0x1000 [ 1174.223255][T14062] ? __kasan_kmalloc+0x1a3/0x1e0 [ 1174.228178][T14062] ? __kasan_kmalloc+0x137/0x1e0 [ 1174.233095][T14062] ? kmem_cache_alloc+0x115/0x290 [ 1174.238089][T14062] ? build_skb+0x27/0x440 [ 1174.242568][T14062] ? bpf_prog_test_run_skb+0x419/0x1130 [ 1174.248080][T14062] ? __do_sys_bpf+0x2d28/0xbe70 [ 1174.252900][T14062] ? do_syscall_64+0xcb/0x1e0 [ 1174.257546][T14062] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1174.263590][T14062] ? ktime_get+0xfd/0x130 [ 1174.267921][T14062] bpf_test_run+0x288/0x680 [ 1174.272396][T14062] ? kzalloc+0x20/0x20 [ 1174.276436][T14062] ? build_skb+0x24c/0x440 [ 1174.280822][T14062] bpf_prog_test_run_skb+0x84d/0x1130 [ 1174.286165][T14062] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1174.291939][T14062] ? fput_many+0x42/0x1a0 [ 1174.296242][T14062] ? __bpf_prog_get+0x29f/0x310 [ 1174.301182][T14062] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1174.306956][T14062] __do_sys_bpf+0x2d28/0xbe70 [ 1174.311602][T14062] ? _kstrtoull+0x390/0x490 [ 1174.316180][T14062] ? kstrtouint_from_user+0x20f/0x2a0 [ 1174.321537][T14062] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 1174.327744][T14062] ? __bpf_prog_put_rcu+0x300/0x300 [ 1174.332998][T14062] ? refcount_inc_checked+0x50/0x50 [ 1174.338175][T14062] ? memcg_check_events+0x5c/0x5b0 [ 1174.343271][T14062] ? proc_fail_nth_write+0x1d5/0x240 [ 1174.348532][T14062] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1174.353701][T14062] ? __lru_cache_add+0x1c4/0x210 [ 1174.358610][T14062] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1174.363780][T14062] ? memset+0x1f/0x40 [ 1174.367995][T14062] ? fsnotify+0x1332/0x13f0 [ 1174.372556][T14062] ? __kernel_write+0x340/0x340 [ 1174.377377][T14062] ? check_preemption_disabled+0x9e/0x330 [ 1174.383081][T14062] ? debug_smp_processor_id+0x20/0x20 [ 1174.388423][T14062] ? __fsnotify_parent+0x310/0x310 [ 1174.393598][T14062] ? __sb_end_write+0xb5/0x100 [ 1174.398334][T14062] ? vfs_write+0x422/0x4e0 [ 1174.402721][T14062] ? fput_many+0x42/0x1a0 [ 1174.407022][T14062] ? check_preemption_disabled+0x154/0x330 [ 1174.412803][T14062] do_syscall_64+0xcb/0x1e0 [ 1174.417281][T14062] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1174.423148][T14062] RIP: 0033:0x4665e9 [ 1174.427035][T14062] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1174.446708][T14062] RSP: 002b:00007fb6578f6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1174.455086][T14062] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665e9 [ 1174.463030][T14062] RDX: 0000000000000028 RSI: 0000000020000080 RDI: 000000000000000a [ 1174.471234][T14062] RBP: 00007fb6578f61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1174.479192][T14062] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1174.487162][T14062] R13: 00007ffcefb3e19f R14: 00007fb6578f6300 R15: 0000000000022000 01:04:12 executing program 0: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x10000000013, &(0x7f0000000000)=0x2000000000000001, 0x4) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000180)='ip6gre0\x00', 0x10) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x2, &(0x7f0000000200)=0x7fff, 0x4) connect$inet(r3, &(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f0000000300)={0x0, 0xcbf, 0x80000001}, 0x14) write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0xfffffecc) splice(r0, 0x0, r0, 0x0, 0x140006, 0x0) [ 1174.498121][T14042] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1174.506232][T14055] loop2: p5 start 83886080 is beyond EOD, truncated 01:04:12 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff0e000a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1174.539166][T14041] loop5: p1 p3 < > p4 < p5 > [ 1174.550647][T14041] loop5: p1 start 1048576 is beyond EOD, truncated [ 1174.585064][T14041] loop5: p5 start 1048576 is beyond EOD, truncated 01:04:12 executing program 1 (fault-call:6 fault-nth:83): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) [ 1174.659250][ T148] loop5: p1 p3 < > p4 < p5 > [ 1174.664019][ T148] loop5: p1 start 1048576 is beyond EOD, truncated [ 1174.672592][ T148] loop5: p5 start 1048576 is beyond EOD, truncated 01:04:12 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a001100ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1174.709100][T14071] loop3: p1 p3 < > p4 < p5 > [ 1174.714156][T14071] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1174.724721][T14071] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1174.758301][T14076] FAULT_INJECTION: forcing a failure. [ 1174.758301][T14076] name failslab, interval 1, probability 0, space 0, times 0 [ 1174.770975][T14076] CPU: 1 PID: 14076 Comm: syz-executor.1 Not tainted 5.4.125-syzkaller-00004-gfe8243e7f1d1 #0 [ 1174.781898][T14076] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1174.791951][T14076] Call Trace: [ 1174.795324][T14076] dump_stack+0x1d8/0x24e [ 1174.799646][T14076] ? devkmsg_release+0x11c/0x11c [ 1174.804581][T14076] ? show_regs_print_info+0x12/0x12 [ 1174.809810][T14076] ? check_preemption_disabled+0x9e/0x330 [ 1174.815706][T14076] should_fail+0x6f6/0x860 [ 1174.820295][T14076] ? setup_fault_attr+0x3d0/0x3d0 [ 1174.825317][T14076] ? check_preemption_disabled+0x9e/0x330 [ 1174.831026][T14076] ? skb_clone+0x1b2/0x360 [ 1174.835442][T14076] should_failslab+0x5/0x20 [ 1174.839932][T14076] kmem_cache_alloc+0x36/0x290 [ 1174.844696][T14076] skb_clone+0x1b2/0x360 [ 1174.848931][T14076] bpf_clone_redirect+0xa2/0x350 [ 1174.854081][T14076] ? switch_mm+0x100/0x100 [ 1174.858689][T14076] ? _raw_spin_unlock_irq+0x4a/0x60 [ 1174.863878][T14076] bpf_prog_801cabf80fc815cd+0xf16/0x1000 [ 1174.869592][T14076] ? __schedule+0x9b8/0x1170 [ 1174.874170][T14076] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 1174.879967][T14076] ? rcu_preempt_deferred_qs_irqrestore+0x701/0xae0 [ 1174.886585][T14076] ? __rcu_read_unlock+0x1cd/0x6a0 [ 1174.891779][T14076] ? __rcu_read_lock+0x50/0x50 [ 1174.896542][T14076] ? ktime_get+0xfd/0x130 [ 1174.900859][T14076] bpf_test_run+0x288/0x680 [ 1174.905357][T14076] ? kzalloc+0x20/0x20 [ 1174.909415][T14076] ? build_skb+0x24c/0x440 [ 1174.914617][T14076] bpf_prog_test_run_skb+0x84d/0x1130 [ 1174.919980][T14076] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1174.925896][T14076] ? fput_many+0x42/0x1a0 [ 1174.930278][T14076] ? __bpf_prog_get+0x29f/0x310 [ 1174.935116][T14076] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1174.940911][T14076] __do_sys_bpf+0x2d28/0xbe70 [ 1174.945575][T14076] ? _kstrtoull+0x390/0x490 [ 1174.950069][T14076] ? kstrtouint_from_user+0x20f/0x2a0 [ 1174.955424][T14076] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 1174.961553][T14076] ? __bpf_prog_put_rcu+0x300/0x300 [ 1174.966983][T14076] ? refcount_inc_checked+0x50/0x50 [ 1174.972164][T14076] ? memcg_check_events+0x5c/0x5b0 [ 1174.977249][T14076] ? proc_fail_nth_write+0x1d5/0x240 [ 1174.982526][T14076] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1174.987696][T14076] ? __lru_cache_add+0x1c4/0x210 [ 1174.992616][T14076] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1174.997787][T14076] ? memset+0x1f/0x40 [ 1175.001740][T14076] ? fsnotify+0x1332/0x13f0 [ 1175.006215][T14076] ? __kernel_write+0x340/0x340 [ 1175.011039][T14076] ? check_preemption_disabled+0x9e/0x330 [ 1175.017249][T14076] ? debug_smp_processor_id+0x20/0x20 [ 1175.022676][T14076] ? __fsnotify_parent+0x310/0x310 [ 1175.027769][T14076] ? __sb_end_write+0xb5/0x100 [ 1175.032513][T14076] ? vfs_write+0x422/0x4e0 [ 1175.036899][T14076] ? fput_many+0x42/0x1a0 [ 1175.041197][T14076] ? check_preemption_disabled+0x154/0x330 [ 1175.046975][T14076] do_syscall_64+0xcb/0x1e0 [ 1175.051462][T14076] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1175.057324][T14076] RIP: 0033:0x4665e9 [ 1175.061192][T14076] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1175.080788][T14076] RSP: 002b:00007fb6578f6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1175.089170][T14076] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665e9 [ 1175.097372][T14076] RDX: 0000000000000028 RSI: 0000000020000080 RDI: 000000000000000a [ 1175.105327][T14076] RBP: 00007fb6578f61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1175.114237][T14076] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1175.122179][T14076] R13: 00007ffcefb3e19f R14: 00007fb6578f6300 R15: 0000000000022000 [ 1175.278537][ T101] Bluetooth: hci0: command 0x1003 tx timeout [ 1175.284621][ T9371] Bluetooth: hci0: sending frame failed (-49) [ 1175.295777][ T148] loop3: p1 p3 < > p4 < p5 > [ 1175.301165][ T148] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1175.309559][ T148] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1175.318313][T14071] loop3: p1 p3 < > p4 < p5 > [ 1175.323216][T14071] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1175.332003][T14071] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1175.359183][T14079] loop5: p1 p3 < > p4 < p5 > [ 1175.364197][T14079] loop5: p1 start 1114112 is beyond EOD, truncated [ 1175.373038][T14079] loop5: p5 start 1114112 is beyond EOD, truncated [ 1175.552905][T14079] loop5: p1 p3 < > p4 < p5 > [ 1175.557731][T14079] loop5: p1 start 1114112 is beyond EOD, truncated [ 1175.565465][T14079] loop5: p5 start 1114112 is beyond EOD, truncated [ 1175.611341][ T148] loop5: p1 p3 < > p4 < p5 > [ 1175.618118][ T148] loop5: p1 start 1114112 is beyond EOD, truncated [ 1175.627355][ T148] loop5: p5 start 1114112 is beyond EOD, truncated [ 1177.358471][ T101] Bluetooth: hci0: command 0x1001 tx timeout [ 1177.364811][ T9371] Bluetooth: hci0: sending frame failed (-49) [ 1179.438343][ T101] Bluetooth: hci0: command 0x1009 tx timeout 01:04:21 executing program 4: clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x3) 01:04:21 executing program 1 (fault-call:6 fault-nth:84): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) 01:04:21 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a00f405ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:04:21 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0000a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:04:21 executing program 0: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x10000000013, &(0x7f0000000000)=0x2000000000000001, 0x4) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000180)='ip6gre0\x00', 0x10) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x2, &(0x7f0000000200)=0x7fff, 0x4) connect$inet(r3, &(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f0000000300)={0x3f, 0xcbf, 0x80000001}, 0x14) write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x140006, 0x0) 01:04:21 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a001200ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1183.463853][T13027] Bluetooth: hci0: Frame reassembly failed (-84) [ 1183.487176][T14090] loop3: p1 p3 < > p4 < p5 > [ 1183.494615][T14090] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1183.510382][T14090] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1183.526980][T14102] FAULT_INJECTION: forcing a failure. [ 1183.526980][T14102] name failslab, interval 1, probability 0, space 0, times 0 [ 1183.540248][T14102] CPU: 0 PID: 14102 Comm: syz-executor.1 Not tainted 5.4.125-syzkaller-00004-gfe8243e7f1d1 #0 [ 1183.550804][T14102] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1183.561032][T14102] Call Trace: [ 1183.564318][T14102] dump_stack+0x1d8/0x24e [ 1183.568637][T14102] ? devkmsg_release+0x11c/0x11c [ 1183.573745][T14102] ? show_regs_print_info+0x12/0x12 [ 1183.578934][T14102] should_fail+0x6f6/0x860 [ 1183.583343][T14102] ? setup_fault_attr+0x3d0/0x3d0 [ 1183.588369][T14102] ? __copy_skb_header+0x421/0x550 [ 1183.593469][T14102] ? bpf_clone_redirect+0x10e/0x350 [ 1183.598661][T14102] should_failslab+0x5/0x20 [ 1183.603154][T14102] __kmalloc_track_caller+0x5d/0x2e0 [ 1183.608450][T14102] ? bpf_clone_redirect+0x10e/0x350 [ 1183.613634][T14102] pskb_expand_head+0x10d/0xfa0 [ 1183.618477][T14102] ? skb_ensure_writable+0x2ab/0x420 [ 1183.623749][T14102] bpf_clone_redirect+0x10e/0x350 [ 1183.628763][T14102] bpf_prog_801cabf80fc815cd+0x16f/0x1000 [ 1183.634476][T14102] ? __schedule+0x9b8/0x1170 [ 1183.639053][T14102] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 1183.644852][T14102] ? rcu_preempt_deferred_qs_irqrestore+0x701/0xae0 [ 1183.651459][T14102] ? __rcu_read_unlock+0x1cd/0x6a0 [ 1183.656654][T14102] ? __rcu_read_lock+0x50/0x50 [ 1183.661424][T14102] ? ktime_get+0xfd/0x130 [ 1183.665739][T14102] bpf_test_run+0x288/0x680 [ 1183.670241][T14102] ? kzalloc+0x20/0x20 [ 1183.674297][T14102] ? build_skb+0x24c/0x440 [ 1183.678702][T14102] bpf_prog_test_run_skb+0x84d/0x1130 [ 1183.684069][T14102] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1183.689949][T14102] ? fput_many+0x42/0x1a0 [ 1183.694357][T14102] ? __bpf_prog_get+0x29f/0x310 [ 1183.699289][T14102] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1183.705170][T14102] __do_sys_bpf+0x2d28/0xbe70 [ 1183.709844][T14102] ? _kstrtoull+0x390/0x490 [ 1183.714337][T14102] ? kstrtouint_from_user+0x20f/0x2a0 [ 1183.719701][T14102] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 1183.726026][T14102] ? __bpf_prog_put_rcu+0x300/0x300 [ 1183.731197][T14102] ? refcount_inc_checked+0x50/0x50 [ 1183.736554][T14102] ? memcg_check_events+0x5c/0x5b0 [ 1183.741641][T14102] ? proc_fail_nth_write+0x1d5/0x240 [ 1183.747004][T14102] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1183.752175][T14102] ? __lru_cache_add+0x1c4/0x210 [ 1183.757095][T14102] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1183.762265][T14102] ? memset+0x1f/0x40 [ 1183.766217][T14102] ? fsnotify+0x1332/0x13f0 [ 1183.770693][T14102] ? __kernel_write+0x340/0x340 [ 1183.775704][T14102] ? check_preemption_disabled+0x9e/0x330 [ 1183.781403][T14102] ? debug_smp_processor_id+0x20/0x20 [ 1183.786758][T14102] ? __fsnotify_parent+0x310/0x310 [ 1183.792004][T14102] ? __sb_end_write+0xb5/0x100 [ 1183.796825][T14102] ? vfs_write+0x422/0x4e0 [ 1183.801211][T14102] ? fput_many+0x42/0x1a0 [ 1183.805511][T14102] ? check_preemption_disabled+0x154/0x330 [ 1183.811329][T14102] do_syscall_64+0xcb/0x1e0 [ 1183.815805][T14102] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1183.821755][T14102] RIP: 0033:0x4665e9 [ 1183.825620][T14102] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1183.845283][T14102] RSP: 002b:00007fb6578f6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1183.853837][T14102] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665e9 [ 1183.861796][T14102] RDX: 0000000000000028 RSI: 0000000020000080 RDI: 000000000000000a [ 1183.869739][T14102] RBP: 00007fb6578f61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1183.877683][T14102] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1183.885625][T14102] R13: 00007ffcefb3e19f R14: 00007fb6578f6300 R15: 0000000000022000 01:04:22 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff40010a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1183.923556][T14095] loop5: p1 p3 < > p4 < p5 > [ 1183.923671][T14097] loop2: p1 p3 < > p4 < p5 > [ 1183.930608][T14095] loop5: p1 start 1179648 is beyond EOD, truncated [ 1183.942319][T14095] loop5: p5 start 1179648 is beyond EOD, truncated [ 1183.947480][T14097] loop2: p1 start 99876864 is beyond EOD, truncated [ 1183.958279][T14097] loop2: p5 start 99876864 is beyond EOD, truncated 01:04:22 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a002500ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:04:22 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a00f505ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:04:22 executing program 1 (fault-call:6 fault-nth:85): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) [ 1184.139720][T14108] loop3: p1 p3 < > p4 < p5 > [ 1184.144639][T14108] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1184.154688][T14108] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1184.182662][T14110] loop5: p1 p3 < > p4 < p5 > [ 1184.190133][T14110] loop5: p1 start 2424832 is beyond EOD, truncated [ 1184.199466][T14110] loop5: p5 start 2424832 is beyond EOD, truncated [ 1184.210918][T14117] FAULT_INJECTION: forcing a failure. [ 1184.210918][T14117] name failslab, interval 1, probability 0, space 0, times 0 [ 1184.223992][T14117] CPU: 0 PID: 14117 Comm: syz-executor.1 Not tainted 5.4.125-syzkaller-00004-gfe8243e7f1d1 #0 [ 1184.234210][T14117] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1184.244254][T14117] Call Trace: [ 1184.247540][T14117] dump_stack+0x1d8/0x24e [ 1184.251858][T14117] ? devkmsg_release+0x11c/0x11c [ 1184.256783][T14117] ? show_regs_print_info+0x12/0x12 [ 1184.261984][T14117] ? memset+0x1f/0x40 [ 1184.265953][T14117] ? unwind_next_frame+0x1f0a/0x27b0 [ 1184.271314][T14117] should_fail+0x6f6/0x860 [ 1184.275748][T14117] ? setup_fault_attr+0x3d0/0x3d0 [ 1184.280856][T14117] ? dst_alloc+0x137/0x4e0 [ 1184.285348][T14117] should_failslab+0x5/0x20 [ 1184.290926][T14117] kmem_cache_alloc+0x36/0x290 [ 1184.295678][T14117] dst_alloc+0x137/0x4e0 [ 1184.300002][T14117] __mkroute_output+0x9e4/0x1430 [ 1184.304965][T14117] ? __siphash_aligned+0x1d1/0x320 [ 1184.310075][T14117] ? ip_route_output_key_hash_rcu+0xf90/0xf90 [ 1184.316134][T14117] ? ip_route_output_key_hash_rcu+0x41b/0xf90 [ 1184.322342][T14117] ip_route_output_flow+0x13d/0x320 [ 1184.327530][T14117] ? ipv4_sk_update_pmtu+0x1e00/0x1e00 [ 1184.333239][T14117] ? debug_smp_processor_id+0x20/0x20 [ 1184.338603][T14117] ip_tunnel_xmit+0xa00/0x20e0 [ 1184.343365][T14117] ? ip_tunnel_xmit+0x1b1/0x20e0 [ 1184.348302][T14117] ? tnl_update_pmtu+0x980/0x980 [ 1184.353324][T14117] ? gre_build_header+0x238/0x780 [ 1184.358338][T14117] ipgre_xmit+0x6db/0x9e0 [ 1184.362658][T14117] xmit_one+0xfa/0x470 [ 1184.367240][T14117] __dev_queue_xmit+0x14ec/0x2e50 [ 1184.372263][T14117] ? dev_queue_xmit+0x20/0x20 [ 1184.377024][T14117] ? check_preemption_disabled+0x9e/0x330 [ 1184.382750][T14117] ? skb_release_data+0x346/0x6b0 [ 1184.387764][T14117] ? debug_smp_processor_id+0x20/0x20 [ 1184.393124][T14117] ? bpf_clone_redirect+0x10e/0x350 [ 1184.398317][T14117] __bpf_redirect+0x728/0xd00 [ 1184.402991][T14117] bpf_clone_redirect+0x243/0x350 [ 1184.408084][T14117] bpf_prog_801cabf80fc815cd+0xeb7/0x1000 [ 1184.413966][T14117] ? __schedule+0x9b8/0x1170 [ 1184.418533][T14117] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 1184.424311][T14117] ? rcu_preempt_deferred_qs_irqrestore+0x701/0xae0 [ 1184.430890][T14117] ? __rcu_read_unlock+0x1cd/0x6a0 [ 1184.435972][T14117] ? __rcu_read_lock+0x50/0x50 [ 1184.440710][T14117] ? ktime_get+0xfd/0x130 [ 1184.445075][T14117] bpf_test_run+0x288/0x680 [ 1184.449550][T14117] ? kzalloc+0x20/0x20 [ 1184.453590][T14117] ? build_skb+0x24c/0x440 [ 1184.457980][T14117] bpf_prog_test_run_skb+0x84d/0x1130 [ 1184.463324][T14117] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1184.469124][T14117] ? fput_many+0x42/0x1a0 [ 1184.473423][T14117] ? __bpf_prog_get+0x29f/0x310 [ 1184.478244][T14117] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1184.484020][T14117] __do_sys_bpf+0x2d28/0xbe70 [ 1184.488671][T14117] ? _kstrtoull+0x390/0x490 [ 1184.493146][T14117] ? kstrtouint_from_user+0x20f/0x2a0 [ 1184.498488][T14117] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 1184.504630][T14117] ? __bpf_prog_put_rcu+0x300/0x300 [ 1184.509798][T14117] ? refcount_inc_checked+0x50/0x50 [ 1184.514965][T14117] ? memcg_check_events+0x5c/0x5b0 [ 1184.520052][T14117] ? proc_fail_nth_write+0x1d5/0x240 [ 1184.525310][T14117] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1184.530479][T14117] ? __lru_cache_add+0x1c4/0x210 [ 1184.535389][T14117] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1184.540555][T14117] ? memset+0x1f/0x40 [ 1184.544505][T14117] ? fsnotify+0x1332/0x13f0 [ 1184.548978][T14117] ? __kernel_write+0x340/0x340 [ 1184.553820][T14117] ? check_preemption_disabled+0x9e/0x330 [ 1184.559507][T14117] ? debug_smp_processor_id+0x20/0x20 [ 1184.564934][T14117] ? __fsnotify_parent+0x310/0x310 [ 1184.570030][T14117] ? __sb_end_write+0xb5/0x100 [ 1184.574775][T14117] ? vfs_write+0x422/0x4e0 [ 1184.579161][T14117] ? fput_many+0x42/0x1a0 [ 1184.583469][T14117] ? check_preemption_disabled+0x154/0x330 [ 1184.589254][T14117] do_syscall_64+0xcb/0x1e0 [ 1184.593730][T14117] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1184.599593][T14117] RIP: 0033:0x4665e9 [ 1184.603484][T14117] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1184.623067][T14117] RSP: 002b:00007fb6578f6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 01:04:22 executing program 0: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x10000000013, &(0x7f0000000000)=0x2000000000000001, 0x4) prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r0) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000180)='ip6gre0\x00', 0x10) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r5 = dup2(r4, r3) write$binfmt_misc(r5, &(0x7f0000000340)={'syz0', "bb21974115ce3a899a9a31093f5a244d91b0784dbcac448c7ceb34a763800b526d9ee6b25aa9ef153b64fdca18ca622a2bbf8395c05a0c6abcd1c0f7a4bb2a97888d5d410f475c7ac3151ea71aa146b73b6f68a97e34ebb53279e6899db448f95f3707e1709b6d0875d7b4383a3e75237b9fd4f268a9c90321cfbf70aee9524c15c726cfa38461043f2f87fbf7db00003bdb86a8dc8e0e55b87892511f9dc5eb941e8ae98974ed28e285fc60366e41a380c93c445aa1b817a8fcebc137ac216e20654de05daddd5e79f62428a1b65541c19b8d2602b55fed5e0587f45843357f1f5936c02fd85eba51f6ba9818dfcf5b03d129a89efed4ad4fafbe60e0f66cf98ef054d6f384ac5f7150dd8bb0ca6b7f4a05b13a4b94eb3821710e27fa0a94d25626a23d348906746bf59b61703bd93b5a9ec0ad404b65625aaad0e38f1929aa58f84fb8db12450956a50a2928d1aa47d7598c2f1185f5bfa90f6d4e5f0bed47f4c5f8d8b1332eaa93a4dd1e35fe0e85f0e138da45cd1edbe596888800fa49f304b1ebbe63b8f6d78badabccd065166bd7adc1b14bdcc67e5d75a45d7cf80cbecc942f1a1ca09b8c645a0e9f31604402f99bb8fdadeb2e3965e734b5820a02aa659e2ade12347f5cc1eeff910e282b3725ef1340199891b3cf83bcb064c4854c3e9f0779036c2929e0956f571e82760728553ae33ef34d17bee40be148453cea618dbd395e26b42215916ac8f3924b2b9e97f64b25cdfadd15ba9c374500a48899d878c1a16448bc6e7f26818b2d4474b5b877df20de6de3a131a2cddf91f630b35a4c93231aaf8b18850719f7a2c1303ac98ceb8c2a6cf05c8ee7910b86a966696e9ba2fe4c0f905adb19ada884587ff76d12b585f6bfaa96c84c419e41517c24d693928435e25940e261a153632575b28747ab196f22b3a94ba55087fbfd9ff934efd1f8a85689947c1cbeffc3b0472d343dae4f0755cd064be3ab53795aa439017c29991af4a411191f6ef4f82d7d4939919288dc38a12c815ead7b617541ff4cbfb6c57b9cd1e3567eb48b64c5c127c548e40811c1e1a173e78ef5e36d0b25b33ec3572b1c2f9dba44424f8ae8bcb39dd118da163d5d1e0053a27415006c90ec7853f8032c74d33ae33dee9b42662327fe7a770152a7c2f5737ec4c1ad64ceec78a6b77e98bfda5bc9bbacafedf901dd02eb91f8c8ff3ad6e6e710639c50218f9f7f70398ade413a19985b7706f36b1ba8e736e9843002680213b73d56afa59aaa473e8c6a2a9f3129bc7d787cac1ae583d4dee9973d0410c6f0bb7c0d7d6d024023be5e787959b374cd223242d4f986640157ed68ff9801cb7ccaed0aa50c250defe17db2e972e36919aa62fe4a8672dcc2f6b7f6d93b9aa220693deb322f34f8f44b7fb4c34fd74e2f1391cd4cefc0fd0b928bf9fa4687b4fbad9722925557e06485a49d263caf1218ef39e667a6deb0ecaf86658116d270c74c51354e5add7be44c5a72ff4b1e9162cba04c265ca32c91ec89b7fbf890ea470274e781052ba001e6a02a333c314d91003bc8d5b909cfb69a059657a3e63c1200e8994e86bf176011461add91a59ed97a5c8f3be818dac54d6a169f99dd725f98ffff9fcce3dc4a4b7fa6f3af28ea8e41fcb20c671d79cb25ab6f0c5b42fe094d73a82f066778a7ef8e75afc30b2abd927cac4846f9eecc4e2b4fd50841448054cb98ac439428624d667ec2dbb1ae7300236c01131fdb93e5a02748b1be25085afcde23211a0561f7d91137bc9c3bf5838eb39eb977e011646e325d0ff428d52a1030c681de92f5b3e8148d776345b4be5ddf50c793052f6cda71a3711f5b669149de206923074907a32a779b364064bf79cf7e87eb7003c085fb9e80a9cb0dc340e14b721c5af20c885a9a52764475acc7350e464e10a912a882cca623c042756e46ee88f8cd27e2b6343412e8288c9ce8a54deb58d7f1764fa338dde54713ef7ac81f27606bd2c979dee9da7c1b60fbdb6623c6ca5e534b9d2668e823a7ae4fef6080f8e0c3314abe6a4a6725fdaab83b6daa0d0852099fb78daf86a9f33a212fcccdd8e6795e05d809900f22d99ff75bbe04c7eb7b5e4cd297802bdec565b157d3119cbe66191f50cac779da7aa280d7a8f908a4eee44a8f161647828cf672910b20a1fa9a9e70dce78c1084c24a086de4294ce5dfe9e31be8ac8f42df10a1c903eb75d583e6ac1ec4e487db3805c99094649246e5fe01fe7d66113e56aaa1abacfeb380e0bb8374484a76ced8de9e908dd00c6f27ec7d0683a1210772f20dce598b6626b3954db0cebe7cb93caf7c5cd6edcc38e57cad47384b0682af74ded136002b673c244ce84fee576f4712b33ba024c254f1575c8074d679c4c41dd5e35c6b4f67cc44f376d0639a36b5a8e917c41a89c8965d36e1150e30a437fe935189f4692468644fb9941f5525836d96b06ab4e5b2abc6c81b78a36e8181729ff7fb8be7a336c7ddf3c547a8156c076163633a2f15898cc58f5c260a77e3c8162806af61804bde72c03eda2172401f731eda521a8fc6e8c9bfb2efce55041615a11927be74482d5061dec35e3eb6e0340dcb160b51686987d46675a2ade39302a8b3b57e98a7ddd7123539034c34da39544a66759491442ab6d1573f9fa403efcf560faf9e65dad59193fa0567bb314fec1e211f6b551f6fbf5440ddd820cdf95a7c4010d482ed20d8bfd48247e66feead50beeb9b6bfca94887d098227c0b53958612401c46fde0b61ac74dbe3a70e50bf2a3ba5f11deed754377865a782a1630054d1356ef78146b1527f65930d4e7389f754c4116deb4f3f272049c3872e85fd092145185743fa705521f8ae27d4d051ac25545f78264045cae6b50c3bbf6c2e35c1af246d34a2fdac44b08229b0383d314b7b489eb950070c58314ac624e3fecb23893edccc0d350c211a7f5fc71d4a5e01339d295ffe8e109a124a36737071f67d4716a88b9519ce04f1d4f646aaaa2bb5a6d7cf26cee287dbc8f43a66c4575eb60103201211142e2dc01e9ad70d3f9a3f48f8849f6bd3e233ce4775dfa52d894f6a352023e34a3db1b16dee95e8dbe0f86f6d283eb9d3fd012d9f1881b9aac043ecc57ee71f293fe9e71011b9ce16593826709c30464583bcec0b0473f3f9758c96df45e8fbc34bf30c20af587ed1dd286f8d39dc04cb71ba9a6ce0ea61d38cadc886563c703e249e24cafecae888393e606a9e1f5b47d7f17e4a7b860aa716929218aeaf83567f6e420f8add3badc6d24b1507db55f3e0b688306b5ed8d773c382019d9a42a20c5ea07824313b9f4d264e459b6e83976be43931994f36c5f8c844a00b088c42f8a1f0e2b05ca9b424e7c5efe2f181678a65833e5668d7159043ca64befb2abc84aeffcafb6c546978f7a26f8fcc0d3011037e117ff4e89fbb7173dbcd9aad4819d61f2c5ac6ac668e3e55e0cd9d6a5a94688ffaae09212433da82dd3aa9621d7421d47b42adc65002298d01082a44249d29d4374f1ebf3f01532e742de55975e5da38af100345d60b7c31f8c641ee3fc12975090034f032d2da708e5f3767f2039638f16bcbcf6dc246647840fab4fd37a6c5f570282359bc3b02d048a980f7ccb3d51548dc4524d2bc83b0078603bacee515d4b0fddd908efc4142a64e8ca8735649857edee8c02c47d4fffcecd969c2461227a6aa2e34b0924ea59995ded8c96482611679a0e2fb5d27bcc65b5e4739adae3c921c8aef85d41c332485ff2dac4af7acee9e9608611b9c591e0f022704c5f9c5ffef6b1f9d02367f3b9d0119613b82ddd89d4f36a0ff1ead2bcc28cde23c1055afdb38a2d3d5550e7c52b7385f863d863148a34ce9daa251f4098bf9f93d260ed207052506132cbd13293e72526d387f1e5c5e596e5a4bb30399c94bb9b421be7ec530cf2565a1521cb98c1be18287639ef910e13b423798cd190b55033125417315768fb1bf0be36f6013e4d72ec6e7bf4e3e7c81e2bb9f008eef04b4a8bee9993cc5baa1698bc9a903495fbddb15b52d2fcfaab8ee897b2ebb1a0e630db32a7fd0b2656df4ce3b2c6d1afdf7f70110f28f32576310fcdcb4f4eda6ca37af0df71110c7758d75c66c49b1cdb57bbd2909cdca51c1d0e9141e7a89dfd4247b530bc77619cbf31d29f350a11e75b54e1df72b7ea835eb57d1ddbf246d0daa7d2c2d1f63480ef59f19a5b80f117fe31ec0a2498f5d9aa9b537fffdca319dd2b493ef086e4380a43f515d1eb61098e908116b26707e2ca882ac8920595f85d07eb863f6fc09cad226094db0e1e311c8e07c752b2bbf0d8b566eef87041084718d356cb01d44cbbe2f72322f267f86d7ac77ff496588a94eb0140da384b11ebb6605f66e7d3fdfa066e9846a04d4eefd57ceecdf12c126e362520b87331a7932d415fa2d52a285296cd8b286bd1d949c0f2ef63f4e84bbd27d1f25e16a5294cdec813915e8fe9275f1357635ecaa6aaf4ce7da3c35e384093d8d5c700480b2cb406e16e75e495e03139f52ab12fd261db9ea31e487a261a0e30a06ccba735497dce4c825603f3a7480f167bc97fdd1900b8395ce025ea526b25575040f38cf2e1fb0ed3d290521a6ecd9cdef1b667c958fa3328500cf5f1cfd4d605f45cae692aef800c6461d805327be398a39ca8b08ae5755b33d9d08e98f51c5668ec41f221e8047adcdff946299c2c196bf53a6b207be8e100cf72f6e00137bce191fbcacd68e7ef47e6b9bc5fbd33d3c15e71e572a745244b7db8a1b636a735da5be9900abc6942dae4836d8358f0b87a324ad0096730f0b1e8de4bcc229f1bdebb05ec9ed72346ccef033c7b5dc7f39d641815ba5abcf77926ad15e04f1b4654aa1531998e6249ff6e75d1fd2d68095cfc25bc8707d8de6821727d78e424a6ca9860ae94839caf459f5973fec1f7721bab27a65a8df73fa7cc340375145e655636235709e02a4b69587ec1afd1eaf26c1b4b48c57298eb78eeae61abafb4447ceef9ae7e88b6aa8aedcb26c46f09e117dbb7024a0a6237f7e8bf8d825057d6df737650824cb66b8fb3c9297f33519d4880ea73df2b0d9d70b689949aa89b08bd85d366b55e6c6ec539d9b5ecf5d3231eeb208c4be41b4ff729b141e7274f3969b9bc78d0f9e6b4e5e82bdb024a12b5530b777797d10f1bfdcbbc38d3725061fa827962a35f3332c5fda4c043f0459283d62880b31eccb99f5683ef3dbb37003eae50ce7619c0a3cb7621b3837996bb93a299eaae885b537611dcabf71de6dc3b048f53fee6a9ae099174094b030d8f78a4e120a083e69097905c8044f01f0d1845f7066e6d1e56cf91f49316cd78bd2ffce118268783eeaaa198129a8499eb3a7747004ea7e00dcf0dcfe09aa1da66734e50d54d22a7ff24b008da5665dcd5884c2435d1978cb83aeb90089d99cb2055bc8c7608bca996917906344fd7839191d572cc6eedffdf2ec3d0f86136878dbf244e2b60e887bd7bba2aa98ac2fbc780cc544b7ccbf17fb0d02ee3bdcac0f3d51269465d45551a8eb577c4d11fa17ba295fe98609c4cecfbf711e5d5008cbc5634ee99de8b40330138f484c27aac27247fa0f6e99b0e13a05813e3ac718ff95faf93c275bc3e0c218418d7ea2bae71177d32a3a717ca3637fa7f6003e7d6600e85d499ba2fd75b97e7dd402ceb1feb4b7e9180f8c3c9b2809bcdd7de0ce4bc72305bb2602a65987d7da7d4e33213cc68452d7aa688d1825c1f739540028ef6e76034cf072685492f428b47c4bf48a4fed4fce458e9d1ec9e7e2306"}, 0x1004) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x2, &(0x7f0000000200)=0x7fff, 0x4) connect$inet(r3, &(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f0000000300)={0x0, 0xcbf, 0x80000001}, 0x14) write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x140006, 0x0) [ 1184.631451][T14117] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665e9 [ 1184.639490][T14117] RDX: 0000000000000028 RSI: 0000000020000080 RDI: 000000000000000a [ 1184.647431][T14117] RBP: 00007fb6578f61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1184.655383][T14117] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1184.663432][T14117] R13: 00007ffcefb3e19f R14: 00007fb6578f6300 R15: 0000000000022000 01:04:23 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a002600ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1184.736180][T14116] loop2: p1 p3 < > p4 < p5 > [ 1184.745837][T14116] loop2: p1 start 99942400 is beyond EOD, truncated [ 1184.754772][T14116] loop2: p5 start 99942400 is beyond EOD, truncated [ 1184.804564][T14108] loop3: p1 p3 < > p4 < p5 > [ 1184.817205][T14108] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1184.835150][T14108] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1184.861302][T14104] blk_update_request: I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 1184.874605][T14116] __loop_clr_fd: partition scan of loop2 failed (rc=-16) [ 1184.875172][T14098] blk_update_request: I/O error, dev loop2, sector 9 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 1184.898784][ T95] blk_update_request: I/O error, dev loop2, sector 9 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1184.909685][ T95] Buffer I/O error on dev loop2p3, logical block 0, async page read [ 1184.923783][ T95] blk_update_request: I/O error, dev loop2, sector 9 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1184.935089][ T95] Buffer I/O error on dev loop2p3, logical block 0, async page read [ 1184.943680][T14126] loop5: p1 p3 < > p4 < p5 > [ 1184.948833][T14126] loop5: p1 start 2490368 is beyond EOD, truncated [ 1184.956383][T14126] loop5: p5 start 2490368 is beyond EOD, truncated [ 1184.983962][T14116] loop_reread_partitions: partition scan of loop2 () failed (rc=-16) [ 1185.041706][ T148] loop2: p1 p3 < > p4 < p5 > [ 1185.046619][ T148] loop2: p1 start 99942400 is beyond EOD, truncated [ 1185.054808][ T148] loop2: p5 start 99942400 is beyond EOD, truncated [ 1185.068928][T14126] loop5: p1 p3 < > p4 < p5 > [ 1185.073917][T14126] loop5: p1 start 2490368 is beyond EOD, truncated [ 1185.081657][T14126] loop5: p5 start 2490368 is beyond EOD, truncated [ 1185.517868][ T101] Bluetooth: hci0: command 0x1003 tx timeout [ 1185.524330][ T9371] Bluetooth: hci0: sending frame failed (-49) [ 1187.597868][ T1216] Bluetooth: hci0: command 0x1001 tx timeout [ 1187.604018][ T9371] Bluetooth: hci0: sending frame failed (-49) [ 1189.677673][ T1216] Bluetooth: hci0: command 0x1009 tx timeout 01:04:31 executing program 4: clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4) 01:04:31 executing program 1 (fault-call:6 fault-nth:86): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) 01:04:31 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff80010a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:04:31 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a00f605ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:04:31 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a003200ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:04:31 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x10000000013, &(0x7f0000000000)=0x2000000000000001, 0x4) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000180)='ip6gre0\x00', 0x10) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x2, &(0x7f0000000200)=0x7fff, 0x4) connect$inet(r3, &(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f0000000300)={0x0, 0xcbf, 0x80000001}, 0x14) write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x140006, 0x0) [ 1193.716785][ T163] Bluetooth: hci0: Frame reassembly failed (-84) [ 1193.730298][T14137] loop2: p1 p3 < > p4 < p5 > [ 1193.740265][T14137] loop2: p1 start 100007936 is beyond EOD, truncated [ 1193.748771][T14137] loop2: p5 start 100007936 is beyond EOD, truncated [ 1193.760816][T14152] FAULT_INJECTION: forcing a failure. [ 1193.760816][T14152] name failslab, interval 1, probability 0, space 0, times 0 [ 1193.773546][T14152] CPU: 1 PID: 14152 Comm: syz-executor.1 Not tainted 5.4.125-syzkaller-00004-gfe8243e7f1d1 #0 [ 1193.783778][T14152] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1193.794012][T14152] Call Trace: [ 1193.797478][T14152] dump_stack+0x1d8/0x24e [ 1193.801887][T14152] ? devkmsg_release+0x11c/0x11c [ 1193.806816][T14152] ? show_regs_print_info+0x12/0x12 [ 1193.812789][T14152] should_fail+0x6f6/0x860 [ 1193.817200][T14152] ? setup_fault_attr+0x3d0/0x3d0 [ 1193.822306][T14152] ? __rcu_read_lock+0x50/0x50 [ 1193.827061][T14152] ? ip_tunnel_xmit+0x1703/0x20e0 [ 1193.832072][T14152] should_failslab+0x5/0x20 [ 1193.836646][T14152] __kmalloc_track_caller+0x5d/0x2e0 [ 1193.842008][T14152] ? ip_route_output_flow+0x1f6/0x320 [ 1193.847460][T14152] ? ip_tunnel_xmit+0x1703/0x20e0 [ 1193.852466][T14152] pskb_expand_head+0x10d/0xfa0 [ 1193.857525][T14152] ? tnl_update_pmtu+0x3c7/0x980 [ 1193.862454][T14152] ip_tunnel_xmit+0x1703/0x20e0 [ 1193.867292][T14152] ? tnl_update_pmtu+0x980/0x980 [ 1193.872215][T14152] ? gre_build_header+0x238/0x780 [ 1193.877318][T14152] ipgre_xmit+0x6db/0x9e0 [ 1193.881638][T14152] xmit_one+0xfa/0x470 [ 1193.885693][T14152] __dev_queue_xmit+0x14ec/0x2e50 [ 1193.890720][T14152] ? dev_queue_xmit+0x20/0x20 [ 1193.895382][T14152] ? check_preemption_disabled+0x9e/0x330 [ 1193.901097][T14152] ? skb_release_data+0x346/0x6b0 [ 1193.906104][T14152] ? debug_smp_processor_id+0x20/0x20 [ 1193.911457][T14152] ? bpf_clone_redirect+0x10e/0x350 [ 1193.916638][T14152] __bpf_redirect+0x728/0xd00 [ 1193.921303][T14152] bpf_clone_redirect+0x243/0x350 [ 1193.926315][T14152] bpf_prog_801cabf80fc815cd+0x9df/0x1000 [ 1193.932028][T14152] ? __schedule+0x9b8/0x1170 [ 1193.936638][T14152] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 1193.942433][T14152] ? rcu_preempt_deferred_qs_irqrestore+0x701/0xae0 [ 1193.949027][T14152] ? __rcu_read_unlock+0x1cd/0x6a0 [ 1193.954124][T14152] ? __rcu_read_lock+0x50/0x50 [ 1193.958875][T14152] ? ktime_get+0xfd/0x130 [ 1193.963189][T14152] bpf_test_run+0x288/0x680 [ 1193.967678][T14152] ? kzalloc+0x20/0x20 [ 1193.971722][T14152] ? build_skb+0x24c/0x440 [ 1193.976108][T14152] bpf_prog_test_run_skb+0x84d/0x1130 [ 1193.981542][T14152] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1193.987418][T14152] ? fput_many+0x42/0x1a0 [ 1193.991717][T14152] ? __bpf_prog_get+0x29f/0x310 [ 1193.996541][T14152] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1194.002331][T14152] __do_sys_bpf+0x2d28/0xbe70 [ 1194.006982][T14152] ? _kstrtoull+0x390/0x490 [ 1194.011458][T14152] ? kstrtouint_from_user+0x20f/0x2a0 [ 1194.016799][T14152] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 1194.022920][T14152] ? __bpf_prog_put_rcu+0x300/0x300 [ 1194.028106][T14152] ? refcount_inc_checked+0x50/0x50 [ 1194.033283][T14152] ? memcg_check_events+0x5c/0x5b0 [ 1194.038376][T14152] ? proc_fail_nth_write+0x1d5/0x240 [ 1194.043638][T14152] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1194.048804][T14152] ? __lru_cache_add+0x1c4/0x210 [ 1194.053795][T14152] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1194.058961][T14152] ? memset+0x1f/0x40 [ 1194.062909][T14152] ? fsnotify+0x1332/0x13f0 [ 1194.067383][T14152] ? __kernel_write+0x340/0x340 [ 1194.072202][T14152] ? check_preemption_disabled+0x9e/0x330 [ 1194.077907][T14152] ? debug_smp_processor_id+0x20/0x20 [ 1194.083246][T14152] ? __fsnotify_parent+0x310/0x310 [ 1194.088331][T14152] ? __sb_end_write+0xb5/0x100 [ 1194.093063][T14152] ? vfs_write+0x422/0x4e0 [ 1194.097539][T14152] ? fput_many+0x42/0x1a0 [ 1194.101851][T14152] ? check_preemption_disabled+0x154/0x330 [ 1194.107631][T14152] do_syscall_64+0xcb/0x1e0 [ 1194.112121][T14152] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1194.117983][T14152] RIP: 0033:0x4665e9 [ 1194.121854][T14152] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1194.141533][T14152] RSP: 002b:00007fb6578f6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1194.149923][T14152] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665e9 [ 1194.157885][T14152] RDX: 0000000000000028 RSI: 0000000020000080 RDI: 000000000000000a [ 1194.165832][T14152] RBP: 00007fb6578f61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1194.173864][T14152] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1194.181807][T14152] R13: 00007ffcefb3e19f R14: 00007fb6578f6300 R15: 0000000000022000 [ 1194.219718][T14138] loop3: p1 p3 < > p4 < p5 > [ 1194.230027][T14138] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1194.255173][T14138] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1194.267135][T14144] loop5: p1 p3 < > p4 < p5 > [ 1194.273113][T14144] loop5: p1 start 3276800 is beyond EOD, truncated [ 1194.285456][T14144] loop5: p5 start 3276800 is beyond EOD, truncated 01:04:32 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a00f705ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:04:32 executing program 1 (fault-call:6 fault-nth:87): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) [ 1194.452911][T14138] loop3: p1 p3 < > p4 < p5 > [ 1194.457842][T14138] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1194.467263][T14165] FAULT_INJECTION: forcing a failure. [ 1194.467263][T14165] name failslab, interval 1, probability 0, space 0, times 0 [ 1194.479881][T14165] CPU: 0 PID: 14165 Comm: syz-executor.1 Not tainted 5.4.125-syzkaller-00004-gfe8243e7f1d1 #0 [ 1194.490101][T14165] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1194.500148][T14165] Call Trace: [ 1194.503435][T14165] dump_stack+0x1d8/0x24e [ 1194.507758][T14165] ? devkmsg_release+0x11c/0x11c [ 1194.512683][T14165] ? show_regs_print_info+0x12/0x12 [ 1194.517875][T14165] should_fail+0x6f6/0x860 [ 1194.522311][T14165] ? setup_fault_attr+0x3d0/0x3d0 [ 1194.527324][T14165] ? skb_release_data+0x346/0x6b0 [ 1194.532331][T14165] ? debug_smp_processor_id+0x20/0x20 [ 1194.537692][T14165] ? bpf_clone_redirect+0x10e/0x350 [ 1194.542875][T14165] ? skb_clone+0x1b2/0x360 [ 1194.547292][T14165] should_failslab+0x5/0x20 [ 1194.551785][T14165] kmem_cache_alloc+0x36/0x290 [ 1194.556532][T14165] ? __bpf_redirect+0x736/0xd00 [ 1194.561373][T14165] skb_clone+0x1b2/0x360 [ 1194.565802][T14165] bpf_clone_redirect+0xa2/0x350 [ 1194.570726][T14165] bpf_prog_801cabf80fc815cd+0x5af/0x1000 [ 1194.576439][T14165] ? __kasan_kmalloc+0x1a3/0x1e0 [ 1194.581359][T14165] ? __kasan_kmalloc+0x137/0x1e0 [ 1194.586291][T14165] ? kmem_cache_alloc+0x115/0x290 [ 1194.591345][T14165] ? build_skb+0x27/0x440 [ 1194.595668][T14165] ? bpf_prog_test_run_skb+0x419/0x1130 [ 1194.601290][T14165] ? __do_sys_bpf+0x2d28/0xbe70 [ 1194.606131][T14165] ? do_syscall_64+0xcb/0x1e0 [ 1194.610805][T14165] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1194.616956][T14165] ? ktime_get+0xfd/0x130 [ 1194.621461][T14165] bpf_test_run+0x288/0x680 [ 1194.625952][T14165] ? kzalloc+0x20/0x20 [ 1194.630009][T14165] ? build_skb+0x24c/0x440 [ 1194.634411][T14165] bpf_prog_test_run_skb+0x84d/0x1130 [ 1194.639778][T14165] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1194.645586][T14165] ? fput_many+0x42/0x1a0 [ 1194.649909][T14165] ? __bpf_prog_get+0x29f/0x310 [ 1194.654844][T14165] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1194.660638][T14165] __do_sys_bpf+0x2d28/0xbe70 [ 1194.665291][T14165] ? _kstrtoull+0x390/0x490 [ 1194.669784][T14165] ? kstrtouint_from_user+0x20f/0x2a0 [ 1194.675128][T14165] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 1194.681282][T14165] ? __bpf_prog_put_rcu+0x300/0x300 [ 1194.686448][T14165] ? refcount_inc_checked+0x50/0x50 [ 1194.691702][T14165] ? memcg_check_events+0x5c/0x5b0 [ 1194.696788][T14165] ? proc_fail_nth_write+0x1d5/0x240 [ 1194.702054][T14165] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1194.707234][T14165] ? __lru_cache_add+0x1c4/0x210 [ 1194.712206][T14165] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1194.717389][T14165] ? memset+0x1f/0x40 [ 1194.721341][T14165] ? fsnotify+0x1332/0x13f0 [ 1194.725990][T14165] ? __kernel_write+0x340/0x340 [ 1194.730810][T14165] ? check_preemption_disabled+0x9e/0x330 [ 1194.736500][T14165] ? debug_smp_processor_id+0x20/0x20 [ 1194.741856][T14165] ? __fsnotify_parent+0x310/0x310 [ 1194.747809][T14165] ? __sb_end_write+0xb5/0x100 [ 1194.752559][T14165] ? vfs_write+0x422/0x4e0 [ 1194.756948][T14165] ? fput_many+0x42/0x1a0 [ 1194.761263][T14165] ? check_preemption_disabled+0x154/0x330 [ 1194.767064][T14165] do_syscall_64+0xcb/0x1e0 [ 1194.771551][T14165] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1194.777440][T14165] RIP: 0033:0x4665e9 [ 1194.781317][T14165] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1194.800987][T14165] RSP: 002b:00007fb6578f6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1194.809371][T14165] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665e9 [ 1194.817314][T14165] RDX: 0000000000000028 RSI: 0000000020000080 RDI: 000000000000000a [ 1194.825268][T14165] RBP: 00007fb6578f61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1194.833221][T14165] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1194.841170][T14165] R13: 00007ffcefb3e19f R14: 00007fb6578f6300 R15: 0000000000022000 [ 1194.851230][T14138] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1194.868461][T14155] loop2: p1 p3 < > p4 < p5 > [ 1194.868497][ T148] loop5: p1 p3 < > p4 < p5 > [ 1194.873347][T14155] loop2: p1 start 100073472 is beyond EOD, truncated [ 1194.883002][ T148] loop5: p1 start 3276800 is beyond EOD, truncated [ 1194.892733][T14155] loop2: p5 start 100073472 is beyond EOD, truncated 01:04:33 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0010a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:04:33 executing program 0: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x10000000013, &(0x7f0000000000)=0x2000000000000001, 0x4) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000180)='ip6gre0\x00', 0x10) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2000000, 0x11, r0, 0x3000) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x2, &(0x7f0000000200)=0x7fff, 0x4) connect$inet(r3, &(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f0000000300)={0x0, 0xcbf, 0x80000001}, 0x14) write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x140006, 0x0) [ 1194.907570][ T148] loop5: p5 start 3276800 is beyond EOD, truncated [ 1194.999856][T14144] loop_reread_partitions: partition scan of loop5 () failed (rc=-16) 01:04:33 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a004600ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:04:33 executing program 1 (fault-call:6 fault-nth:88): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) [ 1195.041260][T14155] loop2: p1 p3 < > p4 < p5 > [ 1195.046276][T14155] loop2: p1 start 100073472 is beyond EOD, truncated [ 1195.054381][T14155] loop2: p5 start 100073472 is beyond EOD, truncated [ 1195.063729][T14174] loop3: p1 p3 < > p4 < p5 > [ 1195.069106][T14174] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1195.078968][T14174] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1195.144590][ T148] loop5: p1 p3 < > p4 < p5 > [ 1195.149467][ T148] loop5: p1 start 3276800 is beyond EOD, truncated [ 1195.161399][T14179] FAULT_INJECTION: forcing a failure. [ 1195.161399][T14179] name failslab, interval 1, probability 0, space 0, times 0 [ 1195.174052][T14179] CPU: 1 PID: 14179 Comm: syz-executor.1 Not tainted 5.4.125-syzkaller-00004-gfe8243e7f1d1 #0 [ 1195.184270][T14179] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1195.194392][T14179] Call Trace: [ 1195.197668][T14179] dump_stack+0x1d8/0x24e [ 1195.201973][T14179] ? devkmsg_release+0x11c/0x11c [ 1195.206880][T14179] ? show_regs_print_info+0x12/0x12 [ 1195.212051][T14179] should_fail+0x6f6/0x860 [ 1195.216546][T14179] ? setup_fault_attr+0x3d0/0x3d0 [ 1195.221544][T14179] ? skb_release_data+0x346/0x6b0 [ 1195.226605][T14179] ? debug_smp_processor_id+0x20/0x20 [ 1195.231948][T14179] ? bpf_clone_redirect+0x10e/0x350 [ 1195.237125][T14179] ? skb_clone+0x1b2/0x360 [ 1195.241528][T14179] should_failslab+0x5/0x20 [ 1195.246008][T14179] kmem_cache_alloc+0x36/0x290 [ 1195.250842][T14179] ? __bpf_redirect+0x736/0xd00 [ 1195.255662][T14179] skb_clone+0x1b2/0x360 [ 1195.259875][T14179] bpf_clone_redirect+0xa2/0x350 [ 1195.264897][T14179] bpf_prog_801cabf80fc815cd+0x40d/0x1000 [ 1195.270683][T14179] ? __schedule+0x9b8/0x1170 [ 1195.275243][T14179] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 1195.281021][T14179] ? rcu_preempt_deferred_qs_irqrestore+0x701/0xae0 [ 1195.287582][T14179] ? __rcu_read_unlock+0x1cd/0x6a0 [ 1195.292665][T14179] ? __rcu_read_lock+0x50/0x50 [ 1195.297401][T14179] ? ktime_get+0xfd/0x130 [ 1195.301704][T14179] bpf_test_run+0x288/0x680 [ 1195.306207][T14179] ? kzalloc+0x20/0x20 [ 1195.310336][T14179] ? build_skb+0x24c/0x440 [ 1195.314833][T14179] bpf_prog_test_run_skb+0x84d/0x1130 [ 1195.320179][T14179] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1195.325954][T14179] ? fput_many+0x42/0x1a0 [ 1195.330260][T14179] ? __bpf_prog_get+0x29f/0x310 [ 1195.335083][T14179] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1195.340861][T14179] __do_sys_bpf+0x2d28/0xbe70 [ 1195.345515][T14179] ? _kstrtoull+0x390/0x490 [ 1195.349998][T14179] ? kstrtouint_from_user+0x20f/0x2a0 [ 1195.355341][T14179] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 1195.361469][T14179] ? __bpf_prog_put_rcu+0x300/0x300 [ 1195.366638][T14179] ? refcount_inc_checked+0x50/0x50 [ 1195.371838][T14179] ? memcg_check_events+0x5c/0x5b0 [ 1195.376922][T14179] ? proc_fail_nth_write+0x1d5/0x240 [ 1195.382181][T14179] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1195.387351][T14179] ? __lru_cache_add+0x1c4/0x210 [ 1195.392259][T14179] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1195.398122][T14179] ? memset+0x1f/0x40 [ 1195.402076][T14179] ? fsnotify+0x1332/0x13f0 [ 1195.406551][T14179] ? __kernel_write+0x340/0x340 [ 1195.411372][T14179] ? check_preemption_disabled+0x9e/0x330 [ 1195.417063][T14179] ? debug_smp_processor_id+0x20/0x20 [ 1195.422437][T14179] ? __fsnotify_parent+0x310/0x310 [ 1195.427522][T14179] ? __sb_end_write+0xb5/0x100 [ 1195.432342][T14179] ? vfs_write+0x422/0x4e0 [ 1195.437582][T14179] ? fput_many+0x42/0x1a0 [ 1195.441895][T14179] ? check_preemption_disabled+0x154/0x330 [ 1195.447688][T14179] do_syscall_64+0xcb/0x1e0 [ 1195.452166][T14179] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1195.458029][T14179] RIP: 0033:0x4665e9 [ 1195.461911][T14179] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1195.481796][T14179] RSP: 002b:00007fb6578f6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1195.490181][T14179] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665e9 [ 1195.498124][T14179] RDX: 0000000000000028 RSI: 0000000020000080 RDI: 000000000000000a [ 1195.506065][T14179] RBP: 00007fb6578f61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1195.514012][T14179] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1195.522075][T14179] R13: 00007ffcefb3e19f R14: 00007fb6578f6300 R15: 0000000000022000 [ 1195.538407][ T148] loop5: p5 start 3276800 is beyond EOD, truncated [ 1195.679481][T14181] loop5: p1 p3 < > p4 < p5 > [ 1195.684782][T14181] loop5: p1 start 4587520 is beyond EOD, truncated [ 1195.703475][T14181] loop5: p5 start 4587520 is beyond EOD, truncated [ 1195.757214][ T101] Bluetooth: hci0: command 0x1003 tx timeout [ 1195.771841][ T9371] Bluetooth: hci0: sending frame failed (-49) [ 1195.828125][T14181] loop5: p1 p3 < > p4 < p5 > [ 1195.850789][T14181] loop5: p1 start 4587520 is beyond EOD, truncated [ 1195.869771][T14181] loop5: p5 start 4587520 is beyond EOD, truncated [ 1195.939967][ T148] loop5: p1 p3 < > p4 < p5 > [ 1195.946198][ T148] loop5: p1 start 4587520 is beyond EOD, truncated [ 1195.954320][ T148] loop5: p5 start 4587520 is beyond EOD, truncated [ 1197.837091][ T101] Bluetooth: hci0: command 0x1001 tx timeout [ 1197.843254][ T9371] Bluetooth: hci0: sending frame failed (-49) [ 1199.916947][ T101] Bluetooth: hci0: command 0x1009 tx timeout 01:04:42 executing program 4: clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x31) 01:04:42 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000006ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:04:42 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff40020a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:04:42 executing program 0: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x10000000013, &(0x7f0000000000)=0x2000000000000001, 0x4) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r4, 0x6, 0x16, &(0x7f0000000040)=[@sack_perm, @window={0x3, 0x800, 0xc21}, @timestamp, @sack_perm], 0x4) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000180)='ip6gre0\x00', 0x10) r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r5, 0x0) preadv(r5, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x2, &(0x7f0000000200)=0x7fff, 0x4) connect$inet(r3, &(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f0000000300)={0x0, 0xcbf, 0x80000001}, 0x14) write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x140006, 0x0) 01:04:42 executing program 1 (fault-call:6 fault-nth:89): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) 01:04:42 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a004800ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1203.952388][ T163] Bluetooth: hci0: Frame reassembly failed (-84) [ 1203.959225][T14201] Bluetooth: hci0: received HCILL_GO_TO_SLEEP_ACK in state 2 [ 1203.972048][T14192] loop2: p1 p3 < > p4 < p5 > [ 1203.979876][T14192] loop2: p1 start 100663296 is beyond EOD, truncated [ 1203.989165][T14192] loop2: p5 start 100663296 is beyond EOD, truncated [ 1204.001191][T14207] FAULT_INJECTION: forcing a failure. [ 1204.001191][T14207] name failslab, interval 1, probability 0, space 0, times 0 [ 1204.014004][T14207] CPU: 0 PID: 14207 Comm: syz-executor.1 Not tainted 5.4.125-syzkaller-00004-gfe8243e7f1d1 #0 [ 1204.024235][T14207] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1204.034294][T14207] Call Trace: [ 1204.037586][T14207] dump_stack+0x1d8/0x24e [ 1204.041906][T14207] ? devkmsg_release+0x11c/0x11c [ 1204.046845][T14207] ? show_regs_print_info+0x12/0x12 [ 1204.052486][T14207] ? memset+0x1f/0x40 [ 1204.056461][T14207] ? unwind_next_frame+0x1f0a/0x27b0 [ 1204.061733][T14207] should_fail+0x6f6/0x860 [ 1204.066144][T14207] ? setup_fault_attr+0x3d0/0x3d0 [ 1204.071157][T14207] ? dst_alloc+0x137/0x4e0 [ 1204.075568][T14207] should_failslab+0x5/0x20 [ 1204.080056][T14207] kmem_cache_alloc+0x36/0x290 [ 1204.086028][T14207] dst_alloc+0x137/0x4e0 [ 1204.090257][T14207] __mkroute_output+0x9e4/0x1430 [ 1204.095181][T14207] ? __siphash_aligned+0x1d1/0x320 [ 1204.100278][T14207] ? ip_route_output_key_hash_rcu+0xf90/0xf90 [ 1204.106333][T14207] ? ip_route_output_key_hash_rcu+0x41b/0xf90 [ 1204.112399][T14207] ip_route_output_flow+0x13d/0x320 [ 1204.117601][T14207] ? ipv4_sk_update_pmtu+0x1e00/0x1e00 [ 1204.123046][T14207] ? debug_smp_processor_id+0x20/0x20 [ 1204.128405][T14207] ip_tunnel_xmit+0xa00/0x20e0 [ 1204.133243][T14207] ? ip_tunnel_xmit+0x1b1/0x20e0 [ 1204.138170][T14207] ? tnl_update_pmtu+0x980/0x980 [ 1204.143094][T14207] ? gre_build_header+0x238/0x780 [ 1204.148190][T14207] ipgre_xmit+0x6db/0x9e0 [ 1204.152508][T14207] xmit_one+0xfa/0x470 [ 1204.156724][T14207] __dev_queue_xmit+0x14ec/0x2e50 [ 1204.161740][T14207] ? dev_queue_xmit+0x20/0x20 [ 1204.166406][T14207] ? check_preemption_disabled+0x9e/0x330 [ 1204.172115][T14207] ? skb_release_data+0x346/0x6b0 [ 1204.177156][T14207] ? debug_smp_processor_id+0x20/0x20 [ 1204.182512][T14207] ? bpf_clone_redirect+0x10e/0x350 [ 1204.187695][T14207] __bpf_redirect+0x728/0xd00 [ 1204.192367][T14207] bpf_clone_redirect+0x243/0x350 [ 1204.197369][T14207] bpf_prog_801cabf80fc815cd+0xb91/0x1000 [ 1204.203067][T14207] ? __schedule+0x9b8/0x1170 [ 1204.207626][T14207] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 1204.213492][T14207] ? rcu_preempt_deferred_qs_irqrestore+0x701/0xae0 [ 1204.220052][T14207] ? __rcu_read_unlock+0x1cd/0x6a0 [ 1204.225138][T14207] ? __rcu_read_lock+0x50/0x50 [ 1204.229872][T14207] ? ktime_get+0xfd/0x130 [ 1204.234177][T14207] bpf_test_run+0x288/0x680 [ 1204.238651][T14207] ? kzalloc+0x20/0x20 [ 1204.242693][T14207] ? build_skb+0x24c/0x440 [ 1204.247087][T14207] bpf_prog_test_run_skb+0x84d/0x1130 [ 1204.252432][T14207] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1204.258206][T14207] ? fput_many+0x42/0x1a0 [ 1204.262505][T14207] ? __bpf_prog_get+0x29f/0x310 [ 1204.267438][T14207] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1204.273212][T14207] __do_sys_bpf+0x2d28/0xbe70 [ 1204.277860][T14207] ? _kstrtoull+0x390/0x490 [ 1204.282331][T14207] ? kstrtouint_from_user+0x20f/0x2a0 [ 1204.288193][T14207] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 1204.294321][T14207] ? __bpf_prog_put_rcu+0x300/0x300 [ 1204.299499][T14207] ? refcount_inc_checked+0x50/0x50 [ 1204.304665][T14207] ? memcg_check_events+0x5c/0x5b0 [ 1204.309750][T14207] ? proc_fail_nth_write+0x1d5/0x240 [ 1204.315009][T14207] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1204.320176][T14207] ? __lru_cache_add+0x1c4/0x210 [ 1204.325096][T14207] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1204.330260][T14207] ? memset+0x1f/0x40 [ 1204.334211][T14207] ? fsnotify+0x1332/0x13f0 [ 1204.338699][T14207] ? __kernel_write+0x340/0x340 [ 1204.343619][T14207] ? check_preemption_disabled+0x9e/0x330 [ 1204.349394][T14207] ? debug_smp_processor_id+0x20/0x20 [ 1204.354731][T14207] ? __fsnotify_parent+0x310/0x310 [ 1204.359822][T14207] ? __sb_end_write+0xb5/0x100 [ 1204.364553][T14207] ? vfs_write+0x422/0x4e0 [ 1204.368940][T14207] ? fput_many+0x42/0x1a0 [ 1204.373239][T14207] ? check_preemption_disabled+0x154/0x330 [ 1204.379028][T14207] do_syscall_64+0xcb/0x1e0 [ 1204.383505][T14207] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1204.389367][T14207] RIP: 0033:0x4665e9 [ 1204.393241][T14207] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1204.413088][T14207] RSP: 002b:00007fb6578f6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1204.421469][T14207] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665e9 [ 1204.429410][T14207] RDX: 0000000000000028 RSI: 0000000020000080 RDI: 000000000000000a [ 1204.437525][T14207] RBP: 00007fb6578f61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1204.445468][T14207] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1204.453602][T14207] R13: 00007ffcefb3e19f R14: 00007fb6578f6300 R15: 0000000000022000 [ 1204.471367][T14193] loop3: p1 p3 < > p4 < p5 > [ 1204.485957][T14193] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1204.511527][T14193] loop3: p5 size 11290111 extends beyond EOD, truncated 01:04:42 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff80020a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1204.552751][T14199] loop5: p1 p3 < > p4 < p5 > 01:04:42 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000406ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:04:42 executing program 1 (fault-call:6 fault-nth:90): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) [ 1204.590139][T14199] loop5: p1 start 4718592 is beyond EOD, truncated [ 1204.616653][T14199] loop5: p5 start 4718592 is beyond EOD, truncated [ 1204.722535][T14219] FAULT_INJECTION: forcing a failure. [ 1204.722535][T14219] name failslab, interval 1, probability 0, space 0, times 0 [ 1204.735199][T14219] CPU: 1 PID: 14219 Comm: syz-executor.1 Not tainted 5.4.125-syzkaller-00004-gfe8243e7f1d1 #0 [ 1204.745420][T14219] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1204.755903][T14219] Call Trace: [ 1204.759219][T14219] dump_stack+0x1d8/0x24e [ 1204.763637][T14219] ? devkmsg_release+0x11c/0x11c [ 1204.768570][T14219] ? show_regs_print_info+0x12/0x12 [ 1204.773764][T14219] should_fail+0x6f6/0x860 [ 1204.778184][T14219] ? setup_fault_attr+0x3d0/0x3d0 [ 1204.783202][T14219] ? __rcu_read_lock+0x50/0x50 [ 1204.787964][T14219] ? ip_tunnel_xmit+0x1703/0x20e0 [ 1204.792983][T14219] should_failslab+0x5/0x20 [ 1204.797474][T14219] __kmalloc_track_caller+0x5d/0x2e0 [ 1204.802835][T14219] ? ip_route_output_flow+0x1f6/0x320 [ 1204.808211][T14219] ? ip_tunnel_xmit+0x1703/0x20e0 [ 1204.813220][T14219] pskb_expand_head+0x10d/0xfa0 [ 1204.818060][T14219] ? tnl_update_pmtu+0x3c7/0x980 [ 1204.823057][T14219] ip_tunnel_xmit+0x1703/0x20e0 [ 1204.828528][T14219] ? tnl_update_pmtu+0x980/0x980 [ 1204.833475][T14219] ? gre_build_header+0x238/0x780 [ 1204.838493][T14219] ipgre_xmit+0x6db/0x9e0 [ 1204.842929][T14219] xmit_one+0xfa/0x470 [ 1204.846995][T14219] __dev_queue_xmit+0x14ec/0x2e50 [ 1204.852008][T14219] ? dev_queue_xmit+0x20/0x20 [ 1204.856687][T14219] ? check_preemption_disabled+0x9e/0x330 [ 1204.862428][T14219] ? skb_release_data+0x346/0x6b0 [ 1204.867439][T14219] ? debug_smp_processor_id+0x20/0x20 [ 1204.872810][T14219] ? bpf_clone_redirect+0x10e/0x350 [ 1204.877999][T14219] __bpf_redirect+0x728/0xd00 [ 1204.882666][T14219] bpf_clone_redirect+0x243/0x350 [ 1204.887771][T14219] bpf_prog_801cabf80fc815cd+0x153/0x1000 [ 1204.893488][T14219] ? __schedule+0x9b8/0x1170 [ 1204.898060][T14219] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 1204.903864][T14219] ? rcu_preempt_deferred_qs_irqrestore+0x701/0xae0 [ 1204.910426][T14219] ? __rcu_read_unlock+0x1cd/0x6a0 [ 1204.915595][T14219] ? __rcu_read_lock+0x50/0x50 [ 1204.920331][T14219] ? ktime_get+0xfd/0x130 [ 1204.924631][T14219] bpf_test_run+0x288/0x680 [ 1204.929108][T14219] ? kzalloc+0x20/0x20 [ 1204.933146][T14219] ? build_skb+0x24c/0x440 [ 1204.937533][T14219] bpf_prog_test_run_skb+0x84d/0x1130 [ 1204.942875][T14219] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1204.948652][T14219] ? fput_many+0x42/0x1a0 [ 1204.952958][T14219] ? __bpf_prog_get+0x29f/0x310 [ 1204.957781][T14219] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1204.963574][T14219] __do_sys_bpf+0x2d28/0xbe70 [ 1204.968227][T14219] ? _kstrtoull+0x390/0x490 [ 1204.972702][T14219] ? kstrtouint_from_user+0x20f/0x2a0 [ 1204.978043][T14219] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 1204.984164][T14219] ? __bpf_prog_put_rcu+0x300/0x300 [ 1204.989332][T14219] ? refcount_inc_checked+0x50/0x50 [ 1204.994499][T14219] ? memcg_check_events+0x5c/0x5b0 [ 1204.999583][T14219] ? proc_fail_nth_write+0x1d5/0x240 [ 1205.004838][T14219] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1205.010005][T14219] ? __lru_cache_add+0x1c4/0x210 [ 1205.014952][T14219] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1205.020122][T14219] ? memset+0x1f/0x40 [ 1205.024077][T14219] ? fsnotify+0x1332/0x13f0 [ 1205.028552][T14219] ? __kernel_write+0x340/0x340 [ 1205.033374][T14219] ? check_preemption_disabled+0x9e/0x330 [ 1205.039061][T14219] ? debug_smp_processor_id+0x20/0x20 [ 1205.044402][T14219] ? __fsnotify_parent+0x310/0x310 [ 1205.049489][T14219] ? __sb_end_write+0xb5/0x100 [ 1205.054221][T14219] ? vfs_write+0x422/0x4e0 [ 1205.058607][T14219] ? fput_many+0x42/0x1a0 [ 1205.062908][T14219] ? check_preemption_disabled+0x154/0x330 [ 1205.068687][T14219] do_syscall_64+0xcb/0x1e0 [ 1205.073163][T14219] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1205.079025][T14219] RIP: 0033:0x4665e9 [ 1205.082890][T14219] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1205.102465][T14219] RSP: 002b:00007fb6578f6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1205.110846][T14219] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665e9 01:04:43 executing program 0: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet_tcp(0x2, 0x1, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet_tcp_int(r3, 0x6, 0x10000000013, &(0x7f0000000000)=0x2000000000000001, 0x4) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000180)='ip6gre0\x00', 0x10) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x2, &(0x7f0000000200)=0x7fff, 0x4) connect$inet(r3, &(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f0000000300)={0x0, 0xcbf, 0x80000001}, 0x14) write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x140006, 0x0) [ 1205.118795][T14219] RDX: 0000000000000028 RSI: 0000000020000080 RDI: 000000000000000a [ 1205.126735][T14219] RBP: 00007fb6578f61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1205.134675][T14219] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1205.142616][T14219] R13: 00007ffcefb3e19f R14: 00007fb6578f6300 R15: 0000000000022000 01:04:43 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a004c00ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1205.209726][T14215] loop2: p1 p3 < > p4 < p5 > [ 1205.209803][T14209] loop3: p1 p3 < > p4 < p5 > [ 1205.216788][T14215] loop2: p1 start 100925440 is beyond EOD, truncated [ 1205.233561][T14209] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1205.241625][T14215] loop2: p5 start 100925440 is beyond EOD, truncated [ 1205.255998][T14209] loop3: p5 size 11290111 extends beyond EOD, truncated 01:04:43 executing program 1 (fault-call:6 fault-nth:91): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) [ 1205.404488][T14227] loop5: p1 p3 < > p4 < p5 > [ 1205.409487][T14227] loop5: p1 start 4980736 is beyond EOD, truncated [ 1205.417684][T14227] loop5: p5 start 4980736 is beyond EOD, truncated [ 1205.437515][T14232] FAULT_INJECTION: forcing a failure. [ 1205.437515][T14232] name failslab, interval 1, probability 0, space 0, times 0 [ 1205.450328][T14232] CPU: 1 PID: 14232 Comm: syz-executor.1 Not tainted 5.4.125-syzkaller-00004-gfe8243e7f1d1 #0 [ 1205.461242][T14232] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1205.471284][T14232] Call Trace: [ 1205.474568][T14232] dump_stack+0x1d8/0x24e [ 1205.478891][T14232] ? devkmsg_release+0x11c/0x11c [ 1205.483830][T14232] ? show_regs_print_info+0x12/0x12 [ 1205.489015][T14232] ? memset+0x1f/0x40 [ 1205.493001][T14232] ? unwind_next_frame+0x1f0a/0x27b0 [ 1205.498283][T14232] should_fail+0x6f6/0x860 [ 1205.502687][T14232] ? setup_fault_attr+0x3d0/0x3d0 [ 1205.507799][T14232] ? dst_alloc+0x137/0x4e0 [ 1205.512207][T14232] should_failslab+0x5/0x20 [ 1205.516705][T14232] kmem_cache_alloc+0x36/0x290 [ 1205.521459][T14232] dst_alloc+0x137/0x4e0 [ 1205.525699][T14232] __mkroute_output+0x9e4/0x1430 [ 1205.530625][T14232] ? __siphash_aligned+0x1d1/0x320 [ 1205.535722][T14232] ? ip_route_output_key_hash_rcu+0xf90/0xf90 [ 1205.541776][T14232] ? ip_route_output_key_hash_rcu+0x41b/0xf90 [ 1205.547832][T14232] ip_route_output_flow+0x13d/0x320 [ 1205.553019][T14232] ? ipv4_sk_update_pmtu+0x1e00/0x1e00 [ 1205.558533][T14232] ? debug_smp_processor_id+0x20/0x20 [ 1205.563911][T14232] ip_tunnel_xmit+0xa00/0x20e0 [ 1205.568835][T14232] ? ip_tunnel_xmit+0x1b1/0x20e0 [ 1205.573759][T14232] ? tnl_update_pmtu+0x980/0x980 [ 1205.578684][T14232] ? gre_build_header+0x238/0x780 [ 1205.583700][T14232] ipgre_xmit+0x6db/0x9e0 [ 1205.588102][T14232] xmit_one+0xfa/0x470 [ 1205.592155][T14232] __dev_queue_xmit+0x14ec/0x2e50 [ 1205.597166][T14232] ? dev_queue_xmit+0x20/0x20 [ 1205.601833][T14232] ? check_preemption_disabled+0x9e/0x330 [ 1205.607536][T14232] ? skb_release_data+0x346/0x6b0 [ 1205.612632][T14232] ? debug_smp_processor_id+0x20/0x20 [ 1205.617987][T14232] ? bpf_clone_redirect+0x10e/0x350 [ 1205.623205][T14232] __bpf_redirect+0x728/0xd00 [ 1205.627865][T14232] bpf_clone_redirect+0x243/0x350 [ 1205.632868][T14232] bpf_prog_801cabf80fc815cd+0xe11/0x1000 [ 1205.638840][T14232] ? __schedule+0x9b8/0x1170 [ 1205.643398][T14232] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 1205.649182][T14232] ? rcu_preempt_deferred_qs_irqrestore+0x701/0xae0 [ 1205.655747][T14232] ? __rcu_read_unlock+0x1cd/0x6a0 [ 1205.661001][T14232] ? __rcu_read_lock+0x50/0x50 [ 1205.665735][T14232] ? ktime_get+0xfd/0x130 [ 1205.670041][T14232] bpf_test_run+0x288/0x680 [ 1205.674519][T14232] ? kzalloc+0x20/0x20 [ 1205.678561][T14232] ? build_skb+0x24c/0x440 [ 1205.682947][T14232] bpf_prog_test_run_skb+0x84d/0x1130 [ 1205.688294][T14232] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1205.694101][T14232] ? fput_many+0x42/0x1a0 [ 1205.698398][T14232] ? __bpf_prog_get+0x29f/0x310 [ 1205.703214][T14232] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1205.708987][T14232] __do_sys_bpf+0x2d28/0xbe70 [ 1205.713635][T14232] ? _kstrtoull+0x390/0x490 [ 1205.718106][T14232] ? kstrtouint_from_user+0x20f/0x2a0 [ 1205.723579][T14232] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 1205.729737][T14232] ? __bpf_prog_put_rcu+0x300/0x300 [ 1205.734916][T14232] ? refcount_inc_checked+0x50/0x50 [ 1205.740094][T14232] ? memcg_check_events+0x5c/0x5b0 [ 1205.745193][T14232] ? proc_fail_nth_write+0x1d5/0x240 [ 1205.750454][T14232] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1205.755632][T14232] ? __lru_cache_add+0x1c4/0x210 [ 1205.760537][T14232] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1205.765704][T14232] ? memset+0x1f/0x40 [ 1205.769654][T14232] ? fsnotify+0x1332/0x13f0 [ 1205.774134][T14232] ? __kernel_write+0x340/0x340 [ 1205.778953][T14232] ? check_preemption_disabled+0x9e/0x330 [ 1205.784759][T14232] ? debug_smp_processor_id+0x20/0x20 [ 1205.790120][T14232] ? __fsnotify_parent+0x310/0x310 [ 1205.795212][T14232] ? __sb_end_write+0xb5/0x100 [ 1205.799952][T14232] ? vfs_write+0x422/0x4e0 [ 1205.804352][T14232] ? fput_many+0x42/0x1a0 [ 1205.808659][T14232] ? check_preemption_disabled+0x154/0x330 [ 1205.814442][T14232] do_syscall_64+0xcb/0x1e0 [ 1205.818920][T14232] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1205.824782][T14232] RIP: 0033:0x4665e9 [ 1205.828647][T14232] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1205.848232][T14232] RSP: 002b:00007fb6578f6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1205.856617][T14232] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665e9 [ 1205.864562][T14232] RDX: 0000000000000028 RSI: 0000000020000080 RDI: 000000000000000a [ 1205.872503][T14232] RBP: 00007fb6578f61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1205.880446][T14232] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1205.888388][T14232] R13: 00007ffcefb3e19f R14: 00007fb6578f6300 R15: 0000000000022000 [ 1205.996440][ T101] Bluetooth: hci0: command 0x1003 tx timeout [ 1206.003125][ T9371] Bluetooth: hci0: sending frame failed (-49) [ 1206.053485][ T148] loop5: p1 p3 < > p4 < p5 > [ 1206.058451][ T148] loop5: p1 start 4980736 is beyond EOD, truncated [ 1206.070089][ T148] loop5: p5 start 4980736 is beyond EOD, truncated [ 1206.080752][T14227] loop5: p1 p3 < > p4 < p5 > [ 1206.085564][T14227] loop5: p1 start 4980736 is beyond EOD, truncated [ 1206.093410][T14227] loop5: p5 start 4980736 is beyond EOD, truncated [ 1206.166064][ T148] loop5: p1 p3 < > p4 < p5 > [ 1206.170933][ T148] loop5: p1 start 4980736 is beyond EOD, truncated [ 1206.178577][ T148] loop5: p5 start 4980736 is beyond EOD, truncated [ 1208.076396][ T1216] Bluetooth: hci0: command 0x1001 tx timeout [ 1208.082704][ T9371] Bluetooth: hci0: sending frame failed (-49) [ 1210.156918][ T1216] Bluetooth: hci0: command 0x1009 tx timeout 01:04:52 executing program 4: clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x32) 01:04:52 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000007ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:04:52 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0020a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:04:52 executing program 1 (fault-call:6 fault-nth:92): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) 01:04:52 executing program 0: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = dup(r2) ioctl$ASHMEM_PURGE_ALL_CACHES(r3, 0x770a, 0x0) r4 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r4, 0x6, 0x10000000013, &(0x7f0000000000)=0x2000000000000001, 0x4) setsockopt$SO_BINDTODEVICE(r4, 0x1, 0x19, &(0x7f0000000180)='ip6gre0\x00', 0x10) r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r5, 0x0) preadv(r5, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet_tcp_int(r4, 0x6, 0x2, &(0x7f0000000200)=0x7fff, 0x4) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x480, 0x0) connect$inet(r4, &(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r4, 0x6, 0x1d, &(0x7f0000000300)={0x0, 0xcbf, 0x80000001}, 0x14) write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x140006, 0x0) 01:04:52 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a005200ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1214.187159][T13027] Bluetooth: hci0: Frame reassembly failed (-84) [ 1214.187195][T14249] Bluetooth: received HCILL_WAKE_UP_IND in state 2 [ 1214.206423][T14247] loop5: p1 p3 < > p4 < p5 > [ 1214.211304][T14247] loop5: p1 start 5373952 is beyond EOD, truncated [ 1214.221945][T14247] loop5: p5 start 5373952 is beyond EOD, truncated [ 1214.253927][T14258] FAULT_INJECTION: forcing a failure. [ 1214.253927][T14258] name failslab, interval 1, probability 0, space 0, times 0 [ 1214.266587][T14258] CPU: 0 PID: 14258 Comm: syz-executor.1 Not tainted 5.4.125-syzkaller-00004-gfe8243e7f1d1 #0 [ 1214.276985][T14258] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1214.287029][T14258] Call Trace: [ 1214.290316][T14258] dump_stack+0x1d8/0x24e [ 1214.294634][T14258] ? devkmsg_release+0x11c/0x11c [ 1214.299566][T14258] ? show_regs_print_info+0x12/0x12 [ 1214.304758][T14258] should_fail+0x6f6/0x860 [ 1214.309165][T14258] ? setup_fault_attr+0x3d0/0x3d0 [ 1214.314177][T14258] ? __copy_skb_header+0x421/0x550 [ 1214.319538][T14258] ? bpf_clone_redirect+0x10e/0x350 [ 1214.324725][T14258] should_failslab+0x5/0x20 [ 1214.329217][T14258] __kmalloc_track_caller+0x5d/0x2e0 [ 1214.334492][T14258] ? bpf_clone_redirect+0x10e/0x350 [ 1214.339674][T14258] pskb_expand_head+0x10d/0xfa0 [ 1214.344598][T14258] ? skb_ensure_writable+0x2ab/0x420 [ 1214.350222][T14258] bpf_clone_redirect+0x10e/0x350 [ 1214.355236][T14258] bpf_prog_801cabf80fc815cd+0x107/0x1000 [ 1214.361383][T14258] ? __schedule+0x9b8/0x1170 [ 1214.365971][T14258] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 1214.371849][T14258] ? rcu_preempt_deferred_qs_irqrestore+0x701/0xae0 [ 1214.378479][T14258] ? __rcu_read_unlock+0x1cd/0x6a0 [ 1214.383579][T14258] ? __rcu_read_lock+0x50/0x50 [ 1214.388329][T14258] ? ktime_get+0xfd/0x130 [ 1214.392646][T14258] bpf_test_run+0x288/0x680 [ 1214.397139][T14258] ? kzalloc+0x20/0x20 [ 1214.401302][T14258] ? build_skb+0x24c/0x440 [ 1214.405706][T14258] bpf_prog_test_run_skb+0x84d/0x1130 [ 1214.411072][T14258] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1214.416870][T14258] ? fput_many+0x42/0x1a0 [ 1214.421362][T14258] ? __bpf_prog_get+0x29f/0x310 [ 1214.426200][T14258] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1214.431985][T14258] __do_sys_bpf+0x2d28/0xbe70 [ 1214.436726][T14258] ? _kstrtoull+0x390/0x490 [ 1214.441197][T14258] ? kstrtouint_from_user+0x20f/0x2a0 [ 1214.446537][T14258] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 1214.452657][T14258] ? __bpf_prog_put_rcu+0x300/0x300 [ 1214.457823][T14258] ? refcount_inc_checked+0x50/0x50 [ 1214.463036][T14258] ? memcg_check_events+0x5c/0x5b0 [ 1214.468141][T14258] ? proc_fail_nth_write+0x1d5/0x240 [ 1214.473401][T14258] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1214.478570][T14258] ? __lru_cache_add+0x1c4/0x210 [ 1214.483478][T14258] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1214.488645][T14258] ? memset+0x1f/0x40 [ 1214.492597][T14258] ? fsnotify+0x1332/0x13f0 [ 1214.497070][T14258] ? __kernel_write+0x340/0x340 [ 1214.501892][T14258] ? check_preemption_disabled+0x9e/0x330 [ 1214.507666][T14258] ? debug_smp_processor_id+0x20/0x20 [ 1214.513014][T14258] ? __fsnotify_parent+0x310/0x310 [ 1214.518099][T14258] ? __sb_end_write+0xb5/0x100 [ 1214.522831][T14258] ? vfs_write+0x422/0x4e0 [ 1214.527221][T14258] ? fput_many+0x42/0x1a0 [ 1214.532040][T14258] ? check_preemption_disabled+0x154/0x330 [ 1214.537834][T14258] do_syscall_64+0xcb/0x1e0 [ 1214.542312][T14258] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1214.548264][T14258] RIP: 0033:0x4665e9 [ 1214.552238][T14258] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1214.571986][T14258] RSP: 002b:00007fb6578f6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1214.580457][T14258] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665e9 [ 1214.588486][T14258] RDX: 0000000000000028 RSI: 0000000020000080 RDI: 000000000000000a [ 1214.596439][T14258] RBP: 00007fb6578f61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1214.604383][T14258] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1214.612430][T14258] R13: 00007ffcefb3e19f R14: 00007fb6578f6300 R15: 0000000000022000 01:04:52 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a005500ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1214.649789][T14251] loop2: p1 p3 < > p4 < p5 > [ 1214.658939][T14245] loop3: p1 p3 < > p4 < p5 > [ 1214.685375][T14251] loop2: p1 start 117440512 is beyond EOD, truncated [ 1214.692478][T14245] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1214.704234][T14251] loop2: p5 start 117440512 is beyond EOD, truncated [ 1214.712620][T14245] loop3: p5 size 11290111 extends beyond EOD, truncated 01:04:53 executing program 1 (fault-call:6 fault-nth:93): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) [ 1214.791221][T14260] loop5: p1 p3 < > p4 < p5 > [ 1214.796248][T14260] loop5: p1 start 5570560 is beyond EOD, truncated [ 1214.810663][T14260] loop5: p5 start 5570560 is beyond EOD, truncated [ 1214.839179][T14254] blk_update_request: I/O error, dev loop3, sector 80000 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 1214.840770][T14264] blk_update_request: I/O error, dev loop3, sector 9 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 1214.855680][T14265] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 1214.873484][T14245] __loop_clr_fd: partition scan of loop3 failed (rc=-16) 01:04:53 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000009ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:04:53 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a005900ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1214.875202][T14266] blk_update_request: I/O error, dev loop3, sector 80000 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 1214.904695][ T95] blk_update_request: I/O error, dev loop3, sector 9 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1214.915868][ T95] Buffer I/O error on dev loop3p3, logical block 0, async page read [ 1214.918388][T14270] FAULT_INJECTION: forcing a failure. [ 1214.918388][T14270] name failslab, interval 1, probability 0, space 0, times 0 [ 1214.936893][T14270] CPU: 1 PID: 14270 Comm: syz-executor.1 Not tainted 5.4.125-syzkaller-00004-gfe8243e7f1d1 #0 [ 1214.947199][T14270] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1214.957244][T14270] Call Trace: [ 1214.960525][T14270] dump_stack+0x1d8/0x24e [ 1214.964841][T14270] ? devkmsg_release+0x11c/0x11c [ 1214.970236][T14270] ? show_regs_print_info+0x12/0x12 [ 1214.975432][T14270] ? memset+0x1f/0x40 [ 1214.979400][T14270] ? unwind_next_frame+0x1f0a/0x27b0 [ 1214.984673][T14270] should_fail+0x6f6/0x860 [ 1214.989076][T14270] ? setup_fault_attr+0x3d0/0x3d0 [ 1214.994084][T14270] ? dst_alloc+0x137/0x4e0 [ 1214.998485][T14270] should_failslab+0x5/0x20 [ 1215.002975][T14270] kmem_cache_alloc+0x36/0x290 [ 1215.007725][T14270] dst_alloc+0x137/0x4e0 [ 1215.012096][T14270] __mkroute_output+0x9e4/0x1430 [ 1215.017029][T14270] ? __siphash_aligned+0x1d1/0x320 [ 1215.022131][T14270] ? ip_route_output_key_hash_rcu+0xf90/0xf90 [ 1215.028190][T14270] ? ip_route_output_key_hash_rcu+0x41b/0xf90 [ 1215.034247][T14270] ip_route_output_flow+0x13d/0x320 [ 1215.039442][T14270] ? ipv4_sk_update_pmtu+0x1e00/0x1e00 [ 1215.044889][T14270] ? debug_smp_processor_id+0x20/0x20 [ 1215.050251][T14270] ip_tunnel_xmit+0xa00/0x20e0 [ 1215.055002][T14270] ? ip_tunnel_xmit+0x1b1/0x20e0 [ 1215.059927][T14270] ? tnl_update_pmtu+0x980/0x980 [ 1215.064849][T14270] ? gre_build_header+0x238/0x780 [ 1215.069862][T14270] ipgre_xmit+0x6db/0x9e0 [ 1215.074178][T14270] xmit_one+0xfa/0x470 [ 1215.078242][T14270] __dev_queue_xmit+0x14ec/0x2e50 [ 1215.083257][T14270] ? dev_queue_xmit+0x20/0x20 [ 1215.087923][T14270] ? check_preemption_disabled+0x9e/0x330 [ 1215.093627][T14270] ? skb_release_data+0x346/0x6b0 [ 1215.098641][T14270] ? debug_smp_processor_id+0x20/0x20 [ 1215.103998][T14270] ? bpf_clone_redirect+0x10e/0x350 [ 1215.109183][T14270] __bpf_redirect+0x728/0xd00 [ 1215.113939][T14270] bpf_clone_redirect+0x243/0x350 [ 1215.118952][T14270] bpf_prog_801cabf80fc815cd+0x69e/0x1000 [ 1215.124659][T14270] ? __schedule+0x9b8/0x1170 [ 1215.129435][T14270] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 1215.135235][T14270] ? rcu_preempt_deferred_qs_irqrestore+0x701/0xae0 [ 1215.141907][T14270] ? __rcu_read_unlock+0x1cd/0x6a0 [ 1215.147003][T14270] ? __rcu_read_lock+0x50/0x50 [ 1215.151743][T14270] ? ktime_get+0xfd/0x130 [ 1215.156602][T14270] bpf_test_run+0x288/0x680 [ 1215.161265][T14270] ? kzalloc+0x20/0x20 [ 1215.165306][T14270] ? build_skb+0x24c/0x440 [ 1215.169782][T14270] bpf_prog_test_run_skb+0x84d/0x1130 [ 1215.175127][T14270] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1215.180903][T14270] ? fput_many+0x42/0x1a0 [ 1215.185243][T14270] ? __bpf_prog_get+0x29f/0x310 [ 1215.190079][T14270] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1215.196463][T14270] __do_sys_bpf+0x2d28/0xbe70 [ 1215.201291][T14270] ? _kstrtoull+0x390/0x490 [ 1215.205767][T14270] ? kstrtouint_from_user+0x20f/0x2a0 [ 1215.211120][T14270] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 1215.217334][T14270] ? __bpf_prog_put_rcu+0x300/0x300 [ 1215.222500][T14270] ? refcount_inc_checked+0x50/0x50 [ 1215.227681][T14270] ? memcg_check_events+0x5c/0x5b0 [ 1215.232765][T14270] ? proc_fail_nth_write+0x1d5/0x240 [ 1215.238018][T14270] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1215.243186][T14270] ? __lru_cache_add+0x1c4/0x210 [ 1215.248093][T14270] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1215.253264][T14270] ? memset+0x1f/0x40 [ 1215.257301][T14270] ? fsnotify+0x1332/0x13f0 [ 1215.261796][T14270] ? __kernel_write+0x340/0x340 [ 1215.266614][T14270] ? check_preemption_disabled+0x9e/0x330 [ 1215.272303][T14270] ? debug_smp_processor_id+0x20/0x20 [ 1215.277669][T14270] ? __fsnotify_parent+0x310/0x310 [ 1215.282748][T14270] ? __sb_end_write+0xb5/0x100 [ 1215.287480][T14270] ? vfs_write+0x422/0x4e0 [ 1215.291880][T14270] ? fput_many+0x42/0x1a0 [ 1215.296177][T14270] ? check_preemption_disabled+0x154/0x330 [ 1215.301954][T14270] do_syscall_64+0xcb/0x1e0 [ 1215.306454][T14270] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1215.312328][T14270] RIP: 0033:0x4665e9 [ 1215.316217][T14270] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1215.335791][T14270] RSP: 002b:00007fb6578f6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1215.344299][T14270] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665e9 [ 1215.352416][T14270] RDX: 0000000000000028 RSI: 0000000020000080 RDI: 000000000000000a [ 1215.360359][T14270] RBP: 00007fb6578f61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1215.368302][T14270] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1215.376793][T14270] R13: 00007ffcefb3e19f R14: 00007fb6578f6300 R15: 0000000000022000 01:04:53 executing program 0: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x10000000013, &(0x7f0000000000)=0x2000000000000001, 0x4) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000180)='ip6gre0\x00', 0x10) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x2, &(0x7f0000000200)=0x7fff, 0x4) connect$inet(r3, &(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f0000000300)={0x0, 0xcbf, 0x80000001}, 0x14) write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0xfffffecc) pipe(&(0x7f0000000040)={0xffffffffffffffff}) ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r4, 0x89f0, &(0x7f0000000080)={'gre0\x00', &(0x7f0000000340)={'syztnl2\x00', 0x0, 0x80, 0x8000, 0x1, 0x80000000, {{0x31, 0x4, 0x3, 0x6, 0xc4, 0x65, 0x0, 0x0, 0x54, 0x0, @multicast2, @broadcast, {[@ra={0x94, 0x4}, @generic={0x44, 0xe, "9df7ee344062f2ab8e661352"}, @end, @ra={0x94, 0x4, 0x1}, @timestamp={0x44, 0x8, 0x90, 0x0, 0x2, [0x8]}, @generic={0x44, 0x12, "7aed2b664fa99df5e02d1ade7d2ae551"}, @timestamp_addr={0x44, 0x44, 0x74, 0x1, 0x3, [{@dev={0xac, 0x14, 0x14, 0x39}, 0x5}, {@dev={0xac, 0x14, 0x14, 0x28}}, {@loopback, 0x9e4}, {@loopback, 0x7}, {@empty, 0x3}, {@multicast2, 0x7fff}, {@broadcast, 0x7}, {@loopback, 0xfff}]}, @timestamp={0x44, 0x28, 0xaa, 0x0, 0x3, [0x6, 0x5afd4f9d, 0x1f, 0x102, 0x2, 0x9, 0xffff, 0x2, 0x0]}, @timestamp={0x44, 0x10, 0x4f, 0x0, 0x9, [0x83, 0x8, 0x8]}]}}}}}) ioctl$sock_inet6_SIOCDELRT(r5, 0x890c, &(0x7f0000000240)={@loopback, @ipv4={'\x00', '\xff\xff', @loopback}, @rand_addr=' \x01\x00', 0x80000000, 0x1, 0x9, 0x200, 0xe2, 0x20000, r6}) splice(r0, 0x0, r2, 0x0, 0x140006, 0x0) [ 1215.406974][T14245] loop_reread_partitions: partition scan of loop3 () failed (rc=-16) 01:04:53 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff00030a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1215.537564][T14276] loop2: p1 p3 < > p4 < p5 > [ 1215.542508][T14276] loop2: p1 start 150994944 is beyond EOD, truncated [ 1215.551696][T14276] loop2: p5 start 150994944 is beyond EOD, truncated [ 1215.576922][ T148] loop5: p1 p3 < > p4 < p5 > [ 1215.581866][ T148] loop5: p1 start 5832704 is beyond EOD, truncated [ 1215.590426][ T148] loop5: p5 start 5832704 is beyond EOD, truncated [ 1215.598867][T14275] loop5: p1 p3 < > p4 < p5 > [ 1215.603909][T14275] loop5: p1 start 5832704 is beyond EOD, truncated [ 1215.611781][T14275] loop5: p5 start 5832704 is beyond EOD, truncated [ 1215.733683][T14283] loop3: p1 p3 < > p4 < p5 > [ 1215.738888][T14283] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1215.747362][T14283] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1215.803707][ T148] loop5: p1 p3 < > p4 < p5 > [ 1215.813034][ T148] loop5: p1 start 5832704 is beyond EOD, truncated [ 1215.821925][ T148] loop5: p5 start 5832704 is beyond EOD, truncated [ 1215.832178][T14275] loop5: p1 p3 < > p4 < p5 > [ 1215.837363][T14275] loop5: p1 start 5832704 is beyond EOD, truncated [ 1215.845356][T14275] loop5: p5 start 5832704 is beyond EOD, truncated [ 1216.235776][ T1216] Bluetooth: hci0: command 0x1003 tx timeout [ 1216.242348][ T9371] Bluetooth: hci0: sending frame failed (-49) [ 1218.315699][ T146] Bluetooth: hci0: command 0x1001 tx timeout [ 1218.321856][ T9371] Bluetooth: hci0: sending frame failed (-49) [ 1220.395588][ T146] Bluetooth: hci0: command 0x1009 tx timeout 01:05:02 executing program 4: clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x33) 01:05:02 executing program 1 (fault-call:6 fault-nth:94): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) 01:05:02 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a00000aff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:05:02 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff40030a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:05:02 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a006000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:05:02 executing program 0: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x10000000013, &(0x7f0000000000)=0x2000000000000001, 0x4) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000180)='ip6gre0\x00', 0x10) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x2, &(0x7f0000000200)=0x7fff, 0x4) connect$inet(r3, &(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f0000000300)={0x0, 0xcbf, 0x80000001}, 0x14) write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x140006, 0x0) connect$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x4e20, @multicast2}, 0x10) [ 1224.427200][T13027] Bluetooth: hci0: Frame reassembly failed (-84) [ 1224.433930][T14303] Bluetooth: received HCILL_WAKE_UP_ACK in state 2 [ 1224.476550][T14307] FAULT_INJECTION: forcing a failure. [ 1224.476550][T14307] name failslab, interval 1, probability 0, space 0, times 0 [ 1224.489483][T14307] CPU: 0 PID: 14307 Comm: syz-executor.1 Not tainted 5.4.125-syzkaller-00004-gfe8243e7f1d1 #0 [ 1224.499896][T14307] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1224.511072][T14307] Call Trace: [ 1224.514410][T14307] dump_stack+0x1d8/0x24e [ 1224.518917][T14307] ? devkmsg_release+0x11c/0x11c [ 1224.523948][T14307] ? show_regs_print_info+0x12/0x12 [ 1224.529232][T14307] should_fail+0x6f6/0x860 [ 1224.533660][T14307] ? setup_fault_attr+0x3d0/0x3d0 [ 1224.538673][T14307] ? skb_release_data+0x346/0x6b0 [ 1224.543685][T14307] ? debug_smp_processor_id+0x20/0x20 [ 1224.549045][T14307] ? bpf_clone_redirect+0x10e/0x350 [ 1224.554247][T14307] ? skb_clone+0x1b2/0x360 [ 1224.558782][T14307] should_failslab+0x5/0x20 [ 1224.563363][T14307] kmem_cache_alloc+0x36/0x290 [ 1224.568119][T14307] ? __bpf_redirect+0x736/0xd00 [ 1224.572960][T14307] skb_clone+0x1b2/0x360 [ 1224.577193][T14307] bpf_clone_redirect+0xa2/0x350 [ 1224.582120][T14307] bpf_prog_801cabf80fc815cd+0x98c/0x1000 [ 1224.587828][T14307] ? __schedule+0x9b8/0x1170 [ 1224.592406][T14307] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 1224.598206][T14307] ? rcu_preempt_deferred_qs_irqrestore+0x701/0xae0 [ 1224.604797][T14307] ? __rcu_read_unlock+0x1cd/0x6a0 [ 1224.609899][T14307] ? __rcu_read_lock+0x50/0x50 [ 1224.614670][T14307] ? ktime_get+0xfd/0x130 [ 1224.618985][T14307] bpf_test_run+0x288/0x680 [ 1224.623485][T14307] ? kzalloc+0x20/0x20 [ 1224.627544][T14307] ? build_skb+0x24c/0x440 [ 1224.631951][T14307] bpf_prog_test_run_skb+0x84d/0x1130 [ 1224.637313][T14307] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1224.643100][T14307] ? fput_many+0x42/0x1a0 [ 1224.647414][T14307] ? __bpf_prog_get+0x29f/0x310 [ 1224.652244][T14307] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1224.658033][T14307] __do_sys_bpf+0x2d28/0xbe70 [ 1224.662694][T14307] ? _kstrtoull+0x390/0x490 [ 1224.667169][T14307] ? kstrtouint_from_user+0x20f/0x2a0 [ 1224.672511][T14307] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 1224.678634][T14307] ? __bpf_prog_put_rcu+0x300/0x300 [ 1224.683806][T14307] ? refcount_inc_checked+0x50/0x50 [ 1224.688973][T14307] ? memcg_check_events+0x5c/0x5b0 [ 1224.694059][T14307] ? proc_fail_nth_write+0x1d5/0x240 [ 1224.699316][T14307] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1224.704485][T14307] ? __lru_cache_add+0x1c4/0x210 [ 1224.709401][T14307] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1224.714567][T14307] ? memset+0x1f/0x40 [ 1224.718518][T14307] ? fsnotify+0x1332/0x13f0 [ 1224.722993][T14307] ? __kernel_write+0x340/0x340 [ 1224.727823][T14307] ? check_preemption_disabled+0x9e/0x330 [ 1224.733508][T14307] ? debug_smp_processor_id+0x20/0x20 [ 1224.738861][T14307] ? __fsnotify_parent+0x310/0x310 [ 1224.743956][T14307] ? __sb_end_write+0xb5/0x100 [ 1224.748723][T14307] ? vfs_write+0x422/0x4e0 [ 1224.753128][T14307] ? fput_many+0x42/0x1a0 [ 1224.757432][T14307] ? check_preemption_disabled+0x154/0x330 [ 1224.763211][T14307] do_syscall_64+0xcb/0x1e0 [ 1224.767691][T14307] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1224.773577][T14307] RIP: 0033:0x4665e9 [ 1224.777446][T14307] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1224.797279][T14307] RSP: 002b:00007fb6578f6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1224.805671][T14307] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665e9 [ 1224.813613][T14307] RDX: 0000000000000028 RSI: 0000000020000080 RDI: 000000000000000a [ 1224.821554][T14307] RBP: 00007fb6578f61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1224.829498][T14307] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1224.837539][T14307] R13: 00007ffcefb3e19f R14: 00007fb6578f6300 R15: 0000000000022000 [ 1224.858298][T14296] loop3: p1 p3 < > p4 < p5 > [ 1224.863585][T14296] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1224.885457][T14296] loop3: p5 size 11290111 extends beyond EOD, truncated 01:05:03 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff80030a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1224.936717][T14298] loop5: p1 p3 < > p4 < p5 > [ 1224.947685][T14297] loop2: p1 p3 < > p4 < p5 > [ 1224.958135][T14298] loop5: p1 start 6291456 is beyond EOD, truncated [ 1224.964924][T14297] loop2: p1 start 167772160 is beyond EOD, truncated [ 1224.979936][T14298] loop5: p5 start 6291456 is beyond EOD, truncated [ 1224.987411][T14297] loop2: p5 start 167772160 is beyond EOD, truncated 01:05:03 executing program 1 (fault-call:6 fault-nth:95): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) 01:05:03 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a006800ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1225.080010][T14297] loop2: p1 p3 < > p4 < p5 > [ 1225.090544][T14297] loop2: p1 start 167772160 is beyond EOD, truncated [ 1225.099747][T14297] loop2: p5 start 167772160 is beyond EOD, truncated [ 1225.118137][T14324] FAULT_INJECTION: forcing a failure. [ 1225.118137][T14324] name failslab, interval 1, probability 0, space 0, times 0 [ 1225.130869][T14324] CPU: 0 PID: 14324 Comm: syz-executor.1 Not tainted 5.4.125-syzkaller-00004-gfe8243e7f1d1 #0 [ 1225.141092][T14324] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1225.151146][T14324] Call Trace: [ 1225.154430][T14324] dump_stack+0x1d8/0x24e [ 1225.158752][T14324] ? devkmsg_release+0x11c/0x11c [ 1225.163683][T14324] ? show_regs_print_info+0x12/0x12 [ 1225.168873][T14324] should_fail+0x6f6/0x860 [ 1225.173279][T14324] ? setup_fault_attr+0x3d0/0x3d0 [ 1225.178291][T14324] ? __copy_skb_header+0x421/0x550 [ 1225.183385][T14324] ? bpf_clone_redirect+0x10e/0x350 [ 1225.188567][T14324] should_failslab+0x5/0x20 [ 1225.193058][T14324] __kmalloc_track_caller+0x5d/0x2e0 [ 1225.198330][T14324] ? bpf_clone_redirect+0x10e/0x350 [ 1225.203597][T14324] pskb_expand_head+0x10d/0xfa0 [ 1225.208436][T14324] ? skb_ensure_writable+0x2ab/0x420 [ 1225.213703][T14324] bpf_clone_redirect+0x10e/0x350 [ 1225.218711][T14324] bpf_prog_801cabf80fc815cd+0xf39/0x1000 [ 1225.224414][T14324] ? __schedule+0x9b8/0x1170 [ 1225.228987][T14324] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 1225.234780][T14324] ? rcu_preempt_deferred_qs_irqrestore+0x701/0xae0 [ 1225.241357][T14324] ? __rcu_read_unlock+0x1cd/0x6a0 [ 1225.246457][T14324] ? __rcu_read_lock+0x50/0x50 [ 1225.251209][T14324] ? ktime_get+0xfd/0x130 [ 1225.255525][T14324] bpf_test_run+0x288/0x680 [ 1225.260014][T14324] ? kzalloc+0x20/0x20 [ 1225.264068][T14324] ? build_skb+0x24c/0x440 [ 1225.268470][T14324] bpf_prog_test_run_skb+0x84d/0x1130 [ 1225.274035][T14324] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1225.279822][T14324] ? fput_many+0x42/0x1a0 [ 1225.284164][T14324] ? __bpf_prog_get+0x29f/0x310 [ 1225.289126][T14324] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1225.294917][T14324] __do_sys_bpf+0x2d28/0xbe70 [ 1225.299585][T14324] ? _kstrtoull+0x390/0x490 [ 1225.304079][T14324] ? kstrtouint_from_user+0x20f/0x2a0 [ 1225.309421][T14324] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 1225.315583][T14324] ? __bpf_prog_put_rcu+0x300/0x300 [ 1225.320749][T14324] ? refcount_inc_checked+0x50/0x50 [ 1225.325918][T14324] ? memcg_check_events+0x5c/0x5b0 [ 1225.331003][T14324] ? proc_fail_nth_write+0x1d5/0x240 [ 1225.336351][T14324] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1225.341518][T14324] ? __lru_cache_add+0x1c4/0x210 [ 1225.346437][T14324] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1225.351599][T14324] ? memset+0x1f/0x40 [ 1225.355549][T14324] ? fsnotify+0x1332/0x13f0 [ 1225.360021][T14324] ? __kernel_write+0x340/0x340 [ 1225.364838][T14324] ? check_preemption_disabled+0x9e/0x330 [ 1225.370528][T14324] ? debug_smp_processor_id+0x20/0x20 [ 1225.375867][T14324] ? __fsnotify_parent+0x310/0x310 [ 1225.380965][T14324] ? __sb_end_write+0xb5/0x100 [ 1225.385878][T14324] ? vfs_write+0x422/0x4e0 [ 1225.390261][T14324] ? fput_many+0x42/0x1a0 [ 1225.394557][T14324] ? check_preemption_disabled+0x154/0x330 [ 1225.400334][T14324] do_syscall_64+0xcb/0x1e0 [ 1225.404809][T14324] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1225.410676][T14324] RIP: 0033:0x4665e9 [ 1225.414547][T14324] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1225.434118][T14324] RSP: 002b:00007fb6578f6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1225.442504][T14324] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665e9 [ 1225.450444][T14324] RDX: 0000000000000028 RSI: 0000000020000080 RDI: 000000000000000a [ 1225.458397][T14324] RBP: 00007fb6578f61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1225.466379][T14324] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1225.474319][T14324] R13: 00007ffcefb3e19f R14: 00007fb6578f6300 R15: 0000000000022000 01:05:03 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a00000bff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:05:03 executing program 0: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x10000000013, &(0x7f0000000000)=0x2000000000000001, 0x4) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000180)='ip6gre0\x00', 0x10) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x101) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x2, &(0x7f0000000200)=0x7fff, 0x4) connect$inet(r3, &(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f0000000300)={0x0, 0xcbf, 0x80000001}, 0x14) write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0xfffffecc) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000353000/0x2000)=nil, 0x2000, 0x4, 0x810, 0xffffffffffffffff, 0x8000000) syz_io_uring_setup(0xccd, &(0x7f0000000280), &(0x7f000014c000/0x4000)=nil, &(0x7f00006d4000/0x4000)=nil, &(0x7f0000000000), &(0x7f0000000040)) r6 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000380)=@IORING_OP_POLL_REMOVE={0x7, 0x2, 0x0, 0x0, 0x0, 0x31713, 0x0, 0x0, 0x1, {0x0, r6}}, 0xf5) syz_io_uring_submit(r5, 0x0, &(0x7f0000000040)=@IORING_OP_WRITE={0x17, 0x2, 0x4004, @fd_index=0x5, 0x8000, &(0x7f00000013c0)="990525b8597e1f3b75a4a9e7765d7bb4305f1270ff8c33740e60b8a5669545b3e1a28da906961d71b04ae93871dfec2e746e69d73d5887d326b7e534277675a3dfd62c3900127876ff3c69216059b847a11e2d6ed592a4068db6fa7ff2a5b25c00e6dd2b941ec37cc4b512de85a9f80f54de663071e89a3bb059dc4bc741b39c9bee078d03741cc152fc68c47fcf11fc8f73b14afe743db338c31ff0d4ba2bd79b752b067e5fb807b9dff5b81ae2fcf7ff9e2b0c38beed45e7555574bc32a20a9ef79bf5c71cc5598274978c66a70bf818947a73bc9534807fd6d266e27896960fc1dc8036dec12e6f603f097ae2f3cfbd817504b1a115cbd81495b3b0c3093d15448c4d2c51c373a1e6abab9145b4e67e0d2d46e25842f91ef9bec91b2a99d4982407f836a5c395f5f3240915e2234c6fe37a02f10a8a353b636270940bbe6a50212f484386c82dcc889f6a5800086b1f3a5753d5ea391237dca2b15c7690213aea961891264f4b8e53bf3db0fa8e7149128242a78e56b2084c5f709b9188711f0d6829fd437ed2b1fdd0f5f090c6158b0bcff6a3e814ca170892f9b007c270eb948e6cb6f6aa2903bc071b7871ace1d63cd93ecf9ef3227f671f07b20662684c972132a6ba713d9485d4622292f711dba914d0e36780dd29ac8d7095e67a5604a7ec0e5d26dcb0a234576a293e23e25228b9da98d82d465c863cd09c0ce97d7367c16368142793e6d6362b6eda5e14c626b23d4d59cafbbeb49e55f0b2c786f01fb74ba3062a2be0059f8e08570c481af1a8725042d1dada9ec93f6eaa8c3f7d49d1cce7b587a63b781bbf3a3c6755b23cc19e947a2008bf60c951fb50b6a27145f3b1d2f526aeb6e1c4180fd72ac1804c5a95a5c59b5eac46f925d3f6ad6f13d6bb88d8c40007fcf184d04f88c0fce089e4a6828516a4899732f86c6533a5ebb845d0081b5f14068129f352694e638e190263ff5bfd38e0fe3bfac12acdacc7b3686e5c921ab8d79146a4b1aa16b647b3c7931a41f6219771d19ba3d52f9200e3371844ff29d3d992700d3fa7e30ac9b5f2ea839ada1574c1252c255515bf577e2f383950dfe725523e57b29904e91b9e74f921555a0fe83c4bf25e10e5fd0b611b7a5913b24c6f554105fdfbaadf1b6a9373e1d787aa01b36c81079fed1b0af772de511270413b19a74422617949c1f34e826efd805fbad12ccb8244797d993e89edf058eec2ee6b0c5a96b03635b09f8bd60914ee44a875aadf42a8abc3e58745903a695a9051d0500f08f7431c538ed8ad9263f93c6b5f6119db0ef2101e10d2282d4ab2e22d29018af975d153df430c1aba412e96f0a8328569e38a884d243293894fa68c8ca03becf44f9b16be49f60ffdb34523043701e136391c36c3b0dcc5d69913a71f6867c12c69ebbb9dd0d9da0158c941db6c8b21140117cf9e5722a9e12ec4ddd17bdd9d9dd136ecfb31bcfed62d725f4f4559f05e140150803dd01ab49393ef95bc9e6d855521c1a62032fee2daf0dcf9fcc6d7ec7751ae870879f09abe8829de591e95bf2a814044c4d20ab77e58cdc778e944510cdeecb18257b69696906736f0fd9aa6e1583fa34c7cd746bb53ad768dc0fc0c5d36265567ea2fdd343fcf4a4703b3364ef0c6b48efa95d30c44352e1a10bfb99536c166245ac0631a0935b4861e9c554364a54ddfae66a24d537243f67afcdaaf174298d3f4de10e1f0e578b4c0415d94a40bd5a7bad75825ad52d385c60ee3a1beafed7ad2cfd3fdba411489085169f636fdc0a8575f4bed3d9d3e5161d3275f0ed674e2a0e1f6606cd0c20560de8a6364a6e8a4a1ba2104df66a4dc0d759ec86b7efea0639f1991f1e54af095ea0b9b74cb490348d0ea5caab42b6066584243b5e8690a057ed0821b647af2fd8b74d3fceb048543ead5ead8be73fc0c5b97667e1f06cf9cdd55f5fa8a257c790cf1a579a381e35baa8bde64a1bec7d6ebf907c202b893bdf8b73d5191e9dbcc0665de4182b6c90b52246afabd266c4ba8434e7f4ed65f322033def7b4b4a6c9bee479c406e052a1e1cfc1fde4d7cc9fbe900f41dd505110ac10e4c7e124a9fef2fe25985a229403ea08578a921a38f541b3b5fe232494ce0626be113dc6286532cd3925a076a2e4605c07540d92d084a9fdcf6bc640dc5a49f8b3ee1a80fd5b2325f75d78f48acac115ecb2cb1b344471ab6bf24417fa6aee64813c4796729cccd714e981f2762044b8aa8efae00ea7837051d493c82884ab2e7186f27db83acfc74d8937fa8b1e07969f20728623d42b4f52a578c9a2231521c1e50a7b72d239cdf6b5c479f62db1dfa676385b40300ca0e03b3642ef69b1cc4c8584d3bda9b1dcd501bfc98f80354a65c5590bda768a8e8fbd9aa04c8936d364aebe8f3024ca001015f7381ab03eff1f907a1f6a3d5f4f4cb0b4047a644a61af125a113d86cf9e4d5d6de3373a2fcc53873331cd70df5ed6ca52dace0c188cb00b0285e8e41933e34e633ce7243698878b7f3b02edacbf12f828c5015433bcf873d1fc701362403cb709603a4cc20f5e0d3c130b6f123936e85e6520c15986f28d691efe3e770b26dd0bac146fb61a654699871828738944df177bb56b37513f5994c10d9026f59b4fe4ba05e568925faf9b3c970f8e97d816816c3c88c12da828b491f42eb3ee686a8e931f6149a99403c41e18e74aae8492a27c28aabf08459ddac1cb41a28e84321f99eef163bd4abbb65fa6436ac9ce0e50b865ca3f4c0865ea5e8a7bc220e4375e20ac2321bb9b8cbb307f301bc7d4f80634faaab6f685772e04c8f03198602584619daf2311379a0b62d4403e635c4614ab35c8230a985aec12724f26a86928efbcd58c3285d87965038142349cd8dc61456ff90009ceff61f3c7e9c3e62c005bb704e13e4e63b351e9c7ee281c706c0e500c62ac6692a63d20f0b6f0b3dc927b33411f1c22630cd92c04c9be5136df7f9813d3acb99f156da53c1ed0c3fd08d5e957632dd4d0024fe54897a9206666ee83d59299100419629a2b6e1e08a3f67219d41f833946ad5856ce10d067f8bb4560dad80899dac1cfc94a4d0b238bcdafc90e2c965f09ca133061901fe16e1bf7198303e8de3df5e8d6a4efd8d850632133b43d0403446444f9582006b69e938ed459b2e643a912f485d7adaa3205f72792170f3ffe32200211f2d1e72282e0bbe976e1639409cde391907a708fd4fd8023e97bd00def73329ffc536b941b63a9a2596066fc6fd52aa403a1d3aea8431ac094bba9b50e49f8e42dd64d0d47db12b5c941670eecb011bfccff29576b5e95681768e8c4f34182d9d28bc568718ffbbfc2083f8c9e7eb82a033655465a3d69eceef4eabd6afed416c05979b10e966a3e73047ff67ba7e5c7778f150db9594583e36b2fc4742a97e002ab4a3b01c1004c2f788e9684dc37d35efb446d8b6303e28086815e02dfe8f3017b231ea0e64500b84274cb26438b1cbcbc54a51af7ea67768874cecb92551b137775160c6a42e1789a06f98cd5c5a86bb7f1adcfd38d78824f60329752f3719930f22ea5970200586a3b4b950153e350e28db65321abe1c24adfcd9c71481d24cd5dd8dc334af644b0dbdc626b8174f6922dd3aa90c0a9778c4fb7ef65d3d99081c343ce30d8fe4c89a52ebb48c55cabdb4d6e6e7c46cb85711f7f761e179d82a57149f7266a01c84c62811fe053f528f9342e91604cd14bf58d18e4eecfbd61beafbb4adb7f9e88c7d14b02daf8d4208f58dba5d57f2d249f04daad7f882415da4366f681486e9f54d73e15818c43469552875cf277f0ff0b0b0acac6fb54f5c1071d9a8f2dc234b66500f615b295ada09191c4dd0515c3b54a49b47da7b9f08dbea48a638f9387dcef6251a025ef2c1890d8b037d860ea1b91781260f548e2b26549039ee45ddf7a0ba693722bfb0b73f1c1f8efe40d23e337eb15a32de9425aaca0e7b5b2cbc23065d7e6207531fb62c346af802322cf9513fd1017a886773bf772cd02b1c65f1520de8c4917ba1c3a94b8c9a5de83305181ccc0d258055bdefc5080604d2ded0852da68edff7a318c7354db87a1da909c49e3a5085b2402186c66ce8db4b766675837bb3e4f35bad094d95f4d7c534d310beb0c9696a2892ed850bfd3abcd3b6c7b179076c1ef32028b5525c28071c68819cb7f975a5ece0bfdc31658b13af83f98a98983f0fe8a4a08615b047b1cb71f73d0ffca2c73ee27529f272e1b781a43abc6f199451f49059b78fdd0e672ffb7a0648ce880289b76549299b08408d978b216544a345444261ff0ad078064e460d90d857b662d762e9292a73df09c5097ae5e2ea1bfeaa697ffc797d11c285436fe31693c3c89a97179cfb1f1629bbdd58e9fd3d5c0143d68e8c6455a7a3315c048b8307fbab0eb0f69394fcba636ee6b9d16ce14b5a8e7e8954f712b420f77ccd5ee4bb10a24488f654f87257ee58a6c78ac4e277c52b630ec16f78e372b43b61e489d8f17dfb77d14620a384bc8dcf25fc634d2f3427dd69c46cd059e313e5aebf136a8144495a34c837b8fc448bd290a38abd38d8358033a8f236229fc2f86577d98584051bc3906523ddaa204e3886a76aaf79e4c024702f874a65c3f181e1e594679bd5bfa8c6c91f9453e86c7d7f5b6e5192bc7bdedfeb08411a18314e4837cdc509e29164b44b97fdacab51a4a60cf23381013ce07c0566fac53b4519be163dcd65ab078643b8a2a2765a305439850d18f2b68a2394a2a0789524cb74f4ea000c91ea2c6a2b1ec6429b75aad2166db2a5b7ac624ddd0612933d8c9192556b3b9fcfef80294887c0423f70440dda3bc0fc1e306870cd614d0aa484d7b9e6988c3f7adf38daea2b919a85596406494aa91b449341a4c36dd08e8bc7c1a5ebf20998cd74e207a261ca71a338b3a903454de352246d009f7270a1c6a54e4070caf4107f7909bc46a091dd719906387be12bbe78dfa21511365a0ba2def35ee74770c419a277ada98c2cb207497ab9336aed00769f05e85e191547ab7050ee1a2744e3f78fad3bbb01408354b99c3ac8e0cffcc4e29741ead9fbdfbf681d48e1a609a4fabff3b21a7e7858b256df7fd61d2fc21f5a3b613dd385a1099645aa6a8253952b7c7dff6cbe3db8c912bc56965a3eb351d62c9e5925ff3e58d9bba872eec579188f1f5b670789e1ad02961c884855479e7a48f025b204e214c4b3b3f0e0df84b4a8c7800dc870533450522093d3d5e840bea5b7574e81394dc6a57881cc4294c653443838586a8ae1eaae8b8748e354f35bf36b6ca9848e929aa580f7f8006e95a6bd636597e4c8802f4c05db35bd6bd59aec187db629854035d4682cf5ba2d2c7457835b31d9eec830ae295b5a949008318fe172165c76a51b2f297846c56e54cff93aa095d2118c3742e19194e48dbc3d0fe0e4ad47732327b201a292664401d0b637a71ea7a60ffda0a3f04c558389bae463d191b8ee1ca3d8c1557a84cba7cef3022a5d67e9996613c505c8e3f641975b4dda74ff57c0fa51048e542f38a5f34ad0d9f1239bd9ba8e51b56522468a556f8b50ce024f2ce22c4432b605caf295f09ca8c8647b3c4518fd48fdf9d24b3edc6c32ae3105880fc5570aa3e067c26d18d0d61d811cbee8a8cbd644720a312891214e4afba817838d03f6b2e8a33473853bf32cfbc3fee6987fccc8e42eaf0e177ac4a292994d57d922ae6775284b1e65c6441f50bedeb43c2da2c610feb07e191af13bc055b689e6900000000000000000000601689deffe53c027976d0c2c428afb6aada7512b4f951359ea542dfc4aaceb75fed3065f2af854115d2529e54e50e42b3d3535aac5d0d303f6f37007cf0a1d067e0779f9d916b4a5fc61f261628815252df73e603e696e1181ff737fac83155eb92e392a6056fa2844566ba13957424def0b7206c55be9f66a911bba9bbd8a995073f828c83c98aabda0154c5c0a771d8d73bafdf80f0088a29a8950ac5d98d7769e25333505d6f9af887d06744fb5d6f0d5bd14c558ae75842ccdf9f55ad75204a651635bc6a24065156dd30ea9d6be0855a5cbd7cb2a9a54e9b00000000", 0x10db, 0x8}, 0x693bfc50) splice(r0, 0x0, r2, 0x0, 0x140006, 0x0) ioctl$EVIOCRMFF(0xffffffffffffffff, 0x40044581, &(0x7f0000000080)=0x8) [ 1225.592737][T14314] loop3: p1 p3 < > p4 < p5 > [ 1225.599818][T14314] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1225.612514][T14314] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1225.637658][T14323] loop5: p1 p3 < > p4 < p5 > [ 1225.647190][T14323] loop5: p1 start 6815744 is beyond EOD, truncated [ 1225.655534][T14323] loop5: p5 start 6815744 is beyond EOD, truncated [ 1225.686738][T14330] loop2: p1 p3 < > p4 < p5 > 01:05:03 executing program 1 (fault-call:6 fault-nth:96): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) [ 1225.696564][T14330] loop2: p1 start 184549376 is beyond EOD, truncated [ 1225.711585][T14330] loop2: p5 start 184549376 is beyond EOD, truncated [ 1225.774649][T14337] FAULT_INJECTION: forcing a failure. [ 1225.774649][T14337] name failslab, interval 1, probability 0, space 0, times 0 [ 1225.787309][T14337] CPU: 0 PID: 14337 Comm: syz-executor.1 Not tainted 5.4.125-syzkaller-00004-gfe8243e7f1d1 #0 [ 1225.797531][T14337] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1225.808180][T14337] Call Trace: [ 1225.811466][T14337] dump_stack+0x1d8/0x24e [ 1225.815783][T14337] ? devkmsg_release+0x11c/0x11c [ 1225.820708][T14337] ? show_regs_print_info+0x12/0x12 [ 1225.825895][T14337] should_fail+0x6f6/0x860 [ 1225.830301][T14337] ? setup_fault_attr+0x3d0/0x3d0 [ 1225.835309][T14337] ? __rcu_read_lock+0x50/0x50 [ 1225.840058][T14337] ? ip_tunnel_xmit+0x1703/0x20e0 [ 1225.845065][T14337] should_failslab+0x5/0x20 [ 1225.849610][T14337] __kmalloc_track_caller+0x5d/0x2e0 [ 1225.854877][T14337] ? ip_route_output_flow+0x1f6/0x320 [ 1225.860757][T14337] ? ip_tunnel_xmit+0x1703/0x20e0 [ 1225.865772][T14337] pskb_expand_head+0x10d/0xfa0 [ 1225.870608][T14337] ? tnl_update_pmtu+0x3c7/0x980 [ 1225.875632][T14337] ip_tunnel_xmit+0x1703/0x20e0 [ 1225.880615][T14337] ? tnl_update_pmtu+0x980/0x980 [ 1225.885594][T14337] ? gre_build_header+0x238/0x780 [ 1225.890792][T14337] ipgre_xmit+0x6db/0x9e0 [ 1225.895108][T14337] xmit_one+0xfa/0x470 [ 1225.899170][T14337] __dev_queue_xmit+0x14ec/0x2e50 [ 1225.904541][T14337] ? dev_queue_xmit+0x20/0x20 [ 1225.909212][T14337] ? check_preemption_disabled+0x9e/0x330 [ 1225.914919][T14337] ? skb_release_data+0x346/0x6b0 [ 1225.920014][T14337] ? debug_smp_processor_id+0x20/0x20 [ 1225.925370][T14337] ? bpf_clone_redirect+0x10e/0x350 [ 1225.930561][T14337] __bpf_redirect+0x728/0xd00 [ 1225.935230][T14337] bpf_clone_redirect+0x243/0x350 [ 1225.940237][T14337] bpf_prog_801cabf80fc815cd+0x6a6/0x1000 [ 1225.946021][T14337] ? __schedule+0x9b8/0x1170 [ 1225.950719][T14337] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 1225.956497][T14337] ? rcu_preempt_deferred_qs_irqrestore+0x701/0xae0 [ 1225.963063][T14337] ? __rcu_read_unlock+0x1cd/0x6a0 [ 1225.968149][T14337] ? __rcu_read_lock+0x50/0x50 [ 1225.972884][T14337] ? ktime_get+0xfd/0x130 [ 1225.977185][T14337] bpf_test_run+0x288/0x680 [ 1225.981657][T14337] ? kzalloc+0x20/0x20 [ 1225.985705][T14337] ? build_skb+0x24c/0x440 [ 1225.990102][T14337] bpf_prog_test_run_skb+0x84d/0x1130 [ 1225.995449][T14337] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1226.001245][T14337] ? fput_many+0x42/0x1a0 [ 1226.005557][T14337] ? __bpf_prog_get+0x29f/0x310 [ 1226.010378][T14337] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1226.016154][T14337] __do_sys_bpf+0x2d28/0xbe70 [ 1226.020802][T14337] ? _kstrtoull+0x390/0x490 [ 1226.025549][T14337] ? kstrtouint_from_user+0x20f/0x2a0 [ 1226.031069][T14337] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 1226.037193][T14337] ? __bpf_prog_put_rcu+0x300/0x300 [ 1226.042383][T14337] ? refcount_inc_checked+0x50/0x50 [ 1226.047552][T14337] ? memcg_check_events+0x5c/0x5b0 [ 1226.052644][T14337] ? proc_fail_nth_write+0x1d5/0x240 [ 1226.057912][T14337] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1226.063085][T14337] ? __lru_cache_add+0x1c4/0x210 [ 1226.067992][T14337] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1226.073175][T14337] ? memset+0x1f/0x40 [ 1226.077569][T14337] ? fsnotify+0x1332/0x13f0 [ 1226.082050][T14337] ? __kernel_write+0x340/0x340 [ 1226.086874][T14337] ? check_preemption_disabled+0x9e/0x330 [ 1226.092562][T14337] ? debug_smp_processor_id+0x20/0x20 [ 1226.097913][T14337] ? __fsnotify_parent+0x310/0x310 [ 1226.103005][T14337] ? __sb_end_write+0xb5/0x100 [ 1226.107741][T14337] ? vfs_write+0x422/0x4e0 [ 1226.112126][T14337] ? fput_many+0x42/0x1a0 [ 1226.116423][T14337] ? check_preemption_disabled+0x154/0x330 [ 1226.122201][T14337] do_syscall_64+0xcb/0x1e0 [ 1226.126682][T14337] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1226.132547][T14337] RIP: 0033:0x4665e9 [ 1226.136412][T14337] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1226.155997][T14337] RSP: 002b:00007fb6578f6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1226.164379][T14337] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665e9 [ 1226.172333][T14337] RDX: 0000000000000028 RSI: 0000000020000080 RDI: 000000000000000a [ 1226.180284][T14337] RBP: 00007fb6578f61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1226.188224][T14337] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1226.196168][T14337] R13: 00007ffcefb3e19f R14: 00007fb6578f6300 R15: 0000000000022000 [ 1226.475317][ T146] Bluetooth: hci0: command 0x1003 tx timeout [ 1226.481479][ T9371] Bluetooth: hci0: sending frame failed (-49) [ 1228.554991][ T146] Bluetooth: hci0: command 0x1001 tx timeout [ 1228.561138][ T9371] Bluetooth: hci0: sending frame failed (-49) [ 1230.634875][ T146] Bluetooth: hci0: command 0x1009 tx timeout 01:05:12 executing program 4: clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x400000000000004) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x30) 01:05:12 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a006c00ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:05:12 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0030a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:05:12 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a00210bff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:05:12 executing program 1 (fault-call:6 fault-nth:97): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) 01:05:12 executing program 0: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet_tcp(0x2, 0x1, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet_int(r4, 0x0, 0xc, &(0x7f0000000040)=0xd4f, 0x4) write$binfmt_script(r2, &(0x7f0000000240)={'#! ', './file0', [{0x20, 'ip6gre0\x00'}, {0x20, 'ip6gre0\x00'}], 0xa, "474cc5670dcd237d008ebd4c62b17598ac6f1e2cb5216fd1d1e1a1c7352734b55a19fd3875a7e98d7a3e2c0c3744a8dd6bef69310f6ec1222ffc1bbda95d207971e4ff3027c0f9bffe325e49c6ef3ee35cd790c20bba1ee5a3"}, 0x76) setsockopt$inet_tcp_int(r3, 0x6, 0x10000000013, &(0x7f0000000000)=0x2000000000000001, 0x4) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000180)='ip6gre0\x00', 0x10) r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r5, 0x0) preadv(r5, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x2, &(0x7f0000000200)=0x7fff, 0x4) connect$inet(r3, &(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f0000000300)={0x0, 0xcbf, 0x80000001}, 0x14) write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x140006, 0x0) 01:05:12 executing program 0: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x10000000013, &(0x7f0000000000)=0x2000000000000001, 0x4) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000180)='ip6gre0\x00', 0x10) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x2, &(0x7f0000000200)=0x7fff, 0x4) connect$inet(r3, &(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f0000000300)={0x0, 0xcbf, 0x80000001}, 0x14) write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x140006, 0x0) r5 = syz_io_uring_setup(0x3cd4, &(0x7f0000000040)={0x0, 0xef25, 0x8, 0x3, 0x1f5, 0x0, r0}, &(0x7f0000ff1000/0xc000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000140), &(0x7f00000001c0)) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x2000000, 0x11, r5, 0xdccc7000) [ 1234.663853][T13027] Bluetooth: hci0: Frame reassembly failed (-84) [ 1234.692580][T14347] loop2: p1 p3 < > p4 < p5 > [ 1234.702273][T14347] loop2: p1 start 186712064 is beyond EOD, truncated [ 1234.713520][T14347] loop2: p5 start 186712064 is beyond EOD, truncated [ 1234.731590][T14364] FAULT_INJECTION: forcing a failure. [ 1234.731590][T14364] name failslab, interval 1, probability 0, space 0, times 0 [ 1234.744321][T14364] CPU: 0 PID: 14364 Comm: syz-executor.1 Not tainted 5.4.125-syzkaller-00004-gfe8243e7f1d1 #0 [ 1234.754892][T14364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1234.764977][T14364] Call Trace: [ 1234.768268][T14364] dump_stack+0x1d8/0x24e [ 1234.772674][T14364] ? devkmsg_release+0x11c/0x11c [ 1234.777917][T14364] ? show_regs_print_info+0x12/0x12 [ 1234.783195][T14364] ? memset+0x1f/0x40 [ 1234.787165][T14364] ? unwind_next_frame+0x1f0a/0x27b0 [ 1234.793579][T14364] should_fail+0x6f6/0x860 [ 1234.797988][T14364] ? setup_fault_attr+0x3d0/0x3d0 [ 1234.803001][T14364] ? dst_alloc+0x137/0x4e0 [ 1234.807407][T14364] should_failslab+0x5/0x20 [ 1234.812002][T14364] kmem_cache_alloc+0x36/0x290 [ 1234.816757][T14364] dst_alloc+0x137/0x4e0 [ 1234.820991][T14364] __mkroute_output+0x9e4/0x1430 [ 1234.826094][T14364] ? __siphash_aligned+0x1d1/0x320 [ 1234.831197][T14364] ? ip_route_output_key_hash_rcu+0xf90/0xf90 [ 1234.837254][T14364] ? ip_route_output_key_hash_rcu+0x41b/0xf90 [ 1234.843665][T14364] ip_route_output_flow+0x13d/0x320 [ 1234.848963][T14364] ? ipv4_sk_update_pmtu+0x1e00/0x1e00 [ 1234.854464][T14364] ? debug_smp_processor_id+0x20/0x20 [ 1234.859826][T14364] ip_tunnel_xmit+0xa00/0x20e0 [ 1234.864796][T14364] ? ip_tunnel_xmit+0x1b1/0x20e0 [ 1234.869930][T14364] ? tnl_update_pmtu+0x980/0x980 [ 1234.874885][T14364] ? gre_build_header+0x238/0x780 [ 1234.879904][T14364] ipgre_xmit+0x6db/0x9e0 [ 1234.884222][T14364] xmit_one+0xfa/0x470 [ 1234.888291][T14364] __dev_queue_xmit+0x14ec/0x2e50 [ 1234.893332][T14364] ? dev_queue_xmit+0x20/0x20 [ 1234.898009][T14364] ? check_preemption_disabled+0x9e/0x330 [ 1234.903729][T14364] ? skb_release_data+0x346/0x6b0 [ 1234.908764][T14364] ? debug_smp_processor_id+0x20/0x20 [ 1234.914137][T14364] ? bpf_clone_redirect+0x10e/0x350 [ 1234.919337][T14364] __bpf_redirect+0x728/0xd00 [ 1234.924095][T14364] bpf_clone_redirect+0x243/0x350 [ 1234.929143][T14364] bpf_prog_801cabf80fc815cd+0xc04/0x1000 [ 1234.934861][T14364] ? __kasan_kmalloc+0x1a3/0x1e0 [ 1234.939884][T14364] ? __kasan_kmalloc+0x137/0x1e0 [ 1234.946643][T14364] ? kmem_cache_alloc+0x115/0x290 [ 1234.951734][T14364] ? build_skb+0x27/0x440 [ 1234.956040][T14364] ? bpf_prog_test_run_skb+0x419/0x1130 [ 1234.961558][T14364] ? __do_sys_bpf+0x2d28/0xbe70 [ 1234.966652][T14364] ? do_syscall_64+0xcb/0x1e0 [ 1234.971301][T14364] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1234.977349][T14364] ? ktime_get+0xfd/0x130 [ 1234.981667][T14364] bpf_test_run+0x288/0x680 [ 1234.986408][T14364] ? kzalloc+0x20/0x20 [ 1234.990542][T14364] ? build_skb+0x24c/0x440 [ 1234.995016][T14364] bpf_prog_test_run_skb+0x84d/0x1130 [ 1235.000368][T14364] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1235.006144][T14364] ? fput_many+0x42/0x1a0 [ 1235.010445][T14364] ? __bpf_prog_get+0x29f/0x310 [ 1235.015267][T14364] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1235.021042][T14364] __do_sys_bpf+0x2d28/0xbe70 [ 1235.025691][T14364] ? _kstrtoull+0x390/0x490 [ 1235.030162][T14364] ? kstrtouint_from_user+0x20f/0x2a0 [ 1235.035523][T14364] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 1235.041653][T14364] ? __bpf_prog_put_rcu+0x300/0x300 [ 1235.046824][T14364] ? refcount_inc_checked+0x50/0x50 [ 1235.052001][T14364] ? memcg_check_events+0x5c/0x5b0 [ 1235.057090][T14364] ? proc_fail_nth_write+0x1d5/0x240 [ 1235.062349][T14364] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1235.067516][T14364] ? __lru_cache_add+0x1c4/0x210 [ 1235.072423][T14364] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1235.077677][T14364] ? memset+0x1f/0x40 [ 1235.081631][T14364] ? fsnotify+0x1332/0x13f0 [ 1235.086122][T14364] ? __kernel_write+0x340/0x340 [ 1235.090987][T14364] ? check_preemption_disabled+0x9e/0x330 [ 1235.096705][T14364] ? debug_smp_processor_id+0x20/0x20 [ 1235.102139][T14364] ? __fsnotify_parent+0x310/0x310 [ 1235.107250][T14364] ? __sb_end_write+0xb5/0x100 [ 1235.111996][T14364] ? vfs_write+0x422/0x4e0 [ 1235.116387][T14364] ? fput_many+0x42/0x1a0 [ 1235.120694][T14364] ? check_preemption_disabled+0x154/0x330 [ 1235.126477][T14364] do_syscall_64+0xcb/0x1e0 [ 1235.130977][T14364] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1235.136842][T14364] RIP: 0033:0x4665e9 [ 1235.140895][T14364] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1235.160641][T14364] RSP: 002b:00007fb6578f6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1235.169023][T14364] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665e9 [ 1235.176976][T14364] RDX: 0000000000000028 RSI: 0000000020000080 RDI: 000000000000000a [ 1235.185005][T14364] RBP: 00007fb6578f61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1235.192953][T14364] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1235.200894][T14364] R13: 00007ffcefb3e19f R14: 00007fb6578f6300 R15: 0000000000022000 [ 1235.218983][T14349] loop3: p1 p3 < > p4 < p5 > [ 1235.227353][T14349] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1235.241638][T14356] loop5: p1 p3 < > p4 < p5 > [ 1235.248383][T14356] loop5: p1 start 7077888 is beyond EOD, truncated [ 1235.255334][T14349] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1235.264648][T14356] loop5: p5 start 7077888 is beyond EOD, truncated 01:05:13 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a00000cff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:05:13 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a007400ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:05:13 executing program 1 (fault-call:6 fault-nth:98): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) [ 1235.376109][T14349] loop3: p1 p3 < > p4 < p5 > [ 1235.394967][T14349] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1235.417318][T14349] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1235.430356][T14371] loop2: p1 p3 < > p4 < p5 > 01:05:13 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff40040a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1235.452141][T14371] loop2: p1 start 201326592 is beyond EOD, truncated [ 1235.463991][T14371] loop2: p5 start 201326592 is beyond EOD, truncated [ 1235.488151][T14372] loop5: p1 p3 < > p4 < p5 > [ 1235.501897][T14372] loop5: p1 start 7602176 is beyond EOD, truncated [ 1235.503330][ T148] loop2: p1 p3 < > p4 < p5 > [ 1235.515016][ T148] loop2: p1 start 201326592 is beyond EOD, truncated [ 1235.516244][T14379] FAULT_INJECTION: forcing a failure. [ 1235.516244][T14379] name failslab, interval 1, probability 0, space 0, times 0 [ 1235.522781][ T148] loop2: p5 start 201326592 is beyond EOD, truncated [ 1235.534318][T14379] CPU: 0 PID: 14379 Comm: syz-executor.1 Not tainted 5.4.125-syzkaller-00004-gfe8243e7f1d1 #0 [ 1235.534324][T14379] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1235.534332][T14379] Call Trace: [ 1235.534349][T14379] dump_stack+0x1d8/0x24e [ 1235.534359][T14379] ? devkmsg_release+0x11c/0x11c [ 1235.534369][T14379] ? show_regs_print_info+0x12/0x12 [ 1235.534377][T14379] ? memset+0x1f/0x40 [ 1235.534386][T14379] ? unwind_next_frame+0x1f0a/0x27b0 [ 1235.534401][T14379] should_fail+0x6f6/0x860 [ 1235.547491][T14372] loop5: p5 start 7602176 is beyond EOD, truncated [ 1235.551268][T14379] ? setup_fault_attr+0x3d0/0x3d0 [ 1235.551283][T14379] ? dst_alloc+0x137/0x4e0 [ 1235.609366][T14379] should_failslab+0x5/0x20 [ 1235.613871][T14379] kmem_cache_alloc+0x36/0x290 [ 1235.618628][T14379] dst_alloc+0x137/0x4e0 [ 1235.622863][T14379] __mkroute_output+0x9e4/0x1430 [ 1235.627788][T14379] ? __siphash_aligned+0x1d1/0x320 [ 1235.632898][T14379] ? ip_route_output_key_hash_rcu+0xf90/0xf90 [ 1235.639050][T14379] ? ip_route_output_key_hash_rcu+0x41b/0xf90 [ 1235.645125][T14379] ip_route_output_flow+0x13d/0x320 [ 1235.650309][T14379] ? ipv4_sk_update_pmtu+0x1e00/0x1e00 [ 1235.655754][T14379] ? debug_smp_processor_id+0x20/0x20 [ 1235.661114][T14379] ip_tunnel_xmit+0xa00/0x20e0 [ 1235.665866][T14379] ? ip_tunnel_xmit+0x1b1/0x20e0 [ 1235.670811][T14379] ? tnl_update_pmtu+0x980/0x980 [ 1235.675761][T14379] ? gre_build_header+0x238/0x780 [ 1235.680767][T14379] ipgre_xmit+0x6db/0x9e0 [ 1235.685091][T14379] xmit_one+0xfa/0x470 [ 1235.689161][T14379] __dev_queue_xmit+0x14ec/0x2e50 [ 1235.694172][T14379] ? dev_queue_xmit+0x20/0x20 [ 1235.698840][T14379] ? check_preemption_disabled+0x9e/0x330 [ 1235.704548][T14379] ? skb_release_data+0x346/0x6b0 [ 1235.709560][T14379] ? debug_smp_processor_id+0x20/0x20 [ 1235.714918][T14379] ? bpf_clone_redirect+0x10e/0x350 [ 1235.720107][T14379] __bpf_redirect+0x728/0xd00 [ 1235.724773][T14379] bpf_clone_redirect+0x243/0x350 [ 1235.730219][T14379] bpf_prog_801cabf80fc815cd+0x35e/0x1000 [ 1235.735939][T14379] ? swake_up_one+0x7e/0x140 [ 1235.740538][T14379] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 1235.746334][T14379] ? rcu_preempt_deferred_qs_irqrestore+0x939/0xae0 [ 1235.752902][T14379] ? __rcu_read_unlock+0x1cd/0x6a0 [ 1235.757985][T14379] ? __rcu_read_lock+0x50/0x50 [ 1235.762719][T14379] ? ktime_get+0xfd/0x130 [ 1235.767021][T14379] bpf_test_run+0x288/0x680 [ 1235.771495][T14379] ? kzalloc+0x20/0x20 [ 1235.775535][T14379] ? build_skb+0x24c/0x440 [ 1235.779920][T14379] bpf_prog_test_run_skb+0x84d/0x1130 [ 1235.785263][T14379] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1235.791135][T14379] ? fput_many+0x42/0x1a0 [ 1235.795435][T14379] ? __bpf_prog_get+0x29f/0x310 [ 1235.800271][T14379] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1235.806062][T14379] __do_sys_bpf+0x2d28/0xbe70 [ 1235.810718][T14379] ? _kstrtoull+0x390/0x490 [ 1235.815193][T14379] ? kstrtouint_from_user+0x20f/0x2a0 [ 1235.820723][T14379] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 1235.826858][T14379] ? __bpf_prog_put_rcu+0x300/0x300 [ 1235.832031][T14379] ? refcount_inc_checked+0x50/0x50 [ 1235.837211][T14379] ? memcg_check_events+0x5c/0x5b0 [ 1235.842294][T14379] ? proc_fail_nth_write+0x1d5/0x240 [ 1235.847559][T14379] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1235.852900][T14379] ? __lru_cache_add+0x1c4/0x210 [ 1235.857812][T14379] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1235.863105][T14379] ? memset+0x1f/0x40 [ 1235.867082][T14379] ? fsnotify+0x1332/0x13f0 [ 1235.871568][T14379] ? __kernel_write+0x340/0x340 [ 1235.876390][T14379] ? check_preemption_disabled+0x9e/0x330 [ 1235.882079][T14379] ? debug_smp_processor_id+0x20/0x20 [ 1235.888983][T14379] ? __fsnotify_parent+0x310/0x310 [ 1235.894063][T14379] ? __sb_end_write+0xb5/0x100 [ 1235.898795][T14379] ? vfs_write+0x422/0x4e0 [ 1235.903180][T14379] ? fput_many+0x42/0x1a0 [ 1235.907479][T14379] ? check_preemption_disabled+0x154/0x330 [ 1235.913266][T14379] do_syscall_64+0xcb/0x1e0 [ 1235.917742][T14379] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1235.923601][T14379] RIP: 0033:0x4665e9 [ 1235.927477][T14379] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1235.947227][T14379] RSP: 002b:00007fb6578f6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1235.955607][T14379] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665e9 [ 1235.963547][T14379] RDX: 0000000000000028 RSI: 0000000020000080 RDI: 000000000000000a [ 1235.971834][T14379] RBP: 00007fb6578f61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1235.979775][T14379] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1235.987717][T14379] R13: 00007ffcefb3e19f R14: 00007fb6578f6300 R15: 0000000000022000 01:05:14 executing program 0: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x10000000013, &(0x7f0000000000)=0x2000000000000001, 0x4) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x2, &(0x7f0000000200)=0x7fff, 0x4) connect$inet(r3, &(0x7f0000000140)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) setsockopt$inet_tcp_int(r4, 0x6, 0x2, &(0x7f0000000080)=0x1, 0x4) preadv(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000340)=""/246, 0xf6}, {&(0x7f0000000440)=""/209, 0xd1}, {&(0x7f0000000540)=""/254, 0xfe}], 0x3, 0x800, 0x6) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f0000000300)={0x0, 0xcbf, 0x80000001}, 0x14) write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x140006, 0x0) [ 1236.028348][ T148] loop5: p1 p3 < > p4 < p5 > [ 1236.033256][ T148] loop5: p1 start 7602176 is beyond EOD, truncated [ 1236.043652][ T148] loop5: p5 start 7602176 is beyond EOD, truncated [ 1236.082716][T14381] loop3: p1 p3 < > p4 < p5 > [ 1236.091093][T14381] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1236.111446][T14381] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1236.133873][ T148] loop3: p1 p3 < > p4 < p5 > [ 1236.139906][ T148] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1236.149449][ T148] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1236.235510][T14381] loop3: p1 p3 < > p4 < p5 > [ 1236.243619][T14381] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1236.253199][T14381] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1236.262707][ T148] loop3: p1 p3 < > p4 < p5 > [ 1236.267788][ T148] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1236.276592][ T148] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1236.714517][ T1216] Bluetooth: hci0: command 0x1003 tx timeout [ 1236.720926][ T9371] Bluetooth: hci0: sending frame failed (-49) [ 1238.794327][ T101] Bluetooth: hci0: command 0x1001 tx timeout [ 1238.800373][ T9371] Bluetooth: hci0: sending frame failed (-49) [ 1240.874190][ T101] Bluetooth: hci0: command 0x1009 tx timeout 01:05:23 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a007a00ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:05:23 executing program 0: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x10000000013, &(0x7f0000000000)=0x2000000000000001, 0x4) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000180)='ip6gre0\x00', 0x10) ioctl$KDSETKEYCODE(r0, 0x4b4d, &(0x7f0000000040)={0x8000, 0x2}) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x2, &(0x7f0000000200)=0x7fff, 0x4) connect$inet(r3, &(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f0000000300)={0x0, 0xcbf, 0x80000001}, 0x14) write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x140006, 0x0) 01:05:23 executing program 1 (fault-call:6 fault-nth:99): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) 01:05:23 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a00000dff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:05:23 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff80040a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:05:23 executing program 4: clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) dup2(r1, r0) ioctl$KDADDIO(r0, 0x400455c8, 0x4) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x72, 0x2, 0x0, 0x0, 0x8}, 0x0) syz_open_procfs(r2, &(0x7f0000000080)='net/ip6_tables_targets\x00') ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x30) 01:05:23 executing program 4: clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x31d302, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x30) [ 1244.962189][T14413] FAULT_INJECTION: forcing a failure. [ 1244.962189][T14413] name failslab, interval 1, probability 0, space 0, times 0 [ 1244.974867][T14413] CPU: 0 PID: 14413 Comm: syz-executor.1 Not tainted 5.4.125-syzkaller-00004-gfe8243e7f1d1 #0 [ 1244.985092][T14413] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1244.995137][T14413] Call Trace: [ 1244.998428][T14413] dump_stack+0x1d8/0x24e [ 1245.002757][T14413] ? devkmsg_release+0x11c/0x11c [ 1245.007688][T14413] ? show_regs_print_info+0x12/0x12 [ 1245.012882][T14413] should_fail+0x6f6/0x860 [ 1245.017296][T14413] ? setup_fault_attr+0x3d0/0x3d0 [ 1245.022308][T14413] ? skb_release_data+0x346/0x6b0 [ 1245.027324][T14413] ? debug_smp_processor_id+0x20/0x20 [ 1245.032682][T14413] ? bpf_clone_redirect+0x10e/0x350 [ 1245.037963][T14413] ? skb_clone+0x1b2/0x360 [ 1245.042367][T14413] should_failslab+0x5/0x20 [ 1245.046860][T14413] kmem_cache_alloc+0x36/0x290 [ 1245.051610][T14413] ? __bpf_redirect+0x736/0xd00 [ 1245.056535][T14413] skb_clone+0x1b2/0x360 [ 1245.060765][T14413] bpf_clone_redirect+0xa2/0x350 [ 1245.065695][T14413] bpf_prog_801cabf80fc815cd+0x624/0x1000 [ 1245.071491][T14413] ? __schedule+0x9b8/0x1170 [ 1245.076071][T14413] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 1245.081874][T14413] ? rcu_preempt_deferred_qs_irqrestore+0x701/0xae0 [ 1245.088458][T14413] ? __rcu_read_unlock+0x1cd/0x6a0 [ 1245.093558][T14413] ? __rcu_read_lock+0x50/0x50 [ 1245.098308][T14413] ? ktime_get+0xfd/0x130 [ 1245.102626][T14413] bpf_test_run+0x288/0x680 [ 1245.107115][T14413] ? kzalloc+0x20/0x20 [ 1245.111172][T14413] ? build_skb+0x24c/0x440 [ 1245.115661][T14413] bpf_prog_test_run_skb+0x84d/0x1130 [ 1245.121043][T14413] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1245.126836][T14413] ? fput_many+0x42/0x1a0 [ 1245.131140][T14413] ? __bpf_prog_get+0x29f/0x310 [ 1245.135979][T14413] ? __bpf_trace_bpf_test_finish+0x20/0x20 [ 1245.141753][T14413] __do_sys_bpf+0x2d28/0xbe70 [ 1245.146403][T14413] ? _kstrtoull+0x390/0x490 [ 1245.150883][T14413] ? kstrtouint_from_user+0x20f/0x2a0 [ 1245.156410][T14413] ? refcount_sub_and_test_checked+0x1b6/0x290 [ 1245.162619][T14413] ? __bpf_prog_put_rcu+0x300/0x300 [ 1245.167790][T14413] ? refcount_inc_checked+0x50/0x50 [ 1245.172957][T14413] ? memcg_check_events+0x5c/0x5b0 [ 1245.178040][T14413] ? proc_fail_nth_write+0x1d5/0x240 [ 1245.183295][T14413] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1245.188461][T14413] ? __lru_cache_add+0x1c4/0x210 [ 1245.193368][T14413] ? proc_fail_nth_read+0x1c0/0x1c0 [ 1245.198535][T14413] ? memset+0x1f/0x40 [ 1245.202499][T14413] ? fsnotify+0x1332/0x13f0 [ 1245.206983][T14413] ? __kernel_write+0x340/0x340 [ 1245.211900][T14413] ? check_preemption_disabled+0x9e/0x330 [ 1245.217587][T14413] ? debug_smp_processor_id+0x20/0x20 [ 1245.222927][T14413] ? __fsnotify_parent+0x310/0x310 [ 1245.228021][T14413] ? __sb_end_write+0xb5/0x100 [ 1245.232752][T14413] ? vfs_write+0x422/0x4e0 [ 1245.237137][T14413] ? fput_many+0x42/0x1a0 [ 1245.241438][T14413] ? check_preemption_disabled+0x154/0x330 [ 1245.247218][T14413] do_syscall_64+0xcb/0x1e0 [ 1245.251728][T14413] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1245.257592][T14413] RIP: 0033:0x4665e9 [ 1245.261458][T14413] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1245.281035][T14413] RSP: 002b:00007fb6578f6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1245.289415][T14413] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665e9 [ 1245.297363][T14413] RDX: 0000000000000028 RSI: 0000000020000080 RDI: 000000000000000a [ 1245.305305][T14413] RBP: 00007fb6578f61d0 R08: 0000000000000000 R09: 0000000000000000 [ 1245.313254][T14413] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003 [ 1245.321202][T14413] R13: 00007ffcefb3e19f R14: 00007fb6578f6300 R15: 0000000000022000 01:05:23 executing program 4: clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$KDADDIO(r1, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x30) [ 1245.393586][T14401] loop3: p1 p3 < > p4 < p5 > [ 1245.393980][T14403] loop2: p1 p3 < > p4 < p5 > [ 1245.398509][T14396] loop5: p1 p3 < > p4 < p5 > [ 1245.409528][T14403] loop2: p1 start 218103808 is beyond EOD, truncated [ 1245.421967][T14401] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1245.427315][T14403] loop2: p5 start 218103808 is beyond EOD, truncated [ 1245.431858][T14396] loop5: p1 start 7995392 is beyond EOD, truncated 01:05:23 executing program 4: clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x30) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$TIOCGDEV(r1, 0x80045432, &(0x7f0000000080)) [ 1245.450903][T14401] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1245.458316][T14396] loop5: p5 start 7995392 is beyond EOD, truncated 01:05:23 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) 01:05:23 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a00000eff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1245.534487][T10939] Bluetooth: hci0: Frame reassembly failed (-84) 01:05:23 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0040a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1245.610203][T14396] loop5: p1 p3 < > p4 < p5 > [ 1245.625115][T14396] loop5: p1 start 7995392 is beyond EOD, truncated [ 1245.656256][T14396] loop5: p5 start 7995392 is beyond EOD, truncated [ 1245.691011][T14438] loop3: p1 p3 < > p4 < p5 > 01:05:23 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a009000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1245.702877][T14438] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1245.712604][T14438] loop3: p5 size 11290111 extends beyond EOD, truncated 01:05:24 executing program 0: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x10000000013, &(0x7f0000000000)=0x2000000000000001, 0x4) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000180)='ip6gre0\x00', 0x10) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r5, 0x0) preadv(r5, &(0x7f0000000280), 0x18, 0xd9f, 0x0) write$binfmt_misc(r5, &(0x7f0000000340)={'syz0', "aedae0522187ed0f7ee933074fbf5cf4dee193e7ed666cd3f5a60f385e99ba23c86b33210245a55e4bc614457cb0417fdb7ccd03cc906f09b44cf8ed73de3100eb03fee66bfbef722cbc32f2e026c276e077ffdce7fbe49ddd1416286626cc0aab4eac4c02d096c85a0bfef68df69c78704a56be13adfde4262c51bb6c90ea4cd9febcfad4000f75ebe41544bdecf0db64110c6219409cc7043df6bb0af472a625184071ea8014038d45c7d5089954b9cfc1869f48609e9809e29c2a09720c2c0d53793f27a7e14919803ef70a2462be1fd806c23aba90c7b459ed8754c28bd38e50170a0cdc6ef9830c6fe92f7e8abe7d12615a52bbd79ae78229f23aa5aa4a6385d5e86f9e6aa5ccf5ecce11a439b657a572c64ff525fe603bd5de7054f61216b59aff79625c20131d8332edf9fccf54f5bdfbe050a911c5891a9a93d81025aafb9442a15fe0a5502d8cd43e67ddce479c7acc35d069dbb524c02fd74344052c571e56dff88d606c0ccbace9e8e8cdfbb1a847d5167e7201676260200cce29d9a06734eafbfe60ed456642592467ec18da5eb052e6c34085b6cee6f49cfd13e6fec52250a1a068ceb1342ddba479767e28e050d2c8399ebbdf4cec4557cfcf06bfa6f0c52c3ee7c1f19cee65615b81f3cb1d6c9fa83b57650ac0ecac2cad1251edc7ef2c7c024a054a5208a951d907aba23caa5f45dec6733d2f9d85b13af4ebe0aea57657c85412bf9b5e753c1705135fdae589c99b419572c4aad179d92e7f5ac56ddc709a1532b59332a4f006a2f82ba2f8ad40ad0bcb7644a445487e9ce926bd621735a6259dea200ac66dbcac40818ce5c545f43f31e66f7b43013c8ba927ef9c5323e0e8c5e92b0fee333822e7bf3f0cbc4ccc82077c442945a30bb0392fd3aa8c7a74ca3815acde11628baaa6a7a334c45905b3ade533d9218b2453ef17c0caab4258effcb8a9af0cb713dd8be5daac1d343f7d7ce5d99b54a8af25c42b74e320699194aabad5dae3e2d03f195d7db99dc211641312ac087f50ae357fafc6f26daf1e263c7a4e7ed99d0812235e4fe12fc8430788fb065dfd1bf7fe1fec14262a73486b0c3b133737d96a0ab6717ff60615efd136aeeaa5d1826925588d9e028c6b12b5c1d369cecf3437f806851d00276d384e6f1f3de7f52fc494f30f36afd51c3a30173a5f7423d007fbae4b810f1eeecf8ea8c6dd5baf70b81f321669fb8330eac0341eb580207cb893311bed3e92782140249ac89c64e4454ed781beb86f196cdfa08baf312342735fa5f62bb4fb358c3a5453af3fb6228836a63ae94493a5ff55e03aba7240ff596cf069e3f69b151d0e13bde780f251bd3f35aa3cbaa5aa95ab894792c2833c75aad66c724afa9fdb92fb0c1bf6e6b10ca9df819268b59c23fea97955062de63cc610de5f18d831f0a3dd0a61421ad6b1ee11e981a082d03012b8bc29e10176917627003de7ef6312044a5927588f06a971c95c61452344fcb1c2d39d4f062d035cf076fa3eaac8c278bf82c016fa7d4789e5cd75497c2ab83e99c228e639ce3670372fba95f4b3e2ad6d47d8e5255dc5f2db5df1f867e642e14e43255398c775cb7f0dfbf3c51f718032f9c887faf9aa37eef689caaf2c8e53f6b7cd6c8c6a873e7a7a7a6bf91c243856e52ff57aa1df5d86635842eaa25b2925745e76ad72cfc8b73220af8a87e4303c4fb5fd737d8b0293df0636197bfee2f83fcdd5b42b73a4ff74b6f807712d9d27ce71d8668fedafdaaa17fec56e6914a7a7ea2d59725cb25083b656c2ba4fd1e4dd537791513a2bddd0a90b5a3020ed5b86b96dfa2eb43cd4ec969ed5c14eadf892587d89b19c56a19ce45d5180f8bcbf20330a3b5f45c2ce4716ff0835a810c36fdb1d9fb462830cb66867eec8effef30e0099b4038f6be835afa511c03140399f1f250231cd565d4c55e4093c1fefe8807e0fbf90677b645b54f70d57b8799038e8f6d501ecce591e0f885ed8d433539cc797bc32f1b1bd0bf6b138e77bfe73349fc29b51fe7a4db0295087334c3c73b65952c5819d8ea908737730b93003ef02d00ee6659201df202ea4df7448194ef1d0d67a2c10bc1e811e98af3abc227dc0db31bafa794b26bd2d26117351ce28d600951bd9ef93a5055e133451a9bd6857e7a14fe1a802ed39c849fcc2102f0b9e4f9476eabd2a95c1c64421783f34aa4207acbeb76ee9e610a63c496b6dd8f58a54dbbaff5c73c313e7defd2d13f3c8da171abc4708254360b0cb9b2b33528919760904db7b72616ccf4199de6ccd0954511b6f65f1a05469d6317542d3eafd6380219c94a7f5569a3344481b416a490fd90d15680130d8c6a0773b0a087b4c2d87ef23d85edd45535cba50215193b513b3c21403bcd67f325573dbf12514c09b1bd991d1c136aa08461d036ae0ba834b9b7faf8a7479eb9a01db5d729b7f47155568d65b31120eda13f3c351f47b121779cbcf2563ffb3a84ccdc53e8eb3da4a2c689b4138f3c6a129274236aba8b357cb7a36fa3776f6fe4748b5907bce32c7cd94141eaa5f350de952d1e0f24c7fc19cc31101ed51099bf7dfc01f5b38737818bcd7325b6d5e9d08adae770895a66663bb6ba7ae361dda12ac4d6642ba9bb307718c18fa58a8f9b77286eafd182fdd90075a3e0759430b772a72b9cbc754c2c24b4924a2c68deb08abf3c3efcb7d55e10ad238ea48913bf885c540d8008a7d19146c5b2ad077efc5a9ade41acceb284b27a4865b6b94aebb4b82402044a1b5ad67c5a36ea50c2ed767330d315fb3dfc11d0a5e271e82ffec505a225ac83a015a5a0f1706d8d53f920f3216eb2bb7300b2b69c22a8a301d6272cb98844817d9ae35fdc0d7200baa5984b4403c01e7790cc7b99abc86a4eff1b15a8f721f5e0ca991fcd488e07f6a757702e6946bd102d5b4faa720898063b2c9c619f9413e4f9717ef22be0cd32734a71a7c42d8f84ea9d2b6507e822a8cc31a210045306ba6fb7e955a3a543b7cee46fef724aa1282545752351be7927043b435961a08b77e7207f218689c1a0a4f98a3b1ed760a5b6e8102b70d88d633275217609ce456d2319b092eabae5c7819f5b2d833a0daa297d65c75806e3128ba61d5e036a4e561314f031ff9bdd763ef542aef0d2999f2d01ccdb744c30ee2604da906f82fc334015db2b1547eb9b644346b9b8ca3d8140f6fc31147df9f75b7ce193b9238593e202f03c89f6fdd8cd7b3931c2c3a5ccb9bc338ba975653601d3475da54fc9d02529d997bd0668eea0cf41b3b49f66afa8c591c704e747b8045d3ea9d65db80266aac102cb92e649456751abb950b59b71b673c532172b41ff4f9e5a9301c2324b64513ef44442354b30651cda8f98837213278ccd0315382c5a4d679c55772e0176975fd9450f57bc2159428e39aca53428409e06a723712ea10b8fee960ee221845b45e256c26dfe1d5c91ff5424bb98d9c42b864c9896e25675cf493cf53e21324ef56cd2868e99a414cd2f9658276698c8e0a793dc84e8e610df6b661eb5c3d1a406f7dd1ae178d531199d17584a43fd3969dfae6bab13b0a75449c1720f2297bcaede2bfce641f64b233077e61a466c4b65f33331d98d85af4b361cdef09336167a75fa3852ac85042a73908dc5e205cfcc19953667b3a6717760484f8c4549b70234923b40d8f77ead6c91d0c8c51d46e3ab6e94cc706220e9f04ace508ed182713742c1c0ea4a93a22aa18962fec70dfcf75e83414050e95c4ec070631c91d0701ad4f9cc9fac88a6ae4975948941210968614b4a844892f8e6921ea626a31a6c8ec3e9a6cba048dfad7e2af98f5ce9533e050f9eafa03d60f4f61e9473722f67d0ca04677b5235e809fa652a83966590a3e6099ac9dd0d767dbb0e4f47d5ba5f7a6934718e73113fb6cc1bd5add40d24ef85305d569a5b4ad7e2847b53f4902424b565ed4a6ede2a8e477bab8c885f04b5c14e789c6f445e9d8eddf92f469e4af1d0a970ced024901ddfbc0c0260018ac6a6e85e57771573ad6fc3cddbcd20e51405209abafa603a419dc98073417adb802e8986cdca9b27c0e235b2cbb559d0ea99476237a993f3ad9607880cb26d3bf6ac78d3a421a838e1f481be9cd86ebb03604d341092049dfba5601928be58d557528d0e19ce466f04665bdc4f4a43ecac4eaa90b1e5f45c499c2d905c9a784c83aa15d8e669faebd16fa0766de09beda7704a4acf04bd07e09d7990a7ab0efc7af5f220b1b8b9c24d711866a12af63ee5b34db5cc132f8ba01a5032778873c0f69dea631289f30fd5c5be4d59f929ef7bb1e33e7ab33c4aaefc9e1d4528101670cd4c5843b03e276783859cddcb7dcbe73c4fd82ca12c63e4f5a63491f82735dece659266efaf80063c957feda6770967e18851338880b29af5ba07bb1536f0837fa0444b524ea9fbc3acec183ff058f78d14db7d18eddbafa6fc7c2f172b5d042c62d4e7e6f4da108c96aabe232cd3362eff2558a84c1bd97fca73b45ca4785039c7f0ea821964d63b31b562dfb08d6782936605987ba2f0d53f10f9962dff5b310b1af2d2cfe49717ecbc61ef0bbf8f557af0238a0c259d5ac2af4d6bed934c2ac18a9ba8610bd850f09632781b29c174b281dd3a6f681bb31591b7c2245e9030fdc20e6f1c061dceb076e581f4f284d034a6036b59908e00bf4d9a435c57f47b4082dea8143140cd91119f748ff0e07524c7aa79984811ccae0933336c21b1e0d719b52a279a1ee344ee1a5c4791af034ff405782f665c12023353facb568ea83eeefb8ed368951f611e0c5b396bb5f95ceab3298cdcf1776f29747744a62a3605a13ac1678b5a7da02bc2bd522d3dbdad31a51c8702b9cc98990acfbdf37a1e8d56ac7e1bf97bad4da630e541b88d80c472fb5abc5b02afcba506edbb40bbf119612090c04c9526980ad653671888a2a342c496d66d8aae9ff96ecf1b026c08291f21cbc2fe1a1f095f87ac26e0f3896ed22ca0465ca1487a19548b5d727c4e82dc50139963de679f64dc0bbed09d4ac1afa802bb55924b5f0d016dce789caab92b000e473b003e771d2e262103d83ec61f979bb004ceca6e48bcae710ae6d2a5d670644be5c92a234f24296241e4ffa6933cd4a5d7a46f25bc768e1d4e3f8966527e0888052c0a6f6c3c7dda471861d6b9a237d97265333cb6361c61ba290241a0aae140e46077143ce4f2333be27a1e325257255c70f0b24213f9f320fb9350042154ac9d3f4f3c763f71c915d5027fb0ef2d20a6ef35b508bb77e5d5282dc51fd54a04b81eaf9be3d4f746a2ddc0cc967a1e6c7fe381a2b711f1a07b44fb879b39b970f6ea11495e1c9ba241215b2d81c77dd79c6dd482cdbc2c24772abb8a495436151c97d2fddcf91518c4f51fa48864dbb69a490d78890b09fb1a11a865b48267e7527d8ef7c0fc1d1d5dce17aadca51c23d485c2ddb4890bb97d2e99c951c7f8978865bf6090b0d7c8428f99647310dfcc6798eecbeb1158780282d2c1b4f248dac3a664e61b3e6b80a21e643f69bdd7991605db47f9af98d5ceb268f4b561c6691a4ff644dc3ac61d422f4dc9fc1a432962a10e8047704113e52cb983c36c89f1344fb5decc9e6b8b92343b87558c40baf8bf418290610ad857be13f17b4fb295c5c65043b153f4d39bce851878495216f63f8dc9005b29ad60e8d3720757d199c6ed93bd7574741eee38e23d3ca7b0cc2ab382aa541dda8f1c6faeb1c9ffd3675339ab8ac3a30de4a1f7ff3e7594109117cc538804caa455c4b61e7"}, 0x1004) setsockopt$inet_tcp_int(r3, 0x6, 0x2, &(0x7f0000000200)=0x7fff, 0x4) connect$inet(r3, &(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f0000000300)={0x0, 0xcbf, 0x80000001}, 0x14) write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x140006, 0x0) [ 1245.777281][T14439] loop2: p1 p3 < > p4 < p5 > [ 1245.783136][T14439] loop2: p1 start 234881024 is beyond EOD, truncated [ 1245.789893][ T148] loop3: p1 p3 < > p4 < p5 > [ 1245.795154][ T148] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1245.805060][T14439] loop2: p5 start 234881024 is beyond EOD, truncated [ 1245.818365][ T148] loop3: p5 size 11290111 extends beyond EOD, truncated 01:05:24 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000011ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:05:24 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0x2, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) 01:05:24 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff00050a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1245.992195][T14449] loop5: p1 p3 < > p4 < p5 > [ 1245.999396][T14449] loop5: p1 start 9437184 is beyond EOD, truncated [ 1246.008934][T14449] loop5: p5 start 9437184 is beyond EOD, truncated [ 1246.017504][ T148] loop5: p1 p3 < > p4 < p5 > [ 1246.022642][ T148] loop5: p1 start 9437184 is beyond EOD, truncated [ 1246.030691][ T148] loop5: p5 start 9437184 is beyond EOD, truncated [ 1246.165739][T14454] loop2: p1 p3 < > p4 < p5 > [ 1246.171009][T14454] loop2: p1 start 285212672 is beyond EOD, truncated [ 1246.181003][T14454] loop2: p5 start 285212672 is beyond EOD, truncated [ 1246.204670][T14449] loop5: p1 p3 < > p4 < p5 > [ 1246.209735][T14449] loop5: p1 start 9437184 is beyond EOD, truncated [ 1246.219457][T14449] loop5: p5 start 9437184 is beyond EOD, truncated 01:05:24 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a00a000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1246.257463][T14461] loop3: p1 p3 < > p4 < p5 > [ 1246.262627][T14461] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1246.272016][T14461] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1246.283477][ T148] loop3: p1 p3 < > p4 < p5 > [ 1246.288924][ T148] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1246.303151][ T148] loop3: p5 size 11290111 extends beyond EOD, truncated 01:05:24 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0x3, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) [ 1246.477603][T14454] loop2: p1 p3 < > p4 < p5 > [ 1246.489906][T14454] loop2: p1 start 285212672 is beyond EOD, truncated [ 1246.498499][T14461] loop3: p1 p3 < > p4 < p5 > [ 1246.503698][T14461] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1246.526485][ T148] loop5: p1 p3 < > p4 < p5 > [ 1246.531411][ T148] loop5: p1 start 10485760 is beyond EOD, truncated [ 1246.543259][T14454] loop2: p5 start 285212672 is beyond EOD, truncated [ 1246.551839][T14461] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1246.561532][ T148] loop5: p5 start 10485760 is beyond EOD, truncated 01:05:24 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff40050a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1246.575777][T14468] loop5: p1 p3 < > p4 < p5 > [ 1246.583400][T14468] loop5: p1 start 10485760 is beyond EOD, truncated [ 1246.593196][T14468] loop5: p5 start 10485760 is beyond EOD, truncated [ 1246.673310][ T148] loop5: p1 p3 < > p4 < p5 > [ 1246.679690][ T148] loop5: p1 start 10485760 is beyond EOD, truncated [ 1246.688944][ T148] loop5: p5 start 10485760 is beyond EOD, truncated [ 1246.858052][T14476] loop3: p1 p3 < > p4 < p5 > [ 1246.868893][T14476] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1246.881146][T14476] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1246.957286][T14476] loop3: p1 p3 < > p4 < p5 > [ 1246.967595][T14476] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1246.995892][T14476] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1247.593712][ T372] Bluetooth: hci0: command 0x1003 tx timeout [ 1247.599751][ T9371] Bluetooth: hci0: sending frame failed (-49) [ 1249.673617][ T101] Bluetooth: hci0: command 0x1001 tx timeout [ 1249.679643][ T9371] Bluetooth: hci0: sending frame failed (-49) [ 1251.753561][ T101] Bluetooth: hci0: command 0x1009 tx timeout 01:05:34 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0x4, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) 01:05:34 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000012ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:05:34 executing program 0: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x10000000013, &(0x7f0000000000)=0x2000000000000001, 0x4) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000180)='ip6gre0\x00', 0x10) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r4, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r5, 0x0) preadv(r5, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet_tcp_TCP_MD5SIG(r5, 0x6, 0xe, &(0x7f0000000340)={@in6={{0xa, 0x4e21, 0x1, @mcast2, 0x4dfb}}, 0x0, 0x0, 0x3a, 0x0, "a4f33352529a6e6d1b2a90608347d289f280e40b91450e0f9e54a5236fef3a1ef59d4310379c4c748808853ea1c67358f8295fdbf29b5ba0564607cdaad93168348b43ffcd3ff8859f813fb2f8fd59bb"}, 0xd8) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x2, &(0x7f0000000200)=0x7fff, 0x4) connect$inet(r3, &(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f0000000300)={0x0, 0xcbf, 0x80000001}, 0x14) write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x140006, 0x0) 01:05:34 executing program 4: clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) exit_group(0x40000) perf_event_open(0x0, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x30) 01:05:34 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a005901ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:05:34 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff80050a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:05:34 executing program 4: clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000280)={0x2, 0x7, 0x4, 0x3, 0x18, "5ff1bdf8d0952b6886f678f3e4228c816980a3"}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) r2 = bpf$ITER_CREATE(0x21, &(0x7f0000000080), 0x8) setsockopt$inet6_MRT6_ADD_MFC(r2, 0x29, 0xcc, &(0x7f0000000200)={{0xa, 0x4e23, 0x4, @loopback, 0x7}, {0xa, 0x4e22, 0x5, @remote, 0x3ff}, 0x7, [0x7, 0xffff1dbc, 0x6, 0x7b, 0x5, 0x4, 0xffff]}, 0x5c) ioctl$KDADDIO(r2, 0x400455c8, 0x10000000000004) perf_event_open(&(0x7f0000000180)={0x0, 0x80, 0x80, 0x9, 0x3d, 0x7, 0x0, 0x5, 0x100, 0xb, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x2, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x100, 0x1, @perf_bp={&(0x7f0000000140)}, 0x40000, 0x101, 0x9, 0x5, 0x3ff, 0x6, 0xfffb, 0x0, 0x100, 0x0, 0x400}, 0xffffffffffffffff, 0xe, 0xffffffffffffffff, 0x8) open(&(0x7f0000000100)='./file0\x00', 0x41000, 0x0) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x30) 01:05:34 executing program 4: clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) clone(0x20000300, &(0x7f00000000c0)="c006cd7b2866b48e1d378cf2919fd1c0b13cfc2a03b789affcf9d7", &(0x7f0000000140), &(0x7f0000000180), &(0x7f00000001c0)="f592f7d62026c2817c2f9050a1dc1a3443d6400e17fdf8e11998d44c0f95250f95163947899245b104334026f2fb6ec638a822feb9d38292a14bca9ebacec23c41ed3ba7144990a70798b6a1e4ccc78b75e648bb5154cd059bad5b659038286d5804dd952935d7a3a3bfecddefdddf83e7f38eaffd91e7f6e5e36d7084066fcb64e5aeaeb274b4d5268cacfc84c0bf7ab5eedb25e2b504afb3c2b715cd4ca56540d341198aacfca5b690224c991f96d269d9fee54757fc42ac5f0e0d3d4af555194ddcfd3239860b3cb4ea3a87ca9531e217ba4b9962fa4ba2d06d2aa67717377818fcbab1e03e5b") exit_group(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x100, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0) r2 = socket$tipc(0x1e, 0x5, 0x0) preadv(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)=""/139, 0x8b}, {&(0x7f0000000380)=""/241, 0xf1}, {&(0x7f0000000480)=""/165, 0xa5}, {&(0x7f0000000540)=""/56, 0x38}, {&(0x7f0000000580)=""/195, 0xc3}, {&(0x7f0000000680)=""/134, 0x86}, {&(0x7f0000000740)=""/53, 0x35}, {&(0x7f0000000780)=""/162, 0xa2}], 0x8, 0x4, 0xf4e) ioctl$KDADDIO(r1, 0x400455c8, 0x40) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x30) [ 1255.805610][T14486] loop3: p1 p3 < > p4 < p5 > [ 1255.810464][T14486] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1255.831708][T14486] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1255.863822][T14488] loop5: p1 p3 < > p4 < p5 > [ 1255.871164][T14488] loop5: p1 start 22609920 is beyond EOD, truncated [ 1255.872260][T14495] loop2: p1 p3 < > p4 < p5 > [ 1255.885431][T14495] loop2: p1 start 301989888 is beyond EOD, truncated [ 1255.887844][T14488] loop5: p5 start 22609920 is beyond EOD, truncated [ 1255.893855][T14495] loop2: p5 start 301989888 is beyond EOD, truncated 01:05:34 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000402ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1255.931045][T14499] blk_update_request: I/O error, dev loop3, sector 9 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 1255.942982][T14486] __loop_clr_fd: partition scan of loop3 failed (rc=-16) [ 1255.957822][T14487] blk_update_request: I/O error, dev loop3, sector 264064 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 01:05:34 executing program 4: clone(0x54200000, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x30) [ 1255.990561][ T119] blk_update_request: I/O error, dev loop3, sector 9 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1256.001977][ T119] Buffer I/O error on dev loop3p3, logical block 0, async page read [ 1256.015715][ T119] blk_update_request: I/O error, dev loop3, sector 9 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1256.026799][ T119] Buffer I/O error on dev loop3p3, logical block 0, async page read [ 1256.035128][ T119] blk_update_request: I/O error, dev loop3, sector 264064 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1256.046860][ T119] Buffer I/O error on dev loop3p1, logical block 33008, async page read [ 1256.056429][ T119] blk_update_request: I/O error, dev loop3, sector 9 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1256.067426][ T119] Buffer I/O error on dev loop3p3, logical block 0, async page read [ 1256.075727][ T95] blk_update_request: I/O error, dev loop3, sector 9 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1256.086782][ T95] Buffer I/O error on dev loop3p3, logical block 0, async page read [ 1256.097100][T14515] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 1256.113370][ T95] blk_update_request: I/O error, dev loop3, sector 9 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1256.124481][ T95] Buffer I/O error on dev loop3p3, logical block 0, async page read [ 1256.132972][ T95] blk_update_request: I/O error, dev loop3, sector 9 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1256.144508][ T95] Buffer I/O error on dev loop3p3, logical block 0, async page read [ 1256.152752][ T95] Buffer I/O error on dev loop3p3, logical block 0, async page read [ 1256.161401][ T95] Buffer I/O error on dev loop3p3, logical block 0, async page read [ 1256.169869][ T95] Buffer I/O error on dev loop3p3, logical block 0, async page read [ 1256.186101][T14517] loop5: p1 p3 < > p4 < p5 > 01:05:34 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0050a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1256.197185][T14517] loop5: p1 start 33816576 is beyond EOD, truncated [ 1256.227558][T14517] loop5: p5 start 33816576 is beyond EOD, truncated 01:05:34 executing program 4: clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) r1 = getpid() sched_setattr(r1, &(0x7f0000000040)={0x72, 0x2, 0x0, 0x0, 0x8}, 0x0) tkill(r1, 0xf) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x30) [ 1256.247696][T14495] loop2: p1 p3 < > p4 < p5 > [ 1256.260643][T14495] loop2: p1 start 301989888 is beyond EOD, truncated [ 1256.284390][T14495] loop2: p5 start 301989888 is beyond EOD, truncated [ 1256.297632][T10939] Bluetooth: hci0: Frame reassembly failed (-84) [ 1256.325603][ T148] loop2: p1 p3 < > p4 < p5 > [ 1256.330677][T14526] loop3: p1 p3 < > p4 < p5 > [ 1256.330735][ T148] loop2: p1 start 301989888 is beyond EOD, truncated 01:05:34 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0x5, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) 01:05:34 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a001c13ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1256.335532][T14526] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1256.350836][ T148] loop2: p5 start 301989888 is beyond EOD, truncated [ 1256.367794][T14526] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1256.415491][T14517] loop5: p1 p3 < > p4 < p5 > [ 1256.420977][T14517] loop5: p1 start 33816576 is beyond EOD, truncated [ 1256.429801][T14517] loop5: p5 start 33816576 is beyond EOD, truncated [ 1256.462893][ T148] loop3: p1 p3 < > p4 < p5 > [ 1256.468874][ T148] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1256.478402][ T148] loop3: p5 size 11290111 extends beyond EOD, truncated 01:05:34 executing program 0: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x10000000013, &(0x7f0000000000)=0x2000000000000001, 0x4) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000180)='ip6gre0\x00', 0x10) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x2, &(0x7f0000000200)=0x7fff, 0x4) connect$inet(r3, &(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) r5 = syz_open_dev$mouse(&(0x7f0000000040), 0x7fff, 0x2300) setsockopt$inet_tcp_TCP_MD5SIG(r5, 0x6, 0xe, &(0x7f0000000340)={@in={{0x2, 0x4e24, @private=0xa010102}}, 0x0, 0x0, 0x1d, 0x0, "f6e906d4c2f522b7506d53f966dd1c87b53e95fc2786aa5745760cab57e39b08afe5354c048f539554d7c445aa562fe8443d7cae3dc46c7626b6ab9184bee69d766eff24d14b78e948e7d258cbb40028"}, 0xd8) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f0000000300)={0x0, 0xcbf, 0x80000001}, 0x14) write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x140006, 0x0) 01:05:34 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000003ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:05:34 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff00060a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1256.655523][T14537] loop2: p1 p3 < > p4 < p5 > [ 1256.661539][T14537] loop2: p1 start 320602112 is beyond EOD, truncated [ 1256.687008][T14537] loop2: p5 start 320602112 is beyond EOD, truncated [ 1256.715376][ T148] loop2: p1 p3 < > p4 < p5 > [ 1256.720321][ T148] loop2: p1 start 320602112 is beyond EOD, truncated [ 1256.740991][ T148] loop2: p5 start 320602112 is beyond EOD, truncated [ 1256.784621][T14546] loop3: p1 p3 < > p4 < p5 > [ 1256.791219][T14546] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1256.816851][T14546] loop3: p5 size 11290111 extends beyond EOD, truncated 01:05:35 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a006813ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:05:35 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0x6, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) [ 1256.873419][T14547] loop5: p1 p3 < > p4 < p5 > [ 1256.880586][T14547] loop5: p1 start 50331648 is beyond EOD, truncated [ 1256.912409][T14547] loop5: p5 start 50331648 is beyond EOD, truncated [ 1256.944096][T14546] loop3: p1 p3 < > p4 < p5 > [ 1256.948995][T14546] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1256.967746][T14546] loop3: p5 size 11290111 extends beyond EOD, truncated 01:05:35 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff40060a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1257.043626][T14554] loop2: p1 p3 < > p4 < p5 > [ 1257.048563][T14554] loop2: p1 start 325582848 is beyond EOD, truncated [ 1257.070721][T14554] loop2: p5 start 325582848 is beyond EOD, truncated [ 1257.227857][T14547] loop5: p1 p3 < > p4 < p5 > [ 1257.233436][T14547] loop5: p1 start 50331648 is beyond EOD, truncated [ 1257.251209][T14547] loop5: p5 start 50331648 is beyond EOD, truncated [ 1257.265506][ T148] loop5: p1 p3 < > p4 < p5 > [ 1257.270540][ T148] loop5: p1 start 50331648 is beyond EOD, truncated [ 1257.285924][ T148] loop5: p5 start 50331648 is beyond EOD, truncated [ 1257.293867][T14554] loop2: p1 p3 < > p4 < p5 > [ 1257.299144][T14554] loop2: p1 start 325582848 is beyond EOD, truncated [ 1257.323249][T14554] loop2: p5 start 325582848 is beyond EOD, truncated 01:05:35 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000204ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1257.334629][T14562] loop3: p1 p3 < > p4 < p5 > [ 1257.341121][T14562] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1257.359723][T14562] loop3: p5 size 11290111 extends beyond EOD, truncated 01:05:35 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a009813ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1257.422488][ T148] loop3: p1 p3 < > p4 < p5 > [ 1257.427746][ T148] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1257.439626][ T148] loop3: p5 size 11290111 extends beyond EOD, truncated 01:05:35 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff80060a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1257.503373][ T347] __loop_clr_fd: partition scan of loop5 failed (rc=-16) [ 1257.561130][T14565] loop2: p1 p3 < > p4 < p5 > [ 1257.567203][T14565] loop2: p1 start 328728576 is beyond EOD, truncated [ 1257.576107][T14565] loop2: p5 start 328728576 is beyond EOD, truncated [ 1257.618560][T14568] loop5: p1 p3 < > p4 < p5 > [ 1257.628141][T14568] loop5: p1 start 67239936 is beyond EOD, truncated [ 1257.638337][T14568] loop5: p5 start 67239936 is beyond EOD, truncated [ 1257.647219][ T148] loop5: p1 p3 < > p4 < p5 > [ 1257.652180][ T148] loop5: p1 start 67239936 is beyond EOD, truncated [ 1257.659587][T14573] loop3: p1 p3 < > p4 < p5 > [ 1257.665030][T14573] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1257.665956][ T148] loop5: p5 start 67239936 is beyond EOD, truncated [ 1257.675204][T14573] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1257.848731][T14565] loop2: p1 p3 < > p4 < p5 > [ 1257.853812][T14565] loop2: p1 start 328728576 is beyond EOD, truncated [ 1257.861442][T14565] loop2: p5 start 328728576 is beyond EOD, truncated [ 1257.873731][T14568] loop5: p1 p3 < > p4 < p5 > [ 1257.878559][T14568] loop5: p1 start 67239936 is beyond EOD, truncated [ 1257.886726][T14568] loop5: p5 start 67239936 is beyond EOD, truncated [ 1257.894882][ T148] loop5: p1 p3 < > p4 < p5 > [ 1257.899820][ T148] loop5: p1 start 67239936 is beyond EOD, truncated [ 1257.907856][ T148] loop5: p5 start 67239936 is beyond EOD, truncated [ 1257.925908][ T148] loop5: p1 p3 < > p4 < p5 > [ 1257.930702][ T148] loop5: p1 start 67239936 is beyond EOD, truncated [ 1257.938515][ T148] loop5: p5 start 67239936 is beyond EOD, truncated [ 1258.312979][T14541] Bluetooth: hci0: command 0x1003 tx timeout [ 1258.319232][ T9371] Bluetooth: hci0: sending frame failed (-49) [ 1260.392919][ T372] Bluetooth: hci0: command 0x1001 tx timeout [ 1260.398983][ T9371] Bluetooth: hci0: sending frame failed (-49) [ 1262.472841][ T372] Bluetooth: hci0: command 0x1009 tx timeout 01:05:44 executing program 4: clone(0x2000205effc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x30) clock_nanosleep(0x7, 0x1, &(0x7f0000000080), &(0x7f0000000100)) 01:05:44 executing program 0: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$FS_IOC_GETFLAGS(r2, 0x80086601, &(0x7f0000000040)) setsockopt$inet_tcp_int(r3, 0x6, 0x1, &(0x7f0000000000)=0x8001, 0x4) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000180)='ip6gre0\x00', 0x10) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r4, 0x0) ioctl$BTRFS_IOC_BALANCE(r0, 0x5000940c, 0x0) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x2, &(0x7f0000000200)=0x7fff, 0x4) r5 = accept$inet(r0, 0x0, &(0x7f0000000080)) connect$inet(r5, &(0x7f00000000c0)={0x2, 0x1, @rand_addr=0x64010101}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f0000000300)={0x0, 0xcbf, 0x80000001}, 0x14) write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x140006, 0x0) 01:05:44 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0x7, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) 01:05:44 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000018ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:05:44 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0060a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:05:44 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000604ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:05:44 executing program 4: clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) exit_group(0x61c) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)) ioctl$TCFLSH(r0, 0x540b, 0x1) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x30) 01:05:45 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) getsockopt$inet6_mtu(r0, 0x29, 0x17, &(0x7f0000000080), &(0x7f0000000100)=0x4) clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x1) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r1, 0x400455c8, 0x6) exit_group(0x80000001) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000000)=0x30) 01:05:45 executing program 0: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e22, @empty}, 0x10) r2 = socket$inet_udp(0x2, 0x2, 0x0) mmap(&(0x7f000047b000/0x2000)=nil, 0x2000, 0x8, 0x20010, r0, 0xba45d000) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x10000000013, &(0x7f0000000000)=0x2000000000000001, 0x4) setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000140)='ip6gre0\x00', 0x10) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5800000, 0x100010, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x2, &(0x7f0000000200)=0x7fff, 0x4) connect$inet(r3, &(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f0000000300)={0x0, 0xcbf, 0x80000001, 0x80000000}, 0x14) mmap(&(0x7f00002e3000/0x4000)=nil, 0x4000, 0x0, 0x8010, r2, 0x24826000) write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x140006, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r5, 0x0) preadv(r5, &(0x7f00000001c0)=[{&(0x7f0000000240)=""/186, 0xba}, {&(0x7f0000000180)=""/45, 0x2d}, {&(0x7f0000000340)=""/4096, 0x1000}], 0x3, 0xd9f, 0xfffffffd) setsockopt$inet_tcp_TCP_CONGESTION(r5, 0x6, 0xd, &(0x7f0000000080)='dctcp-reno\x00', 0xb) [ 1266.695246][T14584] loop2: p1 p3 < > p4 < p5 > [ 1266.706448][T14584] loop2: p1 start 402653184 is beyond EOD, truncated [ 1266.727160][T14584] loop2: p5 start 402653184 is beyond EOD, truncated 01:05:45 executing program 4: clone(0x28020000, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x30) [ 1266.766099][T14589] loop5: p1 p3 < > p4 < p5 > [ 1266.771478][T14589] loop5: p1 start 67502080 is beyond EOD, truncated [ 1266.785004][T14589] loop5: p5 start 67502080 is beyond EOD, truncated [ 1266.809866][T14590] loop3: p1 p3 < > p4 < p5 > [ 1266.814959][T14590] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1266.826149][T14590] loop3: p5 size 11290111 extends beyond EOD, truncated 01:05:45 executing program 4: clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) exit_group(0x400) perf_event_open(&(0x7f0000000100)={0x4, 0x80, 0x21, 0x40, 0x3f, 0x2, 0x0, 0x1, 0x8400, 0x8, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1ff, 0x1, @perf_config_ext={0xfffffffffffffeff, 0x2}, 0x10000, 0x3, 0x8, 0x7, 0x100000001, 0x7fffffff, 0x6, 0x0, 0x6, 0x0, 0x1}, 0xffffffffffffffff, 0xf, 0xffffffffffffffff, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x30) 01:05:45 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a00131cff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1266.923136][T14589] loop5: p1 p3 < > p4 < p5 > [ 1266.928466][T14589] loop5: p1 start 67502080 is beyond EOD, truncated [ 1266.937954][T14589] loop5: p5 start 67502080 is beyond EOD, truncated 01:05:45 executing program 4: clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x1) clone(0x108000, &(0x7f0000000100)="b6447d763e5339160a5a735feb80c7b0e236fe10d10c3cd743dbe45bbc27a32b6203ebac863ea044dce37a1f64b680e4277e76a016f3b6200c1834b8f66706cead2c6476cbaa9e9390975b1d72e01c30c46e3e94be03d0655b8a69c1fc33f6af804eb3516767d3102c503bd5dee5112760029428ecdb9804a2777569a125af38a98a0b19dbda2fc20fda1fe01fe0ac193b994b10d04ddf7765f6b7d8d39d6d1c836337c30032f4898c4d19b116a8c6c8745b07793aaf", &(0x7f0000000080), &(0x7f00000001c0), &(0x7f0000000200)="63482af67592d3ff0a53a5820be85ce0fe0a3bc6090b47eb69712240abb67a943fe6060b7bb2590ea772621e18da5d39132235f140df049ad6c7b57b5c48d41c01d20b38ddbf0fdcb2cf38b3599888b1b1c5356dcff743e58bde24189db112f3e962ff3990504ece4e8037922e58bcf976881a22dbf1698210afd89effe3a314593a8928fb76ab64451b9ab4b234") ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x30) 01:05:45 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000005ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:05:45 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0x8, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) 01:05:45 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff00070a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1267.065317][ T163] Bluetooth: hci0: Frame reassembly failed (-84) [ 1267.123188][T14616] loop2: p1 p3 < > p4 < p5 > [ 1267.128384][T14616] loop2: p1 start 471007232 is beyond EOD, truncated [ 1267.140282][T14616] loop2: p5 start 471007232 is beyond EOD, truncated 01:05:45 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a00001fff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1267.180545][T14621] loop5: p1 p3 < > p4 < p5 > [ 1267.192102][T14621] loop5: p1 start 83886080 is beyond EOD, truncated [ 1267.210122][T14621] loop5: p5 start 83886080 is beyond EOD, truncated [ 1267.290361][T14636] loop3: p1 p3 < > p4 < p5 > [ 1267.295427][T14636] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1267.311179][T14636] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1267.334129][T14635] loop2: p1 p3 < > p4 < p5 > [ 1267.338983][T14635] loop2: p1 start 520093696 is beyond EOD, truncated [ 1267.347690][T14635] loop2: p5 start 520093696 is beyond EOD, truncated 01:05:45 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0x9, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) 01:05:45 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000020ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1267.518088][T14621] loop5: p1 p3 < > p4 < p5 > [ 1267.527570][T14621] loop5: p1 start 83886080 is beyond EOD, truncated [ 1267.536690][T14621] loop5: p5 start 83886080 is beyond EOD, truncated 01:05:45 executing program 0: unlink(&(0x7f0000000040)='./file0\x00') pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000140), 0x90, &(0x7f0000000340)={[{@redirect_dir={'redirect_dir', 0x3d, './file0'}}, {@redirect_dir={'redirect_dir', 0x3d, './file0'}}, {@default_permissions}], [{@fowner_lt={'fowner<', 0xee00}}, {@fsuuid={'fsuuid', 0x3d, {[0x34, 0x64, 0x33, 0x39, 0x30, 0x31, 0x64, 0x38], 0x2d, [0x35, 0x36, 0x30, 0x36], 0x2d, [0x3a, 0x39, 0x63, 0x39], 0x2d, [0x39, 0x61, 0x64, 0x63], 0x2d, [0x35, 0x34, 0x35, 0x36, 0x39, 0x63, 0x37, 0x33]}}}]}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x10000000013, &(0x7f0000000000)=0x2000000000000001, 0x4) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000180)='ip6gre0\x00', 0x10) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x2, &(0x7f0000000200)=0x7fff, 0x4) connect$inet(r3, &(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f0000000300)={0x0, 0xcbf, 0x80000001}, 0x14) write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x140006, 0x0) [ 1267.582704][T14636] loop3: p1 p3 < > p4 < p5 > [ 1267.587547][T14636] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1267.604122][T14636] loop3: p5 size 11290111 extends beyond EOD, truncated 01:05:45 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a00fa05ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:05:45 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff40070a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1267.629265][T14646] loop2: p1 p3 < > p4 < p5 > [ 1267.653716][T14646] loop2: p1 start 536870912 is beyond EOD, truncated [ 1267.688021][T14646] loop2: p5 start 536870912 is beyond EOD, truncated [ 1267.767646][T14654] loop5: p1 p3 < > p4 < p5 > [ 1267.772701][T14654] loop5: p1 start 100270080 is beyond EOD, truncated [ 1267.784904][T14654] loop5: p5 start 100270080 is beyond EOD, truncated 01:05:46 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000b21ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:05:46 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a00fb05ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1267.917965][T14653] loop3: p1 p3 < > p4 < p5 > [ 1267.924122][T14653] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1267.934189][T14653] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1267.954949][ T148] loop2: p1 p3 < > p4 < p5 > [ 1267.960176][ T148] loop2: p1 start 554369024 is beyond EOD, truncated [ 1267.974502][ T148] loop2: p5 start 554369024 is beyond EOD, truncated [ 1267.989087][T14660] loop5: p1 p3 < > p4 < p5 > [ 1267.993573][T14658] loop2: p1 p3 < > p4 < p5 > [ 1267.999234][T14658] loop2: p1 start 554369024 is beyond EOD, truncated [ 1267.999286][T14660] loop5: p1 start 100335616 is beyond EOD, truncated [ 1268.007903][T14658] loop2: p5 start 554369024 is beyond EOD, truncated [ 1268.016459][T14660] loop5: p5 start 100335616 is beyond EOD, truncated [ 1268.133807][T14658] loop2: p1 p3 < > p4 < p5 > [ 1268.138776][T14658] loop2: p1 start 554369024 is beyond EOD, truncated [ 1268.147538][T14658] loop2: p5 start 554369024 is beyond EOD, truncated [ 1268.166602][T14660] loop5: p1 p3 < > p4 < p5 > [ 1268.178205][T14660] loop5: p1 start 100335616 is beyond EOD, truncated [ 1268.187603][T14660] loop5: p5 start 100335616 is beyond EOD, truncated [ 1269.112293][ T372] Bluetooth: hci0: command 0x1003 tx timeout [ 1269.118333][ T9371] Bluetooth: hci0: sending frame failed (-49) [ 1271.192217][ T372] Bluetooth: hci0: command 0x1001 tx timeout [ 1271.198338][ T9371] Bluetooth: hci0: sending frame failed (-49) [ 1273.272088][ T372] Bluetooth: hci0: command 0x1009 tx timeout 01:05:55 executing program 4: clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x402, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) r1 = syz_open_dev$vcsa(&(0x7f0000000080), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000000)=0x30) 01:05:55 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xb, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) 01:05:55 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff80070a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:05:55 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000025ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:05:55 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a00fc05ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:05:55 executing program 0: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x10000000013, &(0x7f0000000000)=0x2000000000000001, 0x4) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000180)='ip6gre0\x00', 0x10) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x2, &(0x7f0000000200)=0x7fff, 0x4) connect$inet(r3, &(0x7f00000000c0)={0x2, 0x10, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f0000000300)={0x0, 0xcbf, 0x80000001}, 0x14) write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x140006, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r5, 0x0) preadv(r5, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r6 = accept4$bt_l2cap(r5, &(0x7f0000000040)={0x1f, 0x0, @none}, &(0x7f0000000080)=0xe, 0x80000) ioctl$BTRFS_IOC_START_SYNC(r6, 0x80089418, &(0x7f0000000140)) recvfrom(0xffffffffffffffff, &(0x7f0000000340)=""/206, 0xce, 0x62, 0x0, 0x0) [ 1277.542695][ T9371] Bluetooth: hci0: sending frame failed (-49) [ 1277.561019][T14677] loop3: p1 p3 < > p4 < p5 > [ 1277.566095][T14677] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1277.575990][T14677] loop3: p5 size 11290111 extends beyond EOD, truncated 01:05:55 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0070a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1277.637739][T14676] loop5: p1 p3 < > p4 < p5 > [ 1277.637853][T14678] loop2: p1 p3 < > p4 < p5 > [ 1277.642775][T14676] loop5: p1 start 100401152 is beyond EOD, truncated [ 1277.664203][T14678] loop2: p1 start 620756992 is beyond EOD, truncated [ 1277.674075][T14676] loop5: p5 start 100401152 is beyond EOD, truncated [ 1277.690449][T14678] loop2: p5 start 620756992 is beyond EOD, truncated 01:05:56 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a00fd05ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:05:56 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a00003fff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1277.882570][T14692] loop3: p1 p3 < > p4 < p5 > [ 1277.887881][T14692] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1277.896667][ T148] loop5: p1 p3 < > p4 < p5 > [ 1277.897992][T14692] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1277.902292][ T148] loop5: p1 start 100466688 is beyond EOD, truncated [ 1277.921210][ T148] loop5: p5 start 100466688 is beyond EOD, truncated [ 1277.933449][T14700] loop2: p1 p3 < > p4 < p5 > [ 1277.938367][T14700] loop2: p1 start 1056964608 is beyond EOD, truncated [ 1277.947209][T14700] loop2: p5 start 1056964608 is beyond EOD, truncated [ 1277.976983][T14697] loop5: p1 p3 < > p4 < p5 > [ 1277.981999][T14697] loop5: p1 start 100466688 is beyond EOD, truncated [ 1277.990762][T14697] loop5: p5 start 100466688 is beyond EOD, truncated [ 1278.064770][T14692] loop3: p1 p3 < > p4 < p5 > [ 1278.070181][T14692] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1278.084169][T14692] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1278.102766][T14700] loop2: p1 p3 < > p4 < p5 > 01:05:56 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000006ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1278.111046][T14700] loop2: p1 start 1056964608 is beyond EOD, truncated [ 1278.119543][T14700] loop2: p5 start 1056964608 is beyond EOD, truncated 01:05:56 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff40080a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:05:56 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000040ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1278.241612][ T148] loop2: p1 p3 < > p4 < p5 > [ 1278.246532][ T148] loop2: p1 start 1056964608 is beyond EOD, truncated [ 1278.257143][ T148] loop2: p5 start 1056964608 is beyond EOD, truncated [ 1278.262397][T14707] loop5: p1 p3 < > p4 < p5 > [ 1278.269775][T14707] loop5: p1 start 100663296 is beyond EOD, truncated [ 1278.279127][T14707] loop5: p5 start 100663296 is beyond EOD, truncated [ 1278.297221][T14710] loop3: p1 p3 < > p4 < p5 > [ 1278.302287][T14710] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1278.312948][T14710] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1278.443305][T14713] loop2: p1 p3 < > p4 < p5 > [ 1278.445049][ T148] loop5: p1 p3 < > p4 < p5 > [ 1278.452118][T14713] loop2: p1 start 1073741824 is beyond EOD, truncated [ 1278.453350][ T148] loop5: p1 start 100663296 is beyond EOD, truncated [ 1278.463379][T14713] loop2: p5 start 1073741824 is beyond EOD, truncated [ 1278.469394][ T148] loop5: p5 start 100663296 is beyond EOD, truncated [ 1278.488338][T14707] loop5: p1 p3 < > p4 < p5 > [ 1278.493643][T14707] loop5: p1 start 100663296 is beyond EOD, truncated [ 1278.501383][T14707] loop5: p5 start 100663296 is beyond EOD, truncated [ 1278.502209][T14710] loop3: p1 p3 < > p4 < p5 > [ 1278.515872][T14710] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1278.524470][T14710] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1278.642202][ T148] loop3: p1 p3 < > p4 < p5 > [ 1278.647044][ T148] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1278.656056][ T148] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1279.591641][ T1216] Bluetooth: hci0: command 0x1003 tx timeout [ 1279.597803][ T9371] Bluetooth: hci0: sending frame failed (-49) [ 1281.671585][ T1216] Bluetooth: hci0: command 0x1001 tx timeout [ 1281.677739][ T9371] Bluetooth: hci0: sending frame failed (-49) [ 1283.751454][ T1216] Bluetooth: hci0: command 0x1009 tx timeout 01:06:06 executing program 4: clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x185640, 0x0) exit_group(0x0) perf_event_open(0x0, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x30) 01:06:06 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xc, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) 01:06:06 executing program 0: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x10000000013, &(0x7f0000000000)=0x2000000000000001, 0x4) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000180)='ip6gre0\x00', 0x10) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) splice(r4, &(0x7f00000001c0)=0x5, r1, &(0x7f0000000240)=0x401, 0x0, 0xf) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x2, &(0x7f0000000200)=0x7fff, 0x4) connect$inet(r3, &(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) r5 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x20000, 0x0) ioctl$TCGETS(r5, 0x5401, &(0x7f0000000140)) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f0000000300)={0x0, 0xcbf, 0x80000001}, 0x14) write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x140006, 0x0) ioctl$sock_SIOCGIFVLAN_GET_VLAN_REALDEV_NAME_CMD(r0, 0x8982, &(0x7f0000000040)={0x8, 'ip6erspan0\x00', {'ip6_vti0\x00'}, 0x8}) 01:06:06 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff80080a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:06:06 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000048ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:06:06 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000406ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:06:06 executing program 4: clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) clone(0x4000080, &(0x7f0000000080)="4796a90b5a70c7893da35e0cef8cab", &(0x7f0000000100), &(0x7f0000000140), &(0x7f0000000180)="593d84cef1c5f57ded16d4417e5b73739a999b181251e1b7c77e77f23c485bacc5022646eb35072c9ca688a1b36fc9cddafe89296b116bef3af8b98389ef6ae1f8a5fb18387114cce9ea33484203baa17ca7d4f35c8853a7b33d7170aa128c47bdcd307f6019c4fa2c29ee3738bfae8ba49771f42f239c9400d5908f8c13b3fe00a3fcc6a9081dc7fae92b738a51b9147748a6a70e4a73ee7404ded3b111863111964808c56b9c2e3a1aebb981651c46aa") r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) perf_event_open(0x0, 0x0, 0x5, r1, 0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x30) [ 1287.832549][T14724] loop5: p1 p3 < > p4 < p5 > [ 1287.838038][T14724] loop5: p1 start 100925440 is beyond EOD, truncated [ 1287.857743][T14724] loop5: p5 start 100925440 is beyond EOD, truncated [ 1287.864471][T13027] Bluetooth: hci0: received HCILL_GO_TO_SLEEP_ACK in state 0 [ 1287.872789][ T9371] Bluetooth: hci0: sending frame failed (-49) [ 1287.935555][T14730] loop3: p1 p3 < > p4 < p5 > [ 1287.940715][T14734] loop2: p1 p3 < > p4 < p5 > [ 1287.940992][T14730] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1287.946575][T14734] loop2: p1 start 1207959552 is beyond EOD, truncated [ 1287.964540][T14734] loop2: p5 start 1207959552 is beyond EOD, truncated [ 1287.981202][T14730] loop3: p5 size 11290111 extends beyond EOD, truncated 01:06:06 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a00004cff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1288.032802][T14724] loop5: p1 p3 < > p4 < p5 > [ 1288.046830][T14724] loop5: p1 start 100925440 is beyond EOD, truncated [ 1288.062408][T14724] loop5: p5 start 100925440 is beyond EOD, truncated 01:06:06 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000007ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:06:06 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0080a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:06:06 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xd, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) [ 1288.294261][T14753] loop2: p1 p3 < > p4 < p5 > [ 1288.300203][T14755] loop5: p1 p3 < > p4 < p5 > [ 1288.308229][T14753] loop2: p1 start 1275068416 is beyond EOD, truncated [ 1288.315241][T14755] loop5: p1 start 117440512 is beyond EOD, truncated [ 1288.323443][T14753] loop2: p5 start 1275068416 is beyond EOD, truncated [ 1288.331514][T14755] loop5: p5 start 117440512 is beyond EOD, truncated [ 1288.341925][ T148] loop3: p1 p3 < > p4 < p5 > [ 1288.346863][ T148] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1288.357013][ T148] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1288.435255][T14762] loop3: p1 p3 < > p4 < p5 > [ 1288.442614][T14762] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1288.455918][T14762] loop3: p5 size 11290111 extends beyond EOD, truncated 01:06:06 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000055ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1288.492829][T14755] loop5: p1 p3 < > p4 < p5 > [ 1288.497784][T14755] loop5: p1 start 117440512 is beyond EOD, truncated [ 1288.530175][T14755] loop5: p5 start 117440512 is beyond EOD, truncated 01:06:06 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a001208ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:06:06 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xe, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) [ 1288.593833][T14768] loop2: p1 p3 < > p4 < p5 > [ 1288.607801][T14768] loop2: p1 start 1426063360 is beyond EOD, truncated [ 1288.616492][T14768] loop2: p5 start 1426063360 is beyond EOD, truncated [ 1288.625192][ T148] loop2: p1 p3 < > p4 < p5 > [ 1288.629995][ T148] loop2: p1 start 1426063360 is beyond EOD, truncated [ 1288.639128][ T148] loop2: p5 start 1426063360 is beyond EOD, truncated 01:06:06 executing program 0: pipe(&(0x7f0000000100)={0xffffffffffffffff}) r1 = socket$inet_udp(0x2, 0x2, 0x0) close(r1) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r2, 0x6, 0x10000000013, &(0x7f0000000000)=0x2000000000000001, 0x4) setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000180)='ip6gre0\x00', 0x10) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r3, 0x0) preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) listen(r4, 0x7) setsockopt$inet_tcp_int(r2, 0x6, 0x1b, &(0x7f0000000200)=0x7fff, 0x4) connect$inet(r2, &(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r2, 0x6, 0x1d, &(0x7f0000000300)={0x0, 0xcbf, 0x80000001}, 0x14) socket$nl_route(0x10, 0x3, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) write$binfmt_misc(r0, &(0x7f0000000040)=ANY=[], 0xfffffecc) splice(r0, 0x0, r1, 0x0, 0x140006, 0x0) 01:06:06 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff00090a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1288.803318][T14768] loop2: p1 p3 < > p4 < p5 > [ 1288.808198][T14768] loop2: p1 start 1426063360 is beyond EOD, truncated [ 1288.818673][T14768] loop2: p5 start 1426063360 is beyond EOD, truncated [ 1288.841769][ T148] loop3: p1 p3 < > p4 < p5 > 01:06:07 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a00f958ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1288.846998][ T148] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1288.856390][ T148] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1288.866410][T14779] loop3: p1 p3 < > p4 < p5 > [ 1288.871370][T14779] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1288.880382][T14779] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1288.940819][T14783] loop5: p1 p3 < > p4 < p5 > [ 1288.945903][T14783] loop5: p1 start 135397376 is beyond EOD, truncated [ 1288.954831][T14783] loop5: p5 start 135397376 is beyond EOD, truncated 01:06:07 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xf, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) [ 1289.053089][T14789] loop2: p1 p3 < > p4 < p5 > [ 1289.058009][T14789] loop2: p1 start 1492713472 is beyond EOD, truncated [ 1289.067160][T14789] loop2: p5 start 1492713472 is beyond EOD, truncated [ 1289.114210][T14783] loop5: p1 p3 < > p4 < p5 > [ 1289.133960][T14783] loop5: p1 start 135397376 is beyond EOD, truncated [ 1289.150953][T14783] loop5: p5 start 135397376 is beyond EOD, truncated [ 1289.194154][T14751] print_req_error: 34 callbacks suppressed [ 1289.194167][T14751] blk_update_request: I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 1289.196150][T14789] __loop_clr_fd: partition scan of loop2 failed (rc=-16) [ 1289.200121][ T119] blk_update_request: I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1289.229775][ T119] buffer_io_error: 28 callbacks suppressed [ 1289.229783][ T119] Buffer I/O error on dev loop2p4, logical block 0, async page read [ 1289.243979][ T119] blk_update_request: I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1289.255057][ T119] Buffer I/O error on dev loop2p4, logical block 0, async page read [ 1289.263291][ T119] blk_update_request: I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1289.274182][ T119] Buffer I/O error on dev loop2p4, logical block 0, async page read [ 1289.282521][ T119] blk_update_request: I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1289.293504][ T119] Buffer I/O error on dev loop2p4, logical block 0, async page read [ 1289.301715][ T119] blk_update_request: I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1289.312591][ T119] Buffer I/O error on dev loop2p4, logical block 0, async page read [ 1289.320823][ T119] blk_update_request: I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1289.331707][ T119] Buffer I/O error on dev loop2p4, logical block 0, async page read [ 1289.339979][ T119] blk_update_request: I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1289.350885][ T119] Buffer I/O error on dev loop2p4, logical block 0, async page read [ 1289.359085][ T95] blk_update_request: I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1289.370457][ T95] Buffer I/O error on dev loop2p4, logical block 0, async page read [ 1289.389862][ T119] blk_update_request: I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1289.400761][ T119] Buffer I/O error on dev loop2p4, logical block 0, async page read [ 1289.409514][ T119] Buffer I/O error on dev loop2p3, logical block 0, async page read [ 1289.911067][ T1216] Bluetooth: hci0: command 0x1003 tx timeout [ 1289.917097][ T9371] Bluetooth: hci0: sending frame failed (-49) [ 1291.990913][ T1216] Bluetooth: hci0: command 0x1001 tx timeout [ 1291.997038][ T9371] Bluetooth: hci0: sending frame failed (-49) [ 1294.070792][ T1216] Bluetooth: hci0: command 0x1009 tx timeout 01:06:16 executing program 4: setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, &(0x7f0000000180)={0x9, &(0x7f0000000100)=[{0x0, 0x5, 0x0, 0x8}, {0x5, 0x9, 0x0, 0x1000}, {0x9, 0x5, 0x9, 0x100}, {0x9aa3, 0x40, 0xe0, 0xfffffffc}, {0x639, 0x80, 0x3, 0x81}, {0x5, 0x4, 0x48, 0xfffffffb}, {0x0, 0x8, 0x8, 0x9}, {0x0, 0x0, 0x9}, {0x3, 0x6, 0x4, 0x100}]}, 0x10) clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x30) 01:06:16 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff40090a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:06:16 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000059ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:06:16 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000009ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:06:16 executing program 0: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket$inet_udp(0x2, 0x2, 0x0) close(r1) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r2, 0x6, 0x10000000013, &(0x7f0000000000)=0x2000000000000001, 0x4) setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000180)='ip6gre0\x00', 0x10) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r3, 0x0) preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet_tcp_int(r2, 0x6, 0x2, &(0x7f0000000200)=0x7fff, 0x4) connect$inet(r2, &(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r2, 0x6, 0x1d, &(0x7f0000000300)={0x0, 0xcbf, 0x2, 0xffffff91}, 0x11) write$binfmt_misc(r0, &(0x7f0000000040)=ANY=[], 0xfffffecc) splice(0xffffffffffffffff, 0x0, r1, 0x0, 0x2140006, 0x6) 01:06:16 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0x10, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) [ 1298.021181][ T163] Bluetooth: hci0: Frame reassembly failed (-84) [ 1298.060109][T14805] loop2: p1 p3 < > p4 < p5 > [ 1298.065356][T14805] loop2: p1 start 1493172224 is beyond EOD, truncated [ 1298.074668][T14805] loop2: p5 start 1493172224 is beyond EOD, truncated [ 1298.084846][T14807] loop3: p1 p3 < > p4 < p5 > [ 1298.089855][T14807] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1298.100171][T14807] loop3: p5 size 11290111 extends beyond EOD, truncated 01:06:16 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000159ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1298.128742][T14809] loop5: p1 p3 < > p4 < p5 > 01:06:16 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff80090a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1298.151931][T14809] loop5: p1 start 150994944 is beyond EOD, truncated [ 1298.167652][T14809] loop5: p5 start 150994944 is beyond EOD, truncated 01:06:16 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a00000aff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1298.211955][T14822] loop2: p1 p3 < > p4 < p5 > [ 1298.216871][T14822] loop2: p1 start 1493237760 is beyond EOD, truncated [ 1298.225230][T14822] loop2: p5 start 1493237760 is beyond EOD, truncated 01:06:16 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000060ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1298.306570][T14823] loop3: p1 p3 < > p4 < p5 > [ 1298.316533][T14823] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1298.336590][T14823] loop3: p5 size 11290111 extends beyond EOD, truncated 01:06:16 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0x11, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) 01:06:16 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc0090a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1298.524363][T14827] loop5: p1 p3 < > p4 < p5 > [ 1298.530437][T14827] loop5: p1 start 167772160 is beyond EOD, truncated [ 1298.538800][T14827] loop5: p5 start 167772160 is beyond EOD, truncated [ 1298.568132][T14834] loop2: p1 p3 < > p4 < p5 > [ 1298.581658][T14834] loop2: p1 start 1610612736 is beyond EOD, truncated [ 1298.593311][T14834] loop2: p5 start 1610612736 is beyond EOD, truncated [ 1298.681207][T14838] loop3: p1 p3 < > p4 < p5 > [ 1298.686237][T14838] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1298.704567][T14838] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1298.841382][T14834] loop2: p1 p3 < > p4 < p5 > [ 1298.850531][T14834] loop2: p1 start 1610612736 is beyond EOD, truncated [ 1298.859807][T14834] loop2: p5 start 1610612736 is beyond EOD, truncated [ 1298.911043][ T148] loop3: p1 p3 < > p4 < p5 > [ 1298.915889][ T148] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1298.924733][ T148] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1298.933483][T14838] loop3: p1 p3 < > p4 < p5 > [ 1298.938265][T14838] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1298.946617][T14838] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1300.070342][ T1216] Bluetooth: hci0: command 0x1003 tx timeout [ 1300.076496][ T9371] Bluetooth: hci0: sending frame failed (-49) [ 1302.150272][T14541] Bluetooth: hci0: command 0x1001 tx timeout [ 1302.156308][ T9371] Bluetooth: hci0: sending frame failed (-49) [ 1304.230133][T14541] Bluetooth: hci0: command 0x1009 tx timeout 01:06:26 executing program 4: clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) writev(r1, &(0x7f0000001400)=[{&(0x7f0000000100)="266badd379b4b75cc63c06ec766a2bad8b5252f1a80f3a5190b44678e0ad63bcc0741180bd1ba6a80f5768c8a4e33b804924bdfdd5c30fc9b9f13745f6ff8a5ea171cd218aa8e0aaee231c75a046117e832e3c87018b22c0cea887faa763f513d4ca43d6089534b62ed38d93dcd4a79f5405fed030522bb7afe3993b06d9857e314bd1b026cbc547042de054032ea9d24be27fd4aa36e28562575c3c27db042233a6de23d732862e61f94f76de8bb49d75f3eb35577f9519ab73bb7636a0a6adbe9435ef9b3d298f8ff1abfa0109364396b97df27a529588da3dba6f8206d63493050a0d7e88c94cc578c3db141a", 0xee}, {&(0x7f0000000200)="a2554b1c6b1bc5afa54c1dead4d05042f393879cbf60384728ba851a0f8d2ec06684f59309543dc5e77ea0a0a11170d6cd118375195692f886aa096edb53df21355e2cafee17396beea4145b60cdea4b88e3e95d4c70a7172b7c857a55df9650e47704e90ff8c3a28d97354db3fdd88c96bfc2db368c22f25d869d5ef6758a232abe090badfdcdd90451d13d3f78224d899ad0002d33c52d3b8ccb1d71717a3ba6aad41834a8e2f26468a4329767581da9d836d4c547443f7d842b5193dda7c5db70c6096ede9607f8d03410132a539342197eb34dd702c49c6b7e48a1b67a386212bbcdfe02181a", 0xe8}, {&(0x7f0000000080)="fa7ec72a22ff8a28547046c5", 0xc}, {&(0x7f0000000300)="8d942f6bf701ba223cda37d28579a9ef4126d07115bc76659d14590dce84da0ace8358775c3f288634c1ff3c96be7592ed2f5153d3f93c8504b74e12674cdcd372c7f22d06dad5e86171f9330f335231a092036ddd6081840d8fe9ea64d3dde62786a243bc85b11179c3784c5c2078d6da1bab430502fdb8f1b8a06cbfffa9790ea07961882bdf8767d115871cd638d6674ac1b235ff35aa7b25b2550d2541ccf6b478c0c2460b8670930ff6ecb7658183cba7cf12ec08c7357df8de97050fd908ea4316ea865a31d9c2f68616edc6772b8f46a7b17108b2795b3d240d6a958bac09b7b27e5992124ad0df0586e65ed87158cd1fe7c60a12388692460746fbc78b3aa451130da2d3345f36f6a91c56c61a6998529e9edfdefa6f6165347ec820cdcdda6ee708a7abbc1daa72b9413f51406f290535f175182271eb8ecb886a7094f76694e98c772f00574dd6eda5074c55799e26c10be5e266e93a46f887f62d46baffdc5580b6cda079aaaf99091ffad0fb56f385af1838ad3924b19485dbfef1eaa8d9046b87f24bfb0cde31a67e4a1aafb1e937563c62fd8127a87fa2804244439da0d46b5d6159693cebc1fbc955275682630c4b2af5e4bc03b70e1833eafbd8aa3e1ff7640cb04575bb81249d4427bce71ca280451c0c104e1879737464d52104d0cadb2f12be27580bfd11bb66c9eb81da0007f362137703a432c27229f5e2c9485a8e70de2b6c2f74396baf9ffa22a2fc6fbce5d9a8faa77b3526a08118ad4640187a0ea5e7684df76c2c4ffd31e0f72d012921255e0af4ac3755adbe99e226a43e980330e5217404a93f0f776b13bf91b7e8179f83719d12d0779795e085e496287c2e22bd9dbcc0bfa2773853162c1498cbe553e1fa8679347314ee7d2873b333ad364dfaad75ba6f0a17c92d423d7bd341f18ca99a0e742b0d79f0120cddb8c40d3f9ed4f6b437dbd2d421d448b07b0155ef6af14354a1be9ee1f0dcca993ee8bd5ca4b85c0960d787ef0e05a61cb0411daf55c451b134bb2b9eabe5a01d70478208acee22976befb249dbaf96d43acfff86aa37707d66303fdeb11a42ac44200c8e63f5226ef05c9843f6f59cb2db346256a65b234bc67a4844b88a3d398d82caeebf9b9e81bd68fb9dcc115e54f7b1202d8801258d5b6101b8fb06e9937587933c6cf63d0f7b92952e1f1667010e6a48aa3cb677687b4aa4069bb20f65d29e59bc4cffb967472e273eb2fe79d88335085a28911e03f03f88c244052d84141d3f77a2718b6d3fbb73c5545da62ea9a4a8c559bfe53c4142da7aacc094d727074a70f2e3f771fb193359cf69b1339ec3a9efa5870f3dadbfd1ff1bdbd42405fbb72290e39bf3edaade98b1ec33be1eee01f60adddd0d9de5b385e0f8ae80211cc80ffb51d030e2da3a75b95b978a55c784e4052e16ca170d70f48e1e4c37a8a52c60e014745b3e61fa9506089ca5b88f4b017220f9da7c088f823fce9fdbd2d3986f06ebd1dfcdea178d6b74725adc0dc8e7fbcfe9b7fa30dc6073ed152e1ed3e033ecaf5a308b6c1d6781e788c3947d7af54fe3f9e2423d05bf2302dfb05c9cdb27d6a9e5eca1e6f94401be540bd48f84326447a6349c6dcfa9565f44b9f0fe44ae4291df166f1d8e85f425fc5b853d3f65d6ad6638a49568315e37834b6d41a8d9ab7a34e9e6805251e6bf7f258e101feaf46381094273b1c93a544e485b1af2ccad4343cffc4f360a523208e9bcd0e10b048a6a142761becd15da5fe7f1cc254ef0b753987da8fc7cb322362953620e54b99660445cf0542b88c5384f4f620623b9fce24ea6e9e291c9d6cec838fd9597512468151adc43eb71d0a1db8d76ecefbacf2959b103f79e88e6eb501cef82ee33589d069bf888c3730c91e3a15e1675d51d6754a7ac7ab80f09c14ffe1e598b6a5c2cc061ca4bcf82c493cde4a00bdeeb7252e93fda81fbb4c0b4bbe4bef28183f9f5ac66ea2bb1cf3ff7e18e9e7d44cd03c8639d980b9bbab4b43c6a112cccaf671f3a7871d5898cddb972e2197aab5b14bde1cb39c38848c63892b5b6ece59023e2b0348b87ee03f52451c4e8cc6be9adcbc83869b163c7b32cd27d63751b5ecb47340f85127b0f80b61c06fc48837c90f7aad09b26132abc09088c9a927e0ed6f495db5722a93c47f95e319ed30037b1075c5e8f4a23953af9d713f952acaac8398f0d78e9fe6d9dfad4c3ef20267bed1756bff974f5d7a58fc0c98e6cf6cd97dcc73e6589d79636660d6ce4ff7e4004897fe0d56e421f0a97e7aa26431ba3ece87e6218a108d75c416af52a7e3aa0dfb86a225b5f51d81f694b5d2fa27dfee44ccef2ce5dc1ca549b868f7d2ef96d55d8c2967e7897254199d3ef57857813b7bac3947af87e88cfe3d30f4b44187c0997aaa795d9577115a04def5c0eca8f54f7ff1fd1f8e78a2876952e90ddc28e760f84972dcf88ac5801f9e1491b30b290e26735071207c30c6c1dd1c112b7ad3de2b7519d0b06a00cdb3c5a45611e30e2c89b4038cc854aae08764a34743df842c0da162da90868bc6d886e5088c764b8ba4acf0f588478e48255f105c5fff0ee9836df44823c307587b7a5a4fa24b0e5023fb77ec68ad0378c818cefdd5dae21305a6f3be13cfacd60ba707b38b814a049e56f3501f708575ae649b149fc18863a8e6845a96adfa62479678bc2d05e08f5d3466646d12279faf6c1491e5c4c283dfed2e96ce6a7b6a4b775116c61520a5b73bb1f42eba3b7253b3106cd5b967a0b62700f3208884a1fe2f169d6af75a8caf974f3655b1b05e284edfa3bf93ce13e36daa1ccaca73fe45b54211261bb8322766fc2df9fc7a33990985e8de9337bf37f0040a2cdbc7748d72efd8dc11ecc785a28272797e45a7ebd55d5f1bc32edc394d404c0154b8340bd2c361a0461dbf3f4659d1bacfe8c0e31713abc71752f80f2b480732037a4b6ffb8672123cb3723a7bbf1c091bce7928db3ed2877b4a890d2dadd91f147d940181b1f6dec34a3b60bb292e41e83f32b9258437c70691cfda775ba599631012f6ddf9c5ef4c55115480651431708d97ae76988b13dbe765fb4ccbb5b1e76b13ac4852e40ebf429f07c635bc0031d0ec3119c7490ac66db8a3c49296261f63a9ed061752170487ef96d7a11170964c9b5150d70a3768f2e13ed55d4443d7a84503fb38f7739de89b030043862970042c573d8821a80b69446b9f5e75905e0607729e71dd7a0a0ee3e88f9f9bf2b9ca04a5822731609cbb67620f0027f98ac84a76d1a649f811129ede365cdeb4b3dc1186f4d0af8a87a715f8a223526c805ff86ef7a8c6a6f025797b6fac788362ca4c287c1cb1ece61aeef7545c7f8619e9823ecd3150b59597d44d10ba762dca04f508a4d8f5d652ff47dcc395b9b4ddbf07c9ae3e00be0282466ccb7cd3ed17ab3562173a49c4fe35e88f48d898d738c8f911f8c64ac6223c0b5163393462b560232c7b3638cef0c248460b74498bad17dc8338dd42da44dafc1fa714a206ab95020e881ab713af6820c61b2247cf7b088431ca1cf40027f84015a539ba566b7757b1288d2ecc4621b87831a711e094da5fa3b8544e46d8a120801d937d3fcbc059ca92fb4796d1bab50ae972c014776bc823bc1f9238bb295afeb13555e9a9d8f099467555edc624f5fc8843279938a211d6c905f6cb42c9ce8cf4c01d4ee6c3f8f1e4e07759eeaf5d797f79c9445ad757bf1854f8c3c9ada08189c6c5fdcbb1c5679c1c5d13e461d1219d5ccbcae5fe10d7dc16794be4122e8e36954089adae922eed49f528010a9171b4d2bee767531b30f8894c76887060544e64d1b4a5a1e1d450cb4db610ab39290f3c4848e05961b4ee6204fc092c32f36f29c631caefd102177094597c14a5736b4cae1516be8bdff84e0a0378c0ccb13b3f63b85d02a70aca5520cff78de39ce16aeba1c18f13a0141c9bee0ee5297ebdfdb753b1811b696b015f14a48154e522b3b99ca375bd5fe1e5125c1eb1519cbc0af3665112bd18fac656fb2b9c68304c05893d91feecebd24df8f3c6613806401e6c97ad55094f6efabdf23487355ddb7a606b54fe368773c25a8168c287dd190b6c730e5f8cd9d649b5958f311faf81a1c050c61628970de6146e367340077e6c117fa7078505a87b9100e2fa1ac0a18901d0d9960d99c7b3f0e54d8a76011e2d5611a1a38b974daa6622916767c4b0bdeaeb9e27e0bf15a180d34de4f859d3856a024de552168de44867eb40f8f68928ee93e0d2b97f30283e96dbc28160f04f39c5c05c10931a4212f84951401589c4169c714614afd1051b52fbf2ef56c615cda101e4ab8ed64cdb8cb0472b24f30779646b9e145436adeba3efa090fc09d4ca5521a584457a98f8b1c44f876ccef3ca6e6ee5448725fed67ef36bb20d6a066bf4b4e9b01568f10a4f158ee969ad620f0171fcf8b193bd3196a3550752f158aa3c3baeb8c982cb593c3c2ddd715fe92fe3ded68348f9688270beea2fd0e4e78b6a39b6af7f1c63d3da933c7fd84aa6054a11b8de5e1baf36d3daa1770f80ced7e894c297e27a4f0def94ab03e58ad761a0f8f96293ec367e3fd031e8e18b76bba69d538f8cdb62c575452f1685b69f4040005ebd2e2d07202c8a19df3f9bd9b28c3272f1a6c935503f917d343643af26a118db8d191c56c89b78b9a59e7a5b78bc4e632a657b2ecb2c0e352bee930e6eadfa739999f0eb48e4a8e34a9a4eb93944543ca02bc4daf767b885240c48b7e9e103ad858c8384ac618280f0b2ac22bc177105f01edc56becdfce6f8936845b82d73c889c421f4ef19243f0d976754b5c0828d6663c2f2c1d618084a2a16aae55da1f90e9aaea51777ed8dba998c434f80f68bff7e0f4063be1d171a7bd66e251d69269281cd1567aa3bcb32cfe6b73da2af1b083d48d9a17b5b000f5279e13a2cd6cb5a1ba4d4c076a21c881cf0f75a600075d338eda1dbfd60efe17a834bd771ccc5fa9d62efd0fbf8952694e1c80ef757856455a9ce08132694da80c89daa9c22301cc95aca2aadca178e425399c0c844a472dab3728959f2d07e665c554706d42f224016fc021910f69eff63fd10ac834c9a277e39533425a1e9d3b33d5d1a170dbbd0540361d32a49f6244b827dba3d24309fcea67cf5b2c2967a76b2cf3d6d85a5c123e7b9bab0dc3dceb935e6ca022f5760110d719f604f63f09ee0c9215ea6d1ad01ae96a186b904440ed0f006f3263e8933a756dbb764fa898d56a1ae664b03257cd5bf6729cf2474823262da07293c0b82d7648d291534e021e5b8bfafa7dcabea7a6054c06262f0bb241d65db8f84dcd70e010c948f9dd7f620db394683cecca160129ad790b0c6521eb601286c35070136ca6428686d713ae71220b025d37004e091e2b4ad946b5f90863f6eca22971868a9bf48cdfd0929b54ab9c1a7385f1121b2599bebc209dd080be45a63abfda2dc714738277c459eb44d110b407ac72eae65dd4e04d175ad75c98f9d18a47515a44303505e7039c362239695ca3d4cf69731f5af686100d5ff6f1d9097fb20efef13b7ffdccac0cd17e3e13dabc9485b69e22a82aad9b2b9d8251d6dfec2a67809165f36aac54cfbe8b203a478a2c20dd018e95ca827a6ac396e12b45659ef7c2ba3bc4e22628cca3a5fd6a280ed6df061e088cc26bc9c44e7a64b3d060b9f9eac50885d0a9c799b9071cf5eea1a3371fe75fe9a5f191a2b45a1d1c53601ce0d051e3fa1e20c9734872c2f27caedf22c68d1062f5b3854287899c13bb", 0x1000}, {&(0x7f0000001300)="9a65bfcf2c4000e5c89cd5d0ac8e5c76bd8df5bdbd0eafdf084254b2fa4e01600ed2f13497d565555b479c8aa54f11eed73c869ec5ebc6e1dadbb94966f96148536b18c722895aa135801ebcfb9d1ff4f40420d1aeea0d3d3843a683b08a4f0cf7ff134c61dcebd661d06433cc2d8022ce1f834be8edc3ecdddb4773dd7d33781ae9e17cc6c7e9ce006f23c1b29df26a9e9ec30993cdf00cf6992ff27e51871688ac5cbbbf322ae597b66dba86a277dc735e654987be11bc2b0f46205f9f10e6b720140d", 0xc4}], 0x5) perf_event_open(0x0, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x30) 01:06:26 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0x12, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) 01:06:26 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a00000bff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:06:26 executing program 0: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000180)='ip6gre0\x00', 0x10) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r5 = ioctl$TUNGETDEVNETNS(r0, 0x54e3, 0x0) dup2(r1, r5) setsockopt$inet_tcp_int(r3, 0x6, 0x2, &(0x7f0000000200)=0x7fff, 0x4) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/psched\x00') r6 = open_tree(r4, &(0x7f0000000040)='./file0\x00', 0x800) mmap(&(0x7f0000433000/0x4000)=nil, 0x4000, 0x3000004, 0x4000010, r6, 0x4500000) connect$inet(r3, &(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f0000000300)={0x0, 0xcbf, 0x80000001}, 0x14) write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x140006, 0x0) ioctl$sock_inet6_udp_SIOCINQ(r4, 0x541b, &(0x7f0000000140)) 01:06:26 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000068ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:06:26 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff000a0a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1308.267981][T10939] Bluetooth: hci0: Frame reassembly failed (-84) [ 1308.279586][T14850] loop5: p1 p3 < > p4 < p5 > [ 1308.299398][T14850] loop5: p1 start 184549376 is beyond EOD, truncated [ 1308.308264][T14850] loop5: p5 start 184549376 is beyond EOD, truncated [ 1308.318082][T14857] loop3: p1 p3 < > p4 < p5 > [ 1308.323168][T14857] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1308.332276][T14857] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1308.415912][T14847] print_req_error: 129 callbacks suppressed [ 1308.415924][T14847] blk_update_request: I/O error, dev loop5, sector 9 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 1308.417858][T14855] blk_update_request: I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 1308.423566][T14860] loop2: p1 p3 < > p4 < p5 > [ 1308.435005][ T119] blk_update_request: I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 01:06:26 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff400a0a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:06:26 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff800a0a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1308.446453][T14850] __loop_clr_fd: partition scan of loop5 failed (rc=-16) [ 1308.451520][ T119] buffer_io_error: 116 callbacks suppressed [ 1308.451527][ T119] Buffer I/O error on dev loop5p4, logical block 0, async page read [ 1308.484782][ T119] blk_update_request: I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1308.496853][ T119] Buffer I/O error on dev loop5p4, logical block 0, async page read [ 1308.506119][ T119] blk_update_request: I/O error, dev loop5, sector 9 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1308.518185][ T119] Buffer I/O error on dev loop5p3, logical block 0, async page read [ 1308.527412][ T119] blk_update_request: I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1308.533394][T14860] loop2: p1 start 1744830464 is beyond EOD, truncated [ 1308.538547][ T119] Buffer I/O error on dev loop5p4, logical block 0, async page read [ 1308.554704][T14860] loop2: p5 start 1744830464 is beyond EOD, truncated 01:06:26 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a001368ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1308.572505][T14850] loop_reread_partitions: partition scan of loop5 () failed (rc=-16) 01:06:26 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a00210bff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:06:26 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffc00a0a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:06:26 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0x13, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) [ 1308.811969][T14880] loop5: p1 p3 < > p4 < p5 > [ 1308.817210][T14880] loop5: p1 start 186712064 is beyond EOD, truncated [ 1308.826598][T14880] loop5: p5 start 186712064 is beyond EOD, truncated [ 1308.861052][T14877] loop2: p1 p3 < > p4 < p5 > [ 1308.877861][T14877] loop2: p1 start 1746075648 is beyond EOD, truncated [ 1308.888635][T14877] loop2: p5 start 1746075648 is beyond EOD, truncated [ 1308.907574][T14889] loop3: p1 p3 < > p4 < p5 > [ 1308.914845][T14889] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1308.939031][T14889] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1309.081023][T14877] loop2: p1 p3 < > p4 < p5 > [ 1309.087498][T14877] loop2: p1 start 1746075648 is beyond EOD, truncated [ 1309.097576][T14877] loop2: p5 start 1746075648 is beyond EOD, truncated [ 1309.124923][T14889] loop3: p1 p3 < > p4 < p5 > [ 1309.131559][T14889] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1309.143188][T14889] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1310.309778][T14541] Bluetooth: hci0: command 0x1003 tx timeout [ 1310.315884][ T9371] Bluetooth: hci0: sending frame failed (-49) [ 1312.389621][T14541] Bluetooth: hci0: command 0x1001 tx timeout [ 1312.395642][ T9371] Bluetooth: hci0: sending frame failed (-49) [ 1314.469510][T14541] Bluetooth: hci0: command 0x1009 tx timeout 01:06:36 executing program 4: clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) clone(0x110000, &(0x7f0000000100)="b4a9ba764e59d634ddad8ca2d5394d8a660dce4181cd85b7ea3cc6c37fed6568ec9a751234863c670c980f60a2b644b5a39e128397908644d86aa0b2c6f55c4bb2279ffa8ec9f95bcd56ce573eb79b8e11edbbd6bceee6191762377f6a40a43b8641bb5a234df5bf255a7e7e0c249cff7553fce6bca79efaaf52719763a0683e54aa99770b5e240ea67e90f9adb17f7da891e4dfc1f6367b62281d98d109827abb571f160a6e8c08aee9e39206c3ac46ae30afecfb7a89ef1e5e78bec1cade22c02a9868f44cf9ef4caecfd4c8f09769262e2f038c965320f089a7075341d03f89dc8890773a38b075", &(0x7f0000000080), &(0x7f0000000200), &(0x7f0000000240)="33cae23a692320dcf424c684dac83fbb1d2d123a21") r0 = gettid() r1 = getpgid(r0) ptrace$peekuser(0x3, r1, 0x0) exit_group(0x0) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x1) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r2, 0x400455c8, 0x4) ioctl$TIOCSETD(r2, 0x5412, &(0x7f0000000000)=0x30) 01:06:36 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a00000cff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:06:36 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a00006cff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:06:36 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0x14, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) 01:06:36 executing program 0: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x10000000013, &(0x7f0000000000)=0x2000000000000001, 0x4) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000180)='ip6gre0\x00', 0x10) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x2, &(0x7f0000000200)=0x7fff, 0x4) r5 = openat$cgroup_freezer_state(0xffffffffffffffff, &(0x7f0000000040), 0x2, 0x0) io_uring_register$IORING_REGISTER_FILES_UPDATE(r4, 0x6, &(0x7f0000000140)={0x20000000, 0x0, &(0x7f0000000080)=[r1, r1, r5]}, 0x3) connect$inet(r3, &(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) close(0xffffffffffffffff) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f0000000300)={0x0, 0xcbf, 0x80000001}, 0x14) write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x140006, 0x0) 01:06:36 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff000b0a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1318.501580][T13027] Bluetooth: hci0: Frame reassembly failed (-84) [ 1318.555562][T14907] loop3: p1 p3 < > p4 < p5 > [ 1318.561527][T14906] loop2: p1 p3 < > p4 < p5 > [ 1318.571569][T14907] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1318.578913][T14906] loop2: p1 start 1811939328 is beyond EOD, truncated [ 1318.590436][T14906] loop2: p5 start 1811939328 is beyond EOD, truncated [ 1318.598205][T14907] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1318.609701][T14911] loop5: p1 p3 < > p4 < p5 > [ 1318.619016][T14911] loop5: p1 start 201326592 is beyond EOD, truncated [ 1318.627437][T14911] loop5: p5 start 201326592 is beyond EOD, truncated [ 1318.762347][T14906] loop2: p1 p3 < > p4 < p5 > [ 1318.767537][T14906] loop2: p1 start 1811939328 is beyond EOD, truncated [ 1318.777296][T14906] loop2: p5 start 1811939328 is beyond EOD, truncated 01:06:37 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a00000dff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:06:37 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000074ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:06:37 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0x15, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) [ 1318.922781][T14907] loop3: p1 p3 < > p4 < p5 > [ 1318.927845][T14907] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1318.929584][T14925] loop5: p1 p3 < > p4 < p5 > [ 1318.939990][ T148] loop2: p1 p3 < > p4 < p5 > [ 1318.948541][ T148] loop2: p1 start 1811939328 is beyond EOD, truncated [ 1318.955840][T14907] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1318.956670][T14925] loop5: p1 start 218103808 is beyond EOD, truncated 01:06:37 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff010b0a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1318.971051][ T148] loop2: p5 start 1811939328 is beyond EOD, truncated [ 1318.979725][T14925] loop5: p5 start 218103808 is beyond EOD, truncated 01:06:37 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a00007aff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:06:37 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0x16, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) [ 1319.236488][T14921] blk_update_request: I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 1319.247848][T14925] __loop_clr_fd: partition scan of loop5 failed (rc=-16) [ 1319.253310][ T95] blk_update_request: I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1319.265859][ T95] Buffer I/O error on dev loop5p4, logical block 0, async page read [ 1319.269690][T14913] blk_update_request: I/O error, dev loop5, sector 9 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 1319.301881][ T119] blk_update_request: I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1319.312812][ T119] Buffer I/O error on dev loop5p4, logical block 0, async page read [ 1319.321975][ T119] blk_update_request: I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1319.333090][ T119] Buffer I/O error on dev loop5p4, logical block 0, async page read [ 1319.341485][ T95] blk_update_request: I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1319.352847][ T95] Buffer I/O error on dev loop5p4, logical block 0, async page read [ 1319.367429][ T95] blk_update_request: I/O error, dev loop5, sector 9 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1319.378360][ T95] Buffer I/O error on dev loop5p3, logical block 0, async page read [ 1319.386485][ T119] blk_update_request: I/O error, dev loop5, sector 9 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1319.399147][ T119] Buffer I/O error on dev loop5p3, logical block 0, async page read [ 1319.407240][ T119] blk_update_request: I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1319.418253][ T119] Buffer I/O error on dev loop5p4, logical block 0, async page read [ 1319.426388][ T119] blk_update_request: I/O error, dev loop5, sector 9 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1319.437377][ T119] Buffer I/O error on dev loop5p3, logical block 0, async page read [ 1319.445584][ T119] Buffer I/O error on dev loop5p4, logical block 0, async page read [ 1319.453817][ T119] Buffer I/O error on dev loop5p3, logical block 0, async page read [ 1319.479438][T14940] loop3: p1 p3 < > p4 < p5 > [ 1319.484371][T14936] loop2: p1 p3 < > p4 < p5 > [ 1319.489572][T14940] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1319.496701][T14936] loop2: p1 start 2046820352 is beyond EOD, truncated [ 1319.505860][T14936] loop2: p5 start 2046820352 is beyond EOD, truncated [ 1319.514238][T14940] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1319.666261][T14940] loop3: p1 p3 < > p4 < p5 > [ 1319.671289][T14940] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1319.687681][T14940] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1320.549106][T14541] Bluetooth: hci0: command 0x1003 tx timeout [ 1320.555464][ T9371] Bluetooth: hci0: sending frame failed (-49) [ 1322.628989][T14541] Bluetooth: hci0: command 0x1001 tx timeout [ 1322.635453][ T9371] Bluetooth: hci0: sending frame failed (-49) [ 1324.708879][T14541] Bluetooth: hci0: command 0x1009 tx timeout 01:06:46 executing program 4: clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) process_vm_writev(0x0, &(0x7f0000000400)=[{&(0x7f0000000300)=""/139, 0x8b}, {&(0x7f00000003c0)=""/33, 0x21}], 0x2, &(0x7f0000001880)=[{&(0x7f0000000440)=""/120, 0x78}, {&(0x7f00000004c0)=""/184, 0xb8}, {&(0x7f0000000580)=""/136, 0x88}, {&(0x7f0000000640)=""/4096, 0x1000}, {&(0x7f0000001640)=""/124, 0x7c}, {&(0x7f00000016c0)=""/48, 0x30}, {&(0x7f0000001700)=""/134, 0x86}, {&(0x7f00000017c0)=""/169, 0xa9}], 0x8, 0x0) clone(0x10000, &(0x7f0000000100)="16320c9298df3b435c1c6d2ba09b230d8008041e02c554f74a7f2f9d7225836fbcf604b94395e8306c317bb4b5b8fc2f483d426c0ad72a1c0bc7ea6945329e8b091883f903aed6d22d1786b36be074c0a9df86feef10a242d86395151140c4a3a14e07f080692399bb9acc33744eb6bc615f85ebe596da10f7968a34195130a76ed7d603f4a9bb59807ae0ea6f8158f2898d2189eaf953f4dbd24389773fe14b2480574149", &(0x7f0000000080), &(0x7f00000001c0), &(0x7f0000000200)="e351cfa082b3fdd4a269d5b3b316e56017ef9df468302ca6a15a40bc5da5bb5a7f9551f9c551d820a8be81dc009d106c3eb065578e07a4eb2d815ee3690e2db5f1512851dd151076db4270bb730f609b7fbf3bf7e29f82994f056baa7f295e47f0d80ac01263b6d25d1bd8b83fda5442d38d3fae1d258238d9e5af51e63f291f62857be63b9859719fbe3092eebf6549df07578bf149baaf4b11ad8ca5afd3f603b02cc41f03f4f6b2f90c383412393ab095130d97b8764d7d998286a12886b1cd35c7d73620ee5375a6eb0e321df588f19a8ab205524a734c41c2a285c0290ff8c1b38492d4e2f519915d17f7b0") ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x30) 01:06:46 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a00000eff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:06:46 executing program 0: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x10000000013, &(0x7f0000000000)=0x2000000000000001, 0x4) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000180)='ip6gre0\x00', 0x10) socketpair(0x1e, 0x2, 0x81, &(0x7f0000000040)={0xffffffffffffffff}) getsockopt$inet_tcp_int(r4, 0x6, 0x0, &(0x7f0000000080), &(0x7f0000000140)=0x4) r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r5, 0x0) preadv(r5, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x2, &(0x7f0000000200)=0x7fff, 0x4) connect$inet(r3, &(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f0000000300)={0x0, 0xcbf, 0x80000001}, 0x14) write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x140006, 0x0) 01:06:46 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000090ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:06:46 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0x17, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) 01:06:46 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff020b0a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1328.744299][T13027] Bluetooth: hci0: Frame reassembly failed (-84) [ 1328.759399][T14955] loop3: p1 p3 < > p4 < p5 > [ 1328.764488][T14955] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1328.774259][T14955] loop3: p5 size 11290111 extends beyond EOD, truncated 01:06:47 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff030b0a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1328.833034][T14959] loop5: p1 p3 < > p4 < p5 > [ 1328.838890][T14956] loop2: p1 p3 < > p4 < p5 > [ 1328.860641][T14956] loop2: p1 start 2415919104 is beyond EOD, truncated [ 1328.869933][T14959] loop5: p1 start 234881024 is beyond EOD, truncated [ 1328.883161][T14956] loop2: p5 start 2415919104 is beyond EOD, truncated [ 1328.889622][T14959] loop5: p5 start 234881024 is beyond EOD, truncated [ 1328.979145][T14956] loop2: p1 p3 < > p4 < p5 > [ 1328.984050][T14956] loop2: p1 start 2415919104 is beyond EOD, truncated [ 1328.992954][T14956] loop2: p5 start 2415919104 is beyond EOD, truncated 01:06:47 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a001398ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1329.055921][T14973] loop3: p1 p3 < > p4 < p5 > [ 1329.061130][T14973] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1329.075595][T14973] loop3: p5 size 11290111 extends beyond EOD, truncated 01:06:47 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xe0, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) [ 1329.237325][T14959] loop5: p1 p3 < > p4 < p5 > [ 1329.245913][T14959] loop5: p1 start 234881024 is beyond EOD, truncated [ 1329.254868][T14959] loop5: p5 start 234881024 is beyond EOD, truncated [ 1329.266020][T14975] print_req_error: 70 callbacks suppressed [ 1329.266031][T14975] blk_update_request: I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 1329.284875][T14965] blk_update_request: I/O error, dev loop2, sector 9 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 1329.300528][ T353] __loop_clr_fd: partition scan of loop2 failed (rc=-16) [ 1329.311787][ T95] blk_update_request: I/O error, dev loop2, sector 9 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1329.322886][ T95] buffer_io_error: 62 callbacks suppressed [ 1329.322893][ T95] Buffer I/O error on dev loop2p3, logical block 0, async page read [ 1329.338324][ T95] blk_update_request: I/O error, dev loop2, sector 9 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1329.349450][ T95] Buffer I/O error on dev loop2p3, logical block 0, async page read [ 1329.357517][ T119] blk_update_request: I/O error, dev loop2, sector 9 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1329.368427][ T119] Buffer I/O error on dev loop2p3, logical block 0, async page read 01:06:47 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000011ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1329.378349][ T119] blk_update_request: I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1329.389329][ T119] Buffer I/O error on dev loop2p4, logical block 0, async page read [ 1329.397567][ T119] blk_update_request: I/O error, dev loop2, sector 9 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1329.408563][ T119] Buffer I/O error on dev loop2p3, logical block 0, async page read [ 1329.416724][ T119] blk_update_request: I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1329.416824][T14973] loop3: p1 p3 < > p4 < p5 > [ 1329.427707][ T119] Buffer I/O error on dev loop2p4, logical block 0, async page read [ 1329.457835][T14973] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1329.467636][T14973] loop3: p5 size 11290111 extends beyond EOD, truncated 01:06:47 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xffe0, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) [ 1329.552082][T14986] loop_reread_partitions: partition scan of loop2 () failed (rc=-16) 01:06:47 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff040b0a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1329.602456][T14987] loop5: p1 p3 < > p4 < p5 > [ 1329.607308][T14987] loop5: p1 start 285212672 is beyond EOD, truncated [ 1329.616414][T14987] loop5: p5 start 285212672 is beyond EOD, truncated [ 1329.701552][T14982] blk_update_request: I/O error, dev loop3, sector 9 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 1329.717870][ T95] blk_update_request: I/O error, dev loop3, sector 9 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1329.728790][ T95] Buffer I/O error on dev loop3p3, logical block 0, async page read [ 1329.739232][ T95] Buffer I/O error on dev loop3p3, logical block 0, async page read [ 1329.747591][ T95] Buffer I/O error on dev loop3p3, logical block 0, async page read [ 1329.757767][ T95] Buffer I/O error on dev loop3p3, logical block 0, async page read [ 1329.806143][ T356] __loop_clr_fd: partition scan of loop3 failed (rc=-16) [ 1329.887568][T14998] loop3: p1 p3 < > p4 < p5 > [ 1329.892471][T14998] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1329.911524][T14998] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1330.788452][T14541] Bluetooth: hci0: command 0x1003 tx timeout [ 1330.794489][ T9371] Bluetooth: hci0: sending frame failed (-49) [ 1332.868362][T14541] Bluetooth: hci0: command 0x1001 tx timeout [ 1332.874393][ T9371] Bluetooth: hci0: sending frame failed (-49) [ 1334.948236][T14541] Bluetooth: hci0: command 0x1009 tx timeout 01:06:57 executing program 4: clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x1) ioctl$TCSETS(r0, 0x5402, &(0x7f0000000080)={0x80000001, 0x4, 0x7, 0x4fc2, 0x8, "3063fe7a64c025f142747f37a50b45fd52c72f"}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x10) ptrace$setregs(0xf, 0x0, 0x54316bd, &(0x7f0000000100)="f99534fe1bc6ae567f693a529473fa9d208d3292db84aacec306a57d01b269b4ef6b73b677281b2ac4e4a50108ac3a0a3473102c4d9a7b3cd26a35360088") ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x30) 01:06:57 executing program 0: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x10000000013, &(0x7f0000000000)=0x2000000000000001, 0x4) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000180)='ip6gre0\x00', 0x10) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x2, &(0x7f0000000200)=0x7fff, 0x4) r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r5, 0x0) preadv(r5, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendfile(r5, r2, &(0x7f0000000040)=0x2, 0x7) connect$inet(r3, &(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f0000000300)={0x0, 0xcbf, 0x80000001}, 0x14) write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x140006, 0x0) 01:06:57 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a008c11ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:06:57 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a00029eff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:06:57 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff050b0a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:06:57 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xffffffe0, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) [ 1339.051592][T15007] loop5: p1 p3 < > p4 < p5 > [ 1339.061871][T15007] loop5: p1 start 294387712 is beyond EOD, truncated [ 1339.071589][T15007] loop5: p5 start 294387712 is beyond EOD, truncated [ 1339.092902][T15004] loop3: p1 p3 < > p4 < p5 > 01:06:57 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a00d811ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:06:57 executing program 4: clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x2000, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0xd, 0xffffffffffffffff, 0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000080), 0x400, 0x0) ioctl$KDADDIO(r1, 0x4b34, 0x6) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$F2FS_IOC_START_VOLATILE_WRITE(r2, 0xf503, 0x0) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x30) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r3, 0x0) preadv(r3, &(0x7f0000000280), 0x0, 0xd9f, 0x7) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) dup3(r3, r4, 0x80000) [ 1339.098100][T15009] loop2: p1 p3 < > p4 < p5 > [ 1339.102920][T15009] loop2: p1 start 2650931200 is beyond EOD, truncated [ 1339.106085][T15004] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1339.120469][T15004] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1339.130094][T15009] loop2: p5 start 2650931200 is beyond EOD, truncated 01:06:57 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a0002a0ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1339.192801][ T163] Bluetooth: hci0: Frame reassembly failed (-84) [ 1339.230105][T15029] loop5: p1 p3 < > p4 < p5 > [ 1339.250242][T15029] loop5: p1 start 299368448 is beyond EOD, truncated [ 1339.262536][T15029] loop5: p5 start 299368448 is beyond EOD, truncated 01:06:57 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff060b0a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:06:57 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xffffffffffffffe0, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) 01:06:57 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000012ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1339.464636][T15037] loop2: p1 p3 < > p4 < p5 > [ 1339.481008][T15037] loop2: p1 start 2684485632 is beyond EOD, truncated [ 1339.497290][T15037] loop2: p5 start 2684485632 is beyond EOD, truncated [ 1339.619398][T15045] loop3: p1 p3 < > p4 < p5 > 01:06:57 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a0002a2ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1339.641734][T15045] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1339.663548][T15045] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1339.692509][T15048] loop5: p1 p3 < > p4 < p5 > [ 1339.699572][T15048] loop5: p1 start 301989888 is beyond EOD, truncated [ 1339.707773][T15048] loop5: p5 start 301989888 is beyond EOD, truncated [ 1339.754346][T15051] loop2: p1 p3 < > p4 < p5 > [ 1339.759328][T15051] loop2: p1 start 2718040064 is beyond EOD, truncated [ 1339.775935][T15051] loop2: p5 start 2718040064 is beyond EOD, truncated 01:06:58 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x2e0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) 01:06:58 executing program 0: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x10000000013, &(0x7f0000000000)=0x2000000000000001, 0x4) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000180)='ip6gre0\x00', 0x10) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r5 = syz_open_dev$mouse(&(0x7f0000000080), 0x7, 0x0) sendto$inet(r5, &(0x7f0000000340)="5bf9b0066dd8defcb2d4e3b7b71f793400fbce16fb70d4b681a9b7811d80045f9290a8f14ecb7c8857cdf12c31f6b9c04cf2c6ab4169ef13f744fe6e689264478dbe4ce2fbbab58f45348111e1d1fa72bbab1e60b19152c87696b6eab337547ab08f97d30855a3e9cafe5dcd9afa16780d4f941c57b34bb8d72c7b814f615fb93e3524257a04aaa152524f61106feca5e6eddbef1106f516fd3631b178569598b9d876ffa58e6290cdafbc6f565a9abba6b43e9a6732f39e08d84f614ac64db7d4aaa5718577d8cb20a41b79ad9f79da0f4a5620a29b0aa7c09f15e7cd6c97c451c434f53e1efc5463ea4f02f939551a2435341c907b83cc8d04f5f926bc7d995c87f3a35629d22588e75d3be275af45cef2da1db2021f78ff8a5c3c6a589f0881bd3f1c522e50a39d35c11f92ea7a95be1bfcbceb0223ba2533d8d4bf4d741c852a5d4125af755541fc7521a020819a894fd617ee9c34c54cb807af614987a27784680153cd12bd9823a7d8ac8356b05f0572431fbde957caa98387aef9ca5090cd45e6a8d60e5f6eddacc6a5d648276dfa141fd600b1e3adbb531b0673a707fe62f859f1d43d03800dd1d81ffbb98cd22964594648fff799c128a4c720a9ce3d6af52389a3b4e5f3dbc4000bf0ce03a103e06b926aae95119d1fbb3906eeb44535b9efa30649a624d5ff7b48069610c046e3d4cfe35637ae3ce0483ea94228845d3917aa6fb18866f25beab71af891f42053ec5c669d00cdc0fdc49997d9877b15410750598e774c6492f845cdd97bec85032610de834667aa31bed296c927739e41dd924ad299558e01097cb9509d273491a1de72a460afd79b7a387df1dd94395644f0cc99e79a2f70bfceda7d879d459a6371288493664fa4c459b1e2e84108f6c10e9b464025bcd5b57d68b917425679864f98e905a36d4b15590a1ed6e5badc0fd98b8ff7182fcd34ed00e563b21cc2aaea449cb49a36f7851074766a1b69fd6caeea31caf6f78ec39ede98b61dd2874cd7d45b8b126f5c13626ba90d38c5295a703c0b01e760fe2f2a25abd5a12024cbf6981d47dc558778d2dd9f50e837458963317424e66aab36a3d865e8ddc2f8a0499d0dba61b653a6b104d2cc3c9992d9633431bea5e83aaa641272e8d2d136e3a35a014e16614b5f64dd912a3f207a42440d33e730b7ac2af728b1ee5da7bbd25815175f9d4a8828c5fa52ac251ad8e7cbb1982d470d137defe7c3bfcf6f5708460f459871f76cda176de3ff45dc61ed92c2cc21c9286f36aed446a1043dc4e1c331566c73fd909402f1843f419f979e36c5ed2a02198eec35daa5a726bcd1caab0e51dcaf1fde2e7d74a25ce71b1e1678fc0134d7410fa3086624d66f8dac1c2a9741fc73797e3cbc692f288462b82f22e534ca69bf3502eaab9217074ce5ff5a2220b9bc3b7b05a2d12da9379a79159f349b9d54ae2ea7748b6971794d918cd163290ee50e0f73564ca6a253d2e68143fe83019525b75f97800773d01c05244312c9425bc4a373b152c6b71e8bc1d9eaec00262416dd9465fbed527023f54a269a44e1231100ebd43951354c96bf65410a9e7e51f9344043bd8b46cd7906344d68b265ee44d1ac15c96f3ed41077a862d48691fd03efb1a7f1e8d084490272cb160834cbfae642cd78fcba40461a572c95caabfb75060c4d538fab74d2417611db269d029d94c76927b739e17c00c19745f5eb0c1fdeac09fbfc40a2827f903efc9067847c066955eb4f65de654ebbb871d866b8482efca57680717efde808c70cebd738b4d48f0d098178d1e45bbe8ae91938e8896f68058834e0c6fa4464593ce835d44b343f1beaf684da77b93f76032d1f0573d2ae52ef03c475da1fbd569f8a9670f23919ca418d4039f97675614f13b1a259f4ce995c2768d74257b7710833dd7cab8eaf72044cd68ab6ac587c9abe2b4ccf47a3c439222ff8443709034fc4ff34a5a0e644158ac8e05f526a687e26574e28ef35bf87b2420f0af41a0264239df24963548e391c28f0fe8b4680fefd38eb7825dd6b7e665962fb18736c44f568f5849dcc069f00b5c64cba0d27a9096eaa161a83ae2ce687a8388547d1dcdd67e278faf619ecfa411c036f11520a1d5a8ff4b2b53d9c8c53a3a34712ec0fdd4b6449dd31ed29b5c211169c1fceb537edf0c6a10a69b2b1a734a3ae07cddcc5c858c7b8eddda8e51cfce410bc615b71c077e4ef3ca640c165128793e4d7b800a09984b08e17811788262d0942a38b6af355a6f523c45d58948c1ef8d0988109d0ec1e5e979fc6065f025158f6eb0ca5878cab52023bdc76c6231b427ebba5a8a43a5c429ef06bdc7501dfc67b0886505a25eb0437664c895ae4e584967c32c0811cf29ba188863ed0ced0e4df06038a47b4d0dec9507c8c8d4ce649b1e1c4e02149ec63f917bdb4b3f02161597d0bc247612ac4e08a92e6ce2ecd800775d90ff7b37cc22f4d1d6bbb971fe0e71b586edb6bd229a1e702bc7f8b1f763a275a3fe9547537802d3a56cd99befa74a8b7bad9c16a552a857dd52995538cadfaf453398a848d0a3121eb92243564464dc2c7d1e83674c1e9dae9879e7b744fb8f2c2f53c7d4d4427f6a69fcb61424c55af1fb8e8c880550498f396860e36d14e8e62a2a82935022d46d52a78e8dd83bab1baf15a5b87641fd4a7cc5947b6b232d4427ad3c0ea6ded3161503ddd5bb982e9c5ad180c0a958df32f514f219c1d1a921cc04d5e04cf78f38dc3545b5be5e590e363db11c034feb0ee1613258855e73ae106f2428050cd9c521643f93fc54ba0f02df0918f273239ecacf8272b64a9420af6ec011009f6145ac62d8138e9869c315d1fa3b281b7ff5f7ac68c39e34c3ff56124ce26b8db032aad7e1666f63925922a617a53a2ff9493b8c8b23167b89d1fb05d5e365cca85329c754f60b4570362fd4fa4083c3718a894cba97c35232a29aa4ae22d8eaee31c068b0d8dc65ad64c52eaef338be1b449494312742f5b33fb8301c6f96e7fba5a04ad222e0587857b536849339fb5deee0acd27f0ab5f807a12b91249650d04f0a3b16a03180ea394ba5ec2fd91aeae9774d8d1c1337182895e32c89a2116a57c557f59643fa8848672664382c92cd1871ae14c2cf367ee61cf813aa85ffa040ff1686c1b74618dc26eb14545bb2c446276318677fa6af4442a89332f80920fafee8bbfa233ebf99d30e1f13877567f6f3facb217b51b461e4d4fba443a07f5d02d4baa6b40e7d686aa310297763467917693c7c747bb1a47dc16c4746b5fb34884da290caf727be480db213fc0efb153606af657d58d66fa167a12d4555aa2d340b3ac91988d9106957c748414906b62a7250248b52099bfa1c7216f60c53781e3073d871ce6160cbded57f07feb55e4f0573ad028fadabf05d8f65464c1a071123f316e3d6d275262492dd3323ff68c8f1f25b9bc0ad099d138ac072587544e62d61b1d16e2903a7226b21e9fba093b0264b52ab3cd0b262e9c9c45af0f02fb0002bfd0e7a522e0bb2b089fc734a2d169381e1f4e48a407952f9cb333ed8e959f538d40f9e430a15c3693c9bd74c260fe0f28dcbdc608baea8ee6c0b16ae342c39b0897fd45feaafa5e0fee42eaf60ce353d3ff537bc9dd79edb1536513877dd470d38c13e7ab47386da6eca7a54b6040ac058eb5f17d71d182ec2b35d54a7881e2a2dfdd72bfc31ab92c938b55ba1d9acded8fddd783f22a63a32c6018bb18e0bd8bf882dbb3c3201c1bc46ff559f04a9539a540ba06c6691b24b4bb041df15a3fb8ee272c5cd70faae1338c7d69343cbbbc67916897d29d4576bb82165bfc189dacec1392572284c06b37e8d9d19e91754a4a794ade133c3820209e59150ee82592bbb139495f8f78d03bfb8efd0cc927f36a30681f349ace746daccc244582d33c362df2dd5f65582c2e61e285026d7014c0b17c6d8ed425d1b5df62f017df57746885424c7a212d10afec82f2fd2410c7fcfeeca6cd2b34076fe947fae874506e4861e03d378fbe326d80a975fdaf5be7cef7072cd5d16b9d267eb65439ecff4f3979af8ead53c2bb6381b545892533fa58fa24910c13d4fd669b8125e86945382d77b45e2d232dfb1a61c7a932aca885d3b49c228fdae5908724223ddeca74a2e817bb9f87a28b5be5a36c587e5b50978d7c8d277352217f378d2e50aae8e84d54f5226e2c4e11ca8b4ced7902221ae5620cac52f8eaa530cbfd205bb5a6cffc67318f569b0194299f0cf33e056623f5bab58cf84e3786cd34fc9bff0f4cfa9530d857bb817ec7a2a7ada359b464a88cf841fe8caf97115f51b5b630e7d8888e2ba342b7dfb587447070e99ef37b9582273691697b16bd73c0bfee7ef200e4e0afa120cd62f834d4cfa38b186321936fbd9106e7d3672b72655a0e3e14503c9ce1b227a9880b65345a9a4016524914dc0cff816a793c3a826ccd65f808242dcaf79df8ce8b6b23c34051928d093b3d458ba94091d71ad481602de8457ea27f3499ba5fe45afd81d1372c6f837d8ad00257d9952c70098fb791baede4d961fe2f74003b51412c7eb50a8c474ceb77d5782a2c79159990f23d2aa407055ac0ae12683dc0707315066a9fc15710a64adf743c213856c0b72648e4a42ae598451e111de7126407f918b959b266d03ccb096227986f2a58c7f58324be099f715111949f8b9820106f0249482b8654c25c23d307758256f318d6a7e2ca85f787180d5034607ff0f9f4e6f96e4ebcfb471af34e1017c05567306da2809cc8d19b365ec99caf6f654d2b935ad348df11ac8565fc4e5e1fb57daedc1b14bc8b58f6aabd7c624f4cfb8ba74ce96fefbf621c19ec2ac9e444c6fac07392ad874b7b0159a985a76ce67820964d410109a2e6f4da8a4d2ba0e635b5c69aa750ed80a96f7dd90a7b0768428033c4f23846ff77090c5b562a989147651529e5508cb12fb530b003efde8aa739c78b0c9ff14d39b2024681c60460504a58a58d8ec1fe35db1aecc88cf7c1bff94c130beb51fca941e8dcac8dab0e85b629784f46880211b924185e584a079c78699181cf11380bc28b3674a14bdd910bb59fce4768873bfa92598a0597cc1d58884176b4d5088a5eaa0ec805c058cd2780c11bf50a4ecc4842b0232668d242d42fd2154f23f57c3543c2560b9a3b1efc5f8be50f8a78c7ea351390a09015ff6b04f24d8bfd5b7ed48c2de4b2f3b9c812491a0da95e6db26201f99bcbeab1a7bf2e944235389fae9d94c86616ad53b9df4c08b39c1048b73631766cff524a6f411afbf4429104d2f38359e609fc71e17ebab530c09d3f089c37d753f423671cb388d96936e319ba6af3763cac307062c20e48ec398737ccdc3137df3b26e8bb4dcb2adcb9fe447bc0ab1c44a1212431c88803a4c6d936d50a3f1850acc8fd4fb134de82dc8dd5ee898e9d438ad15fa02d6ba7bb25d61792cc709e9eb261bb50a6111f3e8f9e792d86da0795ac3ded8dd57ed0251adebba0d07cbb2caf172460c740391bcd5cdb8a9851a4d7bc96922a0ac9b2f7d358c367cd47d861e2a3bb4b8dffa9d41196de3b240d081b0622e7091741acd51810f5e296e2dc624532e3b2bcf843895c6559b4cc564f0ab28c4018d82dd114defe0a3be5fb5e65168513a1e573a6dcfb7c21f43c9b2dc4ca1f08c71d1e3510b1cde9fb7db100bb3656f8fd88cba4251f80005c218861a13739e961dd261a86f1815f1b1414781da993a890f90f5049f6db6d2ba6667f627f225b9d81e7737aca39a7b3f899", 0x1000, 0x20000080, &(0x7f0000000140)={0x2, 0x4e20, @broadcast}, 0x10) setsockopt$inet_tcp_int(r3, 0x6, 0x2, &(0x7f0000000200)=0x7fff, 0x4) connect$inet(r3, &(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f0000000300)={0x0, 0xcbf, 0x80000001}, 0x14) write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x140006, 0x0) setsockopt$SO_BINDTODEVICE_wg(r1, 0x1, 0x19, &(0x7f0000000040)='wg1\x00', 0x4) 01:06:58 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff070b0a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:06:58 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000812ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1339.954076][T15051] loop2: p1 p3 < > p4 < p5 > [ 1339.959369][T15051] loop2: p1 start 2718040064 is beyond EOD, truncated [ 1339.968764][T15051] loop2: p5 start 2718040064 is beyond EOD, truncated [ 1339.977436][T15064] loop3: p1 p3 < > p4 < p5 > [ 1339.982931][ T148] loop2: p1 p3 < > p4 < p5 > [ 1339.983066][T15064] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1339.989997][ T148] loop2: p1 start 2718040064 is beyond EOD, truncated 01:06:58 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a0002b0ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1339.998570][T15064] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1340.013426][ T148] loop2: p5 start 2718040064 is beyond EOD, truncated [ 1340.021297][T15063] loop5: p1 p3 < > p4 < p5 > [ 1340.026211][T15063] loop5: p1 start 302514176 is beyond EOD, truncated [ 1340.035371][T15063] loop5: p5 start 302514176 is beyond EOD, truncated [ 1340.150664][ T148] loop2: p1 p3 < > p4 < p5 > [ 1340.155795][ T148] loop2: p1 start 2718040064 is beyond EOD, truncated [ 1340.164747][ T148] loop2: p5 start 2718040064 is beyond EOD, truncated [ 1340.179788][T15064] loop3: p1 p3 < > p4 < p5 > [ 1340.184785][T15064] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1340.194184][T15064] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1340.224300][T15063] loop5: p1 p3 < > p4 < p5 > [ 1340.229369][T15063] loop5: p1 start 302514176 is beyond EOD, truncated [ 1340.240788][T15063] loop5: p5 start 302514176 is beyond EOD, truncated 01:06:58 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xe, 0x304, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) [ 1340.402565][T15072] loop2: p1 p3 < > p4 < p5 > [ 1340.412718][T15072] loop2: p1 start 2952921088 is beyond EOD, truncated [ 1340.425171][T15072] loop2: p5 start 2952921088 is beyond EOD, truncated [ 1341.267780][ T372] Bluetooth: hci0: command 0x1003 tx timeout [ 1341.273864][ T9371] Bluetooth: hci0: sending frame failed (-49) [ 1343.347755][ T372] Bluetooth: hci0: command 0x1001 tx timeout [ 1343.353856][ T9371] Bluetooth: hci0: sending frame failed (-49) [ 1345.427580][ T372] Bluetooth: hci0: command 0x1009 tx timeout 01:07:08 executing program 4: clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) exit_group(0x4) perf_event_open(0x0, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x30) ioctl$KDGETLED(r0, 0x4b31, &(0x7f0000000080)) 01:07:08 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff080b0a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:07:08 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a00001fff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:07:08 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a0002d0ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:07:08 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xe40, 0x304, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) 01:07:08 executing program 0: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x10000000013, &(0x7f0000000000)=0x2000000000000001, 0x4) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000180)='ip6gre0\x00', 0x10) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x80800, 0x0) sendto$inet(r3, &(0x7f00000018c0)="2877a34a1b3da02e7826c7c7fcca39cdb9765b2b8dfb09a76030a8646bfc9c7388da4261d0a8f627c07088e938ab5560df2f05ac998fa75370d0fde1c5b69a0c5b889842c7b84f2add0a842caf122abb7501d17c3cb3f6545fb736303991be45d29233248d43d54328bb9ba8d545a04480fa012ae359aff2205703bed59a01b3c52e2ead5a34f92a156e476270ae51d8e9beb152db3c835dd4717e74c87f2247dce36cbfa6a961fd51d0aba679f1e08052b3374eeef7063a9efb7037b6ec1c69b34c059fea20e66a2bb4c9cd4a9523c3e924eeb56f56dcd5b07bbd2c534b5af63dc09700fb556a118e511e3f56d12c526680f5ea4e03dd5b1e531f0bc0b77ac6360c2159ce0c0fdfe145cc7bc8952a50247ffb6a4d8a31dae5fea4e3e6eacaaddb9dc9364b6e680dcd5a14e446f0df693584340400bfd94bd635024823376174700423a9906cf53105cd1b3550abd84c7ad4329286ba39c3d1d2a02cf431d4a77b1452bb9f9198f78b733a097ec6d34b95a10ee319864e48c8c3daeffae33bb6d117aea3013df79b09effa81e5b9cdf27b0e2ae31f545c2a99f2d63fc11136d1a482927c14ebb4424c841d9f79e6dae40f160ca5871d7bb4f7475c6a0cbf2bbc8c92ce2eb4c81fcc93443ae7af62d65e5baea435b49993bc3b94e466daad5665ca1a21a90a80e77e9d3001baae3c4aa2e0fb4722e412f5fa9e2e9a94a549b605f8100194740057929cdc236d53d053040bf511c206bc04a110510781552765cd7fbf2548fc65f034552e98019e38d450ffa8eb98433b8f61f490f4b5b2d830b0c28503838f28fc41ae3cc022c2d2e41cd25ee4f2d464b43316a8efb61ef77c01c41d1e4ecf26e9b1e998999df62efe8d1dd63fdfb6a839f82734d8a6051b395c26d803de8c0fad0eb850ac139a50431ae6d6c34733a891676b07d1bf3780c5287b1451f19c6f7e39341e1e8552ebccabd375ffce2f0a4013f983b55730382cac76433b9ae95d61a47093f032b0ad03abb68dbdb18763bb402396020f82b0169c8c8a5bfe69adc3a92a83f754152b853f247c6cfce58dddbbef1ba4c93ad08326864cbbeecc450f46ca4ad4138585c909b82f5ff08b7b3af58d0c13da5a703907501094fbe3ed272f56d91f511778eb4ff26e75949fd93ba1af125aeb4df82f111097a8e7edae4c1db313cf4a86df2b9630b87052866d831a94cd4780da3c991b29f4b8b3ffe4449579e323b84b4848a181bf876bd80000ceaf8e7c7f88c1dbd92be70c8a4d1fb606533c181f96e5846fe15adc049e665b8443bb99cf4afcc5b41f0a7f53b428da9635863c216b10cd3ffcada6d7acd5324f0cd54a13b7269347bf25319e5fc802cc87348c331d0384c24e8427542037a52a674a82eb15ec63d5c26531beef7fffc52f1e18e8c94fa391aab76e7a52c6d85d9b01c2b8654bfd2ac2b6f881e89ad02a400dba1db014b4933c92f1430b48f9078e27b4e1d2b042569c875d13b8aa47ce3ac8f4c33d31ce95b5f545489577a962c43a40f9ff6ddeb66913177f148757d8d1b0cd0828979b0f0d58ba8df9e2a8ea4b4ea774933de423a7314ce452ddff20f7b83b9b512e40a4113bb7bf6f038555e7806479dfb116c760a60883d1c93556fc488f1bb85c11db82167f50c5dd81ab9647f1cbf8c79547f5e5de6c2c9aa709c003de5ba22f19971303fc54b8685cf03e253d5a19e712915d1bfc76fe95871ce8a5734141b6b4b01efe05e84799c02a0060da914f5760aa9a5263b464ce455e7a135d1d3c59064aab86ac646780e66acc00de4f688e781ea5fba90ae9d1ff0c7bba8614a432f7d0a0c184278c29adcaadf664eb56ddc02bd7782ddaa06dec6a9b7f59658ed65cf9e45938e57674ea6b653dd7777453cd5b2010f4aff65920d4e5bb8f562584ac0232d610fd0df24347f4757a07d9acbe225cc84686d20928723420622cfa5d479c530621d85f8dd38d2d0b92960b8a3591b4a5379aac9733db2f06d27bf2cb000835d53aa75d0c6ae4695734dc14e86e21732bfd6dff11fa35be669178aa235dc6ff653765d9b0b53cd70884b9983b4a438ccbb7fb38fdfdd6d362dd88a361889351e487d577ff6437aa6525fb021d8fdf982b895307fea01466197f7177d3c741057656011ac052891a13e3a81a010d26542bda618c41171bf10822496036ce74cc4bd355e01c200be2c5ce3e3b377ab6f6d160e4f08ff535fe392981efda9f0eaffecc4d12469753b41d6a6e51f2ac1f5e1518286476391a897d25a0c717e478128f8b4775ceb6bcd6a873f5a123ae6eb92a58f897de1c8354af932a1b8e40fbb54d0b52cecc10b799e90135dd3cb3e323b119da83a75b0e5522cfd0c7d920ea86faeecc1156f9f8167000d1e8d181691b4d554f2fb5e53c9436605d74b0f77b7a2eb8f64fa7fc468365da25b68e4704f74c4a8a43d9d0adf512a3d5e7d9e05b7e438a27ffbd52e45738dcbd3ab929e93a5968589eac5561803a80de5714f812f6177c4e3089a9375b58e478380c1bbd26e4e2829cc2c9128df96f86d733992029517f92c9e83256412e623b3172c72c8fc8c2d1ea683809b1550610f4f0e899b5fbb9a77eb1b9f595d9cb79d94f85396112b3301b57a51267123ba7c7583d57a50b7980a84be0051a67cc8e2f3f358974bb9a751875db31775dbd182899f34e303d52e42145a8ca79b89ae907dcb91773e228abbfbb36ab36f34e900c3935973c5c97904e6e12c04b2d994323943441fb7baae525322bdfb3a5c6265695d4b4402c4a634172fcd9b20f3d390932d25343c0b48a00781a3066e592d582fd2b9b0b1924aa171767fdb888a8af601d6a9501b5de37be339981ea29b3ce893ac15fbf7501c6650990beb8b51795c6c5366c3df3857b602abe679dedd18e9c96d21a225d49bb3351ffa11b11b307c2227625ebe04cb890c6be06b81eb7059dba061811169d39d14f9fe36ed650092d84cf80c43e4fc1a51ec5200e154a424da0908aafb714cef06de0bf264bba55a8d57e91837f6c05c2c067d20e3cb02dc4feb301d547117a913881bdf6459bf94fa24fea2090224274177aa603a33a89c4a6eb69163f2f3af2570febc9a0619f82b85893ac5484fb0688889b3d71ce605a070c47d086c220b3dbee0188279b684905038dde9824e2425ef65088463958c74a2d87a14f128357112fb419671a701136e04f4c25f3a7517325bc1f88586f888107f190f082ef8db82baff1ebfb9ca00aa4ddac15c4307b4b4625f518128b46be40b09af5ead4225c7041cd7812871de49bca676de88c9503fff5b4bfe79be0a27ef56976084c76e3ab153e95dcf2bfc6a34071796f3ce527b0201defb5a81d2696c698418d7f4a4f552179f38d834f685eb76f923ab090ba806db995d1918941f5a8e3031235eef416a8017078e19f8c2a43ca9719fce2ca423213fd568fe9373b04e6da38a0f42d0c0f80cf1c13d849e04c7cc9704b92976976fd054729f8bf10fe9f26d52d47e78ea2030a00fe9f909081036afbda968f0c655e453fc3013c5334cb317d4627ea287009222f41358161a06acafad23e8dbd66a768f726a947ce1dace4b54216643371eab9cb7b04bdc2026d3ad5a721b997de55b811513174bee409f77906a37724f83432521cbd191284704f80ea4d3d8cd626604d9584497fa6e38c17ffa3fc01b87e5c6e47b84b377faa47adc67f0f64963ff263652c802663b5733fd44675e668d534857b6e5392d3b91dbceda909b6f20e4a822a1922838115b84d6d02905c9c7f6c9d94b4ff67e1892fbba2fcacfacfc7b976159ca5a43b5a68d0ea4b82adb00963068313b9b70043359bdebeb94e1b24cb116ab469d48f03909861b973578fc2b75bf0fe7651937d0b2b97edaeb99cdfb337c5fd539166c814e58d13174d03abf93f8f65502774c4ed74f15da2912b1443acf3e820ea78e09905ed294e78870609087ade02da7a7230dfbccb9eff71e2b8192683110592892f5b888310ba2006f0205a5634019d7d2ed9bb649ac8ad3e6e8b1966eaa0b4d382d2d7fc7df1a63e41d05fcb6598cccbd7346973c9b82140d6ccf7c8bf3dc76f2d363b7eaabf56813a8e0370d15ed27979a4bb1f8c9bdb80e7c0cb3aae032dc9a4f2df491a4a840821d19f0eb5edeaeefd45e3710185105b66077e3632f5d057917c3186a7c23964a3ab36dc40e516b5caa4b511fba3cba0be0c24aaaa7f4f41d0b4e62d14dac70eb24e61d2132043213e41291c3ae110259449e432f41e349690401a8b0456bb0d5895d75127975cfde210c857554a6000018928c6a1550d4efc8e681e6ab211fa3157843dc86c664250e5988492c5768c4e32003aee0079a0475e26a45941027ce3b6b9b6149209fd8509f1189075196645b42297aa68cccefa7400a68c0ad1d06eb0c09bc88b0a7ece551165b9e3980f36677aa6998245b0811a4acda73aa3da0b52d1b58bc2aa0244d558f41689150f928bbf772eb667c9f28047324485d00ed3037de44c33747c498f3f1cd6f071e4b8b656e98e5bd17606fde9df72b9046cc9aebfc96eb1a0180557fb41eb3d012bc808d8b602a39b8af59eeb2bf7637800253a7a773d7d396cfebe5eefe407e91291dc6884559436fc6fac44b978d6617dc228fde499d6a76452333dc686d41e74846e317df663f1c4cecc5b4b050653c407859de17ea19943eada4c216d86d7dd0c9b0cee115870f7dab29e0cdb22872ee83f31778b827e85ccde4bd55ef521b6b4a8b30c487a5b1de3121c0865932113a5d41973be1f2db942ebd2a338b81e147c6298e085406ba484bb7e60de41eaa117b0467c8114f475903de5e8cd181d5bf431d5e2ba1e4bda5dcd5868af368f0630ece2f479cc3395a3aee4e1fbf2c33e99ec6a68850107f74f218bbd0d7d2fb2b41782bb825b27a8aa6f70b29893f9da39c1777f073621cd4f40d5a60141be3cb9cc78a914d51c142eb0be78c7d3e45fc0f074297b6a47dd5fdd07783a68720ae331eb1d7140823341531d453f8831c885405f2fd96a2e39e083b9e489bf38c11fba4a72620d19bb6984de57eed0a612d02b2f4761cde36af7d10861fc3495892b6e6d1f0f547aaf3803cfd9edec471b77cc712696c0180ec6e66a502b1903794c8cfadba3a4783d2eab697153c594239ccd9bbbc9cc6d2a47aa0a3c554ab34f6c019f614deb83bc8a1c40102554ce39d418ea347dfbb53cd3b7e23e2ad0950012aee8e974c31bd1e34fe5e8dec99cd5ba52848d5d459b2e0aa45471ecccc331ef5a8832f3907fd54c618745a1a68c651a2fbe1c3dc70ca8c2f43d17ec3b6e052d0a760241b23866a2a735eb30165151c87944a75f7c9f0f9476e303fd97e1b7633ed5c15cf0e6916c9ffade69ab4c2ac13a1a7a7942b788312a3290ff43f5fb76450acde179833390dcc5a4218bea01caf7704c15fd970f5a54b0d6ba66d1cb4c4aa36dc59a3ae12855c1ec68e547266694f2c3b34551ea5b7cbd47af4f6a0a4475b00bfc3e256a4103adf0244a8d87e77e09f13f956847098af66e78a6899ba93aaf195c620f580594cc77c32c27c0ea78f0b0babde25d6e29281c33ac82b678069076b6fc80821a1f8c40344b874aa9c6bb3064cfe1ffe300584b7c00dc41aad4c542ac8affde1adc478c2a0ae14094883b0d735f350391cac165868b48a41660ac3f31323d9ce6a8dd0a300997623703ed31208d8c9634fa10e522c01c813eab6dbd74931142bd7958def6c0d67ba4cea65ac263e736b2f85c085b985e014244f59cd5a0eb59dbbe08f435a489fad72a013c1ba8a3d4c6421e887e2d2ed0bddea653eb9286423580278241fa5e6f5b91f7b9a26f676f62b42cc8f55dc3902fec9c41049b1f77f99243ab3eba7478ad2d0a05414c7269111a32604b102cc838f0e65d9b1a2becbfa7681a0483170b35585c51a53bfb4907291024ac1bbe8fcde51f694b39186fa684", 0x1083, 0x44000, &(0x7f0000000400)={0x2, 0x4e23, @loopback}, 0x10) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800002, 0x12, r4, 0xe11da000) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x2, &(0x7f0000000200)=0x7fff, 0x4) connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10) write$binfmt_misc(r1, &(0x7f0000001880)=ANY=[@ANYRESDEC=r3, @ANYRESHEX, @ANYRESDEC=r0], 0xfffffecc) r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r5, 0x0) preadv(r5, &(0x7f0000000280), 0x18, 0xd9f, 0x0) readv(r5, &(0x7f0000001800)=[{&(0x7f00000005c0)=""/113, 0x71}, {&(0x7f0000000440)=""/12, 0xc}, {&(0x7f00000017c0)=""/59, 0x3b}], 0x3) splice(r0, 0x0, r2, 0x0, 0x140006, 0x0) r6 = accept4(r3, &(0x7f0000000080)=@isdn, &(0x7f0000000140)=0x80, 0x80000) sendmsg$inet(r6, &(0x7f0000000640)={&(0x7f00000001c0)={0x2, 0x4e24, @private=0xa010102}, 0x10, &(0x7f0000000580)=[{&(0x7f0000000240)="6674440b29502ccd55df1e73cc106bc10e0c4bbe87aa96b3aeef1e0a46a3d94d838d32635d1b242d8ce8e1a98f716850bf9030fcb0dc7b8fcbfc4d88dd02c3ec593e93a45d1dd27fb4c9929cb87ddb7b5063abaef3c2abbf95bcebe35f1abd3bda2aceec77bab98b66505bc4eb3e444f122849277e95763ebd91783aa7b0a5b0cee43fecfbccf22d8c8ccdffd2d32858ac440994ff65b844b5b29fc56edc8d4f95aded923ba1fdd511d50e4d0f68c16c0e78bef6234c", 0xb6}, {&(0x7f0000000300)="816460763b5770581f9e31f591a36ddb6910dbd8216b5c8fb6c558b3d513444ba06015bd617ed24066c16cd048d15af947fec74b6c99e2956f34caf39c54360c05b0d9def9a2167afc3a47875609340dbb9e310fa945694c45b06819326c33f03ce935b579e583d103efe2a0630cdbe592a1db03892c35b3dd42ffb9ac25d7bacc01b9d66186474ec9cb15f80e419114de9e32fb84debf697b33d0408ae29d9ebc91afbaee8d8d83f5ca894c370db6168db974af043fddbbda87f075d95bf0c450b138ea05c435d171435d3bf6b2", 0xce}, {&(0x7f0000000680)="22714af7f99b8c3c10e6527b2f7250e72a4fe6464df29254f8022eb528444e1a570452921866027b48e9197915e6edcff8d2e4e713213773282897d0facb03de30b5d8154f471acc1aed8205e368e93444e7f746808d70b92777d06bea630a0dcc5668a1b2488639fe461e72849a1e53510df5168c96b3a2d75a9eeb16cea37e27e332f1c848fbb471f927306fdc67f75ea1877fcc99d3cac11077bfefb0ab20051e5ac2c83a2939c777d252faf68cbe664639dc0c401bf765d928c559a53f7778ace941f2fa573015af73d5d1692f9d0d62c0420630fcba551190a1c77f85fd82e9fe48e9bd878ae3169f8f8da0487565f2e5d8a6aa819f8ab153b540bdd04e47109b8a44be04a0adedf7913070", 0x10e}, {&(0x7f0000000480)="624a18f891a91896228806dced3cb20204e47aa29976f940104475297baa22de81044c43d0b7f44282a05ddd9a82021e1e7de6b1401e06307c7a8d6ddb90a46d577c884a452f79e59dd45918c2c0e0e57f397c3323985c89e148641982da1ac9094abd4a7841e3b8ef9fa4543b4533ad865c206c58387cbd305ec026af9b9acfb35134e2ebbca5349700178951c36bee3ee40b9907e7d9a6f941a9535684c6026ef439b6857e1c1fee00730ee453da1fe16d0425fae43be284e2ccc2fb59c19eef3054af7592c03a", 0xc8}], 0x4, &(0x7f00000007c0)=[@ip_tos_u8={{0x11, 0x0, 0x1, 0x1}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x5}}], 0x30}, 0x1) 01:07:08 executing program 4: clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) chdir(&(0x7f0000000080)='./file0\x00') r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x11) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x30) 01:07:08 executing program 4: clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @remote}, 0x10) r2 = socket(0x400000000000010, 0x802, 0x0) write(r2, &(0x7f00000000c0)="24000000200099f0003be90000ed190e020008160000100000ba10800800020077196be0", 0x24) setsockopt$inet_group_source_req(r1, 0x0, 0x30, &(0x7f0000000100)={0x0, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @remote}}}, 0x108) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x3bdd80, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x1) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r3, 0x400455c8, 0x4) ioctl$TIOCSETD(r3, 0x5412, &(0x7f0000000000)=0x30) [ 1349.911804][T15091] loop2: p1 p3 < > p4 < p5 > [ 1349.918289][T15090] loop3: p1 p3 < > p4 < p5 > [ 1349.918347][T15091] loop2: p1 start 3489792000 is beyond EOD, truncated [ 1349.923456][T15090] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1349.953575][T15091] loop2: p5 start 3489792000 is beyond EOD, truncated [ 1349.959171][T15090] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1349.990316][T15093] loop5: p1 p3 < > p4 < p5 > 01:07:08 executing program 4: clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x30) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[@ANYBLOB="0701023fa9020000e10200000500000024000000010000000000000000000000834c378d7cd71e08f0951e9cf33b1622b3b9b69c44710d2fad7bf7051db66a02ef13d83553fa143c5195fd89fd861cab885c0de051a6ef9fa3006f38f048238d29a8bbc0cbf08a163684d120fcdabbd78a4e3fcb09ac0f4aa0f8bb453700"/637], 0x27d) ioctl$TCSETAF(r1, 0x5408, &(0x7f0000000080)={0x58, 0xc0, 0xd7ee, 0xffff, 0x8, "1e549e30cd27a019"}) [ 1350.001047][T15093] loop5: p1 start 520093696 is beyond EOD, truncated [ 1350.012553][T15093] loop5: p5 start 520093696 is beyond EOD, truncated [ 1350.090420][T15092] print_req_error: 22 callbacks suppressed [ 1350.090432][T15092] blk_update_request: I/O error, dev loop3, sector 137344 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 1350.104069][T15115] blk_update_request: I/O error, dev loop5, sector 9 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 1350.108020][T15093] __loop_clr_fd: partition scan of loop5 failed (rc=-16) [ 1350.120916][T15102] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 1350.137555][T15090] __loop_clr_fd: partition scan of loop3 failed (rc=-16) [ 1350.148821][T15109] blk_update_request: I/O error, dev loop3, sector 9 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 1350.149034][T15114] blk_update_request: I/O error, dev loop3, sector 137344 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 1350.173824][ T95] blk_update_request: I/O error, dev loop3, sector 9 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1350.185240][ T95] buffer_io_error: 16 callbacks suppressed [ 1350.185248][ T95] Buffer I/O error on dev loop3p3, logical block 0, async page read [ 1350.199755][ T95] blk_update_request: I/O error, dev loop3, sector 9 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1350.210836][ T95] Buffer I/O error on dev loop3p3, logical block 0, async page read [ 1350.219086][ T95] blk_update_request: I/O error, dev loop3, sector 137344 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1350.230416][ T95] Buffer I/O error on dev loop3p5, logical block 137344, async page read 01:07:08 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a0002f0ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1350.244025][ T95] blk_update_request: I/O error, dev loop3, sector 137345 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1350.255482][ T95] Buffer I/O error on dev loop3p5, logical block 137345, async page read [ 1350.264210][ T95] blk_update_request: I/O error, dev loop3, sector 137346 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1350.275556][ T95] Buffer I/O error on dev loop3p5, logical block 137346, async page read [ 1350.284055][ T95] Buffer I/O error on dev loop3p1, logical block 137346, async page read 01:07:08 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff090b0a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1350.292534][ T95] Buffer I/O error on dev loop3p5, logical block 137347, async page read [ 1350.300993][ T95] Buffer I/O error on dev loop3p1, logical block 137347, async page read [ 1350.309641][ T95] Buffer I/O error on dev loop3p5, logical block 137348, async page read [ 1350.318144][ T95] Buffer I/O error on dev loop3p1, logical block 137348, async page read [ 1350.339692][T15093] loop_reread_partitions: partition scan of loop5 () failed (rc=-16) 01:07:08 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000020ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:07:08 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x20000339, 0x304, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) [ 1350.494631][T15125] loop2: p1 p3 < > p4 < p5 > [ 1350.500089][T15125] loop2: p1 start 4026662912 is beyond EOD, truncated [ 1350.512449][T15125] loop2: p5 start 4026662912 is beyond EOD, truncated [ 1350.544730][T15126] loop3: p1 p3 < > p4 < p5 > [ 1350.549886][T15126] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1350.560293][T15126] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1350.634671][T15129] loop5: p1 p3 < > p4 < p5 > [ 1350.642149][T15129] loop5: p1 start 536870912 is beyond EOD, truncated [ 1350.652689][T15129] loop5: p5 start 536870912 is beyond EOD, truncated 01:07:08 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff0a0b0a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1350.754218][T15125] loop2: p1 p3 < > p4 < p5 > [ 1350.759410][T15125] loop2: p1 start 4026662912 is beyond EOD, truncated [ 1350.776253][T15125] loop2: p5 start 4026662912 is beyond EOD, truncated 01:07:09 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a0005f4ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1350.838246][T15129] __loop_clr_fd: partition scan of loop5 failed (rc=-16) [ 1350.841256][T15139] loop3: p1 p3 < > p4 < p5 > [ 1350.865005][T15139] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1350.885287][T15139] loop3: p5 size 11290111 extends beyond EOD, truncated 01:07:09 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x303, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) [ 1350.959588][T15142] loop2: p1 p3 < > p4 < p5 > [ 1350.964638][T15142] loop2: p1 start 4093968384 is beyond EOD, truncated [ 1350.984028][T15142] loop2: p5 start 4093968384 is beyond EOD, truncated 01:07:09 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff0b0b0a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:07:09 executing program 0: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x10000000013, &(0x7f0000000000)=0x2000000000000001, 0x4) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000180)='ip6gre0\x00', 0x10) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x2, &(0x7f0000000200)=0x7fff, 0x4) r5 = syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff) sendmsg$DEVLINK_CMD_TRAP_SET(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000600)=ANY=[@ANYBLOB="00000000931ced148b234e7cc12d0337226bffa5acfad2c4576a20a03afa042b38c36e9e7300eb5b3aebbdb40f5130604d05c2d7472ec690e922b4347f00e2290cbe9f588ca97eb21985756e92a36fdcc093a475a0ed32cf357d359940dbde5322f7f82d4a5c4e744a5f1d4611fdf9e3a0d274b28167630b4304ac104aa70d227a769496c9d3dc7e0e39df4a4e60f9d6774fe93489296563bd3244912adf93989efb59fffc100d69440b1930ba9c3814456b9d543d7983a2b751aeb6091457392140a2aed61ddfe02bfab4ed212e74e508001c49bf496854abd49dae314a1ea7802ff1365f28235795ba9a2d89882a9e6450dfb9fd29c4971e1c81c5df711ee4f0acadbc654f1bb79d4cf43ac3310e02b3c79e0bf56cc335a9efc6", @ANYRES16=r5], 0x14}}, 0x0) sendmsg$DEVLINK_CMD_TRAP_POLICER_SET(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x11080085}, 0xc, &(0x7f0000000080)={&(0x7f0000000580)={0x280, r5, 0x2, 0x70bd2b, 0x25dfdbfc, {}, [{@pci={{0x8}, {0x11}}, {0x8, 0x8e, 0x1}, {0xc, 0x8f, 0x6}, {0xc, 0x90, 0xc80000000000000}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x8e, 0x3}, {0xc, 0x8f, 0x9}, {0xc, 0x90, 0x7}}, {@pci={{0x8}, {0x11}}, {0x8, 0x8e, 0x2}, {0xc, 0x8f, 0x7ff}, {0xc, 0x90, 0x7}}, {@pci={{0x8}, {0x11}}, {0x8}, {0xc, 0x8f, 0x8}, {0xc, 0x90, 0xfffffffffffffff9}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x8e, 0x3}, {0xc, 0x8f, 0x2ea3}, {0xc, 0x90, 0x4}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x8e, 0x3}, {0xc, 0x8f, 0x6}, {0xc, 0x90, 0xfffffffffffffff9}}, {@pci={{0x8}, {0x11}}, {0x8, 0x8e, 0x55d05feaa0fcecd}, {0xc, 0x8f, 0x6}, {0xc, 0x90, 0xfff}}, {@pci={{0x8}, {0x11}}, {0x8, 0x8e, 0x3}, {0xc, 0x8f, 0x40000007}, {0xc, 0x90, 0x7}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x8e, 0x2}, {0xc, 0x8f, 0x3}, {0xc, 0x90, 0x7fff}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x8e, 0x2}, {0xc, 0x8f, 0x7d3}, {0xc, 0x90, 0x4}}]}, 0x280}, 0x1, 0x0, 0x0, 0x80}, 0x0) sendmsg$DEVLINK_CMD_GET(r0, &(0x7f0000000140)={&(0x7f0000000040), 0xc, &(0x7f0000000080)={&(0x7f0000000340)={0x10c, r5, 0x4, 0x70bd2b, 0x25dfdbfe, {}, [@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @pci={{0x8}, {0x11}}, @nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @pci={{0x8}, {0x11}}]}, 0x10c}, 0x1, 0x0, 0x0, 0x10}, 0x1) connect$inet(r3, &(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f0000000300)={0x0, 0xcbf, 0x80000001}, 0x14) write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x140006, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r2, 0xc020f509, &(0x7f00000001c0)={r2, 0xfffffffffffffff9, 0x0, 0x7fffffff}) sendmsg$NL80211_CMD_TESTMODE(r6, &(0x7f0000000480)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000800)={0x13d4, 0x0, 0x100, 0x70bd2d, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_TESTDATA={0x6, 0x45, "e432"}, @NL80211_ATTR_TESTDATA={0x1004, 0x45, "972f2dd4496642c52473f356787eab37639134abbb828af6f5f89f90ac8a4bd4051d637c625b7f00bf00efbb18eb94db33ef6b8616fd427cb7f79f16672e9e8ae4461a5e4f0764d8a89e18433d518febcae80db59df1ce56eeac77f70dc5cb24708ce7d100aa3e0edb119b618b10fec8401934dff6be17f5791186d40a5b936a830b90bb48197b6d9900836c3dfc11b2c8acd6b12fb40bd35ddd3395ddbaacfd8fb406e362af6dd31372c1cdcd0b01ac0e8b8500eaea73ba6821e9db46be7ba118350244efc527f7a7cc4ce83ea96030bb88362990363164b52954e203f06d893ea4b758438b3c60dbdd29f82b6aed88113d53bdf66f7e81eabd3c92869351b5dbf1248206c9ce33677d2093a45024522a0bd62db8054eada77ec2b1d89de6fd96dfa9794538a78830005bd8c233a231d23930c04c24fddcad2a88eeee34a58de79b4b02987334eca3fdd3f756d1dae93b341c14be0c8d6b04696f2038b253e99a784b4425e2481a973a16a3aaea93df083523fa9695e86022260b78689765aacca970bde68ab3c3f45222772e1ad761c3890187fcaaaaeb41211482fb272c0622ff1c0b5711c36b1b3361d48dcfb33c431054cd760eb7ae2d1d108cd652a1a649e9b448030a950a84e1db1202a821cae596a4042a63a528dadf73c4bda7e7091e839c3db86aa4385b07bc98fd612dc193f91b03a8206db047a01c8474f4430e1666c042e40245287b5d2e384e2d7b51c7ab0b0f6fde98e68af3fa8e7f8bd6f6d076cf6e2e8d1c316015b085589f3d2127488fd603e01e76ea41eb970a4c46578a5706eaea80b07752076d682c123d42ed765e88161176181e50dfc1d422e272196909667a00d1b1dff8c0e79fe4e9b77ace2406c7afd83e1337cbc22ef5bf98fc6bb285561596a86012e22363fd729899383087bb28076bba93688aa5cda4bba8dde8518e6082528a5a6551d48a12f6ef30b5bafd2568b118932a6e9a59f424c82be15577b51c93bfc97f9b9cd41ae1bf7ec9aa061b000e1b0bb5e56d9512a4d67651ec1da5d13f295e4bb0c0cf59afb5f434cbf1c43e02168e9d9a52aa5fbd769adc7db216f48123086eea9075a052999b66ab2d58bdad4a653975f6cacf9486caeffbd596d640b3d6db3937dfbb927e07a060a45ff2d15bb4f8b476c6287bc5dea1d3623f41fa54133a1701f8d45894dd15fd5a69019a358f9af4fc7ec7193412f96451e444de963fe38311f8740c7def96c16cc9ae7930a2a9998585e1809624476a3e6e37093e6f0f8ef6d02792d22d2cffa953f143d2e901d157088a5a33e43ac8faef15aa688e8bbf5c80b7e0f0c4f1a65d1bcc86bcf97b9e042774ac6f3a74da9c453fffec2e36d4592e38fc59eb2677eb60153fb9ca42e732017fe78b303caf35badef4613e82e4ff44f7d52ed7fd4d97c79113603de046d7ecd67cafd2008bddb52f5a3578632b6a06e6a3cdcb67538c6ac4229f3395443c321cea3c4de36ab6c362418e25773b1d1794b52b2bce1a5f7abfb01f269a99e01ee9da151a4459cb49984dd9184df516a388bc74e1e14af3cff0889a7097ae0b4506ebbe5520faff9f917df763c7e92278d08fc540216943e9cbced191cd620fe8ee45834c5dc44f88fb0e8ee0280238c2a708c926fb4a4a5de5224b2a061adb3c28b1ead918167f59ca444b3f512de3954b78d1926c51da700833fb484f5fe13ef2d049f92b6ca72fcdab7f7ce11a82eedeee7a94413c8975835337b7f164ca19c635680c717c8c810876519beea6e4a59a1820bbb8f7d83d269988cac928b2a4009fb216298bad191a1c6dc68fb5d1eae3c5ac648cfdb0456648ed60e7fe845e2aafceae20de08a9fd83ec1ecf32195713dc6905f8ea85b6d27e4d440ae5d02fbc6b2b7c18ecc030bae80f6bd75b683ace9ecf4ae6361d094bafdc77b29f9f7561fe56515f9360e8511391095b2824ac98a08725014e52bd4ddbe230d9beb3f10d5659b43cf600192a7ea5acca0442ca7a6d4c23ad0224415a56c386949fc9613e6ce66bf95d8a8c573a3585410813b094bd8fffd7727f80f4ffd3e5334eacabaf808acaf6bd361e4e9f72dfcb6057564b6fc0e0ba973655a8fd4e281667a0636e7413c2fe7fabc17fc2c24745e835f1ab9962940b1bcf7ec5da5f526d46af6f00cefd5a84b3e7eee88e27138925a86985f064a4bd87a779a0d615e96493dc459653ff213f2943f04552762434402dbd5b849bf4260b3e1ee8b74e2e060233983f9f0ca5b52ea464aa33bdd0290a29c805ea4328caafb451431b25f0b2af473eb77d71cfd5c3eb4d64812740a21ca585182ec9bea4ebfe250af146264e975a4097d4ee6a90b711b5ffdc005a6bf7d548a6388228ce9b71bfca49a54046ab232ba59088907c784cbd8e336e107bab42511eb34ec7b6ec2d7a14f2abcd334d4e199b5312affad71210fdeb639bcf55c67c3a74c1ac333aa701ed20303f41db48469bcebc1ea40920316436de772b4f2a476c389a0e0d48dc90e3cbecc96121245da395727bab8a759ac31119b18050dcfae8d16069ac5e24f021e3d777726b649b3acee9901065b675251f53f704e681bb3411e7405dc89fc6437c0a6788ff5af3f2c3900c71b38d47953a533cd4eba8ceb15f5bc59c8e6bcafd33fe86f8dbae2968b7016cb478c8ce6db1e1b5a584992b0363e2fecd8608529551e10f3e277bd035e7ddea9dad94fba8f60f165868ef6d1c00d9e655156de3334c210b3f3c2792b4d2b59a158ecc2ca8d9b57c9bafe6f2ca74da6ec79a82976c6baa21af1b20a4507504ad5b16d47e8ea5fb06f558fae6ba227914fe4c945fece01c3d598347d3d39429fea33453d18093ccfb4484a5c3b4e8f26920c94b7a8827bc7316f5b068b452a3936b97d434ca19502ed174d1b91a32954aed2a0b699a97f74d002dfb8b7b729b5727e37d738f94c2a3d8cac2af0afaaea42746ba5f7374486a5ea44af03047d4e5c0098a1f8805c3504fbef1058d55579c2740315321f58dc082835aa89daebadf78847c5359254687aca144331acc5cbef45cf269a5839a454882ca307e0385212710774da40b7515506be4d654d0dc03f5dbcc7db3f62516198c012f0d29a68e14fa791817f01c4a1569052c7df7fb7f4ac9e01047ceca682ce3ed9d703b43b032b2e7e61894ab4d3e55a039d21a33a999593cdf70d5cb499e4f9891baa88d09cb0f01933bec3a88342fcbee0c55bdf89a15f31d1b26d313a668af4a533c786fe26d86daaef638381e5946cf1b031a59809812e92676e6847c1f8e6c0d2de28f21ff3b0955fe32c6a3c7a936003d1fcf92cfe56a93bfd3047e21115e7ec71853ae48781f9552eb74b988ecb628cb55e12e9d996eea75ce2571741b949b00d003279ddbf5643ba70e115e7e4279fe18673e9c749d37309db9f3103c7f02045c6c23abd11888f97b9e2cca3efe426543e3eac7d7bbcaaf73fe14aa5fd699e5dd4db6832361b70633f901c15bb28f68ee421c80c5774b15771425c4936de47e64aff813984ec228836fecc60ef100523a11373a057d38f9a3ea74b925d620b004d0562e55e4d680eb24b18ebdb592938ee21f39f335df5cf77ac45bc280c0c1f0d28766419cf7d1a36ec28c5a7abf2eab40096504f3455817e7533ffd974420b176705517a08e217cdcdc7605488e8741e0dcb55f27e9713b8c49eb9a7dca293bc203e5a166fd60ba188823e4c5467031391df9c2004652c501696af1a109cc5fc17803d164883aa4a09a422e36c7304abe2d3206768c5b89a73b0ceafab514563f4abb0f0331f9d37584b6c04679b1a884b3de0a458cd163da4377ba6e46164a04ec75e65fc18effc2bc06afed2bf181058ee8d6445744c6b57d5b69f8604a4867c798d31f9d919d23b66af8ad39403c580cea7c3dd25d6ecbf1b7f68cf485746122ae88aa88ad0ff356588f7aa6fdb4faac23ac08dbfb9604b0b2bdcade3822a3dd99510b26fca70de3ca873f77bb413a9b6777886ac139cf52b02acbb503deddf3f14b1d87f0a6563df478cfb178c94bcfac3487755a6a1a2b7508c0f11c900df0de499a1424f970bc15d9a7d28822d5d7f703bd8cd0736181386e3801bfe013a6a3d370f67e8be45aaf390da42425df598becf7da6fbf20c029ae3c63aac06bbd693c5b74bf212c6ee543ea37d4e4e80f3025a2c305fd529695143f0e920557cd2bfda09778451d63302ee33a9cf779a185e4d0d58fb37037d89a4aedfcf4a8a269dd3a80fe52d714fb9ee2f679b187033b360a4f3a4b9134f2eafab196ac6004dd0205374dfb9b9630b638f138695e29f9695359fcac249db62f295f834a6a7dcf84630f0ef497c50b654d33cd7b3e23a2109d209d11cdd176376cbddc6b3a4d33b639b0ee31269560a12a1df0141518f86e83172bda1a0f63ca9980b6491f7925910a07617e1ca8e92a9b537fffb047e41328f70c9ebecb7e959a69c35aa93c1894fb8e2f3f35eedcb22e66adffe979ab9619c90e66de2458477e2d569a9635702c7b18574b9c97c6723dc3a58b9d211c9025cdb04b6a1809620e147297e8cdb09623027e1e86767a5b5bb03fcb22518f2b44f25d7aae8754d138af995d707c73ea6c0b79304eb2650e627b38ba22dba8df699509a68ee4fef554f74cb9fc42133f680423afcf47f53963ac5a1b5f3f0e228fd69a273f12509efc4e3c3d55d30f592ae158bf692a4da35b1ae188d8535314dca8d6c471f32f04c6977c3542d7f7c1ad2fbec1c738c92471acfa347724ca7188971fba23dd8cec96b0915236c4a1a2f731271e31739fdd709634b0f542252e6c069d652ecf66b409d47623dc4999ef39249e19818853bd0d56abfdf511b3a0febcc8fe91e618a76831448af2dbc4c81e097064a4d29d27f8f6f6a16a4369f8a1d583717711a086635953b37c7b6ab7a54ac620077ff2b0359636486edfd16e22f476dfa0bee4b35d1a905371c6240021c37e42d55ec061765cd579b6fb696ac5dbcb9af07760a2720c3ca4788b17045428b736147328e92d28dc34c82c68b6036e027545655c3447f5b1b2e88a3caeba081bb78a6f4033d89945b5dedbb7e02eba95c8f641c59891570f892a41318d94dafbaed86d9211fa3f4803397e0e0211e87a4ff5b922c4d607595b395527cfa8d692ba505393c4decf19f07b2f2ef4fbf3dd4bbce7a2c83df4e19f2dc5c7893d7bfb352b3a34b3e7d74fb4477e593610d7356beaf8bfbf7be9c2e54b29c7ed51ededee94f28843c558455aa2eb4948e049e48a74079d36a8ae3f161a8fd474ff02549f1a603c3cdae35903fa608f93afb1e885eb85158c1af8f0e0848774ccfc5134acce7c7013190a1a7acc1d5d3dca302a5c662da53e8fccf76bae2727e4831c276732b6e99e651897d9c5941c3dd10474214e1ed636fd9fc0c40279c28bb9818c88ebc0c1b7e487c1d30378b681a11782ca3fdf4179e372f6b63251c524eca8ebe37b5c502814c9113165d3219a239d808993d763e60947f845454cbd760735974a96ebf285703123b99a4778b7a543fed2cda1f190131b0c6fc38b8858d554b247760a8bfde31e7db9f280daa431133f6c285a3efa4a640c928c3f3f0765ce98fda3b41d316b751e390a159b508471a710cb20df1ef456aa7c1e438d407a076815fd13e50ecddc5e355940bd417b9d68836e811446105006354d9350c9b84dcb6a0e3f4322e3c5f6e6f138287389c450c592e624d8445d950d5591e67b473a95ce2f03559d35856d61ae1820c9ba068e9e78d23d4df8b8cb"}, @NL80211_ATTR_TESTDATA={0x8b, 0x45, "98257ca140ce0bcc34e82fa4d4e7e5802f612c47d0731ed275da33992779d7441f5957280041b7d5b8ebadb19bbc8affb742dc5bdbfec334506e89bc7cd775c3dad495fdbbc0900fe57cc071ae03c0e409abddb0f31f3a7b21e30c43d7f632bfc1fa89410ed5ca2959d1eb4a7b6cb7136a1da9883ca21c54f3a8a7fb230e6e7e2dc118daba6c39"}, @NL80211_ATTR_TESTDATA={0x9e, 0x45, "4251efe01e8eb6c678f339c4d0578f31e54326172cf8635fe5bdee0e4625ac4c388933585325fda0dc2202ae7b8cfb21c9fbbc76d294bda334fc1d60054eb3a7ca61a0eeb9b663cefebe0ba5aa4210b8267a6077b3e4b81a2ae9318ab837f89ed9c6c52cc509d5cc3afd4c749c88f1828d20cc0ea6a8ffb50e173051bcc674e4c3fb73701e1102b7cde904bd146cb618a1e336b4dc2fa9b8e38d"}, @NL80211_ATTR_TESTDATA={0xfa, 0x45, "6544086e7cc085ce3ed084cc239ad5d97f3fa7271e7493447a63dbcc29331ed9b9a97a38fc22b3d3f1bd30cfaa7f39343abc427192979e71aa04c13cf5e684fa58984a418b39688287b83d200f033c10a0585fff4e9805d964b6e666240d7b1cbe310cffb754ef3da0768132d8ad92ce114986872ab579a94be8245c7e6b9f08e88b8624e9f99955eff9d9fa7d0ab135a50ddde69fc92f889ec0417f686e0dd5c5fb0efce3fbeffc9d7f612af2918df3ae2f2f38eb5d6a81ff6a3329dfb558ab08abeb07887e0597391e3fdb06d67b86de54cd2e41c31dbadb08d9abaaf5c8afc408bd3592152914fb1f673786095ac5ad7b493fdb2c"}, @NL80211_ATTR_TESTDATA={0xff, 0x45, "a305a4df8b2aa8877a6e16cd9128ebbef944383672ad7f9d3dabc3da6c7456f12ed1b2f5a33a4535c59747d091721ca7e07e636a9b41419fb49e6382debef218fe4e542119baeca39dda6811907c799c6f8e0efed29cb8a499b439a93a5d7028cdc19ff99ba010a2dba974049c980654efe18a5292820ce095b410afcdb05bfef24a5c968ff5533164dba899e3c60a0868c242953aa74c81ad2b086e201952abe5c7861decb978fa8f2705d1a5f3b3e92763921b434429d014bdb65b36d713c970032ccf449e104dc7a123e374382f04806fe63dee2fc217ffecdeeb54272c8601b223b40f12ac20533f63fadddeb75537a51692aa807e90c950b8"}, @NL80211_ATTR_TESTDATA={0x89, 0x45, "3ab024264e6a02f63ffa4e03e556593db4becb59eba25b6c328940b6c2b2a3f6f2e212fc37d944a71378fed8b8e9f27a1f5440157048ecdec54c56e7c2c3d96d556227660fb25fb0b655306be37b0684b566f504506ec9d346924c9eb9696943bf857442da0b35641e82787abe2a93c3a39b1f3842c72f176eedee68776530880ebb44fc0d"}]}, 0x13d4}, 0x1, 0x0, 0x0, 0x8000}, 0x10) [ 1351.024003][T15129] loop5: p1 p3 < > p4 < p5 > [ 1351.033037][T15129] loop5: p1 start 536870912 is beyond EOD, truncated [ 1351.057093][T15129] loop5: p5 start 536870912 is beyond EOD, truncated 01:07:09 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000b21ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:07:09 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a0005f5ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1351.331420][T15154] loop3: p1 p3 < > p4 < p5 > [ 1351.336416][T15154] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1351.354590][T15154] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1351.382452][T15157] loop5: p1 p3 < > p4 < p5 > [ 1351.389259][T15157] loop5: p1 start 554369024 is beyond EOD, truncated [ 1351.401018][T15157] loop5: p5 start 554369024 is beyond EOD, truncated [ 1351.448575][T15159] loop2: p1 p3 < > p4 < p5 > [ 1351.453453][T15159] loop2: p1 start 4110745600 is beyond EOD, truncated [ 1351.461751][T15159] loop2: p5 start 4110745600 is beyond EOD, truncated [ 1351.511977][T15154] loop3: p1 p3 < > p4 < p5 > [ 1351.516935][T15154] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1351.526211][T15154] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1351.608818][T15157] loop5: p1 p3 < > p4 < p5 > [ 1351.618865][T15157] loop5: p1 start 554369024 is beyond EOD, truncated [ 1351.628371][T15157] loop5: p5 start 554369024 is beyond EOD, truncated [ 1352.147149][ T1216] Bluetooth: hci0: command 0x1003 tx timeout [ 1352.153305][ T9371] Bluetooth: hci0: sending frame failed (-49) [ 1354.227040][ T1216] Bluetooth: hci0: command 0x1001 tx timeout [ 1354.233185][ T9371] Bluetooth: hci0: sending frame failed (-49) [ 1356.306926][ T1216] Bluetooth: hci0: command 0x1009 tx timeout 01:07:18 executing program 4: clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) clone(0x800800, &(0x7f0000000100)="ad13505dae0c03fa79d5f815c16072e093d9a9c34b4d016795a510a57c4a9e8bc2bb3fec8db9f3559a59e7cdb47520b64b6c80601e00c7464be0bcf470af9bdc944fcf7a140e0d5489cd7f7fd4ffb87687a7a6b8660ae8b6ed3514be18b1b3aca3ba3c24f8b358ebb8158091d0052dc9baa549e473999326cf0ec3be9a32ae3d845ee8e5fed3a7e9d992ad", &(0x7f0000000080), &(0x7f00000001c0), &(0x7f0000000200)="39b26663c1543efa7322e41e39c4929aa62b6cc05367fb2258dd767c0526a281573f72ebcceeeee0ac3c4ab6c59bc52c073195f9a240bf6d88a8e32d4c690e19094b7ab4d974f3d8b71c4b099a9f2d2b9965838e992053e38ade449d7baeb5e3a96e1b723515aa33a73e8fc194b35816b10131197e7a344606f4eb2a93b8de68e6c58025c2a043b842c71e37fef5c9b9c0bdfce527b6a55cb2ffbb8e0c00b0cd37532edeb1235e9df93e43de081690603f7d045726021468b4e17d09414009a39d2dc86907f0ca167e616b0f991aaf0a987622bb6a105cfeea98a6a37209998128be6a6927eadb") r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x30) 01:07:18 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x310, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) 01:07:18 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a0005f6ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:07:18 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff0c0b0a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:07:18 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000025ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:07:18 executing program 0: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x10000000013, &(0x7f0000000000)=0x2000000000000001, 0x4) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000180)='ip6gre0\x00', 0x10) getsockopt$IPT_SO_GET_INFO(r1, 0x0, 0x40, &(0x7f0000000040)={'nat\x00', 0x0, [0x9, 0x4, 0x200, 0x1, 0x7d]}, &(0x7f0000000140)=0x54) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x2, &(0x7f0000000200)=0x7fff, 0x4) connect$inet(r3, &(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f0000000300)={0x0, 0xcbf, 0x80000001}, 0x14) write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x140006, 0x0) [ 1360.742121][T14996] Bluetooth: hci0: Frame reassembly failed (-84) [ 1360.858574][T15176] loop2: p1 p3 < > p4 < p5 > [ 1360.859266][T15177] loop3: p1 p3 < > p4 < p5 > [ 1360.863484][T15176] loop2: p1 start 4127522816 is beyond EOD, truncated [ 1360.870046][T15177] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1360.876003][T15175] loop5: p1 p3 < > p4 < p5 > [ 1360.884632][T15177] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1360.897403][T15176] loop2: p5 start 4127522816 is beyond EOD, truncated 01:07:19 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a0005f7ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1360.906209][T15175] loop5: p1 start 620756992 is beyond EOD, truncated [ 1360.927865][T15175] loop5: p5 start 620756992 is beyond EOD, truncated 01:07:19 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000026ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:07:19 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff0d0b0a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1361.017254][T15190] loop2: p1 p3 < > p4 < p5 > [ 1361.022121][T15190] loop2: p1 start 4144300032 is beyond EOD, truncated [ 1361.046263][T15190] loop2: p5 start 4144300032 is beyond EOD, truncated 01:07:19 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a0058f9ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:07:19 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x3e0, &(0x7f0000000040)="b90103600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) [ 1361.183413][T15194] loop5: p1 p3 < > p4 < p5 > [ 1361.188322][T15194] loop5: p1 start 637534208 is beyond EOD, truncated [ 1361.199517][T15194] loop5: p5 start 637534208 is beyond EOD, truncated [ 1361.219751][ T148] loop5: p1 p3 < > p4 < p5 > [ 1361.224564][ T148] loop5: p1 start 637534208 is beyond EOD, truncated [ 1361.234025][ T148] loop5: p5 start 637534208 is beyond EOD, truncated [ 1361.257465][T15199] loop3: p1 p3 < > p4 < p5 > [ 1361.262364][T15199] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1361.283440][T15199] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1361.293850][T15203] loop2: p1 p3 < > p4 < p5 > [ 1361.300793][T15203] loop2: p1 start 4183293952 is beyond EOD, truncated [ 1361.313734][T15203] loop2: p5 start 4183293952 is beyond EOD, truncated [ 1361.383244][ T119] print_req_error: 51 callbacks suppressed [ 1361.383255][ T119] blk_update_request: I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1361.400143][ T119] buffer_io_error: 43 callbacks suppressed [ 1361.400151][ T119] Buffer I/O error on dev loop2, logical block 0, async page read [ 1361.416387][ T119] blk_update_request: I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 01:07:19 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff0e0b0a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1361.427309][ T119] Buffer I/O error on dev loop2, logical block 0, async page read [ 1361.449959][ T148] loop2: unable to read partition table [ 1361.587560][ T148] loop2: p1 p3 < > p4 < p5 > [ 1361.592347][ T148] loop2: p1 start 4183293952 is beyond EOD, truncated [ 1361.601247][ T148] loop2: p5 start 4183293952 is beyond EOD, truncated [ 1361.609619][T15203] loop2: p1 p3 < > p4 < p5 > [ 1361.614453][T15203] loop2: p1 start 4183293952 is beyond EOD, truncated [ 1361.622608][T15209] loop3: p1 p3 < > p4 < p5 > [ 1361.627893][T15209] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1361.636068][T15203] loop2: p5 start 4183293952 is beyond EOD, truncated [ 1361.638063][T15209] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1361.767100][ T119] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1361.778310][ T119] Buffer I/O error on dev loop3, logical block 0, async page read [ 1361.786330][ T148] loop3: unable to read partition table [ 1361.792091][ T148] loop3: partition table beyond EOD, truncated [ 1361.857443][T15209] loop3: p1 p3 < > p4 < p5 > [ 1361.862339][T15209] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1361.872073][T15209] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1361.961346][T15171] blk_update_request: I/O error, dev loop3, sector 264064 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 1361.973054][T15192] blk_update_request: I/O error, dev loop3, sector 9 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 1361.978659][ T95] blk_update_request: I/O error, dev loop3, sector 264064 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1361.985909][T15184] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 1361.996653][ T356] __loop_clr_fd: partition scan of loop3 failed (rc=-16) [ 1362.014301][ T95] Buffer I/O error on dev loop3p1, logical block 33008, async page read [ 1362.023668][ T119] blk_update_request: I/O error, dev loop3, sector 9 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1362.023996][T15217] blk_update_request: I/O error, dev loop3, sector 264064 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 1362.034822][ T119] Buffer I/O error on dev loop3p3, logical block 0, async page read [ 1362.056071][ T119] blk_update_request: I/O error, dev loop3, sector 9 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1362.067035][ T119] Buffer I/O error on dev loop3p3, logical block 0, async page read [ 1362.075237][ T119] Buffer I/O error on dev loop3p5, logical block 33008, async page read [ 1362.083606][ T119] Buffer I/O error on dev loop3p4, logical block 0, async page read [ 1362.091634][ T119] Buffer I/O error on dev loop3p3, logical block 0, async page read [ 1362.099800][ T119] Buffer I/O error on dev loop3p4, logical block 0, async page read [ 1362.786541][ T1216] Bluetooth: hci0: command 0x1003 tx timeout [ 1362.792684][ T9371] Bluetooth: hci0: sending frame failed (-49) [ 1364.866414][ T1216] Bluetooth: hci0: command 0x1001 tx timeout [ 1364.872479][ T9371] Bluetooth: hci0: sending frame failed (-49) [ 1366.946274][ T1216] Bluetooth: hci0: command 0x1009 tx timeout 01:07:29 executing program 4: clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x1) exit_group(0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x30) 01:07:29 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000032ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:07:29 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90203600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) 01:07:29 executing program 0: pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x10000000013, &(0x7f0000000000)=0x2000000000000001, 0x4) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000180)='ip6gre0\x00', 0x10) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x2, &(0x7f0000000200)=0x7fff, 0x4) connect$inet(r3, &(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f0000000300)={0x0, 0xcbf, 0x80000001}, 0x14) r5 = fcntl$dupfd(r4, 0x0, r4) sendmsg$TIPC_NL_LINK_SET(r5, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)={0x30, 0x0, 0x106, 0x70bd2a, 0x25dfdbff, {}, [@TIPC_NLA_MEDIA={0x1c, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x4000005}, 0x400000a1) write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x140006, 0x0) 01:07:29 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000fffff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:07:29 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff0f0b0a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:07:29 executing program 4: clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x1) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x7f, 0xff, 0x9, 0xc9, 0x0, 0x1, 0x4802, 0x5, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x401, 0x2, @perf_config_ext={0xc1d, 0x1ff}, 0x10, 0x1, 0x0, 0x0, 0x80000000, 0x7b0, 0x8000, 0x0, 0xffff}, 0x0, 0xf, 0xffffffffffffffff, 0x8) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x30) [ 1371.072698][T15228] loop5: p1 p3 < > p4 < p5 > [ 1371.079703][T15226] loop2: p1 p3 < > p4 < p5 > [ 1371.092032][T15228] loop5: p1 start 838860800 is beyond EOD, truncated [ 1371.100406][T15226] loop2: p1 start 4279173120 is beyond EOD, truncated [ 1371.112261][T15228] loop5: p5 start 838860800 is beyond EOD, truncated [ 1371.122158][T15226] loop2: p5 start 4279173120 is beyond EOD, truncated [ 1371.123366][T15229] loop3: p1 p3 < > p4 < p5 > [ 1371.141739][T14996] Bluetooth: hci0: Frame reassembly failed (-84) [ 1371.158704][T15229] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1371.168186][T15229] loop3: p5 size 11290111 extends beyond EOD, truncated 01:07:29 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000002ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:07:29 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a00003fff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:07:29 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90303600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) [ 1371.430177][T15251] loop5: p1 p3 < > p4 < p5 > [ 1371.435163][T15229] loop3: p1 p3 < > p4 < p5 > [ 1371.440705][T15251] loop5: p1 start 1056964608 is beyond EOD, truncated [ 1371.450028][T15249] loop2: p1 p3 < > p4 < p5 > [ 1371.454973][T15249] loop2: p1 start 33554432 is beyond EOD, truncated [ 1371.462345][T15229] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1371.473324][T15251] loop5: p5 start 1056964608 is beyond EOD, truncated [ 1371.481462][T15249] loop2: p5 start 33554432 is beyond EOD, truncated [ 1371.491523][T15229] loop3: p5 size 11290111 extends beyond EOD, truncated 01:07:29 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff100b0a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1371.678483][T15249] loop2: p1 p3 < > p4 < p5 > [ 1371.688226][T15249] loop2: p1 start 33554432 is beyond EOD, truncated [ 1371.698622][T15249] loop2: p5 start 33554432 is beyond EOD, truncated [ 1371.718234][T15227] print_req_error: 136 callbacks suppressed [ 1371.718246][T15227] blk_update_request: I/O error, dev loop3, sector 264064 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 1371.738586][T15235] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 1371.757725][T15237] blk_update_request: I/O error, dev loop3, sector 9 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 01:07:30 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000040ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:07:30 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000003ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1371.771139][T15245] blk_update_request: I/O error, dev loop3, sector 264064 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 1371.783528][ T356] __loop_clr_fd: partition scan of loop3 failed (rc=-16) [ 1371.798089][ T119] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1371.809388][ T119] buffer_io_error: 113 callbacks suppressed [ 1371.809396][ T119] Buffer I/O error on dev loop3p4, logical block 0, async page read 01:07:30 executing program 0: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x10000000013, &(0x7f0000000000)=0x2000000000000001, 0x4) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000180)='ip6gre0\x00', 0x10) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x1d, 0x8, 0x101, 0xa68, 0x190, 0x1, 0x7, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x0, 0x4}, 0x40) write$binfmt_misc(r4, &(0x7f0000000240)={'syz0', "407504bf3014ddcf1741728efdec8e37e729828cf5bfe9ed968607234e1b72c687ef946f07999d028ee149b982f512d35931d99435b3c8072db5fc36d39961336bfc8a16abd92e36d6a2fd6fb2b5b277"}, 0x54) r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r5, 0x0) preadv(r5, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x12, &(0x7f0000000200)=0x7fff, 0x4) connect$inet(r3, &(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f0000000300)={0x0, 0xcbf, 0x80000001}, 0x14) write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x140006, 0x0) [ 1371.823452][ T119] blk_update_request: I/O error, dev loop3, sector 264064 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1371.834780][ T119] Buffer I/O error on dev loop3p1, logical block 33008, async page read [ 1371.843250][ T119] blk_update_request: I/O error, dev loop3, sector 264064 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1371.854553][ T119] Buffer I/O error on dev loop3p5, logical block 33008, async page read [ 1371.862930][ T119] blk_update_request: I/O error, dev loop3, sector 9 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 01:07:30 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90603600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) [ 1371.873795][ T119] Buffer I/O error on dev loop3p3, logical block 0, async page read [ 1371.881969][ T119] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1371.893329][ T119] Buffer I/O error on dev loop3p4, logical block 0, async page read [ 1371.901556][ T119] blk_update_request: I/O error, dev loop3, sector 9 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1371.912430][ T119] Buffer I/O error on dev loop3p3, logical block 0, async page read [ 1371.920471][ T119] Buffer I/O error on dev loop3p4, logical block 0, async page read [ 1371.928588][ T119] Buffer I/O error on dev loop3p3, logical block 0, async page read [ 1371.937048][ T119] Buffer I/O error on dev loop3p4, logical block 0, async page read [ 1371.945054][ T119] Buffer I/O error on dev loop3p3, logical block 0, async page read [ 1372.085597][T15263] loop5: p1 p3 < > p4 < p5 > [ 1372.100279][T15263] loop5: p1 start 1073741824 is beyond EOD, truncated [ 1372.110336][T15263] loop5: p5 start 1073741824 is beyond EOD, truncated [ 1372.141630][T15276] loop3: p1 p3 < > p4 < p5 > [ 1372.148203][T15276] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1372.181669][T15276] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1372.224078][T15277] loop2: p1 p3 < > p4 < p5 > [ 1372.229890][T15277] loop2: p1 start 50331648 is beyond EOD, truncated [ 1372.239489][T15277] loop2: p5 start 50331648 is beyond EOD, truncated 01:07:30 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90803600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) 01:07:30 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000046ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:07:30 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000004ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1372.423411][T15284] loop5: p1 p3 < > p4 < p5 > [ 1372.429485][T15284] loop5: p1 start 1174405120 is beyond EOD, truncated [ 1372.438621][T15284] loop5: p5 start 1174405120 is beyond EOD, truncated [ 1372.491302][T15288] loop2: p1 p3 < > p4 < p5 > [ 1372.496300][T15288] loop2: p1 start 67108864 is beyond EOD, truncated [ 1372.504779][T15288] loop2: p5 start 67108864 is beyond EOD, truncated [ 1373.185851][T14541] Bluetooth: hci0: command 0x1003 tx timeout [ 1373.191872][ T9371] Bluetooth: hci0: sending frame failed (-49) [ 1375.265784][ T1216] Bluetooth: hci0: command 0x1001 tx timeout [ 1375.271858][ T9371] Bluetooth: hci0: sending frame failed (-49) [ 1377.345750][ T1216] Bluetooth: hci0: command 0x1009 tx timeout 01:07:39 executing program 4: bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000100)={0xffffffffffffffff, 0xd, 0x1, 0x7f, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0], 0x4}, 0x20) clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x30) 01:07:39 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff110b0a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:07:39 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000048ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:07:39 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000005ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:07:39 executing program 0: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket$inet_udp(0x2, 0x2, 0x0) close(r1) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r2, 0x6, 0x10000000013, &(0x7f0000000000)=0x2000000000000001, 0x4) setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000180)='ip6gre0\x00', 0x10) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r3, 0x0) preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet_tcp_int(r2, 0x6, 0x2, &(0x7f0000000200)=0x7fff, 0x4) r4 = accept4(r3, &(0x7f0000000240)=@nl=@proc, &(0x7f00000001c0)=0x80, 0x800) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r1, 0x89f3, &(0x7f0000000140)={'syztnl0\x00', &(0x7f0000000040)={'syztnl1\x00', 0x0, 0x6e09692a58180306, 0x20, 0x1, 0x8, {{0x13, 0x4, 0x1, 0x6, 0x4c, 0x64, 0x0, 0xfb, 0x29, 0x0, @dev={0xac, 0x14, 0x14, 0x12}, @multicast2, {[@rr={0x7, 0x7, 0x6f, [@empty]}, @rr={0x7, 0x13, 0xdb, [@dev={0xac, 0x14, 0x14, 0x1c}, @broadcast, @broadcast, @dev={0xac, 0x14, 0x14, 0xd}]}, @timestamp_prespec={0x44, 0x1c, 0x80, 0x3, 0x0, [{@empty, 0x1}, {@broadcast, 0xfffffeff}, {@broadcast, 0x7fffffff}]}]}}}}}) sendmsg$MPTCP_PM_CMD_DEL_ADDR(r4, &(0x7f00000003c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x10011}, 0xc, &(0x7f0000000380)={&(0x7f0000000480)={0x70, 0x0, 0x8, 0x70bd27, 0x25dfdbfd, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x5}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_ADDR={0x48, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @broadcast}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xe}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e21}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x2}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x1}]}, 0x70}, 0x1, 0x0, 0x0, 0x48001}, 0x40000) connect$inet(r2, &(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendto$inet(0xffffffffffffffff, &(0x7f0000000400)="ba9ffc48ad46cb583786c2273922221255b0bd12358e3df7247ec5b9e881cb97854f7e8d9bf30b65f050c67230701829b9082113f9cee1bc558c0f6df202e69f1a4fcf2e6bfa0273b7607a953f", 0x4d, 0x840, &(0x7f0000000340)={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x2e}}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r2, 0x6, 0x1d, &(0x7f0000000300)={0x0, 0xcbf, 0x80000001}, 0x14) write$binfmt_misc(r0, &(0x7f0000000040)=ANY=[], 0xfffffecc) splice(0xffffffffffffffff, 0x0, r1, 0x0, 0x140006, 0x0) 01:07:39 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b91003600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) [ 1381.222045][T14996] Bluetooth: hci0: Frame reassembly failed (-84) [ 1381.249741][T15302] loop3: p1 p3 < > p4 < p5 > [ 1381.256437][T15302] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1381.273949][T15302] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1381.296942][T15306] loop5: p1 p3 < > p4 < p5 > [ 1381.301913][T15306] loop5: p1 start 1207959552 is beyond EOD, truncated [ 1381.313418][T15306] loop5: p5 start 1207959552 is beyond EOD, truncated 01:07:39 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a00004cff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1381.340991][T15308] loop2: p1 p3 < > p4 < p5 > [ 1381.348223][T15308] loop2: p1 start 83886080 is beyond EOD, truncated [ 1381.357986][T15308] loop2: p5 start 83886080 is beyond EOD, truncated 01:07:39 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff120b0a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:07:39 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000006ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:07:39 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b9e003600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) [ 1381.556415][T15320] loop3: p1 p3 < > p4 < p5 > [ 1381.561236][T15320] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1381.585858][T15320] loop3: p5 size 11290111 extends beyond EOD, truncated 01:07:39 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff130b0a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1381.630710][T15319] loop5: p1 p3 < > p4 < p5 > [ 1381.650275][T15319] loop5: p1 start 1275068416 is beyond EOD, truncated [ 1381.667302][T15319] loop5: p5 start 1275068416 is beyond EOD, truncated [ 1381.676978][T15327] loop2: p1 p3 < > p4 < p5 > [ 1381.709812][T15327] loop2: p1 start 100663296 is beyond EOD, truncated [ 1381.726953][T15327] loop2: p5 start 100663296 is beyond EOD, truncated [ 1381.860454][T15334] loop3: p1 p3 < > p4 < p5 > [ 1381.868039][T15334] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1381.877716][T15334] loop3: p5 size 11290111 extends beyond EOD, truncated 01:07:40 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000007ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1381.915557][T15319] loop5: p1 p3 < > p4 < p5 > [ 1381.926702][T15319] loop5: p1 start 1275068416 is beyond EOD, truncated [ 1381.947215][T15319] loop5: p5 start 1275068416 is beyond EOD, truncated [ 1382.055620][T15339] loop2: p1 p3 < > p4 < p5 > [ 1382.060916][T15339] loop2: p1 start 117440512 is beyond EOD, truncated [ 1382.073932][T15339] loop2: p5 start 117440512 is beyond EOD, truncated [ 1382.170526][T15339] loop2: p1 p3 < > p4 < p5 > [ 1382.187786][T15339] loop2: p1 start 117440512 is beyond EOD, truncated [ 1382.213518][T15339] loop2: p5 start 117440512 is beyond EOD, truncated [ 1382.287839][ T148] loop2: p1 p3 < > p4 < p5 > [ 1382.294895][ T148] loop2: p1 start 117440512 is beyond EOD, truncated [ 1382.303525][ T148] loop2: p5 start 117440512 is beyond EOD, truncated [ 1383.265241][ T1216] Bluetooth: hci0: command 0x1003 tx timeout [ 1383.271483][ T9371] Bluetooth: hci0: sending frame failed (-49) [ 1385.345175][ T372] Bluetooth: hci0: command 0x1001 tx timeout [ 1385.351198][ T9371] Bluetooth: hci0: sending frame failed (-49) [ 1387.425053][ T372] Bluetooth: hci0: command 0x1009 tx timeout 01:07:49 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000052ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:07:49 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff140b0a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:07:49 executing program 0: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x10000000013, &(0x7f0000000000)=0x2000000000000001, 0x4) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000180)='ip6gre0\x00', 0x10) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r5 = epoll_create1(0x0) write(r5, &(0x7f0000000a80)="3bc23bcc4d961cc38315b1e288cde41eb6484cc92be674936cfd62bf5354dfa671bea9c4649a114b6f05fd2f0173d6ef35eb43e0c92389dd8d37e8c009c9c460690cbc23e8921d3e1d6e3f928e7fc8241dfa5ea54f848191a750f3eff4605ee708c573c829f3d40fcb31d501a551c78c6ece3face32922be6770fce0c097a4e8bf80f4cdd1d22f37c77c6875513cfcb1c5feac23576cfb534c6cf6928269433a959bedb89c4b8eff84d709bf9cc6a6dfef16e838145aba4be6a5a057bc6d94e5f094f9d7a340ec20e3a8eba584cecffef23f005b49bd779154b3dbabec1d3a347168b02e1d9f3360f213c1572f15dd797883f109c0c37c8ed9ecc42128dee59c28ee00f4628265c077faac13b52fe05fadf1c09954ffaa7ce1581cc7e01e16aac20930d8103bd6a29d7a68eba7fb345b170c76ae71e72556a5784651de6ec05c58dc8ed83d1659eed090365dc85bd83f40c4bfd896184fd00290e4ea273bb6d51fc172a76c353364ead9ed14f692aaf4294288ec94b71ba870c466fbd5d290c30bb1ae568aa9d590ee17525be6ac909d63c6d15924bad1e884224a0dc39eb8998d46acf446bf5d1110e22d4d4f0435b759b404c3eaffbbafa4c4cc13edf5b1f9a380c53386707470a9ca1d89b5d8d3de54fc3d92e4b9f512d79be8f213f89ca92c50de84d4d1725e3868a8aafb1c4de4d16391cb4c04fa5161909c8d2f2c489dd6a12b58c2250a07de617ac6bb0b5ac23684fc0094bbaa5390c46d652b6eaae81a5a2906be0024f1b2a658fa2582c37f3d298bbf6f0c7f6fc07e3fd697233357cbf65c7aebdecb066c6966a1bf63166b1f3a278809cbd0445fee3b2aa6a3f913027c910d6fb3dcd2e6b4726cb80c5a6c1d6c8a9e8de0c89f624c994169d5381bb2d307ed87a6038aae6ef3676eacc2c5ae4e927779138663c7d7d85c25aa0cf9aa20eab9ec41f8ef56c3b4d88d8cc3d694ececfc79c851046203d222adaeec3e7dcc7c2db6bf0e87e179c57265b5811fc8e32ca85da82edce1a6abdd215ac1925e48c90e6413f1bc8f4010392f0fa962a7d97436f0cf24beca2ffb2a143f56e27fbe1c2e17da047e296b4f3954d50c37b4bfda40b27d71f0ac7fb836334ff04b562f5ca04080db8dfc7b69f233fb6d9c281ab672c3359279a48e51451760b735e7ed58a85ea26c718281d66eeb749dabdbbcff1c3e676da4f3318a8e7fa5003e591f2e8a0b6f8c473e0b01f15a8702a705c315e50c1a2fbd2b027b538bcfb61d754d449bd963836619ca37413d9e304f28298179d4adfca902f4bfd2d62f081aa23c26d08ed30257f3fe35a1b7fdea4cbd69f880d13b12fa803baedc144361e29706935931ac2c3bde5018c8b458a3168106b811e5d2687f4b47749a44f6788dd1763ab75232391df333029289b1f724592fa2eec836fc75dfda4dd4d8e8a936a954cdbbf54ee134a1f87c4a2e49f7b0968382072dd38aa842f67e3d2e05cfb0b779f360b027ed1bbbc9096d0e072d444793c140593593b329e46e7cead0a49aed069e8b443594cae24c394d616444899879b9a5ad59f4ce021f0f059b3412744d0615c142486e4c056df74599da6736c35620c345b5c31c0bac712c60046f1d012fc9d3e6310be26384fca1d54e4ef446010db4a758d344e458a0cf6470f5fc4585a46d57a0b3691368967e35ed9a2754cac5309c5e1762452f29dc44b111ecc84e776833ae0ef8aef3a766e86eb07e4e22a4213af94c8e877791819dec7355e988f33fb7e95c16ed3fafe34707bc26db63edb3cbd99601f4cc90273c95aaa24443e98f2fc025533993b2db609bbe3d239650478347524438731a29f91b87747c13b139c63c5b6b220868e4f2b0249793e4225009de03cfc167a62ac7cf998c8d11a225544bf223f33a1e9d8c93334c73613c8f5b69f45ff9dd774d8db846c448b5a8d180b2d81d39525863dba76bc7332746c83eb4391bcbbea32a958a26be6520f760442143c098749ea427cda19837b8a28d0978aab071b5c914018c8336e29faa6c5613ca55c5bbc78b44021cd0b944a2e2d5c444a79a9df71624352cf4478354d19f28a6566e46208363475817afde338382636b39fb2a4633369f8b26cc93bd7e84bd5f6558bfb8ce1fce3c9c7f6b01c8ecb4935f0bac1285134f215e6302347c86cd308aff296d472527e2670b3dc4baca41bba68ee76fc71fc27d5544b7ef81f3b0823094503cce829c31097a3524970b2ebba7b297a3adda6a3df60dcd9c748242fcf703c3f92fdbbff4f3bc2fff6a5b50c0d1fd410ff68535cadda0411c32dd3d9e95577628a5968468dc48cabcd5a40a5a1b13b88f8668aa5823402788f6f02cd0f5e4d42bb231c3cf6d5227605196d8d46da406f18975cc688e9ed643e6c39d438dfdaa032b7846151caf9b4458c54be1cd74d4c063c0577769d6cf06e42b44114a1491e391f18c6cf04b674799876344b202df738087d264594679b11ab48e45cfbef7cb1c818594d228d94764d7570144bef98f1d3f14ca812123d85968a01ea6c8a12b4772ad7776282933d0da9e3075b92805b2f93614abb683a5f868d93a6a99364d5835cf40cc77e8d8297b3f3f0aa825d1dabaf5f21a916d75dc806845a9e7617beab49791195afb81674d1943f0c493eb36c486613836a5bf2f2a81a4f965b01c70914373ee73f0889f792f81d60971a022c01ef9e5effa038212ff757d237c9c82378d42eb08637791d5f3fb925c8afef382cb505c7ef44cb59c89fbc7a7c2a37d1da919dbefdb659f4fb7fd3d6b74f791e4bf0a5dd1576cc40a9e681b1fcd389c0b2c1eab901d974499655fdc08b8bc791b174ad21042c78bbbcb23dc26a1849b4e286a9c12e806bb925f3eb785870ccda805bb7672d2459e78a2adc7008685d3205be484c6c306ad1eac47b844bfb7507d9fa1befa7dfbd3f881f49ebcd9ab68fa514dc489ea06285bd4133594e06984f8c1f60c5f35675ce6dba598ca61f4f0a9f79171869335619113c75055f9e78e39d6f5f51b8e7708357ea3431a31db115da7ee6d76fb608a71e62733e1d5773c320f99b7a562727c50fc601626463f22bef227731a14910eb1cda62815c62977ed74834fb9a4d7fad4d2ebff5655b9dab377be0c8c7d5fa8065d5bf809b7b929b3e886b91d0c0e42dced4c54b394198d154c9c53288d2d11cf65b97cd3af54a04763505ed2181488706a5a43b0346bee3cea849df971935e638f38c8e3172af967b6b7097256cec959d5ed3b6188b38413be216b11b62b0ae9596f229cc0e9452a97c4bb53cca831f12ff75c4a2750a8dcea8fec25411682363d33f67d305a333b5fab943d3b04bbb7a1a3d12d60fceb098c941ee6a7993eb4e81f6491597f33057478b3945eec9d02afb98ff181405a3cb04c1e1f4e5e52a665f45c6b20e4d4477252a4f01cf3c963ab50c1692e2ead0b72db11a07d8bedbc8f07093bf820fa17b10db9e18ff11177f7768d8a90b1de0e7f8ddd4b3b0b251318c3af92418c7e6115b0f5b14bad8929aa57c0a826274a6d26d6f9aaa6ac88725ec456c653b6daac0f318c4d2b103f1044e2ddf96f328b2e894f58c249aaea7c6cfcb7cdae28eeb98c46029246262fe85e57e08b869548a38092a6e5d7f51e80561258af581997441e1cf3c27e7b35a952748fefd45df471484255d8eb114297500b001506a16bc027bc9f2fedccd14e591a599801cba85ba6fbbd7c44f6971af5582859392da4f0c40206f12b4511e061b020eb162d9f8fe9f83e779a0c0a4a4a68fe4fa9d1bef9dd6e479b1a2156d39a03b0361789de269536db8ff7444e9d76e0e5a1d3b3266f027f3b4608da72c86227d26b30e9c9f2a922934c17f182253e47cc86711feab40475a96cc34340a3b65bdde16e52e9254f8326f111d51e7051dd38961f62595a06de7c5c1d23fc85d374ea9c067575cdd4834ca1de3ac20db76cf8a423e61fffb2d908fd9a437ebc676b520d8789dc657899d380f1ee2d8c4357609744b04830293ab0b3f31ad20ccdaac6ecc9e62fe4e0714481f08f4a9a62cf483e4475a457c1a7146dec7381acf194bb3581f5dd5644c4b611c24b30618621fd71c3fb325f12b06d134b0d4f6c0831b9b10cbe4163122f14bd1c362e6b50844ce0d45b573753a44b0b1fccfe3a42a6b225a052aea889ca9488b29d5894069180e0904ac43dd12a731693b2fcf041480e459dbfbcb3032065e2e0468e5be8c7b82cea63ee3d6a5db6f238b5f331dfce394ec7cc5b9b012394f7ca15e9a69712c7fec5429a5c78f47442e4da38c9c0134767c4cc6ecc35177ff9e70adf8b8cdcb0e3bc018d26da8d64dc92f0b1b98445f7885501f59f8d90244409bf56967f17fe949906eaf1156e4b1e2d7a18d7e304ff86bf8f1d6f0723e5565f7c8c31d0247019a3a4923e166cbe6f9130a08f7d3fc8b771cfa42da71a695d18d6efeea8a9616a5d6fae6a9d4756fc38f2338fb867ac84070b9eb3f1b99645096a8ea57f60e112caa3025f7f05f2933851df80e0df73213ec9cda079a87c361c62634f4542bcb9c70c12d56428f9815584ebb1ae602982ac39a66b388ea6b70d2acdf1486aa1477342b080b60a119127f127f00b08b2ce598af3d735a9d451fe43003e9add1ee32085c6390a48beaf1921e984a94849de87a469309253836b873378afaaa5b41b1aeb3b704c715d87d45ad342b25f47e0cc86f337486dd97ccd1415ef0151cc68a840b6f91436fce8874a630cf15df86ce6832b39753b5f5cf44cea6ab51c9a1fe819e9234d837f02795b015fa5bac0778f197166c1620d9da9543e57fb75e3ec9e90cf5607af1703a19692575afbb6e9f439d5270370c847eb657f77e619fff1344f3cc8eea16d8a60dc765c50464daaf8fa87e3d0c487e32282eb4250281eb897e2218e478e1669aa9e0e55e301773dafa56256991a3abccd86e672d3abd2ec7ddf98b91ca6a2f2c55d97d522021bad06b4a6c2b0cbc72dc7565d777457e9872ab1c1467c81b5f41dfd7e42e44d03be35ce2d4f049ed1714d71b5f0152a29d9294ce13a5a066a171e8323b9f7b8eb52dad69f3f90b2533dce62b5bc096b8b3244bac45d95ff601231c146f5be3a9f933504dbb71ca92ec7fd71f0fb1fb85bbdaf81dfa42ee97e44372d15ab7dfc835fec57e61e3acd7d670d59e78d3c569e7d781d3f4cf4263ea08d5a0ec29df3fe39ed932f5de72bf420c3f82d116e588f4fefde2bea954f8ff6c2033c637be6a0be8051be43ecd3f8cc06ed0d4680c15ff14f8b389d508f341813c311688118e08f873b10c8a8b1ec2e3f998cb7fe456cd5ac5d0fff9ef01772ae01159fda802fd9f71c928a73b2ecac5c530217360415e651091426c8a25e007fa7d73e56e8792751f7513beff9b8d156814cc485a107caca48a39278fe1f27f6392364503facd512cfb81ac901be7842ec756c2398005f948b575549a2437b2ff553c1c5bc39e4bc3792f90769515f5631ffe1d3dc1dc019fb3de600db5947e8e7f699436897e26118b271f7b1550577b0dcc05132189d4a28c73290985551c2e19c9aed84366a046b5488bacda20cb4a34a0f14695ca679a38c4393e4147b6a27051f6e66c576d31b18a026f5ac8342ad6ef17f160589d769750cc76cd57228074db3014138ef0ac1f2f9005e2cdd6d511b0dde65047e1f57921778c0b58ec5d2f1e7b2b52f610f82851370663702d72e78fbb9d971642834e5802be03c4d88d3b0535d83ae0ee0d9ece5ea4f8581826ae9276774a0100a738599ca0562", 0x1000) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x2, &(0x7f0000000200)=0x7fff, 0x4) openat(r1, &(0x7f0000000040)='./file0\x00', 0x20081, 0x17) write$binfmt_elf64(r3, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x9, 0x1, 0xf9, 0x0, 0x80000001, 0x3, 0x3, 0x9, 0x111, 0x40, 0x2f8, 0x1, 0x40, 0x38, 0x1, 0x9, 0x20, 0x6}, [{0x70000000, 0x3f, 0xeba, 0x7, 0x4, 0xe3, 0x2, 0xffffffffffffffac}], "dc80ae482367f116bd96c056bd82cb731e1f68d632626f20a43ff50a2e58ea52c491af4a4d5b1ab55de477e95d1c66496e0ba9980c15b426b7b83f076e73ced92d5e9e837988b4e6a613f4ce502f2faa9cf2291b1de75b1e019d89ccd7fd32c05c29a767b865478a50878d0199e27cdc995c0e00a05827eed04c73b818b97b08baad374524ac254636c500dd5ea1a4689366828e97fc43991de0c56e", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x714) connect$inet(r3, &(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f0000000300)={0x3, 0xcbf, 0x80000001}, 0x14) write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x140006, 0x0) 01:07:49 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000008ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:07:49 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90102600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) 01:07:49 executing program 4: clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) clone(0x0, &(0x7f0000000100)="f73e6b13135e0ab17c36134c16b9c32d0b0aae752238c4bb00e1276024aec82af160894a239fdfccaf6b475d1a82b738b45ad70ac1ac3f1e89af7e98d06786bad3896e6ed1e26000af4941ce76323aaf667d0c3c11274d3560", &(0x7f0000000180), &(0x7f00000001c0), &(0x7f0000000200)="cdae12a72e7b633844a44653342c251d8a0a0aa38d18e46c96f2eafc3a49ddb59aafcf54208771a6e7a06a") exit_group(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000240)='attr/keycreate\x00') r1 = getpid() sched_setattr(r1, &(0x7f0000000040)={0x72, 0x2, 0x0, 0x0, 0x8}, 0x0) perf_event_open(0x0, r1, 0x400000809, 0xffffffffffffffff, 0x8) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/bus/cpu', 0x622400, 0x0) ioctl$TCSBRK(r2, 0x5409, 0x7) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x30) 01:07:49 executing program 0: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x10000000013, &(0x7f0000000000)=0x2000000000000001, 0x4) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000180)='ip6gre0\x00', 0x10) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r4, 0x0) bpf$ITER_CREATE(0x21, &(0x7f0000000040)={r0}, 0x8) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x2, &(0x7f0000000200)=0x7fff, 0x4) connect$inet(r3, &(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f0000000300)={0x0, 0xcbf, 0x80000001}, 0x14) write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x140006, 0x0) [ 1391.461287][T14996] Bluetooth: hci0: Frame reassembly failed (-84) [ 1391.547721][T15352] loop3: p1 p3 < > p4 < p5 > [ 1391.553432][T15350] loop5: p1 p3 < > p4 < p5 > [ 1391.558834][T15352] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1391.561283][T15350] loop5: p1 start 1375731712 is beyond EOD, truncated [ 1391.572506][T15352] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1391.584231][T15350] loop5: p5 start 1375731712 is beyond EOD, truncated [ 1391.619582][T15358] loop2: p1 p3 < > p4 < p5 > [ 1391.625376][T15358] loop2: p1 start 134217728 is beyond EOD, truncated [ 1391.633643][T15358] loop2: p5 start 134217728 is beyond EOD, truncated [ 1391.663387][T15354] print_req_error: 34 callbacks suppressed [ 1391.663407][T15354] blk_update_request: I/O error, dev loop2, sector 22656 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 01:07:50 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000055ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1391.714985][ T95] blk_update_request: I/O error, dev loop2, sector 22656 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1391.726233][ T95] buffer_io_error: 28 callbacks suppressed [ 1391.726242][ T95] Buffer I/O error on dev loop2, logical block 2832, async page read 01:07:50 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff150b0a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:07:50 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90110600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) [ 1391.919647][ T148] loop3: p1 p3 < > p4 < p5 > [ 1391.924738][ T148] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1391.932049][T15358] loop2: p1 p3 < > p4 < p5 > [ 1391.937307][T15358] loop2: p1 start 134217728 is beyond EOD, truncated [ 1391.946351][ T148] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1391.955664][T15358] loop2: p5 start 134217728 is beyond EOD, truncated 01:07:50 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000009ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1391.965656][T15371] loop3: p1 p3 < > p4 < p5 > [ 1391.971304][T15371] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1391.979532][T15379] loop5: p1 p3 < > p4 < p5 > [ 1391.984576][T15379] loop5: p1 start 1426063360 is beyond EOD, truncated [ 1391.996204][T15379] loop5: p5 start 1426063360 is beyond EOD, truncated [ 1392.005037][T15371] loop3: p5 size 11290111 extends beyond EOD, truncated 01:07:50 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b901e0600040f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) 01:07:50 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff160b0a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1392.263046][T15379] loop5: p1 p3 < > p4 < p5 > [ 1392.268235][T15379] loop5: p1 start 1426063360 is beyond EOD, truncated [ 1392.277044][T15379] loop5: p5 start 1426063360 is beyond EOD, truncated [ 1392.285904][ T148] loop2: p1 p3 < > p4 < p5 > [ 1392.290811][ T148] loop2: p1 start 150994944 is beyond EOD, truncated [ 1392.299342][ T148] loop2: p5 start 150994944 is beyond EOD, truncated [ 1392.307723][T15385] loop2: p1 p3 < > p4 < p5 > 01:07:50 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a00f958ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1392.312638][T15385] loop2: p1 start 150994944 is beyond EOD, truncated [ 1392.326341][T15385] loop2: p5 start 150994944 is beyond EOD, truncated 01:07:50 executing program 0: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x10000000013, &(0x7f0000000000)=0xf3c7, 0x4) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000180)='ip6gre0\x00', 0x10) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r4, 0x0) preadv(r4, &(0x7f0000002700)=[{&(0x7f0000000340)=""/4096, 0x1000}, {&(0x7f0000000240)=""/147, 0x93}, {&(0x7f0000001340)=""/197, 0xc5}, {&(0x7f0000001440)=""/210, 0xd2}, {&(0x7f0000000080)=""/23, 0x17}, {&(0x7f0000001540)=""/178, 0xb2}, {&(0x7f0000001600)=""/198, 0xc6}, {&(0x7f0000001700)=""/4096, 0x1000}], 0x8, 0xd9f, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x2, &(0x7f0000000200)=0x7fff, 0x4) connect$inet(r3, &(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r3, 0xffffc000) preadv(r3, &(0x7f0000000280), 0x0, 0x100d9f, 0x0) poll(&(0x7f0000000040)=[{0xffffffffffffffff, 0xc5a5}, {r0, 0x2010}, {r4, 0x2}, {r4, 0x4204}, {r5, 0x80}], 0x5, 0x0) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f0000000300)={0x0, 0xcbf, 0x80000001}, 0x14) write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x140006, 0x0) [ 1392.445690][ T148] loop3: p1 p3 < > p4 < p5 > [ 1392.453044][ T148] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1392.462858][ T148] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1392.473911][T15398] loop3: p1 p3 < > p4 < p5 > [ 1392.479224][T15398] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1392.488907][T15398] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1392.499654][T15399] loop5: p1 p3 < > p4 < p5 > [ 1392.505084][T15399] loop5: p1 start 1492713472 is beyond EOD, truncated [ 1392.513379][T15399] loop5: p5 start 1492713472 is beyond EOD, truncated [ 1392.545219][T15385] loop2: p1 p3 < > p4 < p5 > [ 1392.551255][T15385] loop2: p1 start 150994944 is beyond EOD, truncated [ 1392.560072][T15385] loop2: p5 start 150994944 is beyond EOD, truncated [ 1392.569758][ T148] loop3: p1 p3 < > p4 < p5 > [ 1392.574841][ T148] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1392.584274][ T148] loop3: p5 size 11290111 extends beyond EOD, truncated 01:07:50 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a00000aff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:07:50 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600003f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) [ 1392.755777][T15410] loop2: p1 p3 < > p4 < p5 > [ 1392.760631][T15410] loop2: p1 start 167772160 is beyond EOD, truncated [ 1392.785236][T15410] loop2: p5 start 167772160 is beyond EOD, truncated [ 1392.849929][T15374] blk_update_request: I/O error, dev loop2, sector 9 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 1392.864588][T15360] blk_update_request: I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 1392.877438][T15410] __loop_clr_fd: partition scan of loop2 failed (rc=-16) [ 1392.891959][ T119] blk_update_request: I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1392.902883][ T119] Buffer I/O error on dev loop2p4, logical block 0, async page read [ 1392.913904][ T119] blk_update_request: I/O error, dev loop2, sector 9 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1392.924841][ T119] Buffer I/O error on dev loop2p3, logical block 0, async page read [ 1392.939942][T15410] loop_reread_partitions: partition scan of loop2 () failed (rc=-16) [ 1393.504657][T14541] Bluetooth: hci0: command 0x1003 tx timeout [ 1393.510689][ T9371] Bluetooth: hci0: sending frame failed (-49) [ 1395.584572][T14541] Bluetooth: hci0: command 0x1001 tx timeout [ 1395.590608][ T9371] Bluetooth: hci0: sending frame failed (-49) [ 1397.664478][T14541] Bluetooth: hci0: command 0x1009 tx timeout 01:07:59 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff170b0a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:07:59 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000059ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:07:59 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a00000bff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:07:59 executing program 0: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x10000000013, &(0x7f0000000000)=0x2000000000000001, 0x4) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000180)='ip6gre0\x00', 0x10) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r4, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r5, 0x0) preadv(r5, &(0x7f0000000280), 0x18, 0xd9f, 0x0) mmap(&(0x7f0000122000/0x3000)=nil, 0x3000, 0x1000004, 0x4000010, r5, 0x62aaf000) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x2, &(0x7f0000000200)=0x7fff, 0x4) connect$inet(r3, &(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f0000000300)={0x0, 0xcbf, 0x80000001}, 0x14) write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x140006, 0x0) 01:07:59 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600005f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) 01:07:59 executing program 4: clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) r0 = gettid() r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) r2 = perf_event_open(0x0, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x1) wait4(r0, &(0x7f0000000240), 0x1, &(0x7f0000000280)) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf) clone(0x20000, &(0x7f0000000080)="2dec830b45011a6c46ca3aec2f48d58682aa889e8475a40d60eb7d5455a5a6d9ddc5fdfad27e7b2629ac8c5b43475d", &(0x7f0000000100), &(0x7f0000000140), &(0x7f0000000180)="aa021c663a7e355a39b4e4547c40bbaed5583b39ce160ff5e5ea77a5b4976d022d1ea276b799e87f6704f922d17de31707a2e9209da2f5aa616c8041c1864c1beb20c8fe92f91acc6510db65bb6cb7e5b57e857ed7c422b9932efaba769292d1b6f3436357ac3f4dc931e6e74d5af1520eb9f8726f65d99a7b2642b64a0ad5548d3898") r3 = getpid() sched_setattr(r3, &(0x7f0000000040)={0x72, 0x2, 0x0, 0x0, 0x8}, 0x0) perf_event_open(&(0x7f0000000380)={0x4, 0x80, 0x2, 0x7, 0x40, 0x2, 0x0, 0x7, 0x84001, 0x5, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000340)}, 0x4480, 0x6, 0x5, 0x3, 0x5, 0x1, 0x6, 0x0, 0x271541be, 0x0, 0x2}, r3, 0x10, r2, 0x2) ioctl$KDADDIO(r1, 0x400455c8, 0x4) r4 = getpid() sched_setattr(r4, &(0x7f0000000040)={0x72, 0x2, 0x0, 0x0, 0x8}, 0x0) ptrace$setopts(0x4206, r4, 0xfffffffffffffffa, 0x25) r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r5, 0x0) preadv(r5, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000400)=0x7) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000000)=0x30) [ 1401.711679][T10939] Bluetooth: hci0: Frame reassembly failed (-84) [ 1401.720274][T10939] Bluetooth: hci0: received HCILL_GO_TO_SLEEP_ACK in state 0 [ 1401.720351][T15422] loop5: p1 p3 < > p4 < p5 > [ 1401.748153][ T163] Bluetooth: hci1: Frame reassembly failed (-84) 01:08:00 executing program 4: clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0xf, 0xffffffffffffffff, 0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$TCSETS(r1, 0x5402, &(0x7f0000000140)={0x846, 0x40, 0xdd0f, 0x8c, 0x4, "87879bbf071e22e8e253d5469866dd3001fee7"}) r2 = openat$null(0xffffffffffffff9c, &(0x7f0000000080), 0x101080, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000100)=0x13) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x30) [ 1401.758319][T15422] loop5: p1 start 1493172224 is beyond EOD, truncated [ 1401.792782][T15422] loop5: p5 start 1493172224 is beyond EOD, truncated [ 1401.835878][T15425] loop2: p1 p3 < > p4 < p5 > [ 1401.849635][T15428] loop3: p1 p3 < > p4 < p5 > [ 1401.860141][T15425] loop2: p1 start 184549376 is beyond EOD, truncated [ 1401.872589][T15428] loop3: p1 size 11290111 extends beyond EOD, truncated 01:08:00 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000159ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1401.882976][ T148] loop5: p1 p3 < > p4 < p5 > [ 1401.888078][ T148] loop5: p1 start 1493172224 is beyond EOD, truncated [ 1401.897352][T15425] loop2: p5 start 184549376 is beyond EOD, truncated [ 1401.907622][ T163] Bluetooth: hci2: received HCILL_GO_TO_SLEEP_ACK in state 0 [ 1401.915824][T15428] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1401.924581][ T148] loop5: p5 start 1493172224 is beyond EOD, truncated 01:08:00 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a00000cff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1402.109834][ T148] loop5: p1 p3 < > p4 < p5 > [ 1402.114791][ T148] loop5: p1 start 1493237760 is beyond EOD, truncated [ 1402.123983][ T148] loop5: p5 start 1493237760 is beyond EOD, truncated [ 1402.132722][T15428] loop3: p1 p3 < > p4 < p5 > [ 1402.138348][T15450] loop5: p1 p3 < > p4 < p5 > [ 1402.143191][T15450] loop5: p1 start 1493237760 is beyond EOD, truncated [ 1402.147264][T15428] loop3: p1 size 11290111 extends beyond EOD, truncated 01:08:00 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600006f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) [ 1402.160061][T15428] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1402.167436][T15450] loop5: p5 start 1493237760 is beyond EOD, truncated [ 1402.179434][T15453] loop2: p1 p3 < > p4 < p5 > [ 1402.185658][T15453] loop2: p1 start 201326592 is beyond EOD, truncated [ 1402.196110][T15453] loop2: p5 start 201326592 is beyond EOD, truncated 01:08:00 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff180b0a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:08:00 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000060ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:08:00 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a00000dff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1402.386460][T15465] loop5: p1 p3 < > p4 < p5 > [ 1402.391437][T15465] loop5: p1 start 1610612736 is beyond EOD, truncated [ 1402.400454][T15465] loop5: p5 start 1610612736 is beyond EOD, truncated [ 1402.449549][ T148] loop5: p1 p3 < > p4 < p5 > [ 1402.456989][ T148] loop5: p1 start 1610612736 is beyond EOD, truncated [ 1402.467192][ T148] loop5: p5 start 1610612736 is beyond EOD, truncated [ 1402.496068][T15467] loop3: p1 p3 < > p4 < p5 > [ 1402.500993][T15467] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1402.511823][T15467] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1402.534584][T15471] loop2: p1 p3 < > p4 < p5 > [ 1402.539537][T15471] loop2: p1 start 218103808 is beyond EOD, truncated 01:08:00 executing program 0: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x10000000013, &(0x7f0000000000)=0x2000000000000001, 0x4) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000180)='ip6gre0\x00', 0x10) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r4, 0x0) r5 = accept4$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x0, @none}, &(0x7f0000000080)=0xe, 0x40800) setsockopt$SO_TIMESTAMPING(r5, 0x1, 0x41, &(0x7f0000000140), 0x4) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x2, &(0x7f0000000200)=0x7fff, 0x4) connect$inet(r3, &(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f0000000300)={0x0, 0xcbf, 0x80000001}, 0x14) write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x140006, 0x0) [ 1402.549744][T15471] loop2: p5 start 218103808 is beyond EOD, truncated 01:08:00 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600007f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) 01:08:00 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000068ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1402.658824][T15467] loop3: p1 p3 < > p4 < p5 > [ 1402.663754][T15467] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1402.680579][T15467] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1402.688426][T15471] loop2: p1 p3 < > p4 < p5 > [ 1402.693390][T15471] loop2: p1 start 218103808 is beyond EOD, truncated [ 1402.703397][T15471] loop2: p5 start 218103808 is beyond EOD, truncated [ 1402.725297][T15484] loop5: p1 p3 < > p4 < p5 > [ 1402.726067][ T148] loop3: p1 p3 < > p4 < p5 > [ 1402.730261][T15484] loop5: p1 start 1744830464 is beyond EOD, truncated [ 1402.744172][ T148] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1402.745354][T15484] loop5: p5 start 1744830464 is beyond EOD, truncated 01:08:01 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a00000eff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1402.760848][ T148] loop3: p5 size 11290111 extends beyond EOD, truncated 01:08:01 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff190b0a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1402.989483][T15484] loop5: p1 p3 < > p4 < p5 > [ 1402.994449][T15484] loop5: p1 start 1744830464 is beyond EOD, truncated [ 1403.004402][T15484] loop5: p5 start 1744830464 is beyond EOD, truncated [ 1403.017207][T15488] loop2: p1 p3 < > p4 < p5 > [ 1403.020657][ T148] loop5: p1 p3 < > p4 < p5 > [ 1403.022315][T15488] loop2: p1 start 234881024 is beyond EOD, truncated [ 1403.027205][ T148] loop5: p1 start 1744830464 is beyond EOD, truncated [ 1403.037157][T15488] loop2: p5 start 234881024 is beyond EOD, truncated [ 1403.042339][ T148] loop5: p5 start 1744830464 is beyond EOD, truncated [ 1403.075055][T15493] loop3: p1 p3 < > p4 < p5 > [ 1403.080000][T15493] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1403.089486][T15493] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1403.249185][T15488] loop2: p1 p3 < > p4 < p5 > [ 1403.254162][T15488] loop2: p1 start 234881024 is beyond EOD, truncated [ 1403.262259][T15488] loop2: p5 start 234881024 is beyond EOD, truncated [ 1403.314922][T15493] loop3: p1 p3 < > p4 < p5 > [ 1403.320758][T15493] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1403.329353][T15493] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1403.397110][ T148] loop2: p1 p3 < > p4 < p5 > [ 1403.402858][ T148] loop2: p1 start 234881024 is beyond EOD, truncated [ 1403.410954][ T148] loop2: p5 start 234881024 is beyond EOD, truncated [ 1403.744916][ T1216] Bluetooth: hci0: command 0x1003 tx timeout [ 1403.751092][T15448] Bluetooth: hci0: sending frame failed (-49) [ 1403.824110][ T1216] Bluetooth: hci1: command 0x1003 tx timeout [ 1403.830154][T15448] Bluetooth: hci1: sending frame failed (-49) [ 1403.984000][ T146] Bluetooth: hci2: command 0x1003 tx timeout [ 1403.990068][T15448] Bluetooth: hci2: sending frame failed (-49) [ 1405.823959][ T118] Bluetooth: hci0: command 0x1001 tx timeout [ 1405.830020][T15448] Bluetooth: hci0: sending frame failed (-49) [ 1405.903993][ T118] Bluetooth: hci1: command 0x1001 tx timeout [ 1405.910200][T15448] Bluetooth: hci1: sending frame failed (-49) [ 1406.063953][ T118] Bluetooth: hci2: command 0x1001 tx timeout [ 1406.069987][T15448] Bluetooth: hci2: sending frame failed (-49) [ 1407.903893][ T118] Bluetooth: hci0: command 0x1009 tx timeout [ 1407.983830][ T118] Bluetooth: hci1: command 0x1009 tx timeout [ 1408.143808][ T118] Bluetooth: hci2: command 0x1009 tx timeout 01:08:10 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a00006cff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:08:10 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600009f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) 01:08:10 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000010ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:08:10 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff1a0b0a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:08:10 executing program 4: clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x50000, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x30) r1 = syz_open_dev$tty20(0xc, 0x4, 0x0) syz_open_pts(r1, 0x2) 01:08:10 executing program 0: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x10000000013, &(0x7f0000000000)=0x2000000000000001, 0x4) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000180)='ip6gre0\x00', 0x10) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x24, &(0x7f0000000200)=0x7fff, 0x4) connect$inet(r3, &(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f0000000300)={0x0, 0xcbf, 0x80000001}, 0x14) write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x140006, 0x0) 01:08:10 executing program 4: clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace$setopts(0x4200, 0x0, 0xc00000000000, 0x2) exit_group(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, 0xffffffffffffffff, 0x944e6000) preadv(0xffffffffffffffff, &(0x7f0000000500)=[{&(0x7f0000000240)=""/161, 0xa1}, {&(0x7f0000000380)=""/77, 0x4d}, {&(0x7f0000000600)=""/170, 0xaa}, {&(0x7f0000000300)=""/71, 0x47}, {&(0x7f0000000580)=""/94, 0x5e}, {&(0x7f0000000400)=""/206, 0xce}], 0x6, 0xd9f, 0x3ff) ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x4) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x2) socket(0x29, 0x80000, 0x5) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40082404, &(0x7f0000000140)) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x72, 0x2, 0x0, 0x0, 0x8}, 0x0) syz_open_procfs(r2, &(0x7f0000000080)='net/sockstat6\x00') fadvise64(r1, 0x10001, 0x101, 0x3) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x30) exit_group(0x782) [ 1412.632235][T15509] loop2: p1 p3 < > p4 < p5 > [ 1412.637470][T15509] loop2: p1 start 268435456 is beyond EOD, truncated [ 1412.647196][T15509] loop2: p5 start 268435456 is beyond EOD, truncated [ 1412.657231][ T163] Bluetooth: hci0: Frame reassembly failed (-84) [ 1412.666004][ T163] Bluetooth: hci0: received HCILL_GO_TO_SLEEP_ACK in state 0 [ 1412.677111][T15511] loop5: p1 p3 < > p4 < p5 > 01:08:10 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000011ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1412.683138][T15511] loop5: p1 start 1811939328 is beyond EOD, truncated [ 1412.696838][T15514] loop3: p1 p3 < > p4 < p5 > [ 1412.701912][T15514] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1412.717371][T15511] loop5: p5 start 1811939328 is beyond EOD, truncated [ 1412.724571][T15514] loop3: p5 size 11290111 extends beyond EOD, truncated 01:08:11 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000074ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:08:11 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff1b0b0a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1412.943530][T15530] loop2: p1 p3 < > p4 < p5 > [ 1412.968083][T15530] loop2: p1 start 285212672 is beyond EOD, truncated [ 1412.982610][T15530] loop2: p5 start 285212672 is beyond EOD, truncated 01:08:11 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b9010360000af000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) 01:08:11 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000012ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:08:11 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a00007aff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1413.033973][T15535] loop5: p1 p3 < > p4 < p5 > [ 1413.038996][T15535] loop5: p1 start 1946157056 is beyond EOD, truncated [ 1413.047688][T15535] loop5: p5 start 1946157056 is beyond EOD, truncated [ 1413.094135][T15537] loop3: p1 p3 < > p4 < p5 > [ 1413.099067][T15537] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1413.134021][T15537] loop3: p5 size 11290111 extends beyond EOD, truncated 01:08:11 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff1c0b0a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1413.320282][T15546] loop5: p1 p3 < > p4 < p5 > [ 1413.325783][T15546] loop5: p1 start 2046820352 is beyond EOD, truncated [ 1413.338439][T15546] loop5: p5 start 2046820352 is beyond EOD, truncated [ 1413.376589][T15545] loop2: p1 p3 < > p4 < p5 > [ 1413.388212][T15545] loop2: p1 start 301989888 is beyond EOD, truncated [ 1413.398971][T15545] loop2: p5 start 301989888 is beyond EOD, truncated 01:08:11 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b9010360000bf000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) [ 1413.426461][ T148] loop3: p1 p3 < > p4 < p5 > [ 1413.431304][ T148] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1413.441053][ T148] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1413.452389][T15551] loop3: p1 p3 < > p4 < p5 > [ 1413.457632][T15551] loop3: p1 size 11290111 extends beyond EOD, truncated 01:08:11 executing program 0: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x10000000013, &(0x7f0000000000)=0x2000000000000001, 0x4) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000180)='ip6gre0\x00', 0x10) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r4, 0x0) r5 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1) sendmmsg(r5, &(0x7f00000024c0)=[{{&(0x7f0000000240)=@caif=@util={0x25, "5d42e1fd21e48022f10fc1f0f28dbc7b"}, 0x80, &(0x7f0000000140)=[{&(0x7f0000000340)="53ebf07a4f854d434c76cb0952f0ec74f723ace80427c90faed7d757669c50365472aa583794286b4a4eb657d21feef5fa451bf7b2c96452be6a846ef26127788337472e9fdfc354812c7eed95a77f52ce388aa0e79dbe2cf3457905d601fc93f432896c69133db3de0f58f90f5ed8735eaaa6ea51f76812e54e45e57dc231f295a9d0e47a4cfc8eac8990966eaf6196ef90c278acfb51579764", 0x9a}, {&(0x7f0000000400)="d00fd52e99fb19785421263b5377467b0034770bce97539fcc13d4de56bc3d477d47be22bede1871147255a4bff52e4895378031aca118c1733cdf8856b1410dbc24e2e1d1ae442049e3f6a6642890c803660892e65bfeb9e8d44ec4db17acc3f71a55953b3c94535eda76c8a0d7aadd8beffdf909b51ec018c568e9546c3648ec", 0x81}, {&(0x7f00000004c0)="1b5ab9f83b931f86000971e451d1c5a5d1951079168088056e9c286a4cee003793f3e2ee512a2dbd40e479bddf91c0465c989d0828fe1ed22385870f3ee6246e218e3e87c96c23e82270c0bfe25362c065e0288d7cbf218c997b889673aa1222e7d1257b4e829fb287f76c2461ba04814e8b999809c135d368515bdc510cdf6b9684a7dd78da0fbda8dbc615f0e37357e9e48ae58136119c683644b0f89f383b597c5ea3975128ff1834925feb824fd169206d", 0xb3}], 0x3, &(0x7f0000000580)=[{0x1010, 0x6, 0x3, "166a18f6e0621efd6b1218fbf4d339181bc8738588714b4ff027f9e3a421e9fef98aa82fb975d25518c6ee505a0d096b23b807764d51e2b2f1a787ffb81553c10e99b7232c08108c6fc650ac692611f4b5fc0f30df115ae5994ca0bff061e2373a85fff05d1f7bddd9ccdf0a676dd381598503a4df43b7e9397b41eb7c7ae5ab36d7e723566c4b949e2cd878fbb2dd471b09926551d81afbc079d75d0f18a7d46bbd18bcb5e80a6f43f14ea88569a5583ddf84efe0a0400937f5eacd4cda3e3bc97c2b785c5e42625156e6035ba4db18f5376b449ba4ce5536adb1c71184d7a6e1554e9e22341421f46145a3896cfde3e243cd550baa367645fdb25491dd17f8a14e9bba9e0830722cef0c97d212178b018e17144838fa830f6b93e90bca02d3133541c7a6afad9ec736a3fa181c2db8954d2a74428d532812560d6b971830c8493b2a1ce9a2f5a1a820f01c3739460063265a2b5f0c90663db1d40cd14b08e3a3f91d5914d6b7bf0e2a15a326f9f3c993383fe8c5abe356f5858fd624bc020ebdeed8617e560b58c0e459ccda7974ee61559800e8be559f00d474c4f61066f8a2d402cef9715f1b04325d282ed5be78697b372f3d3eee780c6c5b9a9685a0394b1fced5190e5e81edb0b3ca5f0c209bd3668553767a3065e7d86525e98012fca734bf34b0be8df0c6f76c931b74443d870ae3ca5e43c0ae9c7df8b94e9c8ee4b407bf1bd7aa5dbd6eb122140f955f66843ae7a47bd3db98c387cb5ea4b27dad0fa86b8fef58f5a25ed58183cd7f22ecb89e1ac2fdb84b15d40ce69b9950588635f4f0c1c66a8d6c5da4b5f8eee7e99ae8b7dda49fd23e4e3f90926d4331785c6b7c1d3b8e7d0afc7856adc8df0a6424ab167fa6ca5f25a8e6080ebac40ff7ec543c68f85d9701fc1de3d5e9e42e2726c7c56525b26009fd0048e311e12e3b82871878c408f84bc5665080ddea07051cf5b105e2df5357f968a4f24e89100df8fe696c944eb81bc745eb76c2086a06fabf4fc3ad18d1f797fc2e9c2f4444b85772ba89dcbfc20fcf91bf5061d8c6c82d06399a100dcbb94e6a9d547cacc248b0fb9fc698b369b3049fea257e22f4f4cbc438f6a0bb17b394b3587f6eee4ed128e3afb24403be362cefaa8b26027fcb73e57aec0634bdae2c4f0f9d9308a5250342063c3df612da3f771ab0700796333aca0249fc6cfce1d26910f947d605df8be883727baccf446a3d4c28657f5bbd79eb82906573880019680c3fb893e2de7759edde265577feedde890226d7f1c88d3a7eb1ab85b1c013522b4e6d0214f77161f2e14ec8a802b11ef1641a4b282e9ea9e244d8d1995f88763a5d5229f3eaa815120b19b8971265247d4718477ddaa0313d513140320e104dd4c29b7f0b78c4e997b04203242ab87b55fb77a9b83219ac0abb729b156210a3068346723ebf6a02090793826ce7be80c7c682526b3ab22c32ce03d6a2e2bf71fa85bb03c32e40ea920e10ae1999a0456623de7b0ee9a48f680329bf34231e0554cf74a6147b72a8a4af9dc5c1ae7423bca3b8074ce2ac0d25d19b81b7c077bc6fd4ff0c967be8418a1d21a6cab94f838c2409dc366b64c5d028ee4f886807f208aacc17fd09cd22561280be682a5fefe9900d37b5ce961673afdcdea08cd2fac5259b772f78fd812a407716131d1db808243c55ecaedf293e96812007f64142b05ea84cc3849a1ac61dd255db95d7de23023d5d8d1796bf94b8d579de3ff96e32380b283f6a2fdd9a35afc8412e2cf423bda6caa631408a4ebd63a20c222a005f67dda5e43bba3225cfc36be6dac86024e46e4e775ab51c07ebe7e7d9654f62731650935f64391b98c61cbcf26927abe7bd8d250abded8fae4026e1a5b195cfe296682233665b5f1945c2ebce03b5dd55b6a83b6f4282ab42b5bc697f0f181177394f7a4ffddd4bd4bd840434bc5f61e1eef7f301613f20382ad9395a5e6ca803fa1257ae5f4e1478142bac85b557b17d2fad4be370ee480f5d463e6c95796e8d7c98b25cb8109c53b1a5eeb9e004edab362d31aa694300cb27ad73f7e5872eb14ffb42357796639bba43516471348e6a16dd040a3c701dab2c915a56f5fee41edb961f3b0570839dbb0e4d77cb1e82705910fdf1cda4ad8e45bb60895481574291c0bac11893336c9c860ca5be401b657ab305d483e59d76fda05cca6e5002bd760d61382070c72721a37efa3f89cda98b5ecd6e0095776dca064fcb03b7fb6d833c989ecfa68540f0444b0c5e2debcb593f21554d13661a8be0d74edea6bb619c28e7fad9448cb3d63729503d90e0d8fa8cbab502290f1ad89426e6f42d5ae69df2ba22414cd22e48d8f3d2fba4d3cbe176214053eeb717a1d360cfa3baac81f2d6c2c7551992f7ac2308ece0b836124584e59409c6366eee325cae309c74c2aa42c3ac92abcd1dedcd772d47691352bb2c31ae993d678b8a09cbba6c643c39362dda0dd75ec62f2ceafa84b6e5e7742b134beed11be4327a99aeda4ac6e3a70bd04076ef4fcfee055bce7ea70c8a7b7fe6ad68a142d1caedbc8d03e600f17a0ec7768a6f9dabbb48537cf2a24d7305fad39b79cedf0580fc9a82bdf3adbc05b5b49d379ddd30ac1c93477df7f7dab9134ee3c9df5af542a493506d365f8d53a8ff235c107f3835def7c6b2163fcb9fd0eaa042aff54c779abd118e9fa003f6288dec1eef1dc2d6379487900d9f151774c2fc780fd1fb12552a7ea468ca86693303a9879cb207fcda8da163848110632a2d45044a015b48b316a31804f2306f61c0d3e272559af3f2f266190e917e62b99e4325ecb3e4f7f72728d69af06c0e6412da90fdadb57bb7368f81111ee26ce682114bfb1f6d24766a568ffe2472640cde7004ff6e6e95d868538ede387119d43d7aaab9ef1bf69b7953b405d5bed976c21b24ff04de8c0d3f21fe37756b075712d1b3fa8c49d84ca3aa72f0866c4f9b1a0ea1ea527cc08e49124ddb751e1616b2a56bdc4b6c75687d1c9cff4e3a6b79cd0ffc5c12c691c8b0380fad52c50706aed4a741adf635d63bc1350219fd41ad3223c0b2771d6d1b19b750186d498f55f6fbecb4668a8cdd865f8b47080d99540c61cc1f9411ec56a036dcd25496dfa95459f69a02cd93ddb2db800a40e3ad8c11281e49d6b4317fdd67e1a9e5cb2afb1c76d60c826f728819d95b4668781b5474c08571bee22cd0eaf9237a6dbb4d8485532d7fb5c5564e1706323bbe9fd442a84a66658e161a487f5737473436b8e8f17379ca35dc5dc73517832b52fa1b5c98ea0d56860d08c312a79b1e19277906a870b56166906895d9f98d6374aea2353220a812c1bb75c346276057d8fa9863e708e0bccf85f75a3d245c14bf1d29e6562894baab3971d137fbc3a989caba522736b13e2edcb44e55b31f0f9fccd3ce7d384344ed683f89532e6383761ef71549abf29fb8f819079dd6aafdd573fe43f32e98cae413a71f2404578322c220e737d6402714d7b57fa70e6d3b5fa83edfcdb16976d238ac8aa364f2bfd6e0b3972c53d814954e4fef906c0781acdcf4b7e73a65f3ce58a60710aae6fa5b80ecde51edcf566dd037574e8f62ee01d7ef512e0defe087b1a0e4f07b8bb44b22ca0287ad9468c0d7ca31eb985b2a77a49878bcd4e5cf6529cf4f2e4e2515a9b4b4b9a0bdd6c03a7e042fece9428b8a288c8ce1386d6216e1489e245a0bab45e09424467e1bc780e632e01ad52685c93d0776d3ec084f2b655d5fadcb029585d9f2676101e284d5a1d4eb25ec01996763417c6d4c35b61cbbeaf46f54eb947aa624e69f3033cf8ec6b5e233c61eeaf0c6ba1224ea95441c79866319ebb2201beb89b1e95e0ae4365a7c253bc103a5bd8d3beef7333353eea69f66b8b6bcc00066aeedb374f2166c080fe74cd9670bbc178de5bbec065031026968a6e18574ca3c31eab3d4efcb7e5a352d679bf1ef08f4d4f9401d0c64685927d88d2a61b684e18044ab24a7f1ae1a8f52bf7086cb97f8aedb2ba6f66a1df256a798cc4141f5a2a0b4ef93e0673fd8b1e92989958e8dc508297a252f95a2664eef290f64b046d8ad11df0fb722286d305fa55796c94b19223d6fade3aadd9a2eb137511d5bbc8126f8ea4db63d2b882d937630f7548fa1368a526e576891de65e793c00a1bc0e16ae9ed22ad9c468450c3edfcb75f431ddb57064742f48a0489fb0a941df7e48829a21b04a764ca13d3c4877600723e45d2e0d97e19b61da82cb321ff6a8c7078e06324a872612fa3f4f519d8c65b8cd4352c26f6b9e07fab926315af5ddd2ab42cd791ad8cbe484b0a073f51df5ae7c97f24194c9fd4df26795a31be1e13b128dc0bcf8045213b1dd9cee6fb66c05ec3c04df5149a7a2a5aa533b7b1305cac4b90da2e04bb8cb86ce2e713a04dee1de95988ef5486aec0e6dfc1930f84f00e7aa35917497b9c66dabd9c7e8bfd6587362adb1ecef03ed4c85120db300ce1eb151caaeb0315a481a8cc1949937b950054fae3cccf1c1c66fbd85be19c45a108445bd647292f91e7960e51d1d54b94444c6d4b215a85c47e8e23751ef8a8fd3fd74221d5220fc2dabde5a3d13019e734ebfffd8e2354d3c9287381908a0b864b30ad34e1bb02ee57f294519f2298d1efb1f54daf5a5e8e1c1997644a046c4001b0bad45c59c547a6348dc52934994da4e5c750c126f2a938cfaf24f3f172fb46707a69822430d62f5b4bb51b3464dca1ed17d33f03d333c7db839284a2bb67270db073c1e82b07823942f10c1ebdec743a314cc73454ec8e22d588c89814172a4ed40d5dde200508f613465d85fe8ce5e274e37723aee3f58db34bc7df428246087ad500c6c09e59631b119162fca4da99f04751e16e3297d84f65e58bd47137a009e976ac375cf418e401e4762ad366106ed5fb76bed2f7358537603585926df15e4c5bd97dae32aeeec8cdb4c2f4176215b1cfb9cdec5d096e1cf5ee8bd5685be4e94a45617f5cf6bbeab287de9b2781bbffa3382494cdbcda2712a93e59b3599ae2705df7a4136ddd84610264af5edd08c11c9f4e504c3030985a462b7ed6cd87e255698bbdbc0c93379af364b040195154e79cda4d7e5b0e6cb586c1d45482503c7bb16403d6bcd19d6a4afe483b5d39d66a7ac8abb2159c58a169fce7a1a011c2fa53f39c38992914daa7f3fce1aa72ed59fcb3ff2c825044047b98b0b5c1ee4464bc45ea01cf5b9a472da0a14507556fe99b40eaf9ff96d2c2c1bea9ef6b741f4b0c6e279f79c062053379f15a9029f83efd5bf742d3da77116967394e0a6a851f761324adb5d204c35e9a0cc897cd7d1a4b18527784cfcaf9d996ae09330d00b4e45e4f942a22b8b071848b2a633eb1b96761c77b34529d86f828e6e083580328d2c90c2adb0eabfc5d3e82a620a5bc3cf622753336e3fb7d09ffa387a0fedde32b62290d31d402c8732d606ad5cb1605a93c55e52f8d23c1a679b0e1ee4d320fe98a314013adae8f4e57b18549cfff96d940811d6d201ca2d78bfff9f63296302fc26fe040dac58c3bb7a0cc68f1d3e9edfc2b6ce7bd1c064da2396c5b13f5118ad2e25a77386c7968573a9dcc942e4738f00cc58561e03d0295c8aef67b175715a2c3233cf1a3f17fae33e320b73b549ff9fd49750289fb1a4ba4402e9e86d75e0263ed551a37fc10f54d1cc3eee2a9ce5a08b160019ae405e1e115426ccd43dbea71b59295602cf67e7148fa7a5ee22317f528e48f084485e2bb2c334cb45df0c356e05f363714b1cc8ef74e595379e7a5c142"}, {0xa8, 0x115, 0x65, "baa4542322ffb0b03ffd16069c51cd97b118bf327c4dcaf1544996bb4ebf165c6629984ca01a40aa9f41a0329deef06a347d58ee1a3abf58cea70a0b202b405c8d7e53effaf2811e0686e9dc01b84e357e7f0ea010d8350cb8ba8d6e544a473d75aab938ff1f58106bfee352beaffa91ebd7513d69e4eef23a3dabbcee0810e0ac3cc6c89623cb2b3b4ad025e8cde59220c055d8c0"}, {0x58, 0x101, 0x2d, "3c31967389dd31ee162c4eb31bf7838a5d2fe63e9a1eb295c0aa0e0a07529eeeb85cd80dfa49c785a627e86ab1566884c5e4714c655821eb9f6ddcbc19c66b504ab66ee847953c"}, {0x40, 0x100, 0x8000, "bad748a07ceb1a9862d478ca8c0b527714b4d5ce7a8eb8434182874cad0c1bd8f2ecf88a46ee074a14"}, {0x90, 0x138, 0x1000, "7dbe2ea4cd9f3da038d38621248aa017c33440a833fdc5361d97514d2bb0dc68377e03b28ad2f66f8b1eaa0e8adbde9b7a97a78c3f7413a1a83a182463396b50f079ca8fe9c523e0fe891bdfd2a0f0bfe41c1d1765ea18743c4aecc3f58ced9fea202e5934e9b2c5a2b63a43c7577efd145490a095b38621ce"}, {0xa0, 0x113, 0xfe000000, "902ad328838762a92d81566cb8a61fab138709d05e76a3394e8b8efb7de239ed374b5c4d551d6482096c0b47e92062f057d8cf1e828e94f86e66644d942b717142af8762b76beadc03e9b41cd65b43f2d35896c907dd86447e462495bdb278ae98dbaf5ca3fbaf0ec562361fc2ae6e5318ef08b83601c4737f29c9ea2891795d79831d300da647ae5e6941140f0304d6"}, {0x108, 0x11, 0x80000001, "8359466ca5b80d42c55298b17223dbd326d48983a6af8935b1abdba9754d9257d9088d3e04f5f1d1d473234fc7b71a12172f0305cd803f2a4d7dc0905bf462750b329faa7042e355f7e321cd4a2d69741d53276bd1cc29a017447fa6b37b946330b16ee892d98952fc88020d05414945aba838aca0fb28b77b41375d3b1859a8aa218b0d9d4ec4b58d4c7fb319fbc755c41405041972962d733dea49142a2c6020a9b5f5fe443f1ff277724688b5a296e408b54ea231c5b3b16b86e2608d47e30315f562a5691941d812e5d9e36cff816dcaadc2761d81d6450ead06774a281b900f13c674048e7695f31b8bded074805911d80e99"}, {0xd0, 0x130, 0x400, "6c980d1c3a2046c68606d420fd202ff7ac19c0820eed9e907fc548e15c6a4d40412e3d8b7a7ad665cbce739ccd85e6bee0b76da43ea107614ed71dd8538f350ba808f7d6c707943180a7c08a04c9301bfef04997f6f077382af2231b214b2221a2a5c40f91cdf2aeb635f453fe7f0cd82e71cc19aa2a17088a1b31f7415836710d95390049e83a87ab1a3a1e9e3929218aadc7cba7d0addaf5cbbbe85e69bacdf5d330d7c4c3d274d7b8403ee514294caf389946787659483b13"}, {0xc0, 0x10a, 0x7ff, "3977b77b4b346572677c63a7b8e40dd36bd6f3a990b6728291113bf3ff6b9f4422110529eb89f1431d09acca831bbd2199b1c5663fd5bb153328a282bcaea50d9744fd8125c33dcc3dc76de546a6f7e97ce9c135159a833440f1a61a6cd97117a5d4924438c80b255576d2ba8cb60f98aae30b137dd2050e9af5c2e58dbff6420286d2ccb437d6bc84b864ef759d8ed54a5983185933ade09d57ef8773f046802528e3069c9968b4a2fc2a30e4c905"}], 0x1518}}, {{&(0x7f0000001ac0)=@l2={0x1f, 0x100, @none, 0x0, 0x1}, 0x80, &(0x7f0000002040)=[{&(0x7f0000001b40)="42a3ad3faa432d3d326acce7854b07ae4674b1199997d070c41f75726f63f2cceb7f63bcc2b14d15cffcd9c545802e5ad5f5e8e43a42a02ed48a73704fcdbd5ea52116305e58ad64c7c4372f642f2dc72b9169abd157a401df13def2a5e09fe2b1bbf1e8fdafde6415897770733f94da01126118264c83d54a1c4c49a06302f9373e98e46118bf4e6f57e25b08303c4dab911aa7bdc479c0c1f76e3c8ce4ab4fd101bae1e1ddff8e3ac7adcf179880a6ae87aac926ed09f22746dee5dee95855d8c09d32058d3461fd6718c25c", 0xcd}, {&(0x7f0000001c40)="f150720bafbed49bd05f58395753ddd84970b00a82dde510a5ed2ce8f804b6f4e32a68bc5e43dbe86a9595755241f0d772db75d6b53aa14ca23ca323001c20af764b9b8307b2d75ebeda2b57ec4e7b22ac37be480f890e089bb7439193ba86146f9044734d90a3fbcb04f02cc3c58d068847c1018e64", 0x76}, {&(0x7f0000001cc0)="f0bb6ab1a7032f6c3a5b167947933510e1fe55cd9e584e52d9593453a1047ff7abcfc6510f9b6cd885ebc8acc182523bcdc9b6558869e08939aca8919ca6cc105d3101ad565e01845afea2ce10523606eba216c17a98b8b1524affb5913050b46b8824af0f76bc8bc40025802600119464b337c05ab68a52790ac6874787bbb88e86b3a0f41d81f85b7c4cd71324795e7e8ddcff281ca8e3d6971902993bbe5c0675f2bc8b93cf7e63dd8a7b9982b9a3e926f4f41e592cc6", 0xb8}, {&(0x7f00000001c0)="cbf6eebef37d13687b60dbe699576934ccf83d281f6ef0dbfabca0d81365", 0x1e}, {&(0x7f00000002c0)="dcfc30e2d7335e04ccebd21234abae8f90", 0x11}, {&(0x7f0000001d80)="a253dcfa475d823ea0740d78d02f6b1da589ac37dc57b20ebbbe5a9c79b8be2e039d4855567445d2197a0659a685c5a0ddc884a1d54c9fc303f2f2cb2312c89f6c1d3e2a43dc86eb3c41ae79fad6524f14930f3784e23ed5721ee6eb32cb7b5684ce80ce6ab503239a8a5dfb7c7519fa3e1b0746ee42c34a1afe1b565a930f63925e2e054ef127787dadfed55f8a169a0cd427765534b89db49230130a1cd1d705d72617a2ed54bf9140de65966194d041da950c3b76c73afe7d54dd7c59fdb6ca4301d667db65d03844bf677b28bd8150b93d8d74c408b37168dd0cd4e91504d262f151d3b6b4a637896ec1", 0xec}, {&(0x7f0000001e80)="8f37314dbadb339129867070f7e677cd903a108ab2e1a43543c33e2d8b74a05424188a4ce1b03b41ada65cd35153b89a01b31adced28b3c98d83", 0x3a}, {&(0x7f0000001ec0)="3dc55bfad1279d647605eb906e9c82b83105439fcb34b4d21df8f9d6814c027bda2cae80e2feb0f9b0584c172faf8e3e1df6a256404157d4c58b6b859674ac4b44db846b12ee8028d199213e7eb104a48fb185faf993e9a59f3d959da34e51bc5ad98aba3359af3da1bbcaad63455abf57b1c5e463c22ab0e035bef1495c23cdb9d62d2f0906847c75a472aebe340eefb7cd687f72", 0x95}, {&(0x7f0000001f80)="a4f4281a84fd33e60dcc0d683eeff211", 0x10}, {&(0x7f0000001fc0)="29d15dc5e6688cbc2135887a9843ff1681be37ef25948fa2a38a8503e56e55af0f23846181e57ab8b91c133076d6831668c09f730932a4d4d3052ccd1646b12298214db9c70e2e433d4b0d7e6a3add02e064c527c93f11ac18141b963cc90e4d20f7b85e6cd3", 0x66}], 0xa, &(0x7f0000002100)=[{0xb8, 0x88, 0x2, "ae5eb461e71bd32a3981bef00a2d8130db922a111850d3bff8f8573296ec8b3d275e6e891347e0ec78332b779a2644f1102603030a87085b44d69d176c3bb9850bab29555262c37d35bef23e00988f951a75cf2378f7d77283f31a27a606ee11bf5496a901da7772faae921e0a31102f475598342db1fd89d4ee3278c70d391c2f8b65d1c8a69a799e8a53683f43189f538d791d30a0c66df54003749ce3d6cf3224707e26c8f5"}, {0x58, 0x10e, 0x7ff, "6667a77ab09ca5d3c314404f02e9f8e37a4af994b21f6ced9ebd15e6157def632f5a9f17070335f1ab815bdde0b535efcbb094f6899bf32e4391734842d2fbb355"}, {0x78, 0x109, 0x80000001, "795fc60ef51bfb3867fc8d97789fc1c19f94d682f1212c5edd1b25f333ce6cafbc50337e3631da1fa0a93398e03c485f8f7a16088ac762bcdaa0e7f4051db8b8874eeb5efedbafa6c0badb88a7dbd83b3d3cb06df41d97785052b6eb1582e49211f5a17da35b"}], 0x188}}, {{&(0x7f0000002580)=@pppoe={0x18, 0x0, {0x2, @multicast, 'vlan0\x00'}}, 0x80, &(0x7f0000002480)=[{&(0x7f0000002340)="cf47bf3afda4a1a5bd7a8c311ca03fa07db2a68854b746be3dc0be", 0x1b}, {&(0x7f0000002380)="c23a831f3dc7e805e291695cae6704d863f975aa96fbcd220029308f8ad636638a8b200ddf048cede52737bc04d06f9570aefe2d124a4572d3745ef1a1c64cf9bd512fc3c36115b8411219fb8abb7198998f0918505957d552b9a2c61dc1abede51c7022def244c44fab3767668b55f9a0037eecdbbea28dd9090ce75fda7fc8122f2baf3d80a4ff383f34cad139ab56f74ef97423cc488c541b2676ca7e77bc813f5989db87367845016f28cf8cc2209fe2f8f9a4af3415fcd516255ab3cf28e988d000c50af5d9f883869a", 0xcc}], 0x2}}], 0x3, 0x20004010) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x2, &(0x7f0000000200)=0x7fff, 0x4) connect$inet(r3, &(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f0000000300)={0x0, 0xcbf, 0x80000001}, 0x14) r6 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$BTRFS_IOC_SUBVOL_GETFLAGS(r6, 0x80089419, &(0x7f0000000080)) write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x140006, 0x0) 01:08:11 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a00118cff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1413.472119][T15551] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1413.489173][T15559] Unknown ioctl -2146921447 01:08:11 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff1d0b0a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1413.576668][T15545] loop2: p1 p3 < > p4 < p5 > [ 1413.582334][T15545] loop2: p1 start 301989888 is beyond EOD, truncated [ 1413.596928][T15545] loop2: p5 start 301989888 is beyond EOD, truncated [ 1413.617753][T15563] loop5: p1 p3 < > p4 < p5 > [ 1413.628396][T15563] loop5: p1 start 2349924352 is beyond EOD, truncated [ 1413.639847][T15563] loop5: p5 start 2349924352 is beyond EOD, truncated [ 1413.674124][T15566] loop3: p1 p3 < > p4 < p5 > [ 1413.679326][T15566] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1413.691934][T15566] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1413.717641][ T148] loop5: p1 p3 < > p4 < p5 > [ 1413.723524][ T148] loop5: p1 start 2349924352 is beyond EOD, truncated [ 1413.731657][ T148] loop5: p5 start 2349924352 is beyond EOD, truncated [ 1414.323630][T15571] Unknown ioctl -2146921447 [ 1414.703414][ T1216] Bluetooth: hci0: command 0x1003 tx timeout [ 1414.709584][ T88] Bluetooth: hci0: sending frame failed (-49) [ 1416.783383][ T1216] Bluetooth: hci0: command 0x1001 tx timeout [ 1416.789604][ T88] Bluetooth: hci0: sending frame failed (-49) [ 1418.863233][ T1216] Bluetooth: hci0: command 0x1009 tx timeout 01:08:21 executing program 4: clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x30) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) dup2(r1, 0xffffffffffffffff) 01:08:21 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000090ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:08:21 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000018ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:08:21 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff1e0b0a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:08:21 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b9010360000cf000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) 01:08:21 executing program 0: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x10000000013, &(0x7f0000000000)=0x2000000000000001, 0x4) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000180)='ip6gre0\x00', 0x10) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x2, &(0x7f0000000200)=0x7fff, 0x4) connect$inet(r3, &(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000000300)={0x76a, 0xcbe, 0x80000001, 0x2, 0x10000}, 0x14) write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0xfffffecc) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r5, 0x0) preadv(r5, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmmsg(0xffffffffffffffff, &(0x7f0000000440)=[{{&(0x7f0000000040)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x1, 0x2, 0x2, 0x2, {0xa, 0x4e24, 0x8001, @ipv4={'\x00', '\xff\xff', @broadcast}, 0x7ffffffc}}}, 0x80, &(0x7f00000002c0)}}], 0x1, 0x4000000) splice(r0, 0x0, r2, 0x0, 0x140006, 0x0) [ 1422.809987][ T163] Bluetooth: hci0: Frame reassembly failed (-84) [ 1422.845784][T15582] loop2: p1 p3 < > p4 < p5 > [ 1422.850904][T15582] loop2: p1 start 402653184 is beyond EOD, truncated [ 1422.865106][T15582] loop2: p5 start 402653184 is beyond EOD, truncated [ 1422.891842][T15584] loop5: p1 p3 < > p4 < p5 > [ 1422.897636][T15584] loop5: p1 start 2415919104 is beyond EOD, truncated [ 1422.906828][T15584] loop5: p5 start 2415919104 is beyond EOD, truncated 01:08:21 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000025ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1422.916932][T15585] loop3: p1 p3 < > p4 < p5 > 01:08:21 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a0000a0ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1422.944251][T15585] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1422.960705][T15585] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1423.036767][T15597] loop2: p1 p3 < > p4 < p5 > [ 1423.041966][T15597] loop2: p1 start 620756992 is beyond EOD, truncated [ 1423.051036][T15597] loop2: p5 start 620756992 is beyond EOD, truncated [ 1423.191624][T15602] loop5: p1 p3 < > p4 < p5 > [ 1423.201135][T15602] loop5: p1 start 2684354560 is beyond EOD, truncated [ 1423.212601][T15602] loop5: p5 start 2684354560 is beyond EOD, truncated [ 1423.228996][T15597] loop2: p1 p3 < > p4 < p5 > [ 1423.234043][T15597] loop2: p1 start 620756992 is beyond EOD, truncated 01:08:21 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b9010360000df000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) 01:08:21 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff1f0b0a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:08:21 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000048ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1423.242780][T15597] loop2: p5 start 620756992 is beyond EOD, truncated 01:08:21 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a0011d8ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1423.388890][T15611] loop3: p1 p3 < > p4 < p5 > [ 1423.394045][T15611] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1423.405067][T15611] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1423.443589][T15615] loop5: p1 p3 < > p4 < p5 > [ 1423.448597][T15615] loop5: p1 start 3624992768 is beyond EOD, truncated [ 1423.457869][ T148] loop3: p1 p3 < > p4 < p5 > [ 1423.458699][T15615] loop5: p5 start 3624992768 is beyond EOD, truncated [ 1423.462682][ T148] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1423.478575][ T148] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1423.494009][T15616] loop2: p1 p3 < > p4 < p5 > [ 1423.498861][T15616] loop2: p1 start 1207959552 is beyond EOD, truncated [ 1423.507557][T15616] loop2: p5 start 1207959552 is beyond EOD, truncated [ 1423.666647][T15611] loop3: p1 p3 < > p4 < p5 > [ 1423.671533][T15611] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1423.680438][T15611] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1423.699952][T15615] loop5: p1 p3 < > p4 < p5 > [ 1423.704982][T15615] loop5: p1 start 3624992768 is beyond EOD, truncated [ 1423.712505][T15615] loop5: p5 start 3624992768 is beyond EOD, truncated [ 1423.745433][ T148] loop5: p1 p3 < > p4 < p5 > [ 1423.752526][ T148] loop5: p1 start 3624992768 is beyond EOD, truncated [ 1423.761672][ T148] loop5: p5 start 3624992768 is beyond EOD, truncated [ 1424.862798][ T1216] Bluetooth: hci0: command 0x1003 tx timeout [ 1424.869411][ T88] Bluetooth: hci0: sending frame failed (-49) [ 1426.942747][ T372] Bluetooth: hci0: command 0x1001 tx timeout [ 1426.948774][ T88] Bluetooth: hci0: sending frame failed (-49) [ 1429.022602][ T372] Bluetooth: hci0: command 0x1009 tx timeout 01:08:31 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a00004cff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:08:31 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b9010360000ef000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) 01:08:31 executing program 0: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x10000000013, &(0x7f0000000000)=0x2000000000000001, 0x4) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000180)='ip6gre0\x00', 0x10) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) creat(&(0x7f00000001c0)='./file0\x00', 0xa0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r5, 0x0) preadv(r5, &(0x7f0000000280), 0x18, 0xd9f, 0x0) getpeername(r5, &(0x7f0000000340)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @private}}}, &(0x7f0000000040)=0xfffffffffffffecc) setsockopt$inet_tcp_int(r3, 0x6, 0x2, &(0x7f0000000200)=0x7fff, 0x4) connect$inet(r3, &(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f0000000300)={0x0, 0xcbf, 0x80000001}, 0x14) write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x140006, 0x0) 01:08:31 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a0058f9ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:08:31 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff200b0a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:08:31 executing program 4: clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x5374c1, 0x0) r1 = perf_event_open(0x0, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x1) clone(0x81128080, &(0x7f0000000180)="bc8029e3c6d3141bb2ab3d313e7edafe0834606c9692681ad1be6fe204fe494204ed62d1061b3f6ddd8b062c614217d818fe39cf697d42caa41356f2bed3a875bd88f75930c6a0a53d7141cdf7ca62f9f3058022fb4564fc51ee6d7519f02099d3eec72d6fa1dd7c2d451f197e7b1972c2feb0c8b79bcc", &(0x7f0000000200), &(0x7f0000000240), &(0x7f0000000280)="fd620e185d14cedd25b8a602f561ed0226f3afa82a84facf2171c00c8f65e8782f18db90538240048f4df744472a0d220fa30eaf3a95a85ab51b78d56db2d085694106bfe421d144af5ef29400af576f2a75d0e2889c9c45a7ca1c0040003e384792a4e1b53b50fadeb6de74e64ea74dac0d1a565b55c453a98b4d33657740855bca8ad9d654a29c72746d972dee30ff1d16ab3bcb585cb65264d5e2536bbefaade54814687aee6b24c5a497cb3c795dc8c870af6f41990c273a7c8325b639af9163e1dfc6b1d57edc5577535e40221d6c0dd20716583e00264d02a2e941912b099b32f88a3e49f996daf4765bc59dbce934c4a61c") ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) dup3(r1, r0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r3, 0x0) preadv(r3, &(0x7f0000000280), 0x18, 0xd9f, 0x0) preadv(r3, &(0x7f0000000140)=[{&(0x7f0000000080)=""/37, 0x25}], 0x1, 0x3, 0x2) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r4, 0x89f1, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'erspan0\x00', 0x0, 0x20, 0x80, 0x1, 0x8000, {{0x9, 0x4, 0x1, 0x0, 0x24, 0x68, 0x0, 0x3f, 0x29, 0x0, @multicast2, @rand_addr=0x64010102, {[@rr={0x7, 0xf, 0x23, [@multicast1, @multicast1, @dev={0xac, 0x14, 0x14, 0x2a}]}]}}}}}) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) ioctl$TIOCSETD(r2, 0x5412, &(0x7f0000000100)=0x80017) 01:08:31 executing program 4: clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0xc2001, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x30) [ 1433.123593][T15634] loop3: p1 p3 < > p4 < p5 > [ 1433.135260][T15634] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1433.145703][T15634] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1433.184005][T15637] loop5: p1 p3 < > p4 < p5 > [ 1433.189863][T15629] loop2: p1 p3 < > p4 < p5 > [ 1433.208751][T15637] loop5: p1 start 4183293952 is beyond EOD, [ 1433.214195][T15629] loop2: p1 start 1275068416 is beyond EOD, [ 1433.220394][T15637] truncated 01:08:31 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff210b0a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1433.246933][T15629] truncated [ 1433.255173][T15637] loop5: p5 start 4183293952 is beyond EOD, truncated [ 1433.264330][T15629] loop2: p5 start 1275068416 is beyond EOD, truncated 01:08:31 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b9010360000ff000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) 01:08:31 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a0005faff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1433.476365][ T148] loop2: p1 p3 < > p4 < p5 > [ 1433.483148][ T148] loop2: p1 start 1275068416 is beyond EOD, truncated [ 1433.491290][ T148] loop2: p5 start 1275068416 is beyond EOD, truncated [ 1433.500436][T15629] loop2: p1 p3 < > p4 < p5 > [ 1433.507524][T15629] loop2: p1 start 1275068416 is beyond EOD, truncated [ 1433.519350][T15655] loop3: p1 p3 < > p4 < p5 > 01:08:31 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000055ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1433.524509][T15629] loop2: p5 start 1275068416 is beyond EOD, truncated [ 1433.527431][T15655] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1433.566856][T15655] loop3: p5 size 11290111 extends beyond EOD, truncated 01:08:31 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000060ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1433.620834][T15666] loop5: p1 p3 < > p4 < p5 > [ 1433.628034][T15666] loop5: p1 start 4194631680 is beyond EOD, truncated [ 1433.638033][T15666] loop5: p5 start 4194631680 is beyond EOD, truncated [ 1433.733144][T15655] loop3: p1 p3 < > p4 < p5 > [ 1433.738371][T15655] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1433.748359][T15655] loop3: p5 size 11290111 extends beyond EOD, truncated 01:08:32 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff220b0a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1433.774043][T15666] loop5: p1 p3 < > p4 < p5 > [ 1433.789644][T15666] loop5: p1 start 4194631680 is beyond EOD, truncated [ 1433.801225][T15666] loop5: p5 start 4194631680 is beyond EOD, truncated [ 1433.852999][T15672] loop2: p1 p3 < > p4 < p5 > [ 1433.857995][T15672] loop2: p1 start 1610612736 is beyond EOD, truncated [ 1433.868183][T15672] loop2: p5 start 1610612736 is beyond EOD, truncated 01:08:32 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600011f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) 01:08:32 executing program 0: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x10000000013, &(0x7f0000000000)=0x2000000000000001, 0x4) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000180)='ip6gre0\x00', 0x10) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x2, &(0x7f0000000200)=0x7fff, 0x4) connect$inet(r3, &(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f0000000300)={0x0, 0xcbf, 0x80000001}, 0x14) write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x140006, 0x0) 01:08:32 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000068ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:08:32 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a0005fbff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:08:32 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a0005fcff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1434.097210][T15684] loop3: p1 p3 < > p4 < p5 > [ 1434.102026][T15684] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1434.117631][T15684] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1434.164317][T15689] loop2: p1 p3 < > p4 < p5 > [ 1434.176114][T15689] loop2: p1 start 1744830464 is beyond EOD, truncated [ 1434.191429][T15689] loop2: p5 start 1744830464 is beyond EOD, truncated [ 1434.287561][T15694] loop5: p1 p3 < > p4 < p5 > [ 1434.292815][T15694] loop5: p1 start 4228186112 is beyond EOD, truncated [ 1434.314198][T15694] loop5: p5 start 4228186112 is beyond EOD, truncated [ 1435.262170][T14541] Bluetooth: hci0: command 0x1003 tx timeout [ 1435.268369][ T88] Bluetooth: hci0: sending frame failed (-49) [ 1437.342095][T14541] Bluetooth: hci0: command 0x1001 tx timeout [ 1437.348112][ T88] Bluetooth: hci0: sending frame failed (-49) [ 1439.422004][T14541] Bluetooth: hci0: command 0x1009 tx timeout 01:08:41 executing program 4: clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) openat(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x80, 0x120) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x30) clone(0x80000, &(0x7f0000000100)="92f8ece37f0e6034dd7df9b5b4becb48d24e20c4edd6ebf0c3fd2de008c8cfcefb3d4d7af6e725cdb18ee87102a3a19b6a965d7fea270ad97040a183f5d303d93f0a06fcb9190052d04c0a053446c15d672a762e40d520574cc4814344c55806154f39a01619f5545e6dc6471fa587e8044b0bf28d49c4509b41b3a7cf82639e2a7b0bb904c3cb55035c3e01f60f377809fd3a048c16267f551b2a7352ddbcec6fcbc79a46efc361feaf", &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="0960d369c1f6185098d09664066a7254e3de336e5eb866fc13d6f5cf55004157c0923285abd3ad6187421bdb8cee4d9c5e9816f06f2fea056f6f3f3b68c0bd04bccc2fd225e98eb34bd4eef00abd64eed9977dc6a62eb949") 01:08:41 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff230b0a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:08:41 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a00006cff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:08:41 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a0005fdff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:08:41 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600012f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) 01:08:41 executing program 0: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x10000000013, &(0x7f0000000000)=0x2000000000000001, 0x4) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000180)='ip6gre0\x00', 0x10) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x2, &(0x7f0000000200)=0x7fff, 0x4) connect$inet(r3, &(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f0000000300)={0x0, 0xcbf, 0x80000001}, 0x14) write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x140006, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r5, 0x0) preadv(r5, &(0x7f0000000280), 0x18, 0xd9f, 0x0) sendmsg$unix(r5, &(0x7f0000001840)={&(0x7f0000000040)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000001780)=[{&(0x7f0000000240)="9eed878f03532503cf5621fe8a2bd00b6d8ff7000be2b79d92e12c44564c62d2d468dc8ef4efc21612a15c3fdaee57c85a2bd7c9ab725a07a36840bb2184dc41d504f5dac63e80c7664ec10364d7ea951fa9e7d681b2205b23a3008fcaa6d0c23d72aa1749222673097c6b7956e9417a25af6d25358d03dd82e06c18a02cf2869d117a898422a905dab562c1ed9d533edd67fd1466249bfd91d7dc7bf37222147bc202a2aba9c8a573667f9f055791191269b2df29f1af4ee42e0b9fd17ab255", 0xc0}, {&(0x7f0000000140)="dec1ac10f605783ac492dbc0a922346d", 0x10}, {&(0x7f0000000340)="8d6174827ebb624cd0954ddbc2a829ab5fad4ee31ea30fbad2ad75ebeba60f14d8d38666e098f500599a02a272397895344585a82a8750b9b483a85d605a7018d9289bbca93fb22960a32f6f6598a3664786f96988f1e9141b35f298ff4e8853d64a22b003fced939a37a19b9abac3538205ea1047ed1a31c59853faf0a7fb463d45cd8e17df5aa4474e26b9f92d04eb2d55226b9b65367ff9af051f76dbd18499712efefa28b8f20ff17874154302e461075bc7f469430b4715d5f1f1f3d2b0c4a7248169d2b1e2c1e16c73f9f378dd84e4", 0xd2}, {&(0x7f0000000440)="713b0e91796c03129e87e42ee7b50a0ea1893e206d18f31a148cdb67e2fa1e3c002e3d9e440c5724053d36a0d4b1b33b9c10c50d9e36d4de44ca225a6e68ce31f08a2f7c8635c819c112de64d43103f60f8fad98616005081f1b796d6f5677eacbda2b552a77bb7c6b6a824e773b2f2e44d69f7c8849daab8a74a640c2bffb04bd12807481729d439a1546ef4dfe2cd11f8aa0407865bbe7f66826", 0x9b}, {&(0x7f0000000500)="21e5369c347e336b46bddcd5b4398c2bb4b8887374f16386da8af3fb204a0d9bee8da20b2bafb4dd1eba040fbc89bf364faff1b29951ce18e1ae6bcb949bac128a3ed5170fba691d503dc0b65ceb04709b8216ed204c1d1acbcbb73252782bf6e585cea99c78e08b534a7ba69938a887384666170cd1ceec161a5cc1ad5737632084648acab9451c861950a18fb9eac26737dc2c21c33c5586", 0x99}, {&(0x7f00000001c0)="e63b7b8a147528396403ea0533e944696620eb4545492562ad43f748386bc46bda83d73ab1a2fb", 0x27}, {&(0x7f00000005c0)="aaca13e53210cac7529e6216bb468c814cd587993d187b7954f076f3c12096489ebcb6c3b05d0208b5443eb76709e315c25c34466c4675f43d311dcfe0d95d4db6635061f60a41f93fc779b9db36f5ce80d5dd7f357209f9be34563b094127f89ac1e635fa0cd448e5ca442e40cb6bcedf2442b65d6a57428229be409806cdce4466173036bea1debd5c16872b69b1475c04b70a01143862d614b7899d47b2b99f170b73c6fe709846b90dc5e073f0eb9e9a84804e66d3ee5b13239e7ce510bcd6ee63f1ece0", 0xc6}, {&(0x7f00000006c0)="365e493c579abc31ba31c91b34039714b1b7d07ae87437992d467ab358eb8e60fcf4e6260bfa456f5dff276121ed4a58a2e1b68533f426b0fb5bd7f2a999c238e248522c3a878edf9ee527720d78adc271db6245f9e5d08da4fa8cd774b84f2a082c1204862d357e739bfb8ed3b7707083762f4197866a4a8a75f6594aaa492640272c5f8e", 0x85}, {&(0x7f0000000780)="bc6c707c7078b050b6b14494078c20453c5149eab8c18135ee639a11a8beaf42746d71a9a14c9608e1ce0241c040ec417d67ddcca45aa541aefaddca39474634ff4d0d985d760278de414c2360e7e5b3a2c194dfb54dc58e8bcd40fc1139163f7aa2ff6ee7487d333447afd00b23a5c8bd5588900aef9324aac215501636ded4b89ccebd807c0631107433604c1203da82f8f28078200707b033cdbe9a35915165f9fdac05d117844682c290c383dbd0c3a87acefb5a96d291e847ce9104c212c615b8989f01d1255966adddf6f4cdab65b735c902c7627029a8b78f66bd21251385a2b4bdb034da3f7d554c688a173ab25cdf64f4f3a3b6b6cc9b91efdb7eb383f63a6234ce8184d8e3239380551b89c1a29e804738cb4fb2cd6d8b2088d9f6cdd68f6165311572abe125baa8f15d6cf9371ecfaca902db4798360c24d5024876c3d423419897d65e7edbb72887fda985604418d957b5c9f1981d83182f68ba9122f707e8ae0cfae4c7d681240ad3d726b09c0b43302e477863877b3cd902c90b73b2f3e74c72bce3ea5b1b1ee57b45ece8d28d5e5f3a634797a09d11946e07928cfa06b8daf61cbf39d0157053d4a95cd8c0fb1d9e17d0920b623681ae22765444f6e1a2e9b5a9f52f652cdf4ddbb175b70299f3be870783a2a30477b32687dc2fd36acc99dc1327fa23a0039d574f6b8d38fba04c1030ce25a46047aef9753adabe01523e4c45976c51cf86158b790e5ae8e4fcf60763cd2a0f5e1b0f35ba6ee814acf8f4fa3c2a15126770f1157df05aad041ab55c1d9ebde6ace8dd6fd007f4c5f1871c1a855276dacd928e208dbe6d1d1fcd8abfd8fe8bdd6928e635b915f5ddb4908aa76c7b362d24103974a40cda0cb0c86ae3fa5d7fd87f3fd34d474498593d58da390f167aa448bb281b8031e840574d8d8e21b7c1b5946364197a92fa81300361d719a594ba0085f64710c9276baf547e6882e9ff36e24f87934f4b5b46a7449ad14c1842dc6d592677dfcbddd400d1350e5f6b0a807b62be22934d44748215faef987bb703ef167b8da880cfaf4b8ad3a18c47f5b8bed594eebc48693a3ecdb7d157b291b667e4227ebd1db4a8b95be810dd2ede3be3d34927518fc7f387e5ce1c60c97a080652e8ba9b72a4b117735b6424e5e1a4782492172803930e6bb44e909b9af4094f36ff18222ce758b9e52ad3d052ed08c9a91041a483f8cf51ed4f0f97bb221f5ebf4370f65bb47624ec5bd95a39e8c24dace92f427b9c3c72e1dedc8fdc833a81709c40467f636706e75ab680a84c86c81dbd719144050b81f0e463ec9f9278dd1c600e9edbd6125a87b92ac8b1c218d32fedb1d833c12e545e61784d49c0805aed235eb9ffe8668ad773e24aafa0bd18465bf082537ed0bc4d43f2f24ac6269f61dd030e7c1fd1d3e14f5d372f1b551484848320347ad6682681ef60c6180b2912aa3e4b94086557dce488636215c737160698d30114954aa31191060c930a1a31affa9d099160e7456dd5a0036c7f80ba787097ca450e7db14f6e8c1e0882a8167be182b63b8faeb7c57f5ec13f5450fd307552fdeae8aaf831706a3ca3bc8edf348a50fe6bdccc47f4b2dcc2cb803a6df4fddedf70606f19e79803704b50323fc2671f9c28a057283efb7b4cc32f225ee06d473a4554ee2301df08f7821a19573e4a30ff6124d80cafbd62787dfba0c4511a2494b98ba3e52f25a5ffdfe6280da492beb34071f7be425cd6cd2240c02d3a6ba3525926bf641182f9c453e8794162dc216a93d51d4adb64a9b3ff5b89037a589509fd4fd534b86803ccea1cda0bcb954c479f2a2be68f03d95ffcfb5bb0a5f989a6dbafaaf2ad31a0a63f82205e8ee563b0d6146680b170fd118d0f6dd9534247e17e1375e135055157075c95fb4721f0667a91995152dcb682d7c7573c043729ecf0795c66881c32ef77a738737ced9306a5a44392090f9e48788790d806851917f2f3c29a63557c57cbd2d323288f6f829188d3ca7d0c7ee514c474c456eb6ab3ab9355a6b8da966f561265227603992e93ff3a19f6d131f5ff4cc32a98e3ce28ceb211271b46788497dcbbe4344875d80add78ffbf8a5e8ec12c93123ce60d5befb253d59ad1395907a3b05d6d80ea06b95f0d191a912b464b1c0637b3f320277615c502aec7043b2cdd77ea1219346c1b58d78e5f811ac5e5be4cc7bda4c90e75f3888c5edc4d99e056e87e0f5ff9710d65871dd5f8e0416457c97c4e1039e1809361aa73a3bbc4372c704bdc62bf67b351f5c53f6d356dad1ce01a7e67556b3de3b81b41b2a2ce8d00d9017b50cc3251485641eeec7f47b6afbd3f0b4feea79cf04754240f1c315392b83fd2a48fab77d9392f700359e9d64b8c4c93bf5ab5910e3923390a2b8667bcdaf0a6d9a1a6425a4b1b25169cd5c4a7109698c90084163ef76c89600ed5b28e2bf8b4e9e139059bfa06daf8094404d24aafe21228e63879f75f98c2faaadef46b56795c8336fc46da92d1151dfc882a0291cab5bb2f5ba8820ef92288ae6064734582e3f2814b4e2174bf10408137cda1c90436adedf7bf3d06b30481f9ac0dcbf05a7c57097f6cb1cae934aa6fd9a08422e9b3b15397ccc998a0cebc3429dd992b58707bcdb79edd3c0e1c57ba1fc130eba4726bbcb78885ae2e42391f8a8727acb0cbaff59568ca471e1a119ec9e9b07ffb04f6a7e1fb3a04728f92bfcad70d4b256f00c4bb0371f8c52120a941c06b0b8219860dbeedbb6e34c15b60466b47d46d8426d4472a608bfff08c024ebff9df28cfc5921f9fc0d3385806137cfd1a8c832bcfa5285ad1007b27a8865c4366327ece00d42cc7355e5c574fd417d7f5723f5295b96f0c44756c16a80f6e53b9c241e40f2eca51ed926c6885740fee4c799463e34e2e95c278e02a1888fa248e0c28500bc1345d763dbb3894d75df2b1d5127a0fb7cb6fbefc90129343263f2007d768d747bbd3424c9b228eb1138afdf2a3d4ba6bb2a4e6e42acb14085130144c1f7897f1e27ca08b041258839797ac4204d8de87148e16e43049081eded64fe55179d924e91df528246cb4f2f5b267c0dff576040d69190ffc52d0f61693535c5c5e5180571dade49c80e558d6b20c486e4181395eb4b2fbdb6a2f097c2786c53cc3f063b8ff45a13ea2be1a0227c0742ff40117da76e0aebfb8a0bdc33a3c26dc72d26c9670aef5109759fc19158238d70d7978ad65f7a562b540251fa3238932990826c8a8307d7f979d0fcc48435f9be38a5289156d13a9083d491b1f84e54294e8fa8d26014bd9ef00cb16261d43f50a89115c2f645135c47c99aaa7a294e83a604831c2cf57bf8bbc723792969a645b9ed38e96651362b91e17dc151cc7a75f03151435b3df07b379746dc475972f12fae34003f15f9b44948f513960b079b1c5d6475294cae9b143b42ca9c6a962a98259919be8de5dcedb8d9279d5507390480dd1d702b9ddb987fad3b0beacccd72b081e355abb01f43b051a069db0badafe38c1e462e13d1589b990a4d43791ebb885cc824764bc50418803b3a7bc79269ce313157a523e52776a94d0866196dc368e6f0868741731419bbc852105525d1a386569d42c67be1686916677910e596e4f512834306d0c99ebcec6276c2f6075aaf149e8a56baf1cba4635ac0810123a10545e277d7382755d0e7c599b11f6deb6d9928ec0a884999370a01ae1e67df3d05575373c6d679a2ac6f054d77e748968257b29d27be72d2e05298eb02b8bae32abd6ae940a203b7499fcd19ee73bd42e40b641ad972f1cf182020e722a89699146054f25dd7df469f44cb19e1239f03e2dd3e78300eb80ef18906b78242dfcfbb2b7bb2d84f1c1d82ae8fcde2563c90d85bfc05ece5977d39cc649a288996113c6d8c9922a4533678fdf8a25b06a10a1a3c1ab6cd07042363b6a7386b1ef2aa94d2c2576a50f488efde82ce3c0e75d8eac1cec05f5fc89184dc8cd8f47d39679ec1864af9696c793ae172cb454febd264f96ca72d22c269c138f3b566131785020d1f8a85e0c6cdff5835c887ae37ed18003533715cd7e8f7291b530a98a6e8c1bd037f076e8a9b83794294c7aeea4bb7885f3b7d30a7766720950efba09c6127e938ed2dab930494e8a0ed04513853b59ad2188830beb519bb63fc6a8714d315da507767214c8c7992496f6ac8bd19b53165d0fb099ef2cfc8ae616f9b00d7ed592e7493d1f035c04345813d8284310316696c3e0fe662e9da07f2cf01f470911761e5ba362e9c90cfd76c3544e70a8655ba2b2436dfa60115689ecce33c4a23d8b9f083aacfed5b010bbe717fafdfb8150e5022f2c091c3ebc95f9bbebf07cc406d8eef93002a41feb798869450c585d4efaa2c520505837824fbd9f0c8489a997fb87c313b52a4fba4cb47cfd148b659a2436fbd57601b07ce5f264b172eed9e9776b6857683b159396078dc4c2d4f5f0fc9faf8c6f3a1faf2538a5e93ef5e4adb561c36df6462c9a767f5030b3b85c6738fa82f774777efa921ee37f24da99802a950af968facef45251bc862726c3ec65b0fa0ba83967b3057d73a05b26108b52ca764ac4b51c5162658a831933fafe6462316b4d088693e5849e865befe6dffaa1e31c73002b6e3e6768c44e87c05224b58bc0536bcc1b6fa14cbddfb6aeb581803038d7eeadc3f49b26be72f176240f9ff4bb9b16651b89e01414f5afb23d7d6af4f10534053b9aba5d84f9753b8464a64771049e6a688d0122cb58d33027e124e7f988df38c2a7ff28b0ae274a5403cbf7054af094c341fea3a6a762b78a11c945446374eadd5fa5d9c23f1e0bc6ef6c68f26fb604e223dddb243daeed59a09335771f1d524b637a3662108d8baf20878ee90909d667f0d7b0c980d48a54109606efd769fadb830c026150a5ddedb840628889db8b8324fbdb2b1343f6fbdcdb98a3c4dfce91ff806b185cd4ab044226d4eeb137bf6c411c6e519697c688d13f1b61b49b9394642a9824c1b49c08677eaccf6e0eb76a35e7d8b5f5ac2cc8c896ca5487ed8f63111c2d1d5933cd0bc431192064d47894d9ee4c343d47845d6e4cbff718a04bbe2f61095824261549005e685b20a2d585688adaa48e0bec59e00809303a119be12ce2509273be2fd3da2592e2599936c1ae7633ec52ebb3e95d3d78f6dafa0050aa58f8a1a229b29d8d40f54f60a2317fd71a90c93e0424e4b4e89d6a968ea17d6b8d22e87c9bfde7fc65b385cf57a0a1090386baebb9248636e39b431358c4221c6dd5c554e66fae8b0b6c7df087e6e0cde8bd7450298f55582197cac39e6e228bb2c09e000833f39a8c6708dee38ff4c9a569a90d408160660693cb34ded136ec924d2109f2feff83533690d9339626b347a9bdff5a35c79d727714ca3c030abbf26dffdbb8989278c3a2728eefa094e085bc884469be1fd63b7cded68125daf9637166673745e9bfa0b80d009e343042cee765470b0610eae47adb5c4b1114ecd04f282c4e5e100f6cc85d9b062c0b83789f2f492273b0530a5d69d0065d2b5dd535a5dec810c28952f9140d40168a31bf6ded5055662f078231fa8466ddcb3a349f8a3f7988898afb5aa10901f72f7f8d587bbbadc2df0ce45e3b65071948a131b335e2360d28522de8e534a81b0521c0137d270c718077d14fd0f1da654685a6aafd935bef7fc1c0140681c88192ff67d7fd4ded62d386d0038726312ff26e00077a3799efa2e8f4ef9cd40b46c10d9c5bcef694470e9689420df9d40e1932b5a9fa62", 0x1000}], 0x9, 0x0, 0x0, 0x4}, 0x20000080) 01:08:41 executing program 4: clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x10) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x30) [ 1443.301843][T10939] Bluetooth: hci0: Frame reassembly failed (-84) [ 1443.314531][T10939] Bluetooth: hci0: received HCILL_GO_TO_SLEEP_ACK in state 0 [ 1443.330007][T14996] Bluetooth: hci1: Frame reassembly failed (-84) [ 1443.403635][T15705] loop2: p1 p3 < > p4 < p5 > [ 1443.410310][T15705] loop2: p1 start 1811939328 is beyond EOD, truncated [ 1443.424663][T15705] loop2: p5 start 1811939328 is beyond EOD, truncated [ 1443.443973][T15708] loop5: p1 p3 < > p4 < p5 > 01:08:41 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000074ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:08:41 executing program 4: clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r2 = socket$xdp(0x2c, 0x3, 0x0) dup2(r1, r2) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$FIBMAP(r3, 0x1, &(0x7f0000000080)=0x3) perf_event_open(0x0, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x30) 01:08:41 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000fffff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1443.449085][T15708] loop5: p1 start 4244963328 is beyond EOD, truncated [ 1443.449457][T15706] loop3: p1 p3 < > p4 < p5 > [ 1443.465693][T15706] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1443.472971][T15708] loop5: p5 start 4244963328 is beyond EOD, truncated [ 1443.483766][T15706] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1443.535305][T14996] Bluetooth: hci2: Frame reassembly failed (-84) [ 1443.622021][T15737] loop2: p1 p3 < > p4 < p5 > [ 1443.628404][T15737] loop2: p1 start 1946157056 is beyond EOD, truncated [ 1443.637474][T15737] loop2: p5 start 1946157056 is beyond EOD, truncated 01:08:41 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a00007aff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1443.730714][T15706] loop3: p1 p3 < > p4 < p5 > [ 1443.730906][T15743] loop5: p1 p3 < > p4 < p5 > [ 1443.736232][T15706] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1443.746403][T15743] loop5: p1 start 4279173120 is beyond EOD, truncated [ 1443.758789][T15743] loop5: p5 start 4279173120 is beyond EOD, truncated [ 1443.768086][T15706] loop3: p5 size 11290111 extends beyond EOD, truncated 01:08:42 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff240b0a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:08:42 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000002ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:08:42 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600013f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) [ 1443.802707][T15747] loop2: p1 p3 < > p4 < p5 > [ 1443.807743][T15747] loop2: p1 start 2046820352 is beyond EOD, truncated [ 1443.839316][T15747] loop2: p5 start 2046820352 is beyond EOD, truncated 01:08:42 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff250b0a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1443.953359][T15747] loop2: p1 p3 < > p4 < p5 > [ 1443.958351][T15747] loop2: p1 start 2046820352 is beyond EOD, truncated [ 1443.970009][T15747] loop2: p5 start 2046820352 is beyond EOD, truncated [ 1443.986741][T15755] loop5: p1 p3 < > p4 < p5 > [ 1443.993738][T15755] loop5: p1 start 33554432 is beyond EOD, truncated 01:08:42 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a0000000a00000080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1444.002887][T15755] loop5: p5 start 33554432 is beyond EOD, truncated [ 1444.025013][ T148] loop2: p1 p3 < > p4 < p5 > [ 1444.029829][ T148] loop2: p1 start 2046820352 is beyond EOD, truncated [ 1444.041566][ T148] loop2: p5 start 2046820352 is beyond EOD, truncated [ 1444.106352][T15760] loop3: p1 p3 < > p4 < p5 > [ 1444.111439][T15760] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1444.126645][T15760] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1444.152574][T15755] loop5: p1 p3 < > p4 < p5 > [ 1444.157504][T15755] loop5: p1 start 33554432 is beyond EOD, truncated [ 1444.167512][T15755] loop5: p5 start 33554432 is beyond EOD, truncated 01:08:42 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600014f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) 01:08:42 executing program 0: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet_tcp(0x2, 0x1, 0x0) perf_event_open$cgroup(&(0x7f0000000240)={0x3, 0x80, 0x1, 0x5, 0xa6, 0xc7, 0x0, 0x80000001, 0x40040, 0x8, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x3, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x9, 0x7, @perf_bp={&(0x7f0000000040), 0x8}, 0xc320, 0x20, 0x7, 0x5, 0x8, 0x1000, 0xc270, 0x0, 0x400, 0x0, 0x6}, r1, 0x10, r1, 0x5708c54427d95363) setsockopt$inet_tcp_int(r3, 0x6, 0x10000000013, &(0x7f0000000000)=0x2000000000000001, 0x4) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000180)='ip6gre0\x00', 0x10) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x2, &(0x7f0000000200)=0x7fff, 0x4) connect$inet(r3, &(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f0000000300)={0x0, 0xcbf, 0x80000001}, 0x14) write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x140006, 0x0) 01:08:42 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000003ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1444.325550][T15763] loop2: p1 p3 < > p4 < p5 > 01:08:42 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff260b0a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1444.542129][T15763] loop2: p1 p3 < > p4 < p5 > [ 1444.674444][T15780] loop3: p1 p3 < > p4 < p5 > [ 1444.679255][T15780] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1444.688134][T15780] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1444.714310][T15782] loop5: p1 p3 < > p4 < p5 > [ 1444.721805][T15782] loop5: p1 start 50331648 is beyond EOD, truncated [ 1444.730303][T15782] loop5: p5 start 50331648 is beyond EOD, truncated [ 1444.778995][T15711] blk_update_request: I/O error, dev loop3, sector 264064 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 1444.779583][T15780] __loop_clr_fd: partition scan of loop3 failed (rc=-16) [ 1444.793012][T15716] blk_update_request: I/O error, dev loop3, sector 9 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 1444.804883][ T95] blk_update_request: I/O error, dev loop3, sector 264064 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1444.820636][ T95] Buffer I/O error on dev loop3p1, logical block 33008, async page read [ 1444.829015][ T95] blk_update_request: I/O error, dev loop3, sector 9 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1444.839879][ T95] Buffer I/O error on dev loop3p3, logical block 0, async page read [ 1444.848186][ T119] blk_update_request: I/O error, dev loop3, sector 9 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1444.859186][ T119] Buffer I/O error on dev loop3p3, logical block 0, async page read [ 1444.867684][ T95] blk_update_request: I/O error, dev loop3, sector 9 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1444.878549][ T95] Buffer I/O error on dev loop3p3, logical block 0, async page read [ 1444.887192][ T119] blk_update_request: I/O error, dev loop3, sector 9 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1444.892378][T15741] blk_update_request: I/O error, dev loop3, sector 264064 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 1444.898104][ T119] Buffer I/O error on dev loop3p3, logical block 0, async page read [ 1444.913129][T15740] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 1444.917807][ T119] blk_update_request: I/O error, dev loop3, sector 264064 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1444.940164][ T119] Buffer I/O error on dev loop3p5, logical block 33008, async page read [ 1444.948799][ T119] Buffer I/O error on dev loop3p3, logical block 0, async page read [ 1444.956858][ T119] Buffer I/O error on dev loop3p4, logical block 0, async page read [ 1444.964907][ T119] Buffer I/O error on dev loop3p3, logical block 0, async page read [ 1444.972974][ T119] Buffer I/O error on dev loop3p4, logical block 0, async page read [ 1444.992061][T15782] loop5: p1 p3 < > p4 < p5 > [ 1444.997409][T15782] loop5: p1 start 50331648 is beyond EOD, truncated [ 1445.006766][T15782] loop5: p5 start 50331648 is beyond EOD, truncated [ 1445.035785][T15780] loop_reread_partitions: partition scan of loop3 () failed (rc=-16) [ 1445.194138][ T148] loop3: p1 p3 < > p4 < p5 > [ 1445.199666][ T148] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1445.208429][ T148] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1445.341615][ T372] Bluetooth: hci1: command 0x1003 tx timeout [ 1445.347631][ T372] Bluetooth: hci0: command 0x1003 tx timeout [ 1445.347652][T15448] Bluetooth: hci1: sending frame failed (-49) [ 1445.361465][T15448] Bluetooth: hci0: sending frame failed (-49) [ 1445.581571][ T146] Bluetooth: hci2: command 0x1003 tx timeout [ 1445.587618][T15448] Bluetooth: hci2: sending frame failed (-49) [ 1447.421519][ T146] Bluetooth: hci0: command 0x1001 tx timeout [ 1447.427642][T15448] Bluetooth: hci0: sending frame failed (-49) [ 1447.434622][ T146] Bluetooth: hci1: command 0x1001 tx timeout [ 1447.440767][T15448] Bluetooth: hci1: sending frame failed (-49) [ 1447.661808][ T146] Bluetooth: hci2: command 0x1001 tx timeout [ 1447.667853][T15448] Bluetooth: hci2: sending frame failed (-49) [ 1449.501401][ T146] Bluetooth: hci1: command 0x1009 tx timeout [ 1449.507402][ T146] Bluetooth: hci0: command 0x1009 tx timeout [ 1449.741382][ T146] Bluetooth: hci2: command 0x1009 tx timeout [ 1453.501266][T15724] BUG: scheduling while atomic: syz-executor.4/15724/0x00000002 [ 1453.508911][T15724] Modules linked in: [ 1453.512879][T15724] Preemption disabled at: [ 1453.512889][T15724] [<0000000000000000>] 0x0 [ 1453.521942][T15724] CPU: 0 PID: 15724 Comm: syz-executor.4 Not tainted 5.4.125-syzkaller-00004-gfe8243e7f1d1 #0 [ 1453.532295][T15724] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1453.542320][T15724] Call Trace: [ 1453.545583][T15724] dump_stack+0x1d8/0x24e [ 1453.549907][T15724] ? devkmsg_release+0x11c/0x11c [ 1453.555169][T15724] ? show_regs_print_info+0x12/0x12 [ 1453.560342][T15724] ? check_preemption_disabled+0x9e/0x330 [ 1453.566289][T15724] ? debug_smp_processor_id+0x20/0x20 [ 1453.571978][T15724] ? slab_free_freelist_hook+0x7b/0x150 [ 1453.577492][T15724] ? kmem_cache_free+0xb8/0x5f0 [ 1453.582315][T15724] __schedule_bug+0x1af/0x240 [ 1453.586960][T15724] ? __migrate_task+0x160/0x160 [ 1453.591775][T15724] ? _raw_spin_lock_irqsave+0xf8/0x210 [ 1453.597215][T15724] ? _raw_spin_lock+0x1b0/0x1b0 [ 1453.602033][T15724] __schedule+0xa42/0x1170 [ 1453.606416][T15724] ? __pv_queued_spin_unlock_slowpath+0x290/0x290 [ 1453.612824][T15724] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 1453.618596][T15724] ? is_mmconf_reserved+0x420/0x420 [ 1453.623757][T15724] ? check_preemption_disabled+0x9e/0x330 [ 1453.629447][T15724] ? debug_smp_processor_id+0x20/0x20 [ 1453.634794][T15724] schedule+0x13b/0x1d0 [ 1453.638925][T15724] lock_sock_nested+0x1ed/0x310 [ 1453.643741][T15724] ? sock_def_destruct+0x10/0x10 [ 1453.648644][T15724] ? init_wait_entry+0xd0/0xd0 [ 1453.653551][T15724] ? hci_send_to_sock+0x709/0x720 [ 1453.658540][T15724] hci_sock_dev_event+0x2da/0x570 [ 1453.663531][T15724] hci_unregister_dev+0x2a5/0x13f0 [ 1453.668607][T15724] ? rcu_sync_exit+0xc6/0x1a0 [ 1453.673248][T15724] hci_uart_tty_close+0x1a2/0x220 [ 1453.678235][T15724] ? hci_uart_tty_open+0x2d0/0x2d0 [ 1453.683312][T15724] tty_ldisc_release+0x272/0x600 [ 1453.688219][T15724] tty_release_struct+0x27/0xd0 [ 1453.693219][T15724] tty_release+0xdd7/0x10a0 [ 1453.697692][T15724] ? tty_release_struct+0xd0/0xd0 [ 1453.702687][T15724] __fput+0x27d/0x6c0 [ 1453.706856][T15724] task_work_run+0x186/0x1b0 [ 1453.711437][T15724] do_exit+0xcb9/0x2bf0 [ 1453.715571][T15724] ? mm_update_next_owner+0x5c0/0x5c0 [ 1453.720922][T15724] ? slab_free_freelist_hook+0x7b/0x150 [ 1453.726448][T15724] ? kmem_cache_free+0xb8/0x5f0 [ 1453.731443][T15724] ? _raw_spin_lock_irq+0xa4/0x1b0 [ 1453.736523][T15724] ? find_user+0x120/0x120 [ 1453.740906][T15724] do_group_exit+0x15c/0x2c0 [ 1453.745604][T15724] get_signal+0x164f/0x1fc0 [ 1453.750092][T15724] ? ptrace_notify+0x340/0x340 [ 1453.754840][T15724] ? x32_setup_rt_frame+0x680/0x680 [ 1453.760102][T15724] do_signal+0x8d/0x610 [ 1453.764273][T15724] ? __down_read+0x210/0x210 [ 1453.768987][T15724] ? check_preemption_disabled+0x154/0x330 [ 1453.774861][T15724] ? signal_fault+0x1e0/0x1e0 [ 1453.779567][T15724] ? do_general_protection+0x18b/0x3d0 [ 1453.785124][T15724] ? do_trap+0x340/0x340 [ 1453.789423][T15724] prepare_exit_to_usermode+0x207/0x310 [ 1453.794956][T15724] ? general_protection+0x8/0x30 [ 1453.799860][T15724] retint_user+0x8/0x8 [ 1453.803901][T15724] RIP: 0033:0x4665f1 [ 1453.807776][T15724] Code: Bad RIP value. [ 1453.811921][T15724] RSP: 002b:0000000020000100 EFLAGS: 00010217 [ 1453.817960][T15724] RAX: 0000000000000000 RBX: 000000000056c038 RCX: 00000000004665e9 [ 1453.825901][T15724] RDX: 00000000200001c0 RSI: 0000000020000100 RDI: 0000000000080000 [ 1453.833855][T15724] RBP: 00000000004bfcc4 R08: 0000000020000240 R09: 0000000000000000 [ 1453.841964][T15724] R10: 0000000020000200 R11: 0000000000000246 R12: 000000000056c038 [ 1453.850154][T15724] R13: 00007ffcf3a4f39f R14: 00007fea8ef7b300 R15: 0000000000022000 [ 1453.859134][T15724] ------------[ cut here ]------------ [ 1453.864654][T15724] DEBUG_LOCKS_WARN_ON(val > preempt_count()) [ 1453.864703][T15724] WARNING: CPU: 0 PID: 15724 at kernel/sched/core.c:4019 preempt_count_sub+0x9c/0x160 [ 1453.880294][T15724] Modules linked in: [ 1453.884199][T15724] CPU: 0 PID: 15724 Comm: syz-executor.4 Tainted: G W 5.4.125-syzkaller-00004-gfe8243e7f1d1 #0 [ 1453.895881][T15724] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1453.906119][T15724] RIP: 0010:preempt_count_sub+0x9c/0x160 [ 1453.911898][T15724] Code: 42 8a 04 30 84 c0 0f 85 89 00 00 00 83 3d df ae 00 05 00 75 d3 48 c7 c7 80 cb aa 84 48 c7 c6 20 cc aa 84 31 c0 e8 54 33 f6 ff <0f> 0b eb ba e8 2b fe de 00 85 c0 74 b1 48 c7 c0 d4 45 47 86 48 c1 [ 1453.932172][T15724] RSP: 0018:ffff8881aa5bf730 EFLAGS: 00010246 [ 1453.938433][T15724] RAX: 6808ba4b823e4200 RBX: 0000000000000001 RCX: ffff88819e808000 [ 1453.947079][T15724] RDX: 0000000000000000 RSI: 0000000000004f04 RDI: 0000000000000001 [ 1453.955028][T15724] RBP: 0000000000000001 R08: ffffffff814e8e0f R09: fffffbfff0dcd2da [ 1453.963464][T15724] R10: fffffbfff0dcd2da R11: 0000000000000000 R12: ffff8881eba70400 [ 1453.971411][T15724] R13: dffffc0000000000 R14: dffffc0000000000 R15: ffff8881e6be4000 [ 1453.979511][T15724] FS: 0000000020000240(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000 [ 1453.988419][T15724] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1453.994993][T15724] CR2: 00000000004665c7 CR3: 00000001eb6fd000 CR4: 00000000001406f0 [ 1454.002938][T15724] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1454.010881][T15724] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1454.018822][T15724] Call Trace: [ 1454.022088][T15724] _raw_read_unlock+0x21/0x40 [ 1454.026746][T15724] hci_unregister_dev+0x2a5/0x13f0 [ 1454.031828][T15724] ? rcu_sync_exit+0xc6/0x1a0 [ 1454.036474][T15724] hci_uart_tty_close+0x1a2/0x220 [ 1454.041712][T15724] ? hci_uart_tty_open+0x2d0/0x2d0 [ 1454.046973][T15724] tty_ldisc_release+0x272/0x600 [ 1454.051995][T15724] tty_release_struct+0x27/0xd0 [ 1454.056828][T15724] tty_release+0xdd7/0x10a0 [ 1454.061331][T15724] ? tty_release_struct+0xd0/0xd0 [ 1454.066553][T15724] __fput+0x27d/0x6c0 [ 1454.070553][T15724] task_work_run+0x186/0x1b0 [ 1454.075142][T15724] do_exit+0xcb9/0x2bf0 [ 1454.079292][T15724] ? mm_update_next_owner+0x5c0/0x5c0 [ 1454.084751][T15724] ? slab_free_freelist_hook+0x7b/0x150 [ 1454.090558][T15724] ? kmem_cache_free+0xb8/0x5f0 [ 1454.095401][T15724] ? _raw_spin_lock_irq+0xa4/0x1b0 [ 1454.100500][T15724] ? find_user+0x120/0x120 [ 1454.104901][T15724] do_group_exit+0x15c/0x2c0 [ 1454.110811][T15724] get_signal+0x164f/0x1fc0 [ 1454.115534][T15724] ? ptrace_notify+0x340/0x340 [ 1454.120539][T15724] ? x32_setup_rt_frame+0x680/0x680 [ 1454.125720][T15724] do_signal+0x8d/0x610 [ 1454.129853][T15724] ? __down_read+0x210/0x210 [ 1454.134612][T15724] ? check_preemption_disabled+0x154/0x330 [ 1454.140417][T15724] ? signal_fault+0x1e0/0x1e0 [ 1454.145084][T15724] ? do_general_protection+0x18b/0x3d0 [ 1454.150539][T15724] ? do_trap+0x340/0x340 [ 1454.155042][T15724] prepare_exit_to_usermode+0x207/0x310 [ 1454.160596][T15724] ? general_protection+0x8/0x30 [ 1454.165546][T15724] retint_user+0x8/0x8 [ 1454.169976][T15724] RIP: 0033:0x4665f1 [ 1454.173866][T15724] Code: Bad RIP value. [ 1454.178289][T15724] RSP: 002b:0000000020000100 EFLAGS: 00010217 [ 1454.185548][T15724] RAX: 0000000000000000 RBX: 000000000056c038 RCX: 00000000004665e9 [ 1454.193601][T15724] RDX: 00000000200001c0 RSI: 0000000020000100 RDI: 0000000000080000 01:08:52 executing program 4: clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) exit_group(0x3) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) exit_group(0x26a40369) exit_group(0x1) perf_event_open(0x0, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) r1 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TCSETS(r1, 0x5402, &(0x7f0000000080)={0x9, 0x20, 0x5, 0xce87, 0xb, "c3bf0814cfe7427d5ccdb1d43070923c3d1293"}) ioctl$KDADDIO(r0, 0x400455c8, 0x4) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x30) 01:08:52 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600240f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) 01:08:52 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a0000006400000080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:08:52 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000004ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:08:52 executing program 0: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) close(0xffffffffffffffff) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r2, 0x6, 0x10000000013, &(0x7f0000000000)=0x2000000000000001, 0x4) setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000180)='ip6gre0\x00', 0x10) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r3, 0x0) preadv(r3, &(0x7f0000000280), 0x0, 0xd9f, 0x0) setsockopt$inet_tcp_int(r2, 0x6, 0x2, &(0x7f0000000200)=0x7fff, 0x4) connect$inet(r2, &(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r2, 0x6, 0x1d, &(0x7f0000000300)={0x0, 0xcbf, 0x80000001}, 0x14) write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0xfffffecc) splice(r0, 0x0, 0xffffffffffffffff, 0x0, 0x140006, 0x0) writev(r2, &(0x7f0000001500)=[{&(0x7f0000000240)="6dd816a63d057cf43ce2d55bf1c79cdfb0669bb1ff68eead9ad4a7620896be32c7269df37afdcd3158a9bc5fdf3004f5bf2b85cb06b10b0c0ab181f368a51650ee947000a0af618a42ca9fc20034ac8c52c47a779e0a015c2ae1439775bbdaf70e746aa92a9d29408472546e686cac119e4e22426189bc26e5baa469d2f70efa263982aceebd541471f46123a54b871ff177b3b1c3830bed494a1e055c3f767ad3bf494df92d44498139c8f7754a", 0xae}, {&(0x7f0000000340)="da7654137f52410bc3cdac6d65b0ae59ed9b89fefbcf4c3eb3b2db069bd4e516230956ea0733b1e259a051b09eabbf8cd59661fd96cad1237baf9e8b609632ca1bfb4e920d9f6b4876c12234ffdfe281e31d067cba43b2870420fff1374e53f5699e9cea125e931be3bc96ab3bf2061dd71631aa627f1ce57b41d12446df5968e1d0a6666761f3b167f206709489033baa669c5d1a17aa7398215f4405ff029644a8492e36db35f3", 0xa8}, {&(0x7f0000000400)="57b3d88eaf64939a43d7f481f92e7f094f4b58a4bfcd4989af4b334aabea3e783148a1a6d7fc6884f907636625a627c519451a6937874ff394f07594b8d9538cce3a6ecc0c109a02055dcee04c838474d83b0649b2cab404412c89646f07bc00fb6be397b5d7bed803c8e5951425c6d3e00346648a5bddc58323ed01ed4d527d9aa5f94c31f1e93f73747df7ffe42fba97fa7ffc09d2548c0c56761aa52a5425fd9747630cc361850d8c0accaeb2d62cfdd43e99c762e7b5f8800aef64680acb7e16256cc52dd262fde880", 0xcb}, {&(0x7f0000000500)="2d09e5ea27b250e1bc500c0d83b42059d98cd269a904ed026be0181199aed8d12f48511f7d12454e7e07fcfb348e34bfa06e9ae2b46ddbacebe54eaa2a1717c82f4f93f49389f54b15920231858f55a091879f0e7d20cb5dc1c3867c7d8bf467491da9353d60d15cc86e3605146d18a6998f6a309508fda888f0a2f67ab85e589c53c07ac7c1908688380c06baf8c28f1afa30b33215bd1d73dea26b6d0ed7c375256ca77c81e6d71a1f62c0eeca4fb98f98cbeffe6c9e0d08cc82d8375ff54e71f7c821c4ebc3e4a3adc37f61c7421eea8bf90e7453bc52204db9519ff8546e22ca6f66e9f03d8317750560ce15907c5f4492ae83988662ebe6b0c8cd48a21743106653fc3b8fce83bc6a309a62a4c358dda791aab387e642b9e7d6dfa730cff864ed699b7420e951feeeb77ce2259af363483001fff56255fbc13faebc9254bf91a5e835a9d67949d6f8ad3d46fad45edb8b85fab0610b7dc0f4824d6a0b9772b6ce7f68e6019b04272be7702ef2e76ebab13239780b37f926894daf88053a06de946a332b4da6f1b6267e2b6e8cbd23f407990976252420cb100188b42741986a458857f2e206a6222ad5b518f8153ba76d0d4d537e4e5c1427c5261471767ea9dde55835f4ee009cbcf86cef3948db403237edd1fb5ee6a90b9160ad4ac792c2c60057271d7057617a43b50eff106f1d3552fe9ec7fc5c1b3deaf5e33b564f4047d8130df364276f099dc9ba96f494deb5609f2e2d790ef731e8289a47d37defd8278eb385dc734f0f5df185d285f4f5fc34cca838816f5e8af8842b95fbc7f13886c9c961dd174e7bcc2e12249d203da7ca54fad7a8dc46be78f8604d28dd43c6b2384a921d5b89ce78366dc4e423451f788356e96c7c1c38c59649ff2230bfd92f447ec7893ef522bddce347a6a8a1c049d70ed8388c406151954336bc0cb6e89a22fec23bb623fd9590de55b8c93879c3a82250a4ca2d9fa760a97f4233e4ddab6e1eaf47bd92193b333fbb0b06e9d973ee55dd7cdea39337b0cb47d59c9bbaf9f87e578397f3b0c58a223c65c1c276f9151545914ff9cde7518cd27436dcc4b1d4e576e21bbedc2cb5449ccbef1a304545b11afb30aa4740fdbf0807ec5cff7a4b6312d127d27792b06bb8315e77fd4d7a4a06a52a2ca0af5545f3f44f635ce6240a2c4ff675be590e15a7f53f599fbb1e502c4dc4c7164815d12967ae8790a406e4c95b65467758db9c24a50685d47065c031d5d64260ad1f673cbc4910aebaeca3403a6b6ad3b4a8bbe3f28578efdb2e3ae01d840035d0796f3807374d8af6f2ae87210e84ee9f9890189597973ce34b830a3ffbaba54a009c75c76e97b8e2a9aabe54cbf61410d55390eefce41716247956a86d47e0c8c43879c1ea9a540c9e3cfccf330521bfa53d886bcaa435c4701ea2774fa7f53879b264d5d0064bcdecf81bebb479ce82ff49a20d1ca4ea12055234d3f64284024027bb1b74cd00887a399f1a98eda2b4303608e3481f94ed4b47c1f97a3264d740fa334af42577557598bb5d07a46f56be5456631285b65a85ec06896b335fb43d4a6cf6368732b2c812b454bccd65df03abc5bd4663e830d2335ed853962ea0f2236fa195dfac6324ea9ca424e6a05132f2ed30b145457b632425b099f66258e03db7aae4bdfeb9a58f18f86b00cd63e39d0c5845df17def1c9566468cdfde600e5b8f6d85e49752ddea166c9c924dcb8c480990c8d0f3c3993163a7003bbab59d575c0add6145b94ec02959e9004bcac0cdf2163aae42b1b7775880f9456b603dbf99422b23f58c33259599b4c3d8617ce6b2d0d4ac9f4f03c9ce61853202e2c7f8bd5f2f94f5830b49af1650f7eb741fb32c1054e40efde58b67ebe2c24527f780ba47f02198d6ca3cb59ed2af8effa7d60f40d6a1f8d6aba290a56d48cc0e390c98c3fd6378b40fccf2247476015f9d9155b1166cc7763e20ee5fe040e629f0bb3b21a45de3393e40585aaca29de0bab54ce18922c27ad2a90c6d1c595f59726e63c940d2c6a868f741b25584f716d8733f60483781d09d1dddcbf8149e2350d05badfd6831ec3ba25bcaae026d883248bbe7badceaf355fb377a929774444f481caaabb48fce079ce82a544b863663dc8fb389db1429675098795d3607e2be413166feda1d6d9a399830cfe33ef461b70912c5f958bdccd72550540973d228c96dac5c52c739eae9168dd2d64f582bd6d87ba091073d1875d083845d843f0bbbd1c5c595bdf2bda27e983dfecc99007e3d648b5c789ab0f1b1a00e26272a15e5231fb59370c8686a6dd8325578b09859ee5302ae93cde74cfc664cc4aa13cb4f58a2912ef47b103fda7d2a1b83f98a7effbd2af33297b55de7fb80ea269d93ef548f390e7a1bf6888976b401b534aed89f9c24b68b1578d19e04f850c8cbbd97e697e37364130be2599aa25614c8dfacb4b1ec706555222937853d98018fbf2c5209e2810f299d104d75e497aa93631253310ef37ac2005296778089c99a11de8acb9375757d2ae6d74876236431c383d59f687cc92a03007015109e433d5ff1249ef76d4c3697d343b1f291d4f02a226a368d4016507b5e9026c99d8bdcaf77d1b5dce65a55fd41cfb983d01844fcfdd20c740847757a062367dda96efa5899c0689870d8abc0568b6663d6879400d8c5f7bc54d2849236dbf31a454830b955b91df80821af0786634d5e3838c9c6f76fad96a01cd9f6781bcd4f6f437b8a44b6ffeeb3d9fcc46aecca9b0fd9ce73a3303b3131e515ce872df6bf701fee4147ac9cff9d6a8ad26af6127b09a0666d13590d04aaf9a243ea3249db988005840ade691fcfb993a57a73d427cb88bc450c0deb2ca4fbe1d2998d59cf33f11cf1d6eba413c5abd3b95204fc0c7790920d514ec2f32556129af8b2df5d1456b5121f31c2f79a58f4dc5ecb2e177e2675860be8ef7be2509231cf5dd64966e6144836dd05eb0d1e1dfd5378e4625fd3ffb92f3b6b90f11fb1a695bb2cef8bb2d6963e64c0d68175e1af0246f34b1c9dd0b161bc8651e12ea582e5a6ef7fe7b8a06d7e75125a839ecd6da8c4aec9599d641791c159aeff454a14e809f79ae2674475a8cd35335492da7c650049bc0c0843f9c7b9424c575e8aee760aeae0c229ffa396b2e5cea1fa5d803c6f604c3830b8383faaaf3b836b51c7dec142d7251d7bb5b5c5ea2bf92609d22e675c555f821a8473c7f95c42676ef19d65f4ce4e692cab999b46f9a6c0f26a5c10316b8478aff59163006a9eeb14a557670d4cc5435e29f3f92246573851f4f493553561dd2661c6d11e435cff8b1e03e408b6290de5a1d805cb608b1bfdb28f45327df3fa49269b77dc0955cf2e7093daf96e2be9e5ce33facee1067e4aa88dde314053cd765a6bcdcd3dafbb78e21f2767919e59edc1d5f0a3f39e27c678c6a7a98144d7d2d2c7a4f26270d40a2c0dcf8e3c55364cdbf957ae400945328bd4918dc7b337543247b5313d8aca1cd0afdcedf32b0660ddba2041c325031ee179ec7ec178663ac8699e7f3aa1369c845c2f89a58478ea0de14d92a76d3272d82b1c2f7b1ffed47315635c8a48c31c71fdeba6cb98db0c6f4b73a6bd264f2bd9de5800f4981cdccfdbd4cc78decc9f899842dfb17b62c9e7922e62add529cd8fab69e206fd3bb06172f0fddd3ff98c4c373e7efdb5775131402fe0de0cf0a4f591d81bc44ed542e1afc322706c6cee974fd914766f10fc20024f8ba1a5398870758fd770fecde7371d06fde4372909436b6d2b45a718df958c3eb56796a487d7bd4d4ed5b813dfe9bab57c9654206985c69ce10067691009afdd9fff709ed16d94e231de0044ef7c1754e8af5fcafbd846f181198a89cd92a7189bc2a37c691f279327fa80fbb7c29a407222f1ca860498595c667a18d3a93d8be8f2d97e943548fae8d342e8807bdf4afc91eca7475ad212b701e254648d304aa6a12d134f718247a7b2d3dcc4c4188db00e0bb12da1e4c948c32e97b07382c1a37e732c4ccbe9089f07e233aaf9824169f60926e19c40fe31071478e166376d2ce6f339dbaaa38393de7fcffbd4f9498c33457be2326b86a66a3d6b80ec7cf6ccd9315ed74aa7714498ef0f068d8312ba1a8cc9eedfd782dcacc45ce7eb304f4d552c891dfdd6c0929d12cd8aa666aa72125711c28bbbb5f367e39db5b7ef8625f7a241e2e8cb091ad50aa08fbb718bd6f5ce9f0f75389e405dc7f6132366d635ff1daa7389a67841d4e6f0e4296064463b8e2c5e88368f34b6446ecd8dc33e34005ab8434cac31daa13e4cfbab5e2fee59d6d39aa204d7374e199fc479d38d8af5e72f231bfc6fea6a494696bc327188217b39f3ff4e603ac2b934ba8ef45a50e5011aa2a78e639ab13959502a01f20c54a50fb098eb62ae1380cc319c4724e8c7287bff1cb8706940f5f8fc06d983e765ba0fbbd9865a5f2ca98c2f3748aff6a2826145c09a6c8b4e771a2b6cb1497fab95d0e87f9d8722cffba8f698abf5b08f345a498a39b989d9d874ce6adc2e1c7d4ea8d5453c55be5814740ecac657887f030c075463d78a324d268f657b11f6826490d922c1df7f89e5f6c0920b0d2d8c3f571f8505101f4f2baf3d202a54ca7d1816eddee6d1bde8edc696706815dbdcd006041bc58564fcda145888433fd49830b44e19e99d42320a4e56ab78fe2f6ef8a8413f8436b53783090bdbdebc2ceab0e2f76a1d7d7964f406d93dc4ce443b9dd4492b92766abbce60f744cf668d42bf872f3af0eaca14da0d029da5eae4d5c349450993d445f10c014810d733c6d56e6fc6d13f6f825b956a762c417035148909813e113e0d23097e5037c508adf263b0133a89d33fb9d6379dbe3e64b7f2d7e29cc1782c8f14f3a6a278da05ebb9a625e68a787ac0ae42c9eaf5d7f9151fb72a5378d8c0243e2800490814429acdfaf53e62eb0a31c7adce130c6c47eb37e13bdb80a406685e98fc7453a4b517ba461e26f707d1bce3ac138a6d6f77a9f6f63614c49f896ed0b6786d0d1ada3822ee9291cfc1c8ed488a9fdc480e693776da23ad0912f4724ce28a09d8275ff3fdfdf82d79ddd4947d2da63c72b204bb3a85246cade26f426065e83039a21af9c257fc6c8fbac72caf2a9bfeca830376d80af2c3db7cdb8bf861c5a860bd8444bbb96deb59d0cb126f80d07b1b9e6239ae04818bb33129d9cb923c26a8add9a1b04e8cf8dfae4c00b667c3fd548215edaf1d0657a19e2484690326519fa03ab96d02887b783426400fd12532e9adc2cd0435a5429f0ae1bbb6973ec0b489bf6edf2f62f3e9d337fcddca474781a80af51d3f30c5c8df7658a8e1c93ad445dbe38108c9ab7907d6c664078f85104965345c049fa860a091ab95586a7e669b8be4f8afcb8b512a5dd17344b533336493594b2ef5e705975c0b2a7f1a054759f4eb9c07b3466ee8827e6833b32c04e554ec23451d7d2289ed23b02c5ac656d78c81d3417303437f904830370c68985f7de7c9d85c0832051fb406c3832431fa579bb79c490cad68bf1d8646b861215eecf33d63faad7f9085f2a5788cac59d7bb5cea810bfb9920ba9ecdd26b69eb76e2053f9497a89b460907df275f08ccbb1f68ad363c31588c58395e7615c3f78a95108ca647821f5c8a174c1129461a1d64a82b740c7681fe8d3d51211d6b1224ced3e7d8a0a11517e06b064c2a8f0c9a560d58dd426b5fac0f202ed07f876938fdcebb73959b239596ebba0aaa086f26352eea81fb1a20db713ffe5f4350465fa09", 0x1000}, {&(0x7f0000000040)="34464214e8bf9838dbd5775ff6154406d58d21fc913a8f88216619f452cdcc7e333ea6540e10754a806c0b9fd1f224", 0x2f}], 0x5) 01:08:52 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff270b0a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:08:52 executing program 4: clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) r1 = getpid() sched_setattr(r1, &(0x7f0000000040)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) perf_event_open(0x0, r1, 0x5, 0xffffffffffffffff, 0x1) openat$vsock(0xffffffffffffff9c, &(0x7f0000000140), 0x96840, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x4) pipe2(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4800) ioctl$TIOCSETD(r2, 0x5412, &(0x7f0000000000)=0x30) [ 1454.201747][T15724] RBP: 00000000004bfcc4 R08: 0000000020000240 R09: 0000000000000000 [ 1454.209801][T15724] R10: 0000000020000200 R11: 0000000000000246 R12: 000000000056c038 [ 1454.217873][T15724] R13: 00007ffcf3a4f39f R14: 00007fea8ef7b300 R15: 0000000000022000 [ 1454.226496][T15724] ---[ end trace 68f9b12f06a9d797 ]--- [ 1454.318179][T15806] loop3: p1 p3 < > p4 < p5 > [ 1454.324183][T15807] loop5: p1 p3 < > p4 < p5 > [ 1454.340206][T15806] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1454.350269][T15807] loop5: p1 start 67108864 is beyond EOD, truncated [ 1454.351502][T15811] loop2: p1 p3 < > p4 < p5 > 01:08:52 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a0000000159000080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1454.367044][T15807] loop5: p5 start 67108864 is beyond EOD, truncated [ 1454.380774][T15806] loop3: p5 size 11290111 extends beyond EOD, truncated 01:08:52 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000005ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:08:52 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600340f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) [ 1454.641744][T15819] loop2: p1 p3 < > p4 < p5 > 01:08:53 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000006ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1454.750616][T15830] loop5: p1 p3 < > p4 < p5 > [ 1454.750618][T15806] loop3: p1 p3 < > p4 < p5 > [ 1454.750756][T15806] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1454.757310][T15830] loop5: p1 start 83886080 is beyond EOD, truncated [ 1454.778617][T15806] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1454.779015][T15830] loop5: p5 start 83886080 is beyond EOD, truncated 01:08:53 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff280b0a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1454.855069][T15819] loop2: p1 p3 < > p4 < p5 > 01:08:53 executing program 2: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000000ffe0f50580ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:08:53 executing program 5: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ffffff0a000007ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:08:53 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c4d4049fc564e0b9cc7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6e69f403ff0e80677eeba68562eb8ae2bcd87cef9000000a39c15a7ef365cc27dfeac7bb40e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc08c2daa235197f1496679a9813c1efa26001b3f486eb6954871b4344faae85c4d0b96778478ae5355e6f923b1105696904fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000008f80000030000003003000098020000000000000000000000000000000000009802000098020000980200009802000098020000030080000000000000000000ffffffffe00000010000000000000000e4000000010000000000bd00000000007465616d5f736c6176655f310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001080200000000000000000000000000000000000000005001686173686c696d6974000000000000000000000000000000000000000002726f736530000000000000000000000000000000000000000000000000000000000000e4ff0800000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff00000000000000000000000003000000070000000000000000000000000000004800435400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000200000000000000000000000000400000000000000000000000000000070009000000000094100000000000000000000000000000020004e4f545241434b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000004000000000000000000000000000000000000000000000feffffff"], 0x1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r2, 0x0) preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2f9, 0x304, &(0x7f0000000040)="b90103600440f000009e0ff008071fffffe100004000633a77fbac141414e0060001be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28) [ 1455.085292][T15838] loop3: p1 p3 < > p4 < p5 > [ 1455.101879][T15838] loop3: p1 size 11290111 extends beyond EOD, truncated 01:08:53 executing program 0: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x10000000013, &(0x7f0000000000)=0x2000000000000001, 0x4) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000180)='ip6gre0\x00', 0x10) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x2, &(0x7f0000000200)=0x7fff, 0x4) connect$inet(r3, &(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f0000000300)={0x0, 0xcbf, 0x80000001}, 0x14) write$binfmt_misc(r1, &(0x7f0000000040)=ANY=[], 0xfffffecc) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000004c0)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000006c0)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001380)={0x0, ""/256, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000057040)={0x9, [{}, {}, {}, {}, {}, {}, {}, {r6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r7}, {}, {r5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r10}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r7}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r6}, {}, {0x0, r7}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r5}, {0x0, r7}], 0x3f, "b8e4dc00208ead"}) ioctl$BTRFS_IOC_INO_LOOKUP(0xffffffffffffffff, 0xd0009412, &(0x7f0000000380)={r5, 0xf1}) ioctl$BTRFS_IOC_INO_LOOKUP(r1, 0xd0009412, &(0x7f0000000340)={r5, 0x7}) splice(r0, 0x0, r2, 0x0, 0x140006, 0x0) [ 1455.126903][T15838] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1455.136735][T15842] loop2: p1 p3 < > p4 < p5 > [ 1455.142345][T15842] loop2: p1 size 99999999 extends beyond EOD, truncated [ 1455.166619][T15842] loop2: p5 size 99999999 extends beyond EOD, truncated 01:08:53 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff290b0a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) 01:08:53 executing program 3: syz_read_part_table(0x0, 0x4, &(0x7f0000000000)=[{&(0x7f0000000040)="0201a9ff2a0b0a000000ff45ac0080ffffff0200e931190000000000000680000000050000000900000087771f72003007000500000000000000008000ca55aa", 0x40, 0x1c0}]) [ 1455.221331][T15840] loop5: p1 p3 < > p4 < p5 > [ 1455.239450][T15840] loop5: p1 start 117440512 is beyond EOD, truncated [ 1455.263244][T15840] loop5: p5 start 117440512 is beyond EOD, truncated [ 1455.397949][T15840] loop5: p1 p3 < > p4 < p5 > [ 1455.411862][T15840] loop5: p1 start 117440512 is beyond EOD, truncated [ 1455.424661][T15840] loop5: p5 start 117440512 is beyond EOD, truncated [ 1455.497293][T15858] loop3: p1 p3 < > p4 < p5 > [ 1455.502916][T15858] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1455.512478][T15858] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1455.664483][T15858] loop3: p1 p3 < > p4 < p5 > [ 1455.669982][T15858] loop3: p1 size 11290111 extends beyond EOD, truncated [ 1455.693938][T15858] loop3: p5 size 11290111 extends beyond EOD, truncated [ 1456.220972][ T372] Bluetooth: hci0: command 0x1003 tx timeout [ 1456.227106][ T9372] Bluetooth: hci0: sending frame failed (-49) [ 1458.300881][T14541] Bluetooth: hci0: command 0x1001 tx timeout [ 1458.306912][ T9372] Bluetooth: hci0: sending frame failed (-49) [ 1460.380760][T14541] Bluetooth: hci0: command 0x1009 tx timeout